Security News

Cell phones, wearables, health performance monitors and IoT infrastructure devices all offer new and unmonitored threat surfaces to launch attacks in order to gain access to company networks and secrets. From unmanageable device attacks and IoT devices being more vulnerable than corporate-managed computers to IoT security breaches, RF espionage is a growing concern for enterprises, but the concern still lags behind the threat.

Business email compromise attempts were globally up by a quarter in the first two months of this year alone, according to research from threat intel firm Trend Micro. "IT security teams around the world may be under significant pressure today, as the corporate attack surface expands thanks to mass home working demands in the face of the COVID-19 epidemic. But now, more than ever, they must be on high alert as opportunistic cyber-attackers look to strike," said a solemn Ian Heritage, cloud security architect at Trend Micro.

A rash of COVID-19 Android mobile apps have emerged that are aimed at helping citizens in Iran, Italy and Colombia track symptoms and virus infections. Researchers analyzed dozens of COVID-19 apps - which continue to emerge with the spread of the coronavirus, paving the way for related security threats across the globe.

Countering cyber-threats is a constant game of cat and mouse and hackers always want to get the maximum reward from the minimum effort, tweaking known attack methods as soon as these are detected by the AI. CTOs therefore need to make sure that the AI system is routinely exercised and fed new data and that the algorithms are trained to understand the new data. AI is based on heuristics whereas machine learning requires a lot of data and algorithms that must be trained to learn the data and provide insights that will help to make decisions.

IRONSCALES, the pioneer of self-learning email security, announced that Themis, its AI-driven virtual security analyst, now has the ability to be fully autonomous in the classification and removal of email threats. Security analysts can now measurably increase the speed and accuracy of their email security by allowing Themis to make time-sensitive decisions on email threat mitigation without any human involvement.

The extension lets analysts process threat data directly from their web browser. Through a combination of automation and workflow tooling the browser extension reduces the time and effort for CTI analysts to process threat data found either on external websites or on the web-based front-ends of their internal security controls.

BitDam, a leading provider of cybersecurity solutions that protect enterprise communications from unknown threats hidden in files and links, announced that its Advanced Threat Protection solution now supports Microsoft Teams and Zoom. Aiming to support organizations' ability to collaborate safely when working from home, BitDam has accelerated these solution releases and is offering businesses its trial for Zoom and Microsoft Teams protection for free for three months.

It's a topic I never tire of because not only do I believe that there is no "Silver bullet" technology, I believe it's the humans who really lead the way to greater security efficiency and effectiveness. Relevant - As security professionals, we need to change how we look at the threat landscape.

The Nigerian business email compromise threat actors referred to as SilverTerrier have intensified assaults on multiple industries and should be considered an established threat, Palo Alto Networks says. SilverTerrier attacks were linked to roughly 400 individual threat actors in 2018, but that number jumped to 480 in 2019.

The Kwampirs attack group continues to target global healthcare entities in this time of crisis, the FBI has warned. "The FBI assesses Kwampirs actors gained access to a large number of global hospitals through vendor software supply chain and hardware products. Infected software supply chain vendors included products used to manage industrial control system assets in hospitals."