Security News

A new academic study has highlighted a number of privacy and security pitfalls associated with recycling mobile phone numbers that could be abused to stage a variety of exploits, including account takeovers, conduct phishing and spam attacks, and even prevent victims from signing up for online services. Nearly 66% of the recycled numbers that were sampled were found to be tied to previous owners' online accounts at popular websites, potentially enabling account hijacks by simply recovering the accounts tied to those numbers.

XDR solves this problem by providing a single unified platform that will protect, detect and respond to incidences across the whole organization, preconfigured to be ready-to-go from deployment. Unlike many within the XDR market who merged multiple security products into one system, Red Piranha has built Crystal Eye XDR from the ground up, limiting the need for product integrations, as everything has been developed as one unified platform.

Accenture has made a strategic investment, through Accenture Ventures, in Prevailion, a next-generation cyber intelligence company that provides clients with expansive visibility into malware across their organization and supply chains with early detection of advanced threats through adversary counterintelligence. The investment will enhance Accenture's ability to provide clients with advanced indications and warnings of cyber threats through actionable evidence of malware that has potentially compromised their systems and third-party ecosystems, which are increasingly prime targets for cybercriminal and espionage actors.

Imagine law enforcement reaches out to a security team to tell them a threat actor is selling employee credentials or private access keys to a sensitive business application. Even though there is no confirmation that these threat actors accessed or stole data, it is very troubling.

According to the index, which surveyed 902 organizations in the financial services sector, 74 percent have experienced a rise in cybercrime since the pandemic began, with 42 percent of banks and insurers revealing the remote working model has made them less secure. 44 percent were also concerned that this has led to less visibility of potential holes in their network or infrastructure and a further 37 percent of FIs believe their customers are now at greater risk of cybercrime or fraud.

The Alaska Court System has temporarily disconnected most of its operations from the internet after a cybersecurity threat on Saturday, including its website and removing the ability to look up court records. The threat blocked electronic court filings, disrupted online payments and prevented hearings from taking place by videoconference for several days, officials said.

QNAP NAS devices under ransomware attackQNAP NAS device owners are once again under attack by ransomware operators, who are exploiting a recently fixed vulnerability to lock data on vulnerable devices by using the 7-Zip open-source file archiver utility. Q1 2021 ransomware trends: Most attacks involved threat to leak stolen dataThe vast majority of ransomware attacks now include the theft of corporate data, Coveware says, but victims of data exfiltration extortion have very little to gain by paying a cyber criminal.

Shadow admins pose a threat to organizations because these accounts have privileged access to perform limited administrative functions on Active Directory objects. Threat actors seek shadow admin accounts because of their privilege and the stealthiness they can bestow upon attackers.

While there is not one exact industry wide definition, threat modeling can be summarized as a practice to proactively analyze the cyber security posture of a system or system of systems. In short, threat modeling answers questions as "Where am I most vulnerable to attacks?", "What are the key risks?", and "What should I do to reduce these risks?".

Threat detection and response solutions provider Vectra AI on Thursday announced that it has raised $130 million at a valuation of $1.2 billion, which makes the company the latest cybersecurity unicorn. The funding, which brings the total raised by the firm to $350 million, was led by Blackstone Growth, with participation from existing investors.