Category Archives: Industry News

Clients across industries choosing to run their SAP software workloads on IBM Cloud

IBM announced new services, partnerships and capabilities designed to help clients accelerate their hybrid cloud journeys and deploy and run SAP software workloads wherever they choose – from the IBM public cloud to on-premises. These new offerings expand on IBM and SAP’s global alliance partnership to help clients optimize their SAP software workloads. Global clients across industries are choosing to run their SAP software workloads on IBM Cloud, including Peruvian construction company Cementos Pacasmayo, Coca-Cola … More

The post Clients across industries choosing to run their SAP software workloads on IBM Cloud appeared first on Help Net Security.

Arctic Wolf raises $200M to introduce new security offerings and address new markets

Arctic Wolf announced it has raised $200 million in Series E funding at a valuation of $1.3 billion. The funding round was led by Viking Global Investors, with additional participation from DTCP and existing investors. This new round of funding will enable Arctic Wolf to accelerate the introduction of new security operations offerings, address new markets, and further cement its leadership position in the security operations and managed detection and response (MDR) markets. Using the … More

The post Arctic Wolf raises $200M to introduce new security offerings and address new markets appeared first on Help Net Security.

Steven Gatoff joins Absolute as Chief Financial Officer

Absolute announced the appointment of Steven Gatoff as Chief Financial Officer, effective November 10, 2020. Reporting directly to Christy Wyatt, Absolute’s President and CEO, Steven will have responsibility for all global finance, accounting, financial reporting, audit, tax, investor relations, and capital planning functions. Steven brings to Absolute over 25 years of financial expertise and leadership, and a distinctive track record of driving value creation for software companies, in both large public companies and earlier-stage, hyper-growth … More

The post Steven Gatoff joins Absolute as Chief Financial Officer appeared first on Help Net Security.

Avatier simplifies and secures IAM with release of iOS and Android mobile app platform

Avatier announced the release of Avatier for iOS and Android, a new mobile app platform that creates a collaborative, self-service approach to enterprise access without compromising security. Avatier promises to simplify identity access management (IAM) by empowering organizations with greater control over enterprise access requests, compliance access certifications, single sign-on (SSO) to reduce SaaS license cost and self-service password management, all for a better value than buying individual point solutions. Avatier’s new mobile experience is … More

The post Avatier simplifies and secures IAM with release of iOS and Android mobile app platform appeared first on Help Net Security.

Deepwatch Lens Score: SecOps maturity planning and benchmarking

Deepwatch announced deepwatch Lens Score, a fast, easy to use application for CISOs and those who are accountable for measuring, monitoring, and improving their company’s overall security operations maturity. Deepwatch Lens Score is available immediately on all mobile devices and via web browser and can be accessed and utilized by all security professionals at no cost. “We collaborate closely with our customers’ CISOs and have a comprehensive understanding of the challenges they face. CISOs are … More

The post Deepwatch Lens Score: SecOps maturity planning and benchmarking appeared first on Help Net Security.

Hitachi ID launches Hitachi ID Bravura Security Fabric, an identity and access management solution

Hitachi ID has unveiled the Hitachi ID Bravura Security Fabric and version 12.0 of its identity and privileged access management solution. “Executives making strategic decisions about identity and access vulnerabilities need to solve fundamental cybersecurity problems with a robust platform not a menagerie of siloed products,” says Kevin Nix, Chief Executive Officer, Hitachi ID Systems. “Our Hitachi ID Bravura Security Fabric lets organizations frame and optimize their cybersecurity programs with one singular platform across identity, … More

The post Hitachi ID launches Hitachi ID Bravura Security Fabric, an identity and access management solution appeared first on Help Net Security.

Socure unveils DocV, a fully-automated omnichannel document verification service

Socure announced DocV, a fully-automated omnichannel document verification service that expedites onboarding, reduces fraud, and works to eliminate costly manual reviews. Combining the power and scale of machine learning to accurately verify the authenticity of government-issued IDs, DocV produces auto-decisioning rates as high as 98%, in seconds. The most scalable and accurate document verification service available, DocV applies advanced analytics and computer vision to quickly confirm the authenticity of any government-issued ID, including more than … More

The post Socure unveils DocV, a fully-automated omnichannel document verification service appeared first on Help Net Security.

Incognia launches fraud detection solution for QR code contactless payments

Incognia announced the launch of its fraud detection solution designed for retailers, restaurants and payment providers leveraging QR codes for contactless payments. This comes at a critical time; according to Gartner’s Consumer Pandemic Attitudes and Behaviors Survey, “40% agreed with the statement ‘I’m more willing to do business with stores or other commercial premises that offer contactless payment options.’ ” With consumers ready to re-engage with vendors using contactless methods, health and security are top … More

The post Incognia launches fraud detection solution for QR code contactless payments appeared first on Help Net Security.

Quantum Integration IoT platform simplifies the creation of complex wireless apps

Quantum Integration has developed an Internet of Things (IoT) platform that provides electronic enthusiasts with a complete hardware and software solution. Unlike projects built with Raspberry Pi or Arduino where users must have a programming background, with Quantum’s platform no coding is required, making the creation of complex wireless applications faster and easier. Building projects with Arduino or Raspberry Pi requires a level of expertise that can be out of reach for many enthusiasts, especially … More

The post Quantum Integration IoT platform simplifies the creation of complex wireless apps appeared first on Help Net Security.

BetterCloud Discover: Giving enterprises full visibility into multi-SaaS environments

BetterCloud announced the launch of BetterCloud Discover. The new centralized platform gives enterprises insights into employee SaaS adoption, and visibility into the full scope of sanctioned and unsanctioned applications within their company’s multi-SaaS environment. The release also helps teams eliminate redundant applications and reclaim unused licenses for redistribution. New insights on SaaS usage help IT and security teams consolidate control over their environment and mitigate risks in their current security posture. “SaaS sprawl was already … More

The post BetterCloud Discover: Giving enterprises full visibility into multi-SaaS environments appeared first on Help Net Security.

Optelian launches platform featuring robust 1RU design ideal for anyhaul, anyrate and anywhere applications

Optelian introduced its DA (Deploy Anywhere) Series – a multi-service, compact and hardened (OSP-compliant) platform designed for multi-haul transport upgrades, remote business services access and fiber deep architectures. The DA Series marks a further leadership milestone for Optelian as it launches another industry leading platform using its unique hardening technology. Purpose-built for where deployment flexibility and scalability of service growth can be unpredictable, the hardened platform is capable of being deployed in harsh environments where … More

The post Optelian launches platform featuring robust 1RU design ideal for anyhaul, anyrate and anywhere applications appeared first on Help Net Security.

Windstream Enterprise WE Connect gives customers heightened visibility across their SD-WAN networks

Windstream Enterprise announced updates to its WE Connect portal, giving customers heightened visibility across their SD-WAN networks. “With the enhancements to WE Connect Insight Engine, customers now have even more perspective and analysis across their SD-WAN environments, allowing them to easily visualize, identify and respond to anomalies before they become business or network problems,” said Mike Frane, vice president of product management at Windstream Enterprise. “No other SD-WAN provider delivers this depth of insight and … More

The post Windstream Enterprise WE Connect gives customers heightened visibility across their SD-WAN networks appeared first on Help Net Security.

CymaticONE + VADR’s new features allow customers to protect their web properties from persistent attacks

Cymatic unveiled exciting new features to its client-side web application firewall, CymaticONE + VADR—the only WAF solution that combines client-side WAF defenses with a proprietary vulnerability, awareness, detection, and response (VADR) engine to deliver continuous in-session intelligence and cyber threat defense for users and applications. Click. Click. Done. It’s that simple. CymaticONE + VADR installs at the client with a single line of JavaScript to combat modern-day cyber threats such as Magecart, cross-site scripting (XSS), … More

The post CymaticONE + VADR’s new features allow customers to protect their web properties from persistent attacks appeared first on Help Net Security.

Attivo Networks ThreatPath now addresses proliferation of endpoints and credential protection challenges

Attivo Networks announced innovative enhancements to its ThreatPath solution, part of the modular ThreatDefend Endpoint Detection Net (EDN) family of products. ThreatPath, which continuously observes and shows credential exposures, now also provides organizations with the ability to identify and automatically remediate high-risk exposures based on identities with excess privileges, application data sources, at-risk practices such as local admin credentials stored on the endpoint, and shadow admin accounts. Many organizations start their incident response reactively after … More

The post Attivo Networks ThreatPath now addresses proliferation of endpoints and credential protection challenges appeared first on Help Net Security.

HSB Cyber Suite adds new insurance coverage and services to help prevent cybercrimes

What’s the best way for a small business owner to deal with a cyber-attack? Avoid it in the first place. If you can’t, get help from professionals. HSB Cyber Suite has your business covered, adding new insurance protection and risk management services, including website security scans and computer system upgrades to help prevent future cybercrimes, HSB announced. HSB Cyber Suite provides a comprehensive collection of cyber insurance and services designed to protect small and medium-size … More

The post HSB Cyber Suite adds new insurance coverage and services to help prevent cybercrimes appeared first on Help Net Security.

Mastercard, IDEMIA and MatchMove develop biometric card with fingerprint authorization

Mastercard has teamed up with IDEMIA and MatchMove on their first pilot in Asia of a biometric card that uses a fingerprint to authorize transactions at in-store payment terminals. The card, with the product name F.CODE Easy, takes the seamless and intuitive experience of biometric authentication from a smartphone to a smart card. It makes transactions more convenient, safe and secure by eliminating the need for a cardholder to provide a PIN number or signature, … More

The post Mastercard, IDEMIA and MatchMove develop biometric card with fingerprint authorization appeared first on Help Net Security.

Cysiv partners with Google Cloud to help customers simplify the security of their cloud workloads

Cysiv announced it has become part of the Google Cloud Technology Partner Co-sell Program. Google Cloud’s global sales force will now collaborate with Cysiv to help customers simplify the security of their cloud workloads. The co-sell program incentivizes the global sales teams to identify customer opportunities and collaborate to support cloud transformation projects by addressing customer requirements for security and compliance. Cysiv 24/7 SOC-as-a-Service helps organizations accelerate their cloud modernization and application development initiatives by … More

The post Cysiv partners with Google Cloud to help customers simplify the security of their cloud workloads appeared first on Help Net Security.

Danske Bank implements Behavox’s solution for compliance supervision

Behavox announced that Danske Bank has successfully implemented Behavox’s solution in less than five months for compliance supervision. “Danske Bank is committed to developing innovative solutions to help us reach the highest standards of corporate governance and meet the expectations of our customers, employees and other stakeholders,” said Simon Kingsbury, Executive Vice President at Danske Bank. “By partnering with Behavox, we have been able to significantly advance our capabilities in compliance. By using the artificial … More

The post Danske Bank implements Behavox’s solution for compliance supervision appeared first on Help Net Security.

Fidelis Cybersecurity appoints Anup Ghosh as CEO

Fidelis Cybersecurity announced the appointment of cybersecurity industry veteran, Anup Ghosh as CEO. Ghosh leaves his post as Managing Director at Accenture Security to drive Fidelis Cybersecurity through its next growth stage following the company’s acquisition by Skyview Capital late last year. “Anup is extremely well-qualified to lead Fidelis in the next stage of its growth”, said Darryl Smith, President of Global Portfolio Operations at Skyview Capital. “His deep knowledge of the cybersecurity industry coupled … More

The post Fidelis Cybersecurity appoints Anup Ghosh as CEO appeared first on Help Net Security.

Updates to MariaDB SkySQL bring distributed SQL to the MariaDB cloud

MariaDB announced a major expansion of MariaDB SkySQL cloud database. With this update, SkySQL now runs the latest version of MariaDB Platform X5, which most notably added distributed SQL capabilities for global scale. With the ability to be deployed as clustered or distributed, MariaDB SkySQL addresses customers’ specific needs all within one powerful, indestructible cloud database. “We built MariaDB SkySQL to reduce the complexities introduced by first-generation cloud databases,” said Michael Howard, CEO, MariaDB Corporation. … More

The post Updates to MariaDB SkySQL bring distributed SQL to the MariaDB cloud appeared first on Help Net Security.

Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks

Agile1 has launched Predictive Analytics Risk Scoring to provide technology executives the foresight to understand cyber risk exposure. The platform is designed to help organizations identify, prioritize and quantify cybersecurity risks with 78% fewer false positives. Agile1’s Predictive Risk Scoring is a tremendously accurate predictive security score because the platform aggregates and analyzes all consolidated security data in an organization. This includes the cloud, devices, network, SaaS applications, API’s and anomalous human behavior. Measuring cyber … More

The post Agile1 Predictive Analytics Risk Scoring helps orgs identify, prioritize and quantify cybersecurity risks appeared first on Help Net Security.

SlashNext launches on-device AI mobile phishing defense for iOS and Android

SlashNext announced the on-device AI mobile phishing defense for iOS and Android with natural language and link-based detection to protect users from the exponential increase in mobile-based SMS phishing (‘SMishing’) attacks. Now SlashNext, customers and partners can benefit from the industry’s fastest and most accurate, 2.0 mobile AI phishing defense, protecting users from all forms of phishing across all their communication channels – SMS, email, social networking, gaming, collaboration and search – without compromising user … More

The post SlashNext launches on-device AI mobile phishing defense for iOS and Android appeared first on Help Net Security.

SureView Operations: A hosted service for running security command centers

SureView Systems is launching SureView Operations (Ops), a subscription-based version of its respected command center management system. The Ops platform optimizes operational processes and team response to radically improve the coordination and management of security events, creating better security outcomes. “Over the last few months, our customers have shared with us how Covid-19 has caused a rethink in their security operations. Overwhelmingly, they are looking for flexible solutions that can be implemented immediately, to support … More

The post SureView Operations: A hosted service for running security command centers appeared first on Help Net Security.

Blackpoint Cyber launches Blackpoint RISK, a cyber liability insurance solution for existing and new clients

Blackpoint Cyber launched Blackpoint RISK – a cyber liability insurance solution created specifically for its partners and their customers. Blackpoint RISK is available to existing and new clients and provides an additional layer of protection against cyber incidents, including cyber-crime, ransomware, and malicious attacks. A common phrase in cyber security is, “It’s not a question of if, but when.” Cyber security programs traditionally focus on awareness, prevention, and response – but many are unprepared for … More

The post Blackpoint Cyber launches Blackpoint RISK, a cyber liability insurance solution for existing and new clients appeared first on Help Net Security.

Splunk helps security teams modernize and unify their security operations in the cloud

Splunk announced a series of new product innovations designed to help security teams around the world modernize and unify their security operations in the cloud. Led by new, cloud-centric updates to Splunk Enterprise Security, Splunk Mission Control and the newly announced Splunk Mission Control Plug-In Framework, Splunk’s security operations suite enables Splunk customers to secure their cloud journey and solve their toughest cloud security challenges with data. The dawn of the Data Age has sped … More

The post Splunk helps security teams modernize and unify their security operations in the cloud appeared first on Help Net Security.

NetApp helps orgs easily develop applications in the cloud with updates to its data management software

NetApp announced enhancements to industry-leading cloud-connected NetApp ONTAP data management software. The company also announced a more flexible NetApp Keystone Flex Subscription service and a new NetApp SolidFire Enterprise SDS solution. With these updates, NetApp helps organizations everywhere unlock the best of cloud. Organizations can now optimize performance and security, reduce costs, easily extend data management from on premises to any cloud, and consume hybrid cloud infrastructure as a service. “Digital transformation has accelerated to … More

The post NetApp helps orgs easily develop applications in the cloud with updates to its data management software appeared first on Help Net Security.

CyberSaint adds automation functionality to its CyberStrong platform to reduce manual intervention

CyberSaint announced new updates to the CyberStrong platform allowing customers to drastically reduce manual intervention previously necessary to assess, manage, and communicate cyber and IT compliance and risk posture. Unexpected disruptions and the increasing focus on digital transformation have heightened organizations’ need to seek innovative solutions that deliver advanced levels of automation. Simultaneously, information security and risk leaders are challenged to have clear visibility into cyber risk and optimize resources across risk and compliance projects. … More

The post CyberSaint adds automation functionality to its CyberStrong platform to reduce manual intervention appeared first on Help Net Security.

CTERA 7.0: Unifying local file sharing with cloud hyperscale storage

CTERA released version 7.0 of its Enterprise File Services Platform, delivering ultra-fast edge-to-cloud synchronization, secure geo-segmentation, embedded antivirus, and built-in data discovery and migration from legacy file storage. The release sets a new bar for multi-cloud global file systems, offering the most feature-rich, fast and secure platform in the industry. The CTERA Enterprise File Services Platform unifies local file sharing with cloud hyperscale storage, allowing enterprises to modernize every aspect of their distributed file services … More

The post CTERA 7.0: Unifying local file sharing with cloud hyperscale storage appeared first on Help Net Security.

Semtech LoRa Edge platform now eliminates design complexity for IoT applications

Semtech has announced two new enabling solutions for its LoRa Edge platform: LoRa Basics Modem-E, a software modem leveraging the LoRaWAN protocol for the LoRa Edge platform that runs inside the LoRa Edge transceiver, and the LoRa Edge Tracker Reference Design, a device-to-Cloud commercial grade reference solution for asset tracking applications. LoRa Basics Modem-E, which forms part of the LoRa Basics library of software tools and solution accelerators, is fully compliant with the LoRaWAN protocol … More

The post Semtech LoRa Edge platform now eliminates design complexity for IoT applications appeared first on Help Net Security.

Sequitur Labs joins NVIDIA Partner Network to address data and device security needs of the IoT

Sequitur Labs announced it has officially joined the NVIDIA Partner Network with full support for the NVIDIA Jetson platform and protection of IP at the edge. The NVIDIA Jetson edge AI platform powers a range of industrial IoT applications that require various performance levels and prices – from AI-powered network video recorders (NVRs) to automated optical inspection (AOI) in high-precision manufacturing to autonomous mobile robots (AMRs). The Jetson platform supports cloud-native capabilities across the full … More

The post Sequitur Labs joins NVIDIA Partner Network to address data and device security needs of the IoT appeared first on Help Net Security.

Seclore and McAfee integrate to provide continuous protection of data in the cloud

Seclore announced that it will now provide a joint offering, combining its data-centric security technology with McAfee MVISION Cloud. This integration brings together the best of breed technologies in their respective fields. This integrated offering helps discover, tag, protect, and track confidential information within the enterprise and outside. Together, Seclore and McAfee have answered the most common question for enterprises adopting the cloud with a distributed workforce and external agencies, i.e., “What happens to my … More

The post Seclore and McAfee integrate to provide continuous protection of data in the cloud appeared first on Help Net Security.

Innodisk and ASUS partner to bring reliable remote management to IoT solutions

Innodisk and ASUS announced a new strategic partnership between the two companies. As part of the partnership, ASUS is equipping its ASUS PE200U edge computer with Innodisk’s next-generation flash storage, the out-of-band management-enabled Innodisk InnoAGE SSD. This solution allows customers to roll out more reliable and secure edge devices and IoT infrastructure than ever before. Ready for 500 billion IoT devices and beyond Cisco projects that there will be 500 billion IoT devices in the … More

The post Innodisk and ASUS partner to bring reliable remote management to IoT solutions appeared first on Help Net Security.

Windstream Enterprise promotes Brad Smith to head of Strategic Channels

Windstream Enterprise (WE) announced organizational changes to its channel partner program. Brad Smith, currently vice president – Indirect Sales at Windstream Enterprise, has been promoted to head of Strategic Channels. “Brad has led award-winning national sales teams for large communications companies. His promotion to Channel Chief ensures the significant momentum, gained through our Channel Integration initiative, will continue to grow and foster collaboration with Windstream Enterprise sales,” said Layne Levine, president of Windstream Enterprise. Smith, … More

The post Windstream Enterprise promotes Brad Smith to head of Strategic Channels appeared first on Help Net Security.

Virtru expands executive team with the appointment of Dana Morris and Will Peppo

Virtru announced the addition of two executives charged with advancing the open Trusted Data Platform and further accelerating the adoption of data encryption solutions for secure collaboration – which has more than doubled since March. Dana Morris, Virtru’s Senior Vice President of Product, will lead the company’s product and platform strategy, focused on accelerating Virtru’s open source roadmap, increasing developer adoption and driving frictionless user experience for key products such as Virtru for Email. Will … More

The post Virtru expands executive team with the appointment of Dana Morris and Will Peppo appeared first on Help Net Security.

Adlumin appoints Jim Adams as Vice President, Worldwide Channels

Adlumin announced the appointment of Jim Adams as Vice President, Worldwide Channels. Adams is based out of the Boston area and will be responsible for building and executing partner strategies across all partner types including global system integrators, MSSPs, value-added resellers, distributors and services partners. Adams brings over 25 years of IT experience, principally at Cisco Systems, focusing on the monetization of global partnerships as well as channel programs and execution. He has extensive experience … More

The post Adlumin appoints Jim Adams as Vice President, Worldwide Channels appeared first on Help Net Security.

Wickr launches Federal Advisory Board to provide strategic guidance on the company’s federal strategy

Wickr announced the launch of its Federal Advisory Board to provide strategic guidance on the company’s federal strategy to connect end users with secure collaboration for mission-critical needs. Members of the Wickr Federal Advisory Board include (in alphabetical order): John Carlin, Partner, Morrison Forrester; former Assistant Attorney General for the U.S. Department of Justice’s National Security Division and former Chief of Staff to then-FBI Director Robert S. Mueller, III Sean Corbett, CEO and Founder, IntSight … More

The post Wickr launches Federal Advisory Board to provide strategic guidance on the company’s federal strategy appeared first on Help Net Security.

eSentire launches automated detection and response solution for Microsoft Security products

eSentire unveiled eSentire Cloud Automation Security Assistant (CASA), the company’s automated detection and response solution for Microsoft Security products. With CASA, eSentire brings its MDR leadership and expertise from over 10 years of threat hunting to Microsoft users. CASA offers customers a single place within Microsoft Teams to actively manage alerts, engage eSentire experts on demand, and launch automated threat configurations for Microsoft Cloud Application Security, Microsoft 365, Microsoft Defender for Endpoint, Microsoft Azure, and … More

The post eSentire launches automated detection and response solution for Microsoft Security products appeared first on Help Net Security.

Entrust launches direct-to-card solution for instant physical and mobile ID issuance

Entrust announced the Sigma Instant Desktop Issuance solution, a direct-to-card solution for instant physical and mobile ID issuance. Designed for both cloud and on-premise deployment, the Sigma solution sets the standard for simple, secure and smart instant ID solutions across enterprise, healthcare, government, higher education and financial institutions. Today’s enterprises face a myriad of security challenges: From transitioning to digital operations during the pandemic, to managing the global rise in cyber-attacks, they must maintain a … More

The post Entrust launches direct-to-card solution for instant physical and mobile ID issuance appeared first on Help Net Security.

IoT Security Foundation unveils online platform to help IoT vendors report and manage vulerabilities

An online platform designed to help IoT vendors receive, assess, manage and mitigate vulnerability reports has been launched by the IoT Security Foundation (IoTSF). VulnerableThings.com aims to simplify the reporting and management of vulnerabilities whilst helping IoT vendors comply with new consumer IoT security standards and regulations. As the first globally applicable standard for consumer IoT cybersecurity, the new ETSI EN 303 645 specification requires IoT vendors – which could include device manufacturers or importers/distributors … More

The post IoT Security Foundation unveils online platform to help IoT vendors report and manage vulerabilities appeared first on Help Net Security.

Honeywell launches Honeywell Secure Media Exchange to protect against malicious USB attacks

Honeywell announces the launch of Honeywell Secure Media Exchange (SMX) R201.1, an enterprise software offering to better protect users from advanced malware and firmware-based cybersecurity attacks from USB drives and other removable media. Honeywell SMX can help organizations reduce cybersecurity risk and operational disruption through advanced threat detection capability for operating environments including those in critical infrastructure. “We are excited to expand Honeywell SMX as an enterprise security solution to include hardware device management with … More

The post Honeywell launches Honeywell Secure Media Exchange to protect against malicious USB attacks appeared first on Help Net Security.

Zerto Data Protection: Continuous data protection to all app tiers displacing traditional backup

Zerto launched Zerto Data Protection (ZDP), which displaces traditional backup with continuous data protection (CDP) for all applications. By offering a new, cost-effective backup solution, Zerto is bringing the power of its award-winning CDP to all applications at a much lower TCO. “At Zerto, we have always worked with our customers to deliver backup and data protection solutions that align with their enterprise IT infrastructure strategies,” commented Gil Levonai, CMO and senior vice president of … More

The post Zerto Data Protection: Continuous data protection to all app tiers displacing traditional backup appeared first on Help Net Security.

Protiviti launches privacy offering in response to the evolving privacy landscape exacerbated by COVID-19

Protiviti has launched a new privacy offering in response to the evolving privacy landscape, which has been exacerbated by the Covid-19 pandemic. Privacy as a Service (Protiviti PraaS), is a managed service privacy offering helping companies assess their privacy needs, implement effective compliance measures and respond to new and changing regulations. “You cannot have privacy without security – the two go hand in hand. In the current environment where employees are working remotely all over … More

The post Protiviti launches privacy offering in response to the evolving privacy landscape exacerbated by COVID-19 appeared first on Help Net Security.

Phunware unveils MaaS Customer Data Platform to help create persistent, unified customer databases

Phunware announced the launch of its Multiscreen-as-a-Service (MaaS) Customer Data Platform (CDP). The global CDP market is expected to grow at a Compound Annual Growth Rate (CAGR) of 34% to more than $10.3 billion by 2025. This worldwide market is being fueled and accelerated by the ongoing COVID-19 pandemic as businesses from retailers to healthcare providers are increasingly relying on software, machine learning and artificial intelligence to more effectively market, sell and communicate to their … More

The post Phunware unveils MaaS Customer Data Platform to help create persistent, unified customer databases appeared first on Help Net Security.

AEM introduces NSA, a hybrid Qualification+ tester, changes testing landscape

AEM introduced the Network Service Assistant (NSA) with Certi-Lite, a new category of hybrid tester that bridges the gap in existing test equipment between network connectivity and standards-based cable testing. Simultaneously, the company has announced the availability of TestDataPro Cloud, which offers users the ability to upload results through a network connection, giving managers the ability to track project progress in real-time. With NSA Certi-Lite, network owners no longer have to choose between wire testers … More

The post AEM introduces NSA, a hybrid Qualification+ tester, changes testing landscape appeared first on Help Net Security.

Mimecast selects Smartsheet to drive strategic enterprise initiatives across its org

Smartsheet announced Mimecast has selected Smartsheet to drive strategic enterprise initiatives across its organization, digitally transform its processes and better service its global customer base. “Digital transformation has become a key priority for our organization as we continue to grow and scale our solution,” said Phil Yennaco, Director Enterprise Project Management Office at Mimecast. “We turned to Smartsheet to give our teams the structure and scalability needed to execute on strategic initiatives that would enhance … More

The post Mimecast selects Smartsheet to drive strategic enterprise initiatives across its org appeared first on Help Net Security.

SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage

SentinelOne announced it has secured a new patent from the U.S. Patent & Trademark Office (USPTO). SentinelOne’s latest patent, USPTO Patent No. 10,762,200, titled System and Methods for Executable Code Detection, Automatic Feature Extraction, and Position-Independent Code Detection, recognizes SentinelOne for its unique approach to uncovering exploits in their initial payload stage. In addition, the patent highlights the innovative way in which SentinelOne’s industry-lauded, AI-based engine extracts the valuable traits out of any given file … More

The post SentinelOne secures patent for unique approach to uncovering exploits in their initial payload stage appeared first on Help Net Security.

ASUS equips its ASUS PE200U and PE200S edge computers with Innodisk’s next-gen flash storage

Innodisk and ASUS announced a new strategic partnership between the two companies. As part of the partnership, ASUS is equipping its ASUS PE200U and PE200S edge computers with Innodisk’s next-generation flash storage, the out-of-band management-enabled Innodisk InnoAGE SSD. This solution allows customers to roll out more reliable and secure edge devices and IoT infrastructure than ever before. Ready for 500 billion IoT devices and beyond Cisco projects that there will be 500 billion IoT devices … More

The post ASUS equips its ASUS PE200U and PE200S edge computers with Innodisk’s next-gen flash storage appeared first on Help Net Security.

Derek Abdine hired as CTO at Censys

Censys announced that it has hired Derek Abdine as CTO. Abdine will lead innovation and technical strategy at Censys. An accomplished researcher, advisor and evangelist to the security community, Abdine brings over 15 years of leadership experience in the computer security industry. Prior to joining Censys, he was head of Labs at security automation firm Rapid7, which he helped grow to an over $2 billion market cap leader. While at Rapid7, he led new developments … More

The post Derek Abdine hired as CTO at Censys appeared first on Help Net Security.

Sarah Butterfass joins NETGEAR board of directors

NETGEAR welcomes Sarah Butterfass to the company’s board of directors. Sarah has held executive roles with some of the top consumer-facing brands including Groupon and Orbitz. “Sarah’s background in delivering world-class customer experience and loyalty for some of the most recognized brands in the industry will prove instrumental as we continue to deliver more value-added services to our industry-leading networking products.” Sarah is the incoming Chief Product Officer (CPO) at FanDuel. As CPO, Sarah will … More

The post Sarah Butterfass joins NETGEAR board of directors appeared first on Help Net Security.

This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how cybercriminals are passing the time during the COVID-19 pandemic with online poker games, where the prizes include stolen data. Also, read about how VirusTotal now supports Trend Micro ELF Hash (aka telfhash).

 

Read on:

Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles

Cybercriminals have put their own spin on passing time during the COVID-19 lockdown with online rap battles, poker tournaments, poem contests, and in-person sport tournaments. The twist is that the prize for winning these competitions is sometimes stolen data and tools to make cybercrime easier, according to new research from Trend Micro.

Becoming an Advocate for Gender Diversity: Five Steps that Could Shape Your Journey

Sanjay Mehta, senior vice president at Trend Micro, was recently named a new board member at Girls In Tech—a noted non-profit and Trend Micro partner working tirelessly to enhance the engagement, education, and empowerment of women in technology. In this blog, Sanjay shares five steps that you can use to become an ally for diversity in the workplace.

October Patch Tuesday: Microsoft Patches Critical, Wormable RCE Bug

In this month’s Patch Tuesday update, Microsoft pushed out fixes for 87 security vulnerabilities – 11 of them critical – and one of those is potentially wormable. There are also six bugs that were previously unpatched but publicly disclosed, which could give cybercriminals a leg up — and in fact at least one public exploit is already circulating for this group.

VirusTotal Now Supports Trend Micro ELF Hash

To help IoT and Linux malware researchers investigate attacks containing Executable and Linkable Format (ELF) files, Trend Micro created telfhash, an open-source clustering algorithm that helps cluster Linux IoT malware samples. VirusTotal has always been a valuable tool for threat research and now, with telfhash, users of the VirusTotal Intelligence platform can pivot from one ELF file to others.

New Emotet Attacks Use Fake Windows Update Lures

File attachments sent in recent Emotet campaigns show a message claiming to be from the Windows Update service, telling users that the Office app needs to be updated. Naturally, this must be done by clicking the Enable Editing button. According to the Cryptolaemus group, since yesterday, these Emotet lures have been spammed in massive numbers to users located all over the world.

Metasploit Shellcodes Attack Exposed Docker APIs

Trend Micro recently observed an interesting payload deployment using the Metasploit Framework (MSF) against exposed Docker APIs. The attack involves the deployment of Metasploit’s shellcode as a payload, and researchers said this is the first attack they’ve seen using MSF against Docker. It also uses a small, vulnerability-free base image in order for the attack to proceed in a fast and stealthy manner.

Barnes & Noble Warns Customers It Has Been Hacked, Customer Data May Have Been Accessed

American bookselling giant Barnes & Noble is contacting customers via email, warning them that its network was breached by hackers, and that sensitive information about shoppers may have been accessed. In the email to customers, Barnes & Noble says that it became aware that it had fallen victim to a cybersecurity attack on Saturday, October 10th.

ContentProvider Path Traversal Flaw on ESC App Reveals Info

Trend Micro researchers found ContentProvider path traversal vulnerabilities in three apps on the Google Play store, one of which had more than 5 million installs. The three applications include a keyboard customization app, a shopping app from a popular department store, and the app for the European Society of Cardiology (ESC). Fortunately, the keyboard and department store apps have both been patched by developers. However, as of writing this blog, the ESC app is still active.

Carnival Corp. Ransomware Attack Affects Three Cruise Lines

Hackers accessed personal information of guests, employees and crew of three cruise line brands and the casino operations of Carnival Corp. in a ransomware attack the company suffered on Aug. 15, officials have confirmed. Carnival Cruise Line, Holland America Line and Seabourn were the brands affected by the attack, which Carnival said they’re still investigating in an update on the situation this week.

Docker Content Trust: What It Is and How It Secures Container Images

Docker Content Trust allows users to deploy images to a cluster or swarm confidently and verify that they are the images you expect them to be. In this blog from Trend Micro, learn how Docker Content Trust works, how to enable it, steps that can be taken to automate trust validation in the continuous integration and continuous deployment (CI/CD) pipeline and limitations of the system.

Twitter Hackers Posed as IT Workers to Trick Employees, NY Probe Finds

A simple phone scam was the key first step in the Twitter hack that took over dozens of high-profile accounts this summer, New York regulators say. The hackers responsible for the July 15 attack called Twitter employees posing as company IT workers and tricked them into giving up their login credentials for the social network’s internal tools, the state’s Department of Financial Services said.

What is a DDoS Attack? Everything You Need to Know About Distributed Denial-of-Service Attacks and How to Protect Against Them

A distributed denial-of-service (DDoS) attack sees an attacker flooding the network or servers of the victim with a wave of internet traffic so big that their infrastructure is overwhelmed by the number of requests for access, slowing down services or taking them fully offline and preventing legitimate users from accessing the service at all. DDoS attacks are one of the crudest forms of cyberattacks, but they’re also one of the most powerful and can be difficult to stop.

Cyberattack on London Council Still Having ‘Significant Impact’

Hackney Council in London has said that a cyberattack earlier this week is continuing to have a “significant impact” on its services. Earlier this week, the north London council said it had been the target of a serious cyberattack, which was affecting many of its services and IT systems.

 

Surprised by the new Emotet attack?  Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash appeared first on .

NCC Group Remediate: Providing remedial action and support to strenghten clients’ security postures

NCC Group has officially launched its new Remediate service, which provides immediate remedial action and long-term strategic support to strengthen organizations’ security postures and reduce their cyber risk. The global cyber security and risk mitigation expert created Remediate to combine reactive support – including direct resolution of high-priority issues uncovered during testing and 24/7 incident response during a breach – with the proactive creation of long-term security roadmaps. Resource constraints and a lack of advanced … More

The post NCC Group Remediate: Providing remedial action and support to strenghten clients’ security postures appeared first on Help Net Security.

IDrive Online Backup releases EPYC, a secure video conferencing and AR powered video sharing app

IDrive Online Backup has released EPYC, a secure video conferencing and AR powered video sharing application, empowering remote workforces to meet face-to-face and collaborate on projects as if they were meeting in person. Due to COVID-19 and the current remote work climate, IDrive has recognized the need for businesses to enhance the tools they have at their disposal in order to keep their employees productive and present. By releasing EPYC, IDrive has helped solve this … More

The post IDrive Online Backup releases EPYC, a secure video conferencing and AR powered video sharing app appeared first on Help Net Security.

Privacera Platform 4.0: Automating the enterprise data governance lifecycle

Privacera announced the general availability of version 4.0 of the Privacera Platform, an enterprise data governance and security solution for machine learning and analytic workloads in the public cloud. Driven by increasing customer demand, Privacera 4.0’s new features include: access workflows for faster on-boarding and customized data access; expanded discovery for seamless data tagging in complex infrastructures; and an encryption gateway for automated encryption and decryption abilities. “For enterprises to truly maximize the value of … More

The post Privacera Platform 4.0: Automating the enterprise data governance lifecycle appeared first on Help Net Security.

Entrust Datacard MX Series Card Issuance systems now solving challenges for central issuance providers

Entrust announced new enhancements to the Datacard MX Series Card Issuance systems: the Duplex Drop on Demand Printing module; and new Metal Card Input and Metal Card Output modules. The enhancements build upon Entrust’s position as a leader in developing the core technologies needed to keep the world moving safely, while also highlighting the company’s commitment to providing customers with the scalability and flexibility needed to meet evolving business needs. Card issuers are looking for … More

The post Entrust Datacard MX Series Card Issuance systems now solving challenges for central issuance providers appeared first on Help Net Security.

This Week in Security News: A Look Inside the Bulletproof Hosting Business and Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

week in security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how cybercriminals secure their assets and survive in the business in a new Trend Micro report. Also, read about a how cybercriminals are tapping into Amazon’s Prime Day with phishing and malicious websites that are fraudulently using the Amazon brand.

Read on:

French Companies Under Attack from Clever BEC Scam

Trend Micro researchers observed a new modus operandi involving a clever BEC campaign that uses social engineering to target French companies. Malicious actors impersonated a French company in the metal fabrication industry that provides services to several organizations. They then registered a domain very similar to the legitimate one used by the business and used it to send emails to their targets. 

Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks

Cybercriminals are tapping into Amazon’s annual Prime Day with researchers warning of a recent spike in phishing and malicious websites that are fraudulently using the Amazon brand. There has been a spike in the number of new monthly phishing and fraudulent sites created using the Amazon brand since August, the most significant since the COVID-19 pandemic forced people indoors in March.

CSO Insights: DataBank’s Mark Houpt on Looking Beyond Securing Infrastructures in the New Normal

The big move to working remotely wasn’t completely difficult for Mark Houpt, CISO at DataBank. After all, he has been doing so since before COVID-19. However, when the pandemic hit, DataBank, like many other companies across the globe, had to help most of their employees transition securely and smoothly to virtual work. Read up on the several important security considerations this experience highlighted.

240+ Android Apps Caught Showing Out-of-Context Ads

This summer, Google removed more than 240 Android applications from the Play Store for showing out-of-context ads and breaking a newly introduced Google policy against this type of intrusive advertising. Out-of-context ads are mobile ads that are shown outside an app’s normal container and appear as pop-ups or as full-screen ads.

Safe and Smart Connections: Securing IoT Networks for Remote Setups

As a result of our work-from-home (WFH) arrangements, there is an increased demand on networks as remote operations have created greater dependence on the IoT. Subsequently, now is a good time to re-examine the security of your network. Rather than only focusing on securing individual devices that can compromise a network, users should also secure the network to minimize threats across several devices.

Inside the Bulletproof Hosting Business

The use of underground infrastructure is inherent to the modus operandi of a cybercriminal. In Trend Micro’s Underground Hosting series, it differentiates how cybercrime goods are sold in marketplaces and what kinds of services are offered. In this final part of the Underground Hosting report series, Trend Micro explores the methods criminals employ to secure their assets and survive in the business.

Comcast Voice Remote Control Could be Turned into Spying Tool

The Comcast XR11 voice remote controller was recently found to be vulnerable and could be turned into a spying tool that eavesdrops on users. Discovered by researchers at Guardicore, the attack has been named WarezTheRemote and is said to be a very serious threat, considering that the remote is used for over 18 million devices across the U.S.

Transforming IoT Monitoring Data into Threat Defense

In the first half of 2020, there was a 70% increase in inbound attacks on devices and routers compared to the second half of 2019, which included attacks on IoT systems. To protect customers effectively by continuously monitoring trends in IoT attacks, Trend Micro examined Mirai and Bashlite (aka Qbot), two notorious IoT botnet malware types, and shares the figures relating to these botnets’ command and control (C&C) servers, IP addresses, and C&C commands.

Russia’s Fancy Bear Hackers Likely Penetrated a Federal Agency

Last week the Cybersecurity and Infrastructure Security Agency published an advisory that hackers had penetrated a US federal agency. Now, clues uncovered by a researcher at cybersecurity firm Dragos and an FBI notification to hacking victims obtained by WIRED in July suggest that it was Fancy Bear, a team of hackers working for Russia’s GRU also known as APT28.

Threat Research & XDR Combine to Stop Cybercrime

Like legitimate businesses across the globe seeking to improve their information security and protect their network infrastructure, cybercriminal businesses take similar precautions. Trend Micro Research released the final report in a series focused on this part of cybercriminal business: Underground hosting providers. Based on the report, it’s clear that understanding both the criminal business and the attacks themselves better prepares defenders and investigators to identify and eliminate threats.

Researchers Find Vulnerabilities in Microsoft Azure Cloud Service

As businesses are increasingly migrating to the cloud, securing the infrastructure has never been more important. According to research by Paul Litvak of Intezer Labs, two security flaws in Microsoft’s Azure App Services could have enabled a bad actor to carry out server-side request forgery (SSRF) attacks or execute arbitrary code and take over the administration server.

Cyber Security Awareness: A Critical Checklist

October 2020 marks the 17th year of National Cybersecurity Awareness Month, where users and organizations are encouraged to increase awareness of cybersecurity issues. To help raise awareness, Trend Micro’s Consumer Division breaks down of the security issues you should be aware of and shares tips about how you can protect yourself and your family while working, learning, or gaming at home.

The Basics of Keeping Kubernetes Cluster Secure: Worker Nodes and Related Components

In part one of this blog series, Trend Micro talked about the different ways developers can protect control plane components, including Kube API server configurations, RBAC authorization, and limitations in the communication between pods through network policies. In this second part, Trend Micro focuses on best practices that developers can implement to protect worker nodes and their components.

Are you surprised that Comcast voice activated remote controllers could be turned into a spying tool?  Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: A Look Inside the Bulletproof Hosting Business and Amazon Prime Day Spurs Spike in Phishing, Fraud Attacks appeared first on .

This Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageX

week in security

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how an adware family known primarily for distributing browser hijackers, Linkury, has been caught distributing malware. Also, read about a newly uncovered strain of the Glupteba trojan.

 

Read on:

Cross-Platform Modular Glupteba Malware Uses ManageX

Trend Micro recently encountered a variant of the Glupteba trojan and reported its attacks on MikroTik routers and updates on its command and control (C&C) servers. The use of ManageX, a type of modular adware that Trend Micro has recently analyzed, is notable in this newly uncovered strain as it aims to emphasize the modularity and the cross-platform features of Glupteba as seen through its code analysis.

Phishing Attack Targets Microsoft 365 Users with Netflix & Amazon Lures

Security researchers have been tracking a phishing campaign that abuses Microsoft Office 365 third-party application access to obtain specific resources from victims’ accounts. The attacker, dubbed TA2552, mostly uses Spanish-language lures and a narrow range of themes and brands. These attacks have targeted organizations with a global presence but seem to choose victims who likely speak Spanish, according to a report from Proofpoint researchers.

New Report Suggests the Bug Bounty Business is Recession-Proof

A new report from HackerOne presents data suggesting that the bug bounty business might be recession-proof, citing increases in hacker registrations, monthly vulnerability disclosures and payouts during a pandemic-induced economic downturn. Brian Gorenc, senior director of vulnerability research and director of Trend Micro’s Zero Day Initiative program, shared that he’s seen bug bounty activity increase with ZDI publishing 1,045 vulnerability advisories in all of 2019 and 1,235 already in 2020.

Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis

We’ve all been spending more time online since the pandemic hit, and as a result we’re sharing more personal and financial information online with each other and with organizations. Unfortunately, as ever, there are bad guys around every digital corner looking for this. Personally identifiable information (PII) is the currency of internet crime, and cyber-criminals will do whatever they can to get it.

Linkury Adware Caught Distributing Full-Blown Malware

An adware family known primarily for distributing browser hijackers has been caught distributing malware, security researchers said at the Virus Bulletin 2020 security conference. Its main method of distribution is the SafeFinder widget, a browser extension ironically advertised as a way to perform safe searches on the internet. K7 researchers say that in recent cases they analyzed, the SafeFinder widget has now also begun installing legitimate malware, such as the Socelars and Kpot infostealer trojans.

Chinese APT Group Targets Media, Finance, and Electronics Sectors

Cybersecurity researchers have uncovered a new espionage campaign targeting media, construction, engineering, electronics, and finance sectors in Japan, Taiwan, the U.S. and China. Linking the attacks to Palmerworm (aka BlackTech), likely a China-based advanced persistent threat (APT), the first wave of activity associated with this campaign began last year in August 2019.

InterPlanetary Storm Botnet Infects 13K Mac, Android Devices

A new variant of the InterPlanetary Storm malware has been discovered, which comes with fresh detection-evasion tactics and now targets Mac and Android devices (in addition to Windows and Linux, which were targeted by previous variants of the malware). Researchers say the malware is building a botnet with a current estimated 13,500 infected machines across 84 countries worldwide – and that number continues to grow.

More Americans Share Social Security, Financial and Medical Information than Before the Pandemic

A new survey has shown that consumer willingness to share more sensitive data – social security numbers, financial information and medical information – is greater in 2020 than in both 2018 and 2019. According to the NYC-based scientific research foundation ARF’s (Advertising Research Foundation) third annual privacy study, contact tracing is considered a key weapon in the fight against COVID-19.

Do you feel like you are more willing to share sensitive information online since the pandemic began? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageX appeared first on .

This Week in Security News: Cybercriminals Distribute Backdoor with VPN Installer and New ‘Alien’ Malware can Steal Passwords from 226 Android Apps

 

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how threat actors are bundling Windscribe VPN installers with backdoors. Also, read about a new strain of Android malware that comes with a wide array of features allowing it to steal credentials from 226 applications.

 

 

Read on:

 

Windows Backdoor Masquerading as VPN App Installer

This article discusses findings covered in a recent blog from Trend Micro where company researchers warn that Windows users looking to install a VPN app are in danger of downloading one that’s been bundled with a backdoor. The trojanized package in this specific case is the Windows installer for Windscribe VPN and contains the Bladabindi backdoor.

The Evolution of Malicious Shell Scripts

The Unix-programming community commonly uses shell scripts as a simple way to execute multiple Linux commands within a single file. Many users do this as part of a regular operational workload manipulating files, executing programs and printing text. However, as a shell interpreter is available in every Unix machine, it is also an interesting and dynamic tool abused by malicious actors.

Microsoft Says It Detected Active Attacks Leveraging Zerologon Vulnerability

Hackers are actively exploiting the Zerologon vulnerability in real-world attacks, Microsoft’s security intelligence team said on Thursday morning. The attacks were expected to happen, according to security industry experts. Multiple versions of weaponized proof-of-concept exploit code have been published online in freely downloadable form since details about the Zerologon vulnerability were revealed on September 14 by Dutch security firm Secura BV.

Stretched and Stressed: Best Practices for Protecting Security Workers’ Mental Health

Security work is stressful under the best of circumstances, but remote work presents its own challenges. In this article, learn how savvy security leaders can best support their teams today — wherever they’re working. Trend Micro’s senior director of HR for the Americas, Bob Kedrosky, weighs in on how Trend Micro is supporting its remote workers.

Exploitable Flaws Found in Facial Recognition Devices

To gain a more nuanced understanding of the security issues present in facial recognition devices, Trend Micro analyzed the security of four different models: ZKTeco FaceDepot-7B, Hikvision DS-K1T606MF, Telpo TPS980 and Megvii Koala. Trend Micro’s case studies show how these devices can be misused by malicious attackers.

New ‘Alien’ Malware Can Steal Passwords from 226 Android Apps

Security researchers have discovered and analyzed a new strain of Android malware that comes with a wide array of features allowing it to steal credentials from 226 applications. Named Alien, this new trojan has been active since the start of the year and has been offered as a Malware-as-a-Service (MaaS) offering on underground hacking forums.

Government Software Provider Tyler Technologies Hit by Possible Ransomware Attack

Tyler Technologies, a Texas-based provider of software and services for the U.S. government, started informing customers this week of a security incident that is believed to have involved a piece of ransomware. Tyler’s website is currently unavailable and in emails sent out to customers the company said its internal phone and IT systems were accessed without authorization by an “unknown third party.”

U.S. Justice Department Charges APT41 Hackers Over Global Cyberattacks

On September 16, 2020, the United States Justice Department announced that it was charging five Chinese citizens with hacking crimes committed against over 100 institutions in the United States and abroad. The global hacking campaign went after a diverse range of targets, from video game companies and telecommunications enterprises to universities and non-profit organizations. The five individuals were reportedly connected to the hacking group known as APT41.

Phishers are Targeting Employees with Fake GDPR Compliance Reminders

Phishers are using a bogus GDPR compliance reminder to trick recipients – employees of businesses across several industry verticals – into handing over their email login credentials. In this evolving campaign, the attackers targeted mostly email addresses they could glean from company websites and, to a lesser extent, emails of people who are high in the organization’s hierarchy.

Mispadu Banking Trojan Resurfaces

Recent spam campaigns leading to the URSA/Mispadu banking trojan have been uncovered, as reported by malware analyst Pedro Tavares in a Twitter post and by Seguranca Informatica in a blog post. Mispadu malware steals credentials from users’ systems. This attack targets systems with Spanish and Portuguese as system languages.

A Blind Spot in ICS Security: The Protocol Gateway Part 3: What ICS Security Administrators Can Do

In this blog series, Trend Micro analyzes the impacts of the serious vulnerabilities detected in the protocol gateways that are essential when shifting to smart factories and discusses the security countermeasures that security administrators in those factories must take. In the final part of this series, Trend Micro describes a stealth attack method that abuses a vulnerability as well as informs readers of a vital point of security measures required for the future ICS environment.

Major Instagram App Bug Could’ve Given Hackers Remote Access to Your Phone

Check Point researchers disclosed details about a critical vulnerability in Instagram’s Android app that could have allowed remote attackers to take control over a targeted device just by sending victims a specially crafted image. The flaw lets attackers perform actions on behalf of the user within the Instagram app, including spying on victim’s private messages and deleting or posting photos from their accounts, as well as execute arbitrary code on the device.

Addressing Threats Like Ryuk via Trend Micro XDR

Ryuk has recently been one of the most noteworthy ransomware families and is perhaps the best representation of the new paradigm in ransomware attacks where malicious actors go for quality over sheer quantity. In 2019, the Trend Micro™ Managed XDR and Incident Response teams investigated an incident concerning a Trend Micro customer that was infected with the Ryuk ransomware.

What are your thoughts on the Android Instagram app bug that could allow remote access to user’s phones? Share your thoughts in the comments below or follow me on Twitter to continue the conversation: @JonLClay.

The post This Week in Security News: Cybercriminals Distribute Backdoor with VPN Installer and New ‘Alien’ Malware can Steal Passwords from 226 Android Apps appeared first on .

1H 2020 Cyber Security Defined by Covid-19 Pandemic

When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken advantage of big news to use as lures for socially engineered threats, but these events tend to be fairly short news cycles.

When Covid-19 started making headlines in early 2020, we started seeing new threats using this in the attacks. As you see below, April was the peak month for email-based Covid-19 related threats.

The same was true for phishing URLs related to Covid-19, but for files using Covid-19 in their naming convention, the peak month in the first half was June.

Impact on Cybercrime

The constant 24×7 news around cases, cures and vaccines makes this pandemic unique for cybercriminals. Also, the shift to remote working and the challenges posed to supply chains all gave cybercriminals new content they could use as lures to entice victims into infecting themselves.

As we’ve seen for many years now, email-based threats were the most used threat vector by malicious actors, which makes sense as the number one infection vector to penetrate an organization’s network is to use a socially engineered email against an employee.

We even saw malicious mobile apps being developed using Covid-19 as a lure, as you see below.

In this case it was supporting potential cures for the virus, which many people would have wanted.

Other Highlights in 1H 2020

While Covid-19 dominated the threat landscape in the 1H 2020, it wasn’t the only thing that defined it. Ransomware actors continued their attacks against organizations, but as we’ve been seeing over the past year, they’ve become much more selective in their victims. The spray and pray model using spam has been shifted to a more targeted approach, similar to how nation-state actors and APT groups perform their attacks. Two things showcase this trend:

  1. The number of ransomware detections has dropped significantly from 1H 2019 to 1H 2020, showing that ransomware actors are not looking for broad infection numbers.

 

 

2. The ransom amounts have increased significantly over the years, showing ransomware actors are selecting their victims around how much they feel they can extort them for and whether they are more likely to pay a ransom.

 

Home network attacks are another interesting aspect of the threat landscape in the first half of this year. We have millions of home routers around the world that give us threat data on events coming into and out of home networks.

Threat actors are taking advantage of more remote workers by launching more attacks against these home networks. As you see below, the first half of 2020 saw a marked increase in attacks.

Many of these attacks are brute force login attempts as actors try to obtain login credentials for routers and devices within the home network, which can allow them to do further damage.

The above are only a small number of security events and trends we saw in just six months of 2020. Our full roundup of the security landscape so far this year is detailed out in our security roundup report – Securing the Pandemic-Disrupted Workplace. You can read about all we found to help prepare for many of the threats we will continue to see for the rest of the year.

The post 1H 2020 Cyber Security Defined by Covid-19 Pandemic appeared first on .