Security News > 2021 > February

Tired of keeping up with security alerts from your system? Worried that your Security Operations Centre is getting deluged in low-level reporting? Fear not: Imperva has produced an aggregator aggregation product that sits over the top of all your other alert-generating security software. The Imperva Sonar platform, billed by the firm as wiping out "The need for siloed point solutions," hangs above Security Orchestration, Automation and Response and Security Information and Event Management products, the idea being to reduce the number of different things that your company's SOC needs to keep an eye on.

The benefits of working remotely are numerous, but there are significant hidden costs that need to be factored in. "As we approach a year of working from kitchen tables or makeshift offices, it's time for organizations to consider the human impact of long-term remote working and what this means for security," said Tony Pepper, CEO of Egress.

HYAS, a Victoria, Canada-based provider of threat intelligence based on adversary infrastructure, announced this week that it has closed a $16 million Series B round of funding led by S3 Ventures. HYAS says it has created a massive data lake of attacker infrastructure, including domain-based intelligence that can be connected to other security tools using an API, and also offers its own cloud-based DNS security solution.

According to Kaspersky's "The State of Stalkerware 2020" report, there were 53,870 mobile users within its telemetry who were affected by stalkerware during the year. This is despite the fact that Google banned stalkerware apps from Google Play last year.

I checked in with Morgan Wright, chief security advisor for SentinelOne, a cybersecurity provider; Chris Roberts, hacker in residence at Semperis, a cybersecurity provider; and Alexander García-Tobar, CEO and co-founder of Valimail, a secure email provider, to obtain their insights on what the new administration's cybersecurity priorities should be. As a leader in identity-based anti-phishing solutions, Valimail is particularly focused on email security best practices, as well as email security within the U.S. election infrastructure.

American telecommunications provider T-Mobile has disclosed a data breach after an unknown number of customers were apparently affected by SIM swap attacks. The FBI shared guidance on how to defend against SIM swapping following an increase in the number of SIM hijacking attacks targeting cryptocurrency adopters and investors.

The prolific North Korean APT known as Lazarus is behind a spear-phishing campaign aimed at stealing critical data from defense companies by leveraging an advanced malware called ThreatNeedle, new research has revealed. The elaborate and ongoing cyberespionage campaign used emails with COVID-19 themes paired with publicly available personal information of targets to lure them into taking the malware bait, according to Kaspersky, which first observed the activity in mid-2020.

A hacking group called 'Hotarus Corp' has hacked Ecuador's Ministry of Finance and the country's largest bank, Banco Pichincha, where they claim to have stolen internal data. The ransomware gang first targeted Ecuador's Ministry of Finance, the Ministerio de Economía y Finanzas de Ecuador, where they deployed a PHP-based ransomware strain to encrypt a site hosting an online course.

Bots - basically autonomous programs on the web - have emerged amid widespread frustration with the online world of vaccine appointments. The most notable bots scan vaccine provider websites to detect changes, which could mean a clinic is adding new appointments.

Even as more and more people get vaccinated against COVID-19 despite a slow rollout, most companies have business travel plans on hold at least for now. Brian Kropp, chief of research in the Gartner HR research, said that executives are still very early in their planning process around starting normal business travel.