How to defend your organization against the latest malware, botnets and security exploits

Tech Republic | February 05, 2020

How to defend your organization against the latest malware, botnets and security exploits
Organizations received a type of holiday gift during the fourth quarter of 2019 as the volume of malware and other security threats declined. However, employees returning to work after the new year presented a fresh target for cybercriminals to launch their attacks. In its Quarterly Threat Landscape Report, the security provider Nuspire discusses the threats that marked the final quarter of 2019 and offers advice on how organizations can defend themselves against these threats. For last quarter, Nuspire detected 3.1 million different samples of malware. That level was a 22% drop in detections from the third quarter, but it still added up to 35,000 malware variants detected per day. Among these, the Emotet trojan was the top offender as attackers varied their delivery and social engineering tactics to keep users guessing.

Spotlight

This guide is for CISOs who want to understand whether their companies are impacted by the new regulation, what the effects might be, and the steps their teams need to take to be compliant with the GDPR data security requirements.

Spotlight

This guide is for CISOs who want to understand whether their companies are impacted by the new regulation, what the effects might be, and the steps their teams need to take to be compliant with the GDPR data security requirements.

Related News
NETWORK THREAT DETECTION

Radware and CHT Security Team Up to Protect NCSoft Taiwan’s Product Launch During Massive DDoS Attacks

Radware | December 02, 2021

Radware a leading provider of cyber security and application delivery solutions, today announced that CHT Security, selected Radware’s DefensePro DDoS Protection solution to safeguard gaming publisher NCSoft Taiwan from massive DDoS attacks during a very popular game launch. CHT Security is Taiwan’s leading managed security service provider and a subsidiary of Chunghwa Telecom, the largest telco in Taiwan. Supported by Radware’s data center protection and CHT Security’s comprehensive professional services, the leading global gaming company was able to mitigate the DDoS attacks and introduce its new game without incident. “As we’ve expanded our business, we’ve seen a large increase in DDoS attacks in Taiwan in recent years,” said Jeff Hung, general manager for CHT Security. “Based upon our long-standing, positive experience, we selected Radware to ensure NCSoft Taiwan’s successful product launch and have increased the use of DefensePro to support our business. The key success factor to this joint effort is the combination of CHT Security’s defense expertise in real-time tuning and the cutting-edge features of Radware’s DefensePro to deliver high-quality and low-latency defense services against cyber threats.” According to Radware’s recently published Q3 DDoS and Application Attack Report, the number of DDoS attacks blocked during the first nine months of 2021, already exceeded the total number of malicious events blocked in 2020. Gaming and telecom endured the highest attack volumes, accounting for over 50% of the total blocked volume in the third quarter of 2021. “DDoS attacks are becoming more frequent, sophisticated, and dangerous,With the growing availability of attack tools and botnets, organizations need multi-layered DDoS protection backed by expert emergency response teams. We value our trusted relationship with CHT Security and are excited that it has chosen to safeguard its customers with our solutions.” Yoav Gazelle, vice president of international sales for Radware Radware’s DefensePro provides automated DDoS defense and protection from fast moving, high volume, encrypted, or very short duration threats. It defends against IoT-based, Burst, DNS, and TLS/SSL attacks to secure organizations against emerging network multi-vector attacks, ransom DDoS campaigns, IoT botnets, and other types of cyber-threats. About CHT Security Founded in 2017, CHT Security is a subsidiary company of Chunghwa Telecom, the largest telco in Taiwan. CHT Security is now the leading managed security service provider in Taiwan with rich experiences in information defense practices, and the R&D capabilities to deliver cyber security services and solutions, including security testing, SOC monitoring, incident response, and digital forensics, satisfying cybersecurity needs for enterprises and government institutions. CHT Security is ISO 20000, ISO 27001, and ISO 17025 certified, and was awarded the 2021 Taiwan Managed Security Services Company of the Year Award by Frost & Sullivan. About Radware Radware is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down.

Read More

DATA SECURITY

GlobalLogic Announces Partnership with Cybereason to Develop Advanced, Intelligent Cyber Protection Solutions

GlobalLogic-min | December 01, 2021

GlobalLogic Inc., a Hitachi Group Company and leader in Digital Engineering, today announced that it has been selected by Cybereason, the leader in operation-centric attack protection, to help develop its next-generation cyber security platform and services. Deployed by large enterprises, governments, and major cloud providers worldwide, Cybereason’s future-ready attack protection spans across endpoints, the enterprise, the cloud, and everywhere the defenders battle cyber criminals. The collaboration will draw on GlobalLogic’s broad and deep expertise in security and data management software across devices through to the cloud, including the integration of advanced artificial intelligence (AI). The program is one of the largest won by GlobalLogic in this field to date. It requires quickly scaling to hundreds of specialized engineers supporting Cybereason’s development roadmap over the next year. This program scope highlights the market’s need for stronger, better cybersecurity as cloud use, network expansions and other technology usage continued their upward trend and surged during the pandemic. “Cyber threats have become considerably more frequent and sophisticated in recent years. We’ve become dangerously more vulnerable in areas traditional security solutions could not adequately protect—the network and the cloud,” said Rajaram Radhakrishnan, CRO, GlobalLogic. “Having operated in the cybersecurity space for more than a decade, GlobalLogic has become adept at successfully responding to complex requirements. Cybereason is a premier example of a crucial innovator building disruptive defense solutions, redefining what government-grade protection can be. We are honored to now be a part of their team.” Cybereason delivers the most comprehensive protection available on the market today, analyzing more than 23 trillion security-related events per week—five times the volume of any other market solution. Using its patented Malicious Operations (MalOps™) engine, Cybereason reveals the full attack story across every device, user identity, application, and cloud deployment. One of Cybereason’s key solutions delivering this capability is the company’s Extended Detection and Response (XDR) solution—a unified detection and response tool that thwarts malicious operations across the entire IT stack. XDR is one of the several advanced technologies that GlobalLogic’s team will help Cybereason develop and enhance through the partnership. “Cybereason’ operation-centric security approach is helping defenders combat sophisticated and persistent threats to their organizations. While other companies have security analysts chasing alerts without offering valuable insight, Cybereason helps organizations around the world leverage our award-winning technology each day to outthink and outpace attackers,GlobalLogic’s track record along with its responsiveness and collaborative approach to R&D stood out as major factors in finalizing our partnership. Together, we will deliver next-gen cyber defense solutions that will help technology users better control their sensitive data and operations—no matter where they reside.” Sam Curry, Chief Security Officer, Cybereason About GlobalLogic GlobalLogic is a leader in digital engineering. We help brands across the globe design and build innovative products, platforms, and digital experiences for the modern world. By integrating experience design, complex engineering, and data expertise – we help our clients imagine what’s possible and accelerate their transition into tomorrow’s digital businesses. Headquartered in Silicon Valley, GlobalLogic operates design studios and engineering centers around the world, extending our deep expertise to customers in the automotive, communications, financial services, healthcare and life sciences, manufacturing, media and entertainment, semiconductor, and technology industries. GlobalLogic is a Hitachi Group Company operating under Hitachi, Ltd. (TSE: 6501), which contributes to a sustainable society with a higher quality of life by driving innovation through data and technology as the Social Innovation Business. About Cybereason Cybereason is the champion for today’s cyber defenders, providing operation-centric attack protection that unifies security from the endpoint to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated AI-powered detection and response (EDR and XDR), next-gen antivirus (NGAV), Anti-Ransomware Protection and Proactive Threat Hunting to deliver context-rich analysis of every stage of a MalOp™ (malicious operation). Cybereason is a privately held, international company headquartered in Boston with customers in more than 40 countries.

Read More

NETWORK THREAT DETECTION

Solvo ReInvents Cloud Identity and Access Management with IAMagnifier

Solvo | November 30, 2021

Solvo, a security automation enabler for cloud development and production environments", announced today the availability of its "IAMagnifier" – a cloud SaaS security platform, enabling developers, DevOps and cybersecurity stakeholders working in cloud development environments to reduce potential cybersecurity threats caused by misconfigured access permissions to cloud assets. To truly enable a secured, yet productive development environment, a "least-privileged" permission mechanism should be employed – by using this methodology, the access level for each asset is defined by answering the question "How can I prevent access to that asset from anyone or anything other than anyone or anything that is supposed to access it to perform their intended task?". Today, security-minded developers and security stakeholders within the organization had to manually inspect security permissions configurations for each asset, compare the permission levels found within the specific asset's configuration to the permission level stated by the relevant organizational policies, and if the actual permission level is too lenient – rectify the situation by updating the asset's permission configuration. In addition to the need to perform these set of activities for each individual asset, a task which might entail an enormous waste of time and effort, the permission level to which the "wrong" configuration should be updated to may not be the best one according to the specific characteristics of each individual asset. "Solvo's IAMagnifier turns this cumbersome, lengthy, inefficient, and error-prone process of managing cloud assets' access permissions, into an automated, centralized, fast and decision-assisted experience,It does so by constantly inspecting the assets' access permissions configurations, analyzing gaps between the current and desired permission level, suggests the needed changes to the configuration, and performs these changes if approved by the user." Solvo's Co-founder and CEO, Shira Shamban To present the most relevant and updated data about permission levels and potential risks derived from permission level gaps, Solvo's IAMagnifier offers visual experience, which turns boring tables and records into easy to comprehend mapping of connections and dependencies between Roles, Policies, assets and users. The IAMagnifier also highlights what its analyzer has declared as "excessive permissions", and suggests an alternative, least-privileged permission policy, which can then be enforced by the user just by approving the suggestion. Unlike traditional infrastructure default definitions or human-set definitions, the "excessive" permission status definition and the alternative permission suggestion the IAMagnifier highlights and suggests are derived from analyzing actual real behaviour of the application and finding the balance between preventing unrequired access by irrelevant stakeholders, and keeping an uninterrupted workflow for relevant stakeholders (i.e least-privileged). Sylvie Veilluex, Solvo's advisor and former CIO of Dropbox, added: "The team has been offering early access to the IAM Magnifier to selected customers, and the feedback has been nothing short of amazing. One of the CEO whose company was using the IAMagnifier went on to declare the ability to easily see the company's security posture, and effortlessly enhance it, made scaling the company's cloud and business infrastructure frictionless and even enjoyable." Solvo's team will present IAM Magnifier during AWS' Re:Invent conference, which takes place in Las Vegas, NV, between November 29th and December 3rd, 2021. Solvo will also be providing a free AWS S3 Bucket policy auditing during the conference, and visitors can schedule a meeting with the team for a chance to get back from Vegas with a win. About Solvo Solvo allows security teams to empower software developers and accelerate their cloud delivery. The developer-centric security platform creates and maintains a least-privilege security policy for cloud native applications. It adapts the security configuration to every environment, creates it from scratch and monitors for changes, integrating with existing workflows seamlessly and automatically.

Read More