Security News

A threat actor tracked as Shatak recently partnered with the ITG23 gang to deploy Conti ransomware on targeted systems. The Shatak operation partners with other malware developers to create phishing campaigns that download and infect victims with malware.

Security teams doing reactive security tasks instead of being proactive. While security teams aspire to do more proactive and risk-driven operations, like risk management, incident analysis, threat modeling, they spend most of their time doing foundational and reactive security tasks, like updating patches, researching and analyzing critical incidents and removing false positives.

There's a widespread misconception that small IT security teams, or "Lean sec teams", cannot protect their organizations as comprehensively as bigger security teams who enjoy rich portfolios of countless security layers, vendors, and tools. How do CISOs and leaders of lean security teams at small- and mid-sized organizations get by when they face the same threats as major corporations but have only a fraction of the cybersecurity resources at hand?

One of the side effects of today's cyber security landscape is the overwhelming volume of data security teams must aggregate and parse. Lean security teams don't have it any easier, and the problem is compounded if they must do it manually.

Microsoft has finally kicked off the rollout of end-to-end-encryption in its Teams collaboration platform with a public preview of E2EE for one-to-one calls. The company made the promise of E2EE for some one-to-one Teams calls at its virtual Ignite shindig in March this year and as 2021 nears its end appears to have delivered, in preview form at least.

Microsoft has announced the public preview roll-out of end-to-end encryption support for one-to-one Microsoft Teams calls.Starting today, Microsoft Teams is getting end-to-end encryption for 1:1 calls which encrypts the real-time media flow so that private one-to-one discussions remain entirely private, with no way for intermediate nodes or parties to decrypt them.

Businesses planning to look at remote work as a long-term strategy should take the time to reassess any "Band-aid" security solutions that may have been applied at the beginning of the pandemic and look at ways that security can be prioritized permanently. It's very important for remote workplaces to ensure that they're regularly backing up company data to the cloud.

published a research study that highlights the unique challenges diverse cybersecurity professionals around the world face and provides recommendations to create positive change. The focus group research included diverse professionals from nine countries across the globe and asked how Diversity, Equity and Inclusion is defined in different regions, why creating DEI programs that work is so difficult, the types of work-related challenges diverse professionals face, and what strategies they believe are successful when building diverse cultures.

A new guide from XDR and SSPM provider Cynet, titled The Guide for Reducing SaaS Applications Risk for Lean IT Security Teams, breaks down exactly why SaaS ecosystems are so risky, and how security teams can mitigate those dangers. The risk of a digital disaster is impossible to ignore - especially given the security paradigms that govern most SaaS applications.

In this interview with Help Net Security, Zack Hutto, Director of Advisory Services at Gartner's Legal and Compliance Practice, talks about the challenges legal and compliance teams are facing and the technologies that can help them. As digital transformation initiatives continue - or accelerate due to the pandemic - and many companies consider strategic pivots, legal and compliance teams face both new risks and shifting risk tolerances, forcing teams to adapt their advice and support to their respective organizations.