Security News > 2020 > August

There has been a massive 430% surge in next generation cyber attacks aimed at actively infiltrating open source software supply chains, Sonatype has found. The difference between "Next generation" and "Legacy" software supply chain attacks is simple but important: next generation attacks like ​Octopus Scanner​ and ​electron-native-notify​ are strategic and involve bad actors intentionally targeting and surreptitiously compromising "Upstream" open source projects so they can subsequently exploit vulnerabilities when they inevitably flow "Downstream" into the wild.

Today, a stark disconnect exists between the inadequacy of crisis exercising and the desire to build an effective cyber crisis response function, according to an Osterman Research study. "With three quarters of organizations agreeing that business continuity was at the forefront of their minds, it is time to close the gap between attackers and defenders and shake up the outdated status quo. This requires faster, shorter crisis drills run with the people you will be standing shoulder to shoulder with when the worst happens. Crisis exercises must be made more contemporary."

RiskIQ​ released a research report revealing a large-scale digital scam advertisement campaign spread through fraudulent news sites and affiliate ad networks that cater to highly partisan audiences. Scammers are taking advantage of COVID-19 to spread fake news.

Secure Access Service Edge and Network-as-a-Service solutions provider Perimeter 81 has closed a $40 million Series B funding round that brings the total raised by the company to $65 million. The company also provides endpoint security, along with user and branch internet security and branch interconnectivity.

For the third year SD-WAN adoption continues to grow with an ever-increasing interest in managed and co-managed offerings to navigate through the complexities of an integrated network and security solution, Masergy reveals. Converging the network and security into a single strategy is also important today, as is having a managed service provider for assistance.

Datadog Incident Management brings data, documentation, and collaboration together in a single location which all engineers and security team members can jointly work from. "With these new Incident Management features now available alongside our powerful tools for alerting, monitoring, and collaboration, Datadog customers can manage and resolve incidents in a single, unified platform, saving time when it matters."

WekaIO introduced Weka AI, a transformative storage solution framework underpinned by the Weka File System that enables accelerated edge-to-core-to-cloud data pipelines. Weka AI enables chief data officers, data scientists and data engineers to accelerate genomics, medical imaging, the financial services industry, and advanced driver-assistance systems deep learning pipelines.

KoolSpan and the National Geospatial-Intelligence Agency announced the availability of TrustCall, a secure mobile communications application, to all DoD and IC users for iOS and Android, via the GEOINT App Store. The threats are posed by systemic vulnerabilities in the global telecommunications infrastructure that readily enable interception and monitoring of mobile communications, both voice and data.

The Ethernet Alliance announced the launch of an industry focus around Operational Technology networks found in building and industrial automation. With development of Single-Pair Ethernet creating new opportunities for solving challenges in OT networks, the Ethernet Alliance is seeking to connect with more expertise in the building- and industrial-automation industries.

Apptricity announced the launch of its new 20-Mile Ultra Long-Range Bluetooth beacon. This new Bluetooth, from the Apptricity Development Group, is the longest-ranging secure connection on the market, with the ability to transmit data up to 20 miles outdoors and penetrate up to 20 floors indoors.