Cyber-Attack Takes Down Redcar Council Services

Info security | February 17, 2020

A local authority in the north-east of England appears to have suffered a major ransomware attack, leaving online public services down for 135,000 locals, for over a week. At the time of writing, the website of Redcar & Cleveland Borough Council was still down. An update on the council’s official Twitter account as of February 13 said: “We are still experiencing issues with our IT systems, which means we are working with a reduced capacity. We are able to receive and answer limited calls and emails and we will be prioritizing urgent messages.”According to reports, the council’s IT systems were attacked at 11am the previous Saturday, with external cybersecurity experts including those from the National Cyber Security Centre (NCSC) drafted in to help.

Spotlight

"It is more than 25 years since the first PC viruses appeared. Over time, the nature of the threat has changed significantly. Today’s threats faced by businesses are more complex than ever before. In Kaspersky’s 2013 Global IT Risks Survey, we found that new technology – leading to new ways of working – were of most concern to IT managers. Mobility, use of personal devices at work (BYOD) and social media in the work place were the top three concerns. "

Spotlight

"It is more than 25 years since the first PC viruses appeared. Over time, the nature of the threat has changed significantly. Today’s threats faced by businesses are more complex than ever before. In Kaspersky’s 2013 Global IT Risks Survey, we found that new technology – leading to new ways of working – were of most concern to IT managers. Mobility, use of personal devices at work (BYOD) and social media in the work place were the top three concerns. "

Related News

ENTERPRISE SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

LogRhythm Improves Security Analytics with Expanded Security Operations Capabilities

LogRhythm | January 06, 2023

On January 05, 2023, LogRhythm, the company that empowers security teams to tackle an ever-changing threat landscape with confidence, introduced a variety of expanded capabilities and integrations for its security operations solutions. The enhancements improve LogRhythm's capacity to serve as a much-needed force multiplier for security teams that are required to defend against cyberattacks with confidence, effectiveness, and efficiency. This update follows the release of LogRhythm Axon, an innovative, cloud-native security operations platform launched in October. In addition, the organization is launching new visualizations and advanced analytics that provide seamless visibility into potential security threats. Axon and its latest updates are designed to simplify the experience of security analysts by making it easier for teams to identify, examine, and report on potential threats, easing the burden of managing risks and the operating infrastructure. In addition, these improvements span the entire suite of LogRhythm's offerings to collectively facilitate threat detection and resolution by SOC teams, improving analyst productivity and effectiveness. The key features of the updates include the following: LogRhythm Axon: New out-of-the-box and custom analytics rules that have rules for MITRE ATT&CK detections. Using the Observation Workflow, customers can quickly investigate log observations raised by analytics. Reduce time spent searching for data through new markdown and histogram widgets. LogRhythm UEBA: New detection models allow for the detection of elusive threats for Windows systems. LogRhythm NDR: Integration with Microsoft EDR improves blind spot detection and endpoint visibility. Enhanced analyst experience through expanded UI improvements. The new configuration page enables to import of data from VirusTotal smoothly. LogRhythm SIEM: The improved collection administrative workflow reduces the time required to configure, deploy, and manage log sources that involve Open Collector. Expanded and updated LogRhythm's library of supported log sources. Improved audit logging makes it easier to detect suspicious activity and track significant changes made by users. About LogRhythm LogRhythm, Inc. is an American security intelligence firm founded in 2003 that specializes in SIEM, log management, network and endpoint monitoring, forensics, and security analytics. With a comprehensive array of high-performance security, compliance, and operations solutions, LogRhythm is built to address a rapidly evolving world of cybersecurity threats. In addition, LogRhythm combines a versatile and comprehensive security operations platform, advisory services, and technology partnerships to help SOC teams defend sensitive data.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Varonis Introduces Automated Posture Management to Fix Cloud Security Risks

Varonis | January 27, 2023

On January 26, 2023, Varonis Systems, Inc., a leader in data security and analytics, announced the availability of automated posture management to assist clients in resolving security and compliance gaps spanning their SaaS and IaaS systems. Varonis continuously scans, identifies, and ranks cloud security threats, providing CISOs and compliance officers with real-time insight into their data security posture. With this new automation option, users can fix misconfigurations in applications such as Salesforce and AWS with a single click from a unified interface. According to Gartner, through 2025, 99% of cloud security breaches will be the customer's fault. CIOs can counter this by adopting and enforcing rules for cloud ownership, accountability, and risk acceptance. Varonis Field CTO, Brian Vecci, said, “Automated posture management takes the burden of understanding and remediating cloud misconfigurations off the customer.” He also said, “We stay on top of the latest configuration risks and best practices, so you don’t have to. Now, we can not only show you exactly how to improve your security posture, but we can also automatically mitigate risk on your behalf.” (Source – GlobeNewswire) This release marks a significant advancement in cloud data security. Passive data security posture management (DSPM) solutions need manual operations to generate help desk tickets for a person to review and fix in every cloud application manually. Varonis offers a uniform and automated method for minimizing the attack surface of multi-cloud environments. Automated posture management is the most recent tool introduced by Varonis to simplify data security outcomes. Varonis introduced least privilege automation for Google Drive, Microsoft 365, and Box, as well as a new data security posture management (DSPM) dashboard early this month. About Varonis Varonis is a leader in data security and analytics, waging war differently from typical cybersecurity corporations. Instead, Varonis focuses on protecting business data like: Sensitive files and emails Strategic and product plans Financial records Confidential customer, patient, and employee data In addition to data protection, Zero Trust, data governance, compliance, categorization, data privacy, and threat detection and response, Varonis solutions handle various other critical use cases. The company began operations in 2005 and has clients in the financial services, healthcare, industrial, energy and utilities, insurance, technology, media and entertainment, consumer and retail, and education industries, among others.

Read More

ENTERPRISE IDENTITY,PLATFORM SECURITY,IDENTITY MANAGEMENT

Simeio and SailPoint Partner to Provide Enterprise Identity Security

Simeio | December 27, 2022

A business needs to manage and protect the digital identities of its employees, contractors, partners, and customers. Enabling the right individuals to access the right resources at the right times for the right reasons with secure access control is needed for organizations to keep their vital information safe and secure at all times. In this regard, Simeio provides identity and access management (IAM) solutions. Using intelligent solutions, enhanced cybersecurity measures are enforced on systems with cloud identity security services. Simeio, a leader in the cybersecurity industry when it comes to identity and access management (IAM) services, has announced a partnership with SailPoint, a leader in enterprise identity security. The goal of the partnership is to improve the security and protection of the companies' identities by using enterprise identity governance controls and best-in-class technologies. The partnership will also allow clients to simplify, automate, and enable their identity governance and administration (IGA) programs, providing continuous threat protection and improving the maturity of identity processes across enterprises. Simeio plans to bring over 50 SailPoint-certified identity experts to the partnership. The clients of both companies will benefit from the identity convergence capabilities of the Simeio IO platform, which brings together IGA, access management, and privilege identity functions to deliver cross-domain identity analytics. Through this partnership, organizations will also be able to update their identity security services in the cloud. "The global identity and access management (IAM) market is expected to grow from USD 14.82 billion in 2020 to USD 31.74 billion by 2025, at a CAGR of 16.7% during the forecast period, as per Marketsandmarkets." Companies are getting more and more identity security and access management solutions because cyber threats and data breaches are getting worse. Artificial intelligence, machine learning, IoT compatibility, decentralized identity systems, and the use of innovative biometric authentication mechanisms are all part of the future of identity security. About Simeio Simeio is a global managed services provider that offers identity and access management solutions as a service. Simeio's 700+ employees secure 160 million identities for businesses and governments. Simeio offers Customer Identity & Access Management, Privileged Access Management, Identity Proofing, Access Management & Federation, Identity Governance & Administration, and Application Onboarding. Gartner, Forrester, KuppingerCole, and Great Places to Work® have recognized the company's business and technical leadership. About SailPoint SailPoint is the market leader in enterprise identity security. SailPoint automates the management and control of access by leveraging the power of AI and machine learning, granting only the required access to the right identities and technology resources at the right time. Our advanced identity platform integrates seamlessly with existing systems and workflows, providing a unified view of all identities and their access. We meet customers where they are with an intelligent identity solution that satisfies the enterprise's scale, velocity, and environment requirements. SailPoint empowers the world's most complex businesses to establish a security foundation based on identity security.

Read More