FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Sunday, January 31, 2021

Apple released security update to protect iPhones from Malicious Messages

Technology Giant Apple Inc has added a new security update that helps to secure iPhones and iPads against cyber attacks launched through iMessages. Officially dubbed as BlastDoor, the feature acts as a security system to curtail malicious messages from reaching the users.

Google Project Zero Team was the first to discover the new update pushed onto the devices loaded with iOS 14 OS. Then Apple made it official that its BlastDoor update is indeed on its way to secure its devices from all variants of message oriented cyber threats.

In what is known to Cybersecurity Insiders, the additional security feature acts as a sandbox to parse all unwanted iMessages. And as the new feature is written in Swift, it acts as a memory safe language that helps in weeding out classic memory corruption vulnerabilities.

Apart from the above said update, iOS users will also get an additional feature that will be technically related to residing of shared cache and exponential throttling- to help end users’ security on a wholesome note.

Note- Launched in 2011 by Apple Inc, the iMessage functions work across iOS, macOS, iPadOS and watchOS platforms. It helps users to send texts, images and videos along with documents from one iPhone or iPad to another. Last year, the app got a big transformation where many features meant to improve end user security where introduced. WhatsApp, WeChat, Skype, SnapChat, Signal, and Line are some apps that can be touted as competitors of iMessaging app.

The post Apple released security update to protect iPhones from Malicious Messages appeared first on Cybersecurity Insiders.


February 01, 2021 at 10:41AM

WhatsApp adds Biometrics mobile security login for Desktop and Web Login

In coming days, all you WhatsApp users out there interested in making a login through a desktop or a web app will have to go through a biometrics security login feature where-in users need to authenticate themselves with a fingerprint, face or Iris scan.

However, all depends on the device capabilities and will be besides the existing QR Code authentication found in the settings feature of the mobile app.

The Facebook subsidiary says that the new biometrics security feature will act as an additional layer to those extremely concerned about their messages being read by unwanted people.

In a media update released on Friday last week, WhatsApp has specified that it will allow its users to set-up the bio metrics feature through their phones. The new capability is also said to work on iOS loaded Apple devices- albeit those with Touch ID or Face ID features will only be able to use this feature.

On all the other Android OS loaded phones, the Biometric Authentication will only work on devices that have compatible software and hardware on it.

To guide the users on these features, WhatsApp has enlisted a full set to instructions on its official web page.

Note- WhatsApp is a Facebook owned business unit that allows users to send messages that are in text, picture or video form. The communication mode is strictly based on the internet and only works on smart phones. According to a press update released by the California based company over 2 billion users are reported to be active on the platform as of Feb 2020.

The post WhatsApp adds Biometrics mobile security login for Desktop and Web Login appeared first on Cybersecurity Insiders.


February 01, 2021 at 10:39AM

5 Reasons to Implement Certificates

Digital Certificates are virtual IDs that represent users, machines, servers, and the like in the digital landscape. A user’s attributes can be input onto a certificate and issued to that user’s device, verifying that user’s identity whenever they access the network.

Digital Certificates are vastly superior mechanisms of authentication security when compared to passwords because they use the power of Public Key Cryptography.  Replacing passwords with certificates means leaving behind annoying password reset policies and the looming threat of a stolen password.

Implementing certificates is a commitment because it requires building a Public Key Infrastructure (PKI), but the benefits that certificates bring are worth the labor. Below, we’ve listed more reasons why certificates are vital for network security and productivity.

Certificate Use EAP-TLS to Eliminate MITM Attacks

According to IBM’s X-Force Threat Intelligence Index, man-in-middle (MITM) attacks are one of the most common forms of cyber attack, comprising 35% of exploitation activity. Unsecured Pre-Shared Key Wi-Fi is one of the biggest reasons MITM attacks have become one of the most popular attack vectors. Public Wi-Fi areas are goldmines for hackers, as they can set up rogue hardware, spoof the legitimate SSID, and trick users into connecting and sending over credentials.

Certificates can prevent MITM attacks from happening because they encrypt sensitive data and use EAP-TLS authentication. EAP-TLS is the most secure IEEE 802.1X protocol because credentials aren’t sent over-the-air. Instead, they are used to enroll for certificates issued by a trusted Certificate Authority (CA). Password-authentication forces you to send sensitive credentials over the air thousands of times a day, certificates eliminate the need for this.

Certificates can be used to identify every network object. This means that it gives you a guaranteed identity and device for every network connection on your network.

Certificates Provide Identity Context for Zero Trust Network Access

A Zero Trust Network is a network designed to adhere to the security philosophy of Zero Trust.  In the past, network admins designed their networks to give high levels of access to users who were in the network, as it was assumed that users with network access were trustworthy. The Zero Trust philosophy changes this, assuming that even network users are not trustworthy, forcing admins to rethink the levels of access they give to their network users.

Since Zero Trust requires access to be given on a per-need basis, to authorized individuals, understanding the identity of devices accessing the network is imperative, admins need to ensure their resources are secure by enforcing strict access control and establishing Identity Context. Since new web and cloud applications are introduced constantly, admins need a dynamic solution to identify and segment users based on access levels.

Certificates can provide Identity Context in a Zero Trust network because user attributes can be input and encrypted onto a certificate and serve as their digital identifier.

Investing in Certificates Increases Security Across the Organization

Certificates don’t have to be used for one specific purpose. One certificate can be used to secure multiple domains, servers, and workstations. One certificate can authenticate a user for office Wi-Fi access, VPN access if they work remotely.

While certificates require a Public Key Infrastructure (PKI) in order to operate, a PKI can be used to secure tons of applications with certificate-based authentication. Plus, with an easy-to-use cloud solution like SecureW2, you can integrate with your existing CA or create your own PKI from scratch, vastly reducing the cost of security.

Some examples of applications that can use certificates instead of passwords are Wi-Fi, VPN, Web Apps, Desktop Logon, SSH, and Document Signing.

Certificates are Easier on the End User

While certificates can be complex and hard to understand, they don’t really need to be understood by the end user in order to work. By leveraging onboarding software like SecureW2, users can download an app and follow a quick setup tutorial. A signed certificate will be automatically provisioned to that user’s device and they only pressed a few buttons. Below is an example video of what this process would look like for end users:

iOS setup video

Certificates eliminate the need for password-change policies as well. In Higher Education environments, the average user has around 7-10 internet connected devices. Forcing them to re-configure their devices every 60-90 days, is a terrible user experience, especially in a high-pressure scenario such as University.

Certificates Eliminate 30-50% of Connectivity-Related Support Tickets

IT departments are dedicated to addressing technical issues that students experience, but it forces them to divert attention away from value-add tasks. A massive amount of support tickets can tank productivity. If the problem gets severely out of hand, IT admins might have to work overtime or outsource for temporary help.

40% of the IT Service Desk volume consists of password-related issues, according to the InfoTech Research Group. As stated before, certificates remove the need for passwords and password reset policies, a common cause for sudden influxes of support tickets. The average customer that switches from Wi-Fi passwords to certificates with SecureW2 reduces their connectivity tickets by 30-50%, vastly reducing the overhead required for the IT helpdesk.

So there you have it, 5 Reasons to Implement Digital Certificates for Network Authentication. Do you want to use certificates? With SecureW2’s Managed PKI solution we make it really easy to distribute and manage certificates. By integrating our software with your current PKI infrastructure or creating a new PKI with us, deploying certificate-driven security will be safe and easy to manage. Check us out at www.securew2.com if you’d like to learn more.

The post 5 Reasons to Implement Certificates appeared first on Cybersecurity Insiders.


January 31, 2021 at 09:22PM

The Most Common Types of Malware in 2021

Regardless of how familiar you are with Information Security, you’ve probably come across the term ‘malware’ countless times. From accessing your business-critical resources and sensitive information to halting business operations and services, a malware infection can quickly become an organization’s worst nightmare come true.

As a business owner, you must be aware of the implications of different types of malware on your company’s bottom line, and what steps you can take to protect your company from future attacks.

This article will walk you through the various types of malware, how to identify and prevent a malware attack, and how to mitigate the risks.

What is Malware?

Malware, a combination of the terms ‘malicious’ and ‘software,’ includes all malicious programs that intend to exploit computer devices or entire network infrastructures to extract victim’s data, disrupt business operations, or simply, cause chaos.

There’s no definitive method or technique that defines malware; any program that harms the computer or system owners and benefits the perpetrators is malware.

A malware usually exploits unpatched software vulnerabilities to compromise an endpoint device and gain a foothold in an organization’s internal network.

It could be hidden in a malicious advertisement, fake email or illegitimate software installation. Cybercriminals often leverage social engineering tactics like phishing and spear-phishing to propagate sophisticated malware.

From mining cryptocurrency to launching DDoS attacks against networks, there are countless ways in which malware can access and utilize victim’s computers and data.

Warning Signs of Malware Infection

sick computer

How often have you ignored unusual system slowdowns or unexpected pop-up messages?

Unfortunately, this could be your computer trying to give away the presence of malware. To stop a malware attack in its tracks, you must first be able to identify an infection.

Here are some of the key signs that almost always indicate malware progressing in your computer system:

  • Your computer starts running slowly and takes forever to boot.
  • Your computer screen freezes or the system crashes, displaying the ‘Blue Screen of Death” (BSOD)
  • Your web browser keeps redirecting you to unknown, suspicious websites.
  • Security warnings keep popping up, urging you to take immediate action or install a particular security product.
  • Many pop-up ads start appearing randomly.

All of these could be typical signs of malware. The more symptoms you see, the more likely it is that you’re dealing with an infected computer.

But don’t just solely rely on the list included above. It is not unusual to have your system or network infected with malware, such as spyware, that often lingers secretly with no apparent symptoms.

Don’t worry though. We’ll be discussing how to detect and remove malware silently lurking in your system, exfiltrating sensitive data.

Common Types of Malware

types of malware

Malware can be categorized based on how it behaves (adware, spyware and ransomware), and how it propagates from one victim to another (viruses, worms and trojans). For instance, computer worms are self-propagating malicious software, while trojans need user activation to infect and spread.

Here are a few of the most common malware types that most people have heard of,, and how they continue to wreak havoc across industries.

1. Adware

If you’re lucky, the only malware program you’ve come in contact with is adware, which attempts to expose the compromised end-user to unwanted, potentially malicious advertising.

A common adware program might redirect a user’s browser searches to look-alike web pages that contain other product promotions.

Statistics gathered between October and December 2019 by Avast’s Threat Lab experts show that adware was responsible for 72% of all mobile malware, and the remaining 28% consisted of banking trojans, fake apps, lockers, and downloaders.

2. Spyware

Spyware can silently infect a computer, mobile device or tablet, trying to collect keystrokes, gather sensitive data, or study user behavior, all the while victims remain entirely unaware of the intrusion.

Hackers may use a keylogger to capture sensitive information, including payment details and login credentials of victims, or they may leverage a screen grabber to capture internet activity.

A common type of spyware is a RAM scraper that attacks the storage (RAM) of electronic point-of-sale (POS) devices to scrap customers’ credit card information.

One of the most notorious one being the BlackPOS spyware that compromised the data of over 40 million Target customers in 2013.

3. Ransomware

Ransomware is one of the most widespread cyber threats, making up at least 27% of all malware incidents as per Verizon’s annual DBIR report (2020).

Ransomware programs gain access to a computer’s file system and execute a payload to encrypt all data. The data is neither stolen nor manipulated. Shortly after a ransomware attack, cybercriminals will demand a ransom amount, usually in cryptocurrency, in exchange for the cipher key.

WannaCry 2017 is well-known for the stir and panic it caused in May 2017 by affecting thousands of NHS hospitals, delaying critical medical procedures, and rerouting ambulances. The ransomware leveraged a Microsoft exploit, EternalBlue, which already had a patch that many conveniently did not apply. Unfortunately, most of the data it encrypted was lost for good due to faulty code.

4. Computer Viruses

A virus is the most commonly known form of malware. It differs from other malware in its ability to attach to a host file and infect other files on the computer system. It copies itself whenever the file is copied, and once a user opens the file, the virus payload is executed.

Viruses can be highly destructive, infecting the hard drive on victim’s computers and overwriting or exfiltrating critical information.

Email attachments are the top vector leading to virus infections. Computer viruses often utilize deception techniques and keep evolving to evade antivirus software. Viruses like CIH (Chen lng-hau) do not increase the file size of the host file, thus becoming undetectable for antivirus programs that detect viruses based on the file size.

5. Computer Worms

A worm is quite similar to a computer virus, except it is a standalone software that does not rely on a host file or a user to propagate itself.

A worm is self-replicating and can quickly spread across computer networks by distributing itself to the victim’s contact list and other devices on the same network.

A firewall can be effective in stopping the spread of worms through network endpoints. However, antimalware is required for detecting worms disguised as email attachments.

NotPetya shook the entire world in June 2017. It was undisputedly the fastest spreading, most destructive worm that crippled hospitals, multinational companies and pharmaceutical giants globally by irreversibly encrypting systems’ master boot records.

6. Trojan Horse

A trojan horse is a malware program that advertises itself as legitimate software and tricks users into downloading and executing it. Once activated, it can harm the victim’s computer in several ways, including keylogging.

Mostly, it can create a backdoor to bypass firewalls and security software to give remote access to unauthorized users who can steal data and control the computer system.

Trojans cannot self-replicate and are often propagated through email attachments and internet downloads.

The backdoor trojan, PlugX malware, compromised around 7.93 million customer records from a Japanese travel agency, JTB Corp, in July 2016. And it all started with a single employee falling prey to a phishing email.

7. Botnets

A botnet is a network of internet-connected ‘zombie’ computers that can execute coordinated actions after receiving commands from a centralized server.

Bots secretly infect a computer, which then becomes a part of the bot network. They can be used to launch spam emails and distributed denial of service (DDoS) attacks, leveraging hundreds of thousands of compromised computers.

Conficker, or Downadup, is a fast-propagating malware discovered in November 2008. Over the years, it has infected millions of computers to create a botnet. Cybercriminals can utilize the botnet to carry out malicious activities, such as phishing, identity theft and bypassing security to access private networks.

Less Common Types of Malware

In addition to the types discussed above, there are many other types of malware that are less common but equally destructive.

1. Rootkit

A rootkit is a collection of software tools that can gain access to an operating system and assume administrative privileges.

It can use the acquired privileges to facilitate other types of malware infecting a computer. Moreover, it can also take over browsing sessions to prevent access to webpages with antimalware programs.

2. Fileless Malware

Fileless malware is a malicious code that exploits legitimate software programs and operating system tools to infect a computer’s memory.

As the name suggests, it does not need a file system to spread, and therefore, leaves no trace for detection through traditional antimalware programs.

3. Scareware

Scareware is basically a scam used by attackers to trick victims into thinking that their computers or mobile devices have been compromised.

It typically displays pop-ups on webpages to scare a user into purchasing and installing fake, potentially harmful, security software.

Today, bad actors often launch cyber attacks that are a combination of several malware types.

For instance, a worm could quickly self-replicate and deliver an executable to encrypt file systems across computer networks and launch massive ransomware. These hybrid forms of malware are even harder to detect, contain and remove.

How to Protect Your Business From Malware

protect business from malware infographic

The threat landscape is ever-evolving, and so are the security mechanisms. With malware becoming more sophisticated than ever, businesses must stay ahead of the cybersecurity game by ensuring that:

  • All business applications and operating systems are always up-to-date, and available patches for known software vulnerabilities are installed.
  • Antimalware scans are run regularly across all devices that access the internal network.
  • Employees only install apps and software that they actually need from legitimate sources.
  • Mobile devices that access the private network are also well-equipped with mobile security solutions.
  • Single Sign-on (SSO) and Multi-factor Authentication (MFA) mechanisms are implemented to protect against keylogging.
  • In flexible working or bring your own device (BYOD) environments, employees have separate PCs for work and personal use.
  • Employees are aware of the cybersecurity best practices, and regular security awareness workshops are conducted.
  • Employees are knowledgeable enough to spot a phishing email and double-check before providing sensitive information.
  • Your organization has invested in Security Information and Event Management (SIEM) software to aggregate and analyze event logs generated by network and apps.
  • If you work with an MSP (Managed Service Provider), make sure they are also a Managed IT Security Provider. Certain certifications will help you identify whether or not they can provide a high level of security including, but not limited to:
    • Certified Informations Systems Security Professional (CISSP)
    • AICPA Service Organization Control Reports SOC 2 Certification
    • MSP Alliance Cyber Verify AAA Rated Company

How to Get Rid of Malware

No single security program is enough for malware that is known to morph and evolve rapidly to avoid detection.

With today’s virtually endless endpoint devices and huge attack surface, security incidents are inevitable.

A reputable enterprise antimalware program can detect an installed malware, quarantine the infected device to avoid transmission, and remove the malware.

But let’s not forget that preventing a malware infection altogether is much easier than getting rid of it once it has infiltrated your IT infrastructure.

The best course of action is to adopt a proactive approach to cybersecurity.

The post The Most Common Types of Malware in 2021 appeared first on Cybersecurity Insiders.


January 31, 2021 at 08:59PM

5 Ransomware Trends in 2021 All Businesses Need to Prep For

An increase in ransomware attacks is not news to us anymore. However, that number has risen dramatically in 2020, a trend that businesses and individuals alike must NOT ignore.

Back in 2019, a McAfee report confirmed that across all sectors, ransomware incidents increased by 118% during the first quarter of 2019. That number spiked significantly in 2020, where a Mid-Year Threat Landscape Report 2020 from Bitdefender shows a 715% year over year increase in detected and blocked ransomware attacks in 2020.

We believe ransomware attacks will only increase as schools go to distance learning and working-from-home becomes the norm. The results in Quorum’s 2020 disaster recovery survey, conducted in Q1 2020, show that external computer threats such as ransomware were the #4 most common circumstance where an IT Disaster Recovery Plan was executed. In 2021, we believe that it will take the #3 spot, overtaking user/employee errors.

Circumstances Where IT Disaster Recovery Plan was Executed. Source: How Businesses Approach IT Recovery in 2020 by Quorum

In 2021, we will not just be dealing with a growth in ransomware attacks, but also increased ransomware variants, extortion methods, and sophistication. Here, we listed the top 6 trends in ransomware to watch out for in 2021.

#1: Increased Attacks from Commodity Ransomware

According to Sophos, 2021 will be the year of commodity ransomware. Ransomware groups are now offering small-time cybercriminals ransomware-as-a-service (RaaS), where these small-timers pay for a ransomware tool like Dharma or Emotet to carry out ransomware attacks themselves.

In other words, offering ransomware has become a business model similar to a software company. ANYONE can easily start using these tools to carry out ransomware attacks – as long as he has a laptop computer. What’s more, they’re even broadening their reach by offering affiliate selling models. It’s also been reported that access to compromised system by these small-time attacks can be sold to the big-time ransomware groups that uses Ryuk or other variants.

#2: Increased Ransom Amount

The average ransom demand increased 100% from 2019 through Q1 of 2020. Due to the success of overall ransomware attacks this year, more companies have negotiated and paid ransoms to get their data back. This is especially true for industries who are in desperate need of their data, such as healthcare, where operational disruptions can lead to life and death situations.

Some notable attacks have resulted in ransom amounts greater than $10 million, such as the $14 million ransom demand from Brazilian utility Light SA and the $15 million demand that Telecom Argentina had to contend with.

#3: Not Just Encrypting Data, but Stealing Data to Extort

The common ransomware attack used to be focused on encrypting the victim’s data, then demanding a ransom to decrypt. Now, there is a good chance that the victim’s data is being exfiltrated and stolen as well, just like what happened in the Solarwinds hack.

Stealing data is another method used to extort victims into paying the ransom. They would use the stolen data as leverage by threatening to leak those data if the victim doesn’t pay. Organizations in the legal, healthcare, and financial sectors are among the most targeted by these campaigns, assuming they hold the most sensitive data. This release of sensitive data can be especially detrimental to a company’s image and brand. This may be another reason why we’re seeing an increased success rate and higher ransom demand from these attacks. This is likely to become a long-term extortion mechanism.

#4: Mobile Ransomware will Grow and Continue to Get More Advanced

As our reliance on our mobile device grows, so will ransomware attacks on these devices evolve and grow. In 2020, a screen overlay attack on Android devices emerged as a new type of threat. According to Microsoft, this malware doesn’t actually block access to files by encrypting them, but instead blocks access to devices by displaying a screen that appears over every other window, rending the device useless. On the screen is the ransom note.

There’s also another strain of Android ransomware called Filercoder.C, where it lured users to install an app to gain access to pornographic content. When the victim downloads and installs the app, the ransomware encrypts system files and sends an SMS text to the victim’s contact list, encouraging them to use download and install that app.

#5: A Well-Funded Ransomware Industry?

As mentioned in #1, Ransomware-as-a-Service are mirroring their business model after software companies. It seems they are also following software companies when it comes to raising capital to grow their business.

“Cybercriminals have discussed, in open forums, proposals to create a venture capital organization or stock market of sorts, where interested parties can finance the development of malware, tools, and frameworks without ever writing a line of code,” reads a report Booz Allen Hamilton.

If these criminals do get their funding, we can expect to see a substantial growth in ransomware attacks.

The Data Backup and Recovery System that Protects Against Ransomware

Ransomware protection can get extremely costly, especially if you invest in perimeter defenses via detection and prevention tools. For companies without those types of resources, a solid data backup and recovery solution can do the job.

But the problem is, most data backup and recovery solutions are at risk of being infected with ransomware. The attack wouldn’t just encrypt all files in the corporate network, but also all the files in the backup repository. Other solutions have a different type of problem – when they restore their files from the backup, the ransomware is still there because it has already infected the backup files.

Quorum’s data backup and recovery system (onQ) is free from all those problems. Other than sharing a “wire”, Quorum onQ is completely separate from your infrastructure. It does not use your production storage, DNS, or Active Directory. This architecture is just one of the reasons why so many Quorum customers have all successfully recovered from ransomware attacks with a click.

To learn how Quorum can help you defend against ransomware, download this datasheet or schedule a demo now.

The post 5 Ransomware Trends in 2021 All Businesses Need to Prep For appeared first on Cybersecurity Insiders.


January 31, 2021 at 08:43PM

Leverage the Tools and Telemetry You Trust

The industry is at a pivotal point. With the pandemic driving up work-from-home and forcing hybrid work environments as well as many applications moving to the cloud, cybersecurity professionals are challenging best practices and once-thought foundational assumptions. Is a platform with tightly integrated native capabilities the right foundation for the future security instead of siloed security tools?

Stellar Cyber says yes to platform – with a twist – a solution that is open so it can integrate with the existing security tools like NGFW, IDS, EDR, Vulnerability Management and SIEM systems so enterprises and MSSP customers don’t have to abandon their current cybersecurity investments and keep the choice for the best breed of tools. Immediately improving detections with tools the customer already trusts, Stellar Cyber increases the value of existing cybersecurity solutions and provides a seamless path toward a fully integrated security solution with dramatically improved economics.

Under the hood, Stellar Cyber’s platform is open eXtended Detection and Response (XDR) recently identified by Gartner, ESG and Omdia as a means for enterprises and MSSPs to consolidate their SOC with more accurate detection and drive up productivity while reducing the cost at the same time. The goal of XDR is to have one platform that can detect and resolve cyberattacks anywhere they occur in the network, from endpoints and users to networks to SaaS applications and the cloud. The Stellar Cyber platform is the only cohesive and intelligent XDR platform that is open to the existing cyber-solutions such as IDS, EDR, and SIEM, so companies need not abandon their existing solutions to leverage its benefits.

Cohesive XDRs can consolidate multiple security tools into one integrated platform under a single, intuitive interface, and enable analysts to see the whole picture of their security posture across the entire cybersecurity kill chain. Stellar Cyber’s additional advantage is it works with existing tools – no disruption to show immediate value.

Stellar Cyber consolidates more than 20 security apps natively integrated into the platform. Stellar Cyber’s integrations with existing customer solutions create a unified console for threat detection and response, making security analysts more productive because they don’t have to go from one console to another and manually correlate detections. Stellar Cyber leverages AI and ML to automatically correlate what would appear to be separate, benign indicators to identify complex threats that other solutions miss across cloud, endpoint, users, networks and applications. The cohesive platform is also architected as multi-tier, multi-tenant from the ground up, providing isolation between customers, groups or affiliates with the AI being performed per tenant as well.

This platform approach delivers new SOC economics, dramatically reducing capital expenses on tools while improving operational efficiency. One platform is less than the cost of one of the five common tools and increases productivity of security operations teams by three times by leveraging machine learning to improve the accuracy of detections. Built-in automated response capability reduces overall time to response.

The Stellar Cyber platform is also much more efficient – it scans and evaluates data from throughout the organization to spot complex attacks composed of multiple detections, each of which, by itself, may not be significant. By correlating multiple detections, Stellar Cyber’s platform  can spot attacks that other systems miss. Here is an example that can be visualized, analyzed and responded to in minutes with under 10 clicks by one analyst. By themselves, each of these individual events may look trivial. If you happen to have the right security tools deployed, you may find out that:

  • Your CEO receives a PHISHING email with an embedded MALICIOUS URL.
  • Your CEO downloads a MALWARE file to his laptop by going to the URL
  • Your CEO accesses a file server at 2am on a weekday, an ABNORMAL BEHAVIOR in a UBA term
  • Your CEO’s laptop sends out lots of DNS traffic via DNS TUNELLING

Without Stellar Cyber, this is a lot of independent cybersecurity analysis by four different tools. Stellar Cyber brings these functions all together – helping to broaden the available talent pool needed to run the SOC, since a level 1 SOC analyst now can perform at Level 2 and so on.

The post Leverage the Tools and Telemetry You Trust appeared first on Cybersecurity Insiders.


January 31, 2021 at 08:25PM

Friday, January 29, 2021

Data Privacy concerns erupt with Robotic Vacuums

Robotic Vacuums simplify the lives of the users by keeping the house clean. But to all those who are using such devices to keep their homes neat and clean, you better know a fact that such robots when connected to internet can be intercepted by hackers who can then snoop into your homes by hacking the device cameras.

Consumer Reports(CR) Digital Lab Initiative has tested such devices and has offered its consumers a report on how well are the companies manufacturing such devices are dealing with their user privacy.

Security report submitted by CR Digital Lab says that they have carried out their research based on few metrics such as automatic software updates, email notification when the user logs into the device from a unique IP address, 2-factor authentication and others.

And the good news is that iRobot, a Wi-Fi connected Robotic Vacs, has won an excellent rating for data security from CR. The company ensures that its consumer privacy remains well protected as it issues regular security updates from time to time.

Ecovacs, Samsung RoboVac and Shark have earned good rating for data security. But the companies never reveal how their user privacy remains intact from being snooped by their own employees.

Coming to password security, all the companies like iRobots, Ecovacs, Samsung RoboVac and Shark have won an excellent rating as they offer a digital standard of allowing its users to frame only 8 character passwords that involve alpha-numeric characters along with special ones.

Note 1- CR has specifically mentioned in their report that Eufy Robotic Vacuums are worst when comes to revealing the facts on how they protect the privacy of their automated vacuum users or other connected devices. But the report doesn’t say to never buy such goods. But is urging the OEM to bring transparency on how it protects the data collected from its users of its connected devices.

Note 2- After going through the article, you might get a feeling that it’s better to go for a Robotic Vacuum device that doesn’t connect to the internet. But the fact is that you won’t be getting the fancy cleaning reports that others with the tech do.

The post Data Privacy concerns erupt with Robotic Vacuums appeared first on Cybersecurity Insiders.


January 29, 2021 at 08:38PM

Ransomware attack on Palfinger Hydraulics

Palfinger, an Austria-based Hydraulics Engineering Company, is reported to have been hit by a ransomware attack late last week. And the crane manufacturer has assured that most of the digital disruption related repercussions faced by its branches worldwide will be solved by this weekend.

The company that operates with its products in almost 30 countries has made it official that its email systems were the worst hit in the file encrypting malware related attack.

Insider sources say that hackers are expecting enormous sums to free up the data from the malware. However, the company’s IT staff is confident that they could recover all the systems through backups without the need to pay a single penny to hackers.

However, trade analysts say that the company could suffer a business loss accounting to millions of pounds as the manufacturing of Hydraulic machines like cranes and forklifts has come to a dead halt. Network downtime, costs, remediation costs, hardware and software loss could add to the company’s agony apart from the reputational damage that could show an impact on the stocks of the company at the bullion market, if any.

Note- A ransomware is a kind of malware that locks down a database from access until a ransom is paid. Nowadays, hackers spreading ransomware are indulging in double extortion technique, where they hack into a network, steal a portion of data, and then lock down the database until a ransom in cryptocurrency is paid. If the victim denies paying the demanded sum, then the stolen data is sold of the dark web.

The post Ransomware attack on Palfinger Hydraulics appeared first on Cybersecurity Insiders.


January 29, 2021 at 02:52PM

Android releases patch for two critical vulnerabilities

Most of the smart phone users are found using Apple iOS or Google Android loaded devices. Reason, their user interface is easy to interact and the app stores get regular innovative updates from time to time.

If we consider the price factor, Apple Inc offers devices that are more premium and thus are not reachable to normal smart phone users, albeit ‘Price Wise’. And coming to Google loaded phones, the company offers an open source operating system that is being used by multiple device manufactures across the world.

Now, keeping aside the perks, let’s head to the title point. From January 26th, 2021 the internet juggernaut has released updates to almost 41 vulnerabilities that include 2 critical ones.

First is security patch for disallowing the hackers to run malicious codes on infected devices that allow the threat actors to shut down the phone remotely. The second is another critical flaw that disallows the device from being targeted by denial of service attacks aka DDoS- Distributed denial of service attacks; where hackers are seen generating fake web traffic from infected devices to jam the servers from conducting their normal functions.

The highlight of the latest update pushed by Google is that it is only being rolled out to phones running on 8, 8.1, 9, 10 and 11 operating systems and that includes the Galaxy series and Pixel 3,4 and 5 series of phones.

Alas! But for users using Pixel 2 and Pixel 2 XL, the security patch will not be available for them as the support for these devices has ended on December 2020.

So, better see that your Android device gets up-to-date security features!

The post Android releases patch for two critical vulnerabilities appeared first on Cybersecurity Insiders.


January 29, 2021 at 02:50PM

Thursday, January 28, 2021

Cygilant and SentinelOne Partnership Offers Businesses Automated Cybersecurity for the Endpoint and Cloud

Cybersecurity-as-a-Service Firm Offers Mid-Size Businesses Access to Leading Autonomous Cybersecurity Platform

January 26, 2021 — Cygilant, provider of Cybersecurity-as-a-Service to mid-sized organizations, today announced its customers now have access to SentinelOne, the only cybersecurity solution encompassing AI-powered prevention, detection, response, and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous XDR platform. Offered as part of an agreement with Exclusive Networks, Cygilant has built a comprehensive portfolio of best-in-breed enterprise security technologies built to help mid-sized businesses protect themselves from sophisticated cyberattacks.

SentinelOne’s Singularity XDR platform seamlessly unifies endpoint protection (EPP), endpoint detection and response (EDR) – protecting businesses and employees working remotely. The platform uses patented behavioral and static AI models to deliver autonomous capabilities with the lowest performance impact. SentinelOne predicts and protects endpoints, IoT devices, servers, containers, and cloud workloads from malicious activities at any stage of the attack chain – from the successful exploit to the last payload operation – all at machine speed.

 

“We’re excited to launch our strategic partner program with SentinelOne, one of the most innovative cybersecurity companies in the world,” said Cygilant CEO Rob Scott. “We work closely with premier cybersecurity firms so we can offer our clients a unique blend of best-in-breed technologies that align with their people and processes to protect against all internal and external threats. We offer enterprise-grade protection for businesses that otherwise wouldn’t be able to afford or manage it.”

 

Many businesses find themselves – and their budgets – stretched thin and are not investing in cybersecurity. A recent report found that 43% of small and mid-size business owners have no cybersecurity defense plan in place despite the average data breach costing organizations a minimum of $200,000. Cygilant’s SOC-as-a-service and 24×7 expert analysts empower organizations to manage, monitor, detect, and respond to cyber threats. The Company’s a la carte offering enables IT and security leaders to scale their program based on their needs and quickly implement a broad range of proven security tools cost-effectively.

 

“As organizations continue to transition to support remote workforces, they need technology partners that can help secure the vulnerable endpoints that attackers view as a gateway to their network,” said Brandon Andrews, VP MSSP & Alliances, SentinelOne. “Through this partnership, Cygilant will now be able to provide their customers with a security advantage, autonomously protecting endpoints, IoT and cloud workloads from modern threats.”

 

About SentinelOne
SentinelOne is the only cybersecurity solution encompassing AI-powered prevention, detection, response, and hunting across endpoints, containers, cloud workloads, and IoT devices in a single autonomous platform. With SentinelOne, organizations gain full transparency into everything happening across the network at machine speed – to defeat every attack, at every stage of the threat lifecycle. To learn more, visit www.sentinelone.com or follow us at @SentinelOne, on LinkedIn or Facebook.

 

About Cygilant
Cygilant provides cybersecurity-as-a-service for mid-sized organizations to protect against cyber threats. By combining best-of-breed technology with Cygilant’s deep bench of cybersecurity experts, organizations get the people, process, and technology to address persistent threats. All services include Cygilant’s SOC-as-a-service, a 24×7 global service, and the Cygilant SOCVue platform, a single-pane-of-glass dashboard that delivers a holistic view of organizations’ cybersecurity posture. Cygilant’s best-of-breed partners include SentinelOne, AlienVault, Ivanti, and LogPoint. Learn more about Cygilant’s services, including security monitoring, vulnerability and patch management, and endpoint threat detection, at www.cygilant.com.

The post Cygilant and SentinelOne Partnership Offers Businesses Automated Cybersecurity for the Endpoint and Cloud appeared first on Cybersecurity Insiders.


January 28, 2021 at 10:04PM

Cybercriminals Now Targeting Celebrity Plastic Surgery

When you think about cybercriminals, what image comes to mind? Some sweaty, greasy teenager type persona hidden in a dark room surrounded by computers, trying to crack code and glean information from big websites. Kind of true.

Then you think about the types of places that hackers are trying to break into. It’s easy to think that they will go after big companies like Amazon and other online retailers. Or banks, investment companies, or telecom giants. You probably wouldn’t think that cybercriminals would have celebrity plastic surgeons high up on their list. But they did.

Yes, this actually happened not so long ago. The Hospital Group, a leading plastic surgery company in the UK known for providing services to a range of celebrities, was a recent victim of a ransomware attack. Hackers managed to break into their system and get an exhaustive list of their patients’ before and after pictures. The group responsible, REvil, have said they’re not the nicest of images, but with over 900 gigabytes of patient photographs, they’ve certainly got a lot to hold the company to ransom.  

The Hospital Group themselves said: “We can confirm that our IT systems have been subject to a data security breach. None of our patients’ payment card details have been compromised, but at this stage, we understand that some of our patients’ personal data may have been accessed.”

Okay, hold on, this is serious. Payment details are safe, so that’s good. But for a plastic surgery company, the personal details are the one thing you want to keep extra safe. Especially if you’re a celebrity, who’s trying to hide the fact they’ve had any work done. In fact, anybody who’s had any work done no doubt wants to keep that information private. It’s like the Ashley Madison affair all over again (pun intended). The dating site was hacked years ago, and high-profile users had their information leaked all over the tabloids. It led to broken marriages, heartbreak, and in the worse scenarios, suicide. Now imagine somebody who has sought body modifications because the way they look has affected their mental health. Leaked pictures can only lead to bad things.

Only a few celebs like Dolly Parton are happy to admit they have had surgery. She said: “If something is bagging, sagging, or dragging, I’ll tuck it, suck it, or pluck it.” 

But it’s not unusual to see ransomware attacks like this. They’ve been growing in the world of cybercrime, and online users and IT security companies are always having to up their game to combat it. In 2020, it was estimated that cybercriminals had earned $25bn, so you can only expect ransomware attacks to keep on happening.  To make sure you don’t become a victim, it’s important to take the right steps.

Step one is to arm yourself against online hackers. One of the best ways to do that is by using a VPN. It’s a great way to turn yourself invisible when you’re online and keep all your information protected. If you were to use the CyberGhost virtual private network, for example, you’d be able to protect your digital identity and massively reduce the risk of being a ransomware victim. And now’s the best time to do this. Why? More and more of us are going online every day; we use the internet for practically everything. The coronavirus pandemic has also seen a massive increase in remote working, so more people are behind the computer screen. And with lockdowns all over the country, the increase of streaming and online communications has risen massively. However, this also means it’s a paradise for cybercriminals as more people are signing up for services, leaving their personal information out there on the internet. A successful ransomware attack can yield impressive results for them.

A VPN will help you combat this, though. It’ll hide your original source of origin when you head online, so cyber criminals won’t be able to find out your IP address. You can then go online in complete anonymity.  If you’ve signed up to different retailers, have your details stored on specialist sites, you’ll now have peace of mind knowing that your details are kept secure behind the VPN’s security. And speaking of security, a VPN like CyberGhost boasts AES 256-bit encryption, which is the highest standard available. That means whenever you’re online, you’ll already have that high level of security watching your back.

As shown by the Hospital Group, any kind of business can be open to the latest hacking attack. With so much of our details kept online, too, there’s always this sense of danger lurking about. Why rely on the security of just one company when you can add extra protection yourself? 

The post Cybercriminals Now Targeting Celebrity Plastic Surgery appeared first on Cybersecurity Insiders.


January 28, 2021 at 09:18PM

Cynet 2021 CISO Survey Reveals Need for SMEs with Small Security Teams to Rethink Cybersecurity Strategy

With Fewer Resources, Smaller Security Teams Forced to be Innovative in Dealing with Enterprise Threats  

New York, NY – January 27, 2021 — Cynet (http://www.cynet.com) today announced a new survey titled “2021 CISO Survey of Small Cyber Security Teams.” According to the findings in this survey, companies with small security teams, generally SMEs, are facing a number of unique challenges, placing these organizations at greater risk than their larger enterprise counterparts. These enhanced risks are moving 100% of these companies to outsource at least some aspects of security threat mitigation in order to safeguard IT assets.

In this survey of 200 CISOs at small and medium size enterprises (SMEs) with five or fewer security staff members and cybersecurity budgets of $US one million or less, it was found that a majority of these organizations were overwhelmed by the endless volley of cyber-attacks. This has been due in large part because SMEs are inundated by many of the same threats facing larger organizations, but lack the financial resources, specialist staff, training and proper tools to consistently remediate them. According to the research results in this survey:

•    63% of the responding CISOs felt their risk of attack was higher compared to enterprises, despite the fact that enterprises have a larger target on their back.
•    57% of CISOs admitted that their ability to effectively protect their companies is overtly lower than they would like it to be.
•    57% of companies indicated they do not have enough skill and experience to protect against cyber-attacks.
•    80% of responding CISOs said they would like to invest in more automated security solutions as these companies look for innovative ways to do more with fewer heads.
•    As a result of the aforementioned, 100% of small security teams are outsourcing security mitigation to an external provider with 53% outsourcing to an MDR service and the balance outsourcing to an MSSP provider.

An advantage that organizations with limited security teams have is their understanding of the value that solutions like EDR (Endpoint Detection & Response) provide. 87% of those using an EDR solution said it was valuable. However, the vast majority of respondents (79%) said it took their teams more than four months to finish their EDR deployment and become proficient in using the solution.

The top tactics used by these smaller operations to improve processes was to invest in automated solutions and processes (80%) followed by investments in security training and certifications (61%), consolidation of security tools and platforms (61%), replacement of complex security technologies (52%) and outsourcing to service providers to fill security tool gaps (51%).

“This analysis looks at the reality of how CISOs with small security teams are taking on increasingly larger security challenges,” said Eyal Gruner, CEO and founder of Cynet. “The results of this survey are a rare insight into the inner workings and dynamics of SMEs and a spotlight on how they are responding to the ongoing wave of criminal and state sponsored cyber-attacks.”

Tweet this: @Cynet CISO Survey Reveals Need for Smaller Security Teams to Rethink their Cybersecurity Strategies and Solutions – https://bit.ly/2UgxHCE

Resources
To learn more about Cynet:
•    Discover the complete survey on the Cynet blog at:
https://www.cynet.com/blog/2021-survey-CISOs-with-small-security-teams
•    Register for a webinar on the new SME CISO Survey results at:
https://cynet.easywebinar.live/survey-CISOs-with-small-security-teams
•    Visit Cynet at https://cynet.com
•    Follow Cynet on Twitter at http://www.twitter.com/cynet360
•    Follow Cynet on LinkedIn at https://www.linkedin.com/company/cynet-security/

About Cynet
Cynet 360 is the world’s first Autonomous Breach Protection platform that natively integrates XDR endpoint, user and network attack prevention and detection capabilities with an incident engine that fully automates investigation and remediation actions, backed by a 24/7 world-class MDR service. End to end, fully automated breach protection is now within reach of any organization, regardless of security team size and skill level. For additional information, please visit: https://www.cynet.com.

The post Cynet 2021 CISO Survey Reveals Need for SMEs with Small Security Teams to Rethink Cybersecurity Strategy appeared first on Cybersecurity Insiders.


January 28, 2021 at 09:01PM

Google uncovers North Korea espionage campaign

Google has blamed a North Korean group for posing as security bloggers and launching espionage campaign on American Cybersecurity Community. The attacks were discovered when Google’s Threat Analysis Group discovered some hackers were trying to steal classical data by creating fake social media accounts on Facebook and Twitter.

Such attacks can be serious says Adam Weidemann, a senior researcher at the Alphabet subsidiary’s as the stolen info can breach popular computer products such as Windows 10 operating system and Chrome Web Browser.

The highlight of the specified attack is that some security researchers are posing as beautiful females and inviting some high-profile people from big companies to view their Instagram accounts filled with flamboyant photos. They somehow trap such people into revealing the vulnerabilities of certain software products, thus giving them access to a business network respectively to install snooping malware.

Currently, there is no information on the number of compromised products or devices. But Weidemann has welcomed other security researchers from across the world to share information, if any.

However, the threat analysis group owned by the internet juggernaut has tracked down 10 twitter profiles and 7 LinkedIn profiles indulging in such malevolent activities.

Like in previous instances, North Korea has denied its involvement in such attacks. But the entire world knows how the country earns its finances by indulging in malicious online activities.

The post Google uncovers North Korea espionage campaign appeared first on Cybersecurity Insiders.


January 28, 2021 at 08:35PM

Australia launches Cyber Attack probe via SBS

Australia’s Special Broadcasting Service (SBS) along with the police of New South Wales (NSW) has started a probe and are busy finding any cyber repercussions in using the Accellion fill transfer software that was impacted in a cyber attack last year.

In connection with the SolarWinds software, the Accellion software came under the watchful radar of many Cybersecurity agencies around the world when it was discovered that the two decades long company was cyber attacked through vulnerability by hackers suspected to be from Russia. 

Early January 2021, Accellion issued a warning to all its customers that its file transfer software capabilities could have been compromised through a PO Vulnerability that existed in its legacy file transfer appliance before January 18th, 2021.

And the highlight is that the cyber attack drama came into light after Kaspersky reported that the hackers who exploited the vulnerability of Accellion could be the ones behind the Solorigate incident.

As NSW uses Accellion to transfer data related to child abuse, there is a scope that such data could have been compromised in the incident, like the one witnessed in the incident of ASICs aka Australian Securities and Investments Commission and Allen Law firm.

So, SBS has been asked to dig down the facts through a detailed probe on the number of impacted customers of Accellion.

The Royal Australian Mint that also uses Accellion software has denied affected by the breach.

The post Australia launches Cyber Attack probe via SBS appeared first on Cybersecurity Insiders.


January 28, 2021 at 02:03PM

NetWalker ransomware spreader arrested

Those spreading NetWalker ransomware were arrested in a joint operation taken up by international law enforcement agencies aimed to bring down cyber crime against healthcare sector to a large extent. Thus, the latest operation to seize the assets of NetWalker that were involved in a cyber crime against several universities, municipalities, medicine makers involved in development of vaccine against Corona Virus; has set an example that the legal authorities will never entertain such cyber crime for long time.

In what is known to Cybersecurity Insiders, a Canadian national was arrested early this week in connection to NetWalker Ransomware spread in which over half a million dollars was pocketed by the culprit with a promise to free up the database from the file encrypting malware.

The modus operative was simple, the arrested individual based in Florida used to compromise a victim’s network with malware and deploy a ransom note. Then they used to ask the victim to establish a communication stream via TOR network to transfer the demanded amount.

Named Sebastian Vachon Desjardins, the Canadian National, was charged with six indictments of obtaining $27.9 million currency by fraudulent means by spreading NetWalker malware to several computer networks.

Thus, with the latest arrest, the Department of Justice has clarified that it will not take cyber crime lightly.

The recent arrest from Florida is the third besides the previous 2 that saw the arrest of 2 culprits spreading NetWalker Ransomware on January 10th, 2021, and making money worth $454,530 in cryptocurrency.

Note- The arrest was made under full supervision of Cyber Cops from FBI, and the entire infrastructure of Emotet was also seized in the operation launched in the coordination with European Union Police and Two Hague based security agencies.

The post NetWalker ransomware spreader arrested appeared first on Cybersecurity Insiders.


January 28, 2021 at 02:01PM

NetWalker ransomware spreader arrested

Those spreading NetWalker ransomware were arrested in a joint operation taken up by international law enforcement agencies aimed to bring down cyber crime against healthcare sector to a large extent. Thus, the latest operation to seize the assets of NetWalker that were involved in a cyber crime against several universities, municipalities, medicine makers involved in development of vaccine against Corona Virus; has set an example that the legal authorities will never entertain such cyber crime for long time.

In what is known to Cybersecurity Insiders, a Canadian national was arrested early this week in connection to NetWalker Ransomware spread in which over half a million dollars was pocketed by the culprit with a promise to free up the database from the file encrypting malware.

The modus operative was simple, the arrested individual based in Florida used to compromise a victim’s network with malware and deploy a ransom note. Then they used to ask the victim to establish a communication stream via TOR network to transfer the demanded amount.

Named Sebastian Vachon Desjardins, the Canadian National, was charged with six indictments of obtaining $27.9 million currency by fraudulent means by spreading NetWalker malware to several computer networks.

Thus, with the latest arrest, the Department of Justice has clarified that it will not take cyber crime lightly.

The recent arrest from Florida is the third besides the previous 2 that saw the arrest of 2 culprits spreading NetWalker Ransomware on January 10th, 2021, and making money worth $454,530 in cryptocurrency.

Note- The arrest was made under full supervision of Cyber Cops from FBI, and the entire infrastructure of Emotet was also seized in the operation launched in the coordination with European Union Police and Two Hague based security agencies.

The post NetWalker ransomware spreader arrested appeared first on Cybersecurity Insiders.


January 28, 2021 at 02:01PM

Wednesday, January 27, 2021

Myth Buster: Data Fatigue is Not Real

The noise is real. Of that, we can agree. It started way back in history – whoops, wrong topic (shout out to all of you who know that lyric). Basic packet captures – the final arbiter of proof, started all this and has continued nonstop until this very day. Every security analyst worth his/her salt asks for the packet captures. Why do we have all this data? Do we need it all? With IOT today, my toaster can tell me how many toast points I have burned since 2019. Do we care? Should we care? To be honest, I’m not sure I want folks to know I struggle getting my toast just right :).

Some of the blame rests squarely on the shoulders of all the security practitioners out there. How many times have we asked our partners, ”Can’t you just create a syslog and tell me everything I need to know?” We are part of the problem. The other part of the problem rests on our security partners (vendors). A few enterprising partners tell us, “Send me all your data. Worst case is we can store it just in case you need it someday.” Great way to drive up licensing – the more of my data your product stores the more I pay you to access my data.

Today, the security vendor community is exacerbating the problem as we create point solutions to solve point problems without the big picture in mind. These point solutions lead to un-correlated data, incomplete visibility, and terrible reporting. Last year at RSA, there were over 1500 security vendors showing their products. Depending on which well-meaning report you read, the average number of security tools deployed to protect the enterprise is between 50 and 75. How can this be? There has got to be a better way.

What is the big picture? That’s a great question. How about a security ecosystem where the underlying architecture does not care what apps (security tools) get plugged in or who the vendor is of those apps? The architecture allows for any tools to plug in, where the data gets processed correctly (reduced, de-duplicated, enriched, and normalized). Where the architecture shares data amongst all apps that are part of the ecosystem. Not only event data, but threat data, response (think SOAR) capabilities, and reporting.

Some of you will say, that’s nirvana. I suggest it exists today. If you have not explored XDR, you need to. XDR is any data (X) detection and response. Until recently, that was not possible despite the many claims from EDR and MDR vendors. Getting the data right through the correct data processing, applying detection’s across those data streams which include AI and ML, inspecting those data streams through threat hunting and correlation, and ultimately automating responses to those detection’s.

Open XDR is Stellar Cyber’s answer to the data problem. There are not too many alerts nor too much data – the existing data is just not being processed correctly. The Starlight platform is our answer to too much data, too many alerts, and too many tools. The Open XDR approach solves the point solution problem. Correlated data, complete visibility, improved reporting, and ultimately quicker detection’s and reduced dwell time. The idea of data fatigue can be put to rest – get the data right and the rest takes care of itself!

The post Myth Buster: Data Fatigue is Not Real appeared first on Cybersecurity Insiders.


January 28, 2021 at 05:57AM