Security News

Based on over 8 trillion daily security signals and observations from the company's security and threat intelligence experts, the Microsoft Digital Defense Report 2020 draws a distinction between attacks mounted by cybercriminals and those by nation-state attackers. "While credential phishing and BEC continue to be the dominant variations, we also see attacks on a user's identity and credential being attempted via password reuse and password spray attacks using legacy email protocols such as IMAP and SMTP," Microsoft noted.

A threat actor was able to compromise the network of a federal agency and create a reverse proxy and install malware, the Cybersecurity and Infrastructure Security Agency reported on Thursday. Following initial access, the threat actor started gathering information of interest from email accounts, enumerated the Active Directory and Group Policy key, modified a registry key for the Group Policy, and enumerated compromised systems.

Microsoft Defender Application Guard, brings hypervisor-based isolation to Microsoft Edge and Microsoft Office applications. While Application Guard works well with Edge and Office, it doesn't support other applications.

CrowdStrike announced it has agreed to acquire Preempt Security, provider of zero trust and conditional access technology for real-time access control and threat prevention. Together, CrowdStrike and Preempt will provide a modern zero trust security architecture and threat protection to keep organizations' users, endpoints, and data safe from modern attacks, without compromising productivity or the user experience.

Google this week announced the availability of Chronicle Detect, a threat detection solution for enterprises from Google Cloud. The tool is meant to help organizations depart from legacy security tools and adopt a modern threat detection system, Google says.

Threat Stack announced it has hired Peter Basile as VP of Marketing and Kathleen DeShields as VP of HR. These new hires join Threat Stack during a time of rapid growth with increasing customer bookings and average deal sizes enabling the company to exceed its 2020 growth plan despite the global economic impact of COVID-19. Peter Basile joins Threat Stack as the Vice President of Marketing with a focus on accelerating the company's growth trajectory.

One stressor for IT and security workers around the world has been the abrupt and unexpected transition to a remote workforce. SEE: How to work from home: IT pro's guidebook to telecommuting and remote work.

E-commerce platform provider Shopify on Tuesday said two members of its support staff were caught accessing customer information without authorization. According to Shopify, the two employees used their permissions to access customer transactional records from some merchants.

Microsoft announced on Tuesday at its Ignite 2020 conference that it has extended its threat protection portfolio and it has unified some of its cybersecurity solutions. Microsoft Defender includes Microsoft 365 Defender, formerly Microsoft Threat Protection, and Azure Defender, which includes the cloud workload protections in the Azure Security Center.

Cisco flagged threats like Kovter, Poweliks, Divergent and LemonDuck as the most common fileless malware. Another prevalent critical threat to endpoints in the first half was dual-use tools that are typically leveraged for both exploitation and post-exploitation tasks.