Security News > 2020

Employees who create external accounts but use them internally pose a risk to your security, says password manager company 1Password.

"The National Cyber Security Centre assesses with the highest level of probability that on 28 October 2019 the GRU carried out large-scale, disruptive cyber-attacks," said the Foreign Office in a statement, referring to the main Russian overseas spy agency. Russia has few qualms about letting APT28 loose against foreign countries, as its attacks against Italy a few years ago showed.

Britain and the United States on Thursday accused Russia of orchestrating a "Reckless" cyber assault against Georgia last year as part of an aggressive campaign of online attacks worldwide. The British government said its National Cyber Security Centre had decided Moscow was behind the Georgia cyber attack "With the highest level of probability".

"This allows me to understand the potential avenues for attack," explained Harber, "And allows me to improve the overall security of the network. Patching, for example. I may not be able to patch everything, but the risk simulation can highlight areas that I really ought to patch to protect downstream high value assets; or perhaps apply additional deception decoys and breadcrumbs along the potential attack route." The risk simulator, potentially enhanced by knowledge of possible TTPs gleaned from the MITRE ATT&CK mapping where an intruder has already been detected on an endpoint, allows the analysts to engage in a variation of red team/blue team defending without the need to employ a separate white hat red team.

The US Department of Homeland Security on Tuesday said that an infection by an unidentified ransomware strain forced the shutdown of a natural-gas pipeline for two days. The alert, issued by DHS's Cybersecurity and Infrastructure Security Agency, didn't say where the affected natural gas compression facility is located.

RSA As IBM's crew cancels their hotel rooms, Microsoft's infosec staffers are still set to attend the decades-old RSA conference and pulled the covers off a raft of security releases and previews for the event today. We spoke to Microsoft 365 Senior Director, Alym Rayani, about compliance and insider risk at last year's Ignite event.

Cometdocs has disputed the severity of the findings and has threatened legal action against reporters if they publish what the company considers to be inaccurate articles. "The Cometdocs applications are transferring files without using encryption, providing bad actors the opportunity to cache and retrieve the files. Moreover, a man-in-the-middle attacker could access the files while 'sniffing' traffic on the same Wi-Fi network as the user. Because the Cometdocs apps do not use encryption when transmitting and storing files on its servers, they are allowing private information to leak into the hands of third-parties monitoring the network," Wandera said.

Almost half of connected hospital devices are still exposed to the wormable BlueKeep Windows flaw nearly a year after it was announced, according to a report released this week. The proportion of Windows devices connected to a network that are vulnerable is far higher, at 45%, it adds.