Security News

Stamus Networks SELKS 6: An open source threat hunting and IDS/IPS/NSM offering
2020-06-17 01:45

Stamus Networks announced the general availability of SELKS 6 - the turnkey system based on Suricata intrusion detection/prevention and network security monitoring with a network threat hunting interface and graphical rule manager. "We are excited to make SELKS 6 officially available," said Peter Manev, co-founder and chief strategy officer of Stamus Networks.

IT pros see increased workload and security threats amid shift to remote working
2020-06-16 18:24

A report released Tuesday by IT software vendor Ivanti highlights some of the challenges in light of the move to remote working. Among the respondents, 70% said they increased VPN access to more employees, 54% had to set up and distribute extra devices, and 52% created more "How-to" articles for remote workers to follow.

How to protect your organization's domain from security threats
2020-06-16 14:13

Unlocked domains are susceptible to malicious tactics that can lead to unauthorized DNS changes and domain name hijacking, says CSC. Your organization's public-facing domain is often as important and critical a resource as are your internal files, data, and network. Just as you protect your internal infrastructure from cyberthreats, so too do you need to protect your domain.

The FBI expects a surge of mobile banking threats
2020-06-15 12:14

The increased use of mobile banking apps due to the COVID-19 pandemic is sure to be followed by an increased prevalence of mobile banking threats: fake banking apps and banking Trojans disguised as those apps, the FBI has warned. "Studies of US financial data indicate a 50 percent surge in mobile banking since the beginning of 2020. Additionally, studies indicate 36 percent of Americans plan to use mobile tools to conduct banking activities, and 20 percent plan to visit branch locations less often," the FBI pointed out.

Forget biz insider threats for a moment – let's talk about partners turning rogue and installing spyware on phones
2020-06-11 20:42

In a paper recently published through the Journal of Cybersecurity, Cornell University assistant professor Karen Levy and security veteran Bruce Schneier argue that intimate relationships open the door to a set of privacy and security risks that haven't been anticipated or adequately addressed by the public, the technical community, and policymakers. "We describe privacy threats that arise in our intimate relationships: families, romances, friendships," said Levy.

New Kaspersky Tool Helps Attribute Malware to Threat Actors
2020-06-11 12:28

Kaspersky this week released a threat intelligence solution designed to help with the attribution of malware samples to known advanced persistent threat groups. The new Kaspersky Threat Attribution Engine, a commercial product available globally, uses a proprietary method to match malicious code against a malware database and link it to APT groups or campaigns based on code similarities.

Keepnet kerfuffle: Firing legal threats at bloggers did infosec biz more damage than its exposed database
2020-06-10 18:02

UK-based infosec outfit Keepnet Labs left an 867GB database of previously compromised website login details accessible to world+dog earlier this year - then sent lawyers' letters to bloggers in a bid to erase their reports of its blunder. As reported by news website Verdict, Keepnet was stung by Diachenko's initial post about the gaffe, which Keepnet interpreted as the blogger blaming the business for leaking its own customers' data - none of its own clients' data was exposed, but rather info from previous publicly known database exposures.

New Research: "Privacy Threats in Intimate Relationships"
2020-06-05 11:13

I just published a new paper with Karen Levy of Cornell: "Privacy Threats in Intimate Relationships." Abstract: This article provides an overview of intimate threats: a class of privacy threats that can arise within our families, romantic partnerships, close friendships, and caregiving relationships.

Understanding cyber threats to APIs
2020-06-05 04:00

The many benefits that APIs bring to the software and application development communities - namely, that they are well documented, publicly available, standard, ubiquitous, efficient, and easy to use - are now being leveraged by bad actors to execute high profile attacks against public-facing applications. The security conundrum for APIs is that whereas most practitioners would recommend design decisions that make resources more hidden and less available, successful deployment of APIs demands willingness to focus on making resources open and available.

Druva and FireEye enable customers to instantly monitor, analyze, detect and respond to insider threats
2020-06-04 23:45

Druva announced the launch of an API integration with FireEye extending visibility and control over endpoint backup data to monitor, analyze, detect and respond to data breaches from ransomware, data theft, and insider attacks. Joint customers of Druva and the FireEye Helix platform can now dramatically reduce incident response times, minimize downtime, and accelerate recovery from protected backup data.