Threatpost |
Nuclear, Angler Exploit Kit Activity Has Disappeared
Threatpost Criminal hackers are fickle about their attack vectors. You need to look no further for evidence of this than their constant migration from one exploit kit to another. And while there is an expansive menu of exploit kits, attackers do seem to … |
Infosecurity Magazine |
APT 28 Group Ramps Up Activity Tenfold in 2015
Infosecurity Magazine In the past, we've seen groups such as Equation and Flame use malware to steal data from air-gapped networks. The Sofacy group uses such tools as well,” the team wrote. “The first versions of these new USB stealer modules appeared around February … Russian spy group adopts new tools to hack defense contractor networks |
The U.S. Senate Intelligence Committee has dropped a provision that would have required Internet companies to report on vaguely-defined terrorist activity on their platforms, a move that was strongly opposed by the industry and civil rights groups.
The controversial section 603 was included in the Intelligence Authorization Act for Fiscal Year 2016 but Senator Ron Wyden, a Democrat from Oregon, had put a hold on the bill, stating that he wanted to work with colleagues to revise or remove the provision so that the rest of the bill could move forward.
On Monday, Wyden said that the “vague & dangerous” provision had been removed from the bill and he would now be lifting the hold on it.
To read this article in full or to leave a comment, please click here
LightCyber is upgrading its endpoint detection and remediation platform so when it discovers bad behavior on the network it can also identify the machine and exact process that’s causing it, then shut the malware down.
LightCyber Magna 3.0 makes an important step in the evolution of endpoint security in that network behavior can by synched with endpoint telemetry to definitively say what’s behind the problem, says Lawrence Pingree, an analyst with Gartner. The big upside is that it saves time nailing down the cause and shutting down the exploit, which minimizes the damage, he says.
The company calls this new technology Network-to-Process Association (N2PA). Before, when the platform found bad behavior, security pros had to track down the cause of it manually, which isn’t 100% effective. “A human may not connect the dots,” Pingree says.
To read this article in full or to leave a comment, please click here