Security News

This makes sense when you consider that more meetings require passwords or passcodes, to avoid these sorts of hijackings, thus making rogue participants, particularly in a classroom setting, a more common threat. "Our findings indicate that the vast majority of calls for zoombombing are not made by attackers stumbling upon meeting invitations or bruteforcing their meeting ID, but rather by insiders who have legitimate access to these meetings, particularly students in high school and college classes," the researchers said.

These three components together provide what Cynet calls Autonomous Breach Protection - essentially breach protection on auto-pilot. Response Automation Cynet automates many tasks associated with threat detection response and cross-environment remediation, including infected hosts, compromised user accounts, malicious processes, and attacker-controlled network traffic.

Insider threats can take many forms, from the absent-minded employee failing to follow basic security protocols, to the malicious insider, intentionally seeking to harm your organization. Insider threats can be loosely split into two categories - negligent and malicious.

Mobile rootkits, virtual home invasions of well-known public figures and Bluetooth Low Energy attacks are among the other attack types to prepare for in the next year. These new methods, in tandem with a surge in counter IR, destructive attacks, lateral movement and island hopping, make for a perilous threat landscape.

Scripts can also be used for malicious purposes, and malicious scripts are unlikely to be detected or blocked by the average antimalware solution. While Emotet is one example of threat that uses scripts as part of its evasive strategy, there are many other types of script-based evasion techniques organizations need to be aware of to keep their systems secure.

iProov has launched the world's first system of global threat intelligence for biometric assurance. iSOC's threat intelligence provides forewarning of major new attacks and enables iProov to prepare and defend against them.

Netskope announced the Cloud Threat Exchange, one of the industry's first cloud-based solutions for the ingestion, curation, and real-time sharing of threat intelligence across enterprise security enforcement points. Any certified, partner, vendor, or customer may use Cloud Threat Exchange to automate the delivery and distribution of high-value, actionable threat intelligence, thus reducing the time to protection and eliminating gaps in coverage.

A previously undocumented malware family called KryptoCibule is mounting a three-pronged cryptocurrency-related attack, while also deploying remote-access trojan functionality to establish backdoors to its victims. Looking at timestamps in the various versions of KryptoCibule that ESET has identified, the malware dates from December 2018, researchers said.

As organizations try to defend themselves against external threats, they need to remember that insider threats can also cause harm. A report released Wednesday by security provider Bitglass shines a light on the ramifications of insider threats and offers advice on how to use the right security features to combat them.

Some intelligence services focus their efforts on identifying threat actor groups and attack methods, informing their customers whether they are targeted or not. Some terms are beginning to emerge to better define intelligence offerings, with the most prominent one being Digital Risk Protection, or DPO. While it is used by many vendors to describe services designed to identify external threats, it does often time seem to include the traditional "Threat intelligence" as part of the vendor's offering, such as malware IOCs, blurring the lines between the two terms.