Security News

The sun never seems to set on the cybercriminal threat, but whether you're heading into autumn or bursting into spring you can tap into the world's finest cyber security training, at upcoming SANS Institute events in Asia and Oceania. With the cloud accounting for ever more of the world's compute, you can be assured that they all feature top courses focusing on detecting and countering cloud threats, including newly minted courses such as Cloud Security and DevSecOps Automation, and Public Cloud Security: AWS, Azure and GCP. With the development of the larger curriculum, SANS has conscientiously looked at job roles, training needs within those roles, and how we help students progress along their professional cloud security journey.

Cyber attacks against critical national infrastructure are escalating. The most frequently-discussed aspect of critical infrastructure events are availability impacts: stopping or interrupting a process or organization.

Offboarding employees securely is a key problem for business leaders, with 40% concerned that employees who leave a company retain knowledge of passwords that grant access to corporate data. This is according to A research by My1Login, which found few organizations are implementing access management solutions that work with all applications, meaning most lack the ability to revoke access to all corporate data as soon as an employee leaves.

Adam Flatley: I think what really needs to be done, and what has started to happen recently, is that we need to bring all of the components of the private industry and the government together to combat this threat in an organized, intel-driven campaign that is targeting the actors behind these ransomware operations and working to dismantle those organizations through using all the tools available to the private industry and governments around the world. Adam Flatley: It was a really big honor to be part of the Ransomware Task Force that IST put together.

In this interview with Help Net Security, Peter Broadhurst, Maritime Senior VP Safety, Security, Yachting and Passenger, Inmarsat, talks about the impact of cyber threats on passenger vessels and superyachts, and provides an inside look at maritime cybersecurity today. Different vessels have specific vulnerabilities that have driven regulators to act and introduce a new cyber security regime for the industry, requiring commercial shipping, cruise vessels and ferries, and charter and private superyacht sectors to adopt a stricter approach to cyber security.

Five malicious Docker container images were recently detected on Docker Hub, totaling more than 120,000 pulls. There's a new threat cybersecurity teams need to watch out for: malicious Docker containers hiding on legitimate sites like Docker Hub, where Aqua Security's threat research arm, Team Nautilus, found five images accounting for a whopping 120,000 pulls by unsuspecting users.

Cybercriminals behind the BazaLoader malware came up with a new lure to trick website owners into opening malicious files: fake notifications about the site being engaged in distributed denial-of-service attacks. The goal is the same though: use contact forms to deliver BazaLoader malware that often drops Cobalt Strike, which can lead to data theft or a ransomware attack.

Over the past year, it's been impossible to ignore the rising tide of threats targeting government and commercial organizations around the world, and the cybersecurity market is reacting. On top of that, we've seen supply chain attacks, like SolarWinds and Microsoft Exchange, causing widespread impact on thousands of organizations worldwide and the European Union Cybersecurity Agency recently predicted a fourfold increase in supply chain attacks in 2021 over last year, warning that strong cybersecurity protection is no longer effective in defending against these types of attacks.

Amid the COVID-19 crisis, the global market for advanced persistent threat protection estimated at $8 billion in the year 2020, is projected to reach a revised size of $20.3 billion by 2026, growing at a CAGR of 16.7% over the analysis period, according to Global Industry Analysts. The U.S. and China advanced persistent threat protection market forecast.

A decade ago, hunting for adversary infrastructure was often as simple as monitoring a domain registrant's name or phone number in public WHOIS records. As bad actors have moved first toward privacy protection services and then gained further obscurity behind laws such as the General Data Protection Regulation and the California Consumer Privacy Act, many in the cybersecurity industry have lamented the loss of unredacted WHOIS records as an end to effective hunting.