Brute-Force Attempts More Common on Edge Devices

Infosecurity Magazine | March 01, 2019

Brute-Force Attempts More Common on Edge Devices
As edge devices continue to be the target of malicious attacks, security experts have found an increase in brute-force attempts, according to a new white paper released by the Cyber Threat Alliance (CTA). Based on a compilation of research from several contributors, the white paper notes that CTA members have seen “a quiet but growing threat to edge devices since 2016. These devices are deployed at the boundaries between interconnected networks. The resulting impact of these devices – such as routers, switches and firewalls – on an enterprise and to the connected digital ecosystem can be significant.” Edge devices are not only used to develop infrastructure for future attacks, but they are also used to monitor traffic and to establish persistent access, targeting networks or systems in order to steal data and even to put offensive cyber-attacks that deny, degrade, disrupt, or destroy into operation, according to an April 30 CTA blog post. What’s concerning, according to CTA members, is that while attacks against edge devices continue to increase, basic protections for these devices are not keeping pace.

Spotlight

With all of this data, there is also risk, specifically those entities within the organization that may have access to confidential data either due to their job function or because they are gaining it through surreptitious means. When used with an Operational Intelligence platform such as Splunk, the Vormetric Data Security Platform not only encrypts and controls access to your files and databases, but also provides information that is utilized by Splunkbase. Whether the deployment is physical or virtual, the joint solution can alert when unusual or improper data access is detected, and can offer detailed user and process information to help investigation.

Spotlight

With all of this data, there is also risk, specifically those entities within the organization that may have access to confidential data either due to their job function or because they are gaining it through surreptitious means. When used with an Operational Intelligence platform such as Splunk, the Vormetric Data Security Platform not only encrypts and controls access to your files and databases, but also provides information that is utilized by Splunkbase. Whether the deployment is physical or virtual, the joint solution can alert when unusual or improper data access is detected, and can offer detailed user and process information to help investigation.

Related News

DATA SECURITY

Stellar Cyber's Open XDR strengthens security operations for Barracuda users

Stellar Cyber | November 10, 2021

Stellar Cyber, the innovators of Open XDR and the leading next-gen security operations platform, announced today that it has integrated its industry-leading security platform with Barracuda CloudGen Firewall, Barracuda Web Application Firewall, and Barracuda Total Email Protection, bringing enhanced visibility, automated incident correlation, threat hunting, and remediation to managed security service provider (MSSP) customers and prospects. "Our customers know that Barracuda delivers best-of-class email, network, and web application security solutions. When it comes to defending against today's sophisticated cyber threats like ransomware and data breaches, they are looking for full visibility and automation," said Fleming Shi, CTO at Barracuda Networks. "We already offer Barracuda SKOUT Managed XDR optimized for our MSP customers. This new integration with Stellar Cyber gives our enterprise customers a holistic view of their infrastructure and the capabilities to coordinate incident response to attacks in real time." The Stellar Cyber platform incorporates the XDR Kill Chain and AI-driven correlation of detections and alerts into automatically generated incidents in an easy-to-use dashboard with visibility across the entire attack surface, so analysts know exactly what and how to investigate. In addition, Stellar Cyber's built-in multi-tenant features make it easier than ever for Barracuda's MSSP partners to provide SOC-as-a-service offerings to their end-user clients. "The Stellar Cyber Open XDR platform brings additional value to existing Barracuda product investments by ingesting their logs, enriching the captured data, analyzing that data for threats, and then automatically remediating attacks through the firewall as well as other systems," said Zeus Kerravala, principal analyst at ZK Research. "It's great to see this level of integration to protect customers." "By integrating our Open XDR AI-powered cybersecurity platform with Barracuda's popular solutions, we deliver a new level of visibility and SOC capabilities, such as correlated threat analysis, threat hunting, and automated remediation, to Barracuda customers,Our purpose-built platform collects and ingests data from all existing security tools and presents a single dashboard that clearly identifies and prioritizes security threats, all the way from individual alerts to sophisticated incidents or attack stories, in a way that maximizes efficiency in SOC operations." Paul Jespersen, Senior Vice President of Global Business Development at Stellar Cyber Using ransomware protection as an example, customer benefits of the integration include: Barracuda Total Email Protection signals and alerts will be available in Stellar Cyber to provide visibility into phishing and brand-hijacking attacks designed to harvest credentials. In an event where a phishing link is clicked, Barracuda CloudGen Firewall stops the traffic to the attacker's site and flags the target for all other attempts. Network and application infrastructure are constantly bombarded with intrusion and access attempts, especially with stolen credentials. Provided with signals from Barracuda CloudGen Firewall and Barracuda Web Application Firewall, these attempts will be immediately flagged and prevented. Barracuda is working on deeper and broader integrations with Open XDR platforms like Stellar Cyber. Barracuda customers will be able to stop ransomware more efficiently and get ahead of attackers using credential theft and account takeover in email security and prevent further penetration. At Barracuda we strive to make the world a safer place. We believe every business deserves access to cloud-enabled, enterprise-grade security solutions that are easy to buy, deploy, and use. We protect email, networks, data, and applications with innovative solutions that grow and adapt with our customers' journey. More than 200,000 organizations worldwide trust Barracuda to protect them – in ways they may not even know they are at risk — so they can focus on taking their business to the next level. For more information, visit barracuda.com. Barracuda Networks, Barracuda, and the Barracuda Networks logo are registered trademarks of Barracuda Networks, Inc. in the US and other countries. SKOUT Cybersecurity and the SKOUT logo are registered trademarks of SKOUT Cybersecurity Holdings, Inc. and its affiliates in the US and other countries. About Stellar Cyber Stellar Cyber's Open XDR platform delivers Everything Detection and Response by ingesting data from all tools, automatically correlating alerts into incidents across the entire attack surface, delivering fewer and higher-fidelity incidents, and responding to threats automatically through AI and machine learning. Our XDR Kill Chain™, fully compatible with the MITRE ATT&CK framework, is designed to characterize every aspect of modern attacks while remaining intuitive to understand. This reduces enterprise risk through early and precise identification and remediation of all attack activities while slashing costs, retaining investments in existing tools and accelerating analyst productivity. Typically, our platform delivers an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Arceo.ai Adds CJ Pruzinsky to Its Team of Cyber Insurance Experts, Strengthens Cyber Security Risk Capabilities

Arceo.ai | July 17, 2020

Arceo.ai, a cyber risk analytics company that empowers enterprises to better identify, respond to, and recover from cyber risks, continues to grow its team of senior cyber insurance experts to enhance the services and solutions it delivers to the cyber insurance industry. Charles J. "CJ" Pruzinsky, an experienced cyber underwriting executive, has joined Arceo as Executive Vice President and Chief Underwriting Officer for its U.S. operations.Before joining Arceo, Pruzinsky was responsible for managing the Northeastern operations at Beazley Group, based in New York. Prior to Beazley, he held senior underwriting positions at American International Group, where his responsibilities included building out AIG's Midwestern U.S. regional capabilities.

Read More

SOFTWARE SECURITY

RangeForce Collaborates with The Black Cybersecurity Association to Enhance Career Advancement Opportunities

RangeForce | April 06, 2021

RangeForce, the company that is revolutionizing cybersecurity training, confirmed recently a collaboration with the Black Cybersecurity Association (BCA) to provide BCA members with hands-on cyber skills training. The partnership will assist BCA members in acquiring new capabilities to advance their careers and find new employment opportunities. “This collaboration with RangeForce will help us to achieve our member training goals by offering hands-on and role-based learning modules that are available anywhere, at any time,” said Darold Kelly Jr., BCA founder. “We are excited to be able to provide our members with access to this world-class training platform.” BCA programs strive to significantly influence communities by engaging and inspiring members to become industry leaders. The BCA will have access to RangeForce modules that will help individuals and teams with their cybersecurity training. The RangeForce on-demand and cloud-based solution help learners to work with leading security tools, training them to detect and respond to the most recent cyber threats. “Darold and the entire BCA organization are assisting the industry in addressing a lack of qualified cyber experts while supporting members in advancing their careers,” said RangeForce's Jackson Thibodeau, Sr. Director of Channels. “The organization's inclusive and community-first approach to career mentoring is setting a new standard in our industry. We are pleased to be partnering with BCA and its 2,000 members.” About BCA BCA is a non-profit organization that focuses on community and career mentoring for underrepresented minorities in the cybersecurity sector. Darold Kelly Jr. founded the BCA on July 9, 2020, to inspire, engage, and empowering their members to reach their full potential and becoming global leaders who positively impact their communities. The BCA has community-impacting programs such as KIDS CAN CODE, SECURITY+ STUDY GROUPS, OSCP BOOTCAMP, and several more. About RangeForce RangeForce develops user-friendly cybersecurity training experiences for organizations and the staff. It helps customers operationalize a SaaS-based cybersecurity training program in hours, saving up to 65% over conventional training and up to $1M annually on hosted cyber ranges, due to the industry's first integrated training platform and virtual cyber range. RangeForce's advanced learning platform is revolutionizing cybersecurity training by further training and cross-training DevOps, IT, and security professionals.

Read More