Security News

Access to Mexico's Lotería Nacional and Pronósticos lottery websites are now blocked to IP addresses outside of Mexico after a ransomware gang threatened to perform denial of service attacks. Lotería Nacional is the government-run national lottery system of Mexico, operating under Mexico's Ministry of Finance.

Considering recent announcements of major attacks caused by external malicious actors, including a ransomware attack on a U.S. gasoline pipeline, the need for increased security posture is as important as ever, and multilayered security remains the key. President Joe Biden signed an executive order this week that includes initiatives aimed at improving the nation's cybersecurity; across the Atlantic, a recent report by the U.K.'s National Cyber Security Centre shows how the U.K. is ramping up its cybersecurity defense measures.

Delivered through an elegant single pane of glass and deployed in a matter of hours, IntSights' External Threat Protection Suite provides enterprise-grade external threat intelligence and IOC management capabilities enabling security teams to defend against a rapidly evolving threat landscape while significantly reducing their workload. Centralizing the collection, management, and integration of dozens of threat intelligence sources in the same platform, security teams can streamline investigation and proactively block threats with IntSights' built-in TIP capabilities. "The enhancements we continue to make to the IntSights ETP allow these teams to significantly streamline threat investigations and proactively block threats from within their connected security devices. Our mission is to empower every organization with threat intelligence, and you just can't utilize TI successfully without built-in TIP capabilities."

NetWitness introduced NetWitness Cloud SIEM, a cloud-based threat detection and response solution that delivers pervasive visibility, multi-faceted analytics, and automated response capabilities without the need for on-premise deployment and administration. NetWitness Cloud SIEM provides enterprises with the same rich log management, retention, reporting, and analytics services long utilized by on-premise customers for threat detection and response, but in cloud form.

ZeroFOX announced the release of the largest App Library enabling security teams to streamline their response to external threats through effective threat intelligence enrichment, alert orchestration and incident remediation. Enterprise security teams can easily engage with hundreds of platforms including Elastic, Swimlane, D3 Security and Maltego within the ZeroFOX Platform.

In this presentation, Microsoft's John Lambert will talk about how it's more important than ever for defenders and organizations to come together and better share information that can help the entire ecosystem protect against emerging threats. The good news is there are industry frameworks and sharing mechanisms already in place to facilitate actionable threat intelligence and defense collaboration.

While privateer cybercriminal groups are not specifically state-sponsored, they may carry out activities of the protecting state anyway due to pressure to engage in specific actions or target specific entities, according to the post. Privateers fall in the third tier of cybercrime groups below those specifically sponsored by governments at the top, commonly known as APTs and which receive explicit direction and financial support by a nation-state.

A new attack group called Agrius is launching damaging wiper attacks against Israeli targets, which researchers said are hiding behind ransomware to make their state-sponsored activities appear financially motivated. Researchers added that the wiper attacks were conducted using a secondary malware called "Deadwood", which Sentinel Labs said has "Unconfirmed links to an Iranian threat group."

As cyberattacks snowball and insider threats become an ever-larger part of the problem, it may be time to move beyond purely software-based cyber-defenses. Insider threats have become an alarmingly significant source of risk.

An FBI analyst with top-secret security clearance illegally squirreled away national-security documents related to Osama bin Laden, al-Qaeda, cybersecurity and more in her home for years, the feds say. Kendra Kingsbury, who was working in the FBI's Kansas City Division until being put on leave in December 2017, has been indicted by a federal grand jury for allegedly routinely removing numerous documents from their safekeeping at the office, over and over during the period between June 2004 to Dec. 15, 2017.