Week in review: Fileless malware, key risk areas in 2021, Patch Tuesday forecast

Here’s an overview of some of last week’s most interesting news, articles and reviews:

January 2021 Patch Tuesday forecast: New focus on security and software development
2020 is in the rearview mirror and most of us can’t get away fast enough. It was a year unlike any other, but 2021 looks to be unique as well.

We got used to SMS notifications and phishers are capitalizing on it
A rising onslaught of phishing messages delivered via SMS (aka “smishing”) has been hitting mobile users around the world in the last few months.

Review: Code42 Incydr – SaaS data risk detection and response
Incydr is Code42’s new SaaS data risk detection and response solution, which enables security teams to mitigate file exposure and exfiltration risk without disrupting legitimate collaboration.

As holiday mobile commerce breaks records, retail apps display security red flags
Driven by the pandemic, many consumers rely on mobile apps to buy everything from daily essentials to holiday gifts. However, according to a recent analysis, there are some alarming security concerns among some of the top 50 Android retail mobile apps.

A closer look at fileless malware, beyond the network
Most modern endpoint protection (EPP) services are capable of easily identifying traditional malware payloads as they are downloaded and saved on the endpoint, which means attackers have now turned to fileless malware techniques that never touch the victim’s storage.

Users can be manipulated to share private information online
Online users are more likely to reveal private information based on how website forms are structured to elicit data, Ben-Gurion University of the Negev (BGU) researchers have determined.

Three ways formal methods can scale for software security
Security is not like paint: it can’t just be applied after a system has been completed. Instead, security has to be built into the system design. But how can we know that a system design is secure against a particular attack? And how can we know that the system implements that design correctly?

A hacker’s predictions on enterprise malware risk
While many companies are not likely to directly face nation-state attacks, the threat landscape is steadily changing, forcing security programs of all sizes to remain agile and resilient. The pandemic changed our way of life so quickly that IT infrastructure drastically shifted to keep up and this changed the shape of organizations’ attack surfaces.

Review: Alice & Bob Learn Application Security
The book gives essential and useful information on how to create applications in a secure way, making sure your clients get exactly what they were looking for.

How to make sure the switch to multicloud pays off
With so much to gain by dipping their toes into multiple cloud pools, it should come as no surprise that Flexera recently reported that more than 90% of enterprises are embracing multicloud architectures.

2021 key risk areas beyond the pandemic
Healix International has identified six key areas of risk – besides the continued impact of COVID-19 – for global organizations in 2021.

Hospitals under siege: 5 ways to boost cybersecurity as the COVID-19 vaccine rolls out
After a spate of cyberattacks on organizations involved in developing COVID-19 vaccines, there are growing concerns that hackers are taking aim at the distribution systems currently ramping up.

60% of companies’ IT modernization programs not ready for the future
Many corporate IT leaders say their organizations are not prepared for the future IT needs of the business and nearly all are moving to advance their transition to cloud infrastructure, according to an IBM survey of leaders at mid-sized and large companies in the United States and United Kingdom.

The fight to stymie adversarial machine learning is on
The use of machine learning (ML) technology is booming. This development is being driven by the many immediate gains that can be achieved using machine learning models in diverse domains, from image recognition to credit risk prediction.

Top five technology trends for the year ahead
IT underwent a major change in 2020 as organizations were forced to quickly adopt strategies to handle new cybersecurity threats and increased remote working and collaboration needs, according to Matrix Integration.

Sealed U.S. court records possibly accessed by SolarWinds attackers
The Administrative Office (AO) of the U.S. Courts has revealed on Wednesday that it is investigating whether sealed U.S. court records had been accessed by the SolarWinds attackers.

The 5G toolbox of defense
For the mobile communications industry, security has always held a prominent role. However, the onset of 5G – which introduces new network architectures, services and devices – raises the stakes and increases the challenge for network operators.

Enterprises waste $5.5 million on failed DX projects
Despite significant upheaval to organizations’ digital transformation plans, the pandemic has contributed to a surge in innovative projects, according to a research from Couchbase.

Why you should make cyber risk a business gain, not a loss
As companies continue to respond to the global pandemic, millions of their employees are working remotely, often from home. While this is the recommended response, it’s also creating new cyber risks.

Digital transformation taking shape in 2021
Welcome to the New Year, where we believe most organizations will continue to work through their digital transformation practices. These updated practices heavily impact IT and business leaders who need to expedite their migration to public clouds and in many situations minimize their physical data center footprint. With that comes numerous challenges, including data privacy and security.

Source

Leave a Reply