Security News

A Chinese threat actor tracked as Mustang Panda was observed using an updated arsenal of tools in recent attacks, Proofpoint's security researchers revealed on Monday. Also referred to as TA416 and RedDelta, the threat group is known for the targeting of entities connected to the diplomatic relations between the Vatican and the Chinese Communist Party, along with entities in Myanmar, and the new campaign appears to be a continuation of that activity.

A blog post published Thursday by cybersecurity firm Armorblox details how phishing campaigns are using some of the technologies available from Google and offers advice on how to protect yourself. In the post entitled "OK Google, Build Me a Phishing Campaign," Armorblox's co-founder and head of engineering, Arjun Sambamoorthy, explains that Google is a ripe target for exploitation due to the free and democratized nature of many of its services.

Linux endpoint detection and response will help Microsoft Defender customers secure Linux servers and networks against security nasties. Linux EDR will help Defender for Endpoint customers better protect Linux servers and networks and quickly take action against threats, Microsoft said.

Offensive Security has released Kali Linux 2020.4, the latest version of its popular open source penetration testing platform. ZSH is now Kali's new default shell on desktop images and cloud, Bash remains the default shell for other platforms for the time being.

Today, the California-based non-profit, which operates Let's Encrypt, introduced Prio Services, a way to gather online product metrics without compromising the personal information of product users. "Normally they would just send all of the metrics back to the application developer, but with Prio, applications split the metrics into two anonymized and encrypted shares and upload each share to different processors that do not share data with each other."

Businesses increasingly embrace the moving of multiple applications to the cloud using containers and utilize Kubernetes for orchestration, according to Zettaset. While many companies are eager to adopt these new cloud-native technologies, research shows that companies are not accurately weighing the benefits of enterprise IT innovation with inherent security risks.

Announcing the launch of Resilience Insurance, a newly formed program manager with insurance capacity rated "A+" by A.M. Best, provided through Intact Insurance Specialty Solutions' underwriting companies. "Resilience is reinventing cyber insurance by aligning our interests with those of the companies we insure," said Mario Vitale, President of Resilience.

The APT threat landscape is a mixed bag of tried-and-true tactics and cutting-edge techniques, largely supercharged by geo-politics, a report finds. Advanced persistent threat groups continue to use the fog of intense geopolitics to supercharge their campaigns, but beyond these themes, actors are developing individual signature tactics for success.

We'll guide you through the process of using Homebrew package manager to install security tools on macOS to perform reconnaissance, discovery, and fingerprinting of the devices on your network. Evidenced through the classic "I'm a Mac" ads, Macs were not immune to malware: It's just that with such a negligible market share, threat actors did not really target Apple devices as much as devices running Windows, which posed a much larger target-with greater rewards for their efforts.

These findings indicate that as SOCs continue to mature, they will deploy next-gen tools and capabilities at an unprecedented rate to address gaps in security. Further, the scale of technology needed to secure today's digital assets means SOC teams are relying more heavily on tools to effectively do their jobs.