Security News

The combination of Infoblox contextual data and the ThreatQ threat intelligence platform enables organizations to categorize, manage and respond to threats faster and more effectively. Infoblox DNS can put more than 45 million threat indicators to work in real-time within BloxOne Threat Defense, which provides advanced DNS security as SaaS-based services from the cloud or as a hybrid on-premises/SaaS solution.

New Zscaler threat research reveals the emerging techniques and impacted industries behind a 260-percent spike in attacks using encrypted channels to bypass legacy security controls. Researchers witnessed a 5x increase in ransomware attacks over encrypted traffic beginning in March, when the World Health Organization declared the virus a pandemic.

Threat Stack announced ThreatML, its new machine learning engine that enhances security observability for the Threat Stack Cloud Security Platform, Threat Stack Oversight, and Threat Stack Insight with anomaly detection. The Threat Stack Cloud Security Platform collects, normalizes, and analyzes over 60 billion events per day from customer cloud infrastructure and applications.

Quantum computers also pose a big security problem. That's because quantum computers don't just pose a threat to tomorrow's sensitive information: they'll be able to decrypt data that has been encrypted in the past, that's being encrypted in the present, and that will be encrypted in the future.

McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in Q2 2020. During this period, there was an average of 419 new threats per minute as overall new malware samples grew by 11.5%. A significant proliferation in malicious Donoff Microsoft Office documents attacks propelled new PowerShell malware up 117%, and the global impact of COVID-19 prompted cybercriminals to adjust their cybercrime campaigns to lure victims with pandemic themes and exploit the realities of a workforce working from home.

For attackers, it's almost a no-brainer: phishing is cheap and humans are fallible, even after going through anti-phishing training. That's why defenders must preempt attacks, he says, and reinforce a lesson during a live attack.

ACI Worldwide announced ACI Fraud Management in the cloud enables Indian banks to protect the rapidly growing number of Unified Payments Interface transactions across the region. "A supportive regulatory environment, coupled with ever-increasing smartphone usage, internet access and customer acceptance, has powered rapid UPI transaction growth. However, surging transaction volumes pose a complex challenge to banks and financial institutions when it comes to upgrading and maintaining their back-end risk management systems," said Kaushik Roy, vice president and country leader - South Asia, ACI Worldwide.

A threat actor has been observed targeting Oracle Solaris operating systems for over two years, including with an exploit for a recently addressed zero-day vulnerability, FireEye reported on Monday. In late 2018, the threat actor was observed compromising a Solaris server that had the SSH service exposed to the Internet, to install the SLAPSTICK backdoor on it, in order to steal credentials.

Cybersecurity professionals know there are fundamental gaps in most cyber operations centers, one of which is the overwhelming level of effort required to understand cyber threat information. As a result, cyber analysts are rarely allowed to produce their primary work product: actionable intelligence.

2020 has been a year of incredible uncertainty and upheaval, which for security professionals inevitably means threats have multiplied right across the enterprise. This in no way means the ongoing threat to Industrial Control Systems has diminished.