MITRE Invention to Test Cybersecurity Products Against Data Encryption Risks, Such as Ransomware

MITRE Engenuity | March 17, 2021

Miter Engenuity will survey business cybersecurity items' capacity to identify the danger presented by the gatherings normally known as Sandworm and Wizard Spider, both of whom have utilized information encryption as a vital component of their attacks. Applications for assessment are accessible through May 28.

Examiners accept that Sandworm utilized information encryption to cause more than $10 billion in harm to industry in attacks with its NotPetya malware. The gathering is additionally generally associated with attacks that have closed down the Ukrainian electrical framework on various events. Wizard Spider has purportedly utilized information encryption to take more than $150 million through ransomware attacks.

The assessments will utilize ATT&CK®, a Miter-curated information base of foe strategies, methods, and techniques that depends on distributed danger revealing. ATT&CK is openly accessible and is utilized by digital safeguards in regions including account, medical services, energy, assembling, retail, and government to comprehend enemy conduct and tradecraft.

Miter Engenuity will assess each partaking merchant's capacity to recognize the dangers presented by Sandworm and Wizard Spider in two particular situations during the assessment. All outcomes will be delivered, and the organization will permit the general population to see them completely or sifted by enemy.


Palantir’s Secure Collaboration offering is designed to enable secure information sharing in classified environments between U.S. allies and mission partners.


Palantir’s Secure Collaboration offering is designed to enable secure information sharing in classified environments between U.S. allies and mission partners.

Related News


Armorblox to Enhance its NLU-based Data Protection Platform

Armorblox | December 26, 2022

Contents 1. Enhancement in the Company’s Email Security Solutions 2. How is Enhancements in the Solution Benefiting the Customers? Armorblox, anemerging email security solutions provider, recently announced the inclusion of Custom Role-Based Access Controls to its innovative cloud-delivered email security platform for enhancing the maintenance of data compliance and reducing data blindspots for individuals across the organization. Not every email is the same. When it comes to incoming threats, attackers tend to focus on emails that involve sensitive credentials or valuable data. According to the Armorblox Email Security Threat Report, in 2022, 87% of credential phishing attacks looked like common corporate workflows to trick victims, and 70% of spoofing attacks got past native email security layers. Thus, Armorblox has made improvements to Armorblox Advanced Data Loss Prevention and added Custom Role-Based Access Controls to make it safer from insider threats (RBAC). 1. Enhancement in the Company’s Email Security Solutions "According to a recent Market Research Future study, the demand for email security is anticipated to exceed US$ 11 billion by 2030." Armorblox has always been committed to putting security first, and this dedication goes beyond offering a best-in-class email security solution. Armorblox Advanced Data Loss Prevention's enhanced capabilities ensure that customers' most sensitive information is reliably protected across all content types and storage mediums. Coupled with its Armorblox Custom DLP Policies, companies are now able to set automated encryption actions and exceptions for sensitive data and confidential content per department or per user. Armorblox Custom Role-Based Access Controls provide fine-grained controls to security teams, which are necessary to set restriction levels and access for individuals, teams, and groups across the organization. 2. How is Enhancements in the Solution Benefiting the Customers? Through the enhancements to the Advanced DLP solution and the addition of Custom Role-Based Access Controls to the Armorblox platform, Armorblox is supporting the security-first approach that companies require. Customers will benefit in a variety of ways, including: Custom Access Controls: Create and assign custom roles with granular permissions to groups or individuals across security teams based on their job responsibilities. Sensitive Data Encryption: Prevent unauthorized disclosure of PII, PCI, and PHI by identifying and encrypting sensitive data across emails, attachments, and documents automatically. Reduce Data Blindspots: Ensure the implementation of appropriate restrictions and access levels for employee, organization, and third-party data. About Armorblox Founded in 2017, Armorblox is an email security solutions company headquartered in California, U.S., backed by Next47 and General Catalyst. The company provides technology that secures enterprise communications over email and other cloud office applications by leveraging deep learning and natural language technologies. The Armorblox platforms connect via APIs and analyze millions of signals to comprehend the context of communications in order to safeguard individuals and data from compromise. Over 58,000 enterprises use Armorblox to prevent BEC and targeted phishing attacks, protect critical PII and PCI, and automate the repair of user-reported email threats.

Read More


Neustar Introduces UltraDDR for Enhanced DNS-based User Protection

Neustar Security Services | February 06, 2023

Neustar Security Services, a renowned cloud-based security services provider that enables global businesses to thrive online, is launching UltraDDR (DNS Detection and Response), a recursive DNS-based protection service aimed at combating ransomware attacks, network breaches, supply chain compromise and phishing while enforcing enterprise acceptable use policies for its users. UltraDDR provides a Protective DNS solution that allows businesses to move ahead of attacks by preventing communication before any harm can be done. Protective DNS analyzes DNS queries and responds to mitigate threats. UltraDDR offers real-time observability of outbound network communication using years of historical domain data, allowing organizations to detect and prevent malware, ransomware, phishing, and supply chain attacks before any damage can occur. UltraDDR can meet organizations' recursive DNS requirements. UltraDDR contains a highly dependable global recursive DNS resolution network with 27 nodes across the world, allowing for lightning-fast responses everywhere. UltraDDR is a comprehensive DNS resolver solution that includes advanced security features, including DNS over HTTPS (DoH), DNSSEC and DNS over TLS (DoT). Furthermore, the service features built-in DNS DDoS protection through Neustar Security Services' UltraDDoS Protect solution to instantly fight against attacks towards the UltraDDR DNS resolver network, guaranteeing that DNS resolution availability is not jeopardized. UltraDDR has extensive DNS firewall features to enforce acceptable usage policies for business users. For example, administrators can designate categories of internet traffic, such as gaming, adult, gambling, social media, etc., that violate business policy and block or flag this traffic to give a simple, unobtrusive means of enforcing policy. UltraDDR can be deployed within minutes to enhance a corporation's security investments, such as by integrating always-on DNS intelligence into event management and security information systems, endpoint solutions, firewalls, and more. The solution supports a client that can be installed on Windows, iOS, macOS, and Android devices that enables DNS settings to persist regardless of network connectivity and continues to provide both web categorization and threat protection. About Neustar Security Services Founded in 1996, Neustar Security Services is a leading cloud-based security services provider. The company is trusted by businesses worldwide to protect their digital infrastructure and online presence. Neustar Security Services provides a range of cloud-based services that are always safe, dependable, and accessible, allowing multinational enterprises to prosper online. The Ultra Secure portfolio of products from the firm safeguards companies' networks and apps against dangers and downtime, making sure that businesses and their customers have great and uninterrupted daily interactions.

Read More


Vijilan Announce Joining Hands with CrowdStrike Powered Service Provider Program

Vijilan Security | January 17, 2023

Vijilan, a leading provider of cybersecurity services, announced that it had become a CrowdStrike Powered Service Provider (CPSP) partner. As a CPSP partner, Vijilan will offer managed observability services and managed endpoint detection and response (EDR) powered by the CrowdStrike Falcon platform to its partner communities of managed service providers and IT professionals. CrowdStrike has transformed security with the CrowdStrike Falcon platform, a unified security platform with a single, lightweight agent that safeguards and empowers the people, processes, and technologies that drive modern enterprise. CrowdStrike protects the most important areas of enterprise risk, such as cloud workloads and endpoints, identity and data, to keep customers ahead of the latest adversaries and stop breaches. As a CPSP partner, Vijilan will provide the following: Managed Endpoint Detection and Response: With leading EDR at its center, CrowdStrike correlates third-party and native cross-domain telemetry to provide unprecedented investigative efficiency, high-confidence detections, and quick, confident responses from one unified, threat-centric command console. Managed Observability: Designed with a unique index-free architecture and advanced compression technology that reduces the amount of hardware needed, CrowdStrike Falcon LogScale is a unified log management and observability solution. It allows organizations to analyze, store, and retain log data at scale, giving them insights that can be used for various security and non-security purposes. Kevin (KayVon) Nejad, Vijilan's CEO, said, "With CrowdStrike, we are delivering better-together security solutions to businesses of any size and a last line of defense when hackers have already passed through the organization's security appliances and tools." He also added, "Vijilan complements CrowdStrike's EDR capabilities through cross correlation of telemetry data from networks, devices, users, applications and data used by most MSPs and MSSPs." (Source – Cision PR Newswire) About Vijilan Security Founded in 2014, Vijilan is a U.S.-based LLC specialized in cybersecurity threat management. With more than 20 years of experience monitoring security, Vijilan has mastered the art of finding threats and incident response. Partners of Vijilan include Managed Security Service Providers (MSSPs) and Managed Service Providers (MSPs) that deliver managed IT services to industries like banking, education, healthcare, government and manufacturing. They rely on security solutions and security experts from Vijilan to deliver managed extended Detection and Response (mXDR) for its customers in the United States, the middle east, Asia-Pacific, and Europe.

Read More