NIBS (credit image/Pixabay/ Ryan McGuire)In an interview, Adam Blake, CEO and co-founder of ThreatSpike, explains how his firm is making penetration testing available and affordable to everyone, including SMEs.

Last week, Dragos published its review of 2022 for ICS/OT Cybersecurity. Claroty issued a report for the second half of 2022 around XIoT. Ivanti and Sophos published other reports. Several product announcements during the week included new firewalls from WatchGuard and solutions from Veeam and Checkpoint Software.

Accenture announced the acquisition of Morphus, and two partnerships were announced: Plaid and Okta and another between LogRhythm and TrendMicro.

Accenture

Accenture has acquired Morphus, a privately held Brazil-based cyber defence, risk management and cyber threat intelligence services provider, expanding its practice capabilities in Brazil and Latin America. Financial terms were not disclosed. Morphus’s end-to-end portfolio includes red and blue team services; governance, risk and compliance services; enterprise risk management; cyber strategy; threat intelligence; and managed security services (MSS).

Paolo Dal Cin, who leads Accenture Security globally, commented, “Together with the capabilities and experienced leadership of Morphus, we will work as one team to help organizations build a cyber resilient business and better secure their digital core, their technology and supply chains.

“The acquisition brings more than 230 highly skilled professionals, making Accenture one of the largest cybersecurity professional services providers in Brazil. Our clients are always looking for the best solutions to strengthen their cyber defenses, and the addition of Morphus expands our global research workforce and network of talented, innovative security professionals.”

Checkpoint Software

Checkpoint Software launched Infinity Spark, a threat prevention solution that delivers industry-leading AI security and integrated connectivity to small and medium-sized businesses. Infinity Spark offers enterprise-grade security across networks, email, office, endpoint, and mobile devices. With a 99.7% malware catch rate, it protects SMBs against advanced threats, including phishing, ransomware, credential theft and DNS attacks.

Eyal Manor, Vice President of Product Management at Check Point Software, commented, “SMBs have shown a willingness to invest in cybersecurity to safeguard and support business growth especially as they adapt to the hybrid working model.

“However, with a growing shortage of skilled cyber professionals these businesses need a solution that offers full coverage protection without complicated onboarding processes. Infinity Spark addresses this opportunity in the market by consolidating security into an ‘all-in-one’ platform with a simple monthly price plan.”

CheckPoint Software published its Global Threat Index for January 2023. Last month saw infostealer Vidar return to the top ten list in seventh place after an increase in instances of brandjacking and the launch of a major njRAT malware phishing campaign in the Middle East and North Africa.

Checkpoint Software announced its Q4 and full-year 2022 results. Q4 revenues rose 7% to $638 million, and revenues for the full year rose to $2,330 million, an 8% rise year over year. Gil Shwed, Founder & CEO of Check Point Software Technologies, said, “We delivered solid fourth quarter and 2022 full-year financial results despite a volatile year-end macro-environment. Revenue and non-GAAP earnings per share came in at the top end of our projections.

“We continued building the future of cyber security with the prevention-first Infinity architecture and realized triple-digit growth in Infinity revenues. Building on this success we are driving security innovation with a focus on the 3Cs of the Best Security – a Comprehensive set of technologies that address the key attack vectors; a Consolidated set of solutions with a unified management portal, with Collaborative security technologies – to prevent the next cyber-attack.”

Claroty

The Claroty State of XIoT Security Report: 2H 2022 revealed that cyber-physical system vulnerabilities have declined by 14% from the peak of 2H 2021. It indicates that security researchers are positively impacting the security of the Extended Internet of Things (XIoT), a vast network of cyber-physical systems across industrial, healthcare, and commercial environments. Also that XIoT vendors are dedicating more resources to examining the security and safety of their products than ever before.

Amir Preminger, VP of research at Claroty, commented, “Cyber-physical systems power our way of life. The water we drink, the energy that heats our homes, the medical care we receive – all of these rely on computer code and have a direct link to real-world outcomes.

“The purpose of Team82’s research and compiling this report is to give decision makers in these critical sectors the information they need to properly assess, prioritize, and address risks to their connected environments, so it is very heartening that we are beginning to see the fruits of vendors’ and researchers’ labor in the steadily growing number of disclosures sourced by internal teams.

“This shows that vendors are embracing the need to secure cyber-physical systems by dedicating time, people, and money to not only patching software and firmware vulnerabilities but also to product security teams overall.”

Key findings include:

  • 62% of published OT vulnerabilities affect devices at Level 3 of the Purdue Model for ICS
  • 71% of vulnerabilities were assessed with a CVSS v3 score of “critical” (9.0-10) or “high” (7.0-8.9)
  • 63% of vulnerabilities are remotely exploitable over the network
  • The leading potential impact is unauthorized remote code or command execution – 54%

Dragos

Dragos published its  2022 Dragos ICS/OT Cybersecurity Year in Review. Key findings include:

The emergence of PIPEDREAM, the seventh known ICS Specific malware, is the first scalable, cross-industry ICS attack framework. It targets three ubiquitous software components and demonstrates the risks of modern component-based software supply chains where single exploits and vulnerabilities have the potential for sweeping cross-industry impact.

During 2023 Dragos discovered two new threat groups; Chernovite, the authors behind PIPEDREAM, have developed the capabilities to achieve Stage 2 of the ICS Cyber Kill Chain and execute an ICS attack. BENTONITE is a new threat group increasingly and opportunistically targeting maritime oil and gas (ONG), state, local, tribal, and territorial (SLTT) governments, and manufacturing. The review notes the latest about the other threat groups.

There were 605 ransomware attacks against industrial organizations in 2022, an increase of 87% over last year. 72% of them targeted the manufacturing industry.

Gatewatcher

Gatewatcher announced an aggressive channel partner recruitment drive within the UK as part of a commitment to a 100% indirect distribution strategy. Adrian Jones, country manager, UK&I, Gatewatcher, said, “Our commitment to a 100% indirect strategy in the UK necessitates that we combine local presence with access to all that we can offer.

“As a result, the Gatewatcher Partner Programme will support partners by offering content and training adapted to their market position and business model. In the UK, we are building on our agreement with our lead distribution partner Kompingo, to ensure we offer market-leading support to our channel.”

The GPP programme consists of 4 levels: Authorized, Silver, Gold and MSSP.

  • Authorized: Without commitment, the reseller benefits from customised support
  • Silver: Once members of the programme, partners are supported by commercial and technical experts
  • Gold: Besides commercial and technical support, partners also receive marketing support
  • MSSP: With this new model, Gatewatcher is targeting partners that offer a managed SOC to customers.

Ivanti

2023 Spotlight Report: Ransomware Through the Lens of Threat and Vulnerability Management report was published by Cyber Security Works (CSW)IvantiCyware, and Securin. The report identified 56 new vulnerabilities associated with ransomware threats among 344 threats identified in 2022—marking a 19% increase year-over-year.

Threat actors are actively searching the internet and deep and dark web for 180 vulnerabilities associated with ransomware. In the last quarter of 2022, these groups used ransomware to exploit 21 of these vulnerabilities.

Aaron Sandeen, CEO and Co-founder of CSW and Securin, commented, “Our survey findings indicate that knowledge has not translated to power for many organizations. IT and security teams are being tripped up by open-source, old, and low-scoring vulnerabilities associated with ransomware.

“IT and security teams will want to scrutinize both in-house and vendor software to identify and remediate vulnerabilities before deploying new solutions and patch existing software as soon as vulnerabilities are announced.”

Srinivas Mukkamala, Chief Product Officer, Ivanti, said, Ransomware is top of mind for every organization whether in the private or public sector. Combating ransomware has been placed at the top of the agenda for world leaders because of the rising toll being placed on organizations, communities and individuals. It is imperative that all organizations truly understand their attack surface and provide layered security to their organization so they can be resilient in the face of increasing attacks.”

LogRhythm

LogRhythm announced a partnership with Trend Micro. The combination of LogRhythm SIEM collecting data from Trend Micro Vision One logs will help teams understand an attack. It will allow security teams to pull threat data from multiple sources, correlate it, and automate a response.

Mike Gibson, Senior Vice President of Global Customer Success at Trend Micro, commented, “LogRhythm offers extensive support for and integration across Trend Micro’s product portfolio, and we are thrilled to announce our partnership with them. The LogRhythm SmartResponse for the Trend Micro integration provides enhanced threat detection and response capabilities, with the ability to respond quickly and efficiently to alarms. This partnership showcases our commitment to delivering top-notch threat detection and response solutions.”

Personal Group, a leading UK provider of employee services, will deploy the LogRhythm security information and event management (SIEM) solution. Personal Group gains comprehensive threat detection, protection, and mitigation capabilities to defend its sensitive data and deliver a secure service for improving employee wellbeing.

Okta

Plaid and Okta announced a partnership and integration to help thousands of banks and financial institutions adopt OAuth and APIs for exchanging data with third parties. The partnership provides the financial services ecosystem with a more secure way to accelerate their open finance initiatives and deliver seamless connectivity for potentially millions of consumers.

Plaid and Okta will provide the integrations, education, and support to help all companies in the financial services industry transfer data through OAuth and API solutions. Customers can integrate Plaid with Okta Customer Identity Cloud (powered by Auth0) to streamline and secure authentication, authorization, and aggregation of shared data — all with the consumer’s consent.

Maureen Little, Vice President of Technology Partnerships at Okta, said, “More than 17,000 organizations trust Okta to protect the identities of their customers and workforces. With Okta’s independent and neutral platform, financial services companies can embrace identity best practices regardless of their technology stack, and pass the security and experience benefits onto their consumers. We are thrilled to partner with Plaid to elevate the importance of identity across the financial services ecosystem.”

Sophos

Sophos released details of two expansive, still operational, pig butchering or sha zhu pan rings (elaborate and lengthy financial fraud scams that can cost victims thousands of dollars) that scammers are operating from Asia. One of the rings, based in Hong Kong, involves a fake gold trading marketplace, while the other, based in Cambodia and with ties to Chinese organized crime, netted the scammers $500,000 in cryptocurrency in just one month.

Sean Gallagher, principal threat researcher, Sophos, said, “For two years, we’ve been following and reporting on a subset of these pig butchering schemes called CryptoRom. This is a particular flavor of pig butchering that relies on romance-based lures, with scammers approaching potential victims on dating apps and then asking them to invest in fraudulent crypto trading apps.

“But CryptoRom is really just the tip of the iceberg. Since the start of the pandemic, this type of cyberfraud has massively expanded. These scammers are now targeting people on all major social media platforms or even direct message, and they’re not limiting themselves to just exploiting crypto but also gold and other forms of currency or trading value. They’re quite literally going after the whole hog.”

Veeam

Veeam announced the new Veeam Data Platform, a single platform delivering more advanced data security, recovery and hybrid cloud capabilities than ever before. The Veeam Data Platform, which includes Veeam Backup & Replication (VBR) v12, provides best-in-class secure backup and fast, reliable recovery that keeps business running.

It combines the latest features offered from Veeam into a single robust solution offered in three enterprise-grade editions for protecting Cloud, Virtual, Physical, SaaS and Kubernetes applications across complex and expanding IT environments.

Danny Allan, CTO and Senior Vice President of Product Strategy at Veeam, commented,  “Organizations are more vulnerable than ever. Over the past twelve months, 85% of organizations were attacked at least once, up from 76% in last year. We understand IT leaders feel they aren’t sufficiently protected, and as IT environments continue to grow more complex and demanding, it’s now obvious that Modern Data Protection must be integrated into the overall cyber preparedness plan.

“The Veeam Data Platform brings the best of Veeam solutions together to deliver a single platform with relentless security, reliable data recovery and trusted data freedom, and is designed to give our customers the choice to leverage the right solution that fits their needs and keeps their business running.”

WatchGuard

WatchGuard Technologies announced the release of its new Firebox T25/T25-W, T45/T45-POE/T45-W-POE, and T85-POE tabletop firewall appliances. Powered by WatchGuard’s Unified Security Platform architecture to deliver comprehensive security and simplified management through WatchGuard Cloud, these new firewalls are engineered to provide the performance that remote and distributed business environments need for better protection against the latest network security threats.

Ryan Poutre, product manager at WatchGuard Technologies, commented, “IT environments of all types and sizes face advanced and sophisticated threats from attackers, but SMBs and branch offices typically don’t have dedicated technical staff to configure, install and manage network security appliances. This new generation of Fireboxes takes full advantage of our Unified Security Platform architecture, enabling MSPs to provide the robust solutions and simplified management they require to meet the needs of a wide range of customers and deployment scenarios.”

LEAVE A REPLY

Please enter your comment!
Please enter your name here