Leaked Files From Iran Cyber Units Shows Interest in Targeting ICS | How Low-level Hackers Access High-end Malware

Rebooting phone can thwart top phone hackers | Researchers Link Mysterious 'MeteorExpress' Wiper to Iranian Train Cyberattack

Visit SecurityWeek.Com | Advertise | Contact   Webcasts RSS Feed 07.29.21 Thursday, July 29, 2021 2021 ICS Cyber Security Conference Back, In-Person Oct. 26-28, 2021. Registration and Call for Papers (CFP) is Open! Register by July 31 and Save $400 Protect: The Second Pillar in Your Journey to Improve Industrial Cybersecurity Posture Wherever you are on your industrial cybersecurity journey, the important thing is to start strengthening cyber defenses and resilience now. Read the Full Column by Yaniv Vardi Leveraging People in the Email Security Battle Leveraging humans for detection makes it hard for the attackers to predict whether or not their malicious emails will be identified and using technology to automate response provides scale and speed in resolution. Read the Full Column by Keith Ibarguen Creating an Effective Threat Hunting Program with Limited Resources The more you identify within your threat hunting program, the more opportunity you may have at expanding with additional budget. Never let an incident go to waste. Read the Full Column by Tim Bandos Leading Threat to Industrial Security is Not What You Think ICS operators need additional methods of obscuring their critical infrastructure from cyber security threats and tactics while allowing teams to more anonymously conduct incident detection and response. Read the Full Column by Gordon Lawson Is Your SecOps Solution Keeping Up? Trying to keep track of the who, what, when, where, and how of today's network has broken the backs of many SecOps teams. Read the Full Column by John Maddison Zero Trust, We Must Until organizations start implementing identity-centric security measures, account compromise attacks will continue to provide an easy entree for data breaches. Read the Full Column by Torsten George Success of Ransomware Attacks Shows the State of Cybersecurity The fact that so many large and high-profile enterprises fall prey to ransomware attacks that in many cases does not pose any new technical challenge suggests that there are still many gaps that needs to be closed. Read the Full Column by Idan Aharoni Collective Intelligence: Realities and Hardships of Crowdsourced Threat Intel We are a community with grand ideas around the concept of crowdsourced threat intel (CTI), but with little history or previous successes that show CTI as a viable idea. Read the Full Column by Rob Fry Three Approaches to an XDR Architecture If you view XDR as a destination and not a solution, regardless of the path you take, you will need to understand the focus and core competencies of each vendor, Read the Full Column by Marc Solomon TXOne Networks Adaptive ICS Cybersecurity Focused on ICS security architecture and security control, requiring no changes to existing architecture. Learn More See All Recent Articles at SecurityWeek.Com Leaked Files From Iran Cyber Units Shows Interest in Targeting ICS: Classified files apparently leaked from an Iranian cyber unit show that the country is looking to improve its offensive cyber capabilities, including against ICS. Read More Turn Off, Turn On: Simple Step Can Thwart Top Phone Hackers: At a time of widespread digital insecurity it turns out that the oldest and simplest computer fix there is — turning a device off then back on again — can thwart hackers from stealing information from smartphones. Read More How Low-level Hackers Access High-end Malware: Hacking tool downloads from underground forums are increasing, and the tools are becoming more sophisticated; low-level hackers are gaining access to hacked versions of sophisticated tools; access broking is growing; and existing tools are repurposed for more aggressive attacks. Read More BlackCloak Raises $11 Million for Its Executive Protection Platform: BlackCloak, a company that provides cyber protection services for corporate executives and high-profile individuals, has raised $11 million in a Series A funding round. Read More Researchers Publish Details on Recent Critical Hyper-V Vulnerability: Guardicore Labs provides full details on CVE-2021-28476, a critical vulnerability in Hyper-V's virtual network switch driver. Read More MSSP SolCyber Emerges From Stealth With $20 Million Series A Funding: SolCyber has emerged from stealth with $20 million in Series A funding from ForgePoint Capital, claiming to be the first modern MSSP for the mid-market. Read More LogicGate Raises $113 Million in Series C Funding: The risk and compliance solutions provider will invest in an upcoming risk quantification solution, as well as in expanding its market presence globally. Read More Google Details New Privacy and Security Policies for Android Apps: Submissions and updates for applications that do not provide insight into their privacy and security practices will be rejected from Google Play starting April 2022. Read More eCommerce Fraud Prevention Firm Riskified Prices IPO at $21 Per Share: eCommerce fraud prevention company Riskified has priced its IPO at $21 per share and is hoping to raise more than $360 million. Read More Serious Vulnerabilities Found in Firmware Used by Many IP Camera Vendors: IP cameras from a dozen vendors are exposed to remote attacks due to serious vulnerabilities found in the firmware they all use. Read More US Acting to Better Protect Infrastructure From Cyberthreats: The Biden administration is eyeing ways to harden cybersecurity defenses for critical infrastructure. It's announcing Wednesday the development of performance goals and a voluntary public-private partnership to protect core sectors. Read More Foxit Plugs Multiple Security Holes in PDF Reader, Editor: Foxit Software patches vulnerabilities that put users at risk of remote code execution attacks via specially crafted PDF files. Read More US Gov Warning: VPN, Network Perimeter Product Flaws Under Constant Attack: A high-powered joint advisory calls attention to gaping holes in perimeter-type devices like VPN appliances, network access gateways and enterprise cloud applications. Read More Cyber Asset Management Platform Noetic Launches With $20 Million in Funding: The company relies on API aggregation and correlation to gather data from multiple security and IT management tools. Read More Hospital Network Reveals Cause of 2020 Cyberattack: A cyberattack that crippled the computer systems of University of Vermont Health Network last fall happened after an employee opened a personal email on a company laptop while on vacation. Read More Survey Shows Reasons for Cloud Misconfigurations are Many and Complex: A survey shows the most prevalent attacks against the cloud correlate with the most common misconfigurations experienced by respondents. Read More University of San Diego Health Says Personal Information Stolen in Data Breach: UC San Diego Health says unauthorized access to employee accounts resulted in names, healthcare data, SSNs, payment details, and other sensitive information getting compromised. Read More To help make sure the SecurityWeek Briefing reaches you, please add news@securityweek.com to your address book. © 2021 Wired Business Media Visit SecurityWeek.Com | Twitter | Advertise | Contact

SecurityWeek | 40 Warren Street, Charlestown, MA 02129 Unsubscribe cyberdefense974.77330@blogger.com Update Profile | Constant Contact Data Notice Sent by news@securityweek.com