Security news was surprisingly light after the Easter break, with product announcements from Babel Street, Logpoint, and Trustwave. Reports were published or highlighted by Check Point and Menlo Security. Other news came from Adaptiva, Europol and WSO2, who promoted Asanka Abeysinghe to Chief Technology Officer (CTO).
Adaptiva
Adaptiva revealed that its recently launched Autonomous Patch solution already has available the patch for a flaw in IBM Aspera Faspex. The patch, released earlier this year by IBM, was not well publicised for the secure file transfer solution
Babel Street
Babel Street has released Babel Street Insights, a new, redesigned open-source intelligence analysis tool. With a re-imagined User experience, the solution delivers rapid access to insights, a user-friendly workflow solution and a new design and interface.
Michael Southworth, Babel Street CEO, commented, “Babel Street Insights is a game-changer for organizations in highly regulated, high-stakes industries like financial services, healthcare, law enforcement, defense, and the global public sector.
“With the revolutionary design, streamlined access to more relevant information, and automated project collaboration capabilities, Babel Street Insights brings a consumer-grade experience that is modern, efficient, and intelligent to every user in the identity and risk management space. As a result, we have truly changed how organizations gather, understand, and apply PAI.”
Check Point Software Technologies
Check Point Research published its Global Threat Index for March 2023. Last month, researchers uncovered a new malware campaign for Emotet Trojan last month, which became the second most prevalent malware.
Maya Horowitz, VP of Research at Check Point Software, commented, “While big tech companies do their best to cut off cybercriminals at the earliest point, it’s near impossible to stop every attack from bypassing the security measures. We know that Emotet is a sophisticated Trojan, and it is no surprise to see it has managed to navigate Microsoft’s latest defenses.
“The most important thing people can do is make sure they have appropriate email security in place, avoid downloading any unexpected files and adopt healthy scepticism about the origins of an email and its contents.”
- Top Malware Families were Qbot, Emotet and Formbook
- The most attacked industries were Education/research, Government/military and Healthcare
- The top mobile malware seen were AhMyth, Anubis and Hiddad
Top Exploited Vulnerabilities were:
- Apache Log4j Remote Code Execution (CVE-2021-44228)
- HTTP Headers Remote Code Execution (CVE-2020-10826,CVE-2020-10827,CVE-2020-10828,CVE-2020-13756)
- MVPower DVR Remote Code Execution
Europol
Eurojust and Europol have supported a new coordinated action against a fraudulent online investment platform, which has cost at least 33,000 victims an estimated EUR 89 million. At the request of the German authorities, two action days took place in March, during which five suspects were arrested. Furthermore, 15 locations were searched in Bulgaria, Romania and Israel, including five illegal call centres. The operation is a follow-up to actions against the same online scam in 2021.
The criminal network behind the fraud attracted investors with professional-looking banners on websites and publicity via social media, using call centres in various European countries. The scammers encouraged their victims to make small initial investments of between EUR 200 and 250, showing high profits via fake graphics and software.
The victims were then contacted by so-called personal financial advisors, who promised even higher profits on bigger investments. These higher investments were subsequently lost, and the illegal profits were paid into the perpetrators’ bank accounts. The fraud scheme allegedly ran between 2019 and 2021, with the suspects of the operations in 2021 or their associates recently setting up call centres in Bulgaria and Romania.
Logpoint
Logpoint released its Business-Critical Security (BCS) solution for SAP SuccessFactors, enabling real-time security and compliance monitoring of SAP SuccessFactors. BCS for SuccessFactors provides holistic, landscape-wide threat visibility in the Logpoint Converged SIEM platform or any other SIEM solution through log extraction, continuous monitoring, and cross-correlation of data.
Sükrü Ilker Birakoglu, Logpoint Senior Director, commented, “Being a Cloud-based product raises a series of security challenges; employees working remotely using unsafe devices and networks, the fact that there are no fixed perimeters in the Cloud, and lack of visibility into the enclosed system. Today, collecting and investigating the relevant security logs is impossible because they are dispersed throughout many reports and events. Up until now, SuccessFactors has been a black box.
“As organizations migrate to SAP cloud solutions like SuccessFactors, they need to be mindful that they themselves are responsible for their own customer data and data security, authentication and authorizations, and to review security logs. We’re excited to offer the first and fully automated advanced SuccessFactors monitoring solution in the market, enabling our customers to be confident that compliance monitoring and data privacy is ensured.”
Menlo Security
Menlo Security shared results from the CyberEdge Group’s 10th Annual Cyberthreat Defense Report (CDR). The report, sponsored by Menlo Security, highlights the growing importance of browser isolation technologies to combat ransomware and other malicious threats. This continues to be critically important as the research revealed that 78% of ransomware attacks include threats beyond data encryption.
- 51% of respondents use some form of browser or Internet isolation to protect their organizations
- 40% plan to deploy this type of technology in the next 12 months
- 33% of respondents noted that browser isolation is a key element of their cybersecurity strategy for protecting against sophisticated attacks such as ransomware, phishing and zero-day attacks.
Mark Guntrip, senior director of cybersecurity strategy at Menlo Security, commented, “Evasive web threats, including Highly Evasive Adaptive Threats (HEAT), often come through the web browser and easily bypass multiple layers of detection in prominent security technology, resulting in malware, compromised credentials, and, many times, ransomware.
“The CDR shows that the risk of ransomware delivered via a HEAT attack is becoming even more serious, with multiple threats in one payload. Preventing it is critical and browser isolation technologies are a highly effective way to do so.”
Steve Piper, founder and CEO of CyberEdge Group, noted, “It’s exciting to see browser isolation technologies embraced by CDR respondents, in part because they’re designed to improve security without affecting the end user’s experience at all. We think that we’ll all be hearing more about the importance of this type of technology in the future.”
Trustwave
Trustwave launched a new Operational Technology (OT) Security Maturity Diagnostic Offering. The new OT diagnostic offering is an assessment and advisory service centered on ensuring the security of industrial automation and control systems. Trustwave’s OT diagnostic is optimized to gain insight into an organization’s current state of OT security across people, processes, and technology.
Trustwave’s team of OT experts will baseline an OT cybersecurity posture and build a roadmap leading to a mature strategy that reduces third-party risk, improves compliance, and maintains uptime.
Nick Ellsmore, Senior Vice President of Worldwide Consulting and Professional Services at Trustwave, said, “We believe a mature defense-in-depth approach to industrial automation and control systems is crucial. With malicious actors continuously advancing their technical capabilities and resources to attack OT/IT networks, relying on security through obscurity or air-gapped networks is no longer practical to protect your infrastructure.”
The solution offers the following benefits:
- Alignment on cyber programs’ target state to best practices and established standards and alignment on security and business requirements to baseline the cybersecurity program
- Identification of top risks to generate “quick wins” to help decision-makers mature the organization efficiently and effectively
- Delivery of quick feedback to the business to support broader initiatives, business alignment, and visibility into risks
- An Assessment Report that is tailored to the organization’s needs with findings and recommendations organized by identify, protect, detect, respond, and recover
- An actionable roadmap to identify and articulate the vision for advancing the maturity of the OT security program, steps for achievement, and a narrative to obtain stakeholder engagement and define requirements.