FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Monday, November 30, 2020

Cyber Attack on AstraZeneca COVID-19 Vaccine Research

Cambridge based Pharmaceutical Company AstraZeneca has hit the news headlines this week for all wrong reasons. While the company is busy in discovering an efficient vaccine to curb the spread of Corona Virus, news is out that the scientists working on the project are being targeted by fake job offer filled emails laced with data stealing and spying malware.

Although AstraZeneca remained silent on this issue, its vaccine discovering partner University of Oxford issued a statement yesterday confirming the incident. The Vaccine development department also announced that it is working with the UK’s NCSC in finding out the culprits behind the launch of the cyber attack.

Unconfirmed sources claim the AstraZeneca’s R&D department working on the vaccine was been hit by many emails that were laced with malware in the form of email attachments.

Cybersecurity Insiders has learnt that the hackers were seen posing as recruiters and were offering 10 times more salary to COVID-19 vaccine developers working for the British company via LinkedIn and WhatsApp- that when probed attested to be mere fake job offers.

North Korea has denied all allegations put forward by AstraZeneca through Reuters and added that their government had no intention to do so. A spokesperson from North Korean’s Foreign Ministry said that some yellow media journalists living in United States fabricated the speculations published in Reuters.

Preliminary inquiries revealed that all the efforts put forward by hackers were neutralized, as AstraZeneca has one of the world’s best IT infrastructure and staff managing it with great efficiency.

The post Cyber Attack on AstraZeneca COVID-19 Vaccine Research appeared first on Cybersecurity Insiders.


December 01, 2020 at 10:14AM

Ransomware news headlines trending on Google

First, those spreading Clop Ransomware are found making the file encrypting malware foster with more sophistication. In a recent discovery, SentinelLabs security researcher Vitali Kremez found that the said ransomware has evolved with a new potential of disabling the onboard security software and then encrypting the entire Windows Machine.

“Clop Ransomware after installation, starts a small program onto the victim machine that disables security software like Malwarebytes and then steals data and then locks down the entire system from access until a ransom is paid”, said Kremez from SentinelLabs.

It does so by altering the registry values and then disabling the Windows Defender. And it gradually attacks the functioning of the behavior monitoring, real-time protection and other security values and neutralizes them after added Kremez.

Training, making a layered defensive approach and having a backup up plan in place can only save the companies operating with Windows OSes loaded computer systems say experts.

Meanwhile, news is out that Huntsville City Schools will be closed down on Tuesday and Wednesday as the servers offering digital services to the staff and students were reportedly infected by ransomware.

At the time of this article writing, Huntsville school authorities have confirmed the closure of schools on Tuesday. But haven’t confirmed on what is in store for the 24,000 students on Wednesday as the IT staff has been working 24×7 to restore the services to normalcy ASAP.

All parents of the school have received Robo-calls (pre-recorded automated voice messages of phone) that they have to ask their children to submit their laptops and chrome books to the school authorities, as this can help contain the malware spread via network.

Craig Williams, the school spokesperson, confirmed the incident and urged students and teaching staff not to use their officially issued phones or computers until further notice.

 

The post Ransomware news headlines trending on Google appeared first on Cybersecurity Insiders.


December 01, 2020 at 10:12AM

​​​​​​​The perfect storm: How digital transformation is reshaping security and networking

Think back to the end of 2019. Enterprises were evolving IT infrastructure at a moderate pace to reduce costs, be more competitive, and improve their ability to adapt to an increasingly digitized world. Whether migrating workloads to the cloud, virtualizing network functions, diversifying mobility, or moving applications and services closer to the edge, digital transformation was steadily evolving the business landscape.
Then came COVID, and in less than 12 months, digital transformation went from that steady evolution to an absolute imperative, accelerated by a suddenly remote workforce and realization that the network (especially user access to data, services, and applications) and its security are the lifeblood of business. Conversations in the C-Suite quickly changed in tone, focusing on one crucial question: How quickly can we pivot and securely update or even rebuild our network to provide for  future business continuity and remain competitive?
Even as businesses continue to traverse the challenges…

Rupesh Chokshi Posted by:

Rupesh Chokshi

Read full post

      

The post ​​​​​​​The perfect storm: How digital transformation is reshaping security and networking appeared first on Cybersecurity Insiders.


December 01, 2020 at 09:11AM

5 Issues the Security Industry Needs to Resolve in 2021

As 2020 comes to a close, security professionals around the world have started assessing how to make the most significant improvements next year.

Here are five issues that the security sector should strongly consider taking a collective approach to fix — or at least improve — in 2021.

1. People Ill-Equipped to Work From Home

The COVID-19 pandemic caused many decision-makers to let people work from home whenever possible. Employees of numerous companies can keep doing that for the foreseeable future, in fact. However, remote working environments introduce new security issues to tackle.

A June 2020 poll from IBM of Americans who recently started working from home revealed some worrisome findings. For example, 45% of them did not receive new training before beginning to work remotely. Then, 53% reported using personal laptops without receiving new security tools for those devices.

IT security professionals cannot assume that employees know how to stay safe online while getting stuff done from home. Providing them with widely available tools like password managers and distributing cybersecurity checklists with best practices could help organizations with distributed workforces maintain protection from threats.

2. Ransomware on the Rise Globally

Ransomware is an issue that’s not going away anytime soon. The trouble is that it’s getting worse. Company leaders must prepare now to limit how it might affect them.

Research associated with the third quarter of 2020 found a 98.1% increase in ransomware attacks in the United States compared with first-quarter figures. Sri Lanka experienced a staggering 436% increase, while there was a 57.9% jump in Russia. Double extortion is another recent trend. Before cybercriminals encrypt stolen information, they take sensitive data and threaten to publish it unless victims pay the demanded amount.

Performing regular data backups and making the content accessible via several methods could enable companies to keep operating smoothly if perpetrators interfere with the availability of crucial files. However, security professionals must go further to identify and fix the vulnerabilities that give unauthorized parties access.

3. The Lack of Gender Diversity

A study associated with data centers found that females typically comprise less than 5% of the staff roles in those facilities. That’s the reality, despite the same research indicating that 45% of respondents believe the lack of female representation poses a threat to their industry.

Unfortunately, the situation is not much better in the cybersecurity sector. Statistics show that women make up only 14% of the North American cybersecurity workforce, a mere 7% in Europe and 5% in the Middle East.

Companies can tackle this issue in numerous ways. For example, they might launch scholarship programs or internship opportunities that specifically target women in cybersecurity. Business leaders can also explore whether their job ads unintentionally feature male-centric language and remove instances of it.

4. Unhelpful Perceptions of the Cybersecurity Industry and Its Practitioners

The IT security industry has a culture problem. That issue also decreases diversity in the field, but it is one of many contributing factors.

The broad public perception — that security practitioners do little to dispel — is that cybersecurity is a “dark arts” specialty full of mystique. That assumption often promotes the development of IT security tools that are overly complex and daunting for the public to use.

Cybersecurity professionals possess specialized skills, but they must play central roles in spreading the idea that everyone can help secure our infrastructure.

They also need to address this issue with better communication. For example, a board member could easily become overwhelmed by hearing industry jargon. Describing concepts using accessible language should help security professionals make progress and get their points across.

5. Concerns About On-Premises Safety

While many employees can work from home to stay safer during the pandemic, cybersecurity professionals often do not have that option. Some perform duties that require coming into offices. Others work in classified facilities that don’t permit remote possibilities.

Unfortunately, 78% of cybersecurity professionals reported having concerns about their safety while on-site. Organizational leaders cannot remove all risk, but they can minimize it.

Providing masks and hand sanitizer for on-site personnel are good starting points. However, decision-makers should also explore staggered shifts and have people consistently work alongside the same colleagues. Those things reduce how much time employees spend mixing with larger numbers of people, restricting virus transmission potential and facilitating better contact tracing if an outbreak happens.

Awareness Paves the Way for Progress

These five issues pose daunting challenges for the cybersecurity sector. It is unrealistic for people to think that they or their companies can completely fix all of them next year.

However, becoming aware of the problems and committing to making progress should lead to meaningful outcomes that strengthen the industry and empower the people working in it.

The post 5 Issues the Security Industry Needs to Resolve in 2021 appeared first on Cybersecurity Insiders.


December 01, 2020 at 05:21AM

Can good cybersecurity policies improve our quality of life?

In 2020, The World Economic Forum (WEF) named cyberattacks as one of the top long-term threats facing the planet in its annual global risk analysis report. With the damage to reputation, consumer trust and financial loss now well documented during high-profile data breaches, businesses are more aware of the risk they face and how they can better protect themselves. However, one area of cybersecurity that receives less attention is the impact good cybersecurity practices can have on quality of life.

The Mid-Year Data Breach QuickView Report, highlights the extent of this problem, revealing that the number of records exposed this year has been four times higher than any previously reported time period, at an incredible 27 billion.

Yet, while the impact on organisations has been well documented in the media, cyberattacks such as the First American Financial Corp. data breach in 2019 has highlighted the long drawn out journey consumers also face when their information is taken.

Digital Quality of Life

Before going further in this blog, it is important to define exactly what is meant by a digital quality of life. The concept itself revolves around five key pillars that influence digital equality and wellbeing. These are internet quality, affordability, cybersecurity, online government services and electronic infrastructure. The idea is that when these five pillars are secured, the standard of health, comfort, and happiness experienced by an individual or group increases.

What role does cybersecurity play on individuals’ well-being?

The link between well-being and cybersecurity is one that is pretty straightforward. This is because while the organisation affected by a cyberattack may leave the news after weeks or months, the journey for the consumer can last a lifetime.

Indeed, there can be no doubt that becoming a victim of a cyberattack or having your data stolen in a breach is extremely stressful, with Stanford professor of psychiatry and behavioral sciences, Elias Aboujaoude’s, study revealing that patients often suffer from anxiety, depression, and post-traumatic stress disorder when their personal details are exposed online.

This is understandable given that when our private information gets into the wrong hands, whether it is then used for malicious reasons or otherwise, we undoubtedly feel an elevation in anxiety. This is further exacerbated if it is a breach of sensitive information like medical records. Also adding to the anxiety is the effort to determine and follow the process in identifying information that has been taken and determining the risk is to your digital accounts.

In addition, victims find themselves having to do a lot of work to repair the damage done. This can include calling your bank if financial information has been taken, changing your passwords for any related accounts, and even filing police reports in the most serious cases of cybercrime. As it is almost impossible to tell what the outcome will be if these processes are not undertaken, individuals may feel the consequences of these breaches for a long time.

How can governments and enterprises help?

The research above highlights why a government that is responsible to create the foundation to protect and provide for its citizens would pass strong privacy laws that address the ongoing distress caused by current data management habits. Regulation that punishes those companies who are lax with their customers’ data inherently reinforces a feeling of security for citizens. It is interesting to note, that in the Digital Quality of Life Survey 2020, seven out of 10 countries with the highest digital quality of life are in Europe and are thus protected by the GDPR. From this, it appears there is a clear link between the creation of effective cybersecurity policies and the ability to reassure citizens that their credentials are secure and being used ethically according to laws set by the institutions designed to protect them.

For enterprises, investing in secure digital infrastructure should be a priority. With 75 percent of consumers reporting, in a 2018 IBM survey, that they would not buy a product from a company – no matter how great the products are – if they don’t trust the company to protect their data, poor cybersecurity posture is not something businesses can afford to take lightly.

And, although it’s great to have a plan of action when a breach or ransomware attack occurs, it’s even better for businesses to take charge and proactively protect their costumers’ private information (PII). All data security begins with implementing least privileged access to the sensitive data. The foundation for creating a data safe environment begins with controlling access to applications and systems using an identity and access management solution, such as multifactor authentication. To complete a data security strategy the sensitive data needs to be protected as well with policy that prevents unauthorized access using access controls, encryption, tokenization and maintaining audit logs. After all, in the long term these investments won’t just save the company and CSO stress, but also, just as importantly, help their customers achieve a high digital quality of life.

Learn more here about how to create an effective encryption strategy in your organisation.

The post Can good cybersecurity policies improve our quality of life? appeared first on Cybersecurity Insiders.


December 01, 2020 at 12:51AM

Critical Event Management Category Leader Everbridge Makes Key Appointments to Expand its Global Marketing and Communications Functions

BURLINGTON, Mass.–(BUSINESS WIRE)–Everbridge, Inc. (NASDAQ: EVBG), the global leader in critical event management, today announced two executive appointments focused on the expansion of its market-leading and global brand, as well as the continued international category creation for critical event management (CEM). Everbridge pioneered CEM and continues to innovate and grow the importance of the category which has taken on increased urgency due to the COVID-19 pandemic. Stacey Wu, former SVP of Global Marketing at Fortinet joins Everbridge as Chief Marketing Officer (CMO), and Jessica Deckinger, former three-time CMO and veteran branding and communications executive, joins as Chief Communications Officer. Both will report directly to Everbridge CEO David Meredith.

Everbridge expands its global marketing and communications reach across more industries and geographies to better serve the integrated risk management challenges of organizations around the world, and to grow awareness for the importance of CEM to the safety of people and operations. As the original creator of the critical event management category, increasingly a CEO- and Board-level imperative, Everbridge and its mission now grow in importance every day as the world navigates a generational ‘black swan’ event resulting from coronavirus. The collective experience of Ms. Wu and Ms. Deckinger will be instrumental to Everbridge’s global marketing expansion for its award-winning CEM platform, its Public Warning solution currently deployed to provide country-wide alerting in 11 countries, and the company’s suite of COVID-19 Shield™ Return to Work and Contact Tracing solutions.

The company also announced that Joel Rosen, who led Everbridge’s global marketing and communications teams during the company’s successful IPO and subsequent strong growth and pioneering of the CEM category, has decided to leave to pursue the next chapter in his career.

“Our mission to keep people safe and organizations running, coupled with our market-leading technology platform in the increasingly relevant critical event management industry, enables us to attract the highest caliber talent,” said David Meredith, CEO of Everbridge. Stacey and Jessica demonstrate our ability to hire top leaders with great credentials. They both ran marketing and communications organizations for major global brands and bring to Everbridge extensive expertise, as well as graduate degrees from MIT and Harvard, respectively.”

Prior to serving as SVP Global Marketing at Fortinet, a multibillion in revenue market cap software leader securing the largest enterprise, SMB, service provider, and government organizations around the world, Stacey Wu held executive marketing leadership and global demand generation positions at Avaya and Symantec. Earlier in her career, Stacey cultivated her breadth of marketing knowledge at Check Point, NEC and HP. Stacey received a Master of Business Administration from the MIT Sloan School of Management.

“We are in the early stages of a growing market opportunity for CEM,” said Wu. “I look forward to bringing my international marketing experience to Everbridge, having built and run a global demand generation engine at Fortinet that helped drive the company’s rapid growth. After working in cybersecurity for over 15 years to protect consumers and businesses against digital threats, I am honored to be a part of the Everbridge mission and to further elevate the importance of the category of critical event management.”

Jessica Deckinger brings over 20 years of experience in growth strategy, brand and digital marketing, communications, public relations, customer engagement, insights, and analytics, as well as human-centered experience design. She holds an MBA from Harvard Business School.

“The importance of CEM to the world’s top brands including Goldman Sachs, IBM and Siemens, as well as governments and healthcare agencies around the world, was evidenced by the significant global attendance at Everbridge’s recent COVID-19: Road to Recovery Symposium,” said Deckinger. “I consider it a rare opportunity to join such an incredibly strong team and to be a part of a company delivering on such a powerful mission.”

Last month, Everbridge hosted its “COVID-19 R2R: The Road to Recovery” virtual leadership summit featuring marquee keynote speakers including the 43rd President of the United States George W. Bush, as well as presidential advisor and Director of the National Institute of Allergy and Infectious Diseases (NIAID) at the U.S. National Institutes of Health (NIH) Dr. Anthony Fauci, Virgin Group Founder Sir Richard Branson, and renowned neurosurgeon and CNN Chief Medical Correspondent Dr. Sanjay Gupta. To learn more, go to COVID-19 R2R: The Road to Recovery.

About Everbridge

Everbridge, Inc. (NASDAQ: EVBG) is a global software company that provides enterprise software applications that automate and accelerate organizations’ operational response to critical events in order to Keep People Safe and Businesses Running™. During public safety threats such as active shooter situations, terrorist attacks or severe weather conditions, as well as critical business events including IT outages, cyber-attacks or other incidents such as product recalls or supply-chain interruptions, over 5,400 global customers rely on the company’s Critical Event Management Platform to quickly and reliably aggregate and assess threat data, locate people at risk and responders able to assist, automate the execution of pre-defined communications processes through the secure delivery to over 100 different communication devices, and track progress on executing response plans. The company’s platform sent over 3.5 billion messages in 2019 and offers the ability to reach over 600 million people in more than 200 countries and territories, including the entire mobile populations on a country-wide scale in Australia, Greece, Iceland, the Netherlands, New Zealand, Peru, Singapore, Sweden, and a number of the largest states in India. The company’s critical communications and enterprise safety applications include Mass Notification, Incident Management, Safety Connection™, IT Alerting, Visual Command Center®, Public Warning, Crisis Management, Community Engagement™ and Secure Messaging. Everbridge serves 8 of the 10 largest U.S. cities, 9 of the 10 largest U.S.-based investment banks, 47 of the 50 busiest North American airports, 9 of the 10 largest global consulting firms, 8 of the 10 largest global auto makers, all 4 of the largest global accounting firms, 9 of the 10 largest U.S.-based health care providers, and 7 of the 10 largest technology companies in the world. Everbridge is based in Boston and Los Angeles with additional offices in Lansing, San Francisco, Abu Dhabi, Beijing, Bangalore, Kolkata, London, Munich, New York, Oslo, Singapore, Stockholm and Tilburg. For more information, visit www.everbridge.com, read the company blog, and follow on LinkedIn, Twitter, and Facebook.

Cautionary Language Concerning Forward-Looking Statements

This press release contains “forward-looking statements” within the meaning of the “safe harbor” provisions of the Private Securities Litigation Reform Act of 1995, including but not limited to, statements regarding the anticipated opportunity and trends for growth in our critical communications and enterprise safety applications and our overall business, our market opportunity, our expectations regarding sales of our products, our goal to maintain market leadership and extend the markets in which we compete for customers, and anticipated impact on financial results. These forward-looking statements are made as of the date of this press release and were based on current expectations, estimates, forecasts and projections as well as the beliefs and assumptions of management. Words such as “expect,” “anticipate,” “should,” “believe,” “target,” “project,” “goals,” “estimate,” “potential,” “predict,” “may,” “will,” “could,” “intend,” variations of these terms or the negative of these terms and similar expressions are intended to identify these forward-looking statements. Forward-looking statements are subject to a number of risks and uncertainties, many of which involve factors or circumstances that are beyond our control. Our actual results could differ materially from those stated or implied in forward-looking statements due to a number of factors, including but not limited to: the ability of our products and services to perform as intended and meet our customers’ expectations; our ability to successfully integrate businesses and assets that we may acquire; our ability to attract new customers and retain and increase sales to existing customers; our ability to increase sales of our Mass Notification application and/or ability to increase sales of our other applications; developments in the market for targeted and contextually relevant critical communications or the associated regulatory environment; our estimates of market opportunity and forecasts of market growth may prove to be inaccurate; we have not been profitable on a consistent basis historically and may not achieve or maintain profitability in the future; the lengthy and unpredictable sales cycles for new customers; nature of our business exposes us to inherent liability risks; our ability to attract, integrate and retain qualified personnel; our ability to maintain successful relationships with our channel partners and technology partners; our ability to manage our growth effectively; our ability to respond to competitive pressures; potential liability related to privacy and security of personally identifiable information; our ability to protect our intellectual property rights, and the other risks detailed in our risk factors discussed in filings with the U.S. Securities and Exchange Commission (“SEC”), including but not limited to our Annual Report on Form 10-K for the year ended December 31, 2019 filed with the SEC on February 28, 2020. The forward-looking statements included in this press release represent our views as of the date of this press release. We undertake no intention or obligation to update or revise any forward-looking statements, whether as a result of new information, future events or otherwise. These forward-looking statements should not be relied upon as representing our views as of any date subsequent to the date of this press release.

All Everbridge products are trademarks of Everbridge, Inc. in the USA and other countries. All other product or company names mentioned are the property of their respective owners.

The post Critical Event Management Category Leader Everbridge Makes Key Appointments to Expand its Global Marketing and Communications Functions appeared first on Cybersecurity Insiders.


December 01, 2020 at 12:50AM

DefenseStorm Secures $12M in Series B Capital Raise

ALPHARETTA, Ga.–(BUSINESS WIRE)–DefenseStorm, the leading cloud-based cybersecurity and cybercompliance management provider to regional and community banks and credit unions, announced today that it has raised a $12M Series B round, bringing its total funding to $47M. Georgian, a fintech investing in high growth technology companies, led the round, with participation from TTV Capital.

Founded in 2014, DefenseStorm unifies detection, investigation, resolution and reporting into a single system of record to deliver real-time cyberthreat exposure and safety. DefenseStorm’s growth comes at a time in which the financial sector has seen cyberthreats increase rapidly. This round of funding will accelerate DefenseStorm’s capabilities to better help its customers.

DefenseStorm has also secured $7M in growth capital financing from CIBC Innovation Banking.

“Thanks to the support of Georgian, TTV Capital and CIBC Innovation Banking, DefenseStorm is poised for another incredible growth period,” said Steve Soukup, chief executive officer of DefenseStorm. “Our primary goal is to invest our time and resources into our current and potential customers, our hardworking employees and our own innovative solutions to continue serving the financial industry to the best of our ability.”

This round of funding will accelerate several of DefenseStorm’s strategic growth initiatives including technical and user-facing product changes and establishing greater platform efficiency and scalability. In 2020, the financial sector has been faced with a growing threat landscape and continues to undergo a digital transformation. To combat these challenges, DefenseStorm will be bringing its CyberFraud module to market and is focusing on driving high efficiencies through its TRAC service provider team, which delivers blended expertise across cybersecurity and fraud threats.

“DefenseStorm has taken a leading approach to building out their AI capabilities,” said Alex Manea, head of security and privacy at Georgian. “The market is demanding effective cybersecurity and compliance solutions, and DefenseStorm is answering on all fronts: efficient service, next-generation platform, and an exceptional team to execute.”

In addition, DefenseStorm has made several critical hires to support these strategic initiatives, adding over 35 years of diverse experience in product management and engineering since early October. DefenseStorm plans to continue strategically staffing the teams required to execute plans for 2021 and beyond.

“DefenseStorm helps financial institutions stay ahead of security threats by ensuring the integrity of their networks and client data,” said Paul Gibson, managing director at CIBC Innovation Banking.“We are proud to work with DefenseStorm to provide flexible financing solutions to help fuel its continued growth and further expand its security and compliance offerings.”

“Regional banks and credit unions struggle with the same complex compliance challenges as larger institutions, but without the budget to effectively solve those challenges,” said Mark Johnson, general partner at TTV Capital. “We see DefenseStorm as evening this playing field, allowing smaller institutions to compete in larger spaces, and we are thrilled to be able to contribute to this mission.”

About DefenseStorm

DefenseStorm provides cybersecurity and cybercompliance solutions specifically built for banking to achieve and maintain Cyber Safety & Soundness. The DefenseStorm GRID is the only co-managed, cloud-based and compliance-automated solution of its kind, operating as a technology system and as a service supported by experts in FI security and compliance. It watches everything on a bank’s network and matches it to defined policies for real time, complete and proactive cyber exposure readiness, keeping security teams smart and executives accountable. FFIEC CAT requirements are built-in and automated, as can be other frameworks and an FI’s own policies, to achieve Active Compliance. A Threat Ready Active Compliance (TRAC) Team augments a bank’s internal team to protect business continuity and skills availability while also ensuring cost-effective coverage and management. For more information, visit www.DefenseStorm.com.

About Georgian

Georgian is a fintech company investing in high growth software companies that harness the power of data in a trustworthy way. At Georgian, we’re building a platform to provide a better experience of growth capital to software company CEOs and their teams. Georgian’s platform is designed to identify and accelerate the best growth-stage software companies, taking an intelligent, data-first approach to solving the key challenges CEOs face as they grow their businesses. Based in Toronto, Georgian’s team brings together software entrepreneurs, machine learning experts, experienced operators and investment professionals. For more information, visit https://georgian.io/.

About TTV Capital

TTV Capital is one of the longest active venture capital firms investing in fintech. Bringing more than 20 years of venture investing experience, we identify innovators in financial services and take a collaborative, entrepreneur-first approach to building our portfolio companies. For more information, visit https://ttvcapital.com/.

About CIBC Innovation Banking

CIBC Innovation Banking delivers strategic advice, cash management and funding to North American innovation companies at each stage of their business cycle, from start up to IPO and beyond. With offices in Atlanta, Austin, Chicago, Denver, Menlo Park, Montreal, New York, Reston, Toronto and Vancouver, the team has extensive experience and a strong, collaborative approach that extends across CIBC’s commercial banking and capital markets businesses in the U.S. and Canada. For more information, visit cibc.com/innovationbanking.

The post DefenseStorm Secures $12M in Series B Capital Raise appeared first on Cybersecurity Insiders.


December 01, 2020 at 12:50AM

Coalition Against Stalkerware’s One Year Anniversary Recognizes Milestones, New Members and Celebrates UN’s International Day for the Elimination of Violence Against Women

WOBURN, Mass.–(BUSINESS WIRE)–Today, the UN’s International Day for the Elimination of Violence Against Women also coincides closely with the Coalition Against Stalkerware’s one year anniversary. In its first year, the Coalition has more than doubled its membership, expanding both in geography and expertise in its partners including domestic violence advocacy and direct service organizations, IT security vendors, mobile security companies, privacy solutions providers, an association of technology journalists, and organizations focused on cyber safety.

For some years, the problem of stalkerware has been on the rise. Non-profit organizations are experiencing a growing number of survivors seeking help with the problem, and cybersecurity companies are detecting a consistent increase in these harmful applications. Launched in November 2019, the Coalition Against Stalkerware became an important organization dedicated to protecting consumers from abuse, stalking and harassment via commercially-available surveillance software.

Stalkerware programs enable an abuser to intrude into a person’s private life and can be used as a tool for abuse in cases of domestic violence and stalking. By installing these applications on a person’s device, abusers can get access to their victim’s messages, photos, social media, geolocation, audio or camera recordings (in some cases, this can be done in real-time). Such programs run hidden in the background, without a victim’s knowledge or consent.

Data from member organizations has shown a sharp rise in stalkerware apps in recent years.

  • In 2019, Kaspersky detected a 67% year-on-year increase of stalkerware usage on its users’ mobile devices at a global level. The number of stalkerware installations worldwide during the first 10 months of 2020 (from January to October) totaled more than 48,500, which is close to the total (almost 52,000 installations) observed over the same period in 2019.
  • According to Malwarebytes, while these apps have always presented a significant threat to users, the shelter-in-place orders that began taking effect in March 2020 resulted in a dramatic uptick in usage. Malwarebytes recorded a peak increase from January 1 to June 30, finding a 780 percent increase in monitor apps detections, and a 1,677 percent increase in spyware detections. Though detections waned starting in July, the numbers never dropped to their January levels. From January 1 to October 31, Malwarebytes recorded a 584 percent increase in monitor app detections, and a 1,044 percent increase in spyware detections. Overall, this represents more than 43,000 monitor app detections in the first 10 months of 2020.

With lockdowns which may be globally repeated due to the second wave of the COVID-19 pandemic, domestic violence incidents may be increasing again. Coalition partners from different territories reported increases in Spring 2020.

  • In France, the Centre Hubertine Auclert explains there was a 50 % increase of calls to the main helpline for domestic violence victims (helpline 3919 of the Fédération Nationale Solidarité Femmes).
  • For India, the Cyber Peace Foundation refers to the National Commission for Women (NCW) reporting 587 complaints on their helpline number and online portal since the lockdown kicked into effect in March. Also, Cyber Peace Foundation states that 89% of the total number of cases registered to legal services authorities across the country were of domestic violence.

The Coalition seeks to combine its partners’ expertise in domestic violence survivor support, digital rights advocacy, and cybersecurity to address the criminal behavior perpetrated by stalkerware and to raise general awareness about this important issue. European Institute for Gender Equality research shows that seven in ten women (70%) who have experienced cyber stalking, have also experienced at least one form of physical or/and sexual violence from an intimate partner.

Echoing words of the UN Secretary-General António Guterres who called gender violence ‘Shadow Pandemic’, members of the Coalition believe that we all have a role to play in recognizing the stealthy nature of stalkerware, the harmful impact that it has, and the need for collective action to support and assist individuals targeted by stalkerware.

During 2020, the Coalition partners have focused on raising greater awareness of stalkerware advocacy organizations, journalists, and regulators through public speeches, events, publications, research, and collecting the cybersecurity vendors’ data on stalkerware. The Coalition have also created a standard definition and detection criteria for stalkerware, which did not previously exist.

The Coalition’s plans for its second year include: outreach to individuals and organizations that can contribute to the stalkerware sample/metadata information sharing mechanism; additional data collection to inform evidence-based policymaking to respond to threats posed by stalkerware; series of assistance seminars to assist support organizations working with survivors of domestic violence and other individuals targeted by stalkerware; and further expansion of the Coalition to include additional organizations globally to assist in the mission of combating stalkerware and protecting individuals.

“The National Network to End Domestic Violence (NNEDV) is thrilled to partner with the Coalition Against Stalkerware. Through the work of our Safety Net Project, we know that many victims of domestic violence experience harassment, monitoring, stalking, and fraud from partners who use stalkerware as a tool of abuse, which can have lasting impacts on survivors’ safety and security. As a founding member of the Coalition, we reaffirm our commitment to understanding and addressing this tactic of abuse and ensuring that everyone, including survivors, can use technology without fear of violence.” – Deborah J. Vagins, NNEDV President and CEO

“This is the first anniversary of the Coalition Against Stalkerware, and it has been quite a year in which we have learnt a lot. We now understand that stalkerware is not purely a technical problem. It’s not the IT part of the issue that is challenging, but the fact that we need to deal with the commercial availability of stalkerware, the lack of regulation around how it is being used and, perhaps the most difficult problem, the fact that violence against women and different forms of online abuse have been normalized. We can provide technical training on different forms of tech-enabled abuse for the NPOs, but it’s not enough – it should be complemented with a chapter focusing on and reflecting survivors’ psychological experiences,” comments Kristina Shingareva, Head of External Relations at Kaspersky.

To find more about the organization’s activity, please visit the Coalition’s online resource. Users can find information about what stalkerware is, what it can do, how to detect it, and how to protect themselves in English, German, French, Italian, Spanish and Portuguese. For potentially affected users, the Coalition members recommend contacting local victim service organizations immediately.

Upcoming Coalition Against Stalkerware activities include:

  • The National Network to End Domestic Violences is partnering with Kering Foundation and Modern Films on 16 Days 16 Films, a short-film initiative to eliminate violence against women, push for change and accountability, and help combat gender inequality by creating opportunities for female filmmakers to have their stories seen.

For additional member quotes please visit the Coalition Against Stalkerware news page.

About Coalition Against Stalkerware

The Coalition Against Stalkerware (“CAS” or “Coalition”) is a group dedicated to addressing abuse, stalking, and harassment via the creation and use of stalkerware. Launched in November 2019, the Coalition Against Stalkerware now has 26 partners, including founding partners – Avira, Electronic Frontier Foundation, the European Network for the Work with Perpetrators of Domestic Violence, G DATA Cyber Defense, Kaspersky, Malwarebytes, The National Network to End Domestic Violence, NortonLifeLock, Operation Safe Escape, and WEISSER RING. The Coalition looks to bring together a diverse array of organizations to actively address the criminal behavior perpetrated through stalkerware and raise public awareness about this important issue. Due to the high societal relevance for users all over the globe, with new variants of stalkerware emerging periodically, the Coalition Against Stalkerware is open to new partners and calls for cooperation. To find out more about the Coalition Against Stalkerware please visit the official website www.stopstalkerware.org

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 250,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

The post Coalition Against Stalkerware’s One Year Anniversary Recognizes Milestones, New Members and Celebrates UN’s International Day for the Elimination of Violence Against Women appeared first on Cybersecurity Insiders.


December 01, 2020 at 12:50AM

Comcast RISE Awards Over 700 Black-Owned, Small Businesses with Marketing and Technology Resources and Makeovers

NEW YORK–(BUSINESS WIRE)–Comcast Corporation (NASDAQ: CMCSA) today announced the first round of Comcast RISE award recipients —over 700 businesses will receive consulting, media and creative production services from Effectv, the advertising sales division of Comcast Cable, or technology upgrades from Comcast Business, based on the specific needs. Recipients in 285 cities in 29 states include a diverse roster of small business from restaurants and salons, to professional services and retail shops. In addition, 3,300 small businesses have already signed up to receive the Comcast RISE monthly newsletter, which will offer free marketing insights and resources.

Today, the next phase of Comcast RISE, the multi-year, multi-faceted initiative launched in October to help strengthen small businesses hard hit by COVID-19, opens up eligibility to include Black, Indigenous, and People of Color (BIPOC)-owned, small businesses. They can apply at www.ComcastRISE.com.

“2020 has been a challenge. We literally could not create anything new, because we couldn’t get our suppliers to make it. This has drastically slowed down the opening of our store, COOL Creative, which was slated to open in the spring,” said Johanne Pradel Wilson of Hollywood, Florida. “We’re thankful that we now have the opportunity to promote the store through TV advertising from Effectv, so we can let people know that COOL Creative is here and open for business.”

“I decided to open my ice cream shop, MyKings Ice Cream, on March 1, which was about 15 days before the world pandemic hit. It has been hard to staff, and I just want the shop to fully function. In order to do that, we need help with our website, payroll system and other tools to help make the business succeed. I know ice cream, not technology,” said Le’Day Grant of Denver, Colorado. “I am looking forward to partnering with Comcast Business and to receiving our technology makeover, as it will set MyKings Ice Cream up to succeed and grow.”

The first phase of Comcast RISE, which stands for “Representation, Investment, Strength and Empowerment,” focused on U.S. Black-owned, small businesses, those hit hardest by the pandemic according to a recent study from the National Bureau of Economic Research. Comcast RISE brings together two of the company’s brands —Comcast Business and Effectv, both with expertise in the small business space — to empower business owners with the expertise and resources needed to navigate the economic effects of the pandemic.

“We created Comcast RISE to partner with small businesses and give them access to tools to help them survive the pandemic and thrive. As we’ve gone through the selection process, it’s been so powerful to hear these business owners’ stories and see the tangible ways that we can help grow their businesses and impact their communities,” said Teresa Ward-Maupin, SVP for Digital and Customer Experience at Comcast Business. “I could not be more pleased to open this program to the entire BIPOC community and continue this positive momentum.”

“Fueling the success of small businesses is what our business is all about. We partner with them to better understand their needs and what we can do to help them grow. Our success is their success,” said James Lavallee, Vice President, Sales Marketing, Effectv. “That’s why, at a time when so many in our small business communities are struggling, it’s incredibly humbling to be able to give back and share our knowledge and resources with those hardest by the pandemic. We want to help our partners and communities rise.”

Comcast RISE consists of the following main components:

  • A media and technology resources program: This pillar combines Effectv’s renowned media platform and marketing expertise, its award-winning creative agency, Mnemonic, and state-of-the-art technical support from Comcast Business to help small businesses foster and elevate growth. Recipients will receive help with their marketing, media campaigns and creation of 30-second commercials, as well as equipment and technology upgrades, including:
    • Consulting: Advertising and marketing consultations with local Effectv marketing, research and creative teams to gain insights on how to grow your business.
    • Media: A linear TV media campaign to run over a 90-day period.
    • Creative Production: Turnkey :30 TV commercial production for their businesses.
    • Technology Makeovers: Computer equipment and Internet, Voice and Cybersecurity services for up to a 12-month period. (Taxes and other fees may still apply for tech makeover services.)
  • Business resources to help with curated content: Comcast has launched the Comcast RISE destination complete with aggregated small business news, tips, insights and more on the X1 platform. The destination is designed to help businesses grow by empowering them through education, inspiration and entertainment. Just say “Comcast RISE” into the X1 voice remote.
  • Grants: In early 2021, Comcast will be awarding grants of up to $10,000 each for U.S.-based small and diverse businesses that have been in operations for three to five years.

Comcast RISE is part of a larger $100 million Diversity, Equity and Inclusion initiative that Comcast launched this summer. In June, Comcast NBCUniversal announced the development of a comprehensive, multiyear plan to allocate $75 million in cash and $25 million in media over the next three years to fight injustice and inequality against any race, ethnicity, gender identity, sexual orientation or ability.

Visit www.ComcastRISE.com to apply, for more information and the latest updates.

About Comcast Corporation

Comcast Corporation (Nasdaq: CMCSA) is a global media and technology company with three primary businesses: Comcast Cable, NBCUniversal, and Sky. Comcast Cable is one of the United States’ largest high-speed internet, video, and phone providers to residential customers under the Xfinity brand, and also provides these services to businesses. It also provides wireless and security and automation services to residential customers under the Xfinity brand. NBCUniversal is global and operates news, entertainment and sports cable networks, the NBC and Telemundo broadcast networks, television production operations, television station groups, Universal Pictures, and Universal Parks and Resorts. Sky is one of Europe’s leading media and entertainment companies, connecting customers to a broad range of video content through its pay television services. It also provides communications services, including residential high-speed internet, phone, and wireless services. Sky operates the Sky News broadcast network and sports and entertainment networks, produces original content, and has exclusive content rights. Visit www.comcastcorporation.com for more information.

About Comcast Business

About Comcast Business Comcast Business offers Ethernet, Internet, Wi-Fi, Voice, TV and Managed Enterprise Solutions to help organizations of all sizes transform their business. Powered by an advanced network, and backed by 24/7 customer support, Comcast Business is one of the largest contributors to the growth of Comcast Cable. Comcast Business is the nation’s largest cable provider to small and mid-size businesses and has emerged as a force in the Enterprise market; recognized over the last two years by leading industry associations as one of the fastest growing providers of Ethernet services. For more information, call 866- 429-3085. Follow on Twitter @ComcastBusiness and on other social media networks at http://business.comcast.com/social.

About Effectv

Effectv, the advertising sales division of Comcast Cable, helps local, regional and national advertisers use the best of digital with the power of TV to grow their business. It provides multi-screen marketing solutions to make advertising campaigns more effective and easier to execute. Headquartered in New York with offices throughout the country, Effectv has a presence in 66 markets with nearly 35 million owned and represented subscribers. For more information, visit www.effectv.com.

The post Comcast RISE Awards Over 700 Black-Owned, Small Businesses with Marketing and Technology Resources and Makeovers appeared first on Cybersecurity Insiders.


December 01, 2020 at 12:50AM

Thales to Deliver the World’s First Fully Integrated Unmanned Mine Countermeasures System for the Royal Navy and French “Marine Nationale”

PARIS LA DÉFENSE–(BUSINESS WIRE)–Following the first phase of the program in which two demonstrators have successfully proven their operational performances at sea, France and the United Kingdom marked the tenth anniversary of the Lancaster House treaties by signing a joint contract for Thales to start the production phase of MMCM to deliver eight unmanned mine hunting systems (four for France and four for the United Kingdom).

With the threat of mines and improvised explosive devices present in all conflicts involving naval forces, countries need to strengthen the protection of their maritime domain, to ensure the protection of their assets and to safeguard the freedom of civil navigation. At the same time, it is essential to limit human exposure to mines. With 50 years of expertise serving navies around the world, Thales develops technologies that enable the transition from conventional solutions, such as minehunters, to unmanned solutions. The MMCM program is the first step in the renewal of the operational concept for mine warfare in France and the United Kingdom, based on the use of unmanned systems which could potentially replace traditional minehunters.

This is a step change in capability, improving performances, productivity and removing the need to place members of the armed forces in harm’s way. It strengthens the leadership of the French Navy and Royal Navy as world leaders in both mine hunting and unmanned systems in the maritime domain.

The subsystems developed for the programme by Thales and its partners include Unmanned Surface Vehicles (USV) to transport and connect solutions and a cutting-edge sonar (SAMDIS) offering unique Single Path Multi View capability to identify and classify threats. The SAMDIS sonar can be carried by Autonomous Underwater Vehicles (AUV) or by Towed Synthetic Aperture Multiviews (TSAM) vehicle operated from the USV. The USV can also carry a Remotely Operated Vehicle (ROV) to neutralize the threats. The entire system is remotely supervised by operators working from a Portable Operational Centre (POC) capable of controlling up to three systems in parallel at sea.

MMCM is the only proven system to offer advanced technologies, including autonomy, to improve performance and productivity thanks to the combination of unrivalled real time user experience using big data exchanges with trusted augmented artificial intelligence (A2I) to provide huge improvement of customer trust in operation clearance and increase the security of national interests. As a result of Thales’s open-architecture approach to MMCM, these new technologies can be easily integrated into the overall system, providing the navies with the opportunity to introduce new operational capabilities, in a planned way, throughout the life of the system.

After the success of the first configuration conducted under real operational conditions with the complete system, Thales is now fully committed to deliver the first operational systems to French and British navies by 2022. This program testifies of the exemplary cooperation between the two states and industrial teams and anchors Thales’s unique expertise and World leading position in conventional MCM, supporting over half the world’s anti-mine vessels with over 300 systems in service.

“Thales is grateful to France and the United Kingdom for trusting such an important technology transition with the Thales teams in France and the UK. To date during trials, the MMCM systems and its assets have covered the equivalent of 30.000 soccer fields at sea, sometimes with very rough sea conditions. This is indeed a step change in how Navies will be able to respond in the future to vicious threats such as mines and improvised explosive devices at sea.” Alexis Morel, VP Underwater Systems, Thales.

About Thales

Thales (Euronext Paris: HO) is a global high technology leader investing in digital and “deep tech” innovations –connectivity, big data, artificial intelligence, cybersecurity and quantum technology – to build a future we can all trust, which is vital to the development of our societies. The company provides solutions, services and products that help its customers –businesses, organisations and states – in the defence, aeronautics, space, transportation and digital identity and security markets to fulfil their critical missions, by placing humans at the heart of the decision-making process.

With 83,000 employees in 68 countries, Thales generated sales of €19 billion in 2019 (on a basis including Gemalto over 12 months).

PLEASE VISIT
Thales Group
Market page
Download HD photos

The post Thales to Deliver the World’s First Fully Integrated Unmanned Mine Countermeasures System for the Royal Navy and French “Marine Nationale” appeared first on Cybersecurity Insiders.


December 01, 2020 at 12:49AM

Tips to help healthcare service providers keep ransomware at bay

As more and more healthcare providers are been targeted with ransomware, those operating hospitals, clinics and other healthcare related services are worried on how to keep their networks safe from ransomware attacks. Security researchers from Cisco Talos are offering few points on this issue, and that when followed will surely keep the file encrypting malware at bay says experts.

First evaluate your vulnerabilities- FBI has already issued a statement last year that it just takes 3 hours for hackers to induce file encrypting malware into a corporate network through a phishing email. Therefore, educating the employees on this issue and offering them a free training makes completing sense….isn’t it

Maintain IT hygiene- It is always wise to keep your servers updated with related patches and better keep your RDPs behind a VPN. Also, anyone who has the privilege to send email, has a password for security and uses a device to log into a network should follow the basic IT hygiene of using a strong password and a 2FA if possible. Ask them to never click on email links sent from unknown senders, as there is a high probability that such emails are laced with malware.

Endpoint threat detection and response- Deploying Endpoint Threat Detection and Response (EDR) solutions make sense for companies that provide or store such crucial information tools help in neutralizing attacks of any range. And if a threat hunting team is also deployed, they can work hand-in-hand to red flag various attack patterns like ransomware packages on networks.

Incident Response- Ransomware attacks happen in a very little time frame, and so threat response should also go with the same pace to keep the damage minimal. This can be done with a swift incident response team supported with related software that will speed up hospital and health networks identify, neutralize and weed out cyber criminals from networks on time- thus keeping the patient data safe and away from clutches of hackers.

The post Tips to help healthcare service providers keep ransomware at bay appeared first on Cybersecurity Insiders.


November 30, 2020 at 08:41PM

Sunday, November 29, 2020

Conti Ransomware Attack on Advantech Industrial Computers

Taiwan-based Advantech Co LTD that deal with Industrial Computers has reportedly been hit by a ransomware attack, and sources say that those spreading Conti Ransomware are suspected to be involved behind the incident.

According to sources, the hackers are demanding a ransom of over 750 bitcoins or $13.8 million in exchange of the decryption key. And if/when denied the ransom is threatening to leak over 2% (3.65GB) of stolen overall data to the dark web.

Advantech is known to supply industrial computers, and that includes servers, internet of things devices and healthcare solutions to firms managing critical infrastructures.

In what is known to Cybersecurity Insiders, the Conti Ransomware attack (unconfirmed) took place on November 19, 2020, and the IT team was quick enough to contain the malware spread. However, sources say that the threat actors stole data from the servers and encrypted some databases.

As the IT staff of Advantech failed to pay the ransom, the threat actors leaked a portion of data to the dark web on Nov 27th, 2020.

Advantech has confirmed that it will not bow down to the demands of hackers and will approach the law enforcement for the solution to the data leak.

Conti Ransomware is a kind of file encrypting malware that first steals data and then encrypts a database until a ransom is paid in millions. Sometimes, businesses might not only loose the trust of clients, but can also have to shut down the business on a permanent note because of monetary loss.

From July this year, the said malware was detected by the security firms and some say that this is a successor to RYUK Ransomware and is being distributed on pay as peruse basis by hacking gangs.

The post Conti Ransomware Attack on Advantech Industrial Computers appeared first on Cybersecurity Insiders.


November 30, 2020 at 10:21AM

Ransomware attack leaks patient data of fertility Clinic

US fertility, that offers a chain of fertility clinics across the United States in partnership with Shady Grove Fertility, is reported to have become a victim of ransomware. And news is out that data related to patients seeking fertility treatment was stolen and leaked on the dark web.

Highly placed sources say the data was stolen in early September and then the database was encrypted by hackers on September 14th 2020. News is out that data such as names, addresses, and to a certain extent data related to social security numbers of some patients was also leaked in the attack.

Security experts say hackers might create havoc in the lives of the patients as they had access to the history, treatment and test results of the patients.

Why it took two months for the healthcare service provider to publish the incident is yet to be known. But a source from the fertility clinic that was backed by Amulet Capital Partners has already informed the data watchdogs and the law enforcement at the end of Sept this year. And after evaluating the pros and cons of revealing the cyber incident, the company made it public at the end of November.

Last November, FBI has issued a public statement saying it is urging ransomware victims not to pay any ransom. But the security agency is also advising companies to act wisely and do what is needed in the best interest of the company.

Thus, most of the Cybersecurity firms say companies need to back up their data at regular intervals. And if a ransomware strikes, should rely on recovering the data, rather than paying a ransom.

The post Ransomware attack leaks patient data of fertility Clinic appeared first on Cybersecurity Insiders.


November 30, 2020 at 10:19AM

Demand in Endpoint Protection Platform Market to Skyrocket as Frequency of Cyber-Attacks Increases

Endpoint protection platform solutions have become highly sought-after especially since an increasing number of companies are adopting “Bring your own device (BYOD)” approach. According to a new study by an ESOMAR certified market research and consulting firm, this will create lucrative prospects for the expansion of the endpoint protection platform market.

Cases of cyber-attacks have been rising consistently. With organizations around the world adopting remote-working model, especially to contain the spread of COVID-19, cyber-security has become more vulnerable than ever before.

Endpoint protection platforms provide security and protect electronic devices from malware attacks and data breaches. They are used to protect a number of electronic devices such as smartphones, laptops, computers, tablets, and other. Organizations have begun investing in endpoint protection platforms to avoid breaches and ensure privacy and protection of information.

The study uncovers hidden opportunities in the endpoint protection platform market, besides highlighting potential threats. Some of the key takeaways from the report are highlighted below.

Key Takeaways from the Endpoint Protection Platform Market Report

  • The endpoint protection platform market is expected to grow at a CAGR of 10% between 2020 and 2030
  • The market is projected to reach a valuation of US$ 7.8 Bn value by the end of 2030
  • The demand for endpoint protection has increased in the finance and health industry because they have been focusing on digitizing data
  • Growth witnessed in the South Asia & Pacific market is expected to be considerably high, yet North America is likely to remain dominant throughout the forecast period

“Organizations are increasingly focusing on investing a large part of their security budget on protecting endpoint devices and networks connected to these devices. This is due to rise in the number of targeted attacks originating from end user devices. Considering this, demand witnessed across small as well as large enterprises will continue to rise in the forthcoming years”, says an analyst.

COVID-19 Impact Analysis

The COVID-19 outbreak has affected various sectors including IT due to which there has been a decline in the market growth. But the increase in remote workplaces is expected to cause a rise in demand for endpoint protection platforms.

There has been an increase in cyber-attacks due to the pandemic and this has led to increasing adoptions of endpoint security solutions. Since remote working is being embraced by companies all over the globe and is expected to continue being a part of future work models, the endpoint protection platform market is predicted to exhibit positive growth trajectory through the forecast period.

Who Is Winning?

As technology is evolving, threats to security are also becoming more complex and tricky. Hence players are working to upgrade their technology and plans to improve privacy protection in devices. Cloud computing has become popular among companies as it allows employees to store data in one platform and access it from any device.

Cloud storage can be used from anywhere and at any time. Cloud based endpoint protection platforms allow companies to secure all devices in the cloud, making it a viable option for enterprises and individuals.

Some of the key players in the endpoint protection platforms market are Carbon Black, Intel Corporation, New Net Technologies LLC, Palo Alto Networks, Microsoft, Cisco Systems, McAfee, Symantec Corporation, GoSecure Inc, Trend Micro Inc., Druva Inc., Sophos Ltd., F-Secure, Kaspersky, FireEye, CrowdStrike, Fortinet and Check Point Software Technologies.

These insights are based on a report on Endpoint Protection Platform Market by Future Market Insights

The post Demand in Endpoint Protection Platform Market to Skyrocket as Frequency of Cyber-Attacks Increases appeared first on Cybersecurity Insiders.


November 29, 2020 at 10:26PM

Big Companies Are Not Immune to Ransomware

According to Bleeping Computer, maze ransomware has hit a very large IT services company.

In the past, this malware gained entry using different techniques: exploit kits via drive-by downloads, remote desktop connections (RDP) with weak passwords, email impersonation, and email spam.  In the majority of cases where the phishing email is being delivered, the user is clicking on the link, then they give the macro authorization to run, and ultimately get the malicious file installed.  Once installed, the maze ransomware begins to encrypt critical data on the infected machine.  While the encryption process is running, the ransomware also ex-filtrates the data to a server on the internet.  When both of those processes are complete, the user is presented with a ransom demand and a method to recover their encrypted data.

In 2011, Lockheed Martin was credited with the idea of a cyber security kill-chain.  The cyber security kill-chain, as designed, organizes threats into categories as well as security controls that can be deployed in those categories to mitigate those risks.  If we apply the kill-chain to the Maze ransomware, we see the following:

  1. The phishing email, in the delivery category, should have been caught by commercial email protection tools.
  2. The malware files (kepstl32.dll, memes.tmp, and maze.dll), in the delivery category, should have been caught by malware tools as well as other AV tools. Note, the end user in this case had to allow the macros to run.  User awareness is still essential to defending against these types of attacks!
  3. Once the macros have been enabled, the malware reaches out to a file server and downloads additional malware.  This should have been detected in the command and control as well as the delivery category.  These categories are usually defended by threat intel tools, malware tools, and host-based tools.
  4. New files get created and the file encryption process begins. This file creation and subsequent encryption should be caught in the actions and exfiltration category and protected by tools such as threat intel, process anomaly detection, firewalls and malware tools.

What’s was not accounted for in the cyber kill-chain was the advance of machine learning and AI.  Applying these tools to the data at each category of the kill-chain improves our ability to catch the anomalous behavior in each category, as well as improving the mitigation in each category by correlating the detections.

Stellar Cyber is committed to utilizing our Open XDR Platform to detect, alert, and respond to these types of behaviors.  Our pervasive data collection, coupled with advanced data handling and machine learning, gives us multiple areas where we can detect these types of attacks across the cyber kill-chain.  If the attack is missed in one stage of the kill chain, we will catch it in another stage.  Once detected, we have the ability to take automated action against those anomalous behaviors.  Applying our technology to the Maze ransomware, we would potentially detect and mitigate it in the following ways:

  1. Our phishing detection would evaluate the malicious URL and mitigate its risk.
  2. RDP connections would be evaluated, alerted, and automatically mitigated when anomalous logins occur.
  3. The malware files referenced above would have been evaluated by our malware tool and mitigated.
  4. Had those files passed the malware test, the server sensor would have caught the behavior change (i.e. new process spawned with a new connection to the internet file server).
  5. If the dropper file passed the malware and server sensor assessment, the call to the internet file server could have been mitigated at the network level. The Stellar Cyber platform would have signaled the network firewalls to implement a block to the target server.
  6. The new file downloads could have been caught and mitigated at the server sensor or malware assessment.
  7. The encryption process would be detected by the server sensor and mitigation techniques applied to prevent/stop the process from continuing.
  8. Finally, the exfiltration process would be detected by the network layer, the host sensor, and the threat intel.

Ransomware is a huge industry.  Backups and patching are essential but so is defense-in-depth.  If you are not protecting your environment at the various stages of the kill-chain, you should consider doing so.  If you are struggling to implement these concepts because you have too many tools that don’t interoperate, give us a call.  We can help!

The post Big Companies Are Not Immune to Ransomware appeared first on Cybersecurity Insiders.


November 29, 2020 at 10:18PM

Common Cybersecurity Challenges and Solutions

Cybersecurity is the art and science of protecting computer systems and networks from the theft of electronic data, damage to hardware or software, or disruption of the services they provide.

The world now relies heavily on computers and networks to facilitate movement of a vast range of goods and services, and Cybersecurity has become more and more important.

Cybercriminals have developed many different forms of attacks, and they are becoming increasingly complex in the face of efforts to defeat them. Examples include:

  • Denial-of-service attacks
  • Eavesdropping
  • Multi-vector attacks
  • Phishing
  • Spoofing
  • Ransomware
  • Direct-access attacks
  • Backdoors
  • Privilege escalation
  • Keyloggers
  • Viruses and Trojans

Over time, the industry has developed many different types of weapons to combat cyberattacks, from anti-virus programs to firewalls to endpoint security, SIEM and others. But to be effective, a Cybersecurity system should be able to spot and remediate any of these types of attacks across the entire attack surface.

There are three fundamental challenges in establishing effective Cybersecurity:

  • A broad attack surface, where computers, servers, networks, cloud instances, and network endpoints are all targets.
  • Data management – identifying cyberattacks involves collecting data from computers and networks, and it involves sifting through terabytes of data.
  • Siloed tools – Cybersecurity tools have evolved rapidly over the past few decades, leading to a proliferation of different tools to protect against different types of attacks or to protect different attack vectors. With a dozen or more tools to manage in a typical enterprise environment, it becomes difficult to spot complex attacks that may span different vectors.

Let’s look at these challenges and potential solutions.

Broad attack surface:

A comprehensive Cybersecurity solution should be able to “see” the entire attack surface, from computer endpoints and applications to servers, networks, and the cloud. The majority of Cybersecurity products focus on one or at most a few of these vectors, rather than seeing the whole picture.

Data management:

Scanning for Cybersecurity attacks involves collecting server logs, endpoint logs, network traffic logs and cloud traffic logs, which amounts of multiple gigabytes of data per day in a typical midmarket enterprise. The cost of storing this data quickly gets out of hand. An efficient security system should be able to parse scanned data and store only the important subset of data for forensics.

Siloed tools

When a company has a dozen or more security systems in place, each has its own console. A multi-vector Cybersecurity attack might not show up as a problem in each discrete tool’s interface, and security analysts are left to manually correlate detections, which takes time – time in which an attack can become successful. An effective Cybersecurity solution should integrate many different Cybersecurity applications so analysts can work through a single pane of glass.

Cybersecurity is a large and constantly-evolving field. Hackers come up with new attacks daily or weekly, and Cybersecurity researchers develop tools to combat those attacks as they occur. The best approach is to use a Cybersecurity platform that incorporates plug-in applications which can be added to enhance the platform’s efficacy over time.

 

The post Common Cybersecurity Challenges and Solutions appeared first on Cybersecurity Insiders.


November 29, 2020 at 10:15PM