Security News > 2020 > July

Microsoft's range of Defender Advanced Threat Protection endpoint security tools recently added a new family member, with the preview release of Microsoft Defender ATP for Android. Previewing Android security in Microsoft Defender ATP. Defender ATP for Android is intended to keep relatively loose control over unmanaged devices.

The developers of the Mac malware named ThiefQuest continue to improve their creation and researchers noticed that the latest versions of the threat no longer include ransomware functionality. Security experts noticed that the ransomware functionality was incomplete and the main goal of the malware was likely not to help threat actors make a profit from the ransom paid by victims.

Full Office 365 security compliance is one of those things most enterprises will have on the to-do list somewhere, but it's surprising how few actually get around to it. It's more surprising still when considering Office 365 is used by a huge number of companies across the world in some fashion, if only for the basics of email and file storage.

If you needed another reason not to use a charger made available at a coffeeshop or airport or by an acquaintance, here it is: maliciously modified fast chargers may damage your phone, tablet or laptop and set it on fire. Fast chargers and power banks are not a rarity anymore, and most digital devices now support fast charging.

Social media platform Twitter has confirmed that attackers downloaded user data from some of the accounts compromised in last week's security incident. In a blog post published over the weekend, Twitter revealed that the attackers launched a password reset operation for 45 of the 130 targeted user accounts, which allowed them to seize control of the accounts and post tweets.

The crew at IBM X-Force has uncovered a massive cache of files, including about five hours of training videos intended for a select crew of hackers in Iran known as ITG18. Big Blue said the videos range from two minutes to two hours and mainly cover techniques for compromising popular webmail services.

Security researchers at ESET have identified a new campaign targeting Mac users with trojanized cryptocurrency trading apps designed to deliver the GMERA malware. Previous attacks involving this malware family were observed leveraging malicious versions of the trading app Stockfolio, and security researchers also associated the GMERA Trojan with the activities of North Korean hackers.

Catch up on the past week's stories, and watch our latest Naked Security Live video.

Germany's highest court on Friday said security services had too much unfettered access to people's online data and ordered legislation to be revised to set higher hurdles. The Constitutional Court in Karlsruhe agreed with complaints brought by privacy activists that the access to data was excessive and an unconstitutional violation of citizens' right to telecoms privacy.

"In olden days, being a SOC analyst was a respected gig. Entry-level SOC analyst was how you broke into the industry, learned about alarms, alerts, and notifications, and earned your chops in incident response, root cause analysis, report writing/documentation, and potentially, if you were awesome, in presenting it to the boss(es). Then you were either put on the incident response team, or moved over to digital forensics, or you could maybe switch a bit to DevOps/SecDevOps if that caught your interest. Even pentesting, if you got really good at blue teaming, which is a pretty good pathway into breaking and red teaming," Marpet explained what he meant to Help Net Security. "Now, in many companies, SOC analyst is a dead-end job. With the extreme specialization and commoditization of SOC analyst jobs, anything interesting is taken away almost immediately: 'Oh! This looks bad, send it to Incident Response!' or 'I'm not sure what this is, send it to Security!' SOC analysts became security dispatchers a while ago."