Security News

Power plants are one of the most vitally important components of modern civilization's infrastructure. At one time, power plant security only involved physically protecting facilities and generating equipment.

Microsoft warns of an ongoing spear-phishing campaign targeting aerospace and travel organizations with multiple remote access trojans deployed using a new and stealthy malware loader. "In the past few months, Microsoft has been tracking a dynamic campaign targeting the aerospace and travel sectors with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AsyncRAT," Microsoft said.

As the world begins to open up and we crawl toward a brighter future, people are going to be looking for things to do and places to go - so we also expect to see social-engineering attacks start using things like travel and vacation deals to hook people. With many companies continuing to allow at least some of their employees to work remotely with no stipulated end date, security leaders have to stay abreast of the latest threats regarding edge access and browsers.

Threat hunting is one of the more recent methodologies implemented by IT professionals to find dormant or active threats on their network to better understand and harness network visibility and threat actor entry points. Although threat hunting's proactive appeal has made it an increasingly popular practice to secure networks, its success is only as valuable as the contextual information gathered within the network the threat was found in, which inherently requires a more sophisticated, comprehensive approach to threat detection and identification.

This collaboration amplifies Darktrace's self-learning artificial intelligence for cyber security within Microsoft environments, including Microsoft 365 and cloud applications like Azure Sentinel. The partnership between Microsoft and Darktrace provides enhanced security across multi-platform and multi-cloud environments, automates threat investigations, and enables teams to prioritize strategic tasks that matter.

Army researchers developed a deepfake detection method that will allow for the creation of state-of-the-art soldier technology to support mission-essential tasks such as adversarial threat detection and recognition. Researchers at the U.S. Army Combat Capabilities Development Command, known as DEVCOM, Army Research Laboratory, in collaboration with Professor C.-C. Jay Kuo's research group at the University of Southern California, set out to tackle the significant threat that deepfake poses to our society and national security.

Combining data collected by the SentinelOne platform and Arete's frontline intelligence gained from thousands of incident response engagements, the new offering enables significantly broader protection for organizations of all types and sizes. Application of Arsinal threat hunting and auto-defense schema directly into SentinelOne client consoles, continuously hardening defenses against the latest malware and threat variants identified and remediated by Arete Experts.

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online services. Nearly 66% of the recycled numbers that were sampled were found to be tied to previous owners' online accounts at popular websites, potentially enabling account hijacks by simply recovering the accounts tied to those numbers.

XDR solves this problem by providing a single unified platform that will protect, detect and respond to incidences across the whole organization, preconfigured to be ready-to-go from deployment. Unlike many within the XDR market who merged multiple security products into one system, Red Piranha has built Crystal Eye XDR from the ground up, limiting the need for product integrations, as everything has been developed as one unified platform.

Accenture has made a strategic investment, through Accenture Ventures, in Prevailion, a next-generation cyber intelligence company that provides clients with expansive visibility into malware across their organization and supply chains with early detection of advanced threats through adversary counterintelligence. The investment will enhance Accenture's ability to provide clients with advanced indications and warnings of cyber threats through actionable evidence of malware that has potentially compromised their systems and third-party ecosystems, which are increasingly prime targets for cybercriminal and espionage actors.