Software Security
Fortinet | October 11, 2023
Fortinet has announced the introduction of two new campus switches, the FortiSwitch 2000 and 600.
These systems are designed with high performance and port density, ensuring they meet the requirements of modern campuses and can easily scale as connectivity demands increase.
Organizations require high-performance switches that smartly manage AP traffic and prevent bottlenecks to ensure network availability and a favorable user experience.
Fortinet, a leading global cybersecurity provider pioneering the integration of networking and security, has unveiled two new campus switches, the FortiSwitch 600 and 2000. These switches cater to the expanding connectivity and security requirements of campus, offering embedded intelligence, high performance, and seamless integration with FortiGuard AI-Powered Security Services and Fortinet’s AIOps management tools.
The FortiSwitch 600 series is an innovative multi-gigabit secure campus access switch featuring up to 5GE access and 25GE uplinks. This switch optimizes network performance by smartly managing traffic from next-generation APs to crucial business destinations. On the other hand, the FortiSwitch 2000 series is a robust campus core switch specifically designed for larger, intricate campus setups. It aggregates high-performance access switches such as the FortiSwitch 600. Both series come with a dual power supply, ensuring the redundancy essential for today's high-performance campuses.
Chief Marketing Officer and EVP of Product Strategy at Fortinet, John Maddison, stated,
Fortinet has delivered secure switching solutions for 20 years, making it uniquely positioned to enable customers with a robust secure connectivity solution for the entire LAN. We’re the only vendor providing fully converged wireless and wired AI-powered security and networking through a single platform, providing security and visibility from the moment a user or device connects to the network.
[Source – Globe Newswire]
Numerous organizations are investing in next-gen wireless access points (APs) to offer increased connectivity as users demand more bandwidth than ever before. However, legacy switching solutions often cannot keep up. To ensure positive user experience and network availability, organizations require high-performance switches that intelligently coordinate AP traffic and prevent bottlenecks in order.
Jeff Howlett, Chief Information Officer at Meredith College, said,
Our campus environment supports thousands of faculty and students, and Fortinet switches assisted us modernize our infrastructure to provide the consistent connectivity and Power-over-Ethernet they require. And by managing all of our switches through FortiGate NGFWs, we consolidated point products into a unified platform that provides more visibility into potential security risks than we have ever had before.
[Source – Globe Newswire]
For the past two decades, Fortinet has been at the forefront of integrating networking and security in both wired and wireless LAN solutions. The newly introduced switches are the latest enhancements to its secure connectivity platform, offering complete access control, security, and unified management across the entire LAN infrastructure.
Read More
Cloud Security
PR Newswire | November 01, 2023
Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced that it has entered into a definitive agreement to acquire cloud security start-up Dig Security, an innovative provider of Data Security Posture Management (DSPM).
Today, almost 70% of organizations already have data stored in the public cloud1. With increased interest and adoption of generative AI, sensitive data is often even more spread out across cloud services, including distributed databases, vector databases, PaaS services, and more. Organizations need help identifying sensitive data, effectively managing user access, and implementing robust security measures to protect against internal and external threats. Simultaneously, the relentless surge in the volume and impact of cloud data breaches persists2, causing significant damage to enterprises. This underscores the critical role that DSPM will play within a comprehensive cloud security strategy.
Dig's DSPM solution enables organizations to discover, classify, monitor, and protect sensitive data across all cloud data stores, which will give Palo Alto Networks' customers visibility into and control of their multi-cloud data estate. After the close of the proposed acquisition, Dig's capabilities will be seamlessly integrated into the Prisma® Cloud platform to provide near real-time data protection from code to cloud. Dig was founded by entrepreneurs Dan Benjamin, Ido Azran, and Gad Akuka. They will continue leading their teams in joining the Prisma Cloud team at Palo Alto Networks after closing.
Lee Klarich, Chief Product Officer for Palo Alto Networks:
"As companies build AI-enabled applications, there will be a substantial increase in the amount of data transferred to the cloud. Dig's highly innovative DSPM technology helps safely enable this shift, and its dedicated team will complement and help advance Palo Alto Networks' strengths across cloud security. The announcement of our intent to join forces with Dig reinforces our longstanding commitment to our team in Israel and to continue growing our footprint with its talented and dedicated cybersecurity professionals."
Ankur Shah, SVP Products, Prisma Cloud for Palo Alto Networks:
"Data protection was the top priority for cloud security cited in the 2023 The State of Cloud-Native Security Report. Upwards of 75% of respondents noted that the number of point tools they use creates blind spots. Dig lets security teams see and secure their data across multi-cloud environments. This visibility and security is becoming increasingly important in the age of generative AI. Dig's innovation, coupled with Prisma Cloud's leading code-to-cloud intelligence highlighted in the recent Darwin release, will create what CISOs need to drive complete cloud security and data protection with a single, integrated, cloud-native platform."
Dan Benjamin, Co-Founder & CEO, Dig Security:
"Modern cloud applications leverage a broad set of data stores to meet the complex needs of businesses. We developed an award-winning DSPM solution to alleviate this strain by providing a centralized offering to monitor and manage the security of these cloud data stores. Integrating Dig's technology with Prisma Cloud will enable customers to effectively manage the security of their diverse data stores in modern cloud applications and reduce the risk of data breaches. My co-founders and I look forward to continuing our innovation journey with Palo Alto Networks to make the world safer."
Read More
Platform Security
PR Newswire | October 26, 2023
OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals.
This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit.
A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities, said Muhi Majzoub, EVP and Chief Product Officer, OpenText. There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom.
This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target.
2023 Nastiest Malware
Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy.
Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts.
Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data.
Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt.
Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors.
Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately.
To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.
Read More