Data Security

MITRE Invention to Test Cybersecurity Products Against Data Encryption Risks, Such as Ransomware

MITRE Engenuity | March 17, 2021

Miter Engenuity will survey business cybersecurity items' capacity to identify the danger presented by the gatherings normally known as Sandworm and Wizard Spider, both of whom have utilized information encryption as a vital component of their attacks. Applications for assessment are accessible through May 28.

Examiners accept that Sandworm utilized information encryption to cause more than $10 billion in harm to industry in attacks with its NotPetya malware. The gathering is additionally generally associated with attacks that have closed down the Ukrainian electrical framework on various events. Wizard Spider has purportedly utilized information encryption to take more than $150 million through ransomware attacks.

The assessments will utilize ATT&CK®, a Miter-curated information base of foe strategies, methods, and techniques that depends on distributed danger revealing. ATT&CK is openly accessible and is utilized by digital safeguards in regions including account, medical services, energy, assembling, retail, and government to comprehend enemy conduct and tradecraft.

Miter Engenuity will assess each partaking merchant's capacity to recognize the dangers presented by Sandworm and Wizard Spider in two particular situations during the assessment. All outcomes will be delivered, and the organization will permit the general population to see them completely or sifted by enemy.

Spotlight

Traditional email security products struggle to detect email impersonation threats such as BEC and targeted phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra’s Agari uses advanced data sc

Spotlight

Traditional email security products struggle to detect email impersonation threats such as BEC and targeted phishing campaigns. These threats consistently bypass defenses that rely on signatures and policies like Secure Email Gateways and native-cloud email filters. This guide breaks down how Fortra’s Agari uses advanced data sc

Related News

Enterprise Security, Platform Security, Software Security

Conceal Unveils MSP Community Program

Business Wire | August 01, 2023

Conceal, the leader in browser security for managed service providers, today announced the launch of its Conceal MSP Community Program. A significant highlight of this initiative is the offer of a free NFR license for Managed Service Providers (MSPs), demonstrating Conceal's commitment to strengthening its partnerships within the MSP community. Conceal continues to build on its significant traction within the MSP ecosystem, always responsive to partner feedback and striving to simplify and enhance the effectiveness of its deployment process. The Conceal MSP Community Program marks a new chapter in this ongoing dialogue, with the free NFR license aimed at enabling MSPs to fully experience and understand the power of the ConcealBrowse solution, thus facilitating its integration into their service offerings. “Our partnership with Conceal has empowered us to offer a comprehensive cybersecurity package that's second to none," declared Dave Thompson of TeamLogic IT of San Ramon, CA. "Their ConcealBrowse solution, with its cutting-edge isolation technology, has been instrumental in defending our clients against malware and ransomware. The fact that it can be easily integrated into our existing security offerings has enhanced the overall value we deliver to our clients. We're proud to work with a partner who shares our commitment to cybersecurity resilience.” Furthermore, Conceal recognizes the cybersecurity challenges small to mid-sized companies face, notably ransomware and credential theft. Through the Conceal MSP Community Program, MSPs will be in a stronger position to offer innovative solutions to these threats. ConcealBrowse can easily be integrated into existing security packages or function as a standalone solution for companies lacking protection, thereby increasing overall cybersecurity resilience within limited budgets. About Conceal Conceal’s primary offering, ConcealBrowse, harnesses a sophisticated intelligence engine that works at machine speed with near-zero latency. It dynamically and transparently pre-processes and analyzes code, migrating suspicious, unknown, and risky browser activity to a secure cloud-based isolation environment. Conceal enables organizations to protect users from malware and ransomware at the edge. The Conceal Platform employs Zero Trust isolation technology to defend against sophisticated cyber threats. Globally, organizations of all sizes depend on Conceal to ensure their users and IT operations remain secure and isolated from potential attacks. For more information, visit https://conceal.io/. About TeamLogic IT TeamLogic IT is a national provider of advanced technology solutions for companies of all sizes. Local offices provide clients with the IT support they need to run their businesses more efficiently by leveraging the latest technology solutions, including managed IT services, cybersecurity, business continuity, cloud services, mobility solutions, unified communications, and consulting and support. With more than 150 independently owned and operated locations across North America, TeamLogic IT helps companies minimize downtime and improve productivity.

Read More

Cloud Security

IBM Broadens its Cloud Security Services and Compliance Center

IBM | September 08, 2023

IBM has announced the expansion of its Cloud Security and Compliance Center to help enterprises protect data and mitigate risk across their hybrid, multi-cloud environments and workloads. With the addition of the latest solutions, IBM's solution suite now goes beyond compliance posture management and workload protection. It now includes application-level security capabilities. IBM Cloud Security and Compliance Center suite offers benefits, including intelligent automation technology, expanded compliance, and visibility into third- and fourth-party risk posture, among others. IBM, a global technology innovator at the forefront of automation, AI, and hybrid cloud solutions, has unveiled the expansion of the IBM Cloud Security and Compliance Center. This suite offers a range of updated cloud security and compliance solutions carefully designed to aid enterprises in mitigating risk and safeguarding data within their hybrid, multi-cloud environments and workloads. As organizations grapple with emerging threats along the supply chain and navigate evolving global regulations, this solution suite stands as a pillar of support for their resilience, performance, security, and compliance requirements, all while aiding in the reduction of operational costs. IBM's newly introduced Cloud Security and Compliance Center Data Security Broker solution offers a transparent data encryption layer. It utilizes format-preserving encryption and anonymization technology to safeguard sensitive data used in business applications and AI workloads. Rohit Badlaney, General Manager at IBM Cloud Product and Industry Platform, said, The expansion of the IBM Cloud Security and Compliance Center displays our continued focus on industry-specific capabilities that assist in addressing real world business challenges for our clients. For ex., clients have the ability to employ the IBM Cloud Framework for Financial Services, which can enable them to address evolving rules, laws and regulations surrounding cloud risk. The new capabilities demonstrate our commitment to supporting clients on their hybrid cloud modernization journeys, designed for security, privacy, compliance, and trust at the forefront of our product roadmap. [Source – Cision PR Newswire] IBM Cloud has a long history of working with client companies in financial services and other highly regulated sectors, especially when it comes to assisting them to drive innovation while securing their sensitive data, added Badlaney. In combination with the IBM Cloud Security and Compliance Center Data Security Broker, the upgraded suite of the IBM Cloud Security and Compliance Center will introduce a number of new features. These additions are intended to aid clients, especially those operating in regulated industries, in meeting security, compliance, and data residency requirements specific to their industry. Key features due to the expansion of IBM Cloud Security and Compliance Center: Intelligent automation technology Expanded compliance Enhanced Cloud Security Posture Management (CSPM) Optimized Cloud Workload Protection Platform (CWPP) Improved Cloud Infrastructure Entitlements Management (CIEM) Enhanced visibility into third- and fourth-party risk posture Frank Dickson, VP of Security and Trust at IDC, said, As more companies adopt a hybrid, multi-cloud approach to managing applications of all sorts across PaaS, SaaS, IaaS and on-premises, centrally automated and managed technologies that can execute security and compliance capabilities at scale are required. The IBM Security and Compliance Center addresses this requirement for holistic protection – which is especially crucial for organizations in highly regulated sectors that manage sensitive data, such as financial services – regardless of the application within which the data may live. [Source – Cision PR Newswire]

Read More

Enterprise Security, Platform Security, Software Security

Detectify Improves Attack Surface Risk Visibility With New IP Addresses View

Business Wire | August 14, 2023

Detectify, the leading External Attack Surface Management platform powered by elite ethical hackers, today announced enhancements to its platform that can significantly help to elevate an organization’s visibility into its attack surface. Many organizations need help gaining visibility into the IP addresses across their whole environment. Detectify's new capabilities enable organizations to uncover unauthorized assets and ensure regulatory compliance. The attack surface has grown exponentially, not least in how decentralized organizations have become. Over 10% of Detectify customers are hosting data across three continents, illustrating how their products and services are more global than ever. Detectify also notes that 30% of their customer base is leveraging more than 5 service providers, which reflects the growing trend in vulnerabilities as a result of human errors, like server misconfigurations. Moreover, organizations are quickly expanding their digital footprint, with 73% of Detectify customers using IPv6 addresses. With the introduction of the new IP Addresses view, Detectify users gain seamless access to a comprehensive list of all IPs associated with their domains, accompanied by valuable insights, including hosting provider details, geographical locations, and Autonomous System Numbers (ASNs). This update is further complemented by interactive charts, enabling users to detect outlier countries or providers, and streamlining the process of identifying potential security concerns. "It's not uncommon for our customers to encounter instances where unauthorized geolocations are used to spin up new machines or witness sudden spikes in hosting activities from approved countries,” said Danwei Tran Luciani, Interim VP of Product at Detectify. “These anomalies can expose organizations to risk, particularly when traditional automated detection methods fall short. Our new IP Addresses view empowers security teams to proactively address these challenges, strengthening their overall cybersecurity posture." Detectify's new IP Addresses view provides security teams with tangible benefits to navigate complex attack surfaces, such as: Uncovering unauthorized assets: For organizations with large attack surfaces, this capability allows users to identify unauthorized assets hosted by unapproved vendors. By instantly detecting an asset being hosted by a non-approved provider, security teams can take swift action and mitigate potential threats. Ensuring regulatory compliance: For businesses operating in highly regulated environments where compliance is paramount, the new view is critical in determining the hosting locations of specific customer data. This enhanced visibility ensures adherence to regulatory requirements and fortifies data privacy measures. The new IP Addresses view is now available to all Detectify customers, reinforcing the company's commitment to empowering security teams with cutting-edge solutions to safeguard organizations’ ever-evolving attack surfaces. For more information visit www.detectify.com About Detectify Detectify sets the standard for External Attack Surface Management (EASM), providing 99.7% accurate vulnerability assessments. Product security and AppSec teams trust Detectify to expose exactly how attackers will exploit their Internet-facing applications. The Detectify platform automates continuous real-world, payload-based attacks crowdsourced through its global community of elite ethical hackers, exposing critical weaknesses before it’s too late. Go hack yourself: detectify.com.

Read More