Security News

WhiteSource released a threat report based on malicious activity found in npm, the most popular JavaScript package manager used by developers worldwide. The report is based on findings from more than 1,300 malicious npm packages identified in 2021.

Reblaze announced the results of a Global Surveyz survey of 300 security professionals, to better understand how organizations are approaching web security as we enter a new year. "Unfortunately, it seems that many organizations have fallen behind in maintaining effective defenses. For example, although attack bots are used in multiple types of cyberattacks, half of the security professionals that were surveyed admitted that they didn't know the extent of bot activity in their applications, and of the remaining respondents, most of them underestimated the scope of the threat."

Ransomware remains the number one threat for most organisations. This report comprehensively examines the adversary's ongoing innovation and evolution of tried-and-true TTPs like ransomware, business email compromise, zero-day threats, espionage, and more.

The Secureworks Counter Threat Unit™ research team analyses security threats and helps organizations protect their systems. During September and October 2021, CTU researchers observed notable developments in threat behaviours, the global threat landscape, and security trends, and identified lessons to consider.

Microsoft Sentinel now comes with support for continuous GitHub threat monitoring, which helps keep track of potentially malicious events after ingesting GitHub enterprise repository logs. "Today, together with Microsoft Sentinel, you can connect your enterprise-licensed GitHub repository environment to the Microsoft Sentinel workspace and ingest the GitHub audit log - tracking events such as new repository creation or deletion, counting the number of repository clones, and more," Microsoft explained.

We hear about the need for better visibility in the cybersecurity space - detecting threats earlier and more accurately. A new solution overview document provides insights on how XDR provider Cynet tackles the difficult problem of greatly improving threat visibility.

The product reviewed here is Group-IB's solution offering customer-tailored data on threats and attackers: Threat Intelligence & Attribution. Most of them are only available for Group-IB Threat Intelligence & Attribution customers due to a restricted sharing policy, like the fourth volume of its Hi-Tech Crime Trends 2021/2022 report "Cyberwarfare: state-sponsored operations in cyberspace." The reports differ on several points: topic, depth, and publishing frequency.

Notably, on average, impacted organizations spent $15.4 million annually on overall insider threat remediation and took 85 days to contain each incident. The report reveals that over the last two years, the frequency and costs associated with insider threats have increased dramatically across all three insider threat categories, including: careless or negligent employees/contractors, criminal or malicious insiders, and cybercriminal credential theft.

Digital identification is the focus of two reports by the European Union Agency for Cybersecurity: an analysis of self-sovereign identity and a study of major face presentation attacks. The technologies falling under the name of self-sovereign identity consist in giving identity holders greater control over their identity.

One of the most valuable steps an organization can take is to establish a cyber-threat profile, which is a deep-dive look at your organization's adversaries, vulnerabilities and risk. The creation of a cyber-threat profile should be based on intelligence and due diligence and should be used to drive action for the other cyber-defense functions.