Security News

An unfortunate byproduct of the employee turnover is the cybersecurity threat that comes with having a significant number of former employees. "A lot of companies fail to have clear policies or a checklist that employers use for post-employee separation. This is extremely important because failing to do so is going to involve a lot of things but the most important thing is that you want to make sure that the former employee or even a subcontractor that previously had access to the organization's technologies and systems is completely locked out," Guccione said in an interview.

New DNS vulnerabilities have the potential to impact millions of devicesForescout Research Labs, in partnership with JSOF, disclosed a new set of DNS vulnerabilities, dubbed NAME:WRECK. FBI removes web shells from hacked Microsoft Exchange serversAuthorities have executed a court-authorized operation to copy and remove malicious web shells from hundreds of vulnerable on-premises versions of Microsoft Exchange Server software in the United States. The benefits of cyber threat intelligenceIn this Help Net Security podcast, Maurits Lucas, Director of Intelligence Solutions at Intel 471, discusses the benefits of cyber threat intelligence.

The office of the Director of National Intelligence released its "Annual Threat Assessment of the U.S. Intelligence Community." Cybersecurity is covered on pages 20-21. Cyber threats from nation states and their surrogates will remain acute.

In these new roles, we are struggling to find the top tier of the ever-expanding next generation of threat experts. In career advice calls and meetings with young adults over the past couple of years, I've noticed an unexpected and common pattern emerge with Ivy League fresh grads with cybersecurity degrees, people considering a career transfer with little formal infosec training, and everyone in between.

Flashpoint announced two new product offerings in the past two weeks: Flashpoint Brand Protection and Flashpoint Card Fraud Mitigation. These two new products from Flashpoint further extend the capabilities that enterprises and government agencies have at their disposal to mitigate fraud and protect against physical and cyber threats anywhere online.

Threat Stack announced its ability to support AWS Graviton2-based instances through the Threat Stack Cloud Security Platform. The rapid adoption of AWS Graviton2 workloads presents a challenge for security leaders as many of today's legacy tools do not support it.

Surging numbers of COVID-themed attacks, PowerShell trojans, along with the SolarWinds compromise and the continued spread of Sunburst malware were major contributors to a massive spike in the number of observed attacks in the wild during the last half of 2020, which McAfee's said averaged 588 attacks per minute within its telemetry during Q3 and Q4 of 2020. Researchers observed an average of 648 threats per minute in Q4 in the wild, an increase of 10 percent over the third quarter a continued upward trend from the 40 percent jump compared to Q2 2020, McAfee's latest threat report said.

How do such products fare on security? Though the community-based approach toward open source means that security flaws should be identified quickly, patching those flaws and applying the patches is another matter. In a report released Tuesday, design automation company Synopsys looked at commercial applications that use open source code to see how they dealt with security flaws.

In this Help Net Security podcast, Maurits Lucas, Director of Intelligence Solutions at Intel 471, discusses the benefits of cyber threat intelligence. You need to plan and invest both time and resources well ahead of time to make sure you're at the right position at the right time to collect intelligence.

Threat actors are using legitimate corporate contact forms to send phishing emails that threaten enterprise targets with lawsuits and attempt to infect them with the IcedID info-stealing malware. IcedID is a modular banking trojan first spotted in 2017 and updated to also deploy second-stage malware payloads, including Trickbot, Qakbot, and Ryuk ransomware.