Security News

In a paper recently published through the Journal of Cybersecurity, Cornell University assistant professor Karen Levy and security veteran Bruce Schneier argue that intimate relationships open the door to a set of privacy and security risks that haven't been anticipated or adequately addressed by the public, the technical community, and policymakers. "We describe privacy threats that arise in our intimate relationships: families, romances, friendships," said Levy.

Kaspersky this week released a threat intelligence solution designed to help with the attribution of malware samples to known advanced persistent threat groups. The new Kaspersky Threat Attribution Engine, a commercial product available globally, uses a proprietary method to match malicious code against a malware database and link it to APT groups or campaigns based on code similarities.

UK-based infosec outfit Keepnet Labs left an 867GB database of previously compromised website login details accessible to world+dog earlier this year - then sent lawyers' letters to bloggers in a bid to erase their reports of its blunder. As reported by news website Verdict, Keepnet was stung by Diachenko's initial post about the gaffe, which Keepnet interpreted as the blogger blaming the business for leaking its own customers' data - none of its own clients' data was exposed, but rather info from previous publicly known database exposures.

I just published a new paper with Karen Levy of Cornell: "Privacy Threats in Intimate Relationships." Abstract: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships.

The many benefits that APIs bring to the software and application development communities - namely, that they are well documented, publicly available, standard, ubiquitous, efficient, and easy to use - are now being leveraged by bad actors to execute high profile attacks against public-facing applications. The security conundrum for APIs is that whereas most practitioners would recommend design decisions that make resources more hidden and less available, successful deployment of APIs demands willingness to focus on making resources open and available.

Druva announced the launch of an API integration with FireEye extending visibility and control over endpoint backup data to monitor, analyze, detect and respond to data breaches from ransomware, data theft, and insider attacks. Joint customers of Druva and the FireEye Helix platform can now dramatically reduce incident response times, minimize downtime, and accelerate recovery from protected backup data.

Cyemptive Technologies, a provider of preemptive cybersecurity products and technology and winner of the Department of Homeland Security's national competition for most innovative border security-related solution in the market, unveiled Version 2 of Cyemptive Enterprise Scanner. It is a substantial improvement to the world's first scanning technology that preemptively scans for infected files such as ransomware, malware, and other cyberthreats before they infect a system, as compared to other existing scanning technology that detects files only after the infection has commenced.

By Light Professional IT Services and the intelligence-led security company, FireEye announced the integration of Mandiant Threat Intelligence within By Light's Cyberoperations Enhanced Network and Training Simulators. As today's cyberspace landscape features an increasing number of well-funded, highly organized, and complex adversaries, the use of real-world threat intelligence in training and exercises has become crucial to defending effectively against cyberspace attacks.

Application threats and security trends you need to know aboutApplications are a gateway to valuable data, so it's no wonder they are one of attackers' preferred targets. C-suite execs often pressure IT teams to make security exceptions for themThe C-suite is the most likely group within an organization to ask for relaxed mobile security protocols - despite also being highly targeted by malicious cyberattacks, according to MobileIron.

Sixgill announced that users of Splunk, the Data-for-Everything platform, will have access to Sixgill's Darkfeed, the company's automated stream of indicators of compromise. By leveraging Darkfeed in Splunk's analytics-driven SIEM, enterprises gain contextual and actionable insights in real-time to enhance security and proactively protect against threats.