Security News

With a focus on the security of web app firewalls, pen tests target application programming interfaces, servers and any leaky point of entry. Security firm Pentera's second annual report on pen testing deployment in the U.S. and Europe found that 92% of organizations are lifting their overall IT security budgets.

SaaS-to-SaaS app installations are growing nonstop at organizations around the world. Third-party app connections typically take place outside the view of the security team, are not vetted to understand the level of risk they pose.

Relief may not come soon, if research firm Gartner's predictions hold true that fully a quarter of security leaders will depart the cybersecurity field entirely by 2025 due to work pressures. In a new report, the firm predicts that nearly half of cybersecurity leaders will change jobs, and that by 2025, lack of talent or human failure will be responsible for over half of significant cyber incidents.

The healthcare provider giant said on Monday that Fortra issued an alert saying that it had "Experienced a security incident" leading to some CHS data being compromised. A subsequent investigation revealed that the resulting data breach affected the personal and health information of up to 1 million patients.

The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. The use of SDelete is notable, as it suggests that Sandworm has been experimenting with the utility as a wiper in at least two different instances to cause irrevocable damage to the targeted organizations in Ukraine.

Over several weeks in October of 2022, Specops collected 4.6 million attempted passwords on their honeypot system. Though the examples given here focused on RDP connections, a honeypot is not limited to that type of connection, and any remote access system is subject to attacks, like SSH. What should an organization do to minimize the potential damage?

In December 2022, security company Mandiant, now a Google Cloud company, identified a FortiOS malware written in C that exploited the CVE-2022-42475 FortiOS vulnerability. The Linux version of the malware, when executed, performs a system survey and enables communications with a hardcoded command-and-control server.

Anti-analysis techniques are deployed by malware to evade analysis or render the file analysis much more complex and difficult for researchers and malware sandboxes. File enumeration is a critical operation for ransomware operators.

For the past 17 years the World Economic Forum's Global Risks Report has warned about deeply interconnected global risks. The window for action on the most serious long-term threats is closing rapidly and concerted, collective action is needed before risks reach a tipping point.

American fast-food restaurant chain Chick-fil-A is investigating what it described as "Suspicious activity" linked to some of its customers' accounts. A support page on Chick-fil-A's One Membership Program customer support website provides potentially affected clients with details on what to do if they notice unusual activity on their accounts, if they see any mobile orders placed without their approval, or if they're loyalty points were used to redeem or gift rewards fraudulently.