Logical Security

RSS

It sounds simple: a company must be a safe place to work, and people will want to work for companies that make them feel safe. Companies have a duty of care and responsibility to keep employees safe, even as many work remotely. But as enterprises undergo digital transformation, physical security has at times been left behind (with legacy and outdated technology systems) despite a rise in threatening events and its increasing importance for corporations. Embracing digital protective intelligence and making safety a priority is not just a way to support wise corporate values, but given the potential loss of life and the cultural, bottom line and brand reputation damage that could occur, must be a mandate for modern business operations.

BlackBerry released new research highlighting the true reach and sophistication of one of the most elusive, patient, and effective publicly known threat actors – BAHAMUT. In the report, BlackBerry researchers link the cyberespionage threat group to a staggering number of ongoing attacks against government officials and industry titans, while also unveiling the group’s vast network of disinformation assets aimed at furthering particular political causes and hampering NGOs. 

Microsoft recently warned that more cybercriminals have started to incorporate exploit code for the ZeroLogon vulnerability in their attacks.  Threat actor TA505, a financially motivated threat group that has been active since at least 2014, is now exploiting this vulnerability. 

The National Security Agency announced the official launch of the Center for Cybersecurity Standards (CCSS) in the Cybersecurity Directorate. This office will lead NSA’s Cybersecurity mission to engage with standards bodies to communicate security requirements and influence standards to secure our National Security Systems and provide support to the Defense Industrial Base (DIB).

McAfee and the University of California, Berkeley’s Center for Long-Term Cybersecurity (CLTC) released a new research study, MITRE ATT&CK as a Framework for Cloud Threat Investigation, developed by CLTC researchers. The report focuses on threat investigation in the cloud through the lens of the most widely adopted framework, MITRE ATT&CK.

SEC emeritus faculty George Campbell has been recognized with the 2020 U.S. Outstanding Security Performance Award (OSPA) for Lifetime Achievement. The winners were announced September 25.

As the 2020 U.S. presidential election nears, there has been a rise in mercenary hacking groups and cyber espionage. Some say this a direct result of the current administrations’ increasingly isolationist global foreign policy, and that the U.S.’ status in the global cyber domain should be a major discussion point before November.

The National Security Agency (NSA) has chosen Cal State San Bernardino to be a leader of its core workforce development initiative, selecting it for a $10.5 million grant and naming the university’s Cybersecurity Center as the Community National Center for Cybersecurity Education. This prestigious designation illustrates CSUSB’s continued prominence as the premier institution of higher education for cybersecurity education and took effect Sept. 18, 2020. 

Emotet — a sophisticated Trojan commonly functioning as a downloader or dropper of other malware — resurged in July 2020, after a dormant period that began in February. Since August, CISA and MS-ISAC have seen a significant increase in malicious cyber actors targeting state and local governments with Emotet phishing emails. This increase has rendered Emotet one of the most prevalent ongoing threats.