Security News > 2020 > September

odix joins MISA program and integrates its FileWall with Microsoft Azure Sentinel
2020-09-30 23:30

Odix was nominated to MISA for integrating their recently launched product, FileWall, with Microsoft Azure Sentinel. FileWall is a security application for Microsoft 365 mailboxes and now includes reporting capabilities to Azure Sentinel.

Jumio acquires AML platform from Beam to strengthen its anti-financial crime marketplace position
2020-09-30 23:00

Jumio announced that the company acquired the AML platform from Beam Solutions, a San Francisco-based startup focused on transaction monitoring and KYC. Jumio will integrate Beam's suite of AML solutions into its current KYX Platform to further strengthen the company's position in the anti-financial crime marketplace. Beam's mission is to make the financial system safer by applying creative technological innovation to the detection and reporting of suspicious financial activity that facilitates money laundering, terrorism and human trafficking.

Exabeam appoints Gorka Sadowski as chief strategy officer
2020-09-30 22:30

Exabeam announced the appointment of industry veteran and former Gartner analyst Gorka Sadowski to chief strategy officer. Before joining the Exabeam team, he served as a senior director and analyst at Gartner, focused on security operations for IT leaders.

OAuth Consent Phishing Ramps Up with Microsoft Office 365 Attacks
2020-09-30 21:29

According to researchers from Proofpoint, targets receive a well-crafted lures asking them to click a link which carries them to the legitimate Microsoft third-party apps consent page. "The ability to perform reconnaissance on an O365 account supplies an actor with valuable information that can later be weaponized in business email compromise attacks or account takeoversThe minimal [read-only] permissions requested by these apps also likely help them appear inconspicuous if an organization's O365 administrator audits connected apps for their users' accounts."

Business top brass are terrified their companies will simply be collateral damage in a future cyber-war
2020-09-30 21:11

Businesses are worrying about being caught in the crossfire of cyber warfare, according to research from Bitdefender - while industry figures warn that the gap between common-or-garden cyber threats and "Oh, look what nation states are doing" is becoming ever smaller. Bitdefender's latest report, titled 10 in 10, surveyed around 6,000 C-suite bods responsible for cyber security and found [PDF] "Over a fifth" of these said that cyber warfare was one of the most challenging topics they had to convince their colleagues to take seriously.

Secretive Big Data Firm Palantir Makes Low-Key Stocks Debut
2020-09-30 20:52

Data analytics firm Palantir, which has drawn fire over its law enforcement and national security work, made a low-key debut Wednesday on Wall Street at a hefty valuation of more than $20 billion. The report said Palantir "Has a responsibility to avoid causing or contributing to human rights abuses, and to address human rights impacts in which they are involved" under United Nations guidelines.

Russian hacker, described as 'brilliant' by judge, gets seven years in a US clink for raiding LinkedIn, Dropbox
2020-09-30 20:15

A Russian scumbag found guilty of hacking into LinkedIn, Dropbox, and Formspring - and stealing data on over 200 million users - has been sent down for more than seven years. Yevgeniy Nikulin was sentenced to 88 months in an American prison by a federal court in San Francisco this week though the judge in this case, William Alsup, was surprisingly kind about the 32-year-old Russian.

Android Spyware Variant Snoops on WhatsApp, Telegram Messages
2020-09-30 19:14

Researchers say they have uncovered a new Android spyware variant with an updated command-and-control communication strategy and extended surveillance capabilities that snoops on social media apps WhatsApp and Telegram. APT-C-23 is known to utilize both Windows and Android components, and has previously targeted victims in the Middle East with apps in order to compromise Android smartphones.

GitHub Announces General Availability of Code Scanning Feature
2020-09-30 18:05

GitHub on Wednesday announced that its code scanning feature, which is designed to enable developers to easily identify vulnerabilities in their products before they reach production, is generally available. The code scanning feature was unveiled in May, but at the time it was still in beta.

Account takeover fraud rates skyrocketed 282% over last year
2020-09-30 16:46

ATO is the weapon of choice for fraudsters leading up to the holiday shopping season, new data from Sift shows, and consumers place account security burden on businesses. Account takeover fraud attempts to steal from consumers and e-commerce merchants swelled 282% between Q2 2019 to Q2 2020, new data from digital trust and safety provider Sift finds.