Security News

The head of Britain's National Cyber Security Center has warned it is ransomware that's the key threat for most people. "What I find most worrying isn't the activity of state actors," NCSC chief exec Lindy Cameron told a national security audience, joining the chorus of organisations calling out ransomware criminals as the number one cybersecurity threat of the moment.

Norton Labs revealed the top cybersecurity trends from January to March 2021. Phishing campaigns remained the number one threat to consumer cyber safety, with top scams relating to the pandemic, including vaccine-oriented, financial relief, and tech support scams.

The partnership features a joint solution enabling customers to leverage Flashpoint's advanced threat intelligence within the Cyware Virtual Cyber Fusion platform, equipping security analysts with the enriched and actionable threat intelligence they need to make and act on critical security decisions. With this integration, Flashpoint's threat intelligence becomes a core feature in Cyware's CTIX Lite solution, a uniquely designed threat intelligence platform for smaller cybersecurity teams and mid-sized organizations with pre-bundled intelligence and enrichment sources for end-to-end automation of the entire intelligence lifecycle.

Following the devastating attack on Colonial Pipeline, the largest refined products pipeline in the United States, the Cybersecurity and Infrastructure Security Agency released a fact sheet focusing on the threat posed by ransomware to operational technology assets and industrial control systems. Learn more about threats to industrial systems at SecurityWeek's ICS Cyber Security Conference and SecurityWeek's Security Summits virtual event series.

The Recorded Future co-founder and CEO this week unveiled The Intelligence Fund, an in-house initiative that sets aside $20 million to invest in seed-stage and Series A startups in the nascent threat-intelligence space. Flush with cash from its own $780 million sale to private equity firm Insight Partners, Ahlberg says Recorded Future wants to make early bets on entrepreneurs taking new approaches to collecting and parsing data to feed into security intelligence tools.

The native integration of Acronis Cyber Protect Cloud with Advanced Email Security means MSPs can use one solution to extend their cyber protection services to protect their clients' Microsoft 365, Google Workspace, Open-Xchange mailboxes, or on-premises mail server. "We are thrilled to partner with Acronis to power the leading Acronis Cyber Protect Cloud solution, with Perception Point, integrated as the Advanced Email Security pack," said Yoram Salinger, CEO of Perception Point.

Maltego Technologies and Farsight Security announced that Farsight DNSDB Transforms for Maltego, first launched in 2018, have now been updated to include DNSDB Flexible Search. Farsight DNSDB, together with Maltego, with its node-based graph, enables threat hunters, incident responders and other investigators to easily identify patterns and connections associated with cybercrime activities, with more accurate threat intelligence and faster response to today's threats.

ITC Secure announced it has joined the Microsoft Intelligent Security Association, an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to better defend against a world of increasing threats. This announcement follows the recent successes of ITC achieving Microsoft Gold Partner competencies for Security in May 2021 and Cloud Platform in November 2020.

FINRA, the U.S. securities industry regulator, has warned brokerage firms of an ongoing phishing campaign threatening recipients with penalties unless they provide the information requested by the attackers. Org domain used in these ongoing phishing attacks was registered on June 7 using the Hosting Concepts B.V. domain registrar.

CISA has partnered with the Homeland Security Systems Engineering and Development Institute, which worked with the MITRE ATT&CK team, to issue guidance to help cyber threat intelligence analysts make better use of MITRE ATT&CK. MITRE ATT&CK is a knowledge base of adversary information widely used by network defenders as they analyze and report on security threats. A solid understanding of how to apply ATT&CK can be used to develop adversary profiles; conduct activity trend analyses; and be incorporated into reporting for detection, response, and mitigation purposes, the document states.