July 2020 - Page 2 of 5 - Cyber Security Minute

Integrated cloud-native security platforms can overcome limitations of traditional security products

Issued by: Help Net Security

To close security gaps caused by rapidly changing digital ecosystems, organizations must adopt an integrated cloud-native security platform that incorporates artificial intelligence, automation, intelligence, threat detection and data analytics capabilities, according to 451 Research. Cloud-native security platforms are essential The report clearly defines how to create a scalable, adaptable, and agile security posture built for…

Software Security

IT teams failing to deliver a positive remote employee experience

Issued by: Help Net Security

Conducted during the coronavirus pandemic, 1E unveils the findings of an analysis of the remote employee experience and the digital workplace in 2020. Vanson Bourne and 1E surveyed employees across eight industries in the United States and found that enterprise IT teams are failing to deliver a positive remote employee experience. Data shows IT has…

Malware & Threats

Threat highlight: Analysis of 5+ million unmanaged, IoT, and IoMT devices

Issued by: Help Net Security

A new study incorporates analysis of anonymized data from more than 5 million unmanaged, IoT, and IoMT devices in Ordr customer deployments across a variety of verticals including healthcare, life sciences, retail and manufacturing, between June 2019 and June 2020. Unmanaged devices Researchers identified real-world risks across a diverse set of connected devices, reaffirming the…

Cloud Security

Attackers exploit Twilio’s misconfigured cloud storage, inject malicious code into SDK

Issued by: Help Net Security

Twilio has confirmed that, for 8 or so hours on July 19, a malicious version of their TaskRouter JS SDK was being served from their one of their AWS S3 buckets. “Due to a misconfiguration in the S3 bucket that was hosting the library, a bad actor was able to inject code that made the…

Software Security

REMnux toolkit for malware analysis version 7 released

Issued by: Help Net Security

REMnux is a popular Linux-based toolkit for reverse-engineering malicious software which malware analysts have been relying on for more than 10 years to help them quickly investigate suspicious programs, websites, and document files. As the security industry matures, it becomes harder to keep track of all the tools that are available to assist with the…

Malware & Threats

RDP hijacking attacks explained, and how to mitigate them

Issued by: CSO

RDP hijacking definition One means of compromising systems cherished by malware authors is Remote Desktop Protocol (RDP). It provides a convenient way for system administrators to manage Windows systems and help users with troubleshooting an issue. RDP hijacking attacks often exploit legitimate features of the RDP service rather than purely relying on a vulnerability or…

Vulnerabilities

Emerging risk trends: Top risks to identify and address

Issued by: Help Net Security

Senior executives reported concerns around renewed outbreaks of the COVID-19 pandemic as their top emerging risk in the second quarter of 2020, according to Gartner. Gartner surveyed 131 senior executives across industries and geographies on the top concerns facing their businesses with results showing that the second wave of COVID-19 topped executives’ concerns, even as…

Vulnerabilities

20,000+ new vulnerability reports predicted for 2020, shattering previous records

Issued by: Help Net Security

Over 9,000 new vulnerabilities have been reported in the first six months of 2020, and we are on track to see more than 20,000 new vulnerability reports this year — a new record, Skybox Security reveals. Reshaping the way that people work 50% increase in mobile vulnerabilities highlights dangers of blurring line between corporate and…

Network Security

In addition to traditional DDoS attacks, researchers see various abnormal traffic patterns

Issued by: Help Net Security

In the first quarter of 2020, DDoS attacks rose more than 278% compared to Q1 2019, and more than 542% compared to the last quarter, as published in the Nexusguard Q1 2020 Threat Report. DDoS attacks have become a global risk, and as attacks continue to increase in complexity, further spurred by the pandemic, ISPs…

Application Security, Malware & Threats

More Fake Cryptocurrency Apps Deliver GMERA Malware to Mac Users

Issued by: Security Week

Previous attacks involving this malware family were observed leveraging malicious versions of the trading app Stockfolio, and security researchers also associated the GMERA Trojan with the activities of North Korean hackers. Recently identified campaigns featuring the malware involved the use of several websites that distributed malicious applications claiming to provide cryptocurrency trading capabilities. The cybercriminals…