Security News
92 percent of organizations admit that they face a cloud security readiness gap. IoT in all its flavors exposes companies and consumers alike to a wide range of security threats.
Russian interference has been minimal so far in the most tempestuous U.S. presidential election in decades. Election officials fear a "Blend" of overlapping attacks intended to undermine voter confidence and incite political violence: taking over state or local government websites to spread misinformation, crippling election results-reporting websites with denial-of-service attacks, hijacking officials' social media accounts and making false claims about rigged voting.
McAfee announced extended detection and response capabilities with the introduction of MVISION XDR platform, a cloud-based advanced threat management solution with complete coverage across the attack lifecycle, prioritization to protect what matters, easy orchestration and efficient response. MVISION XDR improves security operations centers effectiveness with quick risk mitigation and delivers total cost of ownership for threat response with the inclusion of MVISION Insight's proactive threat analytics.
Exabeam announced a major enhancement to the Exabeam Security Management Platform, enabling organizations to detect improper access of cloud storage objects and defend against threats to cloud-based data, such as attackers exfiltrating sensitive data or hosting malicious files. By ingesting audit data from Amazon Simple Storage Services, Microsoft Azure Blobs and Google Cloud Platform Cloud Storage buckets, Exabeam can distinguish malicious activity from normal behavior and allow security analysts to easily identify and follow attacks on cloud storage objects before they lead to a security breach.
Threat attackers continue to exploit the Microsoft Zerologon vulnerability, a situation that's been a persistent worry to both the company and the U.S. government over the last few months. Despite patching awareness efforts, Microsoft said it is still receiving "a small number of reports from customers and others" about active exploits of the bug tracked as CVE-2020-1472, or Zerologon, according to a blog post by Aanchal Gupta, vice president of engineering for MSRC, on Thursday.
Zentera Systems announced a family of Micro-Segmentation Gatekeeper appliances for its flagship CoIP Access Platform product. Available in options supporting up to 64 Gigabit Ethernet ports, the new MSG enables enterprises to transparently insert micro-segmentation and Zero Trust Network Access security to protect existing IT applications, OT, and IoT devices.
The FBI warns of a threat against the healthcare sector from Ryuk ransomware, and one that's already affected some hospitals. The healthcare industry continues to be a prime target for ransomware, so much so that the FBI and two other government agencies are now warning this sector of impending attacks using the infamous Ryuk ransomware.
An alert released by the United States this week provides information on Kimsuky, a threat actor focused on gathering intelligence on behalf of the North Korean government. The malicious cyber activity associated with the North Korean government is typically referred to as HIDDEN COBRA by the United States.
Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an "Imminent cybercrime threat to U.S. hospitals and healthcare providers." The agencies on the conference call, which included the U.S. Department of Health and Human Services, warned participants about "Credible information of an increased and imminent cybercrime threat to US hospitals and healthcare providers."
Mike Wiacek, founder of Google's Threat Analysis Group and co-founder / former Chief Security Officer of Alphabet moonshot Chronicle, leads the company as its CEO and founder. Stairwell wants to provide security teams with accessible, user-centric tools that help them understand the pivotal relationships between their external and internal data sources.