This is a short round-up of some of the security news that was published over the last week. We may continue this into the future and will iterate it as time passes. Included in this list is a brief look at the updates from Europol .
The Dutch Fiscal Information and Investigation Service (FIOD) arrested a 55-year-old individual on 27 September with the support of Europol. The individual was believed to be circumventing the EU trade sanctions against Russia.
The Italian Financial Corps (Guardia di Finanza), supported by Europol, has dismantled a criminal network which relied on corrupt workers in the port of Gioia Tauro to smuggle hundreds of millions of euros’ worth of cocaine into Europe.
Europol supported Spanish National Police (Policía Nacional) and the Spanish Regional Catalan Police (Mossos d’Esquadra) to dismantle an organised crime group involved in the production and distribution of counterfeit euro banknotes. The operation seized €4 million in fake €500 Euro bills.
On 5 October 2022, the Ministry of Interior of the State of Qatar and the European Union Agency for Law Enforcement Cooperation (Europol) signed a Working Arrangement in order to support the Member States of the European Union and Qatar in preventing and combating serious crime and terrorism.
Europol held the 2022 European Police Chiefs Convention (EPCC) at its headquarters. It brought together 380 representatives from 49 countries. They discussed ways to address today’s security challenges while securing tomorrow’s opportunities.
LogRhythm
LogRhythm unveiled LogRhythm Axon, a groundbreaking, cloud-native security operations platform. Axon enables security teams to achieve seamless visibility across both cloud and on-prem log sources, establishing a foundation for their security practices. It provides an intuitive and simple interface that enables users to increase the efficiency of their SecOps.
Chris O’Malley, CEO of LogRhythm, commented: “As allies in the fight against digital weaponization, we are obsessed with continuously improving the way we work to deliver innovation customers care about.
“We are dedicated to helping customers meet rising security expectations by keeping our promise of delivering quarterly innovation to both the Axon platform as well as our entire product portfolio. With LogRhythm Axon, SIEM, NDR, and UEBA, we are helping busy and lean security teams proactively detect threats, efficiently investigate incidents, and ultimately keep their business and customers safe, day after day.”
LogRhythm also announced updates to its existing platform. It added features to LogRhythm SIEM, LogRhythm UEBA and LogRhythm NDR.
ManageEngine
ManageEngine announced that ADSelfService Plus, an identity security solution with MFA, SSO and self-service password management capabilities, has released MFA for Windows User Account Control (UAC) prompts that require credentials for added security. This feature is available as part of the product’s Endpoint MFA add-on.
Parthiban Paramasivam, director of product management, ADSelfService Plus, commented, “When implementing MFA for a stringent security framework like Zero Trust, enterprises must leave no stone unturned. Protecting UAC prompts with MFA is crucial, as misuse of administrator credentials can provide elevated permissions into the domain network and lead to sensitive data exposure and theft. ADSelfService Plus helps secure UAC prompts and thwarts bad actors from gaining privileged domain access, without disrupting the workflow of genuine users.”
Pricing for the Endpoint MFA add-on of ADSelfService Plus starts at $395 annually for 500 users.
Microsoft
Building a Holistic Insider Risk Management program is the first Microsoft report that looks at addressing insider risk. The report lays out several new insights about how organizations go from a fragmented approach to insider risk management to a holistic one, addressing potential risks from multiple lenses as part of a greater data protection strategy, with cross-leadership buy-in.
In a blog, Bret Arsenault, Corporate Vice President and Chief Information Security Officer, Microsoft explains how Microsoft addressed the problem, holistically. He noted, “To be effective in addressing insider risks, it’s critical that organizations start thinking about how and why they should be implementing a holistic data protection strategy across their entire organization that encompasses people, processes, training, and tools.”
