Security News > 2020 > September

CrowdStrike has released an annual report that reviews intrusion trends during the first half of 2020 and provides insights into the current landscape of adversary tactics, which has been heavily impacted this year by the remote workforce environment of COVID-19. First half of 2020 hands-on-keyboard intrusion activity surpasses all of 2019.

CISOs are tasked with preparing for more than three audits on average in the next 6-12 months, but struggle with inadequate tools, limited budgets and personnel, and inefficient manual processes. "This survey clearly shows that CISOs at major companies are caught between a rock and hard place when it comes to security and compliance audits over the second half of 2020 and want automated tools to help dig them out. Unfortunately, they're simply not able to find them," said Scott Schwan, Shujinko CEO. "Teams are cobbling together scripts, shared spreadsheets, ticketing systems and a hodgepodge of other applications to try to manage, resulting in inefficiency, lengthy preparation and limited visibility. More than two-thirds of CISOs are looking for something better."

The period has seen strong transaction volume growth compared to 2019 but an overall decline in global attack volume. The EMEA region saw lower overall attack rates in comparison to most other global regions from January through June 2020.

A group of researchers has detailed a new timing vulnerability in Transport Layer Security protocol that could potentially allow an attacker to break the encryption and read sensitive communication under specific conditions. Dubbed "Raccoon Attack," the server-side attack exploits a side-channel in the cryptographic protocol to extract the shared secret key used for secure communications between two parties.

Cybersecurity company Cynet has released a report detailing changes in cyberattacks they've observed across North America and Europe since the beginning of the COVID-19 pandemic. The report shares the cyberattack volume change observed across industry sectors, the increased use of spear phishing as an initial attack vector, and the approaches being used to distribute malware in spear phishing attacks.

FireEye announced the formation of Mandiant Solutions. "The purpose of the Mandiant Solutions group is to bring new, controls-agnostic offerings to market that are applicable to every security team. This marks the beginning of our multi-step journey to augment and automate global security teams with more of the actionable data from our front lines, regardless of their SIEM or controls."

The report states that the percentage of attacks using new techniques has historically been around 20%. That is, 80% of attacks have used well-known techniques that are easily identified, assuming companies have updated preventative measures in place. Since the Covid-19 pandemic, Cynet found that new attacks jumped to roughly 35% of all attacks.

Flowmon Networks announced the general availability of Flowmon ADS 11. The latest version brings superior UX, massive performance increase, noise-free incident understanding, and reporting across all environments to help security teams to reduce manual workloads without sacrificing control.

With these capabilities, Oracle is the only cloud service provider to offer a cloud security posture management dashboard at no additional cost, with numerous pre-built tools that automate response to reduce customer risk quickly and efficiently. Oracle Maximum Security Zones and Oracle Cloud Guard embed decades of enterprise security expertise and best practices into the Oracle public cloud in an autonomous fashion, accelerating customers' ability to ramp up to their cloud estate securely from inception.

Cohu announced the introduction of its RedDragon RF test module for 5G, Wi-Fi 6 and Ultra-Wideband standards. The new RedDragon module optimizes throughput and test yield for semiconductor manufacturers of RF and mobile communication systems.