Security News

Here's a look at the most interesting product releases from the past week, featuring releases from Cynamics, Imperva, Linux Foundation, Netscout and Tenable. Tenable has released Nessus 10 and extended supported platforms to include Raspberry Pi, allowing penetration testers, consultants, security teams and students to deploy the power of Nessus anywhere.

In hybrid AD environments, DSP displays a single view of security indicators in both AD and Azure AD-empowering IT teams to correlate changes that cross between on-premises and cloud environments and could signal an in-progress attack. Abnormal Security ICES platform protects against the full spectrum of email attacks.

Socure Sigma Identity Fraud enables enterprises to reduce fraud losses and false positives. Sigma Identity Fraud delivers an identity fraud classification model by utilizing over 17,000 features that analyze every aspect of a consumer's identity-name, email, phone, address, IP, device, velocity, network intelligence, and real-time consortium feedback data.

FireEye and McAfee, whose business models center around charging enterprises money to protect their networks from cyber-threats, issued a joint report this week predicting next year you'll see an increase in cyber-threats, particularly those against enterprise networks and the staff who run them. Nation states will "Increase their offensive operations by leveraging cybercriminals." as senior principal McAfee engineer Christiaan Beek theorized, citing the example of US indictments against four Chinese nationals who were allegedly running front companies on behalf of Beijing.

ThreatConnect launches Risk Quantifier 6.0 to bring cyber risk quantification for businesses. ThreatConnect Risk Quantifier enables companies to see the financial risks they face from cyber attacks and also prioritize investments that provide ROI. RQ's calculations are informed by your internal environment, threat intelligence, vulnerability management, operations and response data found within ThreatConnect and other integrations.

Security vendor CrowdStrike claims it's spotted the group and that it "Has been consistently targeting the telecommunications sector at a global scale since at least 2016 to retrieve highly specific information from mobile communication infrastructure, such as subscriber information and call metadata." The gang appears to understand telco operations well enough to surf the carrier-to-carrier links that enable mobile roaming, across borders and between carriers, to spread its payloads. "Whatever the group is called, the pair write that it"employs significant operational security measures, primarily establishing implants across Linux and Solaris servers, with a particular focus on specific telecommunications systems, and only interacting with Windows systems as needed.

Here's a look at the most interesting product releases from the past week, featuring releases from Aqua Security, AT&T, Datto, Huntress and ReliaQuest. ReliaQuest releases two capabilities within its XDR platform to improve security operation efficacies.

Around half of organizations polled for Kroll's The State of Incident Response 2021 report said that their teams lack clarity around when to engage legal counsel about a potential incident. The multi-layered nature of incident response demands input from resources across an organization, particularly legal.

Here's a look at the most interesting product releases from the past week, featuring releases from Abnormal Security, Pradeo, Qualys, Semperis and Swimlane. Pradeo's mobile application security suite extends its coverage with new app shielding service.

On the one hand, security leaders and CISOs must be able to communicate strategies clearly - instructions, incident response plans, and security policies. More so than just talking about the dollar value of a security policy security leaders need to show the importance of processes, tasks, decisions, and how threats and other security risks impact the math.