Security News

Arctic Wolf announced Managed Security Awareness, a new solution that it described as a security awareness and training program delivered as a concierge service. The new solution includes security awareness microlearning, automated phishing simulations, and account takeover monitoring.

Cisco announces XDR, SASE and network security improvements. Cisco unveiled improvements for its extended detection and response solutions, including enhanced vulnerability management capabilities as a result of the acquisition of Kenna Security, better device visibility via SecureX, simplified transition from EDR to XDR, and expanded investigation and threat hunting capabilities.

Satori, a DataSecOps company revolutionizing data access, security and privacy for the modern data infrastructure, has been named one of 10 finalists for the RSA Conference 2021 Innovation Sandbox Contest for its work democratizing and protecting sensitive data in the cloud using a SaaS-based transparent setup. Satori allows monitoring and governing of data usage and data access in the cloud.

How can military experience help build resilience in information security? What lessons in perseverance and resilience can we pick up from an aerospace consultant who learned them the hard way in the wake of the NASA Challenger tragedy? Or, perhaps, you want to know more about how pentesting works in practice and hear advice by CISOs on how to manage infosec programs?

A former Cisco employee who went medieval on his former employer and cost the company millions, has been sentenced to two years in prison and a $15,000 fine. Five months later he used access credentials to get back into Cisco's systems and deleted virtual machines on Webex - borking more than 16,000 WebEx Teams accounts for two weeks in some cases and costing Cisco $2.4m in refunds and repair work.

Accuracy isn't great, but that it can be done at all is impressive. Murtuza Jadiwala, a computer science professor heading the research project, said his team was able to identify the contents of texts by examining body movement of the participants.

The Iran-linked state-sponsored threat group known as Charming Kitten was observed targeting potential attendees of two major international conferences, Microsoft reports. Recently observed attacks, Microsoft says, targeted over 100 high-profile individuals, potential attendees of two upcoming global policy conferences, namely the Munich Security Conference and the Think 20 Summit, which is held in Saudi Arabia.

The two conferences targeted include the Munich Security Conference, slated for Feb. 19 to 21, 2021 and the Think 20 Summit in Saudi Arabia, taking place Oct. 31 to Nov. 1 2020. Microsoft linked the attack, which targeted more than 100 conference attendees, to Phosphorus, which it said is operating from Iran.

Microsoft disclosed today that Iranian state-sponsored hackers successfully hacked into the email accounts of multiple high-profile individuals and potential attendees at this year's Munich Security Conference and the Think 20 summit. "The attacks were successful in compromising several victims, including former ambassadors and other senior policy experts who help shape global agendas and foreign policies in their respective countries," Tom Burt, Corporate Vice President for Customer Security & Trust at Microsoft said earlier today.

Cybercriminals have planted a payment card skimmer on the websites of several organizations using the Playback Now conference platform, Malwarebytes reported on Thursday. The customer websites hosted on it - customers receive a dedicated website which they can use to serve their content - had been injected with a payment card skimmer that allowed the attackers to steal the financial information of users purchasing conference materials from those sites.