Security News > 2021 > September

Most enterprises are overconfident and lack the proper visibility to manage subsidiary risk, according to an Osterman Research study. Most organizations believe they're doing a good job managing subsidiary risk.

India and Japan have each flexed their cyber-defence muscles in ways that China can't miss. India's flex came from vice-president M. Venkaiah Naidu, who on Monday visited a military museum and remarked that India's security forces should "Prepare themselves to dominate not only in a conventional war but also establish their superiority in the new and emerging areas of conflict such as information and cyber warfare along with the increasing use of robotics and drones in the battlefield".

The overall percentage of global transactions its system identified as being potentially fraudulent ranged from 10 to 13%, with the average value of each fraudulent transaction ranging from $126 to $155. Fraud attempts are not evenly distributed: fraudulent attempts at individual merchants ranged from 0.8% to over 30% depending on business vertical and geography. CNP transaction fraud liability lies with the merchant.

81% of U.S.-based IT professionals believe that having remote workers has increased enterprise security challenges, while 74% acknowledge that their company's use of cloud solutions increased as a direct result of the COVID-19 pandemic, a ManageEngine report reveals. To that end, 53% of U.S. respondents learned new remote worker support skills and 52% said that their organizations' remote worker support teams have increased their use of cloud solutions in the last year.

87% of network managers, network architects and network engineers say their organizations have increased their investment in NetOps over the past two years, with just 5% saying they have decreased it. NetOps, which stands for network operations and in its current iteration, NetOps 2.0, embeds a growing amount of automation, virtualization and orchestration to make networking operations faster and more accessible, has rapidly established itself as fundamental to network management today.

Recently I was fortunate enough to facilitate a fireside chat with Arkadiy Goykhberg, CISO of news media and business services giant DMGT. The challenge: Enterprise Drift due to Ongoing Threats. Change in security posture grows daily as threat actors, whether financially motivated or nation-state actors, evolve their tactics, tools and Procedures.

A new advanced trojan sold on Russian-speaking underground forums comes with capabilities to steal users' accounts on popular online video game distribution services, including Steam, Epic Games Store, and EA Origin, underscoring a growing threat to the lucrative gaming market. The information harvested from gaming apps, such as Bethesda, Epic Games, GOG, Origin, Steam, and VimeWorld, is exfiltrated to a remote server, from where it's likely to be monetized on darknet platforms or Telegram channels that are dedicated to selling access to online gaming accounts.

Bandwidth.com has become the latest victim of distributed denial of service attacks targeting VoIP providers this month, leading to nationwide voice outages over the past few days. As Bandwidth is one of the leading telephony providers for US voice over IP companies, many other VoIP vendors reported outages over the past few days, including Twilio, Accent, DialPad, Phone.com, and RingCentral.

Microsoft Exchange clients like Outlook have been supplying unprotected user credentials if you ask in a particular way since at least 2016. On August 10, 2016, Marco van Beek, managing director at UK-based IT consultancy Supporting Role, emailed the Microsoft Security Response Center to disclose an Autodiscover exploit that worked with multiple email clients, including Microsoft Outlook.

Microsoft on Monday revealed new malware deployed by the hacking group behind the SolarWinds supply chain attack last December to deliver additional payloads and steal sensitive information from Active Directory Federation Services servers. "Once Nobelium obtains credentials and successfully compromises a server, the actor relies on that access to maintain persistence and deepen its infiltration using sophisticated malware and tools," MSTIC researchers said.