DATA SECURITY

MITRE Invention to Test Cybersecurity Products Against Data Encryption Risks, Such as Ransomware

MITRE Engenuity | March 17, 2021

Miter Engenuity will survey business cybersecurity items' capacity to identify the danger presented by the gatherings normally known as Sandworm and Wizard Spider, both of whom have utilized information encryption as a vital component of their attacks. Applications for assessment are accessible through May 28.

Examiners accept that Sandworm utilized information encryption to cause more than $10 billion in harm to industry in attacks with its NotPetya malware. The gathering is additionally generally associated with attacks that have closed down the Ukrainian electrical framework on various events. Wizard Spider has purportedly utilized information encryption to take more than $150 million through ransomware attacks.

The assessments will utilize ATT&CK®, a Miter-curated information base of foe strategies, methods, and techniques that depends on distributed danger revealing. ATT&CK is openly accessible and is utilized by digital safeguards in regions including account, medical services, energy, assembling, retail, and government to comprehend enemy conduct and tradecraft.

Miter Engenuity will assess each partaking merchant's capacity to recognize the dangers presented by Sandworm and Wizard Spider in two particular situations during the assessment. All outcomes will be delivered, and the organization will permit the general population to see them completely or sifted by enemy.

Spotlight

A new survey from CDW Canada, a leading provider of technology solutions and services, has found security continues to be a main concern for Canadian organizations as they look ahead to the next year — but, at the same time, they’re becoming better equipped to manage cyber threats. Forty-seven per cent of respondents indicated their security budget for the year has increased, while 34 per cent indicated it remained flat. Additionally, 67 per cent said they have a plan in place to respond to a security breach, while 16 per cent noted they did not. Seventeen per cent of respondents were not sure if their organization had a plan in place.


Other News
SOFTWARE SECURITY

Criminal IP New Cybersecurity Search Engine launches first beta test

AI Spera | April 12, 2022

AI Spera announced Criminal IP, a new cybersecurity platform, today. Criminal IP is a total Cyber Threat Intelligence (CTI) search engine intended to identify potential vulnerabilities that threatening companies or individuals' IT assets. It also offers a new way to manage them comprehensively by allowing users to find results for malicious IP address, malicious domains, phishing sites, forged certificates, all IT assets, and other security related information immediately. The company has been recruiting beta service testers and plans to operate beta service for three months from April 28. Testers pre-registering for beta service will be given a three-month free license and if testers participate in the service survey, they can receive an additional one-month free license as a reward. Criminal IP visualizes all IT assets connected to the Internet based on IP addresses held by companies and individuals. This allows users to see the details of their assets at a glance, from DB servers, files servers, middleware servers, administrator servers as well malicious sites, and easily spot the assets exposed to the attack surface. The solution also provides all possible information about domains in real time, including network logs, used programming technologies and security-related information, without having to directly access websites. Analyzing this information with AI/Machine learning technology, it shows an overall score of the domain and DGA (Domain Generation Algorithm) score in five stages (Critical, Dangerous, Moderate, Low, Safe) allowing users to determine and respond to threats. Users can prevent security problems in advance by searching for vulnerabilities in IT assets and identifying cyber attackers' attack points for attack surface management purposes through Criminal IP data. In addition, everything that has happened to a particular IP address can be recorded like a criminal record to track malicious behavior of an IP address. "Above all, this platform is the ultimate comprehensive solution that maximizes user's convenience by providing all CTI information distributed by different solutions in one place. In hopes that Criminal IP can be used in a variety of areas to defend against evolving cyber threats, including education and research, corporate security teams, white hackers, state agencies, and cybercrime investigations, we decided to operate free beta services to receive feedback on product improvement." Byungtak Kang, CEO at AI Spera Features and benefits of Criminal IP include: providing a wide range of cyber threat information, including malicious IPs, C&C domains, various domain information, threat intelligence images and CVEs, which map IP& Domain scoring algorithms and various threat information based on big data on 4.2 billion IP addresses and billions of domain addresses worldwide analyzing all possible details about domains including screenshots, domain category, whois information, used technologies, connected IP addresses, page redirections, certificates, network logs, cookies as well as interesting security-oriented features like possible malicious contents and replicated phishing domains with overall score of the domain and DGA (Domain Generation Algorithm) score searching and updating global IP addresses and domains in 24/7 to extract applications and services in use, and provide information on security vulnerabilities of IT assets to enable real-time automatic attack surface management offering straightforward search result based on a wide range of specific search filters so that users can conveniently access the right information they need About AI Spera AI Spera is a fast-growing company in the field of cyber threat intelligence. Based on AI and Machine Learning technology, the company focuses on detection of anomalies and data-oriented security solutions. The company supports as many corporates, security developers and researchers as possible to view the attack surface through the eyes of an attacker and provide various AI-based intelligence security solutions across industries including online games, financial, security and national institutions.

Read More

PLATFORM SECURITY

Cybersecurity Startup ActZero Partners with Measured Analytics and Insurance

ACTZERO | December 15, 2021

ActZero, a cybersecurity startup whose AI-driven platform makes best-in-class security accessible for businesses of all sizes, today announced a strategic partnership with Measured Analytics and Insurance, the data and analytics-driven cyber insurance company. The partnership will enable businesses to protect themselves against emerging security threats with an integrated risk management approach. Recent reports by lead researchers have found that a majority of organizations have experienced incidents of ransomware or phishing in the last 12 months, while other cybersecurity threats are also on the rise. This trend means that more and more businesses need to level up their cybersecurity posture, while also preparing for the ramifications of potential attacks with cybersecurity-specific insurance. The partnership between ActZero and Measured is among the first to holistically address a business's cybersecurity needs by combining sophisticated managed detection and response services designed to stop attacks and extortion with insurance services that position companies to mitigate potential losses. "We're pleased to be working with Measured, which will serve as the foundation of our integrated risk management distribution channel,Pairing our solution with insurance coverage to better protect customers represents another leap forward in our pursuit of making cybersecurity more effective and affordable for small and mid-sized enterprises." Chris Finan, ActZero's Chief Operating Officer The ActZero platform combines next-generation antivirus protection, endpoint detection and response, extended detection and response technologies, and 24/7 automated and managed threat hunting capabilities to detect and prevent all types of cybersecurity threats, from commodity malware to sophisticated, headline attacks across endpoints, network and cloud. The combined offering with Measured means that ActZero clients can now take advantage of streamlined access to cyber insurance at better rates. Measured Analytics and Insurance sells industry-leading comprehensive cyber insurance backed by the most reputable reinsurance companies in the world. Measured tackles the challenge of underwriting cyber insurance by combining proprietary data and machine learning algorithms to assess and price cyber insurance for small- and mid-sized businesses. In partnering with ActZero, Measured's clients gain access to a robust suite of cybersecurity technologies at preferred rates. "In this era of growing concerns and evolving threats, it's critical to complement our cyber insurance offering with innovative detection and response capabilities to stop problems before they start," said Jack Vines, CEO of Measured Insurance. "ActZero is the ideal partner to deliver on this promise, enabling our customers to implement sophisticated risk management strategies, thereby best positioning themselves against today's current threat climate." ABOUT ACTZERO ActZero is a cybersecurity startup that makes small- and mid-size businesses more secure by empowering teams to cover more ground with fewer internal resources. Our intelligent managed detection and response service provides 24/7 monitoring, protection and response support that goes well beyond other third-party software solutions. Our teams of data scientists leverage cutting-edge technologies like AI and ML to scale resources, identify vulnerabilities and eliminate more threats in less time. We actively partner with our customers to drive security engineering, increase internal efficiencies and effectiveness and, ultimately, build a mature cybersecurity posture. Whether shoring up an existing security strategy or serving as the primary line of defense, ActZero enables business growth by empowering customers to cover more ground. ABOUT MEASURED ANALYTICS AND INSURANCE Measured Insurance offers an analytics-based approach to cyber insurance, specifically quantifying specific exposure to ransomware attacks. Measured Insurance is bridging the gap between technology and insurance by using AI-powered analytics that tracks individual exposure in real-time to create smarter insurance products. Every policy is tailored to fit the individual client–clearly identifying pre-event exposure in seven fundamental areas and customizing post-event loss mitigation services with real experts, real people, and real help if ever needed.

Read More

DATA SECURITY

ContraForce Announces $2M Seed Investment from DataTribe

ContraForce | December 28, 2021

DataTribe, a global cyber foundry that invests in and co-builds next-generation cybersecurity and data science companies, announced today a $2M seed investment in ContraForce, a leader in no-code security automation for small and medium-sized businesses. ContraForce delivers a no-code security automation platform that makes cyber security accessible for small and medium-sized businesses that lack the resources and expertise to defend themselves. In addition, ContraForce also brings this facility to security compliance; a critical feature, as customers, regulators and insurance companies are putting increasing pressure on small and mid-sized organizations to not only be secure, but also to prove it. No longer is it acceptable for smaller organizations to be a step behind in their security and compliance. Hackers are increasingly targeting them for ransomware or as an entry point into a supply chain. Because small businesses typically have limited resources to cope with a cyber attack, cyber attacks can represent an existential risk for them. ContraForce enables small and mid-sized businesses to manage this risk with their easy-to-use, self-service platform to automate threat detection, response, and compliance. “We are thrilled to announce DataTribe's most recent investment in ContraForce on the heels of the company winning the fourth annual DataTribe Challenge,” said John Funge, Managing Director at DataTribe. “By providing a sort of security and compliance ‘easy button’, ContraForce is filling a really significant gap. Just because an organization is small does not mean that it does not possess vital data, IP, or access to strategic networks. It is paramount that smaller organizations overcome the resource barriers to robust security. ContraForce’s unique approach dramatically lowers these barriers.” “I am looking forward to working with DataTribe as we build on the ContraForce team's passion for simple and effective cybersecurity solutions designed for the needs of small and medium-sized businesses,” Stan Golubchik, CEO and co-founder of ContraForce ContraForce’s security and compliance solutions map security vulnerabilities to the industry standard MITRE ATT&CK framework. They create and adapt security detection and response capabilities in real-time, ensuring the environment is secured in hours across the cloud, network, endpoint, and users. By using ContraForce, an organization without dedicated security personnel can respond to threats without having to learn or write complex security detection code and response workflows. About DataTribe DataTribe is a startup foundry that invests in and co-builds world-class startups focused on generational leaps in cybersecurity and data science. Founded by leading investors, startup veterans, and alumni of the U.S. intelligence community, DataTribe commits capital, in-kind services, access to an unparalleled network, and decades of professional expertise to give their companies an unfair advantage. DataTribe is headquartered in the Washington-Baltimore metro area, in Fulton, Maryland. About ContraForce ContraForce is the new no-code security automation company. We focus on securing the small and medium-sized businesses by helping their security and IT teams work smarter, allowing them to implement automated operations that are effective in combating cyberattacks and demonstrating compliance. ContraForce is headquartered in McKinney, Texas and was founded and built by industry security and cloud experts from Armor, McAfee, and Intel. ContraForce's mission is to empower IT and Security teams and enable them to be more efficient.

Read More

DATA SECURITY

Flashpoint Acquires Vulnerability Intelligence Leader Risk Based Security

Flashpoint | January 13, 2022

Flashpoint, the trusted leader in threat intelligence and risk prevention, today announced it has acquired Risk Based Security (RBS), a Richmond, Virginia-based company specializing in vulnerability and data breach intelligence, as well as vendor risk ratings. The integration of RBS’s collections and technology into the Flashpoint platform offers a wide range of cybersecurity practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps, and vendor risk management teams—the contextual threat intelligence and automation they need to detect, prioritize, and thwart emerging cyber risks rapidly and holistically. “I am incredibly excited to welcome the RBS team to Flashpoint,This acquisition will enable our clients to rapidly detect critical vulnerabilities before they are widely known, and then automate how they prioritize and remediate these issues. This is a game changer for security teams and represents a vital step towards achieving Flashpoint’s vision of being the single vendor that enterprises can rely on to mitigate all types of security risks and protect critical assets.” Flashpoint CEO Josh Lefkowitz Since its founding in 2011, Risk Based Security has partnered with a diverse group of clients, including Microsoft, BlackRock, Northrop Grumman, Swisscom, American Electric Power, Amtrak, and numerous other enterprises across the technology, financial, insurance, and consumer goods sectors. To date, RBS possesses over 90,000 vulnerabilities in its collections that are not assigned CVE IDs and therefore do not exist in the National Vulnerability Database (NVD). RBS’s proprietary technology consistently identifies vulnerabilities before they are commonly known—and maps those vulnerabilities to an enterprise’s software—providing clients with a critical edge and head-start on potential adversaries. “We’re thrilled to join forces with Flashpoint,” said Jake Kouns, CEO of RBS. “It’s rare to find two organizations so similar in culture with a mutual drive to get things done. Our visions align perfectly, and we are excited to collaborate with them to bring a holistic, risk-based intelligence offering to a broad market.” AN ASSET-BASED APPROACH TO INTELLIGENCE AND RISK MANAGEMENT RBS’s extensive vulnerability, data breach, and proprietary vendor risk ratings empower security teams to quickly assess and remediate vulnerabilities based on their unique risk profile—making it the only vulnerability management tool on the market that provides scanless, real-time vulnerability intelligence with vendor and product risk ratings. With this technology, Flashpoint will be able to reveal a customer’s exposure to critical vulnerabilities and supply chain weaknesses, provide contextual awareness into how these vulnerabilities are being exploited by threat actors, and prioritize and automate the actions needed to remediate potential threats. In light of recent critical vulnerabilities like the highly-publicized disclosure of Log4j, early detection and rapid prioritization of risks is more important than ever. Moving beyond a reactive approach to threats, a combined Flashpoint and RBS solution will drive immediate and differentiated value to all types of security practitioners who are focused on protecting critical assets and infrastructure. ABOUT FLASHPOINT Trusted by governments and the Fortune 500, Flashpoint helps organizations protect their most critical assets, infrastructure, and stakeholders from security risks such as cyber threats, ransomware, fraud, physical threats, and more. Leading security practitioners—including cyber threat intelligence (CTI), vulnerability management, DevSecOps and vendor risk management teams—rely on Flashpoint's intelligence platform to proactively identify and mitigate risk and stay ahead of the evolving threat landscape. ABOUT RISK BASED SECURITY Risk Based Security (RBS) provides detailed information and analysis on Vulnerability Intelligence, Vendor Risk Ratings and Data Breaches. Our product, the Risk Based Security Platform, combines VulnDB and Cyber Risk Analytics (CRA), providing organizations access to the most comprehensive security intelligence knowledge bases available, including advanced search capabilities, access to raw data via API, and email alerting to assist organizations in taking the right actions in a timely manner.

Read More

Spotlight

A new survey from CDW Canada, a leading provider of technology solutions and services, has found security continues to be a main concern for Canadian organizations as they look ahead to the next year — but, at the same time, they’re becoming better equipped to manage cyber threats. Forty-seven per cent of respondents indicated their security budget for the year has increased, while 34 per cent indicated it remained flat. Additionally, 67 per cent said they have a plan in place to respond to a security breach, while 16 per cent noted they did not. Seventeen per cent of respondents were not sure if their organization had a plan in place.

Resources