Security News > 2020 > June

You know your attack surface don't you? You mapped all of it? Are you sure? How can you map the entire attack surface and prioritise the most important vulnerabilities, when statistics show you are only aware of 70 per cent of it at best, and tools like port scanners pump out lists of IP addresses without any business context or prioritisation?

You may have heard the name DoppelPaymer before - along with numerous other ransomware gangs including Maze and Revil, the crooks behind this one don't just scramble your data, they steal copies of it first. As we've regularly explained in Naked Security, many ransomware attacks turn out to be the final chapter in a sometimes lengthy series of malware infections, where each infection is used as the vehicle to implant the next.

Analytics firm Gartner has revised its 2020 security spending forecast in light of the COVID-19 pandemic, predicting an increase, but a much smaller one than originally expected. "There are a few factors in favor of some security market segments, such as cloud-based offerings and subscriptions, being propped up by demand or delivery model. Some security spending will not be discretionary and the positive trends cannot be ignored," Pingree said.

Cloud native data security platform Open Raven this week announced that it has closed a $15 million Series A funding, which brings the total raised to date to $19.1 million. Verizon's 2020 Data Breach Investigations Report revealed that misconfigurations represent a prevalent and fast rising threat, and the data security provider believes it is well placed to help organizations prevent configuration errors.

BlackBerry announced on Wednesday that the latest release of its Optics endpoint security product now includes a feature designed to protect Intel-based PCs against cryptomining malware. As a result of the collaboration between the two companies, version 2.5.1100 of BlackBerry's Optics product uses a Context Analysis Engine that leverages CPU data from Intel's Threat Detection Technology to detect and block cryptojacking attempts.

As multiple companies inch closer to a potentially life-saving vaccine for the coronavirus, cybercriminals with varying motives have increased attacks. During a webinar with CISO MAG earlier this month, Bryan Ware, assistant director for the US Cybersecurity and Infrastructure Security Agency said the attacks being led by the Chinese government were "Hindering vaccine development in the US," and the government body released its own memo to vaccine researchers urging them to beef up defenses.

BEC campaigns represent a relatively small percentage of all email attacks yet pose the greatest financial risk, says Abnormal Security. One less common but potentially more dangerous attack type is the Business Email Compromise.

In 1965, Gordon Moore published a short informal paper, Cramming more components onto integrated circuits. Based on not much more but these few data points and his knowledge of silicon chip development - he was head of R&D at Fairchild Semiconductors, the company that was to seed Silicon Valley - he said that for the next decade, component counts by area could double every year.

The report, which examined how cyberattacks exploited the crisis, found that attackers used local lures and preyed on people's "Concern, confusion, and desire for resolution" with mainly phishing campaigns aimed at spreading malware, committing identity theft or creating other disruptions. Instead of creating new types of malware to use during the pandemic, Microsoft's threat intelligence on endpoints, email and data, identities and apps concluded that "This surge of COVID-19 themed attacks was really a repurposing from known attackers using existing infrastructure and malware with new lures."

United States-based broadband and networking semiconductor maker MaxLinear this week revealed that some of its operational systems were infected with the Maze ransomware. "The ransomware attack has not materially affected our production and shipment capabilities, and order fulfillment has continued without material interruption," the company says.