Security News
With more and more IT resources moving to the cloud and remote work becoming a ubiquitous business practice due to COVID-19, perimeter-based security is undeniably becoming a weak link, especially since attackers have repeatedly demonstrated they can bypass firewalls and spread laterally within enterprise networks. The first has existed for several years and is now gaining real traction to address the security gap created by the disintegration of the network perimeter.
Over a period of two years, a threat actor sold access to the compromised networks of 135 organizations in 44 countries and likely made over $1.5 million, Group-IB says. Between October 2017 and July 2018, Fxmsp sold access to compromised networks personally, but then found an accomplice who became his sales manager.
"You may collect information on an ongoing or future threat to your organization to include who the threat actor is, what are they going after, what is the tactic they will utilize to get in your network, how are they going to move laterally, how are they going to exfil information and when will the activity take place. You can collect all the relevant threat information but without the infrastructure in place to analyze the large amount of data coming in, the organization will not succeed in successfully orienting themselves and acting upon the threat information," Santiago Holley, Global Threat Intelligence Lead at Thermo Fisher Scientific, told Help Net Security. Holley has worked in multiple threat intelligence and cyber positions over the past ten years, including a stint as a Threat Intelligence Lead with the FBI, and this allows him to offer some advice to security leaders that have been tasked with setting up a robust threat intelligence program for their organization.
CBTS has announced the integration of cloud-delivered threat prevention into its CBTS Network Security as a Service. The CBTS partnership with Check Point Software Technologies, Ltd. enables CBTS to unify Check Point's industry-leading CloudGuard cloud-native security with highly customized CBTS SD-WAN solutions supporting the rapid shift to distributed application architecture and flexible work from anywhere policies.
Employees working from home face a new world of workplace challenges. That's because remote employees have been thrust into new working environments, with no face-to-face supervision and little to no training for handling new security risks.
Particularly in the coronavirus time where people are locked down, and they're not well prepared for that scenario, we are seeing a huge surge in shadow IT tools of late. Rahul Kashyap: So we found that generally, it's one or two file sharing applications which IT people authorize end users to use in a large corporate environment.
File sharing, remote work, and vulnerable employees are leaving company networks open to potential cyberattack
This shift to working from home has exposed new security risks and has left nearly 50% of those employees worried about impending cyber threats in their new home office settings. The rapid shift to working from home has also changed the ways many organizations do business from moving face-to-face meetings to video conferencing calls to adding new collaboration tools-yet the survey showed many employees are lacking guidance, direction and policies.
BEC campaigns represent a relatively small percentage of all email attacks yet pose the greatest financial risk, says Abnormal Security. One less common but potentially more dangerous attack type is the Business Email Compromise.
Stamus Networks announced the general availability of SELKS 6 - the turnkey system based on Suricata intrusion detection/prevention and network security monitoring with a network threat hunting interface and graphical rule manager. "We are excited to make SELKS 6 officially available," said Peter Manev, co-founder and chief strategy officer of Stamus Networks.