Security News > 2020 > August

Many organizations are trading on-premises systems for cloud-based solutions, a move that brings virtually limitless scalability, storage and accessibility - usually at a lower cost and with reduced complexity. Ignoring the gaps that come with relying on a single vendor dramatically increases your risk profile and potential for a negative business impact due to an attack or unintended breach.

"[The] FBI has high confidence that Chinese government actors are using malware variants in conjunction with proxy servers to maintain a presence on victim networks and to further network exploitation," the US Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation, and the Department of Defense said in a joint advisory. The US Cyber Command has also uploaded four samples of the Taidoor RAT on the public malware repository VirusTotal to let 50+ Antivirus companies check the virus's involvement in other unattributed campaigns.

The AttackIQ Security Optimization Platform arms cybersecurity leaders with better insights, better decisions, and real security outcomes. Further, "The urgency to treat cybersecurity as a business decision has never been greater." AttackIQ helps customers address these needs with its best-in-class software platform, deep security vendor partnerships, and investment in the practice of threat-informed defense.

StrongBox IT released its flagship application firewall - Modshield SB, now available in the AWS Marketplace on a cloud subscription model and a Bring Your Own License model. A feature-rich, scalable and cost-effective application firewall, Modshield SB is designed to provide protection against all major attack vectors.

IDmission announced its Identity Management System to reduce unauthorized access to large multi-tenant facility access points. With IDMS, large organizations can significantly control physical and logical access points throughout the enterprise.

Misconfigured AWS S3 storage buckets exposing massive amounts of data to the internet are like an unexploded bomb just waiting to go off, say experts. The team at Truffle Security said its automated search tools were able to stumble across some 4,000 open Amazon-hosted S3 buckets that included data companies would not want public - things like login credentials, security keys, and API keys.

Travelers Europe has enhanced its cyber insurance product, Travelers CyberRisk, to provide more coverages and risk management solutions to strengthen customers' overall cybersecurity programs. "Our cyber product has always been more than just an insurance policy, with features such as access to experts who can help our customers navigate the stressful experience of a cyber event," said Davis Kessler, Head of Cyber for Travelers Europe.

Hexagon AB, a global leader in sensor, software and autonomous solutions, announced the acquisition of TACTICAWARE, a provider of LiDAR-based 3D surveillance software used to monitor and protect critical infrastructure and buildings - from powerplants and airports to commercial and residential buildings and more. TACTICAWARE's flagship solution, Accur8vision, is a volumetric detection security system offering 3D surveillance.

Cloudbeam enables a high performance, scalable, reliable, and secure private connection to a CSP. It creates a separate connection from the regular internet, connecting businesses to their CSPs, privately and securely. Cloudbeam offers higher performance bypassing slow VPN connections and increases reliability via a direct and private CSP connection instead of going through the public Internet.

Enter The Blacklist Alliance, which promises to help marketers avoid TCPA legal snares set by "Professional plaintiffs and class action attorneys seeking to cash in on the TCPA." According to the Blacklist, one of the "Dirty tricks" used by TCPA "Frequent filers" includes "Phone flipping," or registering multiple prepaid cell phone numbers to receive calls intended for the person to whom a number was previously registered. The leaked Blacklist customer database points to various companies you might expect to see using automated calling systems to generate business, including real estate and life insurance providers, credit repair companies and a long list of online advertising firms and individual digital marketing specialists.