Security News

Everyone is having trouble keeping cloud deployments secure, according to a new report from Oracle and KPMG. The "Threat Report 2020: Addressing Security Configurations Amidst a State of Constant Change" found that 92% of IT professionals do not think their organization is well prepared to secure public cloud services. Misconfigured cloud services are prevalent, problematic, and the top cloud security priority.

A report released Wednesday by Nuspire describes some of the latest malware threats and offers tips on how to defend against them. For the first quarter, Nuspire detected more than 2.4 million pieces of malware with more than 1,200 unique variants.

"Technology adoption has skyrocketed in virtually every segment of our agriculture sector including food production, processing, and distribution," comments Parham Eftekhari, founder and chairman of the Institute for Critical Infrastructure Technology, "And experts predict this trend to continue with robotics and self-driving freight carriers paving the way for an autonomous future. This creates significant opportunity for disruption to our supply chain and food safety concerns." He continued, "Today, we are already hearing stories of processing plants shutting down and the potential of food shortages. What if manufacturing and storage facilities of perishable food products have their cooling systems hacked during a time of a national food shortage? It would only take a handful of high-profile attacks to create panic among citizens that could lead to a rush on grocery stores and threaten an already fragile food supply."

These new capabilities enable network teams to better integrate cloud resources in Amazon Web Services with on-premises networks, protect themselves from advanced cyber threats, and reduce the risk of network outages. Because the new universal work from home reality has introduced new risks to enterprise networks, BlueCat also introduced several security improvements to BlueCat Threat Protection, its DNS firewall solution.

Recorded Future this week announced the availability of Express, a free web browser extension designed to help security teams prioritize vulnerability patching and alerts from security information and event management tools. The extension is currently available for Chrome and Firefox, and once it's installed an icon with the Recorded Future logo will be added to the browser's toolbar.

Agari, the market share leader in phishing defense solutions for the enterprise, unveiled Agari Active Defense with a new service that delivers actionable threat intelligence driven through active engagement with Business Email Compromise threat actors. Agari Active Defense - BEC Threat Intelligence Service is the only commercial offering on the market that delivers real-world cyber intelligence harvested from direct active engagements with email fraudsters attacking and scamming organizations.

King & Union launched a suite of new service offerings to augment its Avalon Cyber Analysis Platform and help customers address the human aspect of threat intelligence operations, bridging common gaps that many security teams face. "With the introduction of new services, King & Union is recognizing the critical human component of efficient threat intelligence operations. Threat intelligence analysts are hard to find and even harder to keep."

Information security professionals are facing increasingly complex threats—some new, others familiar but evolving.

The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User "Shade-team" posted four files on the code repository earlier this week, one containing the file keys and four "ReadMe" files with decryption instructions and other information.

Sixgill, a leading cyber threat intelligence company, announced that as part of its partnership with Anomali, its new Darkfeed automated threat intelligence is available in the Anomali Preferred Partner Store. With access to this new intelligence stream, joint customers can integrate a real-time, automated feed of deep and dark web indicators into their existing security infrastructure and operations via Anomali ThreatStream.