Security news for the week commencing 22 January 2024 includes a range of new product announcements and reports. Bugcrowd released its latest report on crowdsourced security programs. It shows how effective they can be when companies do not limit the scope.
Checkmarx
Checkmarx has announced new integrations with ServiceNow. It will allow developers using DevOps Change Velocity to view Checkmarx scan summaries in DevOps with no impact on Application Vulnerability Response. It sees both the cloud-native Checkmarx One AppSec platform and Checkmarx SAST plugins are immediately available in the ServiceNow Store.
According to the announcement, the two plugins will enable users with the DevOps Change Velocity license to:
- View integration of Checkmarx scans within the ServiceNow DevOps toolchain
- Associate ServiceNow DevOps orchestration tools such as Azure DevOps, GitHub Actions or Jenkins directly to Checkmarx scans to be run on the pipelines
- View security scan results run during the DevOps pipeline within the ServiceNow pipeline execution report.
- Automate approval based on Checkmarx security scan results by enabling the change acceleration feature of DevOps Change Velocity, change-approval flows and policies
Ori Bendet, VP of Product Management at Checkmarx, said, “Checkmarx is committed to simplifying and streamlining effective application security for today’s developers whose time-to-delivery deadlines seem tighter every quarter.
“These Checkmarx integrations with ServiceNow DevOps can not only dramatically mitigate the risk inherent in cloud-native enterprise applications, but also empower developers and build trust between them and their security teams. Ease of use and more secure applications lead to greater success for the modern enterprise.”
Egress
Egress has agreed a partnership with UK charity Make-A-Wish. The partnership is set to run for a year and sees technology being used to boost the charity’s capability. Egress has donated 23 computers to the charity and will provide essential tech skills to help the charity scale its infrastructure.
Sarah Watson, Director of Finance and Technology at Make-A-Wish UK, commented, “We are truly excited about this collaboration with Egress and Make-A-Wish UK. Their commitment to our cause and their team’s technical capabilities will undoubtedly propel us forward, enabling us to grant even more wishes and bring happiness to the lives of children who need it most.
“If we can make the process of applying for a wish as simple as possible for families with critically ill children by improving our tech capabilities, the tech partnership will be a great success, and I have no doubt that Egress will deliver.”
Europol
Between 7 and 9 December 2023, Europol coordinated a massive international operation targeting Nigerian criminal networks active in the EU and abroad. Europol has just released details of the success of the operation. It includes:
- 15 persons arrested
- 18 victims or possible human trafficking victims detected
- 4 new investigations initiated
- 398 flights monitored
- 13 harbours monitored
- 19 postal services and express delivery companies monitored
- 57 checkpoints at borders and hotspots established
While many see Nigeria as a hot spot for various online frauds and scams, Europol says the threat has evolved. It highlights the move into drug trafficking across the EU, with cocaine and heroin being distributed.
It shows how cybercrime and fraud can underpin the move by criminal gangs into other types of crime.
FBI
A Russian national has been sentenced to five years and four months in prison for his involvement with the Trickbot malware. The case heard that he was involved in both the development and distribution of the malware that resulted in several hospitals and other businesses being affected.
The FBI office in Springfield, IL, has highlighted Identity Theft Awareness Week. It warns that Personally Identifiable Information (PII) theft can happen through a phone call, email, a malicious website, text, social media, or carelessly leaving your information exposed in public places. Even something as simple as your phone number in the hands of a bad actor can be enough to piece together enough information to steal your identity.
It goes on to say that victims in Illinois lost $4.8 million to identity theft in 2022, according to the FBI’s Internet Crime Complaint Center. It also provides some steps people can use to protect themselves against identity theft:
- Do not give out personal information via the phone, mail, or Internet/email unless you initiated the contact and are certain you are dealing with a trusted organization or individual.
- Verify requests for personal information from any business or financial institution by contacting them using the main contact information on their official website.
- Do not open, respond to, or click on links contained within unsolicited emails or texts.
- Use strong and different passwords to secure banking accounts, credit accounts, and other accounts that contain anything of value. Change passwords and check accounts routinely.
- Limit personal information shared publicly on social networking sites.
- Regularly obtain and check your credit reports from the three credit bureaus to ensure you recognize all accounts.
Forescout
Forescout has warned that critical infrastructure is under siege from a new wave of attacks. It says, “Forescout Research recorded more than 420 million attacks between January and December 2023. That is 13 attacks per second, a 30% increase from 2022.”
The details are revealed in a new report, “2023 Global Threat Roundup.” and a blog. The findings show that attacks were seen coming from 212 countries, showing how widespread the problem is. However, 77% of attacks came from just 10 countries, with China the most prolific.
Interestingly, 48% of attacks came from devices managed by ISPs, with 32% from other businesses and 10% from hosting or cloud providers. It shows the problem of compromised credentials and devices and how they are used in attacks.
Elisa Costante, VP of Research at Forescout Research – Vedere Labs, highlights the potential for positive change, stating, “While it’s true that current efforts have fallen short in fully harnessing crucial technology to fortify critical assets and assess risks, there is an opportunity for improvement.”
Qualys
Qualys published a number of blogs as it unveiled the latest updates to Qualys Web Application Server. The first blog focused on the upgrade to a new UI. According to Qualys, this is not about aesthetics. It is a comprehensive upgrade with a raft of new features. It lists 12 new features in the blog.
Another blog from Qualys focuses on upgrades to Qualys Cloud Agent. There are four key areas that have been improved. They are:
- Reduced Activity Periods (RAP)
- Enhanced Capabilities for VDI
- Agent Version Control
- Change Activation Key
The blog focuses on RAP and the enhanced capabilities for VDI that the new Qualys Cloud Agent delivers.
Qualys also released the Qualys Risk Reduction Recommendation Report. It builds on the TruRisk product the company released last year and is part of Qualys Patch Management. Using the TruRisk scores, the Risk Reduction report brings the remediation steps closer to vulnerabilities. The goal is to enable companies to focus on the top remediation actions to reduce the risk faster by using TruRisk scores.
ThreatQuotient
Enzoic and ThreatQuotient are partnering to provide companies with protection from compromised credentials. The integration uses Enzioc’s Exposure API to monitor user and domain exposures on the Dark Web. It will use the ThreatQ Platform to scan, and any exposures are presented in its graphical dashboard.
Mike Wilson, founder and CTO, Enzoic, said, “User credentials continue to be among hackers’ most sought-after targets. With Enzoic’s threat intelligence, ThreatQuotient customers can fight back and take swift action as soon as exposure is detected.
“The ThreatQ Platform is already a valuable resource for security operations to become more data-driven, efficient, and effective by getting the right data to the right systems and teams at the right time. Our Dark Web insights serve to broaden the scope of potential threats that can be identified.”