Last week there were reports published by Avast, Check Point Research, and Telstra. There were also several products. Check Point Software Technologies released two products, and Enveil rolled out a new release of ZeroReveal.
Logpoint released a ChatGOT integration for Logpoint SOAR, while Microsoft announced Adaptive Protection in Microsoft Purview. N-able has launched N-able Managed Endpoint Detection and Response (Managed EDR). Neustar Security Services launched UltraPlatformTM, and Qualys announced the expansion of its TruRisk platform for SMEs and Enterprise customers.
Avast
Avast published its Q4 2022 threat report. During the quarter, it saw increased threats using social engineering to steal money, such as refund and invoice fraud and tech support scams. Cybercriminals also remained active in spying and information stealing, with lottery-themed adware campaigns used to obtain people’s contact details.
Monthly threats increased by 11.1% in Q4 compared to Q3 in the UK. Avast threat researchers also discovered zero-day exploits in Google Chrome and Windows. These vulnerabilities have since been patched.
Jakub Kroustek, Avast Malware Research Director, said, “At the end of 2022, we have seen an increase in human-centered threats, such as scams tricking people into thinking their computer is infected, or that they have been charged for goods they didn’t order. It’s human nature to react to urgency, fear and try to regain control of issues, and that’s where cybercriminals succeed.
“When people face surprising pop-up messages or emails, we recommend they stay calm and take a moment to think before they act. Threats are so ubiquitous today that it’s hard for consumers to keep up. It is our mission to help protect people by detecting threats and alerting users before they can do any harm, using the latest AI-based technology.”
Babel Street
Babel Street, the world’s leading data-to-knowledge company, has appointed Air Vice-Marshal Sean Corbett CB MBE MA RAF to its Board of Advisors. Corbett brings extensive global open-source intelligence (OSINT) and operational experience, having served a 30-year career in the Royal Air Force as a professional intelligence officer and retiring as a two-star flag officer.
Michael Southworth, CEO of Babel Street, commented, “With the addition of AVM Corbett to our already highly accomplished board of advisors, Babel Street continues to raise the bar for excellence in open-source intelligence. His ability to contextualize OSINT on a global level is unmatched and will undoubtedly strengthen our ability to serve the public and private sectors. We are honored to have him on board and confident that his guidance will help drive us towards continued growth and success.”
Check Point Software Technologies
Check Point Research published its 2023 Security Report. The report looks back on a tumultuous 2022, which saw cyberattacks reach an all-time high in response to the Russo-Ukrainian war. Education and Research remain the most targeted sector, but attacks on the healthcare sector registered a 74% increase year-on-year. The report highlights the key trends over the year and notes that cyberattacks rose 38% in 2022.
Check Point launched Check Point Horizon XDR/XPR. It is a collaborative cybersecurity solution that effectively defends organizations against evolving cyber threats by intelligently correlating data and stopping attacks across all vectors. It minimizes the impact of threats and provides a simple experience for administrators and analysts to understand and respond to incidents.
Check Point also introduced Check Point Quantum SD-WAN, a new software blade in the Check Point Quantum Gateways. Check Point Quantum SD-WAN combines the highest level of security with optimized network and internet connectivity to protect branch offices from the fifth generation of cyberattacks.
Dragos
Dragos released Knowledge Pack KP-2023-001. The KP includes updates to identify serial devices behind an SEL Port Server and devices utilizing the CoDeSys version 3 protocol. On the threat visibility side, detection has been added for malware that utilizes a modified LZMA algorithm within multiple layers of shellcode. It is often used as an obfuscation technique to thwart detection and hinder analysis of remote access tools (RATs) loaded into memory on victim hosts. Also included is a detection for a possible Boa Webserver exploit, which results in arbitrary file access for the attacker.
Over 280 characterizations and 540 detections are included in KP-2023-001 for customers running Platform 2.x. There are also three new dashboards: Environment Overview, Vulnerability Assessment, and NERC-CIP.
Enveil
Enveil announced the wide release of the enhanced version of its flagship solution, ZeroReveal® Search. Version 4.0 enables secure and efficient data usage, analysis, sharing, alerting, and collaboration across data silos in ways that were not previously possible. The solution will significantly reduce operational risk and accelerate the timeline for turning raw data into actionable insights.
Dr Ellison Anne Williams, Founder and CEO of Enveil, commented, “We are incredibly proud to celebrate this release as it represents the continued advancement of our ZeroReveal capabilities, and further solidifies our position as the most mature encrypted search and watchlisting provider on the market. By delivering capabilities that can securely and privately span global data silos, we engineer trust to empower organizations to successfully navigate the rise of the digital economy.”
Logpoint
Logpoint released a ChatGPT integration for Logpoint SOAR in a lab setting. It allows the users to experiment with the potential of the AI-driven chatbot and discover how the technology could apply in cybersecurity operations.
Edy Almer, Logpoint Product Manager for Threat Detection and Incident Response, commented, “We’re excited to enable our customers to explore the possibilities of using technologies such as ChatGPT to reduce part of their workload. Staying up to date with technology innovations and trends is imperative to understand how we can continue to improve cybersecurity operations.”
Microsoft
Microsoft unveiled Adaptive Protection in Microsoft Purview. Now in preview, the solution leverages Insider Risk Management machine learning to understand how users interact with data, identify risky activities that may result in data security incidents, and then automatically tailor Data Loss Prevention (DLP) controls based on the risk detected.
With Adaptive Protection, DLP policies become dynamic, ensuring that the most effective policy—such as blocking data sharing—is applied only to high-risk users. In contrast, low-risk users can maintain their productivity. The result: your security operations team is now more efficient and empowered to do more with less.
N-able
N-able has launched N-able Managed Endpoint Detection and Response (Managed EDR). Powered by SentinelOne Vigilance Respond, Managed EDR supplements N-able EDR with dedicated managed security services. Managed EDR enlists SentinelOne’s 24×7 security operations center (SOC) and Vigilance security experts to monitor, review, and act upon every product-identified threat that puts your network at risk.
Managed EDR acts as an extension of their IT or SOC teams, with security analysts available 24/7/365 so they can refocus time and resources on higher-value initiatives.
Troels Rasmussen, general manager of security products, said, “We are delighted to continue building our relationship with SentinelOne; we recognize how much our partners value important world-class cybersecurity solutions, and the ability to overcome the day-to-day challenges they face to keep themselves and their customer endpoints secure.
“Managed EDR can help bridge the current security skills gap we are facing, providing elite security experts as an extension to an existing security team. It also provides global, 24×7 peace of mind by offloading day-to-day operations, allowing teams to focus on more strategic initiatives.
“Whether you have a well-established SOC in place or you are looking to expand your security practice, enlisting the help of SentinelOne’s security experts can help you meet your specific security and business needs.”
Nettitude
Nettitude has renamed ATvanGarde PTE LTD, acquired in August 2022, as Nettitude PTE Limited. Karen Bolton, Nettitude CEO, commented, “We are excited by this change as it signals an important milestone in the integration of our two businesses into one cohesive team.
”This displays the strength of our growth through acquisition strategy and furthers our mission to be recognised as a research-led, globally trusted cybersecurity expert. The initial acquisition of ATvanGarde bought together the strengths of both companies and following a successful integration this renaming represents another step on the journey of helping our clients navigate a rapidly changing risk landscape.”
Neustar Security Services
Neustar Security Services launched UltraPlatformTM, a solution that leverages three Neustar Security Services’ offerings critical to protecting organizations’ online assets and infrastructure: an authoritative domain name system (DNS) service, protection against distributed denial-of-service (DDoS) attacks and a web application firewall (WAF). UltraPlatform blends components from Neustar Security Services’ industry-leading UltraDNS, UltraDDoS Protect and UltraWAF offerings.
Carlos Morales, senior vice president of solutions at Neustar Security Services, said, “Ensuring that digital assets are always accessible, available and secure is critically important, as enterprises today rely on their online presence for virtually every essential business function, from sales and marketing to operations and fulfillment to customer service.
“With cyberattacks becoming both more frequent and more complex, many organizations are looking to cloud-based managed services to enhance their security posture without overloading their security teams. UltraPlatform’s unique combination of industry-leading DNS, DDoS protection and WAF functions reduces risk, supports vendor consolidation, and lowers total cost of ownership (TCO) for companies.”
Qualys
Qualys announced the expansion of its TruRisk platform to serve the needs of both large enterprises and small and medium-sized businesses. The new offerings, VMDR TruRisk packages and Enterprise TruRisk Management will help organizations reduce cyber risk across their infrastructure and drive business growth.
The VMDR TruRisk packages for small and medium businesses are immediately available. It combines:
- VMDR TruRisk
- VMDR TruRisk FixIT
- VMDR TruRisk ProtectIT
Enterprise TruRisk Management will be available for preview in early March.
Sumedh Thakar, president and CEO of Qualys, said, “As companies look to consolidate their security toolsets, Qualys is excited to launch these packages that make it extremely simple and economical for customers to adopt multiple Qualys solutions. Our expansion of the TruRisk platform to serve both large enterprises and small/medium businesses demonstrates our commitment to enhancing the collection of risk intelligence and in helping organizations respond to risk quickly.”
Telstra
Telstra published a report examining the importance of cybersecurity within digital transformation. Key findings include:
- 41% of UK technology leaders see security as the enabler of innovation within their organisation
- 22% of senior technology decision-makers in the UK identified cybersecurity solutions as the most important factor affecting business transformation, higher than business processes (17%), employee commitment (16%), leadership focus/buy-in (14%) and external investment and funding (13%).
- 83% of respondents believe that they have an open security culture. It defines an open security culture as: “an approach to cybersecurity that values open dialogue and collaboration within a flat team structure, which avoids blame culture and encourages a transparent incident reporting process”. However, the report did not validate this finding with a wider employee survey.
Rob Robinson, Head of Telstra Purple EMEA, said: “CISOs are continuously adapting to keep pace with the ever-changing threat landscape. Today, the evolution of the role means that CISOs now play a crucial part in shaping the security strategy of their organisation from within the board. The question now is how they can entrench security best practices and behaviours within the workforce in order to facilitate the digitisation that is required to keep pace with modern expectations for innovation.
“Our research shows that most decision-makers recognise the importance of security in enabling innovation. It is therefore essential that security becomes engrained into the organisations’ DNA as they continue their digital transformation journeys.
“The other side of this coin is the critical role of culture in enabling better security, as well as business transformation, growth and ultimately the success of the business. By focusing on people and actively creating a collaborative, proactive, transparent and inclusive culture, organisations can empower employees to deliver value for the organisation through flexible, adaptable and innovative business transformation.”
WSO2
The International Institute of Information Technology – Hyderabad (IIIT Hyderabad) collaborates with leading technology organizations to innovate new solutions that benefit nonprofits in education, healthcare, and other sectors serving the public. IIIT Hyderabad began using Choreo, a software-as-a-service (SaaS) application development suite from WSO2, to simplify and streamline the delivery of its digital innovations to these nonprofits.
Khoushik Ananth, lead engineer at IIIT Hyderabad, commented, “We realized that Choreo had all the features of WSO2 API Manager and more. We also saw an opportunity to move to the cloud and simplify our efforts by shifting responsibility for maintaining the infrastructure to Choreo.
“Using Choreo and the Choreo Marketplace, we are providing a one-stop-shop where nonprofits can access APIs to applications and services without having to know which organizations they come from. It is one more way that IIIT Hyderabad makes innovative technology solutions readily accessible to nonprofits, so they can better support the communities they serve.”