SOFTWARE SECURITY

Trend Micro Detected Nearly 13 Million Malware Events Targeting Linux-based Cloud Environments

Trend Micro Incorporated | August 24, 2021

Trend Micro Incorporated (TYO: 4704; TSE: 4704), a global cybersecurity leader, today released new research on the state of Linux security in the first half of 2021. The report gives valuable insight into how Linux operating systems are being targeted as organizations increase their digital footprint in the cloud and the pervasive threats that make up the Linux threat landscape.

As of 2017, 90% of public clouds workloads ran on Linux. According to GartnerÒ, "Rising interest in cloud-native architectures is prompting questions about the future need for server virtualization in the data center. The most common driver is Linux-OS-based virtualization, which is the basis for containers.1"

Linux allows organizations to make the most of their cloud-based environments and power their digital transformation strategies. Many of today's most cutting-edge IoT devices and cloud-based applications and technology run on some flavor of Linux, making it a critical area of modern technology to secure.

"In the industry, we see some very creative attacks and we have to stay ahead. Protecting the company, our employees, and our intellectual property is a priority," says John Breen, Global Head of Cybersecurity at Flowserve. "We'll continue to work closely and collaborate with Trend Micro to ensure our people and our company remain protected."

"It's safe to say that Linux is here to stay, and as organizations continue to move to Linux-based cloud workloads, malicious actors will follow," said Aaron Ansari, vice president of cloud security for Trend Micro. "We have seen this as a main priority to ensure our customers receive the best security across their workloads, no matter the operating system they choose to run it on."

The report revealed that most detections arose from systems running end-of-life versions of Linux distributions, including 44% from CentOS versions 7.4 to 7.9. In addition, 200 different vulnerabilities were targeted in Linux environments in just six months. This means attacks on Linux are likely taking advantage of outdated software with unpatched vulnerabilities.

About Trend Micro
Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.

Spotlight

A look at some of the most common and malicious forms of cyber attacks that often target individuals or small businesses. Point of Sale malware software obtains briefly unencrypted credit and debit card information from the RAM of credit card reading machines. The credit or debit card information is saved in text format and then retrieved at a later date by sending the information to an external server. Information is often sold, not used by the hackers themselves.

Spotlight

A look at some of the most common and malicious forms of cyber attacks that often target individuals or small businesses. Point of Sale malware software obtains briefly unencrypted credit and debit card information from the RAM of credit card reading machines. The credit or debit card information is saved in text format and then retrieved at a later date by sending the information to an external server. Information is often sold, not used by the hackers themselves.

Related News

DATA SECURITY

AirSlate Announces SignNow Partnership with Defa3 Cyber Security

airSlate | April 15, 2021

airSlate, a pioneer partner and preferred provider of information technology and security solutions and services in the Middle East, reported today that its award-winning eSignature solution, signNow, is now available to customers of Defa3 Cyber Security. The collaboration will help to raise awareness of airSlate in the area while also increasing the importance of Defa3 Cyber Security's technology portfolio to its customers. “Knowing Defa3 Cyber Security's leadership in the region, we saw an opportunity to partner with their offering and aggressively expand our presence in the Middle East,” said Scott Owen, airSlate's Vice President of Business Development and Channel. “We are thrilled to collaborate with Defa3 Cyber Security and help their clients meet the growing need to digitize and simplify their document processes.” signNow provides a stable and compliant eSignature solution that enables users to accept, deliver, and e-sign documents in seconds. Teams can conduct business anywhere, at any time, and on any device, since it can be configured as a stand-alone application or combined with any other application through API. SignNow's tracking, analytics, and data governance give users more visibility, and its intuitive, customer-friendly user interface and API allow for a more smooth, efficient experience. “The Middle Eastern information technology space is increasingly evolving,” said Haytham Hussein, Sales Manager at Defa3 Cyber Security. “Accelerated cloud adoption, mergers and acquisitions, and other big industry projects require new and innovative methods in digital transformation strategies for businesses.” About AirSlate airSlate is a global SaaS technology company that provides no-code workflow automation, electronic signature, and document management solutions to tens of millions of innovators worldwide. The company's award-winning products, including airSlate, pdfFiller, and signNow, enable teams to develop, innovate, and automate to digitally reinvent their companies and make them work faster and easier. About Defa3 Cyber Security Defa3 Cyber Security is a market leader in cybersecurity solutions and services, exclusively representing cutting-edge IT and security technology from around the world. Defa3 Cyber Security has developed a reputation as the chosen IT and security partner in the Middle East, Turkey, and Africa, due to a strong commitment to customer success.

Read More

DATA SECURITY

Smithers Announces the Launch of Information Security Services

Smithers | May 25, 2021

Smithers, a leading provider of testing, consulting, information, and compliance services, is pleased to announce the launch of its information security services department. This agency will provide auditing and certification services for NIST SP 800-171 and the Cybersecurity Maturity Model Certification (CMMC), as well as other customized information security offerings. Smithers Quality Assessments Division offers 25+ years of high-touch, value-added third-party auditing expertise to the CMMC program, including trained, professional auditors to perform CMMC assessments for organizations that are current suppliers to the United States (US) Department of Defense, as well as those looking to meet the requirements of being a supplier. Smithers' information security service offering ensures the security of clients' sensitive data by delivering reliable assessments on time and with a high level of touch. "Information security threats continue to intensify as a significant concern to organizations of all sizes," says Jeanette Preston, President of Smithers Quality Assessments Division. "As a matter of business continuity, many companies would be required to ensure sensitive data security as a requirement to do business with defense, governmental agencies, and highly regulated industries." The information security services department will be launched and led by Aaron Troschinetz, General Manager for Smithers Quality Assessments Division in North America. "During audits, we see that clients have a genuine need for these facilities," Troschinetz says. "Companies do not need multiple vendors because we provide information security in addition to our existing auditing and certification services. Smithers is now capable of serving as their full-service trusted partner." About Smithers Smithers is a multinational provider of testing, consulting, information, and compliance services that were founded in 1925 and is headquartered in Akron, Ohio. Smithers serves customers in the transportation, life science, packaging, fabrics, parts, consumer, and energy sectors through laboratories and operations in North America, Europe, and Asia. Smithers integrates science, technology, and business expertise to provide accurate data on time and with a high touch, allowing consumers to innovate with confidence.

Read More

DATA SECURITY

Microsoft and Darktrace Collaboration Extends Autonomous Cyber Defense Across the Cloud

Darktrace | May 10, 2021

Darktrace, a leading autonomous cybersecurity AI firm, revealed today that it has partnered with tech giant Microsoft. The collaboration provides joint customers with enterprise-scale, self-learning AI that identifies and reacts to cyber-threats autonomously. This partnership expands Darktrace's self-learning artificial intelligence for cybersecurity within Microsoft environments, such as Microsoft 365 and cloud apps like Azure Sentinel. When companies and workforces around the world depend more on cloud infrastructure and virtual collaboration tools, the collaboration ensures that threats can be halted by Microsoft's technologies in conjunction with Darktrace's Autonomous Cyber AI technology. Microsoft and Darktrace's collaboration improves security through multi-platform and multi-cloud environments, automates threat investigations, and allows teams to prioritize strategic activities that matter. The two organizations are working together to help companies in a variety of important areas: Cyber AI Email Security – Antigena Email, which utilizes Darktrace's autonomous response technologies to counter the most advanced email attacks, is now hosted on Microsoft Azure and available on the Microsoft Azure Marketplace. Simplified and Streamlined Security Workflows – Darktrace also works smoothly with Azure Sentinel, with a customized Workbook enabling users to send and envision Darktrace threat alerts and automatic threat investigation reports within Sentinel. Seamless data integration – With one click, users can connect Darktrace's AI detection capability to Microsoft Defender for endpoint security. "As cyber-attacks get more advanced, AI is introducing a deeper level of security in detecting these risks," said Clare Barclay, CEO of Microsoft UK. The collaboration between Microsoft and Darktrace will help in the security of organizations, allowing them to concentrate on their core business and customers." "I am happy to be working with Microsoft to put Darktrace's Cyber AI and autonomous response into joint customer environments," said Poppy Gustafsson, CEO of Darktrace. "Darktrace secures Microsoft wherever it runs." About Darktrace Darktrace is the pioneer of Autonomous Response technologies and a leading autonomous cybersecurity AI organization. It protects the cloud, email, IoT, traditional networks, endpoints, and industrial platforms for over 4,700 organizations in over 100 countries. Darktrace AI, a self-learning technology, tracks, investigates and reacts to advanced cyber-threats such as insider threats, remote working risks, malware, data loss, and supply chain vulnerabilities. The corporation employs 1,500 people worldwide, with headquarters in Cambridge, UK. Darktrace AI detects a cyber threat every second, preventing it from causing harm.

Read More