SOFTWARE SECURITY

Trend Micro Detected Nearly 13 Million Malware Events Targeting Linux-based Cloud Environments

Trend Micro Incorporated | August 24, 2021

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today released new research on the state of Linux security in the first half of 2021. The report gives valuable insight into how Linux operating systems are being targeted as organizations increase their digital footprint in the cloud and the pervasive threats that make up the Linux threat landscape.

As of 2017, 90% of public clouds workloads ran on Linux. According to GartnerÒ, "Rising interest in cloud-native architectures is prompting questions about the future need for server virtualization in the data center. The most common driver is Linux-OS-based virtualization, which is the basis for containers.1"

Linux allows organizations to make the most of their cloud-based environments and power their digital transformation strategies. Many of today's most cutting-edge IoT devices and cloud-based applications and technology run on some flavor of Linux, making it a critical area of modern technology to secure.

"In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority," says John Breen, Global Head of Cybersecurity at Flowserve. "We'll continue to work closely and collaborate with Trend Micro to ensure our people and our company remain protected."

"It's safe to say that Linux is here to stay, and as organizations continue to move to Linux-based cloud workloads, malicious actors will follow," said Aaron Ansari, vice president of cloud security for Trend Micro. "We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on."

The report revealed that most detections arose from systems running end-of-life versions of Linux distributions, including 44% from CentOS versions 7.4 to 7.9. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months. This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.

Spotlight

Insights for CISO on Their ASM Journey The idea of an attack surface is not new, but how organizations and CISOs need to view their attack surfaces should be updated. Traditionally, IT has looked at an organization's attack surface from the inside out, asking questions like “What are the assets that connect to the wider internet

Spotlight

Insights for CISO on Their ASM Journey The idea of an attack surface is not new, but how organizations and CISOs need to view their attack surfaces should be updated. Traditionally, IT has looked at an organization's attack surface from the inside out, asking questions like “What are the assets that connect to the wider internet

Related News

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

ReliaQuest Announces Launch of GreyMatter Phishing Analyzer

ReliaQuest | March 08, 2023

On March 7, 2023, ReliaQuest, a leading firm specializing in security operations, announced the addition of Phishing Analyzer to its GreyMatter platform, which is now available globally. This capability automates the entire abuse-mailbox management process, reducing the risk of phishing attacks by analyzing suspicious emails, taking remedial action, and sending follow-up notifications to users. Phishing attacks are a persistent and time-consuming issue, and although many organizations have Secure Email Gateways (SEGs) to combat email-based threats, malicious emails still manage to get through. Most phishing emails trick users into sharing valuable information, leading to costly Business Email Compromise (BEC) incidents that have cost organizations over $43 billion since 2016. In response, organizations are increasing their phishing awareness programs to empower contractors, employees and partners to help the security team battle against email phishing. However, the constant need for vigilance and alertness can lead to alert fatigue and burnout among employees. Even when users spot phishing emails, they need a way to notify security teams to prevent email-based attacks. GreyMatter Phishing Analyzer automates this process, allowing security teams to evaluate email-based threats in order to determine how they are gaining access and who has been affected, potentially saving thousands of hours and reducing employee dissatisfaction. GreyMatter Phishing Analyzer removes the burden of the abuse-mailbox by automatically analyzing reported emails to determine whether they are malicious or benign. If malicious, the reported email is removed from the user's inbox, as well as other matching emails from across the organization. Additionally, the tool enables security teams to see the full scope of the phishing attack without leaving the platform, and ReliaQuest's machine-learning capabilities speed up the analysis process, identifying phishing campaigns targeting the organization by matching against duplicate and similar emails across the organization. Once thoroughly analyzed, the tool automatically sends an analysis report to the security team and an analysis decision (benign or malicious) to the reporter, enabling security teams to add security controls for stronger protection. Overall, GreyMatter Phishing Analyzer can help organizations reduce the risk of phishing attacks and allow their employees to protect their organization better. About ReliaQuest ReliaQuest is a leading firm that boosts security operations. Its platform, GreyMatter, automates detecting, investigating, and responding to security threats across different tools and applications, including cloud, endpoint, and on-premise environments. The company has established a global presence, serving more than 700 customers, with 1,200 professionals spread across six operating centers worldwide. Its primary objective is to enable businesses to achieve their security goals. Trusted by numerous Fortune 1000 organizations, ReliaQuest supports risk management and initiative acceleration. It maintains a significant international footprint as a privately held entity headquartered in Tampa, Florida.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

NEXTGEN Group Inks Distribution Agreement with Stellar Cyber in Philippines

Businesswire | April 17, 2023

NEXTGEN Group Philippines today announced a strategic partnership with Stellar Cyber, an innovator of Open XDR. The Philippines is home to a growing number of businesses that are increasingly vulnerable to cyber-attacks. In response to this growing threat, NEXTGEN Group has partnered with Stellar Cyber to offer a suite of cybersecurity solutions that will sit alongside NEXTGEN’s diverse and complementary best-of-breed vendor portfolio leveraging their Open XDR platform. “Partnering with Stellar Cyber allows us to provide our channel partners with a cybersecurity solution that combines the best technologies with expertise, capability and an advanced channel services model from NEXTGEN," said Jenny Diamzon, Managing Director, Cyber Security and Data Resiliency, NEXTGEN Philippines. “Stellar Cyber will be supported by our go-to-market teams and our in-house cybersecurity professionals and proprietary CyberLab platform. We are confident that this collaboration will allow us to help our partners and customers navigate the challenges they face with ransomware and cyber-attacks.” Stellar Cyber's Open XDR platform combines multiple security technologies into a single, unified platform, providing organizations with a complete view of their security posture. With advanced threat detection and response capabilities, the platform helps organizations stay ahead of the curve and proactively defend against cyber-attacks. “We are excited to partner with NEXTGEN Group to bring our advanced cybersecurity solutions to the Philippines market,” said Jim O'Hara, CRO of Stellar Cyber. “Our partnership will enable organizations in the region to enhance their cybersecurity posture and better protect their sensitive data leveraging our Open XDR platform.” The partnership is effective immediately, and interested parties can contact NEXTGEN Group to learn more about the advanced cybersecurity solutions that are available. About NEXTGEN Group The NEXTGEN Group is a pioneering technology services group that supports the channel ecosystem. We do this through the active management of a portfolio of established and emerging technology vendors, coupled with innovative and unique services across cybersecurity, cloud, enterprise software, and data management solutions. This model is the next generation of IT solutions, knowledge, service, and delivery. The business is a hub of collaboration within the channel that makes it easy for technology partners to do business with international vendors on complex and ever-changing product suites. Our unique and award-winning combination of specialist knowledge, innovative technology platforms and complementary services enables our partners and vendors to stay relevant and remain ahead in this dynamic IT environment. About NEXTGEN CyberLab NEXTGEN CyberLAB is a completely browser based virtual realization platform built on AWS that demonstrates and integrates the world's most innovative cybersecurity solutions. It was created for vendors and channel partners to help them cost-effectively showcase varied technologies in safe and controlled environments, customized for a specific use case. About Stellar Cyber The Stellar Cyber Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8x improvement in MTTD and a 20x improvement in MTTR. The company is based in Silicon Valley. For more information, visit stellarcyber.ai.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Cloudflare Equips Organizations with the Zero Trust Security They Need to Safely Use Generative AI

Businesswire | May 16, 2023

Cloudflare, Inc. (NYSE: NET), the security, performance, and reliability company helping to build a better Internet, today extended its single-vendor SASE platform, Cloudflare One, to generative artificial intelligence (AI) services. Cloudflare One for AI, a suite of Zero Trust security controls, will enable enterprises to safely and securely use the latest generative AI tools without putting intellectual property and customer data at risk. With every transformative step forward in technology, from mobile phones to cloud computing, there are new security threats that rise to the surface. Major companies have banned the use of popular generative AI chat apps because of sensitive data leaks, and Italy instituted a temporary ban on generative AI tools for inadequate user data protections. According to a KPMG survey on generative AI, AI is expected to have an enormous impact on business, but the majority of US executives surveyed are years away from implementing it; cyber security (81%) and data privacy (78%) are the most top of mind concerns for leaders. CISOs and CIOs need to strike a balance between enabling transformative innovation through AI and still maintaining compliance with data privacy regulations. Whether it’s an employee experimenting with AI, or a company initiative, once proprietary data is exposed to AI, there is no way to reverse it. "AI holds incredible promise, but without proper guardrails it can create significant risks for businesses. It is far too easy, by default, to upload sensitive internal or customer data to AI tools. Once the data is used for training AI, it is virtually impossible to get it out," explained Matthew Prince, co-founder and CEO of Cloudflare. "If you were going to let a class of university students rummage around in your internal data, you'd of course put clear rules in place on what data they can access and how it can be used in their education. Cloudflare's Zero Trust products are the first to provide the guard rails for AI tools, so businesses can take advantage of the opportunity AI unlocks while ensuring only the data you want to expose gets shared." Cloudflare One for AI provides a simple, fast, and secure way for companies to safely build using the latest generative AI technologies, without compromising security or performance. With Cloudflare One, companies can gain visibility into and measure AI tool usage, prevent data loss, and manage integrations: Cloudflare Gateway helps companies observe how many employees are experimenting with AI services, and adds context when planning for budgets and enterprise licensing. Service tokens give administrators a clear log of API requests, control over the specific services that can access AI training data, and the ability to revoke tokens with a single click when building ChatGPT plugins for internal and external use. Cloudflare Tunnel provides an encrypted, outbound-only connection to Cloudflare’s network. Every request will be checked against the access rules configured for services protected by Cloudflare One or when teams are ready to allow an AI service to connect to their infrastructure. Cloudflare’s Data Loss Prevention (DLP) service provides a safeguard to close the human gap in how employees may share data. Simple pre-configured options can check for data that looks like social security numbers or credit card numbers, and custom scans can look for patterns based on data configurations for a specific team. More granular rules can even allow select users to experiment with projects containing sensitive data, with stronger limitations on the majority of teams and employees.Cloudflare's cloud access security broker (CASB) service gives comprehensive visibility and control over SaaS apps. Soon, Cloudflare CASB will be able to scan the AI tools that your team uses to detect misconfiguration and misuse. Generative AI is an exciting technology with the promise to transform how we work. As this technology evolves and new tools and plugins are developed, Cloudflare’s platform approach to security will ensure that enterprises everywhere can embrace these productivity enhancements without creating bottlenecks and ensure compliance with the latest regulations. About Cloudflare Cloudflare, Inc. (www.cloudflare.com / @cloudflare) is on a mission to help build a better Internet. Cloudflare’s suite of products protect and accelerate any Internet application online without adding hardware, installing software, or changing a line of code. Internet properties powered by Cloudflare have all web traffic routed through its intelligent global network, which gets smarter with every request. As a result, they see significant improvement in performance and a decrease in spam and other attacks. Cloudflare was awarded by Reuters Events for Global Responsible Business in 2020, named to Fast Company's Most Innovative Companies in 2021, and ranked among Newsweek's Top 100 Most Loved Workplaces in 2022.

Read More