Platform Security
PR Newswire | October 26, 2023
OpenText (NASDAQ: OTEX), (TSX: OTEX), today announced the Nastiest Malware of 2023, an annual ranking of the year's biggest malware threats. For six consecutive years OpenText Cybersecurity threat intelligence experts have analyzed the threat landscape to determine the most notorious malware trends. Ransomware has been rapidly ascending the ranks, with ransomware-as-a-service (RaaS) now the weapon of choice for cybercriminals.
This year four new ransomware gangs, believed to be the next generation of previous big players, topped the list. Newcomer Cl0p takes the prize for this year's nastiest malware after commanding exorbitant ransom demands with its MOVEit campaign. Cl0p's efforts helped skyrocket the average ransom payment which is rapidly approaching three quarters of a million dollars. Black Cat, Akira, Royal, Black Basta also made their debut, joined by the always present, Lockbit.
A key finding this year is the RaaS business model is another win for the bad guys. Profit sharing and risk mitigation are top contributors to RaaS success along with the ability to easily evade authorities, said Muhi Majzoub, EVP and Chief Product Officer, OpenText. There is a silver lining as research shows only 29% of businesses pay ransom, an all-time low. These numbers indicate people are taking threats seriously and investing in security to be in a position where they do not need to pay ransom.
This year's list highlights the tenacity of cybercriminals as they continue to reinvent themselves, coming back stronger each time (often with new names). Their scrappy mentality allows them to go beyond the norm to find new ways to invade their target.
2023 Nastiest Malware
Cl0p, a RaaS platform, became famous following a series of cyberattacks, exploited a zero-day vulnerability in the MOVEit Transfer file software developed by Progress Software. MOVEit victims include such notable organizations as Shell, BBC, and the United States Department of Energy.
Black Cat, recognized in our 2021 Nastiest Malware report, believed to be the successor to REvil ransomware group, has built their RaaS platform on the Rust programming language. They made headlines for taking down MGM Casino Resorts.
Akira, presumed to be a descendant of Conti, primarily targets small to medium sized businesses due to the ease and turnaround time. Most notably, Akira ransomware targeted Cisco VPN products as an attack vector to breach corporate networks, steal, and eventually encrypt data.
Royal, suspected heir to Ryuk, uses Whitehat penetration testing tools to move laterally in an environment to gain control of the entire network. Helping aid in deception is their unique partial encryption approach that allows the threat actor to choose a specific percentage of data in a file to encrypt.
Lockbit 3.0, a main stain on the list and last year's winner, continues to wreak havoc. Now in its third epoch, Lockbit 3.0 is more modular and evasive than its predecessors.
Black Basta is one of the most active RaaS threat actors and is also considered to be yet another descendant of the Conti ransomware group. They have gained a reputation for targeting all types of industries indiscriminately.
To learn more about the findings of this year's Nastiest Malware analysis, visit the OpenText Cybersecurity Community, as well as tune in to our Nastiest Malware Webinar.
Read More
Cloud Security
PR Newswire | November 01, 2023
Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today announced that it has entered into a definitive agreement to acquire cloud security start-up Dig Security, an innovative provider of Data Security Posture Management (DSPM).
Today, almost 70% of organizations already have data stored in the public cloud1. With increased interest and adoption of generative AI, sensitive data is often even more spread out across cloud services, including distributed databases, vector databases, PaaS services, and more. Organizations need help identifying sensitive data, effectively managing user access, and implementing robust security measures to protect against internal and external threats. Simultaneously, the relentless surge in the volume and impact of cloud data breaches persists2, causing significant damage to enterprises. This underscores the critical role that DSPM will play within a comprehensive cloud security strategy.
Dig's DSPM solution enables organizations to discover, classify, monitor, and protect sensitive data across all cloud data stores, which will give Palo Alto Networks' customers visibility into and control of their multi-cloud data estate. After the close of the proposed acquisition, Dig's capabilities will be seamlessly integrated into the Prisma® Cloud platform to provide near real-time data protection from code to cloud. Dig was founded by entrepreneurs Dan Benjamin, Ido Azran, and Gad Akuka. They will continue leading their teams in joining the Prisma Cloud team at Palo Alto Networks after closing.
Lee Klarich, Chief Product Officer for Palo Alto Networks:
"As companies build AI-enabled applications, there will be a substantial increase in the amount of data transferred to the cloud. Dig's highly innovative DSPM technology helps safely enable this shift, and its dedicated team will complement and help advance Palo Alto Networks' strengths across cloud security. The announcement of our intent to join forces with Dig reinforces our longstanding commitment to our team in Israel and to continue growing our footprint with its talented and dedicated cybersecurity professionals."
Ankur Shah, SVP Products, Prisma Cloud for Palo Alto Networks:
"Data protection was the top priority for cloud security cited in the 2023 The State of Cloud-Native Security Report. Upwards of 75% of respondents noted that the number of point tools they use creates blind spots. Dig lets security teams see and secure their data across multi-cloud environments. This visibility and security is becoming increasingly important in the age of generative AI. Dig's innovation, coupled with Prisma Cloud's leading code-to-cloud intelligence highlighted in the recent Darwin release, will create what CISOs need to drive complete cloud security and data protection with a single, integrated, cloud-native platform."
Dan Benjamin, Co-Founder & CEO, Dig Security:
"Modern cloud applications leverage a broad set of data stores to meet the complex needs of businesses. We developed an award-winning DSPM solution to alleviate this strain by providing a centralized offering to monitor and manage the security of these cloud data stores. Integrating Dig's technology with Prisma Cloud will enable customers to effectively manage the security of their diverse data stores in modern cloud applications and reduce the risk of data breaches. My co-founders and I look forward to continuing our innovation journey with Palo Alto Networks to make the world safer."
Read More
Platform Security
Verizon | October 13, 2023
Verizon Business has announces hosting a special cybersecurity event on October 18, 2023, marking two decades of cybersecurity consulting services at its New Jersey Executive Business Center.
Participants will gain valuable insights into how Verizon is empowering companies to harness the potential of 5G network solutions.
Alongside the cybersecurity panel discussion, attendees can expect live demonstrations highlighting Verizon's proficiency in developing exceptionally secure solutions.
Verizon Business will host a special media event on October 18, 2023, marking two decades of cybersecurity consulting services and honoring Cybersecurity Awareness Month. The event will feature a panel discussion led by industry experts, including Chris Novak, Managing Director of Verizon Cyber Security Consulting; Sean Atkinson, Chief Information Security Officer at the Center for Internet Security; and Krista Valenzuela, Cyber Threat Outreach and Partnerships at The New Jersey Cybersecurity and Communications Integration Cell (NJCCIC).
The panel promises an engaging dialogue encompassing critical themes such as data privacy, AI's influence on cybersecurity, the emergence of voice security, evolving security controls, and other pertinent subjects. Furthermore, the discussion will shed light on the strategies employed by local New Jersey organizations to counteract emerging cyber threats. Attendees will also gain insights into Verizon's role in empowering businesses through innovative 5G network solutions, enhancing security measures, and elevating their overall operations.
Managing Director of Verizon Cyber Security Consulting, Chris Novak, said,
Raising greater awareness about cybersecurity is the first step in assisting organizations defend against these cyber threats.
[Source – Globe Newswire]
Novak mentioned that Verizon is utilizing its network's extensive visibility to collect, report, and disseminate actionable insights. These insights can be used by customers and other businesses to tackle advanced cyber threats related to vulnerability exploitation and social engineering.
Furthermore, demonstrations highlighting Verizon's proficiency in developing highly secure solutions will be presented in addition to the cybersecurity panel. They include:
Coach-to-Coach Communications: Introducing a dependable and secure wireless network solution tailored for NFL coaches, enabling confidential communication on the field.
Cashierless Checkout: Utilizing advanced machine learning and computer vision technologies, this innovative solution facilitates autonomous stores at any location. Integrated with 5G UWB and 5G Edge, it redefines the retail experience.
Private Wireless Networks: Explore the benefits of premise-based equipment, highlighting the significance of private dedicated networks in enhancing business connectivity and security.
Cyber Threat Outreach and Partnerships, NJCCIC, Krista Valenzuela, mentioned,
One of the ways we’re harnessing the power of AI in New Jersey is in identifying suspicious and malicious websites to help the State and its critical infrastructure in better defending against these cyber threats.
[Source – Globe Newswire]
Read More