DATA SECURITY

MITRE Invention to Test Cybersecurity Products Against Data Encryption Risks, Such as Ransomware

MITRE Engenuity | March 17, 2021

Miter Engenuity will survey business cybersecurity items' capacity to identify the danger presented by the gatherings normally known as Sandworm and Wizard Spider, both of whom have utilized information encryption as a vital component of their attacks. Applications for assessment are accessible through May 28.

Examiners accept that Sandworm utilized information encryption to cause more than $10 billion in harm to industry in attacks with its NotPetya malware. The gathering is additionally generally associated with attacks that have closed down the Ukrainian electrical framework on various events. Wizard Spider has purportedly utilized information encryption to take more than $150 million through ransomware attacks.

The assessments will utilize ATT&CK®, a Miter-curated information base of foe strategies, methods, and techniques that depends on distributed danger revealing. ATT&CK is openly accessible and is utilized by digital safeguards in regions including account, medical services, energy, assembling, retail, and government to comprehend enemy conduct and tradecraft.

Miter Engenuity will assess each partaking merchant's capacity to recognize the dangers presented by Sandworm and Wizard Spider in two particular situations during the assessment. All outcomes will be delivered, and the organization will permit the general population to see them completely or sifted by enemy.

Spotlight

Banking systems need to be readily available and productive, yet secure and protected from data-breach. The risks of irregular maintenance and non-compliance of IT and security policies can cost the organization much in terms of fines, lost opportunities and a damaged reputation.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

SaaS Alerts Secures $22M Investment from Insight Partners to Scale SaaS Security Monitoring and Response Platform

SaaS Alerts | September 12, 2022

SaaS Alerts, the cybersecurity company purpose-built for Managed Service Providers (MSPs) to protect and monetize their customers' core business SaaS applications, announced today that it has secured a $22 million growth investment from global software investor Insight Partners to accelerate the growth of its SaaS Security monitoring and response platform. The accelerated rate of SaaS Application adoption by businesses, driven by the need to provide collaboration and productivity tools to remote workforces and for more centralized and tightly controlled business data resources, has elevated awareness and critical concern for major threat vectors and security gaps that exist in SaaS Application security. These security concerns present opportunities for MSPs to better safeguard their clients while offering SaaS security services that drive profitable new revenue streams. SaaS Alerts was designed to help MSPs monitor and protect their customers' usage of today's most popular SaaS applications such as Microsoft 365, Google Workspace, Salesforce, Dropbox and more – and to safeguard against security threats to a business' SaaS environment such as data theft, data that's at risk due to unintentional employee mishaps and actions taken by bad actors. "We couldn't be more excited to partner with Insight Partners and we see their investment in SaaS Alerts as a monumental endorsement for what we have built and what we intend to build as we collaborate going forward. "I'm very proud of our team for reaching this milestone and look forward to working with Insight to continue to build value for our MSP partners and stakeholders." Jim Lippie, CEO of SaaS Alerts "SaaS applications have become essential for businesses of every size and MSPs need the ability to better protect those applications on behalf of their customers. SaaS Alerts has pioneered SaaS security for MSPs and has a clear vision for how detecting and correlating abnormal user behavior can greatly impact the MSP industry," said Philine Huizing, Principal at Insight Partners. "We're excited to partner with SaaS Alerts as the company scales to address this unique opportunity." About SaaS Alerts SaaS Alerts is the cybersecurity company purpose-built for MSPs to protect and monetize customers' core SaaS business applications. SaaS Alerts offers a unified, real-time monitoring platform for MSPs to protect against: data theft, data at risk and bad actors and integrates with the most popular SaaS Applications. Learn more at www.saasalerts.com. About Insight Partners Insight Partners is a global software investor partnering with high-growth technology, software, and Internet startup and ScaleUp companies that are driving transformative change in their industries. As of June 30, 2022, the firm has over $80B in regulatory assets under management. Insight Partners has invested in more than 700 companies worldwide and has seen over 55 portfolio companies achieve an IPO. Headquartered in New York City, Insight has offices in London, Tel Aviv, and Palo Alto. Insight's mission is to find, fund, and work successfully with visionary executives, providing them with practical, hands-on software expertise to foster long-term success. Insight Partners meets great software leaders where they are in their growth journey, from their first investment to IPO.

Read More

DATA SECURITY,SOFTWARE SECURITY,WEB SECURITY TOOLS

Legit Security Discovers and Helps Remediate Software Supply Chain Vulnerabilities in Google Firebase & Apache Open-Source Projects

Legit Security | September 16, 2022

Legit Security, a cyber security company with an enterprise platform to secure an organization’s software supply chain, today announced that it discovered software supply chain attack vulnerabilities in popular open-source projects from Google and Apache. The discovered vulnerability affects GitHub, an extremely popular Source Code Management (SCM) system at the heart of many organization’s software supply chains and used by software developers globally. The Legit Security research team found a new type of CI/CD vulnerability called “GitHub Environment Injection” that allows attackers to take control of the vulnerable project's GitHub Actions CI/CD pipeline. Any GitHub user could exploit this vulnerability to modify the project’s source code, steal secrets, move laterally and attack inside the organization, and ultimately initiate a SolarWinds-like supply chain attack. The vulnerability was found in the Google Firebase project and in a very popular integration framework project from Apache. Both Google and Apache acknowledged and fixed the vulnerabilities after an initial disclosure by Legit Security. Legit Security has published a technical disclosure blog on their website including guidance for organizations to remediate this vulnerability. Legit Security’s Research Team discovered that a specially crafted payload written to a GitHub environment variable called “GITHUB_ENV” could allow an attacker to execute code on the target pipeline and thereby modify the source code or compromise the repository itself. This attack can be initiated by any GitHub user and is very easy to implement just by creating a “pull request” or a proposed change to the source code. The mere act of submitting the pull request will trigger the vulnerable build action and carry out a successful compromise and the attacker does not need to be subjected a code review approval from the source code maintainer for it to take effect. The Legit Security team disclosed these issues to Google and Apache project maintainers, along with remediation guidelines, and verified that these vulnerabilities weren’t exploited by a malicious actor. Both projects have been fixed and are now safe. However, these are not the only projects susceptible to this kind of attack. Since using the GITHUB_ENV file is currently considered the “safe” way to change environment variables in GitHub Actions, many repositories are using workflows that write untrusted data into this file, leaving them exposed to supply chain attacks. “This type of vulnerability joins many other software supply chain vulnerabilities and attacks targeting popular open-source projects, including GitHub, which is the largest and the de facto host of most open-source projects. “We, as a security community, must build the tools and processes to address these threats and allow organizations to trust software and use it safely. Here at Legit Security our mission is to secure every organization’s software supply chain and we are active conducting security research and collaborating on initiatives to achieve this goal." Liav Caspi, CTO and co-founder of Legit Security According to Gartner®, nearly half of organizations worldwide will experience an attack on their software supply chains by 2025, a three-fold increase from 2021. There has been a huge rise in attempts to compromise open-source projects and CI/CD build services, including GitHub Actions, to enable wide ranging attacks through software supply chains. For in-depth analysis of the GitHub Environment Injection vulnerability, along with broader information and guidance on how to protect your organization from software supply chain attacks, please visit the Legit Security website and blog. About Legit Security Legit Security protects software supply chains from attack by automatically discovering and securing the pipelines, infrastructure, code and people so that businesses can stay safe while releasing software fast. Legit provides an easy to implement SaaS platform that supports both cloud and on-premises resources and combines automated discovery and analysis capabilities with hundreds of security policies developed by industry experts with real-world SDLC security experience. This integrated platform keeps your software factory secure and provides continuous assurance that your applications are released without vulnerabilities.

Read More

SOFTWARE SECURITY

JFrog Advances Software Development Collaboration, Automation, Speed, and Security with New Microsoft Teams App

JFrog | July 12, 2022

JFrog Ltd. , the Liquid Software company and creators of the JFrog DevOps Platform, today unveiled new integrations for JFrog Artifactory - the world's leading binary repository – and its JFrog Xray advanced security solution - with the Microsoft Teams collaboration platform. Available immediately, the JFrog App for Microsoft Teams delivers organization-wide visibility into security and software development events, such as failed builds, security vulnerabilities, or compliance issues. Using the new app, development team members can both assign and execute the tasks required to address issues, accelerating time-to-resolution. "Designing software and keeping it up-to-date has always been a team effort – but the urgency of that collaboration becomes even more important when builds fail or security vulnerabilities strike. “Our goal is to empower developers with solutions that enable efficient, cross-team communications on the platforms they’re already using day-to-day, which is why integrating with Teams was a logical choice. The JFrog App for Microsoft Teams makes it easier for developers to notify and collaborate with the wider business to devise and execute a speedy path to resolution." Stephen Chin, Vice President of Developer Relations, JFrog Many software teams use Teams to collaborate and provide visibility into development events or security vulnerabilities using both public and private group channels, as well as direct messaging. The new JFrog App for Microsoft Teams delivers insight into whether artifacts are being uploaded, moved, copied, or deleted, so developers and their extended team of stakeholders from across the organization can quickly make informed decisions and take action to keep their software pipelines on track and secure. “Microsoft Teams changes the way work gets done. It helps remote colleagues and partners collaborate and stay connected even when they’re working apart – and there are few places where collaboration is as critical to a project’s success as software development,” said Ben Summers, Director, Teams & Microsoft 365 Platform Marketing at Microsoft. “This integration aims to make life easier for developers who are already using Teams for their everyday work to share project or security updates with their extended set of stakeholders in one click.” Other features and benefits of the JFrog App for Microsoft Teams include: Accelerated vulnerability resolution - Integrating JFrog Artifactory and JFrog Xray with Teams significantly decreases the time it takes to resolve development challenges or security issues. Improved collaboration - Developers can use Teams to both delegate action items to extended team members - across departments – and take action on assigned tasks and provide status updates during each phase of the software development lifecycle. Quality assurance – Easily configure JFrog Xray policies and watches to monitor targeted artifact repositories used for test and staging environments, and tag team members on security vulnerabilities and compliance violations through Teams for prompt resolution. About JFrog JFrog Ltd.is on a mission to power all the world’s software updates, driven by a “Liquid Software” vision to allow the seamless, secure flow of binaries from developers to the edge. The JFrog Platform enables software creators to power their entire software supply chain throughout the full binary lifecycle, so they can build, secure, distribute, and connect any source with any production environment. JFrog’s hybrid, universal, multi-cloud DevOps platform is available as both self-managed and SaaS services across major cloud service providers. Millions of users and thousands of customers worldwide, including a majority of the Fortune 100, depend on JFrog solutions to securely manage their mission-critical software supply chain. Once you leap forward, you won’t go back

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

One of Europe’s Largest Logistics Companies Selects IronNet to Increase its Network Visibility and Proactively Hunt for Cyber Threats

IronNet, Inc. | August 26, 2022

IronNet, Inc. , an innovative leader Transforming Cybersecurity Through Collective DefenseSM, announced today that a major European logistics company, offering courier, package delivery and express mail service, will deploy the IronNet Collective DefenseSM platform to help defend against increased cyber threats facing the sector. The logistics company is remaining anonymous to help protect its operational security. It serves millions of customers across Europe, provides pick-up and drop-off points for package and parcel services as well as door-to-door courier and fulfillment services for e-merchants. “Cyber attacks along the supply chain can bring the global consumer economy to a halt. We must protect ourselves and our customers from these attacks so we sought out a cybersecurity solution that could identify advanced threats invisible in our current stack,” said the logistics company’s Chief Information Security Officer. “By deploying the IronNet Collective Defense platform, we will benefit from relevant, real-time attack intelligence and extensive threat hunting capabilities. It will provide enhanced visibility into our network and allow us to work with others in the industry to strengthen our cybersecurity and protect our customers from attacks.” “Since the start of the pandemic, the global supply chain has been strained with increased demands on logistics and transportation companies. Now, with the growing conflict between Russia and Ukraine, we cannot risk this sector being hit with cyber attacks to cause even more damage. “By partnering with one of Europe’s largest logistics companies, IronNet is helping this team hunt for threats to stop attacks on their network before they happen and enable the secure, efficient flow of commerce across the continent.” General (Ret.) Keith Alexander, co-CEO and Founder of IronNet Amazon Web Services (AWS) serves as the backbone of the IronNet Collective Defense platform, and it will enable the logistics company to deploy the solution quickly across hundreds of enterprises and maintain a dynamic radar view of threats on enterprise networks comprehensively and at network speed. The logistics company will also use IronNet’s leading AI-based Network Detection and Response (NDR) solution as part of the Collective Defense platform to better detect and defend against cyber attacks. The security platform will enable the logistics company to leverage NDR capabilities, powered by behavioral analytics, to detect unknown threats on its network and, in turn, anonymously in real-time exchange visibility with others in the Collective Defense community. The IronNet Collective Defense platform is the only solution that can identify anomalous behaviors and deliver actionable attack intelligence to all the other participants in the IronNet community. It serves as an early warning system for all participating companies and organizations, strengthening network security through correlated alerts, automated triage, and extended hunt support. About IronNet, Inc. Founded in 2014 by GEN (Ret.) Keith Alexander, IronNet, Inc. (NYSE: IRNT) is a global cybersecurity leader that is transforming how organizations secure their networks by delivering the first-ever Collective Defense platform operating at scale. Employing a number of former NSA cybersecurity operators with offensive and defensive cyber experience, IronNet integrates deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing the world today.

Read More