Global Cybersecurity League Formed to Fight Hospital Ransomware

cointelegraph | April 02, 2020

A crack team of cybersecurity experts in 65 countries has come together to combat ransomware attacks on hospitals during the coronavirus crisis. Calling themselves the COVID-19 CTI League the community of experts aims to protect the technological infrastructure of front-line medical resources from cyberattacks. Hospitals around the world have seen a big increase in cyberattacks over the past year, in which critical IT systems are encrypted with malware. Gangs demand a Bitcoin ransom in return for the decryption key. Hospitals are often seen as soft targets, due to ageing IT infrastructure and a willingness to pay due to the critical nature of their work. Cointelegraph reported on March 30 that Ryuk ransomware continues to target hospitals and healthcare providers based in the United States.

Spotlight

The General Data Protection Regulation 2016/679 (GDPR) replaces the old 1995 Data Protection Directive 95/46/EC, setting a new bar for privacy rights, security, and compliance around the world. GDPR regulates the processing of personal data belonging to people living in any of the EU member states (Data Subjects). The GDPR, a pivotal change in the history of data privacy regulations, affects each and every organization worldwide that collects, stores, and processes data on persons in the EU. The GDPR will replace legal complexity with a single, unified law.

Spotlight

The General Data Protection Regulation 2016/679 (GDPR) replaces the old 1995 Data Protection Directive 95/46/EC, setting a new bar for privacy rights, security, and compliance around the world. GDPR regulates the processing of personal data belonging to people living in any of the EU member states (Data Subjects). The GDPR, a pivotal change in the history of data privacy regulations, affects each and every organization worldwide that collects, stores, and processes data on persons in the EU. The GDPR will replace legal complexity with a single, unified law.

Related News

SOFTWARE SECURITY

WhiteSource Rebrands as Mend

Mend | May 30, 2022

WhiteSource, a pioneer in application security, has rebranded to Mend. Within the Mend Application Security Platform, the business is also delivering the industry's first automatic remediation for custom code security concerns, as well as integrating Mend Supply Chain Defender (previously WhiteSource Diffend) in its JFrog Artifactory plugin. Mend protects all parts of your program by automating repair, prevention, and protection from issue to solution, rather than just detection and proposed solutions. With revenue increasing by 800% in the previous three years and enterprise net retention reaching 127% in 2021, the firm recruited 350 new clients in the last year. Mend has over 1,000 clients, including more than 25% of the Fortune 100, and is committed to spending its most recent investment ($75 million series D announced in April 2021) on general development as it extends outside the Software Composition Analysis (SCA) industry. This includes the purchase of Diffend in April 2021, as well as the acquisitions of SAST companies Xanitizer and DefenseCode in February of this year. The Mend Application Security Platform is the result of strategic acquisitions and the company's unique automated remediation capabilities. The platform is the first to automatically detect and correct application security gaps including both open source and bespoke code, combining automated remediation for static application security testing (SAST) with Mend's current capacity to do so for software composition analysis (SCA). "Attackers are increasingly targeting applications as the weakest link to go after organizations, and at the same time, pressure to deliver software faster has never been higher. Organizations face undeniable tension to do both, better. Mend breaks the tradeoff between security and development delivery timelines by providing a solution that automates the reduction of the software attack surface while removing most of the burden of application security, allowing development teams to deliver quality, secure code, faster." Rami Sass, Co-founder and CEO of Mend Josh Johnson, Manager of Solutions Architecture, Defy Security said that "Whether open-source or proprietary code, the application security industry has mostly focused on vulnerability detection and management. Mend has an interesting approach of automating the remediation of code vulnerabilities. While the company is announcing this new name, as a partner of Mend, we are excited for it to further its commitment to solving code-based security challenges with automated-remediation. Defy Security looks forward to seeing Mend extend automation for closing security gaps."

Read More

SOFTWARE SECURITY

Aqua Launches the Industry’s First Out-of-the-Box Runtime Security with Advanced Protection Against the Most Sophisticated Threats

Aqua Security | July 26, 2022

Aqua Security, the leading pure-play cloud native security provider, today announced the launch of out-of-the-box runtime protection with minimal configuration to stop attacks in real time on running workloads. Protection is composed of new curated and optimized default security controls, as well as advanced threat intel from observations of real attacks on cloud native environments. Both the controls and threat intel are the result of knowledge gained through years of securing customers’ live production environments. Customers can now apply this knowledge to achieve trusted and advanced runtime protection in minutes without requiring in-depth knowledge of their applications and environments. Using eBPF technology and threat intel from cyber research team Aqua Nautilus to identify advanced threats, Aqua surfaces the most critical issues in real time while also implementing a set of controls to protect running workloads immediately, without disrupting the business. “Aqua is transforming the runtime security paradigm. “Traditional runtime security requires security teams to have a great deal of cloud native knowledge, and as a result has been slow to adopt. Aqua is removing this barrier to adoption by making cloud workload threat protection immediately effective and easy for security professionals.” Amir Jerbi, CTO and co-founder, Aqua Security Stopping Attacks in Real Time with Runtime Security Recent data from Nautilus shows that one in three live attacks could be missed when relying exclusively on snapshot scanning of running workload images. Nautilus also found tens of thousands of instances of in-memory attacks and fileless attacks in a one-month period—attacks that would not be seen or stopped without kernel-level visibility. Aqua’s detection of anomalous behavior goes beyond point-in-time snapshots and catches malicious behavior of known and unknown threats in real time—this includes both known CVEs and zero-day exploits that have yet to be discovered. The new default runtime controls are based on ongoing recommendations from Aqua Nautilus, who detect and analyze 80,000 attacks a month using Aqua’s open source eBPF-based threat detection engine, Aqua Tracee. The result is real-time visibility at the kernel level that alerts customers the moment an attacker breaches a running workload, reducing attackers’ dwell time from months to milliseconds. Aqua’s Runtime Protection solution is part of Aqua’s fully integrated Cloud Native Application Protection Platform (CNAPP), the Aqua Platform. Customers of the Aqua Platform also have access to the entire, full set of customizable, advanced runtime capabilities if and when they decide to define and implement more stringent policies. Key benefits of Aqua Runtime Protection include: Discover attacks immediately with continuously updated kernel-level behavioral detection. Updates are based on cloud native threat research from Aqua Nautilus along with years of experience securing customer workloads in production. Respond faster and reduce attacker dwell time by stopping attacks with pattern-based anti-malware in production and the option to block or delete malware on access. Simplify incident investigation and rapidly determine the impact and attack path of a security incident with a detailed incident timeline including rich contextual information. “Unlike overly complex runtime solutions, legacy solutions not designed for cloud-native applications, or solutions that can’t detect in real time, our goal with this release is to provide runtime security that is simple to deploy, giving you effective real-time security out-of-the-box,” said Jerbi. “What this boils down to is that, unlike alternative solutions, Aqua’s Platform will both detect sophisticated attacks and stop them in real time.” Aqua’s out-of-the-box Runtime Protection is now available and will make an industry debut at AWS re:Inforce on July 26-27 in Boston at Booth 104. To learn more, visit Aqua’s YouTube. About Aqua Security Aqua Security stops cloud native attacks and is the only company with a $1 Million Cloud Native Protection Warranty to guarantee it. As the pioneer and largest pure-play cloud native security company, Aqua helps customers unlock innovation and build the future of their business. The Aqua Platform is the industry’s most integrated Cloud Native Application Protection Platform (CNAPP), prioritizing risk and automating prevention, detection and response across the lifecycle. Founded in 2015, Aqua is headquartered in Boston and Ramat Gan, Israel, with Fortune 1000 customers in over 40 countries.

Read More

PLATFORM SECURITY

Vectra Becomes AWS Security Competency Partner

Vectra | June 30, 2022

Vectra AI, a pioneer in threat detection and response, said today that it has been an Amazon Web Services (AWS) Security Competency Partner, proving its technical knowledge and demonstrated customer success when it comes to further protecting AWS environments. The competence designation acknowledges Vectra's strong cloud security experience and proven technology, which assists clients in further enhancing their security measures across hybrid architectures and cloud environments. Vectra's AWS Security Competency distinguishes it as an AWS Partner Network (APN) member that delivers specialized threat detection technologies to assist organizations in adopting, developing, and deploying complex security projects on AWS. To be eligible for this distinction, APN members must have extensive AWS knowledge and be able to offer solutions on AWS effortlessly. Vectra earned AWS Security Competency accreditation after a thorough qualification process based on references and customer feedback. "Becoming an AWS Security Competency Partner is an exciting milestone for Vectra and for many of our customers who leverage AWS as a critical component in their everyday operations. Solving threat detection and response challenges for our customers is top priority and this competency further validates our ability to do that in the cloud and wherever organizations choose to configure their environments." Michael Porat, Vectra SVP, Corporate and Business Development "We are an AWS shop. Using AWS VPC Traffic Mirroring, Vectra gives us full visibility into our Nitro-based instances," said Mirza Baig, IT Security Manager at Municipal Property Assessment Corporation (MPAC). To monitor all infrastructure-as-a-service traffic, the Vectra platform interfaces with AWS Virtual Private Cloud (VPC) traffic mirroring. It also integrates with AWS Security Hub to publish Vectra detections as findings, enabling security teams to correlate Vectra attacker detections with other data sources for faster threat hunting and incident investigations. "Achieving the AWS Security Competency validates Vectra for its technical expertise and ability by enabling customers to further secure their journey through the different stages of cloud adoption—from migration through day-to-day management," said Dudi Matot, Security Segment Lead at AWS.

Read More