Security News

As more organizations implement successful threat hunting operations, a SANS Institute survey finds that they are facing common challenges with employing skilled staff and collecting quality threat intelligence. With the concept of threat hunting being relatively new for many organizations only 29% of respondents consider themselves mature or very mature in their threat hunting, with nearly 68% self-identifying their threat hunting as immature or still maturing.

Despite efforts by organizations to layer up their cyber defenses, the threat landscape is changing, attackers are innovating and automating their attacks, NTT reveals. The attack data indicates that 55% of all attacks in 2019 were a combination of web-application and application-specific attacks, up from 32% the year before, while 20% of attacks targeted CMS suites and more than 28% targeted technologies that support websites.

Outside hackers were to blame for most data thefts last year, while in-house drama contributed to only a fifth of total computer security incidents, Verizon reckons. In its 13th Data Breach Investigations Report, which probed some 4,000 intrusions and network breaches in 2019, Verizon found that the online world is still a fairly bad place if you're not tooled up enough to defend yourself and your customers from external miscreants hoping to make bank.

Outside hackers were to blame for most data thefts last year, while in-house drama contributed to only a fifth of total computer security incidents, Verizon reckons. In its 13th Data Breach Investigations Report, which probed some 4,000 intrusions and network breaches in 2019, Verizon found that the online world is still a fairly bad place if you're not tooled up enough to defend yourself and your customers from external miscreants hoping to make bank.

One solution to risks associated with shadow IT is to have workers only use cloud apps that have been vetted and approved by your IT department. There is a vast discrepancy in the intended block rate and the actual block rate, which Skyhigh Networks calls the "Cloud enforcement gap" and represents shadow IT acquisition and usage.

Microsoft this week announced that it has made some of its COVID-19 threat intelligence available to the public. The number of attacks targeting organizations and individuals worldwide using coronavirus lures has increased dramatically over the past several months, and Microsoft says it wants to help even those who do not use its threat protection solutions.

Everyone is having trouble keeping cloud deployments secure, according to a new report from Oracle and KPMG. The "Threat Report 2020: Addressing Security Configurations Amidst a State of Constant Change" found that 92% of IT professionals do not think their organization is well prepared to secure public cloud services. Misconfigured cloud services are prevalent, problematic, and the top cloud security priority.

A report released Wednesday by Nuspire describes some of the latest malware threats and offers tips on how to defend against them. For the first quarter, Nuspire detected more than 2.4 million pieces of malware with more than 1,200 unique variants.

"Technology adoption has skyrocketed in virtually every segment of our agriculture sector including food production, processing, and distribution," comments Parham Eftekhari, founder and chairman of the Institute for Critical Infrastructure Technology, "And experts predict this trend to continue with robotics and self-driving freight carriers paving the way for an autonomous future. This creates significant opportunity for disruption to our supply chain and food safety concerns." He continued, "Today, we are already hearing stories of processing plants shutting down and the potential of food shortages. What if manufacturing and storage facilities of perishable food products have their cooling systems hacked during a time of a national food shortage? It would only take a handful of high-profile attacks to create panic among citizens that could lead to a rush on grocery stores and threaten an already fragile food supply."

These new capabilities enable network teams to better integrate cloud resources in Amazon Web Services with on-premises networks, protect themselves from advanced cyber threats, and reduce the risk of network outages. Because the new universal work from home reality has introduced new risks to enterprise networks, BlueCat also introduced several security improvements to BlueCat Threat Protection, its DNS firewall solution.