As the holidays hit, security news was limited, with most focused on consumers and the risk from online shopping and fraud. One piece of interesting news was SimSpace securing $45 million in funding from L2 Point Management, taking inward investment to $70 million.
Checkmarx
Checkmarx has appointed Nitin Kumar Dang as Vice President for Asia Pacific (APAC), Middle East and Africa to oversee all regional operations. Dang has over 24 years of expertise in enterprise software sales and global operations, including in his prior role as Regional Director at Checkmarx.
Dang said: “I’m pleased that my passion for empowering enterprise development and security teams is recognized with this new role. I’m deeply motivated to help more enterprise organizations reduce risk and ensure that their mission-critical applications are secure in order to support digital transformation throughout APAC, the Middle East and Africa.”
Cisco
Cisco has announced it is to acquire Isovalent, Inc. an open source cloud native networking and security vendor. The intent behind the acquisition, claims Cisco, “is to bolster secure networking capabilities across public clouds.”
Jeetu Patel, executive vice president and general manager of Security and Collaboration at Cisco, said, “Together with Isovalent, Cisco will build on the open source power of Cilium to create a truly unique multicloud security and networking capability to help customers simplify and accelerate their digital transformation journeys.”
Importantly, Cisco has reaffirmed support for open-source projects that Isovalent contributes to. That includes:
- Cilium Mesh: allows for the easy connection of Kubernetes clusters with existing infrastructure across hybrid clouds,
- Tetragon: an eBPF-based open source security solution that provides visibility to and enforces runtime behavior within an application and on the network.
- Isovalent Enterprise: an enterprise distribution of Cilium and Tetragon.
ESET
ESET announced two pieces of news this week. In the first, it announced that its Japan partner Canon Marketing Japan Inc., has secured first rank in the Nikkei Computer Customer Satisfaction Survey 2023. This is the eleventh successive year that Canon Marketing Japan has won the award.
Nikkei Business Publications surveyed approximately 1,000 IT decision-makers at publicly listed and private companies with sales of more than 20 billion Yen. It also surveyed government offices. ESET’s PROTECT solutions achieved an exceptional Overall Satisfaction score of 76.1 points, a remarkable six points above the vendor average.
The second announcement was the release of the ESET Threat Report, summarizing threat landscape trends seen in ESET telemetry from June 2023 through November 2023. It called out Cl0p, a notorious cybercriminal group known for carrying out ransomware attacks on a major scale, garnered attention via its extensive “MOVEit hack.”
ESET Director of Threat Detection Jiří Kropáč, said, “The Cl0p attack targeted numerous organizations, including global corporations and US governmental agencies. A key shift in Cl0p’s strategy was its move to leak stolen information to public websites in cases where the ransom was not paid, a trend also seen with the ALPHV ransomware gang.”
Other notable threats mentioned in the report include:
- A new threat against IoT devices, Android/Pandora
- A considerable number of attempts to access malicious domains with names resembling “ChatGPT,” seemingly in reference to the ChatGPT chatbot.
- Another Android threat, SpinOK spyware, a software development kit that is found in various legitimate Android applications.
- An increase in cryptocurrency threats as the value of bitcoin has increased.
Europol
It has been a busy two weeks for Europol. In between drug busts, anti-terror and car crimes, there were three security announcements of note. The first looked at the constant problem with digital skimming. In a two-month action led by Greece, Europol alerted 443 merchants that their sites had been compromised
The second announcement was the release of Europol’s spotlight report on online fraud. It highlights the millions that online fraudsters are making through attacks ranging from ATM attacks, account takeovers and other criminal activity. In particular, it looks at how sophisticated fraudsters are becoming and how victims are often re-victimised. Attackers are also using social engineering as a key tool to compromise their targets.
The last announcement was the publication by Europol, Eurojust and the European Judicial Network of the 2023 edition of the SIRIUS European Union (EU) Electronic Evidence Situation Report.
The 84-page report is not a quick read but is important reading for chief legal officers and anyone involved in collecting forensic evidence. The view that it gives of the EU’s Electronic Evidence landscape is interesting and enlightening. In particular, it gives a look at the upcoming EU Electronic Evidence legislative package, something a lot of organisations may not be aware of.
Invicti
Invicti has announced that its Dynamic Application Security Testing (DAST) products are now available on the Microsoft Azure Marketplace. According to Invicti, its DAST solution “integrates out-of-the-box with Azure Pipelines CI/CD workflows.”
In a blog announcing its DAST solutions on the Azure marketplace, Kate Bachman, VP of Marketing, writes, “If you’re building applications in Azure cloud environments, there’s a good chance you’re using Azure Pipelines as your CI/CD tool. Invicti comes with built-in Azure Pipelines integration, making it a natural fit for Azure-based workflows.
“The ability to get Invicti solutions from the Azure Marketplace removes yet another obstacle on the journey toward making integrated and efficient application security testing a reality.”
LastPass
LastPass has appointed Don MacLennan as Chief Product Officer (CPO). MacLennan has 35 years of experience in the IT industry, including at SAP, RSA Security, AVG Technologies, McAfee and more recently at Barracuda. At both McAfee and Barracuda, he was SVP of Engineering & Product, so he has extensive experience in the product space.
According to the announcement, MacLennan will be tasked with developing a robust overarching product vision and strategy and partnering with the LastPass leadership team to define future roadmap(s) to create groundbreaking products that meet and exceed customer needs.
MacLennan said, “We are at a critical point in the security industry, as the future of passwords evolves into a passwordless future. I’m thrilled to join LastPass to help accelerate the development of the LastPass product.”
NTT Data
NTT Data has introduced a new global cyber security strategy. As part of that, it plans to increase the number of cybersecurity professionals it employs to 15,000 over the next five years. That number will see a doubling of its employees in the cybersecurity space, a move that will be welcomed by its customers.
In addition to doubling the number of cybersecurity professionals, the company is to launch a comprehensive range of advanced cybersecurity services. It says these will range from “strategy and technical consulting to technology integration, unified managed detection and response, and crisis response.” In all, there are to be 15 unified technology domains to cover cyber risk.
Hidehiko Tanaka, Senior Vice President, Head of Technology and Innovation General Headquarters, NTT DATA Group Corporation, said, “NTT DATA aims to create a safer digital society, enabling our clients to focus on business innovation and growth.
“Our new cybersecurity strategy brings together our worldwide resources, deep industry insights, and advanced technical skills to provide clients with comprehensive protection against today’s sophisticated threats. We aim to enable business transformations by a coherent global approach that stays a step ahead of evolving cyber threats, helping our clients to continue their growth with peace of mind.”
Sophos
Attackers are deliberately switching on remote encryption for their attacks, according to a new report by Sophos. It claims that use of this technique increased by 62% during 2023. The report, entitled CryptoGuard: An asymmetric approach to the ransomware battle, was authored by Mark Loman and Matt Wixey.
The authors say that groups such as Akira, ALPHV/BlackCat, LockBit, Royal and Black Basta are among those observed using this technique. It relies on the attackers compromising just one machine on the network and then using it to encrypt data on other machines.
Mark Loman, vice president, threat research at Sophos, and the co-creator of CryptoGuard, said, “Companies can have thousands of computers connected to their network, and with remote ransomware, all it takes is one underprotected device to compromise the entire network.
“Attackers know this, so they hunt for that one ‘weak spot’ — and most companies have at least one. Remote encryption is going to stay a perennial problem for defenders, and based, on the alerts we’ve seen, the attack method is steadily increasing.”
Tenable
Tenable has achieved the “Ready” designation at the moderate impact level from the Federal Risk and Authorization Management Program (FedRAMP). The award goes to Tenable Cloud Security, which is the third Tenable product to be awarded FedRAMP status.
Joe Welsh, vice president of Public Sector sales, Tenable, said, “Cloud adoption is a critical component of the U.S. federal government’s modernization efforts, but managing security of cloud environments is complex without complete visibility and an accurate understanding of cyber risk.
“We’re eager to get Tenable Cloud Security into the hands of government IT and security teams to eliminate cloud blindspots and take the guesswork out of remediation.”
Trend Micro
Another company achieving FedRAMP certification is Trend Micro. In this case, it has achieved FedRAMP ATO (Authorization to Operate) for its Trend Cloud One platform.
According to the announcement the capabilities delivered by Trend Cloud One include:
- Complete endpoint and workload security: Secure user endpoints, servers, data centers, and cloud workloads using a comprehensive SaaS solution without compromising performance.
- Highest level of protection against all types of threats: Detect and protect against vulnerabilities, malware, and unauthorized changes with comprehensive security for multiple environments.
- Integrations that enable faster detection and response: Eliminate blind spots, alert overload, operational complexity, and security gaps.
- Simplified compliance: Certified under FedRAMP, ISO, CSA, and more, Cloud One has the compliance capabilities to confidently streamline cyber risk management.
Vercara
Vercara published recent research that shows 75% of US Consumers would stop purchasing from a brand if it suffered a cyber incident. This is far from the first piece of research to make this claim over the past decade but as Target, T-Mobile, AT&T and many other US companies know, consumer statements like this have little impact in the long run.
What is interesting in this research is the numbers. They include:
- 75% of consumers expressing their readiness to sever ties with a brand in the aftermath of any cybersecurity issue.
- 66% of US consumers would not trust a company that falls victim to a data breach with their data.
- 44% of consumers attribute cyber incidents to a company’s lack of security measures.
- 54%, however, extend a degree of leniency toward smaller brands grappling with cyberattacks.
Two other numbers offer an interesting insight into consumer behaviour. For example, 55% of respondents use their corporate devices for online shopping, risking the business infrastructure. Additionally, 35% believe it’s difficult to impersonate large e-commerce brands.
Colin Doherty, CEO at Vercara, said, “In the current cyber landscape where most attacks start with some form of social engineering, it’s important for businesses to see their security policies through the eyes of their most vulnerable link – the employees.
“It’s important to run regular awareness and training sessions not just for the IT and cyber departments, but for all employees, as even more sophisticated ransomware and DDoS attacks can be spotted sooner if everyone knows what to look out for.”