Security News

Facebook said Wednesday that it has disrupted more than 150 deceptive influence schemes since 2017, with Russia the biggest single source, as culprits strive to stay "Under the radar." The number of coordinated inauthentic behavior campaigns derailed at the leading social network ramped up each year since a Russia-linked operation to sway the outcome of the 2016 US presidential election put Facebook on the defensive.

TuxCare services from CloudLinux provide automated security patches and updates for the systems supporting the Atlas V rocket. Through this work, TuxCare supports Department of Defense and Space Force missions to protect U.S. National Security.

Called attacker dwell time, this is part of an adversarial approach that has become even more popular with hackers when it comes to 2021 ransomware attacks and data breaches. Combating Dwell Time with EDR. Even one day is too many when it comes to adversaries camping out on your network, but rooting them out can be tough for resource-strapped firms on a tight budget.

President Joe Biden signed an executive order Wednesday meant to strengthen U.S. cybersecurity defenses in response to a series of headline-grabbing hacking incidents that highlight how vulnerable the country's public and private sectors are to high-tech spies and criminals operating from half a world away. The order will require all federal agencies to use basic cybersecurity measures, like multi-factor authentication, and require new security standards for software makers that contract with the federal government.

President Biden signed an executive order Wednesday to modernize the country's defenses against cyberattacks and give more timely access to information necessary for law enforcement to conduct investigations. This executive order follows the numerous cyberattacks targeting US interests this year, including the SolarWinds supply chain attacks in December and the more recent DarkSide ransomware attack against the largest US fuel pipeline, Colonial Pipeline.

UK's National Cyber Security Centre highlights the success of its Active Cyber Defence program. The UK's National Cyber Security Center Active Cyber Defense program is an ambitious project designed to improve the security posture of an entire nation.

CrowdStrike and Google Cloud announced a series of product integrations to deliver joint customers defense-in-depth security, comprehensive visibility and workload protection at scale across hybrid cloud environments. These integrations will enable more seamless sharing of telemetry and data between the two security platforms, helping maintain high levels of security across a customers' entire cloud or hybrid environment.

The United States' Department of Defense has opened up all of its publicly facing systems and apps to investigation under a bug bounty program. The bug bounty system had only been aimed at websites but now Kristopher Johnson, director of its Vulnerability Disclosure Program, has said "Websites were only the beginning as they account for a fraction of our overall attack surface" and urged the infosec community to take a wider view.

Version 90 of Google's Chrome browser includes a bit of extra security for users of recent versions of Windows and the latest x86 processors, in the form of hardware-enforced stack protection. This basically means that, if your PC supports it, it's a bit harder for malicious websites to exploit bugs in Chrome to hijack your computer.

FireEye announced that Mandiant Managed Defense, Mandiant's managed detection and response service, now supports Microsoft Defender for Endpoint. "With threat conditions changing constantly, companies require trusted expertise with powerful analytical capabilities to ensure accurate and decisive execution - this is where Mandiant shines," said Marshall Heilman, Executive Vice President, Managed Defense and Advanced Practices, FireEye.