Security News

Threat Stack announced ThreatML, its new machine learning engine that enhances security observability for the Threat Stack Cloud Security Platform, Threat Stack Oversight, and Threat Stack Insight with anomaly detection. The Threat Stack Cloud Security Platform collects, normalizes, and analyzes over 60 billion events per day from customer cloud infrastructure and applications.

Quantum computers also pose a big security problem. That's because quantum computers don't just pose a threat to tomorrow's sensitive information: they'll be able to decrypt data that has been encrypted in the past, that's being encrypted in the present, and that will be encrypted in the future.

McAfee released a report examining cybercriminal activity related to malware and the evolution of cyber threats in Q2 2020. During this period, there was an average of 419 new threats per minute as overall new malware samples grew by 11.5%. A significant proliferation in malicious Donoff Microsoft Office documents attacks propelled new PowerShell malware up 117%, and the global impact of COVID-19 prompted cybercriminals to adjust their cybercrime campaigns to lure victims with pandemic themes and exploit the realities of a workforce working from home.

For attackers, it's almost a no-brainer: phishing is cheap and humans are fallible, even after going through anti-phishing training. That's why defenders must preempt attacks, he says, and reinforce a lesson during a live attack.

ACI Worldwide announced ACI Fraud Management in the cloud enables Indian banks to protect the rapidly growing number of Unified Payments Interface transactions across the region. "A supportive regulatory environment, coupled with ever-increasing smartphone usage, internet access and customer acceptance, has powered rapid UPI transaction growth. However, surging transaction volumes pose a complex challenge to banks and financial institutions when it comes to upgrading and maintaining their back-end risk management systems," said Kaushik Roy, vice president and country leader - South Asia, ACI Worldwide.

A threat actor has been observed targeting Oracle Solaris operating systems for over two years, including with an exploit for a recently addressed zero-day vulnerability, FireEye reported on Monday. In late 2018, the threat actor was observed compromising a Solaris server that had the SSH service exposed to the Internet, to install the SLAPSTICK backdoor on it, in order to steal credentials.

Cybersecurity professionals know there are fundamental gaps in most cyber operations centers, one of which is the overwhelming level of effort required to understand cyber threat information. As a result, cyber analysts are rarely allowed to produce their primary work product: actionable intelligence.

2020 has been a year of incredible uncertainty and upheaval, which for security professionals inevitably means threats have multiplied right across the enterprise. This in no way means the ongoing threat to Industrial Control Systems has diminished.

92 percent of organizations admit that they face a cloud security readiness gap. IoT in all its flavors exposes companies and consumers alike to a wide range of security threats.

Russian interference has been minimal so far in the most tempestuous U.S. presidential election in decades. Election officials fear a "Blend" of overlapping attacks intended to undermine voter confidence and incite political violence: taking over state or local government websites to spread misinformation, crippling election results-reporting websites with denial-of-service attacks, hijacking officials' social media accounts and making false claims about rigged voting.