Security News

McAfee Labs saw an average of 375 new threats per minute and a surge of cybercriminals exploiting the pandemic through COVID-19-themed malicious apps, phishing campaigns, malware, and more during the first quarter of 2020, the cybersecurity company is reporting. Disclosed incidents targeting the public sector, individuals, education and manufacturing increased; nearly 47% of all publicly disclosed security incidents took place in the United States, according to the McAfee COVID-19 Threat Report: July 2020.

A Chinese threat actor was observed earlier this month targeting victims in India and Hong Kong with a new variant of the MgBot malware, Malwarebytes reports. The next day, the template would drop the MgBot loader, and Malwarebytes' security researchers observed it leveraging the Application Management service in Windows for the execution and injection of the final payload. Several days later, the same payload was being delivered via an archive containing a document featuring a statement that British Prime Minister Boris Johnson made about Hong Kong.

BMC announced new capabilities for the BMC AMI Security solution to automatically protect, detect, and respond to threats on the mainframe. BMC AMI Security shares mainframe security events with enterprise security information and event management systems in real-time, providing actionable insights for incident responders.

A report released Thursday by security service Exabeam contends that cyberthreats and financial risks have increased as the pandemic spread during the first half of 2020. For "The Exabeam 2020 State of the SOC Report," Exabeam commissioned Censuswide to survey more than 1,000 IT security professionals at small and midsized companies in the US and UK. Among all the respondents, 80% said they experienced "Slightly to considerably more" cyberattack attempts in the first half of the year, breaking down to 88% in the US and 74% in the UK. A third of those surveyed were hit by a successful cyberattack during this period, triggering network downtime for 38% in the US and 40% in the UK. The pandemic has taken a financial toll as well, affecting security budgets and employees.

A well-known private hacking forum has recently become more inclusive, introducing a new platform to help newbie threat actors flourish and hone their expertise, research has found. "Historically, the only times we have seen exclusive forums lower the parameters for entry are when they have allowed members willing to pay a set fee in order to bypass the application process. The payment enabled the forum to gain more members but was also financially beneficial to the forum. In CryptBB's case, they are using a dedicated subforum to share knowledge and help others for free. They might be doing this for site-traffic metrics, but the intent behind the scheme seems innocent enough and the forum likely feels it is a way to give back and help others to increase their skills/knowledge."

A growing number of countries are recognizing the threat to data privacy from using mobile technology from the Chinese giant Huawei, and are likely to shun the company when building out their 5G networks, the top US security advisor said Wednesday. "Each country is going to make their decisions for their own country, but I think there's a growing recognition everywhere that Huawei is a problem," National Security Advisor Robert O'Brien told journalists in Paris.

"It's essential to comprehensively monitor an organization's critical systems, regardless of the size of the business," said Rob Scott, president and CEO at Cygilant. "Risks are constantly increasing - while financial and staffing resources are decreasing. This is why a solution that teams LogPoint and Cygilant can make a difference."

The way forward is a system that can monitor data in real time and even predict threats before they happen, according to Gurucul CEO Saryu Nayyar and COO Craig Cooper, who both recently participated in a Threatpost editorial webinar devoted to how businesses can protect against insider threats. Cooper offers a raft of independent survey data on business attitudes on insider threats as well as attack data; and follows with insights into best practices for addressing the risk, including examples of how one hospital group in Minneapolis, Minn. was able to come up with a game plan to secure Tom Brady's medical records from the tabloids during the ramp-up to the 2018 Super Bowl.

In May 2019, Flashpoint CEO Josh Lefkowitz shared in SecurityWeek tips for evaluating threat intelligence vendors that cover the deep and dark web. I wanted to look at the entire threat intelligence space and provide some thoughts on how to evaluate the best vendors for you.

The advantages of having decent threat intelligence in place are many and various, as the threat landscape continues to widen year-on-year. The problem, as with any complex big-data project, is cutting through the inevitable data deluge to correctly identify the bits you need - the people, places, technology, and other moving parts to build the picture.