CYFIRMA, a leading cyber-threat visibility and intelligence analytics platform company, released Cyber-threat predictions for 2020

Businesswire | November 21, 2019

CYFIRMA, a leading cyber-threat visibility and intelligence analytics platform company, released Cyber-threat predictions for 2020
CYFIRMA, a predictive cyber-threat visibility and intelligence analytics platform company backed by Goldman Sachs and Zodius Capital, today announced its Cyber-threat Predictions for 2020. The company’s proprietary Artificial Intelligence (AI) and Machine Learning (ML) technology analyzed global threat indicators and revealed the trade wars will fuel cyber-attacks on rivals, with more nations adopting cyber-warfare capabilities and starved nations continuing to use cyber-attacks as the new engine to grow their economy. The company also predict new technologies such as 5G, Internet of Things (IoT), Autonomous Critical Infrastructure, Artificial Intelligence (AI), Industry 4.0, Cryptocurrency, Cloud, Virtual Reality, Augmented Reality and Drones will subject government and businesses to further cyber risks. CYFIRMA’s research indicates hackers’ interests are growing towards traditional and non-traditional industries such as research institutions, chemical, shipping, logistics, product and technology companies.

Spotlight

Die Gebäude, in denen wir leben und arbeiten, werden intelligenter und stärker vernetzt. Aktuell werden die Szenen Realität, die wir bisher nur aus Science-Fiction-Filmen kennen: Durch die steigende Anzahl an IoT-Geräten verwandeln sich unsere Wohnungen und Büros in „intelligente Gebäude”, die selbstständig Entscheidungen treffe

Related News

SOFTWARE SECURITY

Novel approaches to satisfy the demand for comprehensive cybersecurity are required

prnewswire | December 30, 2020

These days, a broad layer of cybersafety is frequently needed for business foundation or government organizations to secure delicate data and shopper information. Truth be told, the worldwide network protection market size generally speaking was esteemed at USD 156.5 Billion out of 2019 and is relied upon to extend at a build yearly development rate (CAGR) of 10.0% from 2020 to 2027, as per information by Grand View Research. At present, however, the most recent Russian hack, which is being known as the biggest demonstration of surveillance in U.S. history, is being investigated by specialists and network safety firms to decide the extent of the danger. As per a report by the Associated Press, the hack bargained government organizations and "basic framework" in a refined assault that was difficult to recognize and will be hard to fix, the Cybersecurity and Infrastructure Security Agency said in an unordinary notice message. The country's online protection organization additionally cautioned of a "grave" danger to government and private organizations. Plurilock Security Inc. , Qualys, Inc. , CyberArk Software Ltd, Absolute Software Corporation (NASDAQ: ABST), Fortinet, Inc. A few tech organizations, including Microsoft, have additionally remarked on the hack, with the innovation aggregate clarifying in a blogpost that "it's important that we venture back and evaluate the noteworthiness of these assaults in their full setting. This isn't 'undercover work not surprisingly,' even in the advanced age. All things being equal, it speaks to a demonstration of foolishness that made a genuine mechanical weakness for the United States and the world. In actuality, this isn't only an assault on explicit targets, yet on the trust and unwavering quality of the world's basic framework to propel one country's insight organization." Plurilock Security Inc. declared recently that the organization gave, "frictionless and persistent validation utilizing AI and conduct biometrics, is satisfied to give the accompanying corporate update to the final quarter of 2020. Industry Outlook Online protection is a critical component for associations with profound security needs, for example, medical care and monetary administrations organizations. Given the idea of late cyberattacks that focus on these associations, the requirement for cutting edge online protection arrangements will increment and as per Cyber Security Ventures, Global Cybersecurity spending is anticipated to surpass $1 Trillion USD from 2017-2021. In anticipation of the foreseen development in the online protection area, Plurilock has unveiled some critical advancements since going this year to address and benefit from this worldwide chance. Key Developments Public Listing On September 24th, 2020, the Company started exchanging on the TSX Venture Exchange under the ticker PLUR in the wake of finishing a passing exchange ("QT") with Libby K Industries, Inc. on September 17, 2020. Plurilock likewise finished a simultaneous financing with the QT, which saw the Company effectively raise $2.6 million. The simultaneous financing was driven by PI Financial and included Industrial Alliance Securities. Master Advisory Board and Advisors The Company amassed an Advisory Board comprising of innovation area specialists to give direction to Plurilock on arranging and executing key activities while quickening the development of the Company. Individuals from the Advisory Board incorporate Dr. Issa Traoré, Ph.D., Merv Chia and Mark Orsmond. Moreover, the Company named two veteran worldwide security pioneers, Gaétan Houle and Chris Pierce as guides to the Company. Mr. Houle has held different security influential positions in legitimate government offices, for example, the Canadian Federal Government, Department of National Defense and the previous Department of Foreign Affairs, presently known as Global Affairs Canada. Mr. Penetrate is a refined chief and expert who administered the global division of Booz Allen Hamilton Holding Corporation and drove the improvement of Booz Allen's worldwide business system. Organizations and Relationships Another item joint effort with personality and access the executives ("IAM") supplier Gluu, including the consideration of local Plurilock uphold in standard Gluu discharges going ahead. The administrations of Government Sales Specialists, LLC, a re-appropriated bureaucratic deals office, were held by the Company to develop its pipeline of government deals. Consummation of the primary achievement of a US$198,000 contract with the US Department of Homeland Security, for which the Company got US$70,000. A significant US monetary administrations firm granted a US$42,000 yearly repeating agreement to Plurilock to convey the Company's center verification arrangements. Confirmation and Compliance Program – The Company dispatched its new affirmation and consistence program in November 2020, connecting exceptionally respected robotized security and consistence firm Vanta Inc. to offer warning types of assistance in quest for System and Organization Controls 2 ("SOC2") standard consistence. Center Product Initiatives and Updates The Company occupied with and dispatched various item related things and activities, including: The dispatch of Plurilock's new versatile applications for iOS and Android, presently accessible for download on the Apple App Store and Google Play Store, individually. Arrival of another rendition of Plurilock's center ADAPT and DEFEND programming stage adding support for big business climate intermediary administrations, new forms for Mac OS, and upgraded worker unwavering quality. The dispatch of a re-designed client care and backing experience to advance issue mean-opportunity to-goal ("MTTR") and quicken customer help accessibility. 2021 Outlook - During 2021, the Company intends to keep zeroing in on various activities to drive its development methodology including: Vital M&A movement with an emphasis on beneficial associations with which the Company can strategically pitch existing high edge Plurilock items Natural deals development through set up channel accomplices and an immediate deals power Further interest in the organization's MFA validation innovation and IP portfolio Extra stage reconciliations that can grow deals Speculator mindfulness activities "2020 was an exciting year for the team at Plurilock as we completed a number of milestones, including a successful public listing on the TSXV in September," said Ian Paterson, CEO of Plurilock. "Despite the headwinds of the pandemic, we have seen an increase in enterprise customers looking to secure their infrastructure from cyber threats. Given the growth outlook of the sector, we believe in 2021 the team we have assembled will enable us to grow organically through direct sales to enterprise customers while we seek to strategically deploy resources through acquisitions." About Plurilock - Plurilock is an inventive, personality driven online protection organization that decreases or dispenses with the requirement for passwords, additional validation steps, and awkward verification gadgets. Plurilock's product use best in class social biometric, ecological, and relevant advances to give undetectable, versatile, and hazard based confirmation arrangements with the most reduced conceivable expense and multifaceted nature. Plurilock empowers associations to figure securely and with true serenity. Qualys, Inc. detailed a week ago its examination group, utilizing the Qualys Cloud Platform, has distinguished 7.54 million weaknesses identified with FireEye Red Team appraisal devices and traded off renditions of SolarWinds Orion, followed as Solorigate or SUNBURST, across its 15,700-part client base. Of the weaknesses recognized, scientists noticed that across 5.29 million special resources most are identified with the FireEye Red Team devices. These discoveries feature the extent of the potential assault surface if these apparatuses are abused. The examination group additionally recognized that 99.84% of the 7+ million weakness examples are from eight weaknesses in Microsoft programming that have patches accessible. CyberArk Software Ltd. detailed a month ago that it is working with Forescout and Phosphorus to empower associations to make sure about the expanding number of IoT gadgets and innovations coming about because of advanced business change. Clients can altogether diminish hazard utilizing the joint mix to constantly find, make sure about and oversee IoT gadgets associated with corporate organizations. CyberArk holds the most complete arrangement of restricted admittance the board related affirmations and accomplishments for the public authority area, including global Common Criteria accreditation by the National Information Association Partnership (NIAP). CyberArk is additionally remembered for the U.S. Branch of Defense Information Network Approved Products List (DoDIN APL) and the U.S. Armed force Certificate of Networthiness (CoN) under the Cybersecurity Tools (CST) gadget type (Tracking Number (TN) 1712401). The CyberArk Privileged Account Security Solution has been freely approved and granted an Evaluation Assurance Level (EAL) 2+ under the Common Criteria Recognition Agreement (CCRA). CyberArk helps government organizations meet consistence necessities including FISMA/NIST SP 800-53, Phase 2 of the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program, NERC-CIP, HSPD-12 and that's only the tip of the iceberg. Total Software Corporation declared a month ago new capacities that furnish IT and Security groups with cutting edge bits of knowledge into programming and web utilization across their circulated endpoint gadget armadas. With supreme's new Software Inventory and Web Usage investigation, associations can boost returns on programming ventures and discover possible cost reserve funds; help guarantee representatives have the instruments they need to work beneficially and safely from anyplace; and distinguish potential security weaknesses or vulnerable sides emerging from unsanctioned, unreliable applications or web content. "With gadgets remaining generally off-network in the new universe of far off and cross breed work models, IT offices face numerous difficulties with regards to having a total image of what programming has been bought and conveyed, regardless of whether the applications being utilized are endorsed or completely refreshed, and where they may have holes in security or profitability," said Ameer Karim, EVP of Product Management at Absolute. Fortinet, Inc. declared recently new reconciliations with Amazon Web Services (AWS) to additionally furnish clients with cutting edge security across their cloud stages, applications, and organization. Fortinet's cloud security arrangements – including its virtual cutting edge firewall, FortiGate VM a

Read More

Cybersecurity Comes under Scanner as Google Chrome Users Hit by Spyware Campaign

Google | June 19, 2020

A newly discovered spyware effort attacked users through 32-million downloads of extensions to Google’s market-leading Chrome web browser. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools. The extensions were designed to avoid detection by antivirus companies or security software that evaluates the reputations of web domains. A newly discovered spyware effort attacked users through 32-million downloads of extensions to Google’s market-leading Chrome web browser, researchers at Awake Security said, highlighting the tech industry’s failure to protect browsers as they are used more for e-mail, payroll and other sensitive functions. Alphabet’s Google said it removed more than 70 of the malicious add-ons from its official Chrome Web Store after being alerted by the researchers in May. When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses, Google spokesperson Scott Westover said. Most of the free extensions purported to warn users about questionable websites or convert files from one format to another. Instead, they siphoned off browsing history and data that provided credentials for access to internal business tools. Read more: 65% OF PHISHING THREATS FACING REMOTE WORKERS IMPERSONATE GOOGLE-BRANDED WEBSITES When we are alerted of extensions in the Web Store that violate our policies, we take action and use those incidents as training material to improve our automated and manual analyses. ~ Google spokesperson Scott Westover said Based on the number of downloads, it was the most far-reaching malicious Chrome store campaign to date, said Awake co-founder and chief scientist Gary Golomb. Google declined to discuss how the latest spyware compared with prior campaigns, the breadth of the damage, or why it did not detect and remove the bad extensions on its own despite past promises to supervise offerings more closely. It is unclear who was behind the effort to distribute the malware. Awake said the developers supplied fake contact information when they submitted the extensions to Google.“Anything that gets you into somebody’s browser or e-mail or other sensitive areas would be a target for national espionage as well as organised crime,” said former National Security Agency engineer Ben Johnson, who founded security companies Carbon Black and Obsidian Security. We do regular sweeps to find extensions using similar techniques, code and behaviours,” Google’s Westover said, in identical language to what Google gave out after Duo’s report. The extensions were designed to avoid detection by antivirus companies or security software that evaluates the reputations of web domains, Golomb said. If someone used the browser to surf the web on a home computer, it would connect to a series of websites and transmit information, the researchers found. Anyone using a corporate network, which would include security services, would not transmit the sensitive information or even reach the malicious versions of the websites. All of the domains in question, more than 15,000 linked to each other in total, were bought from a small registrar in Israel, Galcomm, known formally as CommuniGal Communication. In an e-mail exchange, Galcomm owner Moshe Fogel told Reuters his company had done nothing wrong. “Galcomm is not involved, and not in complicity with any malicious activity whatsoever,” Fogel wrote. “You can say exactly the opposite, we co-operate with law enforcement and security bodies to prevent as much as we can.” Fogel said there was no record of the inquiries Golomb said he made in April and again in May to the company’s e-mail address for reporting abusive behaviour, and he asked for a list of suspect domains. Reuters sent him that list three times without getting a substantive response. The Internet Corp for Assigned Names and Numbers, which oversees registrars, said it had received few complaints about Galcomm over the years, and none about malware. Read more: LEVERAGING THREAT INTELLIGENCE TO TACKLE CYBERTHREATS IN TIMES OF COVID-19

Read More

odix joins the MISA program extending FileWall security logs to Microsoft Azure Sentinel

prnewswire | September 30, 2020

The Microsoft Intelligent Security Association was formed in 2018 to provide a community for premier cybersecurity companies to collaborate and better integrate their technologies with Microsoft Security products. By joining MISA, odix looks to advance its CDR solutions fluid integration into the range of widely used Microsoft software products.MISA uniquely fosters the critical relationships between innovative designers and developers creating cyber security products that integrate with Azure Sentinel, the Graph Security API and other Microsoft products. By removing the obstacles to direct integration, MISA members, such as odix, can fast track technological and product developments to produce a more robust security ecosystem for Microsoft 365 users.

Read More

Spotlight

Die Gebäude, in denen wir leben und arbeiten, werden intelligenter und stärker vernetzt. Aktuell werden die Szenen Realität, die wir bisher nur aus Science-Fiction-Filmen kennen: Durch die steigende Anzahl an IoT-Geräten verwandeln sich unsere Wohnungen und Büros in „intelligente Gebäude”, die selbstständig Entscheidungen treffe