Home > Resources > Articles > Mitigating Risks with Social Media Security Best Practices

Mitigating Risks with Social Media Security Best Practices

Bineesh Mathew | September 27, 2021 | 598 views

Social Media Security Best Practices
Social media has become an integral part of business promotion, especially to build brand image and maintain brand reputation. Small businesses to large corporations are active on various social media platforms to interact with their target audience daily. Moreover, the onset of the Pandemic has compelled businesses to rely more on these platforms to connect with their world of customers. This has skyrocketed the amount of information businesses, and customers share on social media. As a result, social media security threats have increased. Hackers are looking for a chance to get into accounts, steal personal and business information, and use it for various gains.

Publically accessible social media information is vulnerable to cyber-attacks from cybercriminals. To communicate with customers directly, corporations today operate multiple social media channels. However, cybersecurity measures have to be ensured within the organizations while accessing the channels to increase security. The commonly used safety models, such as the Least-Privileged Administrative model, can be applied in organizations to ensure security. In addition, social media access to employees should be minimized.

Taking necessary steps to increase social media security in organizations will help in avoiding deliberate sabotage. However, taking no care in this matter may jeopardize your business, as your company's platforms will be vulnerable to malpractices and attacks by cybercriminals.

These factors make social media security vital than ever before. Let us look into some social media security threats and mitigate them through adequate cybersecurity best practices.

Social Media Security Threats

Third-party Apps

Even if you ensure a hundred percentages of security for your social media channels, hackers can quickly get into your account through vulnerable third-party apps. International Olympics Committee and FC Barcelona were victims of it. Twitter accounts of these organizations were hacked through vulnerabilities of connected third-party apps. You cannot foresee how dangerous the third-party apps you use are.

Malware

Cyber adversaries trick their targets into installing malware to systems and start to control and monitor it. This way, they get sensitive information.

Phishing Scams

Phishing scams can quickly get into your social media security walls. Phishing scams make employees of organizations hand over information to frauds unknowingly. These can be private information such as passwords, bank details, etc.

Unattended accounts

Organizations are likely to use some accounts for some time and ignore them after a while. Cyber hackers are targeting these accounts, as they know no one is watching them. Even without hacking, they can post fraudulent messages on those accounts. They use an imposter account for it. They even can send malicious links from these unattended accounts to your followers. Therefore, these unmonitored accounts are a huge threat to your social media security.

Social Media Security Tips

Above mentioned are some of the social media security threats that corporations face while handling social media pages to interact with tier customers. However, following a social media strategy with stringent social media security best practices can save your company from these frauds and criminals. Cybersecurity products are also available to secure your online activities and business.

Social Media Policy

All organizations should have an effective social media strategy with a social media security policy for employees, especially those handling the profiles. The guidelines in this policy will make your social media executives handle the accounts safely. Additionally, it will save you from various vulnerabilities that make criminals break into your social media security walls.

Social Media Security Audit

Due to the technology improving every second, new vulnerabilities, threats, and new hacking tactics emerge. In addition, criminals are also coming up with new viruses, strategies, and scams to hack social media accounts. Thus, it is always good to audit the social media security measures implemented in your company. The audit should be done often, such as quarterly or semi-quarterly. This will ensure that your social media security measures are strong enough to fight new-age hackers.

Strong Passwords

Strong passwords alone can fight any social media security breaches and cybersecurity threats. Therefore, you have to ensure that you have a strong password for each of your accounts. Your employees should be educated regarding what constitutes a strong password. In addition, it is a good practice to change your password often.

Two-factor Authentication

According to privacy advocate of Comparitech, Paul Bischoff, two-way authentication is the best way to keep all your social media accounts secure.

He says,

Whenever an employee logs in from a new device, they are required to input a PIN sent to the account owner via an app, SMS, or email. This not only protects you from stolen passwords but can ensure that whoever is in charge of the accounts is present when logging in on new devices.


Although some social media channels provide this facility, it is better to enable it for all your accounts with all the channels to ensure social media security.

Summing up

Social media is an integral part of business today. Companies need it to interact with customers to build brand image. However, social media security is a concern as technology is improving every second. Criminals are upgrading themselves with new tactics and techniques to hack accounts. Therefore, it is vital to follow and ensure stringent social media security best practices for your accounts to confirm your business's safety, avoiding going sensitive information to the wrong hands.

Frequently Asked Questions

Are social media channels safe for businesses?

Social media is an integral part of marketing today. Therefore, it has to be handled with utmost care and vigilance. It will harm your business if you do not adhere to essential social media security measures, as hackers can get into your accounts quickly.

What are some of the social media threats for businesses?

There are many social media threats for businesses. Some are unmonitored social media accounts, imposter accounts, vulnerable third-party apps, human error, and phishing attacks and scams.

Spotlight

VenusTech

Venustech has a state-level network security technology research and development center and a world-class security research and service team. It has applied for hundreds of technical patents and made many pioneering achievements in the industry: the world’s first IDS hardware product, China’s first distributed vulnerability scanning system, China’s first 10 Gigabit multi-core UTM platform, realization of significant breakthrough in 10 Gigabit UTM core technology and China’s first postdoctoral workstation for the enterprise's network security. To date, Venustech has dig out 74 common vulnerabilities and exposures in total, the highest record across Asia. Venustech was the first enterprise in China to join Microsoft MAPP program.

OTHER ARTICLES
Network Threat Detection, Platform Security, Software Security

Transformative Cybersecurity Detection Reshapes the Battle Against Constantly Evolving Cyber Threats

Article | July 18, 2023

Embrace cybersecurity as transformative detection techniques to revolutionize the fight against ever-changing cyber threats. In an interconnected world, cybersecurity poses a growing threat to businesses, capable of wreaking havoc on their operations, reputations, and financial standings. Cyber threats have reached alarming levels, affecting every industry. Successful attacks can lead to data theft, financial losses, reputational damage, and business disruption. These sophisticated attacks exploit vulnerabilities in digital infrastructure. Yet, the challenge of cybersecurity extends beyond the mere presence of threats. It lies in the relentless evolution and adaptability of these malevolent forces. Traditional security measures, once considered sufficient, are now rendered ineffective against their cunning tactics. The landscape of cybercrime is a perpetually shifting entity, leaving organizations in a constant state of vulnerability. At the onset of the COVID-19 pandemic, organizations witnessed a significant surge in cyber threats or alerts, with 61% reporting a substantial increase of 25% or more. With users accessing cloud applications and corporate networks remotely, hackers actively sought to exploit potential security gaps. Protecting Businesses: The Importance of Cybersecurity Detection Early threat detection is a fundamental aspect of effective cybersecurity. By closely monitoring network traffic, system logs, and user behavior, businesses can swiftly detect suspicious activities that may signal an ongoing or imminent cyber-attack. Such proactive detection enables organizations to respond promptly, mitigating potential financial losses from data breaches, system downtime, regulatory fines, legal battles, and reputational damage. For businesses entrusted with sensitive customer data, cybersecurity detection plays a vital role in maintaining trust and complying with data protection regulations. By monitoring data access, identifying unauthorized activities, and promptly detecting breaches or data exfiltration attempts, organizations can safeguard customer information and avoid legal complications. Moreover, cybersecurity detection protects a company's intellectual property, ensuring the integrity of trade secrets, proprietary algorithms, and other confidential information. By effectively identifying and preventing unauthorized access or theft attempts, businesses can maintain their competitive advantage. Compliance with industry regulations is an essential consideration for businesses. Cybersecurity detection helps companies demonstrate proactive measures in detecting security incidents and potential data breaches, ensuring adherence to data security and privacy requirements and avoiding penalties, legal liabilities, and reputational damage associated with non-compliance. Furthermore, effective cybersecurity detection enhances reputational trust. Businesses that invest in robust detection measures are committed to safeguarding sensitive information, thus fostering trust among customers, partners, and stakeholders. Guard Against Cyber Threats with onShore Security’s Panoptic Cyberdefense Panoptic Cyberdefense by onShore Security is a Managed Cybersecurity Detection solution that recognizes security as an ongoing process, not just a mere product. For effective cybersecurity operations, round-the-clock monitoring is required using Security Operations Center (SOC) offered by onShore’s cyberdefence solution. To maximize visibility, businesses need to immediately respond to security threats while also requiring to identify non-threatening data. Leveraging Panoptic Cyberdefense helps streamline identifying, monitoring, and detecting cyber threats. During a conversation with Media 7, Stel Valavanis, CEO, onShore Security highlighted the impact of cyber threats and talked about cybersecurity detection solutions. We have developed our detection platform, the Panoptic Sensor and the Panoptic SIEM over many battle-hardened years. And the process is well-oiled, as you can imagine, involving tiers and workflow communication for alerting, analysis, tuning, and threat-hunting. As cyber threats evolve in complexity and frequency, businesses must remain vigilant in safeguarding their digital assets. onShore Security's Panoptic Cyberdefense offers a comprehensive suite of solutions, including Panoptic Sensor and the Panoptic SIEM, to help organizations mitigate risk, protect sensitive data, elevate their security team, and meet compliance requirements. Through Panoptic Sensor, organizations gain proactive threat intelligence, enabling the early detection and prevention of potential security breaches. Complementing this, the Panoptic SIEM provides powerful analytics and monitoring capabilities, empowering businesses to swiftly identify, investigate, and respond to security incidents. To navigate complex data protection and privacy regulations, minimizing the risk of non-compliance penalties and legal ramifications is needed. Panoptic Cyberdefense offers three levels of cybersecurity detection. The levels of detection, response and analysis include managed detection and response (MDR), second level has both network detection response (NDR) + MDR, and the third level is security orchestration. Harness the Power of Detection By integrating detection capabilities into every layer of protection systems, including user involvement, businesses can establish a formidable defense against cyber threats. Consolidating data from various sources into a centralized platform for analysis becomes essential. Implementing a managed detection and response process enables continuous analysis of this data, empowering early detection of potential attackers and facilitating ongoing security enhancements. Collaborating with government and industry partners can further demonstrate a commitment to high-security standards and compliance requirements. Remaining prepared for potential attacks is crucial. In the event of an incident, prompt response becomes paramount. Equipped with comprehensive data providing attestation of methods and impact, organizations can swiftly and effectively address any cybersecurity breaches.

Read More
Network Threat Detection, Platform Security, Software Security

Identity-Based Authentication Sets New Industry Standards for Secure and Streamlined User Onboarding

Article | June 28, 2023

Embrace the transformative power of identity-based authentication to establish new industry standards for safe and seamless user onboarding processes, enhancing security, workflows & user experience. The increasing adoption of decentralized identity systems, including blockchain-based solutions, introduces intricate challenges in the verification and authorization of identities across distributed networks. During interoperability, the threat to privacy and security within these systems is emerging at an alarming rate that requires urgent attention. Additionally, combating synthetic identity fraud poses a significant hurdle as fraudsters adeptly combine genuine and false information, making it arduous to differentiate between authentic and fraudulent identities. Deepfakes are the rising concern, which generate remarkably realistic audio, video, or images, mimicking genuine individuals and heightening the difficulty of detecting and preventing impersonation attacks. Password fatigue stems from the constant need to create and remember multiple passwords, leading users to choose weak or reused ones. Reusing passwords increases the risk, as compromising one account grants access to others. Password theft is a concern, with attackers employing phishing attacks and malware. A study by Google found that passwordless authentication can reduce password-related help desk tickets by up to 60%. (Source: PYMNTS) Complex password requirements can be challenging, pushing users towards weaker options. Password resets are time-consuming and frustrating. Solutions should alleviate fatigue, promote secure practices, and offer robust protection against theft and unauthorized access. All service providers or product companies confront a common challenge in this novel era of vulnerabilities, the question of creating an optimal and seamless user onboarding cycle while adhering to the necessary standards. This keeps them up at night as they attempt to find the optimal balance between seamless and secured-data onboarding. In this digital age, identity-secure data is the most valuable asset and a transformative resource. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. These are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks. These hazards may result in security breaches and sensitive data loss. Additionally, password management becomes burdensome for users, resulting in password fatigue, weak practices, and IT department involvement for password resets. This impacts user experience and productivity. Identity-Based Authentication (IBA) comes into action while implementing this secure identity verification. To ensure widespread adoption of IBA, the industry must standardize two crucial aspects of identity: ‘Identification Verification’ and ‘Passwordless Authentication’. Automating identity verification fundamentally transforms the onboarding work processes by shifting administrative burden to user endpoints and automating data capture, credential validation, and document workflow. This leads to increased user satisfaction and faster access to required services, driving efficiency and reducing the time to generate revenue for customers. BlockID Verify by 1Kosmos prevents such fraudulent accounts through an identity proofing process that verifies identity anywhere, anytime, and on any device with over 99% accuracy, thereby preventing the use of stolen or synthetic identities during customer onboarding. During a conversation with Media 7, Michael Cichon, CMO, 1Kosmos stressed on the implementation of identity proofing and authorization. At 1Kosmos we bring our solutions to the market through three distinct products. One product focuses on workforce authentication, another caters to business-to-consumer use cases, and the third product revolves around self-service identity proofing. These give organizations the ability to remotely verify an identity on the web with a high level of assurance, and then verify that identity at every access attempt. Onboarding users with security and data protection is a critical activity. It is a one-time action that must be combined with an authentication mechanism for long-term identity to be genuinely effective. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. While these are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks, these hazards can result in security breaches and sensitive data loss. A recent report by Verizon demonstrated that 61% of all data breaches are caused by compromised credentials. (Source: 1Kosmos) The catch that robust identity verification alone does not guarantee future authentication, calls for FIDO (Fast Identity Online). It is backed by an industry-leading organization 1Kosmos, which provides solutions for Identity Based Authentication. FIDO uses cryptography in the form of a public and private key to authenticate a user. With FIDO2 authentication, employees can authenticate into corporate systems and applications using their personal devices. This eliminates the need for conventional passwords and reduces the likelihood of security vulnerabilities resulting due to password-related attacks. With FIDO2, the user's keys are stored on their devices and not the service provider's server and thus proves to be less vulnerable to identity theft and phishing attempts. This is where the password to cryptographic passkeys adoption comes into picture. BlockID Workforce by 1Kosmos implements password-less authentication using FIDO, and has thus become a necessity, adopting self-service identity verification serving as a credential service provider. The ‘Identity Proofing’ together with ‘Passwordless Authentication’ results in a seamless user experience addressing credential theft, eliminating unauthorized users logging in corporate IT network and thus preventing data breaches, financial fraud, and ransomware.

Read More
Data Security, InfoSec Project Management

Urgent Redefinition of Data Loss Prevention to Address Increasing Global Data Threats

Article | July 13, 2023

Discover the significance of data protection in today's vulnerable world. Gain insights into the far-reaching impacts of data loss and the importance of proactive data security practices for businesses. Understanding Data Protection’s Significance in an Ever-Vulnerable World In today's highly competitive business landscape, organizations must recognize the immense value of their data resources and prioritize implementing robust data protection measures. Safeguarding data from external threats and internal vulnerabilities is paramount to ensuring businesses' smooth and secure operations. In an era of increasingly complex IT environments, data protection becomes an increasingly challenging endeavor, necessitating organizations to maintain a vigilant stance in safeguarding their critical information. According to Ponemon Institute statistics, 77% of companies are woefully ill-prepared and planned when it comes to thwarting an attack or a data breach. Protecting sensitive data, such as intellectual property, personally identifiable information, and financial records, poses a significant challenge for organizations. The modern workplace, characterized by extensive data collaboration across networks, devices, and applications, further amplifies the risk of data security incidents. Furthermore, limited resources often hinder organizations from keeping pace with the ever-growing array of data security risks. However, as data volumes continue to expand, the escalating concerns surrounding data protection highlight the severe consequences organizations face in terms of financial loss, reputational damage, and legal repercussions resulting from data breaches. To mitigate these risks, they must adopt a proactive approach to data protection. This encompasses the implementation of robust security protocols, using encryption technologies, conducting regular security audits, and providing ongoing employee training on data security best practices. This proactive approach enables businesses to operate with greater confidence, trust, and resilience. It is important to note that organizations must view data protection as an essential aspect of their overall business strategy and continually adapt and improve their data security practices. Only by protecting their data can organizations maintain a competitive edge, preserve customer trust, and uphold their reputation as reliable and secure entities in the marketplace. The Far-Reaching Impacts of Data Loss Data protection is a critical concern that applies to organizations of all sizes, and falling into the trap of thinking it only affects large enterprises can have devastating consequences. In fact, small businesses are often targeted by data theft attempts, as they may have fewer resources and can be more susceptible to attacks. Failing to keep up with data security measures and strategies results in severe repercussions for businesses. It damages their reputation, increase operational downtime, leave sensitive data unprotected, and even attract legal action. With organizations increasingly relying on cloud and online transactions, cyber threats now pose a significant risk to data integrity. Data breaches can lead to the theft of valuable information, which can be sold to other parties or used for fraudulent activities. The financial impact of these breaches and losses is substantial. When a company fails to protect its sensitive information and allows data breaches to occur, it not only incurs financial losses but also experiences a significant blow to its reputation. Dissatisfied customers may take their business elsewhere, resulting in decreased revenue. Communicating a data loss incident to customers, while essential, can also erode trust and lead to discontentment. This can further drive customer churn and harm the business's overall reputation, especially if customer data is compromised. Rebuilding customer relationships in the aftermath of a data loss incident requires significant time and resources, as the consequences can persist for years. Data Loss Prevention: An Essential Ingredient Data loss prevention (DLP) is an integral part of a comprehensive data protection strategy, aiming to prevent unauthorized access, use, or disclosure of sensitive data. A well-implemented DLP system can help organizations proactively safeguard their data, mitigate risks, and avoid the aftermath of data loss incidents. As Alexey Raevsky, CEO, Zecurion rightly stated in an interview with Media7, If any organization has a mature DLP in place, there is no need of combating the aftermath of data loss. A robust DLP system comprises advanced security protocols, encryption technologies, and continuous monitoring mechanisms. These components work together to identify vulnerabilities, prevent data breaches, and address potential threats. The other key advantage of an effective DLP system is establishing and enforcing stringent access controls. This ensures that only authorized individuals can access and manipulate sensitive data, reducing the risk of data breaches caused by internal or external factors. Encryption technologies employed by DLP systems further enhance data protection by securing data at rest and in transit, making it challenging for malicious actors to compromise sensitive information. Navigating Data Protection World with Enterprise DLP ‘Zecurion’ An enterprise DLP system offers a comprehensive solution designed to address organizations' complex data landscapes and security challenges. It provides centralized control and visibility over data across multiple systems, networks, and endpoints within the enterprise. Organizations can effectively manage and protect data throughout its lifecycle, regardless of location or format, by implementing a unified DLP framework. This is where Zecurion becomes essential. It is a next-gen DLP provider that specializes in researching, investigating, and monitoring activities to prevent data loss incidents. Its DLP solution offers various features to enhance data protection and incident response: User Behavior Analytics (UBA) with fast risk-based assessment: This feature provides visibility into employee activities and evaluates them based on parameters such as risk, productivity, policies, and emotional state. The Security Officer can closely monitor high-risk employees while allowing low-risk ones to operate with fewer limitations. Screen Photo Detector: This feature detects attempts to photograph a screen using a smartphone by utilizing webcams. It employs two neural networks to ensure reliable smartphone detection and quickly identifies cybersecurity incidents in a fraction of a second. Investigation Workflow Automation: This module simplifies investigations and streamlines the incident response cycle. It provides a comprehensive view of ongoing tasks, including their statuses, relevant data, assigned personnel, and deadlines. Cybersecurity team members can collaborate, leave comments, discuss progress, and attach supporting documents and incidents for efficient and effective incident resolution. Stand Out from Completion with the Next-Gen DLP Zecurion stands out from its competitors due to its ease of implementation and successful use cases demonstrating its instrumental value. One notable example is its pivotal role in a recent forensic investigation conducted for an oil refinery. The investigation uncovered fraudulent activities by intermediaries selling the refinery's products at inflated prices. Zecurion's DLP solution played a critical role in identifying the involvement of a group of managers, including a C-level executive, who had gone to the extent of forging documents to conceal their actions. A financial and legal audit conducted with the help of Zecurion revealed that the fraudsters' actions had resulted in a loss of over $25 million for the organization. The DLP solution proved invaluable in enabling the refinery to take legal action against the perpetrators and terminate the employment of the three key individuals involved in the scam. The success of Zecurion's DLP solution in this particular use case further establishes its reputation as a trusted and effective solution for safeguarding organizations against data loss and fraudulent behavior. Privacy and Protection: Balance is Crucial It is important to note that while organizations must prioritize data security, balancing security measures and respecting employee privacy and autonomy is equally important. While a robust data security framework is essential and ensures that sensitive information is adequately protected, employees must feel that their personal information is handled with care and that their privacy is respected. This can be achieved through clear and transparent data usage policies, consent-based data collection practices, and strict adherence to data protection regulations. Organizations can create a culture of trust and accountability by establishing these guidelines and practices, instilling confidence among employees that their privacy is valued and protected. Additionally, organizations can foster a culture of data security awareness and education among employees. Regular training and updates on data security best practices can turn employees into proactive participants in maintaining a secure work environment. This not only enhances data security but also cultivates a sense of shared responsibility and accountability among employees. When employees feel that their privacy is respected and they are given the autonomy to perform their duties effectively, they are more likely to adhere to data security protocols and actively contribute to the organization's overall security posture.

Read More
Network Threat Detection

Software Supply Chain Attacks: How Can Code Signing Help?

Article | July 12, 2023

Software supply chain attacks, such as the recent one involving MOVEit Transfer, are a serious issue for modern enterprises. Their dependency on third-party software makes it difficult to successfully vet the security integrity of every product used by enterprises. Software is especially difficult to assess securely, as it can be modified through updates throughout its lifecycle. For threat actors, targeting popular enterprise software tools is a lucrative and time-efficient way to gain access to the systems of a large number of corporate users. Verifying the integrity of software, and using attestation services, is one way to minimize the threat surface. So how can these concepts be leveraged in software? Software integrity (also known as code integrity) refers to the quality of the source code and allows the determination of the safety, security, and reliability of the software. It can mean that the code is unaltered by unauthorized parties, or it can also provide protection against hacks and guarantee privacy. Integrity checking can be relatively complex, but includes, at a minimum (from a security perspective), security features and ensures that security vulnerabilities have been eliminated. It does what it should, can be tested, and is easy to understand and edit, without introducing new errors or flaws. There are code analysis tools that can enable this. Beyond that, the code can be signed through the application of a digital signature to seal that integrity check. This can happen several times during the lifetime of that software: at production, for upgrades and patching, etc. This provides assurance that the software came from the developer and that it has not been changed in an unauthorized manner. This proof of authenticity becomes important in supply chain scenarios, and can be an important tool for brand protection of the developers. Code signing makes use of digital certificates; the signature is cryptographically hashed and packaged in a certificate. This certificate can then be verified by the user of the software through a Public Key Infrastructure (PKI), with a certificate authority validating (or refuting) the applied signature. There are various types of code signing certificates: standard and extended. The latter involves a more complex process and stricter requirements for validation and key management. Software attestation is essentially the other side of that process. It’s a trust mechanism that allows the user to independently validate the integrity asserted by a provider. Attestation might require not just the vendors name, version of the software, and origins of the code, but also other software artifacts, such as statements to the effect that they have followed secure development practices, information on external dependencies used to build it, the build process itself, the test suites that were run, and any security checks passed. Together, these artifacts form the metadata of the software, which then can be independently signed. A PKI can then be leveraged to verify the applied digital signature. There are software attestation standards that can be leveraged, including open ones (in-tot and Binary Authorization being two popular ones). The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is working on a self-attestation form (Secure Software Development Attestation Common Form) for software producers serving the federal government. The form will require them to confirm implementation of specific security practices. This was following the White House’s 2021 Executive Order 14028 and the Office of Management and Budget’s (OMB) M-22-18, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices.” Digital signatures for code integrity and software attestation will increasingly be in demand, especially as governments on both sides of the Atlantic (in the European Union and the United States) are pushing for policy and regulation on mandatory Software Bills of Materials (SBOMs). The goal is to make software developers and device manufacturers accountable for the components that make up their products. An SBOM will have to list known vulnerabilities associated with each component (open source and third party), pushing security rights to the forefront of product development. This visibility will allow for product development teams, DevOps, and implementers to address vulnerabilities and thereby strengthen security. SBOMs will likely form part of the software’s metadata, so signing will have a role to play here. In short, code signing and software attestation can both confer a level of security that can minimize the threat of a supply chain attack. It’s important to keep in mind, however, that they won’t address all issues, and will not be 100% fool-proof either. Of course, threat actors know this, and many are already targeting the code signing process in order to inject malicious code. This requires threat actors to compromise development platforms where code signing takes place. Ultimately, the use of digital signatures, from creation to management, is another aspect that will need to be secured from a developer perspective. DevSecOps will also have an important role to play here in order to avoid such malicious tactics, thereby providing a holistic security context for using digital signatures. But there is no doubt that digital signatures are a key technology for code integrity and software attestation, and will have a positive impact on thwarting the progress of supply chain attacks, if used widely. Sources: CISA WH EO 14028 OMB

Read More
Network Threat Detection, Platform Security, Software Security

The Elite 10: Unveiling Top Network Security Solutions in 2023

Article | July 18, 2023

Embrace cybersecurity as transformative detection techniques to revolutionize the fight against ever-changing cyber threats. In an interconnected world, cybersecurity poses a growing threat to businesses, capable of wreaking havoc on their operations, reputations, and financial standings. Cyber threats have reached alarming levels, affecting every industry. Successful attacks can lead to data theft, financial losses, reputational damage, and business disruption. These sophisticated attacks exploit vulnerabilities in digital infrastructure. Yet, the challenge of cybersecurity extends beyond the mere presence of threats. It lies in the relentless evolution and adaptability of these malevolent forces. Traditional security measures, once considered sufficient, are now rendered ineffective against their cunning tactics. The landscape of cybercrime is a perpetually shifting entity, leaving organizations in a constant state of vulnerability. At the onset of the COVID-19 pandemic, organizations witnessed a significant surge in cyber threats or alerts, with 61% reporting a substantial increase of 25% or more. With users accessing cloud applications and corporate networks remotely, hackers actively sought to exploit potential security gaps. Protecting Businesses: The Importance of Cybersecurity Detection Early threat detection is a fundamental aspect of effective cybersecurity. By closely monitoring network traffic, system logs, and user behavior, businesses can swiftly detect suspicious activities that may signal an ongoing or imminent cyber-attack. Such proactive detection enables organizations to respond promptly, mitigating potential financial losses from data breaches, system downtime, regulatory fines, legal battles, and reputational damage. For businesses entrusted with sensitive customer data, cybersecurity detection plays a vital role in maintaining trust and complying with data protection regulations. By monitoring data access, identifying unauthorized activities, and promptly detecting breaches or data exfiltration attempts, organizations can safeguard customer information and avoid legal complications. Moreover, cybersecurity detection protects a company's intellectual property, ensuring the integrity of trade secrets, proprietary algorithms, and other confidential information. By effectively identifying and preventing unauthorized access or theft attempts, businesses can maintain their competitive advantage. Compliance with industry regulations is an essential consideration for businesses. Cybersecurity detection helps companies demonstrate proactive measures in detecting security incidents and potential data breaches, ensuring adherence to data security and privacy requirements and avoiding penalties, legal liabilities, and reputational damage associated with non-compliance. Furthermore, effective cybersecurity detection enhances reputational trust. Businesses that invest in robust detection measures are committed to safeguarding sensitive information, thus fostering trust among customers, partners, and stakeholders. Guard Against Cyber Threats with onShore Security’s Panoptic Cyberdefense Panoptic Cyberdefense by onShore Security is a Managed Cybersecurity Detection solution that recognizes security as an ongoing process, not just a mere product. For effective cybersecurity operations, round-the-clock monitoring is required using Security Operations Center (SOC) offered by onShore’s cyberdefence solution. To maximize visibility, businesses need to immediately respond to security threats while also requiring to identify non-threatening data. Leveraging Panoptic Cyberdefense helps streamline identifying, monitoring, and detecting cyber threats. During a conversation with Media 7, Stel Valavanis, CEO, onShore Security highlighted the impact of cyber threats and talked about cybersecurity detection solutions. We have developed our detection platform, the Panoptic Sensor and the Panoptic SIEM over many battle-hardened years. And the process is well-oiled, as you can imagine, involving tiers and workflow communication for alerting, analysis, tuning, and threat-hunting. As cyber threats evolve in complexity and frequency, businesses must remain vigilant in safeguarding their digital assets. onShore Security's Panoptic Cyberdefense offers a comprehensive suite of solutions, including Panoptic Sensor and the Panoptic SIEM, to help organizations mitigate risk, protect sensitive data, elevate their security team, and meet compliance requirements. Through Panoptic Sensor, organizations gain proactive threat intelligence, enabling the early detection and prevention of potential security breaches. Complementing this, the Panoptic SIEM provides powerful analytics and monitoring capabilities, empowering businesses to swiftly identify, investigate, and respond to security incidents. To navigate complex data protection and privacy regulations, minimizing the risk of non-compliance penalties and legal ramifications is needed. Panoptic Cyberdefense offers three levels of cybersecurity detection. The levels of detection, response and analysis include managed detection and response (MDR), second level has both network detection response (NDR) + MDR, and the third level is security orchestration. Harness the Power of Detection By integrating detection capabilities into every layer of protection systems, including user involvement, businesses can establish a formidable defense against cyber threats. Consolidating data from various sources into a centralized platform for analysis becomes essential. Implementing a managed detection and response process enables continuous analysis of this data, empowering early detection of potential attackers and facilitating ongoing security enhancements. Collaborating with government and industry partners can further demonstrate a commitment to high-security standards and compliance requirements. Remaining prepared for potential attacks is crucial. In the event of an incident, prompt response becomes paramount. Equipped with comprehensive data providing attestation of methods and impact, organizations can swiftly and effectively address any cybersecurity breaches.

Read More
Network Threat Detection, Platform Security, Software Security

Digital Defense 2023: Top Network Security Trends for Businesses

Article | June 28, 2023

Embrace the transformative power of identity-based authentication to establish new industry standards for safe and seamless user onboarding processes, enhancing security, workflows & user experience. The increasing adoption of decentralized identity systems, including blockchain-based solutions, introduces intricate challenges in the verification and authorization of identities across distributed networks. During interoperability, the threat to privacy and security within these systems is emerging at an alarming rate that requires urgent attention. Additionally, combating synthetic identity fraud poses a significant hurdle as fraudsters adeptly combine genuine and false information, making it arduous to differentiate between authentic and fraudulent identities. Deepfakes are the rising concern, which generate remarkably realistic audio, video, or images, mimicking genuine individuals and heightening the difficulty of detecting and preventing impersonation attacks. Password fatigue stems from the constant need to create and remember multiple passwords, leading users to choose weak or reused ones. Reusing passwords increases the risk, as compromising one account grants access to others. Password theft is a concern, with attackers employing phishing attacks and malware. A study by Google found that passwordless authentication can reduce password-related help desk tickets by up to 60%. (Source: PYMNTS) Complex password requirements can be challenging, pushing users towards weaker options. Password resets are time-consuming and frustrating. Solutions should alleviate fatigue, promote secure practices, and offer robust protection against theft and unauthorized access. All service providers or product companies confront a common challenge in this novel era of vulnerabilities, the question of creating an optimal and seamless user onboarding cycle while adhering to the necessary standards. This keeps them up at night as they attempt to find the optimal balance between seamless and secured-data onboarding. In this digital age, identity-secure data is the most valuable asset and a transformative resource. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. These are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks. These hazards may result in security breaches and sensitive data loss. Additionally, password management becomes burdensome for users, resulting in password fatigue, weak practices, and IT department involvement for password resets. This impacts user experience and productivity. Identity-Based Authentication (IBA) comes into action while implementing this secure identity verification. To ensure widespread adoption of IBA, the industry must standardize two crucial aspects of identity: ‘Identification Verification’ and ‘Passwordless Authentication’. Automating identity verification fundamentally transforms the onboarding work processes by shifting administrative burden to user endpoints and automating data capture, credential validation, and document workflow. This leads to increased user satisfaction and faster access to required services, driving efficiency and reducing the time to generate revenue for customers. BlockID Verify by 1Kosmos prevents such fraudulent accounts through an identity proofing process that verifies identity anywhere, anytime, and on any device with over 99% accuracy, thereby preventing the use of stolen or synthetic identities during customer onboarding. During a conversation with Media 7, Michael Cichon, CMO, 1Kosmos stressed on the implementation of identity proofing and authorization. At 1Kosmos we bring our solutions to the market through three distinct products. One product focuses on workforce authentication, another caters to business-to-consumer use cases, and the third product revolves around self-service identity proofing. These give organizations the ability to remotely verify an identity on the web with a high level of assurance, and then verify that identity at every access attempt. Onboarding users with security and data protection is a critical activity. It is a one-time action that must be combined with an authentication mechanism for long-term identity to be genuinely effective. Organizations with data stored in cloud storage and password-based authentication systems are vulnerable to cybercrime. While these are susceptible to numerous security threats, including phishing, social engineering, and brute-force attacks, these hazards can result in security breaches and sensitive data loss. A recent report by Verizon demonstrated that 61% of all data breaches are caused by compromised credentials. (Source: 1Kosmos) The catch that robust identity verification alone does not guarantee future authentication, calls for FIDO (Fast Identity Online). It is backed by an industry-leading organization 1Kosmos, which provides solutions for Identity Based Authentication. FIDO uses cryptography in the form of a public and private key to authenticate a user. With FIDO2 authentication, employees can authenticate into corporate systems and applications using their personal devices. This eliminates the need for conventional passwords and reduces the likelihood of security vulnerabilities resulting due to password-related attacks. With FIDO2, the user's keys are stored on their devices and not the service provider's server and thus proves to be less vulnerable to identity theft and phishing attempts. This is where the password to cryptographic passkeys adoption comes into picture. BlockID Workforce by 1Kosmos implements password-less authentication using FIDO, and has thus become a necessity, adopting self-service identity verification serving as a credential service provider. The ‘Identity Proofing’ together with ‘Passwordless Authentication’ results in a seamless user experience addressing credential theft, eliminating unauthorized users logging in corporate IT network and thus preventing data breaches, financial fraud, and ransomware.

Read More
Data Security, InfoSec Project Management

Identity-Based Authentication Sets New Industry Standards for Secure and Streamlined User Onboarding

Article | July 13, 2023

Discover the significance of data protection in today's vulnerable world. Gain insights into the far-reaching impacts of data loss and the importance of proactive data security practices for businesses. Understanding Data Protection’s Significance in an Ever-Vulnerable World In today's highly competitive business landscape, organizations must recognize the immense value of their data resources and prioritize implementing robust data protection measures. Safeguarding data from external threats and internal vulnerabilities is paramount to ensuring businesses' smooth and secure operations. In an era of increasingly complex IT environments, data protection becomes an increasingly challenging endeavor, necessitating organizations to maintain a vigilant stance in safeguarding their critical information. According to Ponemon Institute statistics, 77% of companies are woefully ill-prepared and planned when it comes to thwarting an attack or a data breach. Protecting sensitive data, such as intellectual property, personally identifiable information, and financial records, poses a significant challenge for organizations. The modern workplace, characterized by extensive data collaboration across networks, devices, and applications, further amplifies the risk of data security incidents. Furthermore, limited resources often hinder organizations from keeping pace with the ever-growing array of data security risks. However, as data volumes continue to expand, the escalating concerns surrounding data protection highlight the severe consequences organizations face in terms of financial loss, reputational damage, and legal repercussions resulting from data breaches. To mitigate these risks, they must adopt a proactive approach to data protection. This encompasses the implementation of robust security protocols, using encryption technologies, conducting regular security audits, and providing ongoing employee training on data security best practices. This proactive approach enables businesses to operate with greater confidence, trust, and resilience. It is important to note that organizations must view data protection as an essential aspect of their overall business strategy and continually adapt and improve their data security practices. Only by protecting their data can organizations maintain a competitive edge, preserve customer trust, and uphold their reputation as reliable and secure entities in the marketplace. The Far-Reaching Impacts of Data Loss Data protection is a critical concern that applies to organizations of all sizes, and falling into the trap of thinking it only affects large enterprises can have devastating consequences. In fact, small businesses are often targeted by data theft attempts, as they may have fewer resources and can be more susceptible to attacks. Failing to keep up with data security measures and strategies results in severe repercussions for businesses. It damages their reputation, increase operational downtime, leave sensitive data unprotected, and even attract legal action. With organizations increasingly relying on cloud and online transactions, cyber threats now pose a significant risk to data integrity. Data breaches can lead to the theft of valuable information, which can be sold to other parties or used for fraudulent activities. The financial impact of these breaches and losses is substantial. When a company fails to protect its sensitive information and allows data breaches to occur, it not only incurs financial losses but also experiences a significant blow to its reputation. Dissatisfied customers may take their business elsewhere, resulting in decreased revenue. Communicating a data loss incident to customers, while essential, can also erode trust and lead to discontentment. This can further drive customer churn and harm the business's overall reputation, especially if customer data is compromised. Rebuilding customer relationships in the aftermath of a data loss incident requires significant time and resources, as the consequences can persist for years. Data Loss Prevention: An Essential Ingredient Data loss prevention (DLP) is an integral part of a comprehensive data protection strategy, aiming to prevent unauthorized access, use, or disclosure of sensitive data. A well-implemented DLP system can help organizations proactively safeguard their data, mitigate risks, and avoid the aftermath of data loss incidents. As Alexey Raevsky, CEO, Zecurion rightly stated in an interview with Media7, If any organization has a mature DLP in place, there is no need of combating the aftermath of data loss. A robust DLP system comprises advanced security protocols, encryption technologies, and continuous monitoring mechanisms. These components work together to identify vulnerabilities, prevent data breaches, and address potential threats. The other key advantage of an effective DLP system is establishing and enforcing stringent access controls. This ensures that only authorized individuals can access and manipulate sensitive data, reducing the risk of data breaches caused by internal or external factors. Encryption technologies employed by DLP systems further enhance data protection by securing data at rest and in transit, making it challenging for malicious actors to compromise sensitive information. Navigating Data Protection World with Enterprise DLP ‘Zecurion’ An enterprise DLP system offers a comprehensive solution designed to address organizations' complex data landscapes and security challenges. It provides centralized control and visibility over data across multiple systems, networks, and endpoints within the enterprise. Organizations can effectively manage and protect data throughout its lifecycle, regardless of location or format, by implementing a unified DLP framework. This is where Zecurion becomes essential. It is a next-gen DLP provider that specializes in researching, investigating, and monitoring activities to prevent data loss incidents. Its DLP solution offers various features to enhance data protection and incident response: User Behavior Analytics (UBA) with fast risk-based assessment: This feature provides visibility into employee activities and evaluates them based on parameters such as risk, productivity, policies, and emotional state. The Security Officer can closely monitor high-risk employees while allowing low-risk ones to operate with fewer limitations. Screen Photo Detector: This feature detects attempts to photograph a screen using a smartphone by utilizing webcams. It employs two neural networks to ensure reliable smartphone detection and quickly identifies cybersecurity incidents in a fraction of a second. Investigation Workflow Automation: This module simplifies investigations and streamlines the incident response cycle. It provides a comprehensive view of ongoing tasks, including their statuses, relevant data, assigned personnel, and deadlines. Cybersecurity team members can collaborate, leave comments, discuss progress, and attach supporting documents and incidents for efficient and effective incident resolution. Stand Out from Completion with the Next-Gen DLP Zecurion stands out from its competitors due to its ease of implementation and successful use cases demonstrating its instrumental value. One notable example is its pivotal role in a recent forensic investigation conducted for an oil refinery. The investigation uncovered fraudulent activities by intermediaries selling the refinery's products at inflated prices. Zecurion's DLP solution played a critical role in identifying the involvement of a group of managers, including a C-level executive, who had gone to the extent of forging documents to conceal their actions. A financial and legal audit conducted with the help of Zecurion revealed that the fraudsters' actions had resulted in a loss of over $25 million for the organization. The DLP solution proved invaluable in enabling the refinery to take legal action against the perpetrators and terminate the employment of the three key individuals involved in the scam. The success of Zecurion's DLP solution in this particular use case further establishes its reputation as a trusted and effective solution for safeguarding organizations against data loss and fraudulent behavior. Privacy and Protection: Balance is Crucial It is important to note that while organizations must prioritize data security, balancing security measures and respecting employee privacy and autonomy is equally important. While a robust data security framework is essential and ensures that sensitive information is adequately protected, employees must feel that their personal information is handled with care and that their privacy is respected. This can be achieved through clear and transparent data usage policies, consent-based data collection practices, and strict adherence to data protection regulations. Organizations can create a culture of trust and accountability by establishing these guidelines and practices, instilling confidence among employees that their privacy is valued and protected. Additionally, organizations can foster a culture of data security awareness and education among employees. Regular training and updates on data security best practices can turn employees into proactive participants in maintaining a secure work environment. This not only enhances data security but also cultivates a sense of shared responsibility and accountability among employees. When employees feel that their privacy is respected and they are given the autonomy to perform their duties effectively, they are more likely to adhere to data security protocols and actively contribute to the organization's overall security posture.

Read More
Network Threat Detection

Software Supply Chain Attacks: How Can Code Signing Help?

Article | July 12, 2023

Software supply chain attacks, such as the recent one involving MOVEit Transfer, are a serious issue for modern enterprises. Their dependency on third-party software makes it difficult to successfully vet the security integrity of every product used by enterprises. Software is especially difficult to assess securely, as it can be modified through updates throughout its lifecycle. For threat actors, targeting popular enterprise software tools is a lucrative and time-efficient way to gain access to the systems of a large number of corporate users. Verifying the integrity of software, and using attestation services, is one way to minimize the threat surface. So how can these concepts be leveraged in software? Software integrity (also known as code integrity) refers to the quality of the source code and allows the determination of the safety, security, and reliability of the software. It can mean that the code is unaltered by unauthorized parties, or it can also provide protection against hacks and guarantee privacy. Integrity checking can be relatively complex, but includes, at a minimum (from a security perspective), security features and ensures that security vulnerabilities have been eliminated. It does what it should, can be tested, and is easy to understand and edit, without introducing new errors or flaws. There are code analysis tools that can enable this. Beyond that, the code can be signed through the application of a digital signature to seal that integrity check. This can happen several times during the lifetime of that software: at production, for upgrades and patching, etc. This provides assurance that the software came from the developer and that it has not been changed in an unauthorized manner. This proof of authenticity becomes important in supply chain scenarios, and can be an important tool for brand protection of the developers. Code signing makes use of digital certificates; the signature is cryptographically hashed and packaged in a certificate. This certificate can then be verified by the user of the software through a Public Key Infrastructure (PKI), with a certificate authority validating (or refuting) the applied signature. There are various types of code signing certificates: standard and extended. The latter involves a more complex process and stricter requirements for validation and key management. Software attestation is essentially the other side of that process. It’s a trust mechanism that allows the user to independently validate the integrity asserted by a provider. Attestation might require not just the vendors name, version of the software, and origins of the code, but also other software artifacts, such as statements to the effect that they have followed secure development practices, information on external dependencies used to build it, the build process itself, the test suites that were run, and any security checks passed. Together, these artifacts form the metadata of the software, which then can be independently signed. A PKI can then be leveraged to verify the applied digital signature. There are software attestation standards that can be leveraged, including open ones (in-tot and Binary Authorization being two popular ones). The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is working on a self-attestation form (Secure Software Development Attestation Common Form) for software producers serving the federal government. The form will require them to confirm implementation of specific security practices. This was following the White House’s 2021 Executive Order 14028 and the Office of Management and Budget’s (OMB) M-22-18, “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices.” Digital signatures for code integrity and software attestation will increasingly be in demand, especially as governments on both sides of the Atlantic (in the European Union and the United States) are pushing for policy and regulation on mandatory Software Bills of Materials (SBOMs). The goal is to make software developers and device manufacturers accountable for the components that make up their products. An SBOM will have to list known vulnerabilities associated with each component (open source and third party), pushing security rights to the forefront of product development. This visibility will allow for product development teams, DevOps, and implementers to address vulnerabilities and thereby strengthen security. SBOMs will likely form part of the software’s metadata, so signing will have a role to play here. In short, code signing and software attestation can both confer a level of security that can minimize the threat of a supply chain attack. It’s important to keep in mind, however, that they won’t address all issues, and will not be 100% fool-proof either. Of course, threat actors know this, and many are already targeting the code signing process in order to inject malicious code. This requires threat actors to compromise development platforms where code signing takes place. Ultimately, the use of digital signatures, from creation to management, is another aspect that will need to be secured from a developer perspective. DevSecOps will also have an important role to play here in order to avoid such malicious tactics, thereby providing a holistic security context for using digital signatures. But there is no doubt that digital signatures are a key technology for code integrity and software attestation, and will have a positive impact on thwarting the progress of supply chain attacks, if used widely. Sources: CISA WH EO 14028 OMB

Read More
MORE ARTICLES

Spotlight

VenusTech

Venustech has a state-level network security technology research and development center and a world-class security research and service team. It has applied for hundreds of technical patents and made many pioneering achievements in the industry: the world’s first IDS hardware product, China’s first distributed vulnerability scanning system, China’s first 10 Gigabit multi-core UTM platform, realization of significant breakthrough in 10 Gigabit UTM core technology and China’s first postdoctoral workstation for the enterprise's network security. To date, Venustech has dig out 74 common vulnerabilities and exposures in total, the highest record across Asia. Venustech was the first enterprise in China to join Microsoft MAPP program.

Related News

Enterprise Security, Platform Security, Software Security

Cyware Raises $30 Million to Accelerate Expansion of AI-Powered Global Cyber Fusion and Threat Sharing Networks

Businesswire | July 05, 2023

Cyware, the leading provider of AI-powered Cyber Fusion platforms for enterprises and MSSPs, and automated threat intelligence sharing for information sharing networks, today announced a $30 million Series C financing round led by Ten Eleven Ventures, a leading multi-stage investment firm specializing in cybersecurity. Also participating are previous investors including Advent International, Zscaler, Emerald Development Managers, Prelude (the venture practice at Mercato Partners) and Great Road Holdings. The Series C financing comes as Cyware has experienced strong year-over-year growth propelled by robust market adoption, excellent customer retention, and extraordinarily large market access. Since Series A financing, Cyware has shown growth of 6x and consolidated its position as an industry leader for threat intelligence automation, security orchestration, and collaborative threat response solutions. Earlier this year, Cyware achieved FedRAMP Ready status for its Cyber Fusion platform and was named one of the most innovative and promising cybersecurity companies by JMP Cyber 66, as well as being recognized in the 2022 Deloitte Technology Fast 500 as one of the Fastest Growing Technology Firms in North America. Cyware’s cloud-based platform is leveraged by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers. The platform seamlessly integrates the AI-powered threat intelligence platform (TIP) with data orchestration and workflow automation (SOAR), to facilitate and synchronize actions between cloud and on-premises security tools and technologies. This enables security teams to connect the dots on emerging threats by correlating actionable threat intelligence with detection, threat hunting, vulnerability management, and incident response operations. Cyware’s Cyber Fusion platform is modular, and the underlying TIP, SOAR, and Collaborative Threat Response components can be leveraged in combination or individually by security teams providing them greater flexibility in transforming conventional SOCs. The Cyware platform has become the backbone of global Threat Sharing Networks. Almost all major ISACs (Information Sharing and Analysis Centers), ISAOs, and CERTs use Cyware’s platform to automate threat intelligence sharing, analysis, and actioning for more than 30,000 enterprise members and government entities. The platform also enables large conglomerates, industry groups, and private communities to activate and share threat intelligence with their distributed businesses, clients, and suppliers, and benefit from automated collective defense against ransomware, supply chain attacks, and zero-day vulnerabilities. “Security teams today face an overwhelming amount of data, but silos across data, processes, and technologies make it very challenging to see the bigger picture and proactively stop threats," said Anuj Goel, Cyware CEO and Co-founder. “Our mission at Cyware is to break down these silos, integrate threat intelligence into SOC operations, make it easy for teams to automate response, and act immediately to anticipate and stop threats.” “Threat actors thrive because the rest of us don’t collaborate enough,” said Alex Doll, Founder and Managing Member of Ten Eleven Ventures. “Only Cyware allows overstretched security teams to expand their risk visibility beyond their borders with innovative threat intelligence collaboration while dramatically improving response with vendor-agnostic orchestration and low-code automation. As seasoned investors in the cybersecurity field, we recognize that Cyware’s remarkable platform, revenue growth, and vast customer base – including over 20 ISACs – puts them in an enviable market position.” Cyware plans to leverage this new round of funding to fuel further growth and accelerate channel business and strategic alliances while expanding its global footprint. About Cyware Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs.

Read More

Web Forums, Social Media Targets for Credentials

Infosecurity Magazine | July 18, 2018

Web forums were the greatest targets for credential spills during 2017, which saw more than 2.3 billion credentials from 51 different organizations reportedly stolen, according to a new report from Shape Security. Of those 51 different organizations, companies providing online services contributed the largest number of compromised credentials, with over 2 billion credential spills. In total, the criminal enterprise is costing US businesses over $5bn a year. The report, released today, studied the life cycle of stolen credentials, taking a holistic, behind-the-scenes look at the extent to which credentials can be monetized and weaponized long after a breach occurs. Because web forums serve as hyper-specialized communities of online users, they tend to have lower membership and thus a smaller collection of credentials. “However, they are easy targets for credential spills because many are volunteer-run and lack a corporate security or IT function," the report stated. While web forums were found to be the most frequently targeted, they are not actually the source of the greatest number of spills. “Social media sites were typically responsible for the largest spills. This makes sense because those organizations rely on a network effect to succeed, so they are likely to have the largest user bases,” the report said.

Read More

Apache Struts Flaw Increasingly Exploited to Hack Servers

Security Week | September 12, 2017

Security firm Imperva has detected thousands of attacks attempting to exploit a recently patched remote code execution vulnerability affecting the Apache Struts 2 open source development framework.

Read More

Enterprise Security, Platform Security, Software Security

Cyware Raises $30 Million to Accelerate Expansion of AI-Powered Global Cyber Fusion and Threat Sharing Networks

Businesswire | July 05, 2023

Cyware, the leading provider of AI-powered Cyber Fusion platforms for enterprises and MSSPs, and automated threat intelligence sharing for information sharing networks, today announced a $30 million Series C financing round led by Ten Eleven Ventures, a leading multi-stage investment firm specializing in cybersecurity. Also participating are previous investors including Advent International, Zscaler, Emerald Development Managers, Prelude (the venture practice at Mercato Partners) and Great Road Holdings. The Series C financing comes as Cyware has experienced strong year-over-year growth propelled by robust market adoption, excellent customer retention, and extraordinarily large market access. Since Series A financing, Cyware has shown growth of 6x and consolidated its position as an industry leader for threat intelligence automation, security orchestration, and collaborative threat response solutions. Earlier this year, Cyware achieved FedRAMP Ready status for its Cyber Fusion platform and was named one of the most innovative and promising cybersecurity companies by JMP Cyber 66, as well as being recognized in the 2022 Deloitte Technology Fast 500 as one of the Fastest Growing Technology Firms in North America. Cyware’s cloud-based platform is leveraged by top Fortune 1000 and MSSP security teams to transform their legacy SOCs into Cyber Fusion Centers. The platform seamlessly integrates the AI-powered threat intelligence platform (TIP) with data orchestration and workflow automation (SOAR), to facilitate and synchronize actions between cloud and on-premises security tools and technologies. This enables security teams to connect the dots on emerging threats by correlating actionable threat intelligence with detection, threat hunting, vulnerability management, and incident response operations. Cyware’s Cyber Fusion platform is modular, and the underlying TIP, SOAR, and Collaborative Threat Response components can be leveraged in combination or individually by security teams providing them greater flexibility in transforming conventional SOCs. The Cyware platform has become the backbone of global Threat Sharing Networks. Almost all major ISACs (Information Sharing and Analysis Centers), ISAOs, and CERTs use Cyware’s platform to automate threat intelligence sharing, analysis, and actioning for more than 30,000 enterprise members and government entities. The platform also enables large conglomerates, industry groups, and private communities to activate and share threat intelligence with their distributed businesses, clients, and suppliers, and benefit from automated collective defense against ransomware, supply chain attacks, and zero-day vulnerabilities. “Security teams today face an overwhelming amount of data, but silos across data, processes, and technologies make it very challenging to see the bigger picture and proactively stop threats," said Anuj Goel, Cyware CEO and Co-founder. “Our mission at Cyware is to break down these silos, integrate threat intelligence into SOC operations, make it easy for teams to automate response, and act immediately to anticipate and stop threats.” “Threat actors thrive because the rest of us don’t collaborate enough,” said Alex Doll, Founder and Managing Member of Ten Eleven Ventures. “Only Cyware allows overstretched security teams to expand their risk visibility beyond their borders with innovative threat intelligence collaboration while dramatically improving response with vendor-agnostic orchestration and low-code automation. As seasoned investors in the cybersecurity field, we recognize that Cyware’s remarkable platform, revenue growth, and vast customer base – including over 20 ISACs – puts them in an enviable market position.” Cyware plans to leverage this new round of funding to fuel further growth and accelerate channel business and strategic alliances while expanding its global footprint. About Cyware Cyware delivers an innovative approach to cybersecurity that unifies threat intelligence, automation, threat response, and vulnerability management with data insights gleaned from assets, users, malware, attackers, and vulnerabilities. Cyware’s Cyber Fusion platform integrates SOAR and TIP technology, enabling collaboration across siloed security teams. Cyware is widely deployed by enterprises, government agencies, and MSSPs, and is the leading threat intelligence sharing platform for global ISACs and CERTs.

Read More

Web Forums, Social Media Targets for Credentials

Infosecurity Magazine | July 18, 2018

Web forums were the greatest targets for credential spills during 2017, which saw more than 2.3 billion credentials from 51 different organizations reportedly stolen, according to a new report from Shape Security. Of those 51 different organizations, companies providing online services contributed the largest number of compromised credentials, with over 2 billion credential spills. In total, the criminal enterprise is costing US businesses over $5bn a year. The report, released today, studied the life cycle of stolen credentials, taking a holistic, behind-the-scenes look at the extent to which credentials can be monetized and weaponized long after a breach occurs. Because web forums serve as hyper-specialized communities of online users, they tend to have lower membership and thus a smaller collection of credentials. “However, they are easy targets for credential spills because many are volunteer-run and lack a corporate security or IT function," the report stated. While web forums were found to be the most frequently targeted, they are not actually the source of the greatest number of spills. “Social media sites were typically responsible for the largest spills. This makes sense because those organizations rely on a network effect to succeed, so they are likely to have the largest user bases,” the report said.

Read More

Apache Struts Flaw Increasingly Exploited to Hack Servers

Security Week | September 12, 2017

Security firm Imperva has detected thousands of attacks attempting to exploit a recently patched remote code execution vulnerability affecting the Apache Struts 2 open source development framework.

Read More

Events