City of Del Rio Hit by Ransomware Attack

Infosecurity Magazine | January 15, 2019

Another ransomware attack has made headlines with the city of Del Rio, Texas, announcing on January 10, 2019, that the servers at City Hall were disabled, according to a press release. “The first step in addressing the issue, was for the City’s M.I.S. (Management Information Services) Department to isolate the ransomware which necessitated turning off the internet connection for all city departments and not allowing employees to log into the system. Due to this, transactions at City Hall are being done manually with paper.” As has been the alternative method of communication for many organizations that have been impacted by cyber-attacks, Del Rio turned to social media, using Facebook to inform citizens of alternative payment options available to them. After reporting the attack to the FBI, Del Rio was referred to the Secret Service. “The City is diligently working on finding the best solution to resolve this situation and restore the system. We ask the public to be patient with us as we may be slower in processing requests at this time,” the press release said.

Spotlight

Security intelligence, built upon the same concepts that have made business intelligence an essential enterprise technology, is the critical next step for organizations that recognize the importance of information security to their business health. This is especially critical on today's smarter planet, where instrumented, interconnected and intelligent businesses collect, process, use and store more information than ever before.

Spotlight

Security intelligence, built upon the same concepts that have made business intelligence an essential enterprise technology, is the critical next step for organizations that recognize the importance of information security to their business health. This is especially critical on today's smarter planet, where instrumented, interconnected and intelligent businesses collect, process, use and store more information than ever before.

Related News

DATA SECURITY

Snowflake Launches New Cybersecurity Workload

Snowflake | June 08, 2022

Snowflake, the Data Cloud provider, announced today the release of a new Cybersecurity workload that helps cybersecurity teams to better secure their organizations using the Data Cloud. Cybersecurity teams can rapidly acquire visibility and automation at cloud-scale by using Snowflake's platform and a wide ecosystem of partners offering security capabilities with linked apps. According to Forrester*, 55% of security professionals said that their business encountered an incident or breach involving supply chains or third-party suppliers in the last 12 months. Current security architectures based on outdated security and information management systems (SIEMs) are really not intended to handle the amount and diversity of data required to keep up with cyberthreats. Legacy SIEMs impose stringent ingest fees, short retention periods, and proprietary query languages, making it difficult for security professionals to acquire the insight they need to safeguard their enterprises. Customers that utilize Snowflake's Cybersecurity workload receive access to the platform's capability and adaptability to natively manage structured, semi-structured, and unstructured logs. Customers can store years of high-volume data effectively, search using scalable on-demand computing capabilities, and obtain insights utilizing universal languages like SQL and Python, which are now in private preview. Businesses can also use Snowflake to combine their security data with company data in a single source of truth, allowing contextual data from HR systems or IT asset inventories to feed detections and investigations for greater fidelity alerts and conducting quick queries on vast volumes of data. Teams receive unified insight into their security posture, removing data silos without incurring prohibitive data input or retention expenses. Aside from threat detection and response, the Cybersecurity workload covers a wide variety of use cases such as security compliance, cloud security, identity and access management, vulnerability management, and more. TripActions, the premier all-in-one travel, corporate card, and expense management system, is using the Data Cloud to invest in its long-term cybersecurity data strategy. Prabhath Karanth, Sr. Director of Security, Compliance & Trust, TripActions said that “With Snowflake as our security data lake, we are able to simplify our security program architecture and remove data management overhead. Snowflake has been vital in helping us gain a complete picture of our security posture, eliminating blind spots and reducing noise so we can continue to provide user trust where it matters most. Deploying a modern technology stack from Snowflake is a pivotal piece of our cybersecurity strategy.”

Read More

SOFTWARE SECURITY

SafeGuard Cyber Delivers Context-Aware Response with Microsoft Azure AD and Okta

SafeGuard Cyber | August 01, 2022

SafeGuard Cyber, the leading provider of security and compliance solutions for email and communication-based threats, today announces automated response and multi-channel user onboarding with Microsoft Azure AD and Okta integrations for its security and risk management platform. These integrations enable automated and workflow-based responses to advanced social engineering threats such as impersonation and account takeover, as well as other threats, business risks, and compliance violations. The integrations extend the SafeGuard Cyber platform's multi-channel detection capabilities, with the ability for security and compliance operation teams to manage and automate responses to threats and risks across all communication channels. "In the current economic climate, organizational leadership needs to ensure optimum resource utilization in security operations and reduce unnecessary costs," said Chris Lehman, CEO of SafeGuard Cyber. "Many of our enterprise customers have made significant investments in Azure AD or Okta to manage identities across their organizations, and our new capabilities allow them to streamline operations and maximize ROI for their security and overall operations." Integrated response through SafeGuard Cyber enables security architects and operations teams to deliver the ideal response to threats and business risks, either in an automated or direct action through the SafeGuard Cyber platform as part of incident management or an investigation. "As the threats of fraud, impersonation, and social engineering increasingly result in material breaches and financial losses through ransomware and business compromise, the need to have a context-aware, zero-trust foundation with detection and response capabilities is more urgent than ever. "Our integrations with Okta and Azure AD enable organizations moving towards a cloud or hybrid workplace to simplify identity-based responses to communication-based threats, while enriching authentication to include context and intent of interactions." Rusty Carter, chief product officer at SafeGuard Cyber Context-aware and advanced integrated response with Okta and Azure AD is available for all SafeGuard Cyber customers and delivers: Automated user onboarding for monitoring communications by group Automatic, risk-based responses that include user-session invalidation Support for all SafeGuard Cyber protected channels SafeGuard Cyber detects attacks and identifies risk by understanding how humans interact and communicate. The company's Natural Language Understanding-based SaaS platform offers the industry's most advanced visibility and detection of phishing, BEC and malware attacks that span the full range of modern business communications channels, including social media, collaboration, mobile messaging, conferencing, CRM and the Microsoft 365 ecosystem. About SafeGuard Cyber SafeGuard Cyber provides the only comprehensive technology solution for addressing cybersecurity threats and compliance risks across the modern cloud workplace. The company's patented and award-winning Natural Language Understanding technology analyzes and correlates conversations across 30 communication channels and 52 languages, including collaboration, social, chat, messaging, and conference platforms, in order to detect and prevent communication-based threats like social engineering. By stopping attacks at the social engineering stage, SafeGuard Cyber allows companies to prevent data breaches, ransomware, invoice fraud, and many other threats. The company's cloud-based Machine Learning also provides compliance solutions for governance and policy enforcement that empower customers to communicate through modern apps and social networking.

Read More

SOFTWARE SECURITY

Syscoin Launches Network Rollup Facility

Syscoin | June 13, 2022

Syscoin, a cutting-edge base layer protocol that incorporates the composability of Ethereum-style smart contracts with the Bitcoin Network's industry-leading security, announced today the upcoming release of Rollux, a suite of developer-ready scaling solutions for developing decentralized applications at the speed of Web2 architectures. “At Syscoin, we are constantly improving the architecture of our platform to offer the most capable solution for developers who want to build with Bitcoin’s security, Ethereum’s flexibility, and, beginning today, Syscoin’s own scaling solutions. The launch of our in-house Layer 2 rollup suite marks a major milestone in the evolution of the Syscoin Network toward being the ultimate foundation for applications aimed at individuals, global enterprises and even governments around the world.” Jag Sidhu, Syscoin Foundation’s lead developer and president Moreover, Syscoin uses its unique Proof-of-Data-Availability (PoDA) breakthrough with Rollux to secure accessible off-chain data for rollups. Apart from Ethereum, Syscoin will be one of the first chains to host optimistic rollups and the only one to use Bitcoin's gold-standard proof-of-work hashing for its own security. As Ethereum evolves toward a proof-of-stake consensus paradigm, this difference will become more relevant. Syscoin's development plan is divided into three segments. The first phase concluded in December with the release of Syscoin's Network-Enabled Virtual Machine (NEVM). Syscoin's NEVM parallel Layer 1 chain allows developers to construct Ethereum-compatible, smart-contract-based decentralized apps on the Syscoin Network. Rollux is Syscoin's in-house Layer 2 rollup suite and marks the next step in the company's evolution. Rollux will provide scaling solutions to applications that use the Syscoin Platform foundation layer in order to provide decentralized services at Web2-like speeds. Furthermore, the Rollux suite will be a comprehensive Layer 2 solution that covers the full range of scaling methods. Rollux will first provide Optimistic rollouts before extending to include ZK rollups when they become practicable. When it is released, Rollux's optimistic rollup utility will use modular scaling technologies to provide the most efficient, cost-effective, scalable, and secure Layer 2 available. Syscoin will unleash performance and scalability 50 times that of existing Layer 2s and 5000 times that of the Ethereum mainnet with direct EVM counterparts like Arbitrum's Nitro and Optimism's Cannon. This powerful platform will continue to progress the sector for many years to come, ultimately ushering in stateless Layer 2 systems that offer a significant advancement in scalability and security. Syscoin Rollux will represent the cutting edge of scaling technology for Solidity-based smart contracts, with Layer 2 scaling coupled to Bitcoin's security standard. Moreover, since the smart contract layer is entirely EVM-compatible, it will be straightforward to onboard applications from Ethereum that want to add Bitcoin's security at scale. Finally, since the non-profit Syscoin Foundation is releasing the Rollux suite, the project will avoid charging excessive fees and using token schemes that add friction and costs to consumers.

Read More