The Flashpoint June Cyber Threat Intelligence revealed 475 observed ransomware attacks in June 2023. LockBit with 97 and Clop with 91 were the most common. This week’s news came from Check Point, Dragos, Egress, Europol, Ivanti, Privacera, Sycope, Trend Micro, Trustwave and Veeam.
Check Point
Check Point Research published its Brand Phishing Report for Q2 2023. The report highlights the brands that were most frequently imitated by cybercriminals in their attempts to steal individuals’ personal information or payment credentials during April, May and June 2023.
Last quarter global technology company Microsoft climbed up the rankings, moving from third place in Q1 2023 to first in Q2. The tech giant accounted for 29% of all brand phishing attempts. The report ranked Google in second place, accounting for 19% of all attempts, and Apple in third, featuring 5% of all phishing events during the last quarter.
Omer Dembinsky, Data Group Manager at Check Point Software, commented, “While the most impersonated brands move around quarter to quarter, the tactics that cybercriminals use scarcely do. This is because the method of flooding our inboxes and luring us into a false sense of security by using reputable logos has proven successful time and time again.
“This is why we all must commit to stop and review, taking a moment before clicking on any link we don’t recognize. Does something feel off? Is there bad grammar or any language that is prompting an instant response? If so, this may be an indicator of a phishing email. For organizations worried about their own data and reputation, it is key that they take advantage of the right technologies that can effectively block these emails before they have a chance to dupe a victim.”
Check Point also published its Global Threat Index for June 2023. Trojan Qbot has been the most prevalent malware in 2023, ranking first in five out of the six months. Meanwhile, mobile Trojan SpinOk made its way to the top of the malware list for the first time after being detected last month, and ransomware hit the headlines following a zero-day vulnerability in file-sharing software MOVEIt.
Maya Horowitz, VP of Research at Check Point Software, commented, “The MOVEit exploit proves that 2023 is already becoming a significant year in ransomware. Prominent groups like Clop are not operating tactically to infect a single target but instead, making their operations more efficient by exploiting software that is widely used in a corporate environment. This approach means they can reach hundreds of victims in a single attack.
“This attack pattern emphasizes the importance for companies to implement a multi-layered cyber security strategy and to prioritize patching quickly when vulnerabilities are disclosed.”
Dragos
Dragos announced that it will continue to invest in growing its go-to-market teams in Europe. This is despite the recent job cut announcements it made. Heading the expansion are Area Vice President for Europe and Africa Tony Atkins, Chief of Staff Phil Tonkin, Director for International Incident Response Kai Thomsen, and Principal Adversary Hunter and Technical Director Magpie Graham. There are now 25 employees based in Europe.
Atkins noted, “With the current geopolitical environment, the increase in ransomware, and exposures recently introduced through hybrid workforces, the cyber threat to industrial organisations has never been greater.
“Our continued expansion in Europe will enable us to not just be a better partner with organisations in the region to ensure they are successful in their industrial cybersecurity journey, but also to help foster the local ICS/OT cybersecurity practitioner community through ongoing education and engagement.”
Dragos and Macnica Corporation have signed an agency agreement to provide Dragos’s OT cybersecurity solutions in Japan. Takashi Hoshino, Vice President Macnica Networks Company, commented, “We are confident that Dragos OT cybersecurity solutions will help protect Japanese businesses. The partnership with Dragos is a critical cornerstone in our commitment to increasingly connected local industrial systems. We are thrilled to work with Dragos as a leader in industrial security across the globe.”
Egress
Egress has launched adaptive security for its Intelligent Email Security platform. Egress will provide dynamic and automated protection against advanced inbound and outbound threats, transforming how organizations manage human risk on email.
Adaptive security as part of the Intelligent Email Security platform is now available for organizations worldwide. Existing Egress customers will benefit from this update free of charge.
Egress CEO Tony Pepper commented, “Almost every organization freely admits that people represent the biggest risk to their security and are most vulnerable when using email. By implementing an adaptive security architecture, we can continually assess human risk on a per user basis and automatically dial enforcement up or down depending on the level of the potential threat.
“An organization’s risk profile is never static, so their email security shouldn’t be either. To date, Egress has used the latest advances in AI and machine learning to detect and prevent advanced inbound and outbound threats in Microsoft 365. Today’s announcement is a natural evolution of this capability, bringing a predictive layer to email security so organizations can proactively manage human risk and prepare themselves for new and emerging threats before they have even materialized.”
KnowBe4 and Egress announced their partnership to provide organizations with a proactive approach to defending against advanced inbound and outbound threats and transform how they manage human risk in email. This integration enables Egress to feed KnowBe4’s user risk score into its adaptive security model as an additional intelligence source.
Tony Pepper, CEO at Egress, commented, “Partnering with KnowBe4 to further augment our aggregated human risk score is an exciting opportunity for our customers. Both KnowBe4 and Egress recognize that people represent the biggest risk to organizations and are most vulnerable when using email. Managing this human risk requires the implementation of both dynamic technical controls and tailored security awareness.
“This partnership will enable joint customers to leverage the combined value of both offerings to ensure they are best prepared for new and emerging threats before they have even materialized.”
Europol
Europol published the first module of the ninth Internet Organised Crime Threat Assessment (IOCTA). It takes an in-depth look into the online criminal ecosystem, examining notable actors, their attack vectors and victims. The report covers the following:
- Cybercriminal services are intertwined
- Similar techniques for different goals
- The central commodity is stolen data
- Same victims, multiple offences
- The underground communities to educate and recruit cybercriminals
- What happens with the criminal profits?
- Europol’s support
Ivanti
Ivanti is collaborating with T-Mobile to offer business customers the artificial intelligence and machine learning capabilities of Ivanti Neurons to secure their devices in a mobile-first, hybrid work world. T-Mobile will offer Ivanti Neurons for Mobile Device Management (MDM) and Ivanti Neurons for Unified Endpoint Management (UEM) to control inventory, configure and manage mobile devices and allow customers to easily create profiles and enforce restrictions and security policies.
George Fischer, SVP of Sales, T-Mobile Business Group, commented, “Amidst the evolving landscape of modern business, T-Mobile has embraced the shift towards a hybrid workforce. We’re thrilled to be able to offer Ivanti’s MDM and UEM solutions to empower our customers to more easily navigate device management, fortify endpoint security measures, achieve compliance, and help improve operational efficiency in today’s mobile-driven environment.”
Privacera
Privacera has launched its Governed Data Stewardship solution. The solution aims to transform how IT organizations distribute data ownership and stewardship into lines of business to speed up self-service data sharing and access governance.
Balaji Ganesan, CEO and Co-Founder, commented, “We have heard from our customers repeatedly that managing and provisioning secure data access is a major unsolved pain point. Analytical and AI initiatives require agile data sharing and fine-grained access provisioning. We are excited to empower organizations with a more democratized experience, one that offers enhanced data governance offerings decreases IT burdens, and accelerated data access while maintaining utmost security and compliance throughout the data estate.”
Sycope
Sycope has partnered with Profitap with a new integration to drive network visibility and analytics on all traffic across physical and virtual infrastructures. The joint solution enables precise analysis of specific network traffic by seamlessly delivering the required traffic to Sycope’s advanced security and monitoring tools.
Tadeusz Dudek, CEO of Sycope, commented, “Collaborating with reputable security product manufacturers presents an excellent opportunity to foster knowledge sharing. Customers gain access to a wide range of choices, ensuring that their intricate needs are met in the best possible way. By teaming up with Profitap, we enhance the value we provide to our customers by seamlessly integrating our products.”
Sycope also announced an integration with Garland Technology, the leading US-based manufacturer of network TAPs, Network Packet Brokers, and Inline Bypass Solutions.
Tadeusz Dudek, continued, “Technology partnerships with well-known manufacturers of security products are a great way to promote the exchange of knowledge. Customers benefit from far-reaching options so that their complex requirements are optimally met. Through the partnership with Garland, we can offer our customers further added value through product integration.”
Trend Micro
Trend Micro announced Trend Vision One – Endpoint Security, its latest cybersecurity platform offering. It unifies prevention, detection, and response for user endpoints, servers, cloud workloads, and data centres. This comprehensive solution aims to support customers throughout their IT modernization.
Kevin Simzer, COO at Trend Micro, said, “Surging IT complexity is placing unprecedented demand on teams and providing determined adversaries with more opportunity to infiltrate an ever-expanding attack surface. In response to this challenge, our customers want to simplify security without compromising effectiveness. Trend Vision One – Endpoint Security is a direct answer to this need, helping IT and security organizations stop threats faster and take control of risk.”
Trustwave
Trustwave announced the expansion of its globally federated, cloud-native Fusion platform into the Pacific region. Trustwave continues to grow its investment and commitment to the Pacific region, and with the Fusion expansion, Pacific client data will now be retained onshore in Australia. While all Pacific client data ingested into the Fusion platform will remain within Australia, clients will still benefit from the actionable insights of Trustwave’s global SpiderLabs Threat Intelligence and the scale of its leading-edge Security Operations Center teams.
Jason Whyte, General Manager for Pacific at Trustwave, commented, “We are committed to continuing to grow our investment in the Pacific region to drive success for our clients and allow them to conduct business securely.
“Our unique combination of world-class SpiderLabs security talent and our market-leading Fusion platform enables us to meet the strenuous security needs of global enterprises. With our Fusion expansion, we can continue to partner closely with our Pacific clients to address the changing nature of cyberattacks while keeping their data close to home.”
Veeam
Veeam announced it is integrating Veeam Backup for Microsoft 365. With newly launched Microsoft 365 Backup via their backup APIs to bring customers and partners new backup, recovery, ransomware protection and business continuity capabilities. Veeam plans to utilize this integration to deliver innovations and experiences to Microsoft customers needing the best data protection and ransomware recovery to keep their businesses running.
Work on the integration between Veeam Backup for Microsoft 365 and Microsoft 365 Backup via their backup APIs is underway, with the general availability of the updated offering expected within 90 days of the Microsoft 365 Backup service being available.
Danny Allan, CTO at Veeam, said, “Today, every business is a digital business. That means fast, reliable access and availability of data is critical to keep businesses running. Veeam is the leading provider of backup and recovery for Microsoft 365, with over 15 million users protected. We’re delighted to extend our advanced capabilities to customers and partners using Microsoft 365 Backup. We plan to deliver innovative new features and capabilities taking advantage of the power and reliability of the Veeam Data Platform which keeps businesses running.”
Jeff Teper, President of Collaboration Apps and Platforms, Microsoft, commented, “We’re excited to work with Veeam, and look forward to the unprecedented speed and scale of backup and restore experiences they can bring to customers with our new Microsoft 365 Backup solution.”