Security News > 2020
Modern malware is increasingly leveraging evasive behaviors, a new report by VMware Carbon Black released at RSA Conference 2020 has revealed. Nearly 50 percent of both IT and security respondents reported being understaffed with security respondents noting their teams are currently 48 percent understaffed and IT teams are 26 percent understaffed.
An alarming number of SMBs in the US and UK are not prepared for a potential cyber attack or breach, BullGuard warns. One-third of companies with 50 or fewer employees report using free, consumer-grade cybersecurity, and one in five companies use no endpoint security whatsoever.
A recently disclosed zero-day vulnerability in Zyxel network-attached storage devices also impacts over twenty of the vendor's firewalls. Earlier this week, Zyxel published an advisory on the vulnerability, revealing that it impacted over a dozen NAS devices, including ten that were no longer supported.
Every machine needs a unique identity in order to authenticate itself and communicate securely with other machines. Secure, reliable authentication is essential to protect machine-to-machine communication, yet protecting every machine identity across an enterprise can be a challenge.
SAN FRANCISCO - A serious vulnerability in Wi-Fi chips has been discovered that affects billions of devices worldwide, according to researchers. According to ESET, "[it] found KrØØk to be one of the possible causes behind the 'reinstallation' of an all-zero encryption key, observed in tests for KRACK attacks.
Kr00k is a vulnerability that causes the network communication of an affected device to be encrypted with an all-zero encryption key. CVE-2019-15126 is particularly dangerous because it has affected over a billion Wi-Fi enabled devices - a conservative estimate.
The vulnerabilities were discovered in the iBaby Monitor M6S connected baby camera by researchers with Bitdefender. "We've tried to reach out to iBaby since May 2019 about three major vulnerabilities in their baby monitor but haven't heard back," Alex Jay Balan, chief security researcher at Bitdefender, said during an RSA session.
Digital Guardian announced at RSA Conference 2020 the launch of its Managed Detection & Response service, giving organizations a comprehensive data protection solution with 24/7 access to a team of skilled cybersecurity experts who actively hunt, detect, and mitigate external and internal attacks before they can put an organization's sensitive data at risk. Backed by Digital Guardian's ATAC team, a group that specializes in threat detection, incident response, and proactive threat hunting, the service leverages Digital Guardian's own technology, named a Leader in The Forrester Wave: Endpoint Detection And Response, Q3 2018.
With cyber criminals using multiple attack vectors to reach their targets, SecBI, a disruptive player in cyber defense, announced the launch of its XDR Platform, designed for continuous and automated threat detection, investigation and response on all attack vectors, with a Fortune 500 company among its first customers. SecBI's newly released XDR platform takes a multi-vector approach, applying a proactive layer of machine learning-based analytics across all endpoint, network, and cloud security tools.
Imperva, the cybersecurity leader championing the fight to secure data and applications wherever they reside, announced Advanced Bot Protection, a new solution that fully integrates its industry-leading bot management technology into the Imperva Cloud Application Security solution. Integrating the solution into Imperva Cloud Application Security delivers best-in-class bot capabilities in a single security stack, giving customers true defense-in-depth security through Imperva's market-leading DDoS, WAF and bot solutions.