Security News

SophosLabs has just published a new report on a ransomware strain known as ProLock, which is interesting not so much for its implementation as for its evolution. Most ransomware scrambles the whole file, so monitoring access to the start of each file is an efficient way of spotting some, but not all, unauthorised changes.

McAfee introduced MITRE ATT&CK into McAfee MVISION Cloud, the company's Cloud Access Security Broker, delivering a precise method to hunt, detect and stop cyberattacks on cloud services. This new integration gives SecOps teams a direct source of cloud vulnerabilities and threats mapped to the tactics and techniques of ATT&CK. McAfee is the first CASB provider to tag and visualize cloud security events within an ATT&CK. "Many SecOps teams leverage repeatable processes and frameworks such as ATT&CK to mitigate risk and respond to threats to their endpoints and networks, but so far cloud threats and vulnerabilities have presented an unfamiliar paradigm," said Rajiv Gupta, senior vice president and general manager of Cloud Security, McAfee.

Isolation technology allows companies to keep employee browsers siloed in the cloud. To deal with this deluge of new threats, dozens of the world's biggest organizations are turning to isolation technologies and techniques to protect employees from the kind of common mistakes cybercriminals are increasingly taking advantage of.

A new study incorporates analysis of anonymized data from more than 5 million unmanaged, IoT, and IoMT devices in Ordr customer deployments across a variety of verticals including healthcare, life sciences, retail and manufacturing, between June 2019 and June 2020. "In some of my recent research around enterprise IoT security I've found that more than 51 percent of IT teams are unaware of what types of devices are touching their network," said Zeus Kerravala, Principal Analyst, ZK Research.

While there was no way to fully anticipate the impact to our organizations and be prepared from day-one with a detailed plan, there is a lot we can learn to strengthen our resilience to emerging threats. Phil now leads the group's Cybersecurity Services business which includes Managed Security Services, Security Consulting and Professional Services, and Integrated Security Services.

LogRhythm announced the launch of version 7.5 of the LogRhythm NextGen SIEM Platform, as well as the inaugural release of its Open Collector technology. LogRhythm 7.5 provides enhanced analyst workflow experiences and visibility, while Open Collector simplifies the process of onboarding cloud data sources for more holistic monitoring.

BitDam announced the availability of its Advanced Threat Protection in the Microsoft Azure Marketplace, an online store providing applications and services for use on Azure. "We're so pleased to be available in the Microsoft Azure Marketplace to enable end users to open their email with peace of mind."

In a new report released on Wednesday, enterprise security provider Balbix looks at the top threats cited in a survey of security professionals. For many organizations, limited visibility into their security holes and an inability to prioritize security issues are creating greater risk.

McAfee Labs saw an average of 375 new threats per minute and a surge of cybercriminals exploiting the pandemic through COVID-19-themed malicious apps, phishing campaigns, malware, and more during the first quarter of 2020, the cybersecurity company is reporting. Disclosed incidents targeting the public sector, individuals, education and manufacturing increased; nearly 47% of all publicly disclosed security incidents took place in the United States, according to the McAfee COVID-19 Threat Report: July 2020.

A Chinese threat actor was observed earlier this month targeting victims in India and Hong Kong with a new variant of the MgBot malware, Malwarebytes reports. The next day, the template would drop the MgBot loader, and Malwarebytes' security researchers observed it leveraging the Application Management service in Windows for the execution and injection of the final payload. Several days later, the same payload was being delivered via an archive containing a document featuring a statement that British Prime Minister Boris Johnson made about Hong Kong.