Security News > 2020 > December

Home networks, remote working software and cloud systems will be at the center of a new wave of attacks in 2021, Trend Micro predicts. "As we begin to enter a post-pandemic world, the trend for remote working is likely going to stick for many organizations. We predict more aggressive attacks to target corporate data and networks," said Jon Clay, director of global threat communications for Trend Micro.

Molerats cyberespionage group has been using in recent spear-phishing campaigns fresh malware that relies on Dropbox, Google Drive, and Facebook for command and control communication and to store stolen data. Designed for cyberespionage, the malware attempts to avoid detection and takedown efforts by using Dropbox and Facebook services to steal data and receive instructions from the operators.

Blaize fully unveiled the Blaize AI Studio offering, the industry's first open and code-free software platform to span the complete edge AI operational workflow from idea to development, deployment and management. AI Studio dramatically reduces edge AI application deployment complexity, time, and cost by breaking the barriers within existing application development and machine learning operations infrastructure that hinder edge AI deployments.

Kevin Thompson, SolarWinds president and CEO, said his company is "Aware of a potential vulnerability" that may have been in "Updates which were released between March and June 2020 to our Orion monitoring products." The vandalized SolarWinds code is said to have been exploited by miscreants to sneak into networks within the US government bodies, among them the Treasury and the Department of Commerce's telecoms agency NTIA, where Orion is used.

Kevin Thompson, SolarWinds president and CEO, said his company is "Aware of a potential vulnerability" that may have been in "Updates which were released between March and June 2020 to our Orion monitoring products." The vandalized SolarWinds code is said to have been exploited by miscreants to sneak into networks within the US government bodies, among them the Treasury and the Department of Commerce's telecoms agency NTIA, where Orion is used.

The US government on Sunday confirmed that its computer networks had been hit by a cyberattack, as The Washington Post reported at least two departments including the Treasury had been targeted by Russian state hackers. "We have been working closely with our agency partners regarding recently discovered activity on government networks," a spokesperson for the Cybersecurity and Infrastructure Security Agency told AFP. "CISA is providing technical assistance to affected entities as they work to identify and mitigate any potential compromises."

Versa Networks announced a new capability connecting Versa Secure SD-WAN, on-premises, and cloud branches with applications and resources in Amazon Web Services using the new high-performance AWS Transit Gateway Connect feature, an AWS Transit Gateway attachment type that enables AWS customers to connect third-party SD-WAN hubs and network virtual appliances with AWS Transit Gateway. Versa Director now integrates with AWS Transit Gateway Connect APIs to deliver an automated, one-click solution for connecting Versa Secure SD-WAN, on-premises and multi-cloud branch locations to each other and with Amazon VPCs. Versa customers can now easily connect Versa Secure SD-WAN with AWS Transit Gateway for a high-performance and simplified connection between their branch offices, applications and resources in Amazon VPCs. The native integration with AWS Transit Gateway Connect allows customers to deploy high-bandwidth Versa Cloud Gateways in AWS leveraging the Versa centralized management and orchestration.

Naked Security's Paul Ducklin interviews Sophos expert John Shier about his recently published paper, "20 years of cyberthreats that shaped information security". Join John on a dizzying journey all the way from legendary viruses such as ILOVEYOU and Code Red, which flooded the internet in 2000, to present-day ransomware gangs like Ryuk and REvil, who are extorting millions of dollars in blackmail money per attack.

"Working with cloud providers like AWS is a critical part of this equation, helping provide a more seamless client experience in order to reduce security complexity for customers as they move further into the cloud." Through a unique combination of security technology and services that embrace AWS services, IBM Security can work to help clients securely migrate to AWS and modernize workloads as part of their broader hybrid cloud strategy.

Hackers broke into the networks of federal agencies including the Treasury and Commerce departments as U.S. government officials said Sunday that they were working to identify the scope of the breach and to fix the problem. The hacks were revealed just days after a major cybersecurity firm disclosed that foreign government hackers had broken into its network and stolen the company's own hacking tools.