Security News

Part of Elastic Security, Elastic Limitless XDR modernizes security operations by unifying the capabilities of security information and event management, security analytics, and endpoint security. Elastic Limitless XDR is anchored in SIEM and enriched by a single agent for endpoint security to eliminate data silos, reduce alert fatigue, and arm practitioners to stop threats at cloud scale.

NetWitness, an RSA business, unveiled NetWitness Ransomware Defense Cloud Services, a managed cloud service that monitors endpoints without traditional deployment and administration requirements. Ransomware Defense Cloud Services also includes detection intelligence developed from in-depth ransomware research and development, combined with experienced threat hunting in enterprise environments.

Cyware announced a partnership with RiskIQ. The partnership combines advanced global threat intelligence automation with enriched, high-fidelity threat intelligence data to enable customers to...

This combination will enable organizations to shrink their attack surface, prioritize vulnerabilities to remediate, and reduce their exposure to cyber threats and ransomware attacks by taking a proactive, risk-based approach to patch management. "And unpatched vulnerabilities remain one of the common points of infiltration into organizations' ecosystems. I'm committed to the global fight against ransomware. And I truly believe that the combination of risk-based vulnerability prioritization and automated patch intelligence can help organizations reduce their exposure and make a major impact in global cyberspace. Together, RiskSense and Ivanti will help customers drive operational efficiencies and defend against the next wave of sophisticated cyber threats, including ransomware attacks."

This second part to ISACA's annual State of Cybersecurity 2021 survey report examines cyber threat landscape trends, including frequency and type of attacks, confidence in cybersecurity teams and cybersecurity awareness initiatives, nuances related to security operations and reporting structure, and cybermaturity as a business imperative. "With the increase in the number and rate of cyberattacks worldwide, cybersecurity professionals are facing a challenging 2021 threat landscape that requires constant vigilance," says David Samuelson, CEO, ISACA. "These survey findings illustrate just how essential it continues to be for the global cybersecurity community to actively keep up to date with best practices and training, and ensure their teams are well staffed to detect and respond to attacks."

A previously undocumented Chinese-speaking threat actor is targeting Microsoft Exchange vulnerabilities in an attempt to compromise high-profile victims, Kaspersky reveals. According to Kaspersky, the toolset emerged as early as July 2020, with the threat actor targeting various entities in Southeast Asia, including governmental organizations and telecom companies.

ZeroFox released an advanced external threat hunting capabilities within the ZeroFox platform, designed to provide real-time threat intelligence to threat hunters, analysts and cyber responders. The enhanced threat hunting module delivers a complete global view of active and historical threat intelligence data to understand risks across physical and cyber domains, including social media as well as the surface, deep and dark web.

Threat Stack announced it has expanded its AWS Fargate Security Monitoring to include Amazon Elastic Kubernetes Service. Using the Threat Stack Cloud Security Platform, businesses can gain full-stack observability into AWS EKS on AWS Fargate within minutes to detect threats and maintain compliance throughout their cloud infrastructure.

Netskope revealed new research showing the continued growth of malware delivered by cloud applications and also the potential for critical data exfiltration tied to employees departing their jobs, among a range of increasing cloud application security risks. The findings are part of the July 2021 Netskope Cloud and Threat Report, the latest installment of Netskope Threat Labs' biannual research analyzing critical trends in enterprise cloud service and app use, web and cloud-enabled threats, and cloud data migrations and transfers.

Developing various data sets for threat hunting engagements will further mature your program and help uncover the unknown. Results-driven threat hunting is fast becoming a necessity rather than a "Nice to have." Establishing a threat hunting program from the ground up can feel like a daunting task initially - especially if you work in an organization with limited resources.