Security News

Over the past year, it's been impossible to ignore the rising tide of threats targeting government and commercial organizations around the world, and the cybersecurity market is reacting. On top of that, we've seen supply chain attacks, like SolarWinds and Microsoft Exchange, causing widespread impact on thousands of organizations worldwide and the European Union Cybersecurity Agency recently predicted a fourfold increase in supply chain attacks in 2021 over last year, warning that strong cybersecurity protection is no longer effective in defending against these types of attacks.

Amid the COVID-19 crisis, the global market for advanced persistent threat protection estimated at $8 billion in the year 2020, is projected to reach a revised size of $20.3 billion by 2026, growing at a CAGR of 16.7% over the analysis period, according to Global Industry Analysts. The U.S. and China advanced persistent threat protection market forecast.

A decade ago, hunting for adversary infrastructure was often as simple as monitoring a domain registrant's name or phone number in public WHOIS records. As bad actors have moved first toward privacy protection services and then gained further obscurity behind laws such as the General Data Protection Regulation and the California Consumer Privacy Act, many in the cybersecurity industry have lamented the loss of unredacted WHOIS records as an end to effective hunting.

Analysts reviewed 13 million security incidents and found that end-of-life versions of Linux distributions were at the biggest risk. Linux now has been around long enough that old versions are causing security problems, according to a new report from Trend Micro.

Phishing can be a profitable business model, and most breaches begin with a phishing email. As detailed in the report, threats ranging from ransomware, credential harvesters to difficult-to-discover but costly Business Email Compromise targeted inboxes, could have resulted in over $354 million in direct losses had they been successful.

Researchers have discovered a Nigerian threat actor trying to turn an organization's employees into insider threats by soliciting them to deploy ransomware for a cut of the ransom profits. "In this latest campaign, the sender tells the employee that if they're able to deploy ransomware on a company computer or Windows server, then they would be paid $1 million in bitcoin, or 40% of the presumed $2.5 million ransom," researchers wrote in a report published Thursday about the campaign.

The report seeks to "Track the level of maturity at which analyst teams and threat hunting teams are operating," It defines maturity as the use of threat intelligence, internal threat hunting, and external threat reconnaissance. Most threat hunting teams do some form of external threat reconnaissance; but few do it to the extent recommended by Team Cymru.

Group-IB has been named one of the leaders in the global cyber threat intelligence market by Frost & Sullivan. According to "Frost Radar: Global Cyber Threat Intelligence Market, 2021," Group-IB with its proprietary Threat Intelligence & Attribution platform is one of the most innovative threat intelligence vendors and the third-largest one, enjoying an over 15-percent share of the global market.

Threat Stack announced new alert context functionality to reduce mean-time-to-know within the Threat Stack Cloud Security Platform. Threat Stack's enhanced alert context provides meaningful data that will help guide security leaders' investigations into high severity alerts in real-time.

Accenture, a global IT consultancy giant has allegedly been hit by a ransomware cyberattack from the LockBit ransomware gang. A ransomware group known as LockBit 2.0 is threatening to publish files data allegedly stolen from Accenture during a recent cyberattack.