Security News > 2022 > July

ShiftLeft recently released their 2022 AppSec Progress Report, which evaluated how the changes and advancements in static application security testing and intelligent software composition analysis have helped development and DevSecOps teams work better together to fix security issues faster. In this Help Net Security video, Manish Gupta, CEO at ShiftLeft, talks about positive trends in the application security space.

According to the US National Counterintelligence and Security Center, the U.S. is in a global quantum computing race, and China is winning. One emerging technology that could help combat the malicious use of quantum computing is confidential computing.

Resecurity, a Los Angeles-based cybersecurity company protecting Fortune 500 companies worldwide, has registered an increase in malicious activity targeting law enforcement agencies at the beginning of Q2 2022. Threat actors are hacking email and other accounts which belong to law enforcement officers and their internal systems.

Resecurity's AI-powered solutions provide proactive alerts and visibility of digital risks targeting the enterprise ecosystem. By joining the Microsoft Azure marketplace, Resecurity's software solutions will be easily accessible to the millions of Azure customers needing comprehensive cybersecurity management and monitoring.

Which is why SANS Institute endeavours to get its top class cybersecurity training out to as many people as possible. This in-depth session starts with the premise that the key question for security teams is not whether a breach will occur, but when.

Cybersecurity researchers have taken the wraps off a new and entirely undetected Linux threat dubbed OrBit, signally a growing trend of malware attacks geared towards the popular operating system. The malware gets its name from one of the filenames that's utilized to temporarily store the output of executed commands, according to cybersecurity firm Intezer.

For the past year, state-sponsored hackers operating on behalf of North Korea have been using ransomware called Maui to attack healthcare organizations, US cybersecurity authorities said on Wednesday. Uncle Sam's Cybersecurity and Infrastructure Security Agency, the FBI, and the Treasury Department issued a joint advisory outlining a Pyongyang-orchestrated ransomware campaign that has been underway at least since May, 2021.

Microsoft has released an update for the Windows Subsystem for Android, allowing all Windows 11 Insiders to use their VPN's IP address with Android apps. In May, Microsoft introduced a new 'Advanced Networking' feature to Windows 11 builds on the Dev channel, which made the Windows Subsystem for Android virtual machine and host share the same IP address.

The operators of the Hive ransomware-as-a-service scheme have overhauled their file-encrypting software to fully migrate to Rust and adopt a more sophisticated encryption method. "With its latest variant carrying several major upgrades, Hive also proves it's one of the fastest evolving ransomware families, exemplifying the continuously changing ransomware ecosystem," Microsoft Threat Intelligence Center said in a report on Tuesday.

Malicious actors have been observed abusing legitimate adversary simulation software in their attacks in an attempt to stay under the radar and evade detection. Palo Alto Networks Unit 42 said a malware sample uploaded to the VirusTotal database on May 19, 2022, contained a payload associated with Brute Ratel C4, a relatively new sophisticated toolkit "Designed to avoid detection by endpoint detection and response and antivirus capabilities."