New Honeywell Forge Features Help Protect Facilities From Cyber Threats Associated With Remote Operations

Honeywell | June 25, 2020

Honeywell (NYSE: HON) today announced the latest release of its Forge Cybersecurity Suite that includes several enhancements to help ensure business continuity in the face of mounting cyberthreats, uncertain global business conditions and continued supply chain disruption associated with remote operations. The new Honeywell Forge Cybersecurity Suite release (R200) incorporates new features such as enhanced industrial-grade remote access, increased asset discovery capabilities with active and passive functionality and improved cybersecurity risk monitoring. The enhancements come as more industrial organizations are embracing remote operations to effectively manage facilities with reduced numbers of onsite personnel due to current safety restrictions. A new Honeywell report indicates that the severity of cyber threats detected to operational technology (OT) systems has risen by significant amounts in a 12-month period.

Spotlight

The GandCrab ransomware attacks are some of the most prevalent ransomware threats of 2018. In recent months, the GandCrab attackers were able to infect more than 50,000 victims and generate more than $600,000 in ransom payments from victims [1]. Securonix Threat Research Team has been actively investigating and closely monitoring these high-profile malicious attacks to help our customers prevent, detect, and mitigate/ respond to the attacks.

Spotlight

The GandCrab ransomware attacks are some of the most prevalent ransomware threats of 2018. In recent months, the GandCrab attackers were able to infect more than 50,000 victims and generate more than $600,000 in ransom payments from victims [1]. Securonix Threat Research Team has been actively investigating and closely monitoring these high-profile malicious attacks to help our customers prevent, detect, and mitigate/ respond to the attacks.

Related News

SOFTWARE SECURITY

Novel approaches to satisfy the demand for comprehensive cybersecurity are required

prnewswire | December 30, 2020

These days, a broad layer of cybersafety is frequently needed for business foundation or government organizations to secure delicate data and shopper information. Truth be told, the worldwide network protection market size generally speaking was esteemed at USD 156.5 Billion out of 2019 and is relied upon to extend at a build yearly development rate (CAGR) of 10.0% from 2020 to 2027, as per information by Grand View Research. At present, however, the most recent Russian hack, which is being known as the biggest demonstration of surveillance in U.S. history, is being investigated by specialists and network safety firms to decide the extent of the danger. As per a report by the Associated Press, the hack bargained government organizations and "basic framework" in a refined assault that was difficult to recognize and will be hard to fix, the Cybersecurity and Infrastructure Security Agency said in an unordinary notice message. The country's online protection organization additionally cautioned of a "grave" danger to government and private organizations. Plurilock Security Inc. , Qualys, Inc. , CyberArk Software Ltd, Absolute Software Corporation (NASDAQ: ABST), Fortinet, Inc. A few tech organizations, including Microsoft, have additionally remarked on the hack, with the innovation aggregate clarifying in a blogpost that "it's important that we venture back and evaluate the noteworthiness of these assaults in their full setting. This isn't 'undercover work not surprisingly,' even in the advanced age. All things being equal, it speaks to a demonstration of foolishness that made a genuine mechanical weakness for the United States and the world. In actuality, this isn't only an assault on explicit targets, yet on the trust and unwavering quality of the world's basic framework to propel one country's insight organization." Plurilock Security Inc. declared recently that the organization gave, "frictionless and persistent validation utilizing AI and conduct biometrics, is satisfied to give the accompanying corporate update to the final quarter of 2020. Industry Outlook Online protection is a critical component for associations with profound security needs, for example, medical care and monetary administrations organizations. Given the idea of late cyberattacks that focus on these associations, the requirement for cutting edge online protection arrangements will increment and as per Cyber Security Ventures, Global Cybersecurity spending is anticipated to surpass $1 Trillion USD from 2017-2021. In anticipation of the foreseen development in the online protection area, Plurilock has unveiled some critical advancements since going this year to address and benefit from this worldwide chance. Key Developments Public Listing On September 24th, 2020, the Company started exchanging on the TSX Venture Exchange under the ticker PLUR in the wake of finishing a passing exchange ("QT") with Libby K Industries, Inc. on September 17, 2020. Plurilock likewise finished a simultaneous financing with the QT, which saw the Company effectively raise $2.6 million. The simultaneous financing was driven by PI Financial and included Industrial Alliance Securities. Master Advisory Board and Advisors The Company amassed an Advisory Board comprising of innovation area specialists to give direction to Plurilock on arranging and executing key activities while quickening the development of the Company. Individuals from the Advisory Board incorporate Dr. Issa Traoré, Ph.D., Merv Chia and Mark Orsmond. Moreover, the Company named two veteran worldwide security pioneers, Gaétan Houle and Chris Pierce as guides to the Company. Mr. Houle has held different security influential positions in legitimate government offices, for example, the Canadian Federal Government, Department of National Defense and the previous Department of Foreign Affairs, presently known as Global Affairs Canada. Mr. Penetrate is a refined chief and expert who administered the global division of Booz Allen Hamilton Holding Corporation and drove the improvement of Booz Allen's worldwide business system. Organizations and Relationships Another item joint effort with personality and access the executives ("IAM") supplier Gluu, including the consideration of local Plurilock uphold in standard Gluu discharges going ahead. The administrations of Government Sales Specialists, LLC, a re-appropriated bureaucratic deals office, were held by the Company to develop its pipeline of government deals. Consummation of the primary achievement of a US$198,000 contract with the US Department of Homeland Security, for which the Company got US$70,000. A significant US monetary administrations firm granted a US$42,000 yearly repeating agreement to Plurilock to convey the Company's center verification arrangements. Confirmation and Compliance Program – The Company dispatched its new affirmation and consistence program in November 2020, connecting exceptionally respected robotized security and consistence firm Vanta Inc. to offer warning types of assistance in quest for System and Organization Controls 2 ("SOC2") standard consistence. Center Product Initiatives and Updates The Company occupied with and dispatched various item related things and activities, including: The dispatch of Plurilock's new versatile applications for iOS and Android, presently accessible for download on the Apple App Store and Google Play Store, individually. Arrival of another rendition of Plurilock's center ADAPT and DEFEND programming stage adding support for big business climate intermediary administrations, new forms for Mac OS, and upgraded worker unwavering quality. The dispatch of a re-designed client care and backing experience to advance issue mean-opportunity to-goal ("MTTR") and quicken customer help accessibility. 2021 Outlook - During 2021, the Company intends to keep zeroing in on various activities to drive its development methodology including: Vital M&A movement with an emphasis on beneficial associations with which the Company can strategically pitch existing high edge Plurilock items Natural deals development through set up channel accomplices and an immediate deals power Further interest in the organization's MFA validation innovation and IP portfolio Extra stage reconciliations that can grow deals Speculator mindfulness activities "2020 was an exciting year for the team at Plurilock as we completed a number of milestones, including a successful public listing on the TSXV in September," said Ian Paterson, CEO of Plurilock. "Despite the headwinds of the pandemic, we have seen an increase in enterprise customers looking to secure their infrastructure from cyber threats. Given the growth outlook of the sector, we believe in 2021 the team we have assembled will enable us to grow organically through direct sales to enterprise customers while we seek to strategically deploy resources through acquisitions." About Plurilock - Plurilock is an inventive, personality driven online protection organization that decreases or dispenses with the requirement for passwords, additional validation steps, and awkward verification gadgets. Plurilock's product use best in class social biometric, ecological, and relevant advances to give undetectable, versatile, and hazard based confirmation arrangements with the most reduced conceivable expense and multifaceted nature. Plurilock empowers associations to figure securely and with true serenity. Qualys, Inc. detailed a week ago its examination group, utilizing the Qualys Cloud Platform, has distinguished 7.54 million weaknesses identified with FireEye Red Team appraisal devices and traded off renditions of SolarWinds Orion, followed as Solorigate or SUNBURST, across its 15,700-part client base. Of the weaknesses recognized, scientists noticed that across 5.29 million special resources most are identified with the FireEye Red Team devices. These discoveries feature the extent of the potential assault surface if these apparatuses are abused. The examination group additionally recognized that 99.84% of the 7+ million weakness examples are from eight weaknesses in Microsoft programming that have patches accessible. CyberArk Software Ltd. detailed a month ago that it is working with Forescout and Phosphorus to empower associations to make sure about the expanding number of IoT gadgets and innovations coming about because of advanced business change. Clients can altogether diminish hazard utilizing the joint mix to constantly find, make sure about and oversee IoT gadgets associated with corporate organizations. CyberArk holds the most complete arrangement of restricted admittance the board related affirmations and accomplishments for the public authority area, including global Common Criteria accreditation by the National Information Association Partnership (NIAP). CyberArk is additionally remembered for the U.S. Branch of Defense Information Network Approved Products List (DoDIN APL) and the U.S. Armed force Certificate of Networthiness (CoN) under the Cybersecurity Tools (CST) gadget type (Tracking Number (TN) 1712401). The CyberArk Privileged Account Security Solution has been freely approved and granted an Evaluation Assurance Level (EAL) 2+ under the Common Criteria Recognition Agreement (CCRA). CyberArk helps government organizations meet consistence necessities including FISMA/NIST SP 800-53, Phase 2 of the Department of Homeland Security Continuous Diagnostics and Mitigation (CDM) program, NERC-CIP, HSPD-12 and that's only the tip of the iceberg. Total Software Corporation declared a month ago new capacities that furnish IT and Security groups with cutting edge bits of knowledge into programming and web utilization across their circulated endpoint gadget armadas. With supreme's new Software Inventory and Web Usage investigation, associations can boost returns on programming ventures and discover possible cost reserve funds; help guarantee representatives have the instruments they need to work beneficially and safely from anyplace; and distinguish potential security weaknesses or vulnerable sides emerging from unsanctioned, unreliable applications or web content. "With gadgets remaining generally off-network in the new universe of far off and cross breed work models, IT offices face numerous difficulties with regards to having a total image of what programming has been bought and conveyed, regardless of whether the applications being utilized are endorsed or completely refreshed, and where they may have holes in security or profitability," said Ameer Karim, EVP of Product Management at Absolute. Fortinet, Inc. declared recently new reconciliations with Amazon Web Services (AWS) to additionally furnish clients with cutting edge security across their cloud stages, applications, and organization. Fortinet's cloud security arrangements – including its virtual cutting edge firewall, FortiGate VM a

Read More

DATA SECURITY

CRITICALSTART Partners with Managed Detection and Response Provider RangeForce

businesswire | January 11, 2021

RangeForce, the organization that is changing network safety preparing, today declared an association with Texas-based CRITICALSTART, a main online protection supplier of Managed Detection and Response (MDR) administrations. Under terms of the understanding, CRITICALSTART will give the RangeForce intelligent network safety preparing stage to its clients. RangeForce's double way to deal with digital preparation joins cyberskills recreation modules with a completely incorporated digital reach in a SaaS climate. This mix permits security experts and groups to constantly prepare and shield against genuine assaults in an active and connecting with climate. “We are excited to partner with RangeForce to address the cybersecurity training needs of our customers,” said Tera Davis, Managing Director, CRITICALSTART. “Their approach to cyber simulation can fulfill the unique needs of organizations of all sizes.” RangeForce clients generally start their excursion with on-request preparing modules conveyed through job based, prescriptive learning ways. From that point, students keep on taking provokes that range from fledgling to cutting edge capacities to test their aptitudes and report progress. RangeForce's preparation is a financially savvy option in contrast to conventional preparing and on-premise digital reaches. “Skills training and readiness is crucially important to cybersecurity operations for all types of organizations,” said Jackson Thibodeau, Sr. Director of Channels at RangeForce. “At RangeForce, we have a strong commitment to the channel and CRITICALSTART has a reputation and presence that will help us deliver these solutions to customers in their region.” About RangeForce RangeForce makes creating highly skilled cybersecurity defenders simple, flexible, and fast for all enterprises. Powered by the industry’s first SaaS-based, integrated cybersecurity simulation and virtual cyber range, we help customers operationalize a security training program in hours, saving up to 65% over traditional training and up to $1M annually on hosted cyber ranges. RangeForce is revolutionizing cybersecurity training with its adaptive learning to rapidly train and cross-train DevOps, IT, and security professionals, while integrating best-of-breed solutions from a growing ecosystem of RangeForce partners.

Read More

Developer-Centric Application Security Company StackHawk announces its launch of its General Accessibility

prnewswire | September 01, 2020

StackHawk, the software-as-a-service startup that empowers software engineers to easily find and fix application security bugs before they hit production, today announced it is launching into general availability. Over the past year, the product has built a strong base of Early Access customers who have automated their AppSec testing in the CI pipeline, checking for vulnerabilities on every merge. With great feedback from these early customers, StackHawk is now available to any company that wants to deliver secure software.

Read More