Security News

Mac threats growing faster than their Windows counterparts for the first time ever, with nearly twice as many Mac threats detected per endpoint as Windows threats, according to Malwarebytes. Mac threats are growing, other threats in the spotlight.

Elastic Stack 7.6 streamlines automated threat detection with the launch of a new SIEM detection engine and a curated set of detection rules aligned to the MITRE ATT&CK knowledge base, brings performance improvements to Elasticsearch, makes supervised machine learning more turnkey with inference-on-ingest features, and deepens cloud observability and security with the launch of new data integrations. Chasing down an error in the Elastic Logs app or investigating a threat in Discover are just a few of the many things that will be faster by simply upgrading to 7.6.

The X-Force Threat Intelligence Index 2020 found that hackers are targeting manufacturing plants, making banking trojans more sophisticated, and spoofing tech brands to make phishing schemes successful. IBM Security releases the IBM X-Force Threat Intelligence Index annually, summarizing the most prominent threats identified by research teams.

Russia is still using social media in a sustained campaign to dabble in US affairs, according to FBI director Chris Wray. Wray, speaking at a House Judiciary Hearing on FBI Oversight on Wednesday 5 February, said that Russia is still engaged in an "Information warfare" campaign against the US, according to a report by the Associated Press.

An update announced last week by Trend Micro for its Anti-Threat Toolkit addresses some additional attack methods related to a vulnerability initially patched in October 2019. Researcher Stefan Kanthak has also analyzed the vulnerability and discovered that Trend Micro has failed to patch it completely.

Recently released, eSentire's 2019 Threat Intelligence Report: Perspectives from 2019 and Predictions for 2020 provides visuals, data and written analysis, as well as practical recommendations for readers seeking to understand and better respond to the cybersecurity threat landscape. Nation states: Most nationally sponsored cybersecurity incidents take the form of espionage through data exfiltration.

While organizations may have no way of avoiding productivity losses during periods of sports-induced distractions, there are a few things they can do to avoid cyber trouble. Having an effective intelligence capability tied to a strong physical security team can empower organizations like the NFL to know their adversaries in advance and to be prepared for what they may attempt.

"The main takeaway for online conference platforms is that these companies are in charge of the security of their users and they need to work to secure these environments. Zoom added a password but other actions can be taken as well so that people can't really abuse these platforms," she said. Beyond Zoom's recent flaw, Horowitz also talked to Threatpost about the challenges of hunting down cybercriminals and making attribution, and the top threats she's anticipating in 2020 - from ransomware to cloud-infrastructure attacks.

Russia has blocked a second encrypted email provider, Swiss-based ProtonMail, in efforts to halt a prolonged series of anonymous bomb threats, the security service said Wednesday. The FSB security service said Russia acted against Geneva-based ProtonMail after blocking another social network, Netherlands-based Smartmail, for the same reason last week.

Cybersecurity and analytics firm Cybraics announced a partnership with AVANT, an IT decision-making platform for next-generation technologies, further expanding the reach of the company's artificial intelligence-backed threat detection services. "We are excited to partner with AVANT to offer our advanced threat detection services throughout their nationwide network of Trusted Advisors," said Nate Grinnell, Vice President of Sales, Cybraics.