Last week Semperis launched a new solution to accelerate AD Modernisation and reduce customers’ attack surfaces. Enterprise Times published a podcast in which Jonathan Lee, principal product manager at Menlo Security, spoke about how to improve the ability to detect attacks and secure the enterprise.
Action1
Action1 released a new version of its patch management platform. The updated Action1 platform combines vulnerability discovery and remediation, helping enterprises fortify their defences against ransomware infections and security breaches.
Key features include:
- Instant Visibility into Vulnerabilities
- Comprehensive Vulnerability Information
- Automated Remediation
- Improved Reporting
- Extended 3rd Party Software Patch Depository, with 10 new apps, bringing the total to over 110
Mike Walters, President and co-founder of Action1, commented, “The 2023 Verizon DBIR reveals vulnerability exploitation as one of the top three methods used by attackers to infiltrate organizations. Experts estimate that exploiting unpatched software accounts for 20% to 40% of breaches. With the updated Action1 platform, we help enterprises mitigate this risk by significantly reducing their mean-time-to-remediate (MTTR) vulnerabilities.”
BT
BT announced it had secured a seven-year deal with NATS, the UK’s leading provider of air navigation services. NATS handles over 2.5 million flights annually. The new long-term contract will strengthen its technology infrastructure by creating a future-fit strategic network architecture to support air traffic operations in the UK.
BT will take responsibility for consolidating and modernising NATS’s critical data network and managing digital networking and cyber security across its sites. BT will also develop an enhanced cyber security capability with NATS, including a new proactive central coordination point for cyber resilience. Together, these services will enhance NATS’ technology programme into the future and provide leading support for the technical operations it relies on.
Andy Rowe, Director of Central Government at BT, said: “Secure, high-bandwidth connectivity is essential in keeping the UK’s air traffic moving in the future – so after many years of building world-class networks and cyber security for providers of critical national infrastructure, we are looking forward to delivering this now for NATS.
“Under the partnership we will be responsible for both network provision and cyber security within the NATS strategic supplier ecosystem, and will be embarking on consolidating and modernising the entire network to build a world-class digital infrastructure that is fit for the future of air traffic management.”
Claroty
Claroty announced that Claroty xDome will power the operational technology (OT) module built into Deloitte’s expanded Managed Extended Detection and Response (MXDR) offering.
Chris Richter, Deloitte Global Cyber Detect & Respond product leader, said, “MXDR by Deloitte provides advanced threat prevention, detection, and response that requires technology collaborations equally qualified in leading innovation across the security environment–all while lowering total cost of ownership.
“Claroty’s technology alliance ecosystem, paired with our offering, empowers organizations to reach new levels of operational resilience across their increasingly connected OT environments.”
With Claroty’s technology, MXDR by Deloitte’s clients can be empowered with comprehensive asset visibility, equipped to identify, measure, and prioritize risk, deploy Zero Trust-based protective controls, and optimize threat detection.
CJ Radford, Global VP of Channel & Alliances at Claroty, commented, “As the threat landscape grows and attack tactics, techniques, and procedures become more sophisticated, security teams need coverage across a broad set of tools, which can overburden security teams—they need strong technology integrations to fight back against tool fatigue.
“The powerful combination of Claroty and the Deloitte MXDR OT module not only brings innovation to the legacy-tech-plagued OT space, it also brings relief to the boots on the ground juggling entangled solution sets.”
Corero
Corero published information about the Mirai botnet that first emerged in 2016. It remains at the forefront of distributed denial-of-service (DDoS) threats. A new report entitled “Mirai and Its Common Attack Methods” uncovers the evolving nature of Mirai malware, demonstrating its adaptive nature and most current usage techniques by examining some of the variants included in the code.
The report highlights the threat it poses, its attack vectors and different attack methods. It highlights and demonstrates the ease at which botnets can be built with a few commands and minimal knowledge. The Mirai author even provides a setup guide to aid those lacking more sophisticated technical skill sets.
Huy Nguyen, the report’s author, emphasizes the need for vigilance. “The Mirai botnet’s capabilities serve as a stark reminder of the importance of robust cybersecurity practices. Both individuals and organizations must prioritize securing their devices to mitigate the risks posed by such threats.”
Enveil
Enveil revealed that its solutions are now available from the Tradewinds Solutions Marketplace. This gateway for readily-awardable AI/ML solutions provides the Department of Defense with a streamlined path to access cutting-edge technologies.
ESET
Research from ESET has uncovered a mass-spreading phishing campaign aimed at collecting Zimbra account users’ credentials that have been active since April 2023. The campaign continues to target small and medium businesses and governmental entities.
The largest number of targets are located in Poland; however, victims in other European countries such as Ukraine, Italy, France and the Netherlands are also targeted. Latin American nations were also hit, with Ecuador topping the list of detections in that region.
ESET researcher Viktor Šperka, who discovered the campaign commented, “Adversaries leverage the fact that HTML attachments contain legitimate code, with the only telltale element being a link pointing to the malicious host.
“In this manner, it is much easier to circumvent reputation-based antispam policies, especially compared to more prevalent phishing techniques, where a malicious link is directly placed in the email body. Target organizations vary; adversaries do not focus on any specific vertical – the only thing connecting victims is that they are using Zimbra.”
F-Secure
F-Secure announced a partnership with an unnamed leading European communications service provider. The strategic alliance will see F-Secure’s DNS Security integrated into the operator’s mobile network, providing protection for its consumer customers.
The telecommunications operator will become F-Secure’s first partner to incorporate all three layers of F-Secure’s security ecosystem, F-Secure Total, Sense and DNS Security.
Dmitri Vellikok, Vice President of Network Security at F-Secure, commented, “The ever-evolving threat landscape demands innovative solutions. Our partnership with this prominent network operator is a testament to our dedication to meeting these challenges head-on. By providing a tailored DNS security solution that adds tangible value and convenience, we’re enabling users to navigate the digital world with confidence.
“This collaboration reflects our belief that communication service providers will increasingly play a pivotal role in delivering a secure online experience for their users. We look forward to forging more partnerships and reshaping the security landscape.”
Forescout
Forescout announced the appointment of David Creed as its Vice President of Worldwide Channel Sales. Creed is responsible for shepherding the next phase of growth across the company’s channel ecosystem and creating new alliances that unlock more revenue opportunities for partners and service providers around the globe.
Before joining Forescout, Creed served over the past two decades in various channel executive posts at SecurePipe, McAfee, Carbon Black and most recently, Armis. He was also a channel account manager at Cisco and 3Com.
Barry Mainz, CEO of Forescout, said, “David’s passion for the channel, the way he approaches collaborations with partners and his acute understanding of the rapidly evolving changes taking place across the cybersecurity marketplace are unmatched. He is the ideal leader for our channel business, which plays such a pivotal role for our company.
LiveAction
LiveAction announced the release of a new Forrester TEI report showing the ROI organisations could realise by investing in LiveAction’s LiveNX and LiveWire products. It revealed that organisations could realise an ROI of 153% over three years – representing savings of $2.65 million when using these two LiveAction products.
Francine Geist, CEO of LiveAction, commented, “The network is both growing and becoming an ever more crucial foundation of and enabler to business transformation. Yet many still struggle to resolve network issues and employ manual strategies for network management. It’s time for organisations to regain centralised control and visibility over their network operations and this new report shows that investing in LiveNX and LiveWire products can help them do that”.
Malwarebytes
Malwarebytes announced a strategic partnership with XeneX SOC, a prominent security operations center (SOC) service provider. XeneX SOC will integrate the Malwarebytes for Business portfolio into its existing suite of cybersecurity products.
The combined solution will empower organizations to proactively identify and mitigate cyber threats through real-time threat detection, incident response and continuous monitoring. Customers gain access to a comprehensive security solution that combines cutting-edge technology and best-in-class security services, empowering them to defend against sophisticated cyber threats.
Brian Thomas, VP of Worldwide MSP and Channel Programs, Malwarebytes, said security is a critical concern for organizations of all sizes, and the partnership between Malwarebytes and XeneX SOC will provide customers with robust security solutions that help protect against evolving cyber threats. Together, we will bring our deep knowledge and expertise to bear, enabling businesses to safeguard their digital assets and ensure operational continuity.”
Trend Micro
Trend Micro announced that its close cooperation with law enforcement led to another major win after dismantling a prolific phishing-as-a-service (PaaS) operation.
Jon Clay, VP of threat intelligence at Trend: “Trend has been a committed partner of INTERPOL for many years, so when the call came for help, we didn’t waste a second. As this takedown proves once again, public-private partnerships backed by powerful threat intelligence can be a force multiplier for international cybercrime investigations.”
Trend found and reported to INTERPOL that:
- Attacks supported by 16shop were particularly prevalent in Japan, as well as the U.S. and Germany.
- Customers of 16shop were able to craft phishing pages to harvest Amazon, American Express, PayPal, Apple, and CashApp credentials as well as U.S. banking logins.
- The platform’s phishing kits automatically localized the language of phishing sites depending on the victims’ location.
- It featured capabilities designed to thwart analysis, such as anti-sandboxing and geolocated access restrictions.
- 16shop’s web infrastructure was hosted across numerous legitimate cloud providers to further avoid detection.
- The site was active from 2018 until at least 2021, with copycat sites most likely springing up after this date.
Trend’s threat intelligence report helped lead to the arrest of the suspected administrator of 16shop and two other suspects in Indonesia and Japan. In total, 16shop is estimated to have enabled phishing attacks on over 70,000 victims in 43 countries.
