Security News

Arista Networks announced an Attack Surface Assessment, an advanced security service delivered through the recent acquisition of Awake Security. "To make matters worse, sponsored groups can steal intellectual property and attack resources that are now in the wild. Big companies and banks are still getting hacked and technologies like IoT are huge threats. We need to reboot security and make it simple to manage. I believe Arista Networks is simplifying security."

Initially detailed in February 2020, VBA purging involves the use of VBA source code only within Office documents, instead of the typically compiled code, and ensures better detection evasion. Malicious Office documents have VBA code stored within streams of Compound File Binary Format files, with Microsoft's specifications on VBA macros storing VBA data in a hierarchy containing different types of streams.

Smart-security practices like not sharing passwords with anyone and multi-factor authentication are two simple ways to prevent this type of personal insider threat, Dan Conrad, field strategist with One Identity, told Threatpost. "People assume that they should change their passwords after a big life event if you're following strong password hygiene practices, an individual's password shouldn't be affected by [this], as no one else should have access to the password in the first place," Conrad said in an emailed response to the report.

State actors can draw upon the skills and resources of their national intelligence communities, while state-sponsored actors, while not actually part of a state organization, can still draw upon the financial and technical assets of their sponsors. Another fundamental difference between "Civilian" and "State" actors is that law-enforcement agencies are better equipped to address threat actors who don't have state backing.

Security defense strategy can be extremely complex, with security teams grappling with tens of thousands of information points and evolving attacker techniques, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs. FortiGuard Labs has created threat playbooks to help companies deal with this complexity, by exposing attack techniques utilized by attackers.

A recent Verizon report highlighted social engineering as a top target for bad actors, and the threat is only expected to grow in the year ahead. COVID-19 was in the news nonstop this past year, and threat actors are expected to continue to take advantage of it in 2021. Healthcare providers are doing everything they can to deploy new systems and support more patients online, while bad actors seek out high-value, vulnerable targets.

When we talk about insider threats, in reality, we're usually talking about people who have made a mistake that led to a breach of company information. A disgruntled employee chooses to leak data and cause the company harm.

Anomali has added new features and capabilities across its product suite that further automate and speed essential tasks performed by threat intelligence and security operations analysts. To provide capabilities that work in real-world investigation scenarios, Anomali Threat Research analysts applied their expertise to aid in the design and development of pre-customized, themed threat intelligence dashboards.

Trend Micro announced the world's first cloud-native, fully serverless file storage security tool for organizations building applications in the cloud. Trend Micro Cloud One - File Storage Security is designed to mitigate threats across the cloud environment and support strict compliance requirements.

Find out two steps your business can take now to prepare employees, as well as infrastructure, for possible quantum computing-related cybersecurity risks. In his HelpNetSecurity article Quantum computers: How to prepare for this great threat to information security published on Nov. 6, 2020, Kaafarani begins by stating that quantum computers can introduce a huge security challenge.