Security News

SecureCloud addresses a daunting challenge for business, DevOps, and security leaders: rapid deployment of applications and services to customers - without sacrificing security measures or privacy protections. "We greatly benefited from Anitian's Compliance Automation Platform to migrate our application to the AWS cloud and achieve our FedRAMP authorization," said Ignacio Martinez, vice president of security, risk, and compliance for Smartsheet.

Cohesity announced Cohesity SiteContinuity, an automated disaster recovery solution that is integrated with the company's backup and continuous data protection capabilities - making it the only web-scale, converged solution to protect applications across tiers, service levels, and locations on a single platform. "The new solution from Cohesity is very timely as it allows us to protect our mission and business-critical applications on a single platform. We can now automate our business continuity and disaster recovery strategy, all from Cohesity's data platform, making it easier for us to manage SLAs, and reduce downtime with automated, rapid failover and failback."

Despite an 8% decrease in overall malware detections in Q2 2020, 70% of all attacks involved zero day malware - variants that circumvent antivirus signatures, which represents a 12% increase over the previous quarter, WatchGuard found. Zero day malware made up more than two-thirds of the total detections in Q2, while attacks sent over encrypted HTTPS connections accounted for 34%. This means that organizations that are not able to inspect encrypted traffic will miss a massive one-third of incoming threats.

In one of the attack vectors, attackers can attack the victims using a specifically crafted website. The second attack vector, attackers can attack the victim by just remotely communicating with the CodeMeter server that is located on the machines.

If you're administrating Windows Server, make sure it's up to date with all recent patches issued by Microsoft, especially the one that fixes a recently patched critical vulnerability that could allow unauthenticated attackers to compromise the domain controller. Dubbed 'Zerologon' and discovered by Tom Tervoort of Secura, the privilege escalation vulnerability exists due to the insecure usage of AES-CFB8 encryption for Netlogon sessions, allowing remote attackers to establish a connection to the targeted domain controller over Netlogon Remote Protocol.

Cisco flagged threats like Kovter, Poweliks, Divergent and LemonDuck as the most common fileless malware. Another prevalent critical threat to endpoints in the first half was dual-use tools that are typically leveraged for both exploitation and post-exploitation tasks.

The Department of Homeland Security has given system administrators until today to patch a critical vulnerability in Windows Server that could allow an attacker to hijack federal networks, via a flaw in the Netlogon authentication system. On 18 September, the DHS's cybersecurity division issued an emergency directive giving government agencies a four-day deadline to patch the CVE-2020-1472 vulnerability, also known as Zerologon, citing the "Unacceptable risk" it posed federal networks.

Bruce Schneier coined the phrase security theater to describe "Security measures that make people feel more secure without doing anything to actually improve their security." That's the situation we still face today when it comes to defending against cyber security risks. Broaching a concern such as security theater with security professionals can result in defensiveness or ire from disturbing a well-established process, or worse, practitioners assuming there is some implied level of foolishness or ineptitude.

Policymakers should focus on five critical success factors in order to ensure the US continues to build its emerging 5G economy, according to a report from Boston Consulting Group. Drawing on an in-depth analysis of the factors that secured America's leadership of the 4G economy, the study concludes that spectrum availability and wireless network deployments, along with broader economic factors such as a pro-investment and innovation business climate, private sector R&D, and workforce readiness are key to expanding a country's 5G penetration rate and 5G-powered economic growth.

A team at Temple University in Philadelphia has been tracking worldwide ransomware attacks on critical infrastructure, and anyone can request access to the data. An analysis of the data currently shows that government facilities were the most targeted type of critical infrastructure - followed at a distance by education and healthcare - and Maze was the most common ransomware strain.