DATA SECURITY
CompTIA | August 05, 2021
Advanced cybersecurity threat analysis and intelligence capabilities are now available from the CompTIA Information Sharing and Analysis Organization (ISAO) through an expanded collaboration with global next-generation cybersecurity leader Sophos and it industry-leading and highly acclaimed threat research lab, SophosLabs.
The announcement of the new cyber capabilities was made today by CompTIA, the nonprofit association for the information technology (IT) industry and workforce.
CompTIA ISAO members can directly submit suspicious URLs and files through the ISAO's Cyber Forum to SophosLabs Intelix™ for rapid analysis to determine if they are known or zero-day cybersecurity threats. SophosLabs Intelix combines petabytes of threat intelligence derived from decades of SophosLabs threat research with Sophos AI tools and techniques, bringing a powerful new source of threat intelligence to the CompTIA ISAO and its managed services provider (MSP), vendor, distributor, and associate members.
"SophosLabs research illustrates how adversaries are constantly changing their tactics, techniques and procedures (TTPs) to breach targets, move laterally and carry out ransomware and other attacks," said Simon Reed, senior vice president, SophosLabs. "The only way to effectively fight modern cybercrime is if we do it together. That's why Sophos is committed to sharing actionable threat intelligence with the CompTIA community. This new integration gives member organizations advanced abilities to quickly investigate suspicious URLs and files to determine their risk and to understand what happens if they are opened or executed. Powered by machine learning, SophosLabs Intelix predictively convicts never-before-seen threats, and is constantly improving based on the collective input of community intelligence."
"This is a real differentiator for our members, who can access a powerful analysis resource to identify, classify and prevent threats, further protecting themselves and more importantly, their customers," said MJ Shoer, senior vice president and executive director of the CompTIA ISAO.
The new integration expands Sophos' support of the CompTIA ISAO. As a Silver Industry Partner, Sophos has been contributing detailed threat analysis from SophosLabs Uncut to the CompTIA ISAO.
"This is a significant addition to the resources available to our members," Shoer added. "It is the latest example of the support that industry partners such as Sophos have for the CompTIA ISAO, and the commitment we all have to make the industry more secure."
The CompTIA ISAO is a community of nearly 1,200 member companies that share best practices, cyber threat intelligence, educational content and more to help address ever-evolving cyber threats. Working closely with public and private cybersecurity agencies and organizations, the CompTIA ISAO is helping its members understand the threat landscape, defend against current and future attacks and raise cybersecurity awareness throughout the global tech industry.
About CompTIA
The Computing Technology Industry Association (CompTIA) is a leading voice and advocate for the $5 trillion global information technology ecosystem; and the estimated 75 million industry and tech professionals who design, implement, manage, and safeguard the technology that powers the world's economy. Through education, training, certifications, advocacy, philanthropy, and market research, CompTIA is the hub for advancing the tech industry and its workforce.
About Sophos
Sophos is a worldwide leader in next-generation cybersecurity, protecting more than 500,000 organizations and millions of consumers in more than 150 countries from today's most advanced cyberthreats. Powered by threat intelligence, AI and machine learning from SophosLabs and SophosAI, Sophos delivers a broad portfolio of advanced products and services to secure users, networks and endpoints against ransomware, malware, exploits, phishing and the wide range of other cyberattacks. Sophos provides a single integrated cloud-based management console, Sophos Central – the centerpiece of an adaptive cybersecurity ecosystem that features a centralized data lake that leverages a rich set of open APIs available to customers, partners, developers, and other cybersecurity vendors. Sophos sells its products and services through reseller partners and managed service providers (MSPs) worldwide. Sophos is headquartered in Oxford, U.K.
Read More
DATA SECURITY
CFGI | May 26, 2021
CFGI, a leading provider of Accounting Advisory, Cybersecurity and IT Risk Advisory solutions, and SecurityScorecard, the worldwide leader in cybersecurity ratings, today announced a new partnership to streamline and strengthen how organizations manage their cybersecurity and third-party risk through the use of Security Ratings.
CFGI has partnered with SecurityScorecard to non-intrusively evaluate an organizations' cybersecurity using an 'outside-in methodology. This approach enables CFGI to monitor and update the cybersecurity ratings of our clients in a very continuous manner. With these cybersecurity ratings and the extensive information on which they are based, organizations are presented with valuable information for assessing compliance with industry-leading cybersecurity risk standards.
As a SecurityScorecard managed security services provider (MSSP), CFGI will be delivering industry-leading cybersecurity ratings to clients to enhance their security posture, ensure adherence to regulatory requirements, and continuously monitor third-party risk. This partnership comes at a time when risk and compliance teams are experiencing unprecedented pressure to successfully manage their own and third-party risk, due to changing regulatory requirements, higher numbers of vendors, and more pressure from the board of directors. Heightened regulatory scrutiny has created the necessity for next-generation solutions to assist organizations in better manage the risk posed by their business partners. With the partnership between CFGI and SecurityScorecard, organizations can now be aware of cybersecurity gaps and advised on what is needed to fill them.
What value do CFGI clients receive?
• Technical dashboards and detailed reports with your most critical risk factors.
• Easy-to-read board-level reports and workflow tools for cybersecurity assessments.
• Risk remediation advisory services by CFGI, whose experts work closely with your technology teams or third parties.
• Ability to view your historical vulnerabilities and threats for continued improvement.
• Ability to quantify and demonstrate your return on security investments.
• Ability to benchmark your cybersecurity current state against industry peers and competitors.
About CFGI
CFGI, a portfolio company of The Carlyle Group, is a highly specialized financial consulting company that supports the office of the CFO with all its accounting, finance, risk management, and digital transformation needs. As an extension of your SOX, internal audit, corporate finance, or cybersecurity team, CFGI can serve in a variety of capacities – from technical accounting or finance transformation advisor to IPO and M&A support to controller or CFO.
Read More
SOFTWARE SECURITY
silicon | November 09, 2020
Occupant Evil and Street Fighter creator Capcom hit by assault that upsets inside frameworks, while scientists state Ragnar Locker ransomware bunch is to be faulted
Japanese game creator Capcom has been hit by a security break that has disturbed its inner frameworks.
Industry watchers said the assault may likewise have prompted the burglary of touchy corporate information, with Capcom apparently having been focused by the Ragnar Locker ransomware gathering.
Capcom creates a portion of the gaming business' most popular titles, including Resident Evil and Street Fighter.
The organization said it got mindful of the assault on Monday, 2 November, when it started encountering disturbance to interior frameworks including email and record workers.
Disruption
“Beginning in the early morning hours of November 2, 2020 some of the Capcom Group networks experienced issues that affected access to certain systems, including email and file servers,” the company said in an official statement.
It said it had confirmed the disruption was due to “unauthorised access carried out by a third party”.
Capcom said it handicapped parts of its organization to stop the assault's advancement.
Toward the week's end the organization said it was proceeding to encounter email and web structure correspondences issues because of the assault's impacts on its workers.
Capcom additionally said it was incidentally unfit to react to archive demands.
The organization said there was no sign "as of now" that client data had been taken, and said internet ongoing interaction was not influenced.
The game creator added that it is doing an examination with law requirement, while taking measures to reestablish its frameworks.
Ragnar Locker
A few security scientists said the assault was crafted by the Ragnar Locker ransomware pack.
In a payment note distributed by Bleeping Computer, the pack professed to have taken 1TB of decoded inward information from workers in Canada, Japan and the US, and said it would delivery or sell the information if Capcom didn't pay a payment.
The payoff note was apparently joined by screen captures of documents including representative end arrangements, Japanese international IDs, bank and temporary worker explanations and Active Directory clients.
The note connected to a 24MB chronicle with additional archives including NDAs, pay bookkeeping pages, corporate interchanges and sovereignty reports.
The information in the report was taken from a ransomware test recouped by analyst Pancak3, who affirmed the contribution of Ragnar Locker by means of Twitter.
As indicated by Pancak3, the pack professes to have encoded 2,000 gadgets on Capcom's organizations and is requesting $11 million (£8.3m) in Bitcoin to unscramble them.
Information robbery
In the payoff note, Ragnar Locker claims it will erase the taken information on installment of a payment. Nonetheless, law implementation specialists prompt associations not to pay such payments as there is no assurance the hoodlums will hold to their promise.
This year Ragnar Locker has completed significant hacks on Portuguese energy monster Energias de Portugal (EDP), requesting a $10.9m payment, and French coordinations organization CMA CGM, which prompted critical disturbance of the organization's activities.
Analysts have noticed an expanding pattern toward joining ransomware assaults with the burglary of delicate corporate records.
In April the DoppelPaymer posse delivered archives taken from contractual workers to SpaceX, Tesla, Boeing, Lockheed-Martin and the US Navy after their objectives wouldn't pay ransoms.
Read More