Archive for July 28, 2021

StorCentric Achieves Record Growth

Posted in Commentary with tags on July 28, 2021 by itnerd

StorCentric, provider of the world’s most comprehensive real world-proven portfolio of secure data management solutions, today announced it has achieved record growth across virtually every industry vertical, geography and size of customer (i.e., SMB to enterprise) as ransomware protection has taken the lead as a key business priority, around the world. StorCentric today reported a 130% bookings growth in ransomware solutions for the same period year-over-year and 50 new specialized channel partners added, since Q2 of 2020, in addition to a 240% pipeline growth quarter-over-quarter for Q3 2021 for the Nexsan Unbreakable Backup solution.

According to Bitdefender’s 2020 Consumer Threat Landscape Report, which provides an overview of the evolution of threats year-over-year and on a quarterly basis, reported that ransomware attacks increased by a staggering 485% in 2020 compared to 2019. And, according to PurpleSec, the estimated cost of ransomware attacks was $20 billion in 2020, up from $11.5 billion in 2019, and $8 billion in 2018. 2021 is already shaping up to be the worst year yet, with “ransomware as a service” such as REvil and NetWalker, as well as other new entrants like Conti, becoming increasingly available, intelligent, aggressive, expensive and public.

StorCentric offers the most robust, end-to-end ransomware protection solutions in the industry, recognizing that today, it’s not enough to just protect your data from ransomware, you must be able to recover should you fall victim to a successful attack. Solutions include:

  • Nexsan Unbreakable Backup – UnityTM plus Assureon® delivers an immutable Unbreakable Backup solution that works alone or alongside existing IT assets to enhance and fortify the user’s ability to protect, detect and recover. Its industry unique features include:
    • File Fingerprinting – Secure Digital Fingerprints utilizes a combination of two cryptographic hashes for a unique file identifier.
    • File Redundancy – Makes two copies of the file and its fingerprint are stored in a separate RAID disk set either in the same system or a remote one.
    • File Serialization – Serial numbers are assigned to each individual file to ensure no files are changed, missing, or inappropriately added.
    • Secure Timestamp – Use of a global, redundant, secure time source using Stratum Level 1 hardware time sources to ensure accurate time stamp.
    • Auto File Repair – Continually verifies against fingerprints and repairs using copies and safeguarded by RAID disk arrays for days or even decades.
    • Regulatory Compliance – Governmental and Corporate compliance of HIPAA, GLBA, Sarbanes-Oxley, Federal Rules of Civil Procedure (FRCP), SEC 17A-4 and PCI DSS.
    • Cloud/Software Edition – Flexibility to implement in the cloud, hybrid cloud or on-premise.
    • Storage Optimization – Archiving unstructured and infrequently used data frees up primary data and dramatically reduces the size, time and cost of the backup process.
    • Data Longevity – Ensures adherence to guidelines for data retention, disposition, privacy, protection, chain of custody, litigation readiness and risk mitigation.
  • Retrospect Backup Software – Retrospect Backup integrates seamlessly with object locking, also referred to as Write-Once-Read-Many (WORM) storage or immutable storage, from today’s leading public cloud vendors. Users can mark objects as locked for a designated period of time, preventing them from being deleted or altered by any user, even if the ransomware “takes a ride” to the user’s cloud vendor(s) during any backup action.

Find out more About StorCentric: www.storcentric.com.

Stealth’s Announces New Rugged Fanless Mini PC

Posted in Commentary with tags on July 28, 2021 by itnerd

Stealth, an Elbit Systems of America company, is a leader in the industrial computer and peripherals market and has released a new rugged fanless mini PC that features Intel’s® 8th Generation Celeron, Core™ i3, i5 and i7 processors. The LPC-915 fanless mini PC is capable of supporting operations in a broad range of temperatures and is packed with robust capabilities, all while remaining quiet, clean, and reliable

The Stealth LPC-915 fanless mini PC is designed for use in a multitude of applications, including transportation and rail, audio and video recording, embedded control, digital signs, interactive kiosks, Internet of Things, Industrial Internet of Things, thin-clients, and human/machine interface.

The LPC-915 fanless mini PCs can be custom configured to meet the exact needs of the Original Equipment Manufacturer or end-user and all Stealth systems come with a standard, two-year warranty. Extended warranty options are also available. 

A basic configuration of the LPC-915 fanless mini PC starts at $1,695 USD, and is now shipping. 


Stealth’s fanless mini PC – the LPC-915 – Product Features:

  • Powerful Intel® 8th Generation Celeron, Core™ i3, i5 & i7 processors
  • Up to 2 Terabytes of solid-state storage and 32 gigabytes of random-access memory
  • Supports up to 4K resolution and dual display support
  • Two network ports and two COM ports
  • Operates in temperatures from minus 40 to 85 degrees Celsius/ minus 40 degrees to 185 degrees Fahrenheit
  • Small form factor size: 150.4mm x 106.2mm x 62.1mm/ 5.92 inches x 4.18 inches x 2.44 inches (Width x Depth x Height)
  • Range 9-48 VDC power input, with a rear-locking 3-pin locking connector & ignition
  • Trusted Platform Module 2.0 security
  • Wall-, VESA-, and DIN rail-mounting capabilities
  • Windows 10/ / 10 IoT, Server 2019, and Linux compatible
  • RoHS-, CE- and FCC-certified
  • EN50121-3-2- and EN50155-certified

Learn more about Stealth at www.stealth.com.

New Infosec Skills Cyber Range Helps Cyber Pros Upskill, Reskill Hands-On

Posted in Commentary with tags on July 28, 2021 by itnerd

Infosec Institute today announced the release of the next generation of the Infosec Skills cyber range, a scalable training platform where cyber professionals can upskill and reskill inside the operating environments they encounter on the job. Named a 2021 Cyber Defense Magazine Best Product for Cybersecurity Training, Infosec Skills offers 1,200+ hands-on cybersecurity courses and cyber ranges mapped to the NICE Workforce Framework for Cybersecurity and MITRE ATT&CK® Matrix.

The cyber skills gap remains prevalent with almost 500 million open cybersecurity positions in the U.S. alone, according to CompTIA. Providing cybersecurity professionals with the tools they need to stay up to date with threats, practice skills in realistic environments and progress their careers is an essential step to close this persistent skills gap. 

Labs inside the new Infosec Skills cyber ranges come equipped with clear learning objectives and actionable feedback based on real-time learner inputs. Infosec Skills learners can practice penetration testing, writing secure code and countering ATT&CK tactics and techniques — hands-on. Infosec Skills cyber ranges require no additional software, hardware or server space, so teams can spend less time configuring environments and more time learning.

According to the Forrester Tech Tide™: Zero Trust Threat Detection and Response, “Cyber range services help cross-functional teams learn best practices of good cybersecurity incident response under pressure. Given the inevitability of a breach and the staffing and skills gap in the security industry, most security teams find value in these services and regular exercises.”

From command line basics to advanced adversarial techniques, Infosec Skills cyber ranges teach cyber teams how to:

  • Run red and blue team exercises
  • Write secure code by example
  • Pass dozens of technical certifications by gaining hands-on domain knowledge
  • Attack and defend cloud-based applications
  • And much more

The latest generation of Infosec Skills cyber range launches today with 18 new hands-on labs. Over 100 additional labs are scheduled for release by the end of 2021. Try the new Infosec Skills cyber range for free, or learn more about the latest release here.

Terranova Security & Security Innovation Announces Partnership

Posted in Commentary with tags on July 28, 2021 by itnerd

Terranova Security, the global partner of choice in security awareness training, announced a partnership with Security Innovation, an authority in software security training for IT professionals. The partnership addresses a key business need for many organizations today: creating a unified culture of cyber security through role-based security awareness training.  

Those managing cyber security-related training at organizations face a unique challenge in creating a strong cyber security culture. Different individuals and departments require security awareness training specific to their roles and responsibilities. This reality can lead to organizations often using multiple cyber security training programs to train employees, which can increase the costs and resources related to these initiatives and blind spots when it comes to various cyber threats.

Knowledge workers typically require more generalized training around topics like email safety, identifying phishing attempts, and strong password best practices. Conversely, IT staff may need more specialized training around how technology assets can be targeted and what can be done to nullify threats. However, technical teams like developers can require training in both areas to ensure that they’re not only securing software and data but that they’re not falling victim to an email phishing attempt. 

By asking users to toggle between multiple training programs to receive the necessary training, organizations may confuse and demotivate employees, leading to a weaker overall cyber security culture.  

With Terranova Security recognized for providing best-in-class security awareness training for non-IT staff and Security Innovation known for providing outstanding security awareness training for IT staff, each organization’s offering will now be bolstered by more comprehensive content. The result is a seamless experience for the customer, both from a platform and a learning perspective. 

The partnership will provide customers and their employees with access to a wide array of security awareness training. Courses will include:

  • Methodologies backed by science – Modeled on the ADDIE approach (Analysis, Design, Development, Implementation, Evaluation), courses will be engaging, informative, and presented to the end user in a digestible manner. 
  • Hands-on simulations – Used to determine if knowledge is being absorbed and applied correctly in daily activities, simulations are a powerful tool to reduce risks associated with common cyber threats and related user behaviors. 
  • The removal of complexity – Stripping away unnecessary elements, customer success programs help with the roll-out, learning path creation, measurement, communications, and goal setting, so end users get the awareness training they need in a fast and straightforward way.

For organizations looking to take advantage of the new partnership, Terranova Security and Security Innovation offer one free year of security awareness training for every three years purchased. More information Visit www.terranovasecurity.com

Guest Post: Atlas VPN Says That Google Play Protect Detects Only 31% Of Android Stalkerware

Posted in Commentary with tags on July 28, 2021 by itnerd

According to findings presented by the Atlas VPN research team, Android’s internal Google Play Protect service detects only 31% of stalkerware attacks.

Stalkerware, often known as spyware, is a collection of tools (apps or software programs) that enable someone else (such as an abuser) to track and record your phone activity. 

This implies that the fraudster can collect all of the sensitive information you type on your phone, such as login passwords for your email address, banking apps, or even personal identifying information such as Social Security numbers, home addresses, and so on. 

Edward Garb, a cybersecurity researcher at Atlas VPN, comments on the recent findings:

The results show that when it comes to virus protection, a well-known brand name isn’t always the best option. The most widely used antivirus program fared the worst in this situation.

Android users who rely on Google Play Protect to defend themselves against spyware should consider upgrading to one of the more powerful antivirus apps.

AV-Test, an independent research institute running for more than 15 years, ran a test on the most popular security applications to see which ones perform the best in terms of spyware detections on Android devices. Each security application had to detect 29 unique stalkerware threats. The analysis was carried out in July 2021.

Shockingly, by far, the worst results were from the native Google Play Protect application, as it only detected 9 threats out of 29, which constitutes a success rate of 31%. 

Given that the software is free and comes pre-installed on all Android smartphones, one could argue that it is still a good result. However, several of the programs assessed are also free. Bitdefender, Trend Micro, ESET, and Kaspersky, among the strongest performers, require a minimal licensing price, usually approximately $10 per year for one device.

NortonLifeLock Norton 360 security software had the second-worst result. Only 17 out of 29 spyware programs were detected, giving it a detection rate of 58.6%.

Noticing and protecting against stalkerware

On an Android device, there are often early warning indications that something isn’t quite right. Examples of abnormalities include unusual battery drain and slower application performance, increased data usage, and interruptions or noises during phone calls.

To read the full article, head over to: https://atlasvpn.com/blog/google-play-protect-detects-only-31-of-android-stalkerware