Security News

The growing practice of connecting ICS to enterprise networks and the internet, driven by technologies such as IoT, edge computing and analytics platforms, has put ICS on the radar of cybercriminals. Securing ICS is more challenging than protecting traditional IT environments since ICS is insecure by design.

Flashpoint announces a partnership with the Australian threat intelligence services provider Cybermerc. The partnership features a joint solution making Flashpoint's advanced threat intelligence available in Cybermerc service offerings and acts as a valuable enrichment source fused into Cybermerc Aushield Defend-Australia's chosen national threat investigation and sharing platform.

Threat actors are abusing Argo Workflows to target Kubernetes deployments and deploy crypto-miners, according to a warning from security vendor Intezer. An open-source, container-native workflow engine that runs on Kubernetes, Argo Workflows allows users to run parallel jobs at ease from a central interface, reducing deployment complexity and leaving less room for errors.

Boston- based cybersecurity firm Rapid7 announced on Tuesday that it has shelled out $335 million to acquire threat intelligence startup Intsights. Israel-born Intsights has raised more than $70 million in funding, including a $30 million Series D round in November 2019.

An attorney with cybersecurity expertise suggests the only way to stop ransomware is for nations to create a global solution. Ransomware has grown beyond a cybersecurity threat into a global menace.

The Federal Bureau of Investigation warns of threat actors potentially targeting the upcoming Olympic Games, although evidence of attacks planned against the Olympic Games Tokyo 2020 is yet to be uncovered. As the FBI explains, attacks coordinated by criminal or nation-state threat actors targeting the Tokyo 2020 Summer Olympics could involve distributed denial of service attacks, ransomware, social engineering, phishing campaigns, or insider threats.

These two threats already combine to make common encryption less secure than we like to believe and with the power of quantum computing, it will only get worse. Shor's algorithm can use quantum computing to factor large RSA numbers exponentially faster than any other method and it doesn't require a full-scale general purpose quantum computer.

Enterprise security teams need to move from the consumption of crowdsourced threat intelligence to an additional mode of contribution. We are a community with grand ideas around the concept of crowdsourced threat intelligence, but with little history or previous successes that show CTI as a viable idea.

Half of US organizations are not effective at countering phishing and ransomware threats, Osterman Research research reveals. The study asked respondents to rate their effectiveness in 17 key best practice areas related to ransomware and phishing, ranging from protecting endpoints from malware infection to ensuring prompt patching of all systems.

While the increased need for flexibility, agility, and speed continues to drive the evolution of application development and increased deployment of microservice-based architectures, many organizations have not updated their security tooling and continue to rely on traditional web application and API security tools to protect their business. "One of the biggest security challenges we are seeing today is that technologies are rapidly evolving to better serve the growing demand for digital experiences, but the security offerings that protect those technologies are not experiencing that same level of transformation - and often erode the benefits of modern technology stacks," said Kelly Shortridge, Senior Principal Technologist at Fastly.