Security News

A survey from the Ponemon Institute recently found that insider threats increased by 47 percent from 2018 to 2020. The cost of insider threat incidents also rose by 31 percent from $8.76 to $11.45 million during the same time period.

While it's true that threat hunting, incident response, and threat research all have their foundations in science, throughout my entire career I have found it is also fundamentally true that the most successful threat hunters, incident responders, and threat researchers are far more artist than scientist. When you write reports about your threat research that will be released publicly, do not simply annotate the threat you documented.

In this complicated and fast-evolving setting, how prepared is the intelligence community to identify, assess, and mitigate possible threats before they become realities? To predict specific future violence, a protective intelligence investigation must determine: "Whether an individual has the motive and means to develop or act on an opportunity to attack a protected person. A primary task of the investigator is to gather information, some of which may later be used as evidence, that can be used to determine whether the individual poses a threat to a protected person." - U.S. Department of Justice.

90% of security leaders view bot management as a top priorityHUMAN published a research into security leaders' perceptions of and responses to sophisticated bot attacks. May 2021 Patch Tuesday: Adobe fixes exploited Reader 0-day, Microsoft patches 55 holesAdobe has fixed a Reader flaw exploited in attacks in the wild, as well as delivered security updates for eleven other products, including Magento, Adobe InDesign, Adobe After Effects, Adobe Creative Cloud Desktop Application, and others.

IT pro Rob Dyke says an NHS-backed company not only threatened him with legal action after he flagged up an exposed GitHub repository containing credentials and insecure code, it even called the police on him. What happened next united infosec professionals across the world as well as triggering a crowdfundraiser and a behind-the-scenes legal war: we're told Apperta sent Dyke legal demands, and followed those up by alleging to the cops that he broke Britain's computer security laws.

Sophos' Rapid Response team had, among other things, the new Sophos XDR solution at their disposal - an industry-first extended detection and response solution that synchronizes native endpoint, server, firewall, and email security. Sophos XDR gathers relevant sensory information from the organization's entire IT environment and security ecosystem and allows threat hunters to view the complete picture and detect and inspect clues that may otherwise go unnoticed.

Power plants are one of the most vitally important components of modern civilization's infrastructure. At one time, power plant security only involved physically protecting facilities and generating equipment.

Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans deployed using a new and stealthy malware loader. "In the past few months, Microsoft has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT," Microsoft said.

As the world begins to open up and we crawl toward a brighter future, people are going to be looking for things to do and places to go - so we also expect to see social-engineering attacks start using things like travel and vacation deals to hook people. With many companies continuing to allow at least some of their employees to work remotely with no stipulated end date, security leaders have to stay abreast of the latest threats regarding edge access and browsers.

Threat hunting is one of the more recent methodologies implemented by IT professionals to find dormant or active threats on their network to better understand and harness network visibility and threat actor entry points. Although threat hunting's proactive appeal has made it an increasingly popular practice to secure networks, its success is only as valuable as the contextual information gathered within the network the threat was found in, which inherently requires a more sophisticated, comprehensive approach to threat detection and identification.