Security News

Agari, the market share leader in phishing defense solutions for the enterprise, unveiled Agari Active Defense with a new service that delivers actionable threat intelligence driven through active engagement with Business Email Compromise threat actors. Agari Active Defense - BEC Threat Intelligence Service is the only commercial offering on the market that delivers real-world cyber intelligence harvested from direct active engagements with email fraudsters attacking and scamming organizations.

24By7Security is pleased to announce the launch of Readiness Assessment Services for Department of Defense contractors seeking preparedness for Cybersecurity Maturity Model Certification. In upcoming months, the Department of Defense will require that all contractors and suppliers doing business with the Defense Department comply with CMMC standards.

Yuri Diogenes, a professor at EC-Council University and Senior Program Manager at Microsoft, and Dr. Erdal Ozkaya, a prominent cybersecurity professional, advisor, author, speaker and lecturer, published the second edition of their acclaimed book "Cybersecurity - Attack and Defense Strategies". This book will teach you how to identify unusual behaviors within your organization and use incident response methods by applying blue team and read team strategies.

Revolutionary Security's portfolio of cybersecurity services includes assessment and testing, design and build of security programs and functions as well as security operations across its clients' IT and OT systems. Revolutionary Security leverages proprietary technology and methods to help mature the security capabilities of its clients and manage risk.

Linux malware is real and Advanced Persistent Threat groups have been infiltrating critical servers with these tools for at least eight years, according to a new report from BlackBerry. The RATs report describes how five APT groups are working with the Chinese government and the remote access trojans the cybercriminals are using to get and maintain access to Linux servers.

Security should always be a top priority, but it's easy to let these security reviews and user training fall low on the to-do list. No one wants a reminder about how important these tasks are in the form of an expensive security breach.

ReversingLabs has analyzed clues from attacks by the Kwampirs remote access trojan to help software companies defend their organizations against this malware. In addition to attacks against supply chain software providers, the FBI said the same malware was also used in attacks against healthcare, energy, and financial companies.

Phishing is typically used to gain credentials so attackers have access to an organization's systems, or as a way to deploy malware directly. One of the key reasons phishing is so successful is how easy it is to execute, and how many ways it can be used.

Often business priorities are given precedence over security priorities, particularly when optimal security practices risk interfering with business efficiency or overall productivity. Underfunding security in order to boost other areas of the business may seem like a good idea in the short term, but it's a big risk that can come back to bite senior executives pretty spectacularly if they aren't careful.

Among the top issues being discussed at the RSA 2020 conference this week is the need for more cybersecurity collaboration between government agencies and the private sector. Alexander says private sector organizations need to share anonymized information on cybersecurity issues with the government so that further attacks can be prevented.