Security News

DataTribe announced a $2.5M seed investment in Ntrinsec. Ntrinsec is the moving-target defense start-up that is solving the secrets sprawl that exists in enterprises of all sizes today.

Accenture has acquired Sentor, a Sweden-based independent provider of cyber defense and managed security services. The company's portfolio includes advisory services, security testing, managed detection and incident-response capabilities, powered by a 24/7/365 security operations center in Stockholm.

Wouldn't it be nice if you could prevent a ransomware attack from occurring in the first place? DMARC can make this seemingly impossible claim a possibility for domain owners! DMARC is also known as the first line of defense against Ransomware.

D3FEND, a framework for cybersecurity professionals to tailor defenses against specific cyber threats is now available through MITRE. NSA funded MITRE's research for D3FEND to improve the cybersecurity of National Security Systems, the Department of Defense, and the Defense Industrial Base. The D3FEND technical knowledge base of defensive countermeasures for common offensive techniques is complementary to MITRE's ATT&CK, a knowledge base of cyber adversary behavior.

A critical security bug in Palo Alto Networks' Cortex XSOAR could allow remote attackers to run commands and automations in the Cortex XSOAR War Room and to take other actions on the platform, without having to log in. Found internally by Palo Alto, the bug is an improper-authorization vulnerability that "Enables a remote unauthenticated attacker with network access to the Cortex XSOAR server to perform unauthorized actions through the REST API," according to the security vendor's Tuesday advisory.

A BlueVoyant report highlights critical vulnerabilities within the defense supply chain ecosystem. Cybersecurity gaps were identified in the subcontractors' security practices to garner a better understanding of the security posture of less visible members of the complex defense supply chain.

The mitigations applied to exorcise Spectre, the family of data-leaking processor vulnerabilities, from computers hinders performance enough that disabling protection for the sake of speed may be preferable for some. "Before Spectre mitigations, those system calls hardly slowed down userspace execution at all."

Dragos and the North American Electric Reliability Corporation's Electricity Information Sharing and Analysis Center have announced a joint initiative to strengthen collective defense and community-wide visibility for industrial cybersecurity in the North American electricity industry. The joint initiative enables E-ISAC analysts to gain greater visibility into industrial control system cyber threats facing the electric sector through Dragos's Neighborhood Keeper technology.

As more businesses move their critical data and cybersecurity defenses to the cloud and the volume of network traffic increases substantially, enterprise cybersecurity teams are rethinking their use of sandbox environments. It's becoming increasingly easier to avoid the sandbox as enterprises generally direct only a sampling of their traffic to the sandbox.

Put differently, shortcomings in malware mitigation software could not just permit unauthorized code to turn off their protection features, design flaws in Protected Folders solution provided by antivirus vendors could be abused by, say, ransomware to change the contents of files using an app that's provisioned write access to the folder and encrypt user data, or a wipeware to irrevocably destroy personal files of victims. To this end, the ransomware reads the files in the folders, encrypts them in memory, and copies them to the system clipboard, following which the ransomware launches Notepad to overwrite the folder contents with the clipboard data.