Security News

The new version features a modern design, increased productivity capabilities, and enhanced security and privacy features. Palo Alto Networks Prisma Cloud 3.0 protects cloud environments from development to runtime.

The United States Federal Bureau of Investigation has admitted that a software misconfiguration let parties unknown send email from its servers. A statement from the Bureau, dated November 14th, states that the agency "Is aware of a software misconfiguration that temporarily allowed an actor to leverage the Law Enforcement Enterprise Portal to send fake emails".

An astonishing piece of vulnerability probing gave infosec researchers a way into to Microsoft's management controls for Azure Cosmos DB - with full read and write privileges over customer databases. The so-called ChaosDB vuln gave Wiz researchers "Access to the control panel of the underlying service" that hosts Azure Cosmos, Microsoft's managed cloudy document database service, they said.

iStorage datAshur SD offers data storage solution to securely share and scale unlimited encrypted data. Rather than the classic USB flash-drive design of incorporating fixed memory, the brand new datAshur SD is designed with an integrated microSD Card slot which enables consumers to use one drive with as many iStorage microSD Cards, in varying capacities, as required, ultimately offering a data storage solution to securely share and scale unlimited encrypted data.

Future malware and ransomware infections will consist of "Shotgun attacks with pinpoint targeting", according to Sophos' 2022 threat report. As if that wasn't enough, the British infosec biz reckons established commodity malware attacks will end up delivering ever more ransomware, while extortion tactics used by ransomware gangs will become more diverse and intense - with the aim of browbeating victims into handing over cash.

Here's a look at the most interesting product releases from the past week, featuring releases from Cynamics, Imperva, Linux Foundation, Netscout and Tenable. Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to deploy the power of Nessus anywhere.

In hybrid AD environments, DSP displays a single view of security indicators in both AD and Azure AD-empowering IT teams to correlate changes that cross between on-premises and cloud environments and could signal an in-progress attack. Abnormal Security ICES platform protects against the full spectrum of email attacks.

Socure Sigma Identity Fraud enables enterprises to reduce fraud losses and false positives. Sigma Identity Fraud delivers an identity fraud classification model by utilizing over 17,000 features that analyze every aspect of a consumer's identity-name, email, phone, address, IP, device, velocity, network intelligence, and real-time consortium feedback data.

FireEye and McAfee, whose business models center around charging enterprises money to protect their networks from cyber-threats, issued a joint report this week predicting next year you'll see an increase in cyber-threats, particularly those against enterprise networks and the staff who run them. Nation states will "Increase their offensive operations by leveraging cybercriminals." as senior principal McAfee engineer Christiaan Beek theorized, citing the example of US indictments against four Chinese nationals who were allegedly running front companies on behalf of Beijing.

ThreatConnect launches Risk Quantifier 6.0 to bring cyber risk quantification for businesses. ThreatConnect Risk Quantifier enables companies to see the financial risks they face from cyber attacks and also prioritize investments that provide ROI. RQ's calculations are informed by your internal environment, threat intelligence, vulnerability management, operations and response data found within ThreatConnect and other integrations.