Security News

XM Cyber, an Israel-based company that offers a cyberattack simulation platform, announced on Thursday that it raised $17 million in a Series B funding round. XM Cyber offers an automated breach and attack simulation platform that continuously tests an organization's security posture, including on premises and in the cloud, and provides them information on how to remediate any identified issue.

Recent fires and explosions at important Iranian facilities may have been caused deliberately as part of an operation that involved cyberattacks, according to reports. There have been several incidents at major Iranian industrial facilities in recent weeks, including a fire at the Natanz nuclear enrichment site and an explosion at the Parchin military complex near Tehran, which is believed to be involved in the production of missiles.

Cyberattacks bypass the WAF. 49% of security professionals reported more than a quarter of attempts to sidestep their WAF protocols had been successful in the last 12 months. 29% of respondents admitted they had found it difficult to alter their WAF policies to guard against new web application attacks, while just 15% said they had found the process very easy.

Based on a survey commissioned by IBM Security and conducted by the Ponemon Institute, "The 2020 Cyber Resilient Organization Study" found that organizations have gradually improved their ability to plan for, detect, and even respond to cyberattacks over the past five years. The ability of organizations to contain an actual attack dropped by 13% over the past five years, which IBM Security attributed to several factors.

Less than one-third of Americans said they are concerned about their data security while working from home during the COVID-19 pandemic, a Unisys Security report found. The Unisys Security Index, released on Tuesday, calculates a score out of 300 that measures consumer attitudes over eight areas of security in four categories.

Australia's prime minister said Friday his country was under a broad cyberattack from a "State-based actor" targeting government, public services and businesses, with suspicions falling on China. Australia enraged China by calling for an investigation into the origins of the coronavirus pandemic and by accusing China of fuelling a virus "Infodemic" and engaging in economic "Coercion".

The report, which examined how cyberattacks exploited the crisis, found that attackers used local lures and preyed on people's "Concern, confusion, and desire for resolution" with mainly phishing campaigns aimed at spreading malware, committing identity theft or creating other disruptions. Instead of creating new types of malware to use during the pandemic, Microsoft's threat intelligence on endpoints, email and data, identities and apps concluded that "This surge of COVID-19 themed attacks was really a repurposing from known attackers using existing infrastructure and malware with new lures."

Dell Technologies' Global Data Protection Index 2020 Snapshot takes a closer look at the disruptions plaguing organizations around the globe. "Vulnerabilities, if not addressed, can do lasting damage to a company. Businesses must become more resilient, such as implementing air-gapped solutions that are physically disconnected while protecting their data, as cyber criminals continue to seize new opportunities to cause disruptions," said Nelson Hsu, director of data protection solutions marketing at Dell Technologies.

A report released Wednesday by security provider IBM X-Force describes the types of threats that impact cloud security and how companies can better protect their cloud-based assets. Based on a survey of senior business and IT professionals, IBM's "2020 Cloud Security Landscape Report" found that while the cloud can empower certain business and technology capabilities, the type of ad-hoc management of cloud resources is causing increased complexity for IT and security staffs.

Honda has been the victim of a cyberattack that some experts are attributing to the SNAKE ransomware crime group. In a statement shared with BBC News on Tuesday, Honda confirmed that "a cyber-attack has taken place on the Honda network," affecting its ability to access its own computer servers, use email, and otherwise use its own internal systems.