Gmail Phishing Attack Strikes at Heart of API Economy

The phishing attack launched against Gmail accounts this week represents the opening of a new front in the cybersecurity war that strikes at the heart of the API economy.Unlike other phishing attacks that require end user to log into a fake web site to give up their password, the phishing attack launched this week relied on a fake version a Google Docs was created by cybercriminals.

Spotlight

Prot-On

Prot-On is a software that ensures that the files you send by email, upload to the cloud or share on social networks will only be accessible to authorized users. Encrypt your documents, pictures, videos, audios or emails and decide who, how and when can access them. You can also track document use. WHO USES PROT-ON? Companies worried about information leaks, regulatory compliance and the security of their information stored in cloud based systems. Government Agencies that need to protect State secrets and control information that is shared with other agencies or other countries. Professionals users who want to protect their files and intellectual property by assigning permissions to edit copy, view or print. Home users who want to know who’s viewed or forwarded documents or photos they’ve shared on the internet, uploaded to the cloud or put on a USB. HOW MUCH DOES PROT-ON COST? Prot-On offers a Free service to home users, offers a Premium service for professionals who need to protect t

OTHER ARTICLES
Enterprise Security, Network Threat Detection

Protection vs Privilege

Article | July 13, 2023

As of May 2023, 39% percent of workers in the UK work from home at some point during their week. Whilst understandable, the hybrid-working environment continues to pose more risks to organisations and their data. As more devices are accessed beyond the confines of the corporate network, businesses must account for the inherent risks presented by insecure or non-existent endpoint control. As users of these devices have more administrative control, and without the constant presence of IT services, the door is left open for increased phishing, ransomware and malware attacks. A daunting 88% of data breaches are now caused by employee error. Just earlier this month, the genealogy company 23andMe confirmed that its data had been compromised in an attack from hackers who claimed to have accessed millions of data points from accounts by taking advantage of users login credentials. The problem with this is that the users are not the root of the issue. The concern comes not only from employees, but from the number of endpoints being accessed from multiple locations, and the lack of control over the access and privileges that these devices have. A frightening statistic revealed in a study from Forbes, showed that 23% of UK and US small businesses used no form of endpoint security, and that a further 57% simply believe they won’t be targeted by cyber-attacks. The reason this is so concerning is that cybersecurity companies have reported a 20% increase in victims of such attacks just in the last year. These attacks not only put company and customer data at risk but can also result in a strain on IT services and leave users without the systems and tools essential for productivity. Preventing unlimited access One of the ways that attacks break through endpoints and escape into an organisation's network is by exploiting local admin rights on end-users' workstations. Those local admin rights are handy for the user. For example, they can install a new printer driver or update an application plug-in without calling the IT help desk. But they can also be abused to install malware or configure the computer to make an attack easier. It could be easy to remove those local admin rights or the shadow user account on the workstations with those elevated permissions. But that will frustrate end-users and increase the load on the help desk. The key issue here, is the concept of privilege. Users often need the privilege to elevate their devices by running an administrator account in order to gain access to, and update applications. Unfortunately, this greatly increases risk as these elevated administrator accounts are much more attractive to hackers for this exact reason - their access to more lucrative data. It has been reported that 70% of all data breaches are targeted at privileged accounts, which is especially alarming when taking into account the fact that 90% of IT security professionals have said that their organisations’ users have more privilege than is necessary. The issue for many companies arises in finding the balance between the users’ access to local admin rights and their productivity. More open access to the admin rights makes things easier and convenient for the users but opens the door to security risks with more endpoints to target. A study by the Ponemon Institute showed that 73% of organisations believed that threats to their endpoints had significantly increased, and that a staggering 80% of organisations that had been compromised by cyber-attacks did not know what type of attack they had been subjected to. The need for a more effective and efficient security measure is clear. Endpoint privilege management (EPM) oversees and governs the privilege of network devices. It completely removes the need for users to have administrator accounts on the devices they use, whilst still enabling them to have elevated access to certain applications. EPM only elevates approved applications and provides the users with a clear audit list of those which have been approved. Privilege to protect Whilst not a universal fix, the implementation of EPM, for example, can help alleviate the risks and reinforce a culture of security within organisations. It is understandable to be cautious when faced with words and phrases such as “approved applications” or “removing administrator rights”, but EPM is not about limiting your users’ experience or productivity. EPM does not forbid or remove access to applications. The IT team can grant approved users’ permission to run specific applications with elevated permissions for a limited period, to carry out specific actions. Users can then access what they need to, while IT retains visibility over all actions in case activity needs to be stopped, or incidents need to be investigated at a later date. If permissions need to be granted on an individual basis, for each user and application, IT will be buried under an avalanche of requests – so EPM tools will allow rules and policies to be created and then applied at scale. Users can do the work they need with few calls to the Help Desk. IT gets fewer interruptions and can focus on more valuable work. Auditors can see who had access to which applications and logs show the actual users, not an arbitrary administrator account. Endpoint privilege management is vital to any organisation's cybersecurity strategy, not only to manage and control access to sensitive data and resources but minimise the chance of a data breach. EPM also plays a crucial role in ensuring compliance with industry standards and regulations to avoid the legal liabilities that may ensue should a breach occur.

Read More
Enterprise Security, Platform Security

The NIS2 cyber security rules are coming – are you ready?

Article | July 13, 2023

The EU NIS cyber security regulations are evolving for 2024 – and if you’re not currently aware of how they’ll apply to your organisation, now is the time to get up to speed with the likely requirements. Not only is the directive being tightened, but an extended range of healthcare and related organisations will be added to the list of ‘critical entities’ that must comply. These include certain medical device manufacturers, pharmaceutical companies, and organisations that carry out R&D. The Network and Information Systems (NIS) standards were set up in 2016 to protect essential services – such as water, energy, healthcare, transport and digital infrastructure – from online cyberattacks. The updated legislation, NIS2, will have stricter rules and reporting requirements, and higher penalties for non-compliance. They will apply to medium-sized and large businesses that operate within one or more EU countries. Those based only in the UK can’t sit back, however, as the original NIS regulations will still apply as part of British law. What’s more, a UK version of the rules is coming very soon, and it’s likely that the framework will closely resemble the EU’s. What will the requirements cover? There are a number of cyber risk management measures that all organisations that come under the scope of NIS2 will be required to put in place. For instance, they will need to conduct regular security assessments and risk analyses, adopt incident response and handling plans, and appoint a chief information security officer (CISO), among other obligations. The new directive will streamline and strengthen incident reporting requirements. Entities must notify regulators of any incident that has compromised data, or had a significant impact on the provision of their services, for instance by causing severe operational disruption or financial loss. Applying information system security policies and business continuity plans will form part of the obligations, as will conducting cyber security testing, and training for all staff. The use of multi-factor authentication (MFA) and encryption, where appropriate, will also be mandated. There is plenty of focus within the directive on the cornerstones of cyber security best practice – in particular the proper control of administrator-level account credentials, privileged access, and endpoints, all of which are prime targets for attackers. Under NIS2, organisations are being separated into ‘critical’ and ‘important’ entities. It’s important to determine which category yours will fall under, as requirements are different for each. The third party threat will also be addressed in NIS2 through the pulling in of managed service providers (MSPs) to the list of ‘critical entities’, with the aim of keeping digital supply chains secure. MSPs are often granted privileged access to clients’ corporate systems and networks, which creates security risks. What are the consequences of non-compliance? Organisations that come under the regulations’ purview will be subject to random checks, regular security audits, on-site inspections and off-site supervisions. For those found to be in breach, sanctions could include warnings, temporary suspension of certain activities, and temporary prohibition to exercise certain managerial functions. Financial penalties could be as high as 10 million Euros or 2% of an organisation’s global turnover – whichever is higher. What steps should healthcare organisations take now? Organisations should take action to establish whether the EU or UK NIS2 regulations will apply to them and what their responsibilities will be. Having identified any gaps in existing cyber security processes, policies and practices, they must determine what changes need making to address them. As a priority, they must review their incident response plans, and incident management and reporting procedures. It’s also a good idea to begin assessing the security posture of partners and third parties in the supply chain, and incorporating relevant security requirements into contracts. Given the framework’s focus on protecting privileged admin accounts, organisations should implement controls that will limit the number of staff members who hold these powerful credentials. Implementing privileged access management (PAM) will allow IT to control who is granted access to which systems, applications and services, for how long, and what they can do while they’re using them. Preparing for the introduction of the EU NIS2 regulations should be considered as more than just a compliance exercise. By meeting the strengthened requirements, healthcare organisations will be building a foundation of resilience that protects them, their customers, and the essential services they provide.

Read More
Software Security

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Article | August 9, 2023

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?A new study of credit management professionals has revealed that improving the quality of data and decision-making will be a top priority for the credit industry in the next three years. The research, from Equifax Ingnite in collaboration with Coleman Parkes, takes a deep dive into the views of credit management pros across retail, banking, finance and debt management/recovery sectors.

Read More

3 Trends in Data Privacy Breach Laws That Will Carry Over to 2020

Article | February 12, 2020

During 2019, new privacy laws were introduced, and many current laws evolved in the United States and across the global landscape. With the General Data Protection Regulation (GDPR) in full effect, we saw expensive fines levied upon companies that fell victim to data privacy breaches. As we move into a new year, probably the biggest takeaway from 2019 is that being proactive and having a data privacy strategy in place is important to help mitigate the risk of a data privacy breach. The regulatory landscape continues to evolve as states and countries actively pass new expanded requirements for privacy and cybersecurity regulations. While laws in the U.S., like the California Consumer Privacy Act (CCPA), are getting significant attention, many other states and countries are actively amending their breach notification laws to include tighter restrictions.

Read More

Spotlight

Prot-On

Prot-On is a software that ensures that the files you send by email, upload to the cloud or share on social networks will only be accessible to authorized users. Encrypt your documents, pictures, videos, audios or emails and decide who, how and when can access them. You can also track document use. WHO USES PROT-ON? Companies worried about information leaks, regulatory compliance and the security of their information stored in cloud based systems. Government Agencies that need to protect State secrets and control information that is shared with other agencies or other countries. Professionals users who want to protect their files and intellectual property by assigning permissions to edit copy, view or print. Home users who want to know who’s viewed or forwarded documents or photos they’ve shared on the internet, uploaded to the cloud or put on a USB. HOW MUCH DOES PROT-ON COST? Prot-On offers a Free service to home users, offers a Premium service for professionals who need to protect t

Related News

Enterprise Security, Platform Security, Software Security

ZeroFox Named Digital Risk Protection Leader by Quadrant Knowledge Solutions in 2023 SPARK Matrix™

GlobeNewswire | August 21, 2023

ZeroFox, (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, announced today that it was recognized as a technology leader in the 2023 Quadrant SPARK Matrix ™ for Digital Risk Protection by Quadrant Knowledge Solutions. This recognition comes on the heels of other recent accolades in the DRP space, further solidifying the company’s position on the forefront of innovation for digital risk protection. The SPARK Matrix™ from Quadrant Knowledge Solutions provides an in-depth analysis of the Digital Risk Protection landscape, including trends, the overall vendor landscape and the market. By ranking the vendors featured in the analysis, the SPARK Matrix ™ provides insights that allow companies to compare the potential capabilities – and the market position – of each company they would partner with in a more strategic way. "In the age of rapid digital transformation, enterprises face complex challenges in safeguarding their external attack surface. Amidst evolving threats from every corner of the web – whether the surface, deep, or dark – ZeroFox has combined the strength of AI and full-spectrum threat intelligence to power solutions for digital risk protection. This empowers security teams to stay ahead of potential threats and shield their online footprint in our dynamic digital world," said John Prestridge, Chief Product Officer at ZeroFox. "Being named a technology leader in Quadrant Knowledge Solutions’ SPARK Matrix™ for Digital Risk Protection speaks volumes about our team's unwavering commitment and passion for protecting our customers. We're deeply honored by the acknowledgment of our continuous dedication to the industry." “With its sophisticated technology platform, comprehensive functional capabilities, and roadmap, ZeroFox is well-positioned to maintain and grow its share in the DRP market,” Akshay Parmar, Analyst at Quadrant Knowledge Solutions notes in the report. The report notes “several key differentiators for ZeroFox’s External Cybersecurity Platform, including the recent launch of FoxGPT – which showcases the practical implementation of generative AI in addressing challenges within the cyber threat intelligence domain. Another is the team’s Threat Intelligence and Attack Surface Management solutions, both of which help the team to detect brand or executive impersonations, safeguard domains, detect phishing URLs, monitor brand mentions and negative sentiment, as well as identify data leaks and attack chatter on the deep and dark web.” This recognition for ZeroFox as a leader in Digital Risk Protection from Quadrant Knowledge Solutions is a special accolade for the team – but not the first. ZeroFox was also a winner of the 2023 Global Infosec Awards for Most Comprehensive in the Digital Risk Protection category. The team was also recognized with the 2022 Frost & Sullivan Global Competitive Strategy Leadership Award, which highlighted ZeroFox’s leadership and exceptional strategic innovation and customer impact. About Quadrant Knowledge Solutions Quadrant Knowledge Solutions is a global advisory and consulting firm focused on helping clients in achieving business transformation goals with Strategic Business and Growth advisory services. At Quadrant Knowledge Solutions, our vision is to become an integral part of our client's business as a strategic knowledge partner. Our research and consulting deliverables are designed to provide comprehensive information and strategic insights for helping clients formulate growth strategies to survive and thrive in ever-changing business environments. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

Enterprise Security, Platform Security, Software Security

Abnormal Announces New Capability to Detect AI-Generated Email Attacks

Business Wire | August 10, 2023

Abnormal Security, the leading behavioral AI-based email security platform, today announced CheckGPT, used to detect AI-generated attacks. The new capability determines when email threats, including business email compromise (BEC) and other socially-engineered attacks, have likely been created using generative AI tools. Cybercriminals are constantly evolving their attack tactics to evade detection by security defenses, and generative AI is the newest weapon in their arsenal. Using tools like ChatGPT or its malicious cousin WormGPT, threat actors can now write increasingly convincing emails, scaling their attacks in both volume and sophistication. In its latest research report, Abnormal observed a 55% increase in BEC attacks over the previous six months—with the potential for volumes to increase exponentially as generative AI becomes more widely adopted. “The degree of email attack sophistication is going to significantly increase as bad actors leverage generative AI to create novel campaigns,” said Karl Mattson, chief information security officer at Noname Security. “It's not reasonable that each company can become an AI security specialty shop, so we're putting our trust in Abnormal to lead the way in that kind of advanced email attack detection.” Unlike traditional email security solutions, Abnormal takes a radically different approach to stopping advanced email attacks, making it particularly well-suited to the challenge of blocking AI-generated attacks. The unique API architecture ingests thousands of diverse signals to build a baseline of the known-good behavior of every employee and vendor in an organization based on communication patterns, sign-in events and thousands of other attributes. It then applies advanced AI models including natural language processing (NLP) to detect abnormalities in email behavior that indicate a potential attack. After initial email processing, the Abnormal platform expands upon this classification by further processing email attacks to understand their intent and origin. The CheckGPT tool leverages a suite of open source large language models (LLMs) to analyze how likely it is that a generative AI model created the message. The system first analyzes the likelihood that each word in the message has been generated by an AI model, given the context that precedes it. If the likelihood is consistently high, it’s a strong potential indicator that text was generated by AI. The system then combines this indicator with an ensemble of AI detectors to make a final determination on whether an attack was likely to be generated by AI. As a result of this new detection capability, Abnormal recently released research showing a number of emails that contained language strongly suspected to be AI-generated, including business email compromise and credential phishing attacks. “As the adoption of generative AI tools rises, bad actors will increasingly use AI to launch attacks at higher volumes and with more sophistication,” said Evan Reiser, chief executive officer at Abnormal Security. “Security leaders need to combat the threat of AI by investing in AI-powered security solutions that ingest thousands of signals to learn their organization’s unique user behavior, apply advanced models to precisely detect anomalies, and then block attacks before they reach employees. While it’s important to understand whether an email was generated by a human or AI to understand and stay ahead of evolving threats, the right system will detect and block attacks no matter how they were created.” About Abnormal Security Abnormal Security provides the leading behavioral AI-based email security platform that leverages machine learning to stop sophisticated inbound email attacks and dangerous email platform attacks that evade traditional solutions. The anomaly detection engine leverages identity and context to analyze the risk of every cloud email event, preventing inbound email attacks, detecting compromised accounts, and remediating emails and messages in milliseconds—all while providing visibility into configuration drifts across your environment. You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly, with additional protection available for Slack, Teams, and Zoom. More information is available at abnormalsecurity.com.

Read More

Enterprise Security, Platform Security, Software Security

Vade Joins the Pax8 Marketplace to Offer MSPs AI Microsoft 365 Email Security Solutions

Globenewswire | June 01, 2023

Pax8, the leading cloud commerce marketplace, announced today it has added Vade, a global cybersecurity company specializing in AI-based cybersecurity, to its cloud marketplace. Vade's Microsoft 365 (M365) security solutions combine AI and human-powered detection and response, designed specifically for Managed Service Providers (MSPs). This collaboration enables MSPs to offer a comprehensive suite of email security services to prevent advanced cyber-attacks and improve email security for their customers. “According to Forbes, during the past 12 months, 34.5% of polled executives report their organizations' accounting and financial data were targeted by cyber adversaries. This is an alarming trend that opens the door for businesses to reprioritize cybersecurity as a business requirement and partner with an MSP to prevent and protect their customers’ email infrastructure,” said Nikki Meyer, CVP of Vendor Global Alliances at Pax8. “The cybersecurity space is growing, and Pax8 is committed to provide our partners with access to best-in-class cloud solutions like Vade, enabling them to proactively protect their customers from threats effectively.” Established in 2009, Vade originated in the town of Hem, near the city of Lille in northern France. From its beginnings as a French startup specializing in email security for internet service providers (ISPs), Vade has evolved into a global cybersecurity company. Their extensive portfolio now includes AI-based cybersecurity solutions tailored for businesses of all sizes and industries. With a presence in seven locations worldwide, including the US, France, Japan, and Canada, Vade has established itself as an international leader in the cybersecurity field. Vade for M365 is an AI-powered, collaborative security solution that is powered by AI, enhanced by people, and made for MSPs. Featuring Vade’s AI detection and response engine that protects 1.4 billion mailboxes worldwide, Vade for M365 blocks and remediates the advanced threats that slip through Microsoft's defenses. Combining powerful protection with integrated features, including automated awareness training, cross-tenant incident response, and auto-remediation, Vade combines powerful, AI-based protection with integrated, no-cost features that help MSPs save time, reduce administrative workload, and generate more ROI from cybersecurity. “As a channel-first company, Vade recognized Pax8’s unique relationship with and commitment to the MSP community,” said Georges Lotigier, CEO of Vade. “Pax8 is not only the premier distributor for MSPs but also a trusted resource with significant cybersecurity expertise, making this partnership a perfect fit. We are thrilled to bring Vade for M365 to Pax8’s MSP community and look forward to the new partnerships the marketplace integration will bring.” The integration of Vade into the Pax8 marketplace provides significant benefits to MSPs and their customers looking to enhance their email security posture. Customers will now have easy access to Vade's state-of-the-art email protection solutions, which can be seamlessly integrated into their existing email infrastructure. Vade M365 offerings include: Phishing, spear phishing, and malware/ransomware protection Auto- and assisted remediation Cross-tenant incident response Automated user awareness training SIEM integration Error-free configuration Deploy in minutes No MX record change Layers with EOP/ATP To learn more about Pax8 and Vade, please visit www.pax8.com. About Pax8 Pax8 is the world’s favorite cloud marketplace for IT professionals to buy, sell, and manage best-in-class technology solutions. Pioneering the future of modern business, Pax8 has cloud-enabled more than 400,000 enterprises through its channel partners and processes one million monthly transactions. Pax8’s award-winning technology enables managed service providers (MSPs) to accelerate growth, increase efficiency, and reduce risk so their businesses can thrive. The innovative company has ranked in the Inc. 5000 for five years in a row. Join the revolution at pax8.com. About Vade Vade is a global cybersecurity company that secures human collaboration with a combination of AI and human-powered detection and response. Vade’s products and solutions protect consumers, businesses, and organizations from email-borne cyberattacks, including malware/ransomware, spear phishing/business email compromise, and phishing. Vade is a fast-growing, channel-first company with a growing network of MSP and MSSP partners, as well as distribution agreements with leading distributors and aggregators in North America, EMEA, and Asia. Founded in 2009, Vade protects more than 1.4 billion corporate and consumer mailboxes and serves the ISP, SMB, and MSP markets with award-winning products and solutions that help increase cybersecurity and maximize IT efficiency. To learn more, please visit www.vadesecure.com.

Read More

Enterprise Security, Platform Security, Software Security

ZeroFox Named Digital Risk Protection Leader by Quadrant Knowledge Solutions in 2023 SPARK Matrix™

GlobeNewswire | August 21, 2023

ZeroFox, (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, announced today that it was recognized as a technology leader in the 2023 Quadrant SPARK Matrix ™ for Digital Risk Protection by Quadrant Knowledge Solutions. This recognition comes on the heels of other recent accolades in the DRP space, further solidifying the company’s position on the forefront of innovation for digital risk protection. The SPARK Matrix™ from Quadrant Knowledge Solutions provides an in-depth analysis of the Digital Risk Protection landscape, including trends, the overall vendor landscape and the market. By ranking the vendors featured in the analysis, the SPARK Matrix ™ provides insights that allow companies to compare the potential capabilities – and the market position – of each company they would partner with in a more strategic way. "In the age of rapid digital transformation, enterprises face complex challenges in safeguarding their external attack surface. Amidst evolving threats from every corner of the web – whether the surface, deep, or dark – ZeroFox has combined the strength of AI and full-spectrum threat intelligence to power solutions for digital risk protection. This empowers security teams to stay ahead of potential threats and shield their online footprint in our dynamic digital world," said John Prestridge, Chief Product Officer at ZeroFox. "Being named a technology leader in Quadrant Knowledge Solutions’ SPARK Matrix™ for Digital Risk Protection speaks volumes about our team's unwavering commitment and passion for protecting our customers. We're deeply honored by the acknowledgment of our continuous dedication to the industry." “With its sophisticated technology platform, comprehensive functional capabilities, and roadmap, ZeroFox is well-positioned to maintain and grow its share in the DRP market,” Akshay Parmar, Analyst at Quadrant Knowledge Solutions notes in the report. The report notes “several key differentiators for ZeroFox’s External Cybersecurity Platform, including the recent launch of FoxGPT – which showcases the practical implementation of generative AI in addressing challenges within the cyber threat intelligence domain. Another is the team’s Threat Intelligence and Attack Surface Management solutions, both of which help the team to detect brand or executive impersonations, safeguard domains, detect phishing URLs, monitor brand mentions and negative sentiment, as well as identify data leaks and attack chatter on the deep and dark web.” This recognition for ZeroFox as a leader in Digital Risk Protection from Quadrant Knowledge Solutions is a special accolade for the team – but not the first. ZeroFox was also a winner of the 2023 Global Infosec Awards for Most Comprehensive in the Digital Risk Protection category. The team was also recognized with the 2022 Frost & Sullivan Global Competitive Strategy Leadership Award, which highlighted ZeroFox’s leadership and exceptional strategic innovation and customer impact. About Quadrant Knowledge Solutions Quadrant Knowledge Solutions is a global advisory and consulting firm focused on helping clients in achieving business transformation goals with Strategic Business and Growth advisory services. At Quadrant Knowledge Solutions, our vision is to become an integral part of our client's business as a strategic knowledge partner. Our research and consulting deliverables are designed to provide comprehensive information and strategic insights for helping clients formulate growth strategies to survive and thrive in ever-changing business environments. About ZeroFox ZeroFox (Nasdaq: ZFOX), an enterprise software-as-a-service leader in external cybersecurity, has redefined security outside the corporate perimeter on the internet, where businesses operate, and threat actors thrive. The ZeroFox platform combines advanced AI analytics, digital risk and privacy protection, full-spectrum threat intelligence, and a robust portfolio of breach, incident and takedown response capabilities to expose and disrupt phishing and fraud campaigns, botnet exposures, credential theft, impersonations, data breaches, and physical threats that target your brands, domains, people, and assets. Join thousands of customers, including some of the largest public sector organizations as well as finance, media, technology and retail companies to stay ahead of adversaries and address the entire lifecycle of external cyber risks. ZeroFox and the ZeroFox logo are trademarks or registered trademarks of ZeroFox, Inc. and/or its affiliates in the U.S. and other countries. Visit www.zerofox.com for more information.

Read More

Enterprise Security, Platform Security, Software Security

Abnormal Announces New Capability to Detect AI-Generated Email Attacks

Business Wire | August 10, 2023

Abnormal Security, the leading behavioral AI-based email security platform, today announced CheckGPT, used to detect AI-generated attacks. The new capability determines when email threats, including business email compromise (BEC) and other socially-engineered attacks, have likely been created using generative AI tools. Cybercriminals are constantly evolving their attack tactics to evade detection by security defenses, and generative AI is the newest weapon in their arsenal. Using tools like ChatGPT or its malicious cousin WormGPT, threat actors can now write increasingly convincing emails, scaling their attacks in both volume and sophistication. In its latest research report, Abnormal observed a 55% increase in BEC attacks over the previous six months—with the potential for volumes to increase exponentially as generative AI becomes more widely adopted. “The degree of email attack sophistication is going to significantly increase as bad actors leverage generative AI to create novel campaigns,” said Karl Mattson, chief information security officer at Noname Security. “It's not reasonable that each company can become an AI security specialty shop, so we're putting our trust in Abnormal to lead the way in that kind of advanced email attack detection.” Unlike traditional email security solutions, Abnormal takes a radically different approach to stopping advanced email attacks, making it particularly well-suited to the challenge of blocking AI-generated attacks. The unique API architecture ingests thousands of diverse signals to build a baseline of the known-good behavior of every employee and vendor in an organization based on communication patterns, sign-in events and thousands of other attributes. It then applies advanced AI models including natural language processing (NLP) to detect abnormalities in email behavior that indicate a potential attack. After initial email processing, the Abnormal platform expands upon this classification by further processing email attacks to understand their intent and origin. The CheckGPT tool leverages a suite of open source large language models (LLMs) to analyze how likely it is that a generative AI model created the message. The system first analyzes the likelihood that each word in the message has been generated by an AI model, given the context that precedes it. If the likelihood is consistently high, it’s a strong potential indicator that text was generated by AI. The system then combines this indicator with an ensemble of AI detectors to make a final determination on whether an attack was likely to be generated by AI. As a result of this new detection capability, Abnormal recently released research showing a number of emails that contained language strongly suspected to be AI-generated, including business email compromise and credential phishing attacks. “As the adoption of generative AI tools rises, bad actors will increasingly use AI to launch attacks at higher volumes and with more sophistication,” said Evan Reiser, chief executive officer at Abnormal Security. “Security leaders need to combat the threat of AI by investing in AI-powered security solutions that ingest thousands of signals to learn their organization’s unique user behavior, apply advanced models to precisely detect anomalies, and then block attacks before they reach employees. While it’s important to understand whether an email was generated by a human or AI to understand and stay ahead of evolving threats, the right system will detect and block attacks no matter how they were created.” About Abnormal Security Abnormal Security provides the leading behavioral AI-based email security platform that leverages machine learning to stop sophisticated inbound email attacks and dangerous email platform attacks that evade traditional solutions. The anomaly detection engine leverages identity and context to analyze the risk of every cloud email event, preventing inbound email attacks, detecting compromised accounts, and remediating emails and messages in milliseconds—all while providing visibility into configuration drifts across your environment. You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly, with additional protection available for Slack, Teams, and Zoom. More information is available at abnormalsecurity.com.

Read More

Enterprise Security, Platform Security, Software Security

Vade Joins the Pax8 Marketplace to Offer MSPs AI Microsoft 365 Email Security Solutions

Globenewswire | June 01, 2023

Pax8, the leading cloud commerce marketplace, announced today it has added Vade, a global cybersecurity company specializing in AI-based cybersecurity, to its cloud marketplace. Vade's Microsoft 365 (M365) security solutions combine AI and human-powered detection and response, designed specifically for Managed Service Providers (MSPs). This collaboration enables MSPs to offer a comprehensive suite of email security services to prevent advanced cyber-attacks and improve email security for their customers. “According to Forbes, during the past 12 months, 34.5% of polled executives report their organizations' accounting and financial data were targeted by cyber adversaries. This is an alarming trend that opens the door for businesses to reprioritize cybersecurity as a business requirement and partner with an MSP to prevent and protect their customers’ email infrastructure,” said Nikki Meyer, CVP of Vendor Global Alliances at Pax8. “The cybersecurity space is growing, and Pax8 is committed to provide our partners with access to best-in-class cloud solutions like Vade, enabling them to proactively protect their customers from threats effectively.” Established in 2009, Vade originated in the town of Hem, near the city of Lille in northern France. From its beginnings as a French startup specializing in email security for internet service providers (ISPs), Vade has evolved into a global cybersecurity company. Their extensive portfolio now includes AI-based cybersecurity solutions tailored for businesses of all sizes and industries. With a presence in seven locations worldwide, including the US, France, Japan, and Canada, Vade has established itself as an international leader in the cybersecurity field. Vade for M365 is an AI-powered, collaborative security solution that is powered by AI, enhanced by people, and made for MSPs. Featuring Vade’s AI detection and response engine that protects 1.4 billion mailboxes worldwide, Vade for M365 blocks and remediates the advanced threats that slip through Microsoft's defenses. Combining powerful protection with integrated features, including automated awareness training, cross-tenant incident response, and auto-remediation, Vade combines powerful, AI-based protection with integrated, no-cost features that help MSPs save time, reduce administrative workload, and generate more ROI from cybersecurity. “As a channel-first company, Vade recognized Pax8’s unique relationship with and commitment to the MSP community,” said Georges Lotigier, CEO of Vade. “Pax8 is not only the premier distributor for MSPs but also a trusted resource with significant cybersecurity expertise, making this partnership a perfect fit. We are thrilled to bring Vade for M365 to Pax8’s MSP community and look forward to the new partnerships the marketplace integration will bring.” The integration of Vade into the Pax8 marketplace provides significant benefits to MSPs and their customers looking to enhance their email security posture. Customers will now have easy access to Vade's state-of-the-art email protection solutions, which can be seamlessly integrated into their existing email infrastructure. Vade M365 offerings include: Phishing, spear phishing, and malware/ransomware protection Auto- and assisted remediation Cross-tenant incident response Automated user awareness training SIEM integration Error-free configuration Deploy in minutes No MX record change Layers with EOP/ATP To learn more about Pax8 and Vade, please visit www.pax8.com. About Pax8 Pax8 is the world’s favorite cloud marketplace for IT professionals to buy, sell, and manage best-in-class technology solutions. Pioneering the future of modern business, Pax8 has cloud-enabled more than 400,000 enterprises through its channel partners and processes one million monthly transactions. Pax8’s award-winning technology enables managed service providers (MSPs) to accelerate growth, increase efficiency, and reduce risk so their businesses can thrive. The innovative company has ranked in the Inc. 5000 for five years in a row. Join the revolution at pax8.com. About Vade Vade is a global cybersecurity company that secures human collaboration with a combination of AI and human-powered detection and response. Vade’s products and solutions protect consumers, businesses, and organizations from email-borne cyberattacks, including malware/ransomware, spear phishing/business email compromise, and phishing. Vade is a fast-growing, channel-first company with a growing network of MSP and MSSP partners, as well as distribution agreements with leading distributors and aggregators in North America, EMEA, and Asia. Founded in 2009, Vade protects more than 1.4 billion corporate and consumer mailboxes and serves the ISP, SMB, and MSP markets with award-winning products and solutions that help increase cybersecurity and maximize IT efficiency. To learn more, please visit www.vadesecure.com.

Read More

Events