Security News

The new malware service, dubbed the Eternity Project by the threat actors behind it, allows cybercriminals to target potential victims with a customized threat offering based on individual modules they can buy for prices ranging from $90 to $490, researchers from security firm Cyble wrote in a blog post published Thursday. The modules include a stealer, clipper, worm, miner and ransomware, depending on what type of attack a threat actors wants to mount, according to the post.

Nearly every week in 2021 and early 2022, a prominent organization has been in the media spotlight as their public relations team struggles to explain how they were attacked and how they can regain consumer confidence. Many teams center their plans around prevention of the initial attack, not response, after an adversary successfully gains a foothold.

Many security executives say they're unprepared for the threats that lie ahead. As cyberattacks grow in both number and sophistication, organizations are increasingly under the gun to protect themselves from compromise. A report released Tuesday by research firm ThoughtLab looks at how businesses and government agencies can better defend themselves against the security threats that lie ahead. SEE: Mobile device security policy.

Hardware attacks are becoming more and more sophisticated. Security increasingly supported in hardware - Mistakes can introduce severe vulnerabilities.

A recent Imperva report found only 18 percent prioritized spend on a dedicated insider threat program compared to 25 percent focused on external threat intelligence. In addition to getting people onboard and policies in place, the business will need to inventory its data and locate data sources, determine how it will monitor behaviors, adapt the training program, and carry out investigations as well as how the ITP itself will be assessed on a regular basis.

Microsoft is rolling out its "Security Experts" managed service with an eye on stomping down threats and malware. Microsoft is planning to roll out three such managed services in 2022, one of which became available today.

A new report from Mandiant reveals details about an ongoing cyberespionage operation run by a threat actor dubbed UNC3524, monitored by Mandiant since December 2019. While such targeting may suggest financial motivations, Mandiant believes it's instead motivated by espionage, because the threat actor maintains its access and remains undetected for an order of magnitude longer than the average dwell time of 21 days.

The unsanctioned use of corporate IT systems, devices, and software - known as shadow IT - has increased significantly during the shift to remote work, and recent research found almost one in seven are concerned about information security because of employees following shadow IT practices. Shadow IT can be tough to mitigate, given the embedded culture of hybrid working in many organizations, in addition to a general lack of engagement from employees with their IT teams.

In this article, I'd like to explore some of the threat detection program challenges CISOs are facing and provide some tips on how they can improve their security operations. CISOs ensure the security operations program for threat detection, investigation and response is executing at peak performance.

"Kubernetes attacks are actually quite common, especially given how popular the container orchestration software is," said Trevor Morgan, product manager at comforte AG. "The array of threats to Kubernetes environments is quite broad.". As an example of how popular targeting vulnerable cloud infrastructure has become, Akamai security researcher Larry Cashdollar recently set up a simple Docker container honeypot, just to see what kind of notice it might attract from the wider web's cadre of cyberattackers.