Beware Windows 7 users: Malware campaign targeting IoT devices

Cnet | February 05, 2020

Windows 7 is officially dead, now that Microsoft has ended support for the operating system -- which means no more security updates or patches. Despite this, an estimated 200 million devices are still running the out-of-date system, and a malware campaign is targeting IoT devices still using it, according to a new report from TrapX Security. The malware used in the campaign is a self-spreading downloader, which runs malicious scripts as part of the Lemon_Duck PowerShell malware variant family. At this point, it has targeted a range of devices at manufacturing sites, including smart printers, smart TVs, and automated guided vehicles (AGVs), the report found.

Spotlight

The Higher Education Information Security Council (HEISC), along with EDUCAUSE and Internet2, held its annual Information Security Awareness Video & Poster Contest, an event that allows college students to win prizes, gain experience, and earn recognition by creating a PSA about information security.
HEISC works to improve information security & privacy programs across the higher education sector.


Other News
PLATFORM SECURITY

SecurityScorecard Joins Snowflake Partner Network

SecurityScorecard | June 23, 2022

SecurityScorecard, the global leader in cybersecurity ratings announced today that it has joined Snowflake's Partner Network, enabling mutual customers to gain instant visibility into their own security posture and that of their third and fourth party software vendors. Catching Third-Party Risks Early Snowflake customers now have access to "call" security data within Snowflake, gaining direct access to SecurityScorecard Ratings data that can be correlated with various systems and processes including third party risk, identity and access and IT asset management to catch potential security risks early and create a unified view. "CISOs need to know the scale and scope of their cyber environment and that includes third and fourth-party vendors that can pose substantial risks to their organization," said Alex Rich, Vice President of Alliances at SecurityScorecard. "The insights gleaned from continuous monitoring with SecurityScorecard ratings data helps Snowflake data cloud customers get a broad view into their Third Party Risk Management, supply chain management, and business intelligence applications with continuous cybersecurity data." SecurityScorecard collects and analyzes global threat signals that give organizations instant visibility into the security posture of vendors and business partners as well as the capability to do a self-assessment of their own security posture. The technology continuously monitors 10 groups of risk factors to instantly deliver an easy-to-understand A-F rating. The Snowflake Partner Network unlocks the potential of the Data Cloud with a broad array of tools and partners. Certified partnerships and integrations enable customers to leverage Snowflake's flexibility, performance, and ease of use to deliver more meaningful data insights. "With SecurityScorecard on the Snowflake Data Marketplace - organizations can now access and use robust vendor risk data directly in their Snowflake account. "Joint customers of Snowflake and SecurityScorecard can now easily combine, enrich, and contextualize vendor risk data with procurement, legal, IT, compliance, and security data, systems, and processes, accelerating the modern CIO and CISO's priority of data-driven, risk-based, and automated security and compliance." Joshua McKibben, Director Security Compliance & Risk Management at Snowflake "Our partnership with SecurityScorecard is delivering customers the detailed cybersecurity ratings data they need to refine and enrich data around numerous different use cases," said Tarik Dwiek, Head of Technology Alliances at Snowflake. "From third party risk and M&A due diligence, to cyber insurance, SecurityScorecard and Snowflake are helping global enterprises better manage their third-party risk management programs." About SecurityScorecard Funded by world-class investors including Evolution Equity Partners, Silver Lake Waterman, Sequoia Capital, GV, Riverwood Capital, and others, SecurityScorecard is the global leader in cybersecurity ratings with more than 12 million companies continuously rated. Founded in 2013 by security and risk experts Dr. Aleksandr Yampolskiy and Sam Kassoumeh, SecurityScorecard's patented rating technology is used by over 30,000 organizations for enterprise risk management, third-party risk management, board reporting, due diligence, cyber insurance underwriting, and regulatory oversight.

Read More

PLATFORM SECURITY

Resecurity® Brings Cyber Threat Intelligence to Microsoft Azure

Resecurity | July 01, 2022

Resecurity, a cybersecurity and intelligence company, today announced its award-winning cybersecurity threat intelligence and risk monitoring platform is now available on Microsoft's Azure Marketplace. Microsoft's Azure Marketplace is the most comprehensive marketplace on the planet, offering thousands of certified cloud applications and software to over four million active users and subscribers. With cyber-risk ranking as a top concern for CEOs and business owners1, enterprises are looking for additional support to secure and manage the evolving cyber threatscape. More importantly, they're looking for trusted vendors who provide scalable, secure solutions that can work inside existing operating systems. Today, nearly 70 percent of organizations worldwide use Microsoft Azure for their cloud services.2 By joining the Microsoft Azure marketplace, Resecurity's software solutions will be easily accessible to the millions of Microsoft Azure customers needing comprehensive cybersecurity management and monitoring. "Enterprises continue to battle increasing cyber threats emerging from the Dark Web and ransomware groups targeting cloud services. Trusted partners like Microsoft Azure have enabled organizations to confidently bring in the cybersecurity expertise and solutions they need to protect their ecosystems. "Resecurity is dedicated to helping organizations worldwide mitigate these risks with our reliable, scalable and accessible cybersecurity and threat intelligence software." Gene Yoo, CEO of Resecurity Resecurity's AI-powered solutions provide proactive alerts and comprehensive visibility of digital risks targeting the enterprise ecosystem. The innovative platform allows administrators to reduce potential blind spots and security gaps by quickly seeing in-depth analysis and specific artifacts obtained through the dark web, botnets activity, network intelligence and high-quality threat intelligence data. Microsoft Azure users who integrate Resecurity into their cybersecurity strategy will benefit from: Around-the-clock security monitoring of your cloud workloads and enterprise ecosystem, In-depth risk evaluation of the entire enterprise ecosystem (Dark Web, Compromised Accounts, Data Leaks, Network Hygiene, Cloud Security, etc.), A scalable software solution that can monitor a digital footprint of any size (Domains, Network Ranges, Cloud-based Nodes), AI-powered threat intelligence that leverages Rescurity's Dark Web intelligence repositories with over 3.4 billion records and cyber intelligence analysts deployed across all continents, Contextualized risk alerts and data-backed suggested actions to enable a proactive security strategy.Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). Just recently Resecurity has been named a gold winner by the 2022 Cybersecurity Excellence Awards in North America. Resecurity's products and services received Gold recognition across 3 categories in highly competitive nominations such as cyber threat intelligence (CTI), threat hunting, and third-party risk management (TPRM). About Resecurity Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine. An Official Member of Infragard, AFCEA, NDIA, SIA and FS-ISAC.

Read More

DATA SECURITY

NTT DATA Selects Swimlane to Deliver Low-Code Security Automation in EMEA

NTT DATA | June 01, 2022

Swimlane, the leader in low-code security automation, today announced its partnership with NTT DATA, a global leader in IT services and cybersecurity, to reduce risk for shared customers via Swimlane’s award-winning low-code automation platform. The partnership will help organizations in the Europe, the Middle East and Africa (EMEA) region address compliance and regulatory requirements and tackle the challenges associated with managing big data. In addition to extending low-code security automation to its customers, NTT Data has also chosen Swimlane to scale its own security operations. In a recent study, 55% of European enterprises reported struggling to recruit IT talent, citing a lack of advanced skills in job candidates. As the global cybersecurity talent shortage prevails, security administrators in the EMEA region are increasingly overburdened with manually performed repetitive and time-consuming tasks needed to track, mitigate and resolve security events across multiple security platforms. Without automation, security teams cannot realistically analyze and adequately prioritize security alerts at the rate necessary to protect networks while also ensuring their organization remains compliant with regulatory standards across countries operated in. Now, joint customers can leverage the power of Swimlane’s platform to respond quickly, innovatively, and effectively to today's complex challenges. They will gain visibility into the performance, capacity, and value of their security strategy with self-service dashboards, granular reporting, and extensive visualization capabilities. “We are excited to expand our investment in the EMEA market by partnering with a true leader in the region that carries immense credibility in the security space. “This partnership will enable enterprises across highly-targeted industries like financial services, critical infrastructure, healthcare and retail to harness their institutional knowledge to leverage security automation and build a system of record that transcends the entire security organization.” Toby Van de Grift, Vice President of EMEA for Swimlane Together, Swimlane’s low-code automation platform and NTT Data’s deep industry expertise deliver an offering that enables continuous compliance and prevents data breaches while helping security teams more efficiently manage the growing volume of alerts and complexity of processes. NTT Data will also create its own unique applications of the Swimlane platform to deliver continued value to customers. “The flexibility of the Swimlane platform makes it the ideal solution for both our company and our customers to harness the power of low-code security automation, allowing every team member to create response processes that align with unique business processes,” said Patrick Schraut, SVP CyberSecurity at NTT DATA. “This partnership will allow our customers to receive more value from their existing technology investments while making it easier for them to utilize automation to alleviate the stress security teams face today.” NTT DATA joins partners like Elastic, Guidepoint, Optiv, and Pareto Cyber, in Swimlane’s Medley Global Partner Program. Its addition reflects the program’s continued global expansion to meet the growing need for low-code security automation in the EMEA region. About Swimlane Swimlane is the leader in cloud-scale, low-code security automation. Supporting use cases beyond SOAR, Swimlane improves the ease with which security teams can overcome process and data fatigue, as well as chronic staffing shortages. Swimlane unlocks the potential of automation beyond the SOC by delivering a low-code platform that serves as the system-of-record for the entire security organization and enables anyone within the organization to contribute their knowledge and expertise to the protection of the organization. About NTT DATA NTT DATA – a part of NTT Group – is a trusted global innovator of IT and business services headquartered in Tokyo. We help clients transform through consulting, industry solutions, business process services, IT modernization and managed services. NTT DATA enables clients, as well as society, to move confidently into the digital future. We are committed to our clients' long-term success and combine global reach with local client attention to serve them in over 50 countries.

Read More

PLATFORM SECURITY

Talon Cyber Security Selected for Exclusive Microsoft for Startups Program

Talon Cyber Security | June 30, 2022

Talon Cyber Security, provider of the first secure enterprise browser, today announced it has been selected as a partner for Microsoft for Startups, a global program dedicated to accelerating the trajectory of high-potential startups. As a program member, Talon will receive access to Microsoft technology, mentorship and business support. “Talon is proud to be working with an established leader like Microsoft as we continue to aggressively scale to meet the demand for our secure enterprise browser. “Our goal is to make security for the future of work simple by enabling secure access for managed and unmanaged devices, and the feedback we have received from the world’s largest brands has been amazing. As we continue to gain traction, it is incredible to have the support of a true industry giant like Microsoft.” Ofer Ben-Noon, co-founder and CEO, Talon Cyber Security The traditional approach of enabling secure access to modern applications is complex, expensive and puts organizations at risk. The TalonWork browser acts as the first line of defense and control point for enterprise security, while drastically reducing complexity and cost. Talon brings enterprise-grade security to the browser, delivering native features like authentication, data loss prevention, zero trust controls and more. Customers leverage TalonWork to gain visibility into and secure SaaS applications, web activity, managed devices and unmanaged devices. Built on Chromium, TalonWork consistently delivers the high-quality user experiences required to secure the future of work. “Talon’s mission to help its customers simplify security programs for distributed workforces is a great fit for the program,” said Jeff Ma, Vice President, Microsoft for Startups, Microsoft. “We look forward to helping Talon deliver their innovative solution to our joint customers.” Talon leverages Microsoft’s infrastructure to facilitate seamless, real-time collaboration among its global team that enables it to deliver exceptional service to its customers. The company’s unique approach to security has led to significant corporate momentum. Talon won the Innovation Sandbox Contest at RSA Conference 2022, a prestigious competition where 10 industry leaders battle for the title of “Most Innovative Startup” each year. About Talon Cyber Security Talon Cyber Security is modernizing security programs and improving user experiences for hybrid work by delivering the first secure enterprise browser. Built on Chromium, the TalonWork browser provides customers with the consistent user experiences, deep security visibility, and control over SaaS and web applications needed to simplify security for the future of work. Talon was named the Most Innovative Startup of 2022 at the prestigious RSA Conference Innovation Sandbox Contest.

Read More

Spotlight

The Higher Education Information Security Council (HEISC), along with EDUCAUSE and Internet2, held its annual Information Security Awareness Video & Poster Contest, an event that allows college students to win prizes, gain experience, and earn recognition by creating a PSA about information security.
HEISC works to improve information security & privacy programs across the higher education sector.

Resources