This week’s news from security vendors includes appointments, research and product news. Checkpoint Software, Dragos, Fortra and VMWare revealed the findings from several reports. Forescout announced the appointment of a new CEO, and Mimecast unveiled a new general counsel.
Check Point
Check Point Research published its Brand Phishing Report for Q4 2022. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during October, November, and December last year.
Yahoo was the most impersonated brand for phishing attacks during Q4 2022, climbing 23 places and accounting for 20% of all attempts. DHL came in second place with 16% of all brand phishing attempts, ahead of Microsoft in the third spot with 11%.
Omer Dembinsky, Data Group Manager at Check Point Software, said: “We are seeing hackers trying to bait their targets by offering awards and significant amounts of money. Remember, if it looks too good to be true, it almost always is. You can protect yourself from a brand phishing attack by not clicking on suspicious links or attachments and by always checking the URL of the page you are directed to. Look for misspellings and do not volunteer unnecessary information.”
Check Point Software Technologies unveiled the Check Point Cyber Center, an educational hub exploring the history and future of cyber security. Located at Check Point’s headquarters in Tel Aviv, the Cyber Center includes videos and exhibits on the role of cybersecurity in keeping us all safe, in addition to explaining how and why cyber-attacks happen.
Dragos
Dragos published the industrial ransomware analysis for Q4 2022. It observed through publicly disclosed incidents, network telemetry, and dark web postings that 24 ransomware groups were active during Q4 of 2022. During this time, Dragos became aware of 189 ransomware incidents, a 30% increase from the 128 incidents in the previous quarter. Highlights include:
- A growing number of ransomware groups like Black Basta, ALPHV, PLAY, Qilin, and Qyick adopted a new tactic called “intermittent encryption,” which relies on encrypting only parts of the targeted files’ content, enabling faster encryption time.
- 52% of the 189 ransomware attacks impacted industrial organizations and infrastructure in North America, for a total of 98 incidents, more than doubling the number of attacks in the region last quarter.
- Lockbit 3.0 was responsible for 21% of the total ransomware attacks, accounting for 40 incidents.
Europol
Europol supported the German, Dutch and US authorities in taking down the infrastructure of the prolific HIVE ransomware. This international operation involved authorities from 13 countries in total. Law enforcement identified the decryption keys and shared them with many victims, helping them regain access to their data without paying the cybercriminals. This effort has prevented the payment of more than USD 130 million or the equivalent of about EUR 120 million of ransom payments.
An operation led by French and US authorities, and supported by Europol, has targeted the crypto exchange platform Bitzlato. The globally operating Hong Kong-registered cryptocurrency exchange is suspected of facilitating the laundering of large amounts of criminal proceeds and converting them into roubles. Law enforcement authorities took down the digital infrastructure of the service, based in France, and interrogated leading members of the platform’s management.
Forescout
Forescout announced the appointment of Barry Mainz as CEO, effectively immediately. Mainz has served as CEO and member of the Board of Directors for MobileIron and also led Wind River Systems, a division of Intel, as President during important years of growth.
Additionally, Mainz has held leadership roles, as well as advisory and board positions at private and public companies such as Mercury Interactive, Makara (acquired by Red Hat, Inc.) and Sun Microsystems.
Mainz commented, “I am really excited about the work we’ve done to plan Forescout’s next horizon and am thrilled to partner with our Board, our strong management team and employees as we execute our plans. Working together with Greg and our Board over the past few months gives me high confidence that we have the right strategy and will deliver immense value to our customers.”
Fortra
Fortra has published findings from its 2023 IBM i Marketplace Survey, the ninth. The survey reveals the trends shaping and driving the global IBM i market. In this year’s survey, 68% of respondents said the ongoing cybersecurity threat remains their number one concern, up from 62% last year. However, 27% do not plan to implement cybersecurity measures such as encryption, multi-factor authentication, antivirus, or ransomware protection to help address this growing concern.
Tom Huntington, Executive Vice President of Technical Solutions at Fortra, commented, “Organizations that neglect to prioritize these security controls risk being brought to their knees by data breaches, ransomware, or other cyber attacks that prey on security vulnerabilities. If your organization has no plans to address these risks, we strongly urge you to rethink your approach.”
“The ongoing shortage of IT skills has hit the IBM i community hard, and we are seeing a rise in demand for managed security services to help bridge this gap.”
Infoblox
Infoblox announced that BloxOne Threat Defense Federal Cloud had achieved the US Government’s FedRAMP Moderate Authorization. The certification ensures organizations are operating a SaaS platform with greater assurances for operational security, confidentiality, integrity and availability.
The Infoblox BloxOne Threat Defense Federal Cloud is a subset of BloxOne Threat Defense, which combines Infoblox’s Cloud Services Portal (CSP), Threat Intel Data Exchange (TIDE), and Dossier threat investigation platform to help public sector agencies simplify and scale security from the network core to the edge.
Ralph Havens, President of Infoblox Federal, commented, “Achieving FedRAMP authorization shows Infoblox’s commitment to helping federal agencies digitally transform and secure cloud-first environments. In reaching this significant milestone, we are delighted to now offer our federal customers a robust network security platform to augment our nation’s cyber defenses against unrelenting security attacks from adversaries who wish to do us harm.”
Mimecast
Mimecast Limited (Mimecast) announced the appointment of Chris Dollase to General Counsel, effective February 1st. Dollase has more than 20 years of experience leading legal teams in the cybersecurity industry and has served as Mimecast’s deputy general counsel and chief compliance officer for the last five years.
It will be instrumental in maintaining Mimecast’s culture of integrity and delivering on the company’s growth strategy. Dollase replaces Robert Nault, who will step down as general counsel after more than six years in the role.
NTT
NTT Corporation announced that it had developed practical secure computation AI software. It consists of the world’s first secure computation technology with training and inference processing in the key algorithms of the four major categories of AI while keeping data encrypted.
In collaboration with the Research Organization of Information and System National Institute of Informatics (NII), NTT is offering a trial to use the secure computation AI software. NII and NTT are recruiting universities and other partners to experiment with secure computation AI software on NII’s computing environment.
VMWare
Research by Forrester Consulting, commissioned by VMWare, found that although 75% of security leaders are in the discovery phase of their XDR journey, they are looking at XDR as a way to bolster their security solutions and meet the need for better security visibility across IT infrastructure. Key findings from the report, titled “Evolving Security Operations Capabilities: Insights into the XDR Paradigm Shift” (gated), were:
- 45% agreed that there is no clear, standard industry definition of XDR. At least three in four XDR adopters believed XDR includes EDR and network analysis and visibility (NAV). A third of non-users say they still need proof that XDR is legitimate before adopting it.
- 79% of non-users said improved threat detection speed and accuracy are needed for their organizations. Of the users already adopting XDR, improved speed and accuracy of threat detection was one of their top five drivers for doing so.
- 75% of XDR adopters found increased ROI to be the top business benefit of XDR. XDR adopters also reported a 13.9% increase in ROI due to adoption, which increases as adoption matures.
- 83% of XDR adopters agreed that XDR’s automation and repeatability complemented other security tech stack tools. For many organizations, adopting XDR means keeping the tools in their current tech stack and automating the more tedious detection work, saving time and money. 75%, with this figure rising to 91% among more mature adopters, agreed that XDR enables their team to skip some of the tedious, common, or repetitive detection engineering work they would otherwise have to do to focus on more targeted, specific attacks.