Security News

Outside hackers were to blame for most data thefts last year, while in-house drama contributed to only a fifth of total computer security incidents, Verizon reckons. In its 13th Data Breach Investigations Report, which probed some 4,000 intrusions and network breaches in 2019, Verizon found that the online world is still a fairly bad place if you're not tooled up enough to defend yourself and your customers from external miscreants hoping to make bank.

One solution to risks associated with shadow IT is to have workers only use cloud apps that have been vetted and approved by your IT department. There is a vast discrepancy in the intended block rate and the actual block rate, which Skyhigh Networks calls the "Cloud enforcement gap" and represents shadow IT acquisition and usage.

Microsoft this week announced that it has made some of its COVID-19 threat intelligence available to the public. The number of attacks targeting organizations and individuals worldwide using coronavirus lures has increased dramatically over the past several months, and Microsoft says it wants to help even those who do not use its threat protection solutions.

Everyone is having trouble keeping cloud deployments secure, according to a new report from Oracle and KPMG. The "Threat Report 2020: Addressing Security Configurations Amidst a State of Constant Change" found that 92% of IT professionals do not think their organization is well prepared to secure public cloud services. Misconfigured cloud services are prevalent, problematic, and the top cloud security priority.

A report released Wednesday by Nuspire describes some of the latest malware threats and offers tips on how to defend against them. For the first quarter, Nuspire detected more than 2.4 million pieces of malware with more than 1,200 unique variants.

"Technology adoption has skyrocketed in virtually every segment of our agriculture sector including food production, processing, and distribution," comments Parham Eftekhari, founder and chairman of the Institute for Critical Infrastructure Technology, "And experts predict this trend to continue with robotics and self-driving freight carriers paving the way for an autonomous future. This creates significant opportunity for disruption to our supply chain and food safety concerns." He continued, "Today, we are already hearing stories of processing plants shutting down and the potential of food shortages. What if manufacturing and storage facilities of perishable food products have their cooling systems hacked during a time of a national food shortage? It would only take a handful of high-profile attacks to create panic among citizens that could lead to a rush on grocery stores and threaten an already fragile food supply."

These new capabilities enable network teams to better integrate cloud resources in Amazon Web Services with on-premises networks, protect themselves from advanced cyber threats, and reduce the risk of network outages. Because the new universal work from home reality has introduced new risks to enterprise networks, BlueCat also introduced several security improvements to BlueCat Threat Protection, its DNS firewall solution.

Recorded Future this week announced the availability of Express, a free web browser extension designed to help security teams prioritize vulnerability patching and alerts from security information and event management tools. The extension is currently available for Chrome and Firefox, and once it's installed an icon with the Recorded Future logo will be added to the browser's toolbar.

Agari, the market share leader in phishing defense solutions for the enterprise, unveiled Agari Active Defense with a new service that delivers actionable threat intelligence driven through active engagement with Business Email Compromise threat actors. Agari Active Defense - BEC Threat Intelligence Service is the only commercial offering on the market that delivers real-world cyber intelligence harvested from direct active engagements with email fraudsters attacking and scamming organizations.

King & Union launched a suite of new service offerings to augment its Avalon Cyber Analysis Platform and help customers address the human aspect of threat intelligence operations, bridging common gaps that many security teams face. "With the introduction of new services, King & Union is recognizing the critical human component of efficient threat intelligence operations. Threat intelligence analysts are hard to find and even harder to keep."