BlackBerry launches new threat hunting solution

SecurityBrief Asia | July 15, 2019

BlackBerry launches new threat hunting solution
BlackBerry has announced the introduction of CylanceGUARD, a managed detection and response (MDR) solution that leverages BlackBerry Cylance security experts and its industry-leading native AI platform to provide continuous threat hunting and monitoring. For an elite security organisation, threat hunting takes a proactive stance to threat detection; however, there are only a handful of organisations in industries such as financial services, high-tech manufacturing, and defence that can claim to have productive threat hunting teams that deliver results. Many organisations without a mature security team are looking to external vendors to manage their threat hunting practice, allowing staff to focus on critical business initiatives. In its Worldwide Semiannual Security Spending Guide, IDC projects global spending on managed security services will reach more than $21 billion in 2019. CylanceGUARD is a subscription-based offering that validates, triages, analyses, prioritises, and automates analyst and incident engagement.

Spotlight

Using remote access tools Quasar, Sobaken and Vermin, cybercriminals have been systematically spying on Ukrainian government institutions and exfiltrating data from their systems. The threat actors, first mentioned in a report from January 2018 and tracked by ESET since mid-2017, continue to develop new versions of their stealthy malware. In this white paper, we take a closer look at this ongoing campaign. We provide further details on the malware used to compromise victims’ systems and, on the payloads, installed on compromised systems, and describe the various methods the attackers use to distribute and target their malware while avoiding detection.

Related News

Sikich Report Finds That Manufacturers and Distributors Neglect Key Cybersecurity Activities

Sikich | July 23, 2020

Less than 40% of respondents in Sikich's 2020 Manufacturing and Distribution Report said they perform important data breach prevention activities, such as penetration testing, phishing exercises on employees and assessments of vendors' data security efforts. However, manufacturers and distributors remain vulnerable to breaches. Nearly half of respondents said their companies experienced cyberattacks during the past 12 months."Cybersecurity is an essential part of a company's operations, but too few manufacturers and distributors take the necessary precautions to protect sensitive data," said Brad Lutgen, partner-in-charge of Sikich's cybersecurity team. "The coronavirus pandemic, which sent many office workers to insecure remote environments, has only elevated the risk these companies face. Manufacturers and distributors must commit to a comprehensive cybersecurity strategy that includes everything from technical updates to employee training."The report also reveals extensive use of some advanced technologies, but stubbornly slow adoption of others. Eighty-six percent of respondents said their companies use cloud storage and solutions, and more than 60% use forecasting software, data-driven customer service technologies, advanced analytical tools, data visualization, and the internet of things. But only about half of the executives surveyed said their companies use robotics, robotic process automation and 3D printing/additive manufacturing. And 39% said they use blockchain and augmented virtual reality.

Read More

DATA SECURITY

Online Gaming is according to Nexusguard Research, a hotbed for DDoS attacks

businesswire | December 15, 2020

The expansion in web based gaming stood out from assailants, coming about in almost 77% of digital assaults focusing on internet gaming and betting enterprises in Q3 2020, as per the Nexusguard Q3 2020 Threat Report. In excess of 33% of these amusement assaults zeroed in on internet gaming targets. Nexusguard experts likewise revealed a 287% expansion altogether DDoS assaults in the second from last quarter contrasted with a similar period a year ago. Web based gaming stages' affectability to idleness and accessibility issues makes them ideal DDoS assault targets, and the internet gaming climate is target-rich for culprits to underwrite during the pandemic. The lockdown and social separating measures upheld during the pandemic caused commitment in home diversion—internet gaming, specifically—to take off while films, bars and other regular amusement scenes stayed shut. Gamers have become a powerful objective for aggressors, especially in light of the fact that they are genuinely connected with, socially dynamic, and regularly spend discretionary cashflow on their gaming accounts. Albeit web based gaming is profoundly touchy to idleness and bundle misfortune, Nexusguard scientists caution delicate discovery and high-limit alleviation alone are inadequate to defeat enormous DDoS assaults. Gaming ventures and specialist organizations should team up to battle assault strategies through a blend of innovation, information sharing and best security rehearses. “Online gaming is snowballing in part due to the growth of cloud computing as well as the limited options for home entertainment during the pandemic, providing cyber attackers with a wide population of targets to exploit,” said Juniman Kasman, chief technology officer for Nexusguard. “Game service providers, CSPs and other organizations should take steps to safeguard service, including segregating applications to minimize collateral damage or rehearsing incident response drills to reduce service disruption during attacks.” Concerning internet gaming, 99.5% of digital assaults were volumetric in nature, with 99.4% of assaults comprising of single vector assaults. Culprits expect to devour all transmission capacity so gamers endure the symptoms of idleness and afterward change to game worker has with quicker and more steady network. Nexusguard's DDoS danger research provides details regarding assault information from botnet examining, honeypots, CSPs and traffic moving among aggressors and their objectives to assist organizations with distinguishing weaknesses and remain educated about worldwide network protection patterns. Peruse the full Nexusguard Q3 2020 Threat Report for additional subtleties. About Nexusguard Founded in 2008, Nexusguard is a leading cloud-based distributed denial of service (DDoS) security solution provider fighting malicious internet attacks. Nexusguard ensures uninterrupted internet service, visibility, optimization and performance. Nexusguard is focused on developing and providing the best cybersecurity solution for every client across a range of industries with specific business and technical requirements. Nexusguard also enables communications service providers to deliver DDoS protection solution as a service. Nexusguard delivers on its promise to provide you with peace of mind by countering threats and ensuring maximum uptime. Visit www.nexusguard.com for more information.

Read More

SOFTWARE SECURITY

Atos is completing the acquisition of In Fidem, a Canadian cybersecurity firm.

prnewswire | January 20, 2021

Atos today reports it has finished the obtaining of In Fidem, a Canada-based particular online protection counseling firm, with skill in cloud security, computerized character, hazard the board, security activities, advanced criminology and digital penetrate reaction. The activity will extend Atos' worldwide customer portfolio and ability in network protection benefits and will assist with advancing put resources into Canadian organizations and computerized labor force, adding an incentive for neighborhood clients and the nearby ability pool. This online protection securing joins those of Paladion, digital.security and SEC Consult made in the course of recent months in different nations and supports Atos' vision of ceaseless advancement in essential business sectors, strengthening its situation as a worldwide pioneer inside network safety administrations, counseling and development. "Atos and In Fidem today unite their expertise to bring added value to our digital teams and for our clients in Canada and around the world," said Pierre Barnabé, Senior Executive Vice-President, Head of Big Data & Cybersecurity at Atos. "We are delighted to welcome the more than 100 consultants from In Fidem to continue our strategy of developing and consolidating our cybersecurity expertise and to strengthen our leadership in secure decarbonized digital solutions." "Atos understands our aim to support our clients with multi-disciplinary teams. They share our corporate vision which is centered on the return of our clients' security investment and trust. Combining our forces, we will enhance our services to our customers," said Matthieu Chouinard, CEO of In Fidem. About Atos Atos is a global leader in digital transformation with 110,000 employees and annual revenue of € 12 billion. European number one in cybersecurity, cloud and high-performance computing, the group provides tailored end-to-end solutions for all industries in 73 countries. A pioneer in decarbonization services and products, Atos is committed to a secure and decarbonized digital for its clients. Atos operates under the brands Atos and Atos|Syntel. Atos is a SE (Societas Europaea), listed on the CAC40 Paris stock index. The purpose of Atos is to help design the future of the information space. Its expertise and services support the development of knowledge, education and research in a multicultural approach and contribute to the development of scientific and technological excellence. Across the world, the group enables its customers and employees, and members of societies at large to live, work and develop sustainably, in a safe and secure information space.

Read More

Spotlight

Using remote access tools Quasar, Sobaken and Vermin, cybercriminals have been systematically spying on Ukrainian government institutions and exfiltrating data from their systems. The threat actors, first mentioned in a report from January 2018 and tracked by ESET since mid-2017, continue to develop new versions of their stealthy malware. In this white paper, we take a closer look at this ongoing campaign. We provide further details on the malware used to compromise victims’ systems and, on the payloads, installed on compromised systems, and describe the various methods the attackers use to distribute and target their malware while avoiding detection.