Security News

The threat actors behind the Shade ransomware have called it quits, releasing 750,000 encryption keys on GitHub and publicly apologizing to victims affected by the malware. User "Shade-team" posted four files on the code repository earlier this week, one containing the file keys and four "ReadMe" files with decryption instructions and other information.

Sixgill, a leading cyber threat intelligence company, announced that as part of its partnership with Anomali, its new Darkfeed automated threat intelligence is available in the Anomali Preferred Partner Store. With access to this new intelligence stream, joint customers can integrate a real-time, automated feed of deep and dark web indicators into their existing security infrastructure and operations via Anomali ThreatStream.

Cygilant, provider of Cybersecurity-as-a-Service to mid-sized organizations, launched Cygilant Endpoint Security, a new solution that will give companies greater visibility into suspicious activity taking place on network endpoints. Cygilant Endpoint Security is an agent-based solution that collects real-time security data from a company's critical assets, detects suspicious files, services and other activity - and then streams alerts to the 24×7 Cygilant Security Operations Center for further investigation and action.

Datadog Security Monitoring combines and analyzes traditional security signals with performance and environment data from applications to provide unique real-time insights. Unified observability and security: By combining data from traditional security logs with over 400 integrations that bring in performance metrics, traces, environment information and more, Security Monitoring detects threats quickly and provides detailed context to pinpoint affected systems.

Topics on the agenda include threat intel on advanced persistent threats, new vulnerability research, and topics related to a post-crisis world - such as how the industry is changing because of the pandemic. "Hiding in Plain Sight: An APT Comes into a Market" on Tuesday will feature Kaspersky researchers Alexey Firsh and Lev Pikman opening the kimono on previously undisclosed threat intelligence regarding a nation-state cybercriminal group.

A Chinese threat actor tracked as Evil Eye has updated the tools it uses to target Uyghurs, a minority Turkic ethnic group in the Xinjiang Uyghur Autonomous Region in Northwest China, incident response and threat intelligence firm Volexity reports. Starting January 2020 the threat actor resumed operations, with signs of activity identified "Across multiple previously compromised Uyghur websites."

Released on Wednesday, the 2020 Trustwave Global Security Report looks at the latest types of email attacks and offers advice on how organizations can defend against them. Cybercriminals have amped up their email game by using more targeted phishing attacks.

Threat groups have been using automated mechanisms to constantly probe networks and infrastructure and deploy malware. Malware disarm firm odix looks to provide enterprise-grade security to organizations through its ecosystem of services.

Claroty has strengthened the Claroty Platform to deliver the industry's broadest range of OT security controls in a single solution, thereby empowering enterprises to more easily and effectively reduce risks posed by increasing connectivity between OT and IT networks. Enriched by newly enhanced Continuous Threat Detection 4.1 and Secure Remote Access 3.0 components, the platform addresses four areas integral to risk reduction: visibility, threat detection, vulnerability management, and triage & mitigation.

Respondents believe threat actors are most concerned about traffic analysis, followed closely by deception technology and next-generation firewalls, IDS, SIEMs, EDR/next-generation AV, IAM and UEBA. This shift is likely due to attackers becoming increasingly savvy at understanding the weaknesses of traditional security controls. Organizations are shifting their strategy by deploying new technologies like deception technology for closing detection gaps and efficiently covering attack surfaces such as endpoint, cloud, and inter-connected OT environments.