Security News

How can security leaders maximize security budgets during a time of budget cuts?While some security programs have become bloated, many don't necessarily deserve to be cut. Given the gravity of today's situation, it's time for security leaders to step in and do what they can to justify spending that bolsters their company's overall security posture.

Intel is investigating reports that a claimed hacker has leaked 20GB of data coming from the chip giant, which appear to be related to source code and developer documents and tools. "The information appears to come from the Intel Resource and Design Center, which hosts information for use by our customers, partners and other external parties who have registered for access," an Intel spokesperson told SecurityWeek.

Many companies today have developed a Cybersecurity Incident Response plan. It's a sound security practice to prepare a comprehensive IR plan to help the organization react to a sudden security incident in an orderly, rational manner.

93% of security professionals lack the tools to detect known security threats, and 92% state they are still in need of the appropriate preventative solutions to close current security gaps, according to LogRhythm. Based on a global survey of more than 300 security professionals and executives, LogRhythm sought to understand the root causes of the stress under which security teams operate, obtain feedback on the ways in which it could be alleviated, and identify the best paths to remediation.

Collaboration security startup Polymer announced its official launch on Wednesday with a solution that automatically detects and redacts sensitive data shared by users in popular collaboration tools. When users share this type of information via one of the supported collaboration tools, Polymer automatically redacts sensitive information and ensures that the unredacted information can only be accessed by users that have been authorized in the Polymer administrative dashboard.

Microsoft has released several new enterprise security offerings to help companies meet the challenges of remote work. "Double Key Encryption uses two keys to protect your data-one key in your control, and a second key is stored securely in Microsoft Azure. Viewing data protected with Double Key Encryption requires access to both keys. Since Microsoft can access only one of these keys, your protected data remains inaccessible to Microsoft, ensuring that you have full control over its privacy and security," the company explained.

That's the reason why companies should constantly test their environments against TTPs. The baseline profiling of your core network components, OS, devices and apps, adversary simulations, achieving full visibility and analytics across many different network data sources, correlation, and understanding of how each component affects the other one seems like a good approach for dealing with cybersecurity risks. What's your take on using open source tools within an enterprise security architecture?

Twitter has confirmed that hackers leveraged internal tools to take over high-profile accounts and use them to post scam tweets. After containing the incident and closing the unauthorized access, Twitter confirmed that the hackers used social engineering to target "Employees with access to internal systems and tools."

A low-quality batch of malicious tools can sell for as low as $70, while a premium set can go as high as $6,000, according to the security research site Privacy Affairs. At the low end of the list, malware tools aimed at a global audience sell on average for as little as $70. However, this particular batch is sold as low quality, slow speed, and a low success rate.

For seven years, a Chinese threat actor has targeted the Uyghur ethnic minority with several malware families, including newly identified Android surveillance tools, mobile security firm Lookout reports. Malicious attacks focusing on Uyghurs are not new, with several of them publicly detailed over the years, targeting users of Windows PCs, Macs, and mobile devices.