NIBS (credit image/Pixabay/ Ryan McGuire)Last week SaaS brand protection platform GreyScout raised £3 million in a funding round. Qualys has announced the Qualys Enterprise TruRisk Platform at the Qualys Security Conference (QSC) taking place in Orlando, Florida. CyberArk was selected by Glasgow Caledonian University (GCU) to protect the identity of 27,000 staff and students. Akamai published “The State of Segmentation 2023” report.

Egress

Egress has announced a new integration with Crowdstrike. The goal is to manage human risk in email. It will see the Egress Intelligent Email Security suite integrated with the AI-native CrowdStrike Falcon XDR platform. The resultant solution enhances Egress’ adaptive security model with identity risk scoring from CrowdStrike Identity Threat Protection.

The two companies believe that this will stop email-based threats driven by risky human behaviours. Egress uses AI-based detection to identify phishing attacks, human error and data loss. Reducing just these three will significantly lower the risk that email poses to most organisations.

Egress CEO Tony Pepper commented, “Every year, reports from across the industry highlight that the human element is involved in the majority of security incidents. Changing this narrative is only possible if vendors work together to share intelligence that can be aggregated to provide a hyper-accurate understanding of human risk across an organization.

“As technology suppliers within the customer ecosystem, we can all leverage enhanced user risk scores to automate better protection and surface insights that can be rapidly actioned by security teams. Today’s announcement is a positive step in that direction for Egress customers, enabling them to dynamically respond as risk changes across their estate and prepare for threats before they materialize.”

F-Secure

As the Black Friday and Cyber Monday sales approach, F-Secure has revealed that nearly 1 in 4 fall victim to online shopping scams. Those under 35 are most likely (46%) to fall victim to scams. Worryingly for small businesses, 62% of online shoppers avoid their stores due to misguided fears of online swindles.

The research found the top 10 shopping scams are:

  1. Tech or IoT (internet of things) devices 18%
  2. Clothing 17%
  3. Gifts 16%
  4. Sporting goods 15%
  5. Beauty 14%
  6. Food 13%
  7. Travel 12%
  8. Furniture or home décor 11%
  9. Vehicles 11%
  10. Concert tickets / event tickets 10%

Further findings revealed men are slightly more likely to be scammed (27%) than women (21%) and to lose more money than women.

Tom Gaffney, F‑Secure, said, “The next couple of months are the biggest shopping weeks of the year which we expect cyber criminals to try and take advantage of, particularly as the cost-of-living crisis may mean shoppers are looking for deals, but not necessarily safely.

“We would urge everyone to be extra vigilant at this time of year and follow our tips before making any purchase online. Scams are becoming increasingly more difficult to spot but consumers can do very simple things to check they are safe when they’re shopping.”

Fortra

Fortra today announced the availability of its business intelligence solution Sequel as a secure and supported alternative for Db2 Web Query, an IBM i tool recently withdrawn from the market.

Fortra’s Sequel delivers the features and functionality that Db2 Web Query customers rely on, such as a secure, browser-based deployment and a graphical interface. It also runs natively on IBM i. Sequel can directly access Db2 tables as well as data on other platforms, such as Microsoft SQL Server, ORACLE, and MySQL.

Tom Huntington, Executive Vice President of Technical Solutions, Fortra, said, “Our experience supporting customers who have relied on Sequel for decades has shown us how important business reporting and Db2 data is to the success of an organization.

“We know many Db2 Web Query customers are already urgently looking for a supported replacement and Sequel offers them a great alternative.”

Information Commissioners Office

The Information Commissioners Office (ICO) has announced it is dropping its investigation into a 2020 EasyJet hack due to a lack of resources. The details of 9 million people were stolen in the attack. The question is, what is now the threshold for the ICO to investigate? It appears that the loss of PII of 9 million doesn’t meet it. Is this the start of the ICO becoming a paper tiger?

The ICO has also had to apologise to Dame Alison Rose for giving the impression it was investigating her. The ICO has said, “Our comments gave the impression that we had investigated the actions of Alison Rose, the former CEO of NatWest Group. This was incorrect. We confirm that we did not investigate Ms Rose’s actions, given that NatWest was the data controller under investigation.”

Ivanti

Ivanti, is to partner with Securin Inc. Fueled by data from Securin’s Vulnerability Intelligence (VI), Ivanti Neurons for Vulnerability Knowledge Base provides authoritative, near-real-time vulnerability threat intelligence. So that security experts can expedite vulnerability assessments and prioritization.

The combination of the two vendors will enrich the intelligence in Ivanti Neurons for Vulnerability Knowledge Base. Data is drawn from a range of trusted sources. Ivanti says that it will include, MITRE, the National Vulnerability Database (NVD), CVE Numbering Authorities (CNAs), vendor advisories, and many more.

Securin’s API will also see Ivanti Neurons for Vulnerability Knowledge Base better able to seamlessly integrate with and enrich the capabilities of other Ivanti Neurons products.

Dr Srinivas Mukkamala, Chief Product Officer at Ivanti, said, “By partnering with Securin we are able to provide robust intelligence and risk prioritization to customers on all vulnerabilities no matter the source by using AI Augmented Human Intelligence.

“Securin’s commitment to innovation closely aligns with Ivanti’s objectives to provide best-in-class solutions for our customers. At Ivanti we are always looking at ways to provide customers with the most comprehensive information on real-world threats and help them on their journey to continuous threat exposure management and risk-based vulnerability management.”

LastPass

LastPass and Acronis, have announced a partnership that will give Managed Service Providers (MSPs) the first password management integration with Acronis Cyber Protect Cloud. The integration, accessible from the Acronis Cyber Protect Cloud marketplace, will enable MSPs to offer better password hygiene and streamlined password management across their client base.

Amy Appleyard, Chief Revenue Officer at LastPass, said, “We’re thrilled to work with the Acronis team and provide centralized password protection, making it easier for MSPs to administer their resold LastPass licenses and perform administrative tasks directly from the Acronis dashboard they’re already leveraging on a daily basis.”

The LastPass integration allows MSPs to help both clients and employees login to accounts. They can generate secure credentials without interrupting their workflow. They will also be able to share those credentials securely.

Logpoint

Logpoint has released its Vulnerability Monitoring Analyzer. Enhancing Logpoint’s Business-Critical Security (BCS) solutions automates the assessment of SAP patches. It also eases how these are prioritized. Automating the often manual SAP patching process improves the protection of SAP systems from cyber-attack.

Like many vendors, SAP releases monthly security patches. Prioritising these requires an understanding of the technical changes making prioritisation complex and needing manual intervention.

Sükrü Ilker Birakoglu, Senior Director at Logpoint, said, “SAP patches are crucial for maintaining the security, stability, and performance of the SAP software products as well as keeping your organization’s business processes running smoothly.

“Evaluating the patches’ relevancy is a lengthy, tedious, and time-consuming process, resulting in a reactive approach to the review process. This is problematic as cyberattackers specifically target the SAP systems that have not yet received the latest security updates.”

LogRhythm

LogRhythm has expanded its Research and Development (R&D) investment and customer support in India. It is to provide tailored and scalable cybersecurity solutions to organizations in the region. The strategic expansion sees LogRhythm double its allocated R&D center resources in India.

The company has also appointed Nandan Patil as the Regional Director of India Subcontinent. The new developments mark a critical milestone for LogRhythm and its Indian customers. Providing new security capabilities and expertise and streamlining its existing products and services.

LogRhythm’s CEO, Chris O’Malley, met with customers and partners in India during the week commencing 6th November, to drive this strategic expansion forward. He said, “LogRhythm’s unwavering commitment to providing continuous quarterly innovation to our customers stands apart in the cybersecurity industry, and our newly released cloud-native platform is just one example of this.

“I look forward to meeting our Indian customers and partners and talking to them in person to understand their unique cybersecurity challenges and needs and align our strategic investments accordingly.”

Malwarebytes

Malwarebytes has announced the launch of ThreatDown, formerly known as Malwarebytes for Business. It provides IT-constrained organizations with effective, easy-to-use cybersecurity. ThreatDown solutions include the new Security Advisor dashboard. There are also ThreatDown Bundles that combine the technologies and services needed to protect organizations from today’s sophisticated cyber landscape.

Marcin Kleczynski, Founder and CEO, Malwarebytes, said, “ThreatDown reflects what we provide our customers — powerfully simple endpoint security that takes down threat levels, without interrupting business.

“ThreatDown is about reducing the attack surface area as well as avoiding headaches and bringing down costs. We know cybersecurity can be complicated. Our goal is to remove the complexity for our partners and customers so they can gain peace of mind knowing they have a trusted expert in their corner.”  

ManageEngine

ManageEngine announced the launch of Endpoint Central MSP Cloud. It brings the advantages of the cloud’s scalability, flexibility, and efficiency to the remote monitoring and management (RMM) of endpoints. The solution is aimed at managed service providers (MSPs). The launch also completes the first stage of the company’s vision for a unified platform for MSPs.

Mathivanan Venkatachalam, Vice President of ManageEngine, said, “This cloud release enables service providers to focus on addressing their clients’ IT challenges and growing their businesses without the worry of operational complexities.

“Endpoint Central MSP Cloud delivers RMM capabilities for endpoints, enabling MSPs to automate everyday management and security tasks and allowing them to be available to help clients with their real-time requirements.”

Among the features of the Endpoint Central MSP Cloud are:

  • Extensive support for devices and operating systems.
  • A single agent for a wide range of capabilities across device management, security and compliance.
  • Integral remote access and troubleshooting without the need for additional setup or agents.
  • Extensive third-party patch automation across varied device types and environments.
  • Strong third-party integrations and a vast API ecosystem to promote interoperability with MSPs’ existing technology stacks.

Endpoint Central MSP Cloud is available immediately. Pricing starts at $2 per device, per month. A free, one-year license to manage 250 devices is available at mnge.it/Bkd. The free license offer extends to customers who migrate from the on-premises version of Endpoint Central MSP.

NetRise

Extended IoT (EIot) vendor NetRise, announced the release of Trace in the NetRise Platform. This new solution allows users to identify and validate compromised and vulnerable third-party and proprietary software assets. Using AI-powered semantic search for the first time.

Trace revolutionizes vulnerability detection and validation by introducing intent-driven searches. It gives users a new way of searching assets. Now they can focus on the underlying motives or purposes behind the code and configurations that lead to vulnerabilities. It removes the reliance on signature-based methods.

Michael Scott, Co-Founder, CTO, and Chief Scientist of NetRise, said, “Identifying issues in XIoT devices and their components has been an especially challenging problem.

“This product release represents a significant advancement in product security and streamlines the detection and resolution of issues in complex systems. Moreover, it changes how NetRise customers discover and address issues more generally, with AI as a key driver in process enhancements.”

Key enhancements and capabilities of the new Trace solution in the NetRise Platform include:

  • AI-Powered Search: Semantic and keyword-based search for all files, operating system configurations, and vulnerabilities across all assets using AI.
  • Deep Supply Chain Introspection & Origin Tracing: Discover and trace the origin of code and risk back to the third-party or proprietary software packages that introduced it across all assets.
  • LLM-Based Vulnerability Discovery & Validation: Identify vulnerabilities and gauge their impact in the software supply chain. Using code-based or broad natural language queries, validating issues across an organization’s firmware, software, and cyber-physical systems.

NTT

NTT has revealed the five trends it thinks will dominate cybersecurity in 2024. Each, of the five trends, is already having an impact on the cybersecurity industry. Most are also trends that enterprises are concerned about.

  • Security for the Age of AI — NTT sees malicious actors increasing their use of AI. It is bing used to accelerate malware and exploit development. It is also beginning to be used for passive reconnaissance work to identify targets, software and weaknesses. Cyber attackers are also businesses and will take advantage of AI to reduce their costs and deliver more effective workflows.
  • Safeguarding Trust in Election Results — There are major presidential elections in Taiwan and the United States during 2024. The UK may also see a general election in the same timeframe. The use of generative AI to spread disinformation is expected by most cybersecurity experts. AI will raise the level of disinformation seen in other election campaigns over recent years to a new high.
  • Implementing a Zero Trust Framework — The security industry has been talking about zero-trust for some time. A number of recent surveys have pointed out that it is wanted by enterprises. However, skills shortages have made it hard to deploy. NTT sees an increasing need for a framework that will be implemented across many parts of organizations to enhance security defenses.
  • Preparing for the Looming Quantum Threat — Quantum technology is not widely accessible, affordable or understood yet by enterprises and attackers alike. NTT points to the work being done to secure it and minimise the risks of its abuse. These range from technical solutions to government statements and controls. The biggest concern is the time it will take for organisations to implement new technologies which will create a  window of opportunity for attackers.
  • Advancing Cryptography and Encryption in 2024 — NTT has its own extensive research in this area with solutions like ABE (attribute-based encryption). It believes it is ready for real-world adoption. It does see significant concerns of privacy due to the absence of assured privacy in interactions with AI models.

Sophos

Sophos has released its State of Ransomware in Retail 2023 report (registration required). The results make for miserable reading, if you are a retailers. Only 26% of organisations were able to disrupt a ransomware attack before their data was encrypted. Sophos says that this is the lowest rate in the last three years.

However, the decline is in line with recent years. In 2021, 34% disrupted attacks. In 2022, that dropped to 28%. The question is, where does it go next?

According to the report, “..for those retail organizations that paid the ransom, their median recovery costs (not including the ransom payment) were four times the recovery costs of those that used backups to recover their data ($3,000,000 versus $750,000).”

Chester Wisniewski, director, global field CTO, Sophos, said, “Retailers are losing ground in the battle against ransomware. Ransomware criminals have been encrypting increasingly greater percentages of their retail victims in the last 3 years, as evidenced by the steadily declining rate of retailers stopping cybercriminal attacks in progress.

“Retailers must up their defensive game by setting up security that detects and responds to intrusions earlier in the attack chain.”

Retailers are a profitable set of victims, according to the data in the report. 43% paid the ransom last year. How many will pay next year?

Tenable

Japanese companies want to become more proactive when it comes to cybersecurity, according to a new study by Tenable. The study is titled, Old Habits Die Hard: How People, Process and Technology Challenges Are Hurting Cybersecurity Teams in Japan, (account required).

It discovered that 74% of Japanese respondents believe they could do better if they were proactive. However, 68% indicated they spend the majority of their time addressing critical incidents, hindering them from taking a proactive stance. Moreover, 72% of organisations say their IT teams are more concerned with uptime than patching/remediation.

According to Naoya Kishima, Country Manager at Tenable Japan, “Siloed cybersecurity tools, and by extension, the teams behind them, are inadvertently preventing organisations from having a clear, continuous, and comprehensive view of their cyber risk. Internal mindsets further complicate matters, and make collaboration between IT and security teams challenging.”

Trend Micro

Trend Micro published for the third quarter of fiscal year 2023, ending September 30, 2023.

Key figures included:

  • Net sales growth increased 13% at actual currency across all regions and product segments.
  • Enterprise ARR annual recurring revenue increased by 20%, exceeding US$745 million.
  • Increase of 22% year-over-year totaling over 74 million+ enterprise assets protected.
  • Increase of 30% year-over-year growth of free cash from operations.

Eva Chen, CEO and Co-founder, Trend Micro said, “Amidst the dynamic cybersecurity landscape, we proudly marked our 100th consecutive quarter of profitability, a milestone rarely achieved in the public market and one we attribute to our customers’ embrace of innovations. We are relentlessly focused on delivering customers a platform to increase risk visibility and decrease complexity of their security stack, while we are simultaneously advancing our corporate balance of growth and profitability.”

Veeam

Kasten by Veeam announced the release of its New Kasten K10 V6.5 platform for Kubernetes during KubeCon + CloudNativeCon North America. The new release introduces trusted container environments, enhanced ransomware protection and data protection support for large-scale Kubernetes environments.

It also celebrated the first anniversary of KubeCampus, an online career development resources for the Kubernetes developer community. With a new partnership with WeAreDevelopers, a leading community for developers invested in accelerating tech talent. The partnership will deliver new, expanded content, live events, additional labs, co-hosted podcasts and Learning Days. As well as feature shared resources and career opportunities both communities can leverage year-round.

Kasten by Veeam also announced that Kanister, an open-source framework that provides application-level data backup and recovery, has been accepted by the Cloud Native Computing Foundation (CNCF) as a sandbox project. Indicating that the project adds value to the CNCF mission and encourages public visibility within the community.

Zimperium

Zimperium, announced it has taken the next step in supporting the Australian government, by initiating an IRAP assessment of its Mobile Threat Defense(MTD) solution in a sovereign Australian data centre — enabling agencies and critical infrastructure organisations to seamlessly adopt mobile threat defence capabilities to detect mobile breaches and protect data.

Shridhar Mittal, CEO for Zimperium, said, ”The launch of sovereign-hosted MTD is a game changer, facilitating significant cost savings, and rapid adoption and time to value for our government customers.

“Zimperium has also played a significant role in protecting other governments for a number of years, including the US Department of Defense, where we have secured the mobile devices used by armed forces to prevent incursion by hostile state actors. We can now do the same for the Australian government and infrastructure organisations.”

Security news from the week beginning 30 October 2023

 

RELATED ARTICLESMORE FROM AUTHOR

LEAVE A REPLY

Please enter your comment!
Please enter your name here