MSC Data Center Closes Following Suspected Cyber-Attack

infosecurity | April 14, 2020

A container shipping company has said malware could be to blame for the closure of one of its data centers last week. The Mediterranean Shipping Company (MSC) took to Twitter on Good Friday to report a network outage issue affecting the website msc.com, which was still down at time of writing. The incident, which is thought to have occurred on Thursday, April 9, also brought down the shipping company's myMSC portal. A message posted from the Twitter account MSC Cargo on April 10 stated: "We are sorry to inform you that http://MSC.com and myMSC are currently not available as we've experienced a network outage in one of our data centers. We are working on fixing the issue."

Spotlight

Financial institutions today have vast quantities of data available that can be used to flag potential fraudulent transactions, but many struggle to effectively leverage this data to fight fraud. This inability to make sense of available data not only reduces the amount of fraud activity detected, but can put the bank at risk of failing FDIC audits.


Other News
DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Absolute Software Unveils New Product Innovations for Resilient Zero Trust

Absolute | December 01, 2022

Absolute Software™ , the only provider of self-healing, intelligent security solutions, today announced new product innovations, empowering customers with deeper visibility and intelligence, expanded software integrations, and a refreshed user experience through its latest updates to Absolute Secure Endpoint and Absolute Secure Access. These product releases continue the company’s investment in bringing together the combined power of Absolute Secure Endpoint and Absolute Secure Access with our unique, firmware-embedded self-healing capability, enabling customers to achieve truly resilient Zero Trust environments and deliver an optimal user experience. This announcement builds on the launch of Absolute ZTNA – the industry’s first self-healing Zero Trust Network Access (ZTNA) solution – and Absolute Insights™ for Endpoints and Network, providing unparalleled intelligence into device, application, and network performance. Embedded in more than 600 million devices, Absolute is the only intelligent security solutions provider capable of delivering visibility, control, and resiliency across endpoints, applications, and network connections. The Absolute Platform enables IT and security teams to ensure their endpoints remain compliant and mission-critical applications remain operational, and empowers them to transition from traditional VPNs to a resilient Zero Trust approach without hindering security or user productivity. A recent 451 Research report validates Absolute’s differentiated platform approach and capabilities, saying: Too often, organizations don’t fully consider the resilience of the deployed zero-trust environment, and network access and device security are handled independently. It’s a situation that complicates security operations and one that can impact employee productivity. “Our common platform addresses a wide range of market needs, as we have the unique ability to apply self-healing capabilities to devices, applications, and network access. “Organizations are acknowledging that they need resilience-focused Zero Trust approaches, capable of integrating endpoint and access assessments at every step. By providing the critical components needed to achieve that resiliency - deep visibility, intelligence, and firmware-embedded Persistence - we are enabling them to not only protect devices, data, and users but also ensure critical controls are operating at maximum efficacy.” John Herrema, EVP of Products and Strategy at Absolute New capabilities available to Absolute Secure Endpoint customers in the latest product release include: Public API Expansion: The latest Absolute Secure Endpoint release adds new Public APIs to our existing library, allowing customers and partners to integrate our device actions into their existing workflows - significantly improving the efficiency of their existing workflows and enhancing automation capabilities. Absolute Connector for ServiceNow™: The Absolute Connector for ServiceNow enables joint customers to access Absolute’s comprehensive asset intelligence and single source of truth within their ServiceNow platform environment – enabling them to efficiently respond to service requests, supplement their ServiceNow workflows, and rapidly demonstrate compliance. Expanded Application Resilience™ Catalog: The Absolute Application Resilience catalog now includes support for more than 60 critical security applications that IT and security administrators can self-heal across their endpoints. Recent additions include WinMagic® MagicEndpoint™, Dell™ Trusted Device, Deep Instinct™, Norton 360™, OPSWAT™, UNOWHY™, Aranda Software™, and Pixart® MDM. The company also announced upcoming server and client enhancements to Absolute Secure Access, including: New Look and Feel: The names, status icons, fonts, and colors have been updated to reflect new product names and refreshed corporate brand; the core functionality and upgrade experience remain smooth and easy. SaaS Enhancements: The SaaS offering adds native NAT capabilities and enhanced alerting. Enhanced 5G Telemetry and Detection: Insights for Network dashboards that display cellular coverage, signal quality, and usage now include the 5G mid-band spectrum, and reflect improved 5G sensitivity. Deeper Visibility: The Secure Access/webService API has been enhanced, offering programmatic access to key pool performance metrics, including status information for our Active/Active server infrastructure. Faster NAC Checks: NAC capabilities are optimized, significantly reducing the time it takes for the VPN to connect and begin tunneling traffic. Android Client Enhancements: Collecting network telemetry on Android devices can now be done with the screen off to improve battery life, ensuring that administrators have actionable device and network information even if a device is in sleep mode. The Android cryptographic libraries providing FIPS 140-2 cryptography are also updated. The features included in the latest Absolute Secure Endpoint release are available now. For additional details, including which are available to Control, Visibility, or Resilience tier customers, visit here. The company expects to make Absolute Secure Access updates available to customers in January 2023. About Absolute Software Absolute Software is the only provider of self-healing, intelligent security solutions. Embedded in more than 600 million devices, Absolute is the only platform offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network connections - helping customers to strengthen cyber resilience against the escalating threat of ransomware and malicious attacks. Trusted by 18,000 customers, G2 recognized Absolute as a leader for the eleventh consecutive quarter in the Fall 2022 Grid® Report for Endpoint Management and as a high performer in the Grid Report for Zero Trust Networking.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Palo Alto Networks 5G-Native Security Now Available on Microsoft Azure Private Multi-Access Edge Compute

Palo Alto Networks | September 26, 2022

Palo Alto Networks, a Microsoft Azure private MEC ecosystem partner, today announced availability of VM-Series Virtual Next-Generation Firewall (NGFW) technology on the Azure Marketplace. Delivering end-to-end Zero Trust security at the enterprise edge, VM-Series virtual firewalls can now extend best-in-class NGFW capabilities to help protect Azure private MEC applications, providing centralized defense against cyberattacks. Azure private MEC combines network functions, applications and edge-optimized Azure services managed from the cloud to deliver high-performance, ultra-low-latency 4G/5G private wireless solutions that address the modern business needs of enterprise customers. "Our long-standing partner solutions with Azure and our VM-Series virtual firewalls have been protecting customer cloud environments for years. "The new VM-Series 5G capabilities enable enterprises to secure mission-critical applications in industry verticals like manufacturing, healthcare, utilities and public sector, all of which demand the latest in private wireless network technology." Prem Iyer, vice president, Ecosystems GSI and CSP, Palo Alto Networks Mobile 5G networks with multi-access edge compute combine AI and cloud technologies to transform enterprises and industries. Customers choose this next-generation mobile technology for its security and reliability, but increasingly sophisticated networks must be safeguarded against a complex and escalating "threatscape." Palo Alto Networks 5G-Native Security on the VM-Series brings advanced Layer 7 security capabilities to help detect and block known exploits, malware, malicious URLs, spyware, and command and control (C2) to 5G-powered edge computing use cases. The VM-Series Next-Generation Firewall enables enterprises to achieve comprehensive security for end-user application traffic that traverses the Azure Private 5G Core, securing edge infrastructure and helping detect and mitigate malicious activity within the user traffic. Key benefits of the solution include: Faster time to market with a fully tested and validated solution. Simpler deployment at scale from the Azure marketplace, facilitating a rapid rollout of NGFWs. Predefined configuration templates for comprehensive zero-day security. The Panorama management solution, integrated with Azure, allows for common management of VM-Series virtual firewalls deployed across all cloud and edge environments from a single console and provides centralized visibility and actionable insights into network traffic, logs and threats. "We're pleased to add Palo Alto Networks 5G security products to Azure Marketplace and our Azure private MEC ecosystem," said Shriraj Gaglani, general manager, Azure for Operators. "This adds an important option for customers when architecting critical end-to-end security frameworks that underpin Industry 4.0 use-cases built on our Azure private MEC solution." About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

PLATFORM SECURITY, SOFTWARE SECURITY

Vicarius Partners with CISA to Bring Awareness to Software Vulnerabilities for Cybersecurity Awareness Month

Vicarius | October 18, 2022

Vicarius, creators of vsociety, the open and independent social community for research and security professionals, has announced the publication of novel security research detailing multiple new exploits for popular developer tools. The publication comes in an effort to amplify safe hygiene practices during CISA’s Cybersecurity Awareness Month. October 2022 marks the 19th anniversary of National Cybersecurity Awareness Month, with this year’s campaign theme — “See Yourself in Cyber” — demonstrating that while cybersecurity may seem like a complex subject itself, it’s really all about people. In alliance with the Cybersecurity and Infrastructure Security Agency (CISA), who leverages the month to spread awareness of good cyber hygiene, Vicarius looks to enhance the security posture of organizations by publishing new research along with steps to mitigate the risk. Among the publications, which are provided to the community by independent researchers and validated by Vicarius, is a zero-day vulnerability for a popular Python developer tool called yacmmal. In the post, anonymous researcher “M” lays out the steps taken to compromise the application and execute code remotely, going further to warn “as this exploit is not known and no patches are available, usage of the package should be avoided until patches are public,” while providing a workaround for temporary protection. In a few subsequent posts to the community, the same researcher details an exploit to a beloved developer resource called Flask as well as a method to exploit a deserialization vulnerability in a python library called Jsonpickle. Both of these examples illustrate the potential for remote code execution and the steps required to mitigate the threat. Vicarius stresses the importance of providing mitigation details for any exploit posted to vsociety. Research is only published on the platform if it follows responsible disclosure and is accompanied by remediation details and documentation. “Our goal is to make organizations more aware of potential vulnerabilities in the wild and provide the steps necessary to protect against them. “With the growing popularity and prominence of Awareness Month, we aimed to go a step beyond the typical materials provided by other CISA partners, encouraging awareness of previously unpublished threats in the wild which all security teams should be cognizant of.” Vicarius CEO Michael Assraf Vicarius will release additional pieces of research that will be published to vsociety throughout the month. About Vicarius Vicarius helps security teams protect their most critical apps and assets against software exploitation through TOPIA, the company’s end-to-end vulnerability remediation platform. Founded by three security experts and backed by tier one investors from Silicon Valley, Vicarius’ mission is to provide customers with problem-solving solutions that proactively reduce risk wherever computer software resides.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Sentra Joins Cloud Security Alliance

Sentra | November 04, 2022

Sentra, a cloud data security company, today formally announced that it has joined the Cloud Security Alliance (CSA), the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. Backed by Bessemer Venture Partners and Zeev Ventures, Sentra enables security teams to gain full visibility and control of cloud data, as well as protect against sensitive data breaches across the entire public cloud stack. The company was recently recognized by Gartner® as a Sample Vendor for Data Security Posture Management in the Hype Cycle™ report for Data Security 2022.1 "As enterprise cloud adoption has accelerated across industries over the past two years, data security has become an inevitable challenge for all organizations –– Sentra's platform takes the guesswork out of what data needs to be protected. "We look forward to collaborating with CSA's extensive network of industry peers to create a secure cloud environment for all organizations. With Sentra's new North American headquarters in New York City, we're eager to align our product mission and security expertise with CSA's initiatives as we expand our global customer base." Yoav Regev, co-founder and CEO of Sentra "We're excited to welcome Sentra as a member of CSA," said Jim Reavis, co-founder and CEO of the Cloud Security Alliance. "Sentra's visibility-driven data security platform and its founders' decades of cyber security experience are an asset to our organization. We look forward to collaborating with Sentra to increase awareness of the importance of data protection in the cloud." GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved. Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. About Sentra Sentra is a cloud data security platform that helps organizations discover and remediate the top data security risks in their public cloud. Sentra automatically detects if sensitive data is vulnerable due to misconfigurations, over-permissions, unauthorized access, data duplication or other security issues. The company was founded in 2021 in Tel Aviv, Israel, and has raised $23 million in seed funding to date. The company is now co-headquartered in New York City and Tel Aviv. About the Cloud Security Alliance The Cloud Security Alliance (CSA) is the world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment. CSA harnesses the subject matter expertise of industry practitioners, associations, governments, and its corporate and individual members to offer cloud security-specific research, education, certification, events and products. CSA's activities, knowledge and extensive network benefit the entire community impacted by cloud — from providers and customers, to governments, entrepreneurs and the assurance industry — and provide a forum through which diverse parties can work together to create and maintain a trusted cloud ecosystem.

Read More

Spotlight

Financial institutions today have vast quantities of data available that can be used to flag potential fraudulent transactions, but many struggle to effectively leverage this data to fight fraud. This inability to make sense of available data not only reduces the amount of fraud activity detected, but can put the bank at risk of failing FDIC audits.

Resources