Security News

Following attribution of the SolarWinds supply chain attack to Russia's APT29, the US CISA infosec agency has published a list of the spies' known tactics - including a penchant for using a naughtily named email provider. APT29* is the Western infosec world's codename for what we now know is the Russian Foreign Intelligence Service, known by its Russian acronym SVR. As well as publishing a list of things US counterintelligence know about their Russian offensive counterparts, CISA has also added some advice on how to avoid these common Russian intelligence compromise tactics.

DataLocker SafeConsole Suites add key endpoint security and enterprise support features. DataLocker announced the release of two new suites, the SafeConsole Professional Suite and the SafeConsole Enterprise Suite.

Positive Technologies has hit back at the US government's "Groundless accusations" that it helped the Russian state carry out cyber attacks against the West - by highlighting how "Government agencies of different countries" use its products. Yesterday the US Treasury declared that Positive was selling weaponised infosec tech to the Russian government and ran recruiting events for state hacking agencies, which some Western news outlets have interpreted as meaning the company's flagship Positive Hack Days events.

The new solution will help increase visibility, enable compliance and enhance security for containerized applications from build to production in public cloud and on-premises environments. nFront Weak Password Scanner helps orgs scan breached passwords.

Elastic announced new updates across the Elastic Security solution in the 7.12 release to accelerate threat hunting and investigation workflows, prevent ransomware, and eliminate blind spots. McAfee unveils MVISION CNAPP, a new security service designed to secure cloud native applications.

So-called cyber-attack insurance "Cannot be a substitute for better basic cybersecurity," the National Cyber Security Centre's chief exec has said in her first major speech since taking office. Lindy Cameron took over from founding CEO Ciaran Martin last summer and on Friday made her first public appearance since taking office.

Magic WAN with Magic Firewall gives customers of all sizes a one-stop-shop to connect and secure data, devices, offices, cloud networks, and more without relying on hardware boxes. Magic WAN is a SaaS solution that connects any traffic source to Cloudflare's global network for secure, fast connectivity, and Magic Firewall integrates with it to enforce security rules across all traffic.

In a change from its recent bombastic blather, the British government has published a new Defence Industrial Strategy that looks like it wants to put the infosec industry on a gold-plated pedestal. "Government also needs to provide complementary support to industry and ensure that the public sector can access the right skills to remain an intelligent customer," said the Defence and Security Industrial Strategy whitepaper published this week.

Akamai MFA provides FIDO2 multi-factor authentication without hardware security keys. Akamai Technologies announced the launch of Akamai MFA, a phish-proof solution designed to enable enterprises to quickly deploy FIDO2 multi-factor authentication without the need to deploy and manage hardware security keys.

A former asylum seeker with a postgraduate degree in cybersecurity who alleged his bosses were spying on him for MI5 has lost his attempt to claim he was racially discriminated against. The anonymous man, who worked for an unnamed company that set up a UK cyber range in mid-2019, told the Employment Tribunal that he had quit after being subjected to racial harassment at work - but judges overruled all of his legal claims.