Security News

Recognizing the importance of SaaS security, Gartner named a new category, SaaS Security Posture Management, to distinguish solutions that have the capabilities to offer a continuous assessment of security risks arising from a SaaS application's deployment. The results of the 2021 SaaS Security Survey Report present a picture of widespread SaaS application security concerns as well as uncovers less-than-best practices organizations are turning to de facto, while trying to manage the overwhelming amount of SaaS security configurations.

Investment banking firm Morgan Stanley has reported a data breach after attackers stole personal information belonging to its customers by hacking into the Accellion FTA server of a third-party vendor. Guidehouse, a third-party vendor that provides account maintenance services to Morgan Stanley's StockPlan Connect business, notified the investment banking company in May 2021 that attackers hacked its Accellion FTA server to steal information belonging to Morgan Stanley stock plan participants.

Palo Alto Networks' global threat intelligence team, Unit 42, has detailed the tactics ransomware group REvil has employed to great impact so far this year - along with an estimation of the multimillion-dollar payouts it's receiving. REvil threat actors often encrypted the environment within seven days of the initial compromise.

Arthur J. Gallagher, a US-based global insurance brokerage and risk management firm, is mailing breach notification letters to potentially impacted individuals following a ransomware attack that hit its systems in late September. "Working with the cybersecurity and forensic specialists to determine what may have happened and what information may have been affected, we determined that an unknown party accessed or acquired data contained within certain segments of our network between June 3, 2020 and September 26, 2020," AJG said.

Trend Micro on Wednesday released a new report describing the threats affecting industrial control system endpoints in 2020. The highest number of organizations that had their industrial systems hit by ransomware was seen by the cybersecurity firm in the United States, far more than in any other country.

Governments worldwide are too often playing catch-up against private cyberspace operators in what is poised to become a key arena for defending national interests, the International Institute for Strategic Studies said Tuesday. While the US remains the dominant cyberspace power, China is rapidly gaining ground and could soon be a major rival in both the civil and military spheres, the Britain-based research group said after a two-year study.

A report looking into the security of the Linux kernel's release signing process has highlighted a range of areas for improvement, from failing to mandate the use of hardware security keys for authentication to use of static keys for SSH access. The most severe issue noted, though only rated as a medium on a scale from informational at the bottom to high at the top, was that developers who are able to commit code directly to the Linux kernel repositories were not mandated to use hardware security keys - making any breach of their personal systems, as in the 2011 attack, considerably more serious.

Most developers never update third-party libraries after including them in their software, a new report from application security company Veracode reveals. Compiled in partnership with the Cyentia Institute, Veracode's latest State of Software Security report focuses on open source software and the manner in which developers approach the security of third-party libraries they use.

The Water Sector Coordinating Council last week announced a new cybersecurity report focusing on water and wastewater utilities in the United States. The release of the report coincided with news that a threat actor in January attempted to poison the water at a facility in the U.S. The Water Sector Coordinating Council describes itself as "a policy, strategy and coordination mechanism for the Water and Wastewater Sector in interactions with the government and other sectors on critical infrastructure security and resilience issues."

HackerOne announced a new workflow automation integration with GitHub that enables the tracking and synchronization of high-priority vulnerability reports between HackerOne and GitHub. HackerOne is making its debut on GitHub's Marketplace.