Security News

Ransomware remains the number one threat for most organisations. This report comprehensively examines the adversary's ongoing innovation and evolution of tried-and-true TTPs like ransomware, business email compromise, zero-day threats, espionage, and more.

The Secureworks Counter Threat Unit™ research team analyses security threats and helps organizations protect their systems. During September and October 2021, CTU researchers observed notable developments in threat behaviours, the global threat landscape, and security trends, and identified lessons to consider.

Microsoft Sentinel now comes with support for continuous GitHub threat monitoring, which helps keep track of potentially malicious events after ingesting GitHub enterprise repository logs. "Today, together with Microsoft Sentinel, you can connect your enterprise-licensed GitHub repository environment to the Microsoft Sentinel workspace and ingest the GitHub audit log - tracking events such as new repository creation or deletion, counting the number of repository clones, and more," Microsoft explained.

We hear about the need for better visibility in the cybersecurity space - detecting threats earlier and more accurately. A new solution overview document provides insights on how XDR provider Cynet tackles the difficult problem of greatly improving threat visibility.

The product reviewed here is Group-IB's solution offering customer-tailored data on threats and attackers: Threat Intelligence & Attribution. Most of them are only available for Group-IB Threat Intelligence & Attribution customers due to a restricted sharing policy, like the fourth volume of its Hi-Tech Crime Trends 2021/2022 report "Cyberwarfare: state-sponsored operations in cyberspace." The reports differ on several points: topic, depth, and publishing frequency.

Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident. The report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.

Digital identification is the focus of two reports by the European Union Agency for Cybersecurity: an analysis of self-sovereign identity and a study of major face presentation attacks. The technologies falling under the name of self-sovereign identity consist in giving identity holders greater control over their identity.

One of the most valuable steps an organization can take is to establish a cyber-threat profile, which is a deep-dive look at your organization's adversaries, vulnerabilities and risk. The creation of a cyber-threat profile should be based on intelligence and due diligence and should be used to drive action for the other cyber-defense functions.

Researchers have discovered a raft of active campaigns delivering the Flubot and Teabot trojans through a variety of delivery methods, with threat actors using smishing and malicious Google Play apps to target victims with fly-by attacks in various regions across the globe. Researchers from Bitdefender Labs said they have intercepted more than 100,000 malicious SMS messages trying to distribute Flubot malware since the beginning of December, according to a report published Wednesday.

The report compiles responses from 428 leaders and executives in IT, security and development roles to identify the latest trends on how organizations are adapting to new security challenges of the software supply chain. Managing software supply chain security a significant or top focus in 2022.