Security News > 2020 > December

During that same time, 76% of IT security leaders said that their organizations have experienced one or more data breaches involving the loss of sensitive files and 59% said insider threat will increase in the next two years primarily due to users having access to files they shouldn't, employees' preference to work the way they want regardless of security protocols and the continuation of remote work. Why is that? 46% of organizations have an insider risk response plan.

In some cases, countries are not even aware of major cyberattacks against them; Iran only belatedly realized it had been attacked by the Stuxnet worm over a period of years, damaging centrifuges being used in the country's nuclear weapons program. In the paper, the scholars largely examined scenarios where countries are aware of cyberattacks against them but have imperfect information about the attacks and attackers.

Fudo Security published the results of it survey, enlisting the unique perspectives of a diverse, select group of CISOs, senior cybersecurity executives and industry decision-makers from around the globe including the US, Europe, Asia and MENA. More than 42% said the pandemic has changed their cybersecurity priorities. 57.8% utilize identity and access management, and 50.6% deploy privileged access management.

"Comparing data from the last two years, we see that crowdsourced cybersecurity is growing rapidly as a result of rapid digital transformation and increased threats caused by the COVID-19 pandemic. Vulnerability submissions are up, with higher numbers of critical vulnerabilities, and total payouts are growing steadily by about 15-20% per quarter." The most submitted vulnerabilities in 2020 stem from broken access controls, while the second-highest number of vulnerabilities were related to cross-site scripting.

A new wormable botnet that spreads via GitHub and Pastebin to install cryptocurrency miners and backdoors on target systems has returned with expanded capabilities to compromise web applications, IP cameras, and routers. Early last month, researchers from Juniper Threat Labs documented a crypto-mining campaign called "Gitpaste-12," which used GitHub to host malicious code containing as many as 12 known attack modules that are executed via commands downloaded from a Pastebin URL. The attacks occurred during a 12-day period starting from October 15, 2020, before both the Pastebin URL and repository were shut down on October 30, 2020.

As the debris from the explosive SolarWinds hack continues to fly, it has been a busy 48 hours as everyone scrambles to find out if, like various US government bodies, they've been caught in the blast. Fast forward to the weekend, and various US government organizations discovered they too had been hacked, with Russia's APT29 aka Cozy Bear team suspected by officials.

This new offering enables CipherCloud customers to prevent unintended cloud misconfigurations that lead to data loss, while enabling more consistent compliance with industry standards such as GDPR, CCPA, HIPAA and PCI. Delivered as an integrated component of the market-leading CASB+ solution, CipherCloud CSPM and SSPM directly address the leading cause of cloud security and data breaches - unseen cloud configuration errors. In the Gartner 2020 "Magic Quadrant for Cloud Access Security Brokers" CipherCloud was highlighted for market-leading CSPM/SSPM capabilities suitable to replace stand-alone tools.

A security researcher has demonstrated that sensitive data could be exfiltrated from air-gapped computers via a novel technique that leverages Wi-Fi signals as a covert channel-surprisingly, without requiring the presence of Wi-Fi hardware on the targeted systems. Dubbed "AIR-FI," the attack hinges on deploying a specially designed malware in a compromised system that exploits "DDR SDRAM buses to generate electromagnetic emissions in the 2.4 GHz Wi-Fi bands" and transmitting information atop these frequencies that can then be intercepted and decoded by nearby Wi-Fi capable devices such as smartphones, laptops, and IoT devices before sending the data to remote servers controlled by an attacker.

NICE Actimize announced that FACEPOINT has joined the X-Sight Marketplace, bringing its facial recognition technology for advanced KYC and watch list risk screening to the ecosystem. FACEPOINT complements and enhances NICE Actimize's AML screening and KYC solutions by offering an alternative to traditional name-based screening.

SoftServe has achieved AWS Migration Competency status. This designation recognizes SoftServe's expertise in helping businesses successfully move to AWS through all phases of complex migration projects, including discovery, planning, migration, and operations.