Security News

A threat actor believed to be tied to the Lebanese government has compromised hundreds of servers pertaining to organizations worldwide, while maintaining a low profile, threat intelligence firm ClearSky reveals. Referred to as Lebanese Cedar or Volatile Cedar, the advanced persistent threat group has been active since 2012, but operated under the radar since 2015, after its activity was detailed by cybersecurity companies.

Port53 Technologies announced the launch of a platform that will empower cybersecurity professionals to shape their organizations' threat postures at will. The online store, featuring solutions from Port53 partners Cisco and OneLogin, aims to further Port53's commitment to empowering small and mid-sized enterprises to secure their digital estates against an ever-burgeoning threat landscape.

McAfee announced the general availability of MVISION Extended Detection and Response with inclusion of cloud, and network telemetry, unifying and optimizing threat detection and response beyond endpoints to allow for faster, more proactive investigation cycles, easier, automated response and continued modernization of today's security operations centers. According to Enterprise Strategy Group research, more than 80 percent of organizations are planning increased investment in threat detection and response solutions, affirming the heightened need to safeguard against today's crowded threat landscape.

Deloitte announced its acquisition of substantially all the assets of Root9B. The deal will bolster Deloitte's existing Detect and Respond cyber client offering with R9B's deeply experienced cyber operations professionals and its award-winning threat-hunting and risk assessment solutions. "Commercial and government entities contend with cyber adversaries who use incredibly sophisticated technology to penetrate legacy defenses and take advantage of expanding attack surfaces," said Deborah Golden, Deloitte Risk & Financial Advisory Cyber and Strategic Risk leader and principal, Deloitte.

Having an AI tool to help can ease the burden on cybersecurity teams, which are struggling to keep up with constant and more serious threats.

Netscout so far has identified more than 14,000 "Abusable" Windows RDP servers that can be misused by attackers in DDoS attacks-troubling news at a time when this type of attack is on the rise due to the increased volume of people online during the ongoing coronavirus pandemic. What's more, while initially only advanced attackers with access to "Bespoke DDoS attack infrastructure" used this method of amplification, researchers also observed RDP servers being abused in DDoS-for-hire services by so-called "Booters," they said.

The constantly evolving healthcare environment has placed immense financial strain on hospitals and increased pressure on healthcare staff, which has been made worse by the influx of possible security threats. The U.S. Cybersecurity and Infrastructure Security Agency has recently released an alert highlighting imminent cybercrime threats to U.S. hospitals and healthcare providers.

BitDam announced that it is enhancing its offering for MSPs by adding a unique MSP console to its Advanced Threat Protection solution. The new BitDam MSP console's centralized dashboard view allows MSPs to view and manage all customers at one time and on one screen.

Be we have to balance this and also not turn remote work into a world where everyone must be available 24/7. People still need to be able to shut off work as well. What we lost in the ability to meet directly with people can be a benefit in a remote world where managers and leaders - who are often the stakeholders the intelligence team needs to talk to - are able to be more efficient.

The collaboration will allow the integration of Tanium's behavior-based detection offering, Tanium Signals, with OpenCTI, helping organizations to store, organize and visualise intelligence information in real-time. Organizations will be able to feed the Tanium platform with the latest and relevant intelligence data provided by OpenCTI, providing them with the ability to aggregate several sources of threat intelligence.