Security News > 2020 > September

Odix was nominated to MISA for integrating their recently launched product, FileWall, with Microsoft Azure Sentinel. FileWall is a security application for Microsoft 365 mailboxes and now includes reporting capabilities to Azure Sentinel.

Jumio announced that the company acquired the AML platform from Beam Solutions, a San Francisco-based startup focused on transaction monitoring and KYC. Jumio will integrate Beam's suite of AML solutions into its current KYX Platform to further strengthen the company's position in the anti-financial crime marketplace. Beam's mission is to make the financial system safer by applying creative technological innovation to the detection and reporting of suspicious financial activity that facilitates money laundering, terrorism and human trafficking.

Exabeam announced the appointment of industry veteran and former Gartner analyst Gorka Sadowski to chief strategy officer. Before joining the Exabeam team, he served as a senior director and analyst at Gartner, focused on security operations for IT leaders.

According to researchers from Proofpoint, targets receive a well-crafted lures asking them to click a link which carries them to the legitimate Microsoft third-party apps consent page. "The ability to perform reconnaissance on an O365 account supplies an actor with valuable information that can later be weaponized in business email compromise attacks or account takeoversThe minimal [read-only] permissions requested by these apps also likely help them appear inconspicuous if an organization's O365 administrator audits connected apps for their users' accounts."

Businesses are worrying about being caught in the crossfire of cyber warfare, according to research from Bitdefender - while industry figures warn that the gap between common-or-garden cyber threats and "Oh, look what nation states are doing" is becoming ever smaller. Bitdefender's latest report, titled 10 in 10, surveyed around 6,000 C-suite bods responsible for cyber security and found [PDF] "Over a fifth" of these said that cyber warfare was one of the most challenging topics they had to convince their colleagues to take seriously.

Data analytics firm Palantir, which has drawn fire over its law enforcement and national security work, made a low-key debut Wednesday on Wall Street at a hefty valuation of more than $20 billion. The report said Palantir "Has a responsibility to avoid causing or contributing to human rights abuses, and to address human rights impacts in which they are involved" under United Nations guidelines.

A Russian scumbag found guilty of hacking into LinkedIn, Dropbox, and Formspring - and stealing data on over 200 million users - has been sent down for more than seven years. Yevgeniy Nikulin was sentenced to 88 months in an American prison by a federal court in San Francisco this week though the judge in this case, William Alsup, was surprisingly kind about the 32-year-old Russian.

Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media apps WhatsApp and Telegram. APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones.

GitHub on Wednesday announced that its code scanning feature, which is designed to enable developers to easily identify vulnerabilities in their products before they reach production, is generally available. The code scanning feature was unveiled in May, but at the time it was still in beta.

ATO is the weapon of choice for fraudsters leading up to the holiday shopping season, new data from Sift shows, and consumers place account security burden on businesses. Account takeover fraud attempts to steal from consumers and e-commerce merchants swelled 282% between Q2 2019 to Q2 2020, new data from digital trust and safety provider Sift finds.