This week the roundup includes numerous operational successes from Europol. There are also product launches from Datto, Noname Security and Sophos. Other news includes reports and updates from Dragos, Check Point Software, Fortra, Logpoint and Noname Security
Europol’s coordinated crackdown on e-commerce fraud has seen 59 scammers arrested and new investigative leads triggered all across Europe as part of the 2022 e-Commerce Action (eComm 2022).
An international operation supported by Europol targeting illegal timber trade in source and destination countries. The actions involved law enforcement authorities from Brazil, France, Italy, Netherlands, Portugal and Spain, and the Latin American Project EL PAcCTO.
The actions targeted networks involved in environmental crime, illegal logging, smuggling, tax evasion, money laundering and document fraud. More than 350 inspections took place in the joint action days in September. Investigators detected irregularities in connection to 17 companies (one in Italy, one in the Netherlands, three in Spain and 12 in Portugal).
Europol has published new training guidelines to coincide with the European Day on the Protection of Children against Sexual Exploitation and Sexual Abuse. This toolkit is the result of a collaboration between Europol’s European Cybercrime Centre (EC3) and the European Cybercrime Training and Education Group (ECTEG) in the framework of the GRACE project.
Between December 2021 and May 2022, operation OPSON XI seized more than 27,000 tons of fake food across 26 countries. The operation disrupted at least 8 criminal networks, according to Europol.
Spanish authorities have arrested 10 persons suspected of being involved in drug trafficking and money laundering in the second phase of an operation supported by Europol.
Check Point Software Technologies announced that it had been awarded State of CA Software License Program (SLP) Agreements through its six-channel partners to help alleviate the complexities of purchasing security products. The Agreements provide state and local agencies with a streamlined method to procure security software and solutions to assist with the industry’s digital transformation.
Frank Rauch, Head of Worldwide Channel Sales, commented, “Cyberattacks are becoming firmly entrenched as state-level weapons resulting in state and local agencies becoming key targets for cybercriminals. We are honored to be granted SLP Agreements with our partners so that together we can defend California agencies and provide highly rated cybersecurity solutions.”
The six partners are:
- Aurora Systems Consulting
- CarlNTech LLC
- Six Degrees Inc.
- MCI Communications Service LLC dba Verizon Business Services
Datto has announced Datto EDR. It has been specially built to help MSPs who want to improve their security posture and expand their security offerings to their SMB customers.
This highly effective tool provides additional layers of endpoint security by detecting suspicious behaviours that sophisticated threat actors leverage to bypass when using traditional antivirus. Each alert in the dashboard comes with a response function, which will help teams through the remediation process with detailed mitigation recommendations for the most common threats, allowing MSPs to become more self-sufficient.
Chris McKie, VP of Product Marketing for Security and Networking Solutions, said, “Standard security tools aren’t enough anymore. Threat actors have found ways to circumvent traditional security measures, making EDR tools more important than ever for catching suspicious activity and keeping businesses safe from increasingly sophisticated cyberattacks.”
Dragos published the first in a new monthly blog series that details the best practices for OT cybersecurity for under-resourced organizations. The first tip explains what to do if a ransomware message is displayed on an OT asset.
Dragos also released a new knowledge pack related to ICS/OT threat analytics, protocols, device data, and investigation playbooks to equip customers with visibility into their environments and the tools to respond. In this Knowledge Pack (KP-2022-008), Dragos assessed vulnerabilities affecting more than 200 hardware assets, including several from Phoenix Contact, Mitsubishi Electric, Hitachi Energy, Bachmann, Rockwell Automation, Siemens, Omron, and Emerson.
Fortra has appointed Matthew Schoenfeld as President. Schoenfeld joined Fortra from Absolute Software, where he was EVP and chief revenue officer overseeing global sales, channel partnerships, and the customer experience.
He has an impressive background in the technology and cybersecurity space developed over two decades, including his tenure as an executive in residence at Greylock Partners, senior vice president of the Americas and partner channel at FireEye and an advisory board member for Abnormal Security. Current president Jim Cassens will continue to support the business as an executive director.
Logpoint Global Services has investigated the IcedID banking trojan by analyzing samples from online sandboxes for its latest instalment of the Emerging Threats Protection Report. The report reveals that IcedID has diverse delivery methods, adding legal threats and spoof invoices to social engineering tactics.
In addition, IcedID has a complicated behavior. It has developed from a simple banking trojan into a gateway for more sophisticated and harmful cyberattacks. IcedID is now the second most widespread ransomware family trend, only surpassed by Emotet.
Doron Davidson, VP of Logpoint Global Services, said, “IcedID is the perfect example of how cybercriminals develop their sophisticated strategies while still using a traditional malware payload to reach their goals. The ability to detect IcedID is crucial to prevent ransomware attacks and stop a breach before any major damage is done.”
Noname Security launched Noname Recon, the latest addition to the company’s API Security Platform. With Recon, customers can now simulate an attacker performing reconnaissance on an organization’s domains, allowing them to rapidly find and fix issues – without any integrations, installations, or implementations required.
Shay Levi, Co-Founder and CTO at Noname Security, said, “One of the best ways to prevent a cyber attack is to stay ahead of cybercriminals. With APIs creating thousands of potential entry points to an organization, it’s no surprise that many hackers look to take advantage of these potential vulnerabilities.
“How do you beat a hacker? Think like them. With Recon, we’ve made it easy to identify potential vulnerabilities and exploitable intelligence by simulating attacker reconnaissance, so customers can use that information to better protect themselves.”
Sophos has introduced new Sophos Firewall capabilities to better meet the complex and demanding needs of distributed and enterprise edge computing. The Sophos Firewall now delivers performance enhancements that accelerate encrypted traffic inspection, dynamic traffic routing for Internet Protocol version 6 (IPv6), added resiliency with software-defined wide area network (SD-WAN) load balancing and high-availability enhancements, and seamless integration with Microsoft Azure Active Directory.
Daniel Cole, vice president of network security product management at Sophos, commented, “One of the key benefits of the Xstream architecture and Flow Processors is that they are programmable. This means that while other firewalls get slower over time, we can increase performance, even when we add new features and capabilities.
“Our design ensures customers’ investment in Sophos Firewall is future-proofed and enables seamless transition to a cloud-enabled world. SD-WAN and Secure Access Service Edge (SASE) demand a more efficient platform, which is not only resilient but also makes day-to-day management easier and faster than ever.”
Sophos has also published its 2023 Threat Report. The report details how the cyber threat landscape has reached a new level of commercialization and convenience for would-be attackers, with nearly all barriers to entry for committing cybercrime removed through the expansion of cybercrime-as-a-service. The report also addresses how ransomware remains one of the greatest cybercrime threats to organizations, with operators innovating their extortion tactics and how demand for stolen credentials continues to grow.