DATA SECURITY

Microsoft Exchange Server uncovered huge number of associations to cyber attack

informationsecurity | March 08, 2021

In any event 30,000 associations across the United States have been undermined through four newfound weaknesses affecting Microsoft's Exchange Server email programming.

In every occurrence, the assailants abandoned a web shell: a secret word ensured hacking apparatus that can be gotten to over the Internet from any program, giving authoritative admittance to the casualties' workers.

Microsoft delivered security updates to address the bugs on second March, and prompted clients utilizing Exchange Server to fix the frameworks as most punctual as could really be expected.

Nonetheless, apparently the updates incited the Chinese gathering - which Microsoft has named 'Hafnium' - to venture up its assaults on workers that have not been fixed.

Security scientists have now cautioned that Microsoft's security patches can't sanitize frameworks that have effectively been hacked.

Spotlight

when companies decide to start securing all internal file sharing, it may seem like a confusing and even daunting task. How can something be shareable and public while also staying secure and private? It is quite a paradox. There are various kinds of platforms when it comes to secure file sharing. Most of them require passwords to transfer or access sensitive files. But if a business needs even more protection for classified documents, a data room might be a good option. Data rooms store data, provide workspaces, and are the most secure file sharing system.

Spotlight

when companies decide to start securing all internal file sharing, it may seem like a confusing and even daunting task. How can something be shareable and public while also staying secure and private? It is quite a paradox. There are various kinds of platforms when it comes to secure file sharing. Most of them require passwords to transfer or access sensitive files. But if a business needs even more protection for classified documents, a data room might be a good option. Data rooms store data, provide workspaces, and are the most secure file sharing system.

Related News

DATA SECURITY

To speed up AI-powered Cybersecurity in the Nordic countries, Resecurity Partners with SecureIT

Resecurity | January 19, 2022

Resecurity, Inc., a cybersecurity and intelligence firm based in the United States, said it has partnered with SecureIT to bring its AI-driven cybersecurity services to the Nordic region. SecureIT, based in Iceland, is a centrally managed security services provider (MSSP) in the Nordic region, specializing in cyber security consulting, compliance, and managed security services. The Nordic region has long been a technological pioneer, producing some of the world's most innovative and lucrative technology businesses, such as Spotify, SoundCloud, Skype, and Nokia. As a result, Nordic countries dominated the top ten slots on the 2021 Network Readiness Index1, placing them among the best places in the world for technology use and creation, infrastructure, affordability, skills, and adoption. With the growth of technology in the Nordic region, cyber risk has increased, as it needs highly advanced managed cybersecurity services and trusted solution providers to secure organizations' digital ecosystems2. Resecurity has collaborated with SecureIT as a committed partner to expand its sophisticated cyber threat intelligence services and solutions to local organizations to help Nordic enterprises detect and manage cyber-attacks. "In the face of growing cyber threats in our region, it's essential Nordic enterprises invest in cybersecurity technologies and partners to secure their valuable data and networks. This is especially important as we enter an age where the threat landscapes are growing, and a good security posture is essential for sustainable business operations. SecureIT is proud to leverage Resecurity's solutions and expertise to help local organizations mitigate cyber risks," said Magnús Birgisson, CEO at SecureIT. Resecurity's products use artificial intelligence to automate the detection, evaluation, and triage of incoming cyber threats, allowing businesses to remain ahead of hackers who use advanced AI-driven strategies to target businesses at scale. In addition, to better support local partners and clients, Resecurity will extend its operations in the Nordic nations. "The Nordic region is a hub for digital innovation, and cybersecurity should be no different. At Resecurity, we're investing heavily in R&D and AI-powered innovation to give enterprises the upper hand among emerging cyber threats,We are proud to partner with a leading organization like SecureIT to provide best-in-class cyber intelligence solutions to the Nordic countries." Gene Yoo, CEO of Resecurity Cyber threat intelligence solutions from Resecurity give proactive alerts and comprehensive awareness of digital hazards aimed against an organization's ecosystem. Administrators may instantly observe in-depth analysis and artifacts gathered through the dark web, botnet activity, network intelligence, and high-quality threat intelligence data, reducing potential blind spots and security vulnerabilities. The AI-driven solutions from Resecurity are based on data that includes five billion threat artifacts, nine million threat actor profiles, and 300 million completely indexed and translated Dark Web data entries.

Read More

DATA SECURITY

The Chubb Index highlights the importance of taking more protective steps against cyber attacks by the professional services industry

prnewswire | November 24, 2020

In the most recent version of the Chubb Cyber InFocus Report, Chubb information uncovers that the expert administrations industry need to take more proactive and defensive measures against potential digital assaults. Chubb has seen a 10% expansion in digital occurrences identifying with proficient administrations organizations. These are generally email-driven associations, which means there are numerous open doors for workers to tap on noxious connections, driven by email phishing. "Most cyber attacks are coming from outside the company, leaving businesses at greater risk in the current work-from-home environment," said William A. Wise, Head of Chubb Cyber North America. "Due to the rise in incidents resulting from email phishing, employers with remote employees need to take additional steps to protect their companies against cyber threats." For example, companies should use multifactor authentication for protected data and to keep software and applications up-to-date. In addition to highlighting risks within the professional services industry, the latest Cyber InFocus report also examines: Changes in cyber vulnerability by industry since 2016. Breach sources over the last four years showing an increase in threats by external actors, including malware attacks. Cyber crime examples in the most vulnerable industries, how they were exposed and what was learned in the process. "As cyber incidents continue to evolve in complexity and focus, it's critically important that companies understand how cyber-and privacy-related incidents affect their organizations," added Anthony Dolce, Vice President, Cyber Lead, Chubb North America Financial Lines Claims. "The Cyber InFocus Report is a timely tool to help agents, brokers and companies understand the latest trends on cyber threats, helping to prevent issues from happening in the first place." Chubb's Cyber InFocus report, which previously dispatched in mid 2018, gives experiences into the impacts of digital dangers and patterns on explicit enterprises or business portions each quarter. Such knowledge depends on Chubb's utilization of outsider exploration, just as exclusive cases information from over twenty years of protecting associations against developing digital dangers. About Chubb Cyber: Chubb is a leader in insuring cyber risk. Combining industry-leading underwriting and expert third-party incident response services, Chubb offers policies that are tailored to the specific needs and risks of its clients to ensure they are ready with the tools and expertise necessary should a cyber incident occur. Moving swiftly to connect clients with the proper parties to minimize data loss is only part of what Chubb delivers. Keeping an eye on the ever-evolving cyber security landscape, Chubb looks for ways to do more for its clients by offering cutting-edge products and holistic services to every client. About Chubb With operations in 54 countries and territories, Chubb provides commercial and personal property and casualty insurance, personal accident and supplemental health insurance, reinsurance and life insurance to a diverse group of clients. As an underwriting company, we assess, assume and manage risk with insight and discipline. We service and pay our claims fairly. The company is also defined by its extensive product and service offerings, broad distribution capabilities, exceptional financial strength and local operations globally. Parent company Chubb Limited is listed on the New York Stock Exchange (NYSE: CB) and is a component of the S&P 500 index. Chubb maintains executive offices in Zurich, New York, London, Paris and other locations, and employs approximately 33,000 people worldwide.

Read More

DATA SECURITY

GoVanguard Expands Cybersecurity Capabilities with Acquisition of Gotham Security

GoVanguard | August 11, 2021

Technology security firm GoVanguard has completed it's acquisition of boutique cybersecurity company, Gotham Security. The move positions GoVanguard to expand its leadership in the cybersecurity sector, building its team and expertise to help clients' increasing need to prevent and mitigate emergent threats, such as ransomware attacks. The move comes as a natural extension of GoVanguard's mission to advance security awareness and provide elite-level cybersecurity services to its clients. GoVanguard services a wide range of industries looking to secure their business. Clients include Odyssey Group, nTopology, Insurance Technologies and Abacus Group, as well as several international businesses, medium sized companies and small local firms, spanning organizations across the financial, healthcare, insurance and technology industries. GoVanguard has built its reputation through its approaches to adversary simulation, risk reduction, threat management, and information security strategy. The acquisition completes the company's suite of offerings by acquiring a five-year partner and industry leader in red-teaming and pentesting—two essential services for companies protecting against security threats and staying ahead of risks to business information. "As threat actors become more sophisticated, it's become obvious that the best defense is to go on the offensive. Adversary simulation has become increasingly valuable for organizations looking to quickly gauge and improve their security position. Afterall, if you can't measure it, you can't improve it," said Mahdi Hedhli, GoVanguard CEO. "Gotham Security has been a close partner for years and this was a natural next step to allow our red-teaming experts to take our clients' defenses to the next level and continue our dedication to finding the security gaps before cybercriminals do." Underscoring the commitment to quality and continuity, Blake Shalem, Gotham Security COO, will be joining GoVanguard as its Chief Customer Officer. Blake said that the move will not only enhance services and expand resources to new and existing clients, it will also provide opportunities to further develop team members in the ever-evolving space of cybersecurity. "This move allows us to elevate what we do best, which translates to a superior class of protection for our clients," said Blake. Recent attacks on Kaseya, thousands of Microsoft Exchange Servers, Colonial Pipeline, JBS, a nuclear contractor, and a U.S. Congressional vendor, spotlight the brazenness and sophistication of cybercriminals, who are constantly probing for new angles of attack. Meanwhile, ransomware is becoming an increasingly lucrative venture for threat actors. The institute for Security and Technology estimates that U.S. companies paid out about $350 million in 2020, a year-over-year increase of 171 percent in the average ransomware payment. GoVanguard's acquisition of Gotham Security positions clients to remain a step ahead of the criminals, specifically in the areas of red-teaming and pentesting to help companies eliminate existing vulnerabilities before cybercriminals strike. "We're doubling down on our commitment to improve the cybersecurity landscape by honing our focus on red teaming," Hedhli said. "We feel this is the area where GoVanguard makes the biggest impact for our clients and the industry as a whole." About GoVanguard GoVanguard is a cybersecurity firm based in New York City dedicated to providing world class services with actionable results. The company's innovative team of technology and cybersecurity experts specialize in emulating sophisticated cybercriminals to find gaps in business security before criminals do. Using attack simulation, risk reduction, threat management and compliance and strategy guidelines, the company has been working toward its mission of developing security awareness and protection for organizations across the financial, healthcare, insurance, technology and other business enterprises across the U.S. for nearly a decade.

Read More