March 2, Agence France-Presse – (International) NSA chief worries about cyber attack on US infrastructure. The U.S. National Security Agency chief warned March 1 that attackers may try to execute a cyberattack against U.S. infrastructure similar to a 2015 Ukrainian incident in which a computer virus caused the networks of several regional electricity companies to go offline, and caused power grid failures throughout the country. Officials reported that partnerships between the public and private sectors were key to preventing such attacks. Source
March 1, SecurityWeek – (International) Kaspersky launches Targeted Attack protection platform. Kaspersky Lab released its new solution, Kaspersky Anti Targeted Attack Platform which can help companies reduce the risk of advanced threats and targeted attacks, detect security breaches and attempts to penetrate entities’ networks, and help organizations take immediate mitigation actions. The platform also helps predict where new targeted attacks will occur via an Advanced Sandbox, which provides an isolated environment for analysis of suspicious objects, as well as via a Targeted Attack Analyzer, which leverages data processing and machine learning technology to assess events and combine feedback from various analysis engines. Source
March 1, SecurityWeek – (International) Microsoft unveils Advanced Threat Protection service. Microsoft released its new service titled, Windows Defender Advanced Threat Protection which is designed to help organizations detect, investigate, and respond to advanced attacks on organizations’ networks and will bring a post-breach layer of protection to the Windows 10 security platform by using Windows behavior sensors, cloud-based security analytics, and threat intelligence. Source
March 1, SecurityWeek – (International) Google’s DLP for Gmail adds optical character recognition. Google Inc., reported it will be releasing a new set of features for its Data Loss Prevention (DLP) for Gmail which will help administrators set DLP policies to analyze common image types and extract text for policy evaluation, in addition to improving attachment scanning, setting new predefined content detectors, and increasing control over content detection thresholds through new features such as Optical character recognition (OCR). Source
March 1, Help Net Security – (International) BluVector 2.0: Machine-learning malware detection. Acuity Solutions reported it will be releasing its BluVector version 2.0, a malware detection solution, which will help companies identify threats, find previously unclassified and undetected attacks, and help security analysts understand how their organizations are being targeted within milliseconds. The threat detection appliance analyzes files from the Hypertext Transfer Protocol (HTTP), Simple Mail Transfer Protocol (SMTP), and File Transfer Protocol (FTP) protocols using BluVector’s machine-learning classification engine and extracts features from each file to determine if the file is malicious based on the device’s knowledge of benign and malicious files. Source
March 1, SecurityWeek – (International) Qualys launches threat intelligence solution. Qualys, a cloud security and compliance solutions provider, reported that its new ThreatPROTECT solution will let clients visualize, prioritize, and take action to minimize exposure from related vulnerabilities by collecting data via Qualys scanners and Qualys Cloud Agents, which will compare the data with Real-Time Threat Indicators (RTI) and provide clients with insights into which vulnerabilities should be addressed first. Source
February 29, SecurityWeek – (International) Buggy ESET update blocks many websites. ESET released version 13103 for its virus signature database after the company received complaints that version 13102 prevented thousands of endpoint users from accessing important websites such as eBay, Amazon, MSN, Google, and several news sources, due to false detection of JS/ScrInject.B and HTML/Refresh.BC trojan infections. Source