Security News

Naked Security's Paul Ducklin interviews Sophos expert John Shier about his recently published paper, "20 years of cyberthreats that shaped information security". Join John on a dizzying journey all the way from legendary viruses such as ILOVEYOU and Code Red, which flooded the internet in 2000, to present-day ransomware gangs like Ryuk and REvil, who are extorting millions of dollars in blackmail money per attack.

As COVID-19 continues to threaten the world, these types of attacks are expected to persist, according to cyber threat intelligence provider Check Point Research. In a report released Tuesday titled Securing the 'next normal, Check Point discussed its 2021 predictions in the face of the pandemic.

HackNotice announced today their new analysis and visualization suite, Risk Explorer. With HackNotice Risk Explorer, everyone is able to visualize, analyze, and filter their risk, understanding which events impact them the most, relationships between their digital identities and exposures, and see their exposed information in easy to understand ways.

Seventy percent of major organizations were strategizing to pour more money into cybersecurity efforts as a result of the coronavirus pandemic, according to a report in May. Gartner has predicted that, despite COVID-19, total global spending on cybersecurity will hit $123.8 billion in 2020. A new report-CompTIA's State of Cybersecurity 2020-took the temperature of how the enterprise has responded to security during COVID-19, surveying 425 US businesses.

Almost three quarters of all requests for analysis to Kaspersky's Threat Intelligence Portal were for trojans, backdoors, and droppers. Organizations and individuals must grapple with a variety of cyberthreats and malware from phishing attacks to ransomware to viruses to trojans and more.

Honeywell announced the latest release of its Forge Cybersecurity Suite that includes several enhancements to help ensure business continuity in the face of mounting cyberthreats, uncertain global business conditions and continued supply chain disruption associated with remote operations. The new Honeywell Forge Cybersecurity Suite release incorporates new features such as enhanced industrial-grade remote access, increased asset discovery capabilities with active and passive functionality and improved cybersecurity risk monitoring.

England's Premier League is returning this week, with millions of soccer fans around the world looking to stream matches using their online video accounts. The NCSC has in the past flagged the hazards of scoring a cyber own-goal via poor password hygiene: Using easy-to-guess passwords or reusing passwords across online accounts is a continued issue, it said.

A blog post published Wednesday by Google explains what the company is doing to fight coronavirus-related attacks and what users can do to protect themselves as well. Implementing proactive monitoring for COVID-19-related malware and phishing emails, Google said that most of the observed threats are not new but are simply repackaged malicious campaigns designed to exploit all the attention on the coronavirus.

Endace announced that the EndaceProbe Analytics Platform is now integrated with Palo Alto Networks Cortex XSOAR, the industry's first extended security, orchestration, automation and response platform with native threat intel management that empowers security leaders with instant capabilities against threats across their entire enterprise. Through this integration, Endace and Cortex XSOAR provide customers with network packet capture from within Cortex XSOAR playbooks to enable accelerated, evidence-led, forensic investigation of cyberthreats.

A drawback to these plans is that many of these facilities no longer classified as data centers remain vulnerable to cyberthreats, according to a Government Accountability Office audit released Thursday. The major concern that the GAO audit found is that these smaller facilities remain significant access points to federal IT infrastructures and without proper reporting and cybersecurity oversite, could provide vulnerable to a data breach or a larger-scale attack.