Security News

Microsoft on Wednesday announced that it's expanding cloud logging capabilities to help organizations investigate cybersecurity incidents and gain more visibility after facing criticism in the wake of a recent espionage attack campaign aimed at its email infrastructure. "Over the coming months, we will include access to wider cloud security logs for our worldwide customers at no additional cost," Vasu Jakkal, corporate vice president of security, compliance, identity, and management at Microsoft, said.

U.S. cybersecurity and intelligence agencies have released a set of recommendations to address security concerns with 5G standalone network slicing and harden them against possible threats. "The threat landscape in 5G is dynamic; due to this, advanced monitoring, auditing, and other analytical capabilities are required to meet certain levels of network slicing service level requirements over time," the U.S. Cybersecurity and Infrastructure Security Agency and the National Security Agency said.

The Scarleteel threat targets AWS Fargate environments for data theft and more malicious types of attacks such as cryptojacking and DDoS. Learn how to mitigate this threat. Sysdig, a cloud and container security company, has released a new report on the Scarleteel threat that targets specific AWS environments for data theft and additional malicious activities.

As security practices continue to evolve, one primary concern persists in the minds of security professionals-the risk of employees unintentionally or deliberately exposing vital information. While access controls, encryption, and monitoring systems are crucial for identifying and mitigating unauthorized access and suspicious activities, the increasing prevalence of cloud-based environments and the surge in SaaS application usage demand a fresh perspective on Insider Risk Management from a SaaS security standpoint.

Learn how a malicious driver exploits a loophole in the Windows operating system to run at kernel level. Cisco Talos discovered a new Microsoft Windows policy loophole that allows a threat actor to sign malicious kernel-mode drivers executed by the operating system.

As vulnerabilities continue to rise and security evolves, it is becoming increasingly apparent that conventional vulnerability management programs are inadequate for managing the expanding attack surface. As a result, many security teams are scrambling to adopt modern vulnerability management programs that are capable of identifying and thwarting contemporary vulnerability-based threats.

Leading analyst firm Gartner Research describes the solution: "By 2026, organizations prioritizing their security investments based on a continuous exposure management program will be 3x less likely to suffer from a breach." IT and security teams constantly face threat exposures, and they must proactively address critical security gaps in their exposed assets.

Browser-based emerging threats New browser-based social engineering trends. Three of the four new threats that debuted on our top ten malware list this quarter have strong ties to nation states, although this doesn't necessarily mean those malicious actors are in fact state-sponsored.

The malware "Possesses the ability to steal information from various browsers, enabling the exfiltration of sensitive data, while also incorporating different modules for carrying out ransomware activities," Zscaler researchers Shatak Jain and Gurkirat Singh said in a recent analysis. Following a successful breach, the malicious binary is used as a conduit to set up persistence, perform the actual browser update, and also drop a stealer capable of covertly harvesting sensitive information and encrypting the stolen files, leaving the victims at risk of potential data loss, exposure, or even the sale of their valuable data.

Small organizations face the same security threats as organizations overall but have less resources to address them, according to Netwrix. Smaller organizations usually have fewer resources and experience with which to address security threats.