Security News > 2020

What are the key considerations security decision makers should take into account when designing their 2020 breach protection? To answer this, Cynet polled 1,536 cybersecurity professionals to understand the common practices, prioritizations and preferences of organization today in protecting themselves from breaches. Security executives face significant challenges when confronting the evolving threat landscape.

Security provider Stellar Cyber, with the first Open-XDR platform, announced its new Firewall Traffic Analysis Application, which supercharges firewalls by analyzing their data to spot undetected anomalies. With this new App, security analysts get an automated assistant to detect firewall misconfigurations, malicious users and abnormal traffic to gain new value from firewall data, improving analyst productivity typically over 20x. The FTA Application supports firewalls from many vendors including Cisco, Check Point, Fortinet, Palo Alto Networks and Sophos.

FireEye, the intelligence-led security company, announced the availability of two new FireEye Mandiant services. Cloud Security Assessments help organizations evaluate and harden security in cloud platforms, and Cyber Defense Operations consulting services help organizations achieve security transformation by improving the detection and response capabilities of their security operations center.

STEALTHbits Technologies, a cybersecurity software company focused on protecting an organization's sensitive data and the credentials attackers use to steal that data, announced the release of StealthRECOVER 1.5, their fine-grained rollback and recovery solution for Active Directory. As a component of STEALTHbits' AD Management and Security solution portfolio, StealthRECOVER enables organizations to quickly and easily rollback and recover unintended and unwanted directory changes.

Candid pictures used to threaten Amazon boss Jeff Bezos were exposed not by his current paramour's brother, as some believe, but through a sophisticated hacking operation personally directed by the crown prince of Saudi Arabia, Mohammad bin Salman, The Guardian suggests. The paper today claims to have been told by anonymous sources that Bezos' phone was hacked using a WhatsApp message from the personal account of bin Salman himself.

Skylo will bring instant, affordable and ubiquitous Internet of Things connectivity to millions of machines, sensors and devices, even in the most remote geographies. Skylo costs 95% less than existing satellite solutions, with connectivity starting at just $1 per user and hardware that costs less than $100. Skylo is the world's most affordable satellite technology and will enable operations for remote businesses, increase safety, drive economic development and job creation, and help with disaster preparedness and response.

Commentary: There's a lot of hype about bug bounties, but here's some truth. The thing that gets hackers hungry for bug bounties is the dopamine rush when they spend just a few minutes hunting for bugs, find one, report it, and seemingly get "Money for nothing." The problem is this rarely happens for most people.

According to researchers at the ZeroFOX Alpha Team, the latest version of the group's phishing kit is designed with a number of features that are aimed to steal as much personally identifiable information as possible from users of the popular money-transfer service, including login credentials, geolocation, email address, credit-card information, phone number and more. The researchers were able to intercept traffic between the kit and the C2 server, and gain access to the server panel that 16Shop rents to users.

Is the indictment of April 11 that the extradition cased was based on? If the initial indictment is anything like the DoJ press release of April 11. From the DoJ statement, the purported crimes appear to be: "Hacking" in headline but described as "Cracking" in text, and also 'conspiracy' in both the headline and the text.

Three weeks into the new year, several hacking incidents involving email have already been added to the federal tally of major health data breaches. In a statement posted on the organization's website last week - which has since been removed - NARA said the attack, which took place on Nov. 4, 2019, and involved Emotet Trojan malware, "a credential stealer that can also obtain emails and files in email attachments."