Security News

Recorded Future this week announced the availability of Express, a free web browser extension designed to help security teams prioritize vulnerability patching and alerts from security information and event management tools. The extension is currently available for Chrome and Firefox, and once it's installed an icon with the Recorded Future logo will be added to the browser's toolbar.

Agari, the market share leader in phishing defense solutions for the enterprise, unveiled Agari Active Defense with a new service that delivers actionable threat intelligence driven through active engagement with Business Email Compromise threat actors. Agari Active Defense - BEC Threat Intelligence Service is the only commercial offering on the market that delivers real-world cyber intelligence harvested from direct active engagements with email fraudsters attacking and scamming organizations.

King & Union launched a suite of new service offerings to augment its Avalon Cyber Analysis Platform and help customers address the human aspect of threat intelligence operations, bridging common gaps that many security teams face. "With the introduction of new services, King & Union is recognizing the critical human component of efficient threat intelligence operations. Threat intelligence analysts are hard to find and even harder to keep."

Information security professionals are facing increasingly complex threats—some new, others familiar but evolving.

The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User "Shade-team" posted four files on the code repository earlier this week, one containing the file keys and four "ReadMe" files with decryption instructions and other information.

Sixgill, a leading cyber threat intelligence company, announced that as part of its partnership with Anomali, its new Darkfeed automated threat intelligence is available in the Anomali Preferred Partner Store. With access to this new intelligence stream, joint customers can integrate a real-time, automated feed of deep and dark web indicators into their existing security infrastructure and operations via Anomali ThreatStream.

Cygilant, provider of Cybersecurity-as-a-Service to mid-sized organizations, launched Cygilant Endpoint Security, a new solution that will give companies greater visibility into suspicious activity taking place on network endpoints. Cygilant Endpoint Security is an agent-based solution that collects real-time security data from a company's critical assets, detects suspicious files, services and other activity - and then streams alerts to the 24×7 Cygilant Security Operations Center for further investigation and action.

Datadog Security Monitoring combines and analyzes traditional security signals with performance and environment data from applications to provide unique real-time insights. Unified observability and security: By combining data from traditional security logs with over 400 integrations that bring in performance metrics, traces, environment information and more, Security Monitoring detects threats quickly and provides detailed context to pinpoint affected systems.

Topics on the agenda include threat intel on advanced persistent threats, new vulnerability research, and topics related to a post-crisis world - such as how the industry is changing because of the pandemic. "Hiding in Plain Sight: An APT Comes into a Market" on Tuesday will feature Kaspersky researchers Alexey Firsh and Lev Pikman opening the kimono on previously undisclosed threat intelligence regarding a nation-state cybercriminal group.

A Chinese threat actor tracked as Evil Eye has updated the tools it uses to target Uyghurs, a minority Turkic ethnic group in the Xinjiang Uyghur Autonomous Region in Northwest China, incident response and threat intelligence firm Volexity reports. Starting January 2020 the threat actor resumed operations, with signs of activity identified "Across multiple previously compromised Uyghur websites."