Marcus Hutchins Joins Cybrary 

Posted in Commentary with tags on February 28, 2023 by itnerd

Cybrary today announced that cybersecurity researcher Marcus Hutchins has been appointed as the first Cybrary Fellow. Hutchins is renowned for stopping the global WannaCry ransomware attack.

As a Cybrary Fellow, Hutchins will collaborate with various teams and work cross-functionally to foster engagement with Cybrary’s community of over 3 million learners through spearheading training events and mentoring opportunities, advising on training content strategy, and co-creating new hands-on learning activities such as virtual labs and pathways.

Hutchins shares Cybrary’s passion for ensuring cybersecurity training is affordable and accessible, making his appointment a natural fit. In this role, he is well-positioned to impact Cybrary’s mission to equip cybersecurity professionals with the skills they need to get hired and effectively defend against threats.

The announcement follows Cybrary’s recent Cybrary Free Access launch offering more than 500 hours of material designed to help users break into the cybersecurity industry and advance toward their career goals. 

Leave a comment »

Compugen signs global partnership with OTORIO 

Posted in Commentary with tags on February 28, 2023 by itnerd

Compugen, one of Canada’s largest and most established technology solutions providers, has announced a business partnership with operational technology (OT) and digital risk management solutions provider OTORIO. This move will see Compugen leverage OTORIO’s leading platform in its OT solutions to better protect customers against cyber threats in industrial environments.

As operations in industry and manufacturing become smarter, more data-driven, and more connected, the risk of cyber attacks in this segment has grown exponentially, with incident volumes marking an increase of 67% in the last five years. Such intrusions have led to outages, disruptions, and millions of dollars incurred – causing real, tangible damage to businesses and institutions and their ability to serve their customers. Compugen and OTORIO see this development as an opportunity to bring advanced cyber defense solutions to Canada’s growing OT landscape and help improve security posture across the industry.

Under the partnership, Compugen will resell OTORIO’s RAM OT security protection monitoring platform and spOT Assessment compliance risk assessment software solution, as well as use the latter to offer customers efficient and effective periodical technical risk assessments of their operational networks. The company’s long-standing relationships with the most respected names in IT enable the integration of many different technologies into comprehensive, business-driving solutions. 

Leave a comment »

White House To Government Employees: You Have 30 Days To Get TikTok Off Your Phones

Posted in Commentary on February 28, 2023 by itnerd

The pressure on TikTok is increasing as this just happened:

The White House is giving all federal agencies 30 days to wipe TikTok off all government devices, as the Chinese-owned social media app comes under increasing scrutiny in Washington over security concerns.

The Office of Management and Budget calls the guidance, issued Monday, a “critical step forward in addressing the risks presented by the app to sensitive government data.” Some agencies, including the Departments of Defense, Homeland Security and State, already have restrictions in place; the guidance calls on the rest of the federal government to follow suit within 30 days.

The White House already does not allow TikTok on its devices.

Seeing as TikTok is owned by ByteDance which is a Chinese company, the Chinese government was sure to react at some point. And as if on cue, they have:

The U.S. government “has been overstretching the concept of national security and abusing state power to suppress other countries’ companies,” Mao Ning said at a daily briefing. “How unsure of itself can the U.S., the world’s top superpower, be to fear a young person’s favourite app to such a degree?”

TikTok really has no meaningful answer to suggestions that data from the app can be accessed by the Chinese government? Or the fact that the potential exists for the Chinese government to use TikTok to launch things like disinformation campaigns? Could that be the reason why the Chinese government is not only seeing bans like these pop up, but why they might also be freaking out?

Chris Vaughan, AVP – Technical Account Management at Tanium had this to say:

This latest step at the federal level to ban TikTok from government-owned devices reflects that institutions are recognizing that a comprehensive approach is important to protect our citizens from social media campaigns designed to further foreign political objectives and deepen divisions in western societies.

Chinese intelligence tactics are fueled by the sustained collection of user data such as commerce and purchasing information, combined with biometrics and activity tracking, feeds detailed intelligence to be used in operations with longer term objectives. Such data can deliver targeted, timely psychological operations against individuals or groups of citizens. We have seen this during election cycles and politically charged events in recent years. This move raises the question of  the extent to which Chinese influence is acceptable when it comes to national infrastructure and everyday life. Concerns have increased in the West in recent months and the use of Chinese surveillance technology has been restricted. We have also seen reports of Chinese initiatives to influence politicians through lobbying and donations, as well as through the spread of disinformation through social media.

We’ve previously seen Russia’s use of information operations during the 2016 US election and UK’s Brexit referendum. China’s focus meanwhile has been on the theft of intellectual property, but there are indications that the CCP may look to information and influence operations to advance its strategic goals. Such instances must be met head on by the US and other western political leaders, and this ban begins to reflect that realization.

I’ve been saying for a while that TikTok needs to be banned as it cannot be trusted. And I am glad to see it start to happen. But what really needs to happen is that it needs to be banned outright. I’m watching with great interest to see who the first country is that does that as it will certainly create a domino effect of other countries doing the same thing.

Leave a comment »

Nyriad and DigitalGlue Partner to Enable Creatives to Optimize Resources

Posted in Commentary with tags , on February 28, 2023 by itnerd

Nyriad and DigitalGlue are partnering to dramatically improve the performance, resilience, and efficiency of media production workflows while removing complex IT-centric tasks and simplifying them with a streamlined user experience. In doing so, creatives and contributors will be able to optimize resources, eliminate costly delays in post-production, and deliver great content on deadline and on budget. 

Nyriad’s UltraIO data storage system uses the processing power of GPUs and advanced algorithms to deliver exceptional performance, resilience, and efficiency. DigitalGlue’s creative.space platform is purpose-built to make enterprise storage simple to use and manage without the need for specialized knowledge or a dedicated IT department. By combining the two solutions, creatives and contributors can deploy, manage and elastically scale their production workflows quickly, easily and affordably.

The joint Nyriad UltraIO and DigitalGlue creative.space solution delivers: 

  • Performance – With high read and write bandwidth capabilities, creative.space plus the UltraIO platform removes storage as a bottleneck so that artists can invest their creative energy in the quality of their content. Editing inline without the need to copy data between file systems or create lower resolution proxies can save many hours of wasted time and reduce the number of files to manage.
  • Resilience – The UltraIO system can withstand up to 20 drives failing simultaneously with no data loss while maintaining 95% of its maximum throughput, which allows teams to work unhindered. Combining this with the proactive support from creative.space and Nyriad, the solution provides customers with peace of mind that their data and workloads are protected while not compromising the performance required.
  • Efficiency – UltraIO storage allows customers to use up to 90% of the raw capacity deployed in the environment, a level of efficiency that is largely unmatched in the storage market today. Tools available in the creative.space software suite reduce operational and management overhead. While reducing the amount of raw capacity needed to purchase, UltraIO’s efficient platform also reduces the carbon footprint of storage by up to 70% compared to competitors’ platforms of similar performance and capacity.  
  • Simplicity and Ease of Deployment – The combination of creative.space and the UltraIO storage platform is simple and easy to manage, deploying seamlessly into customers’ environments without the need to refresh or replace existing technologies. The combined solution immediately begins to enable operational simplicity and flexibility, providing opportunities to consolidate and streamline many production tasks such as rendering, streaming, non-linear editing, content ingest, and active archive, among others, into a single, easy-to-use platform.

To learn more about the joint Nyriad UltraIO and DigitalGlue creative.space solution, please visit: https://www.nyriad.io/nyriad-and-digitalglue-solution-brief/ and/or https://www.creative.space/partnerships/nyriad.

Leave a comment »

LastPass Admit That They Have Been Pwned Yet AGAIN

Posted in Commentary with tags , on February 28, 2023 by itnerd

LastPass has notified customers of a second attack which resulted in the breach of encrypted password vaults. This second incident, resulting in the threat actor making use of information exfiltrated during the first incident to exfiltrate corporate data from cloud storage resources, was caused by one of their DevOps engineers’ personal home computers being hacked. 

Sharon Nachshony, Security Researcher at Silverfort had this to say:

     “Given the number of people who rely on LastPass it’s easy to pass quick judgment on back-to-back incidents, however, what this really shows is the difficulty of detecting attacks that use seemingly legitimate, yet stolen, credentials. By obtaining these credentials, the threat actor was able to masquerade as a highly trusted user, giving them the freedom to pivot into the cloud storage environment.  

The corporate vaults holding privileged credentials often become a single point of failure. Given enough reconnaissance time a motivated attacker will try to understand how to compromise such vaults because, once they have such credentials, it’s like having a VIP pass to corporate resources. In the case of this attack, an additional layer of MFA to authenticate into the cloud storage environment may have provided additional protection.”

If you’re a LastPass user, the company strongly advises you to change all your passwords stored on the platform. The master password for the LastPass vault should also be changed. But if you’re asking me what you should do, I would suggest dumping LastPass completely on top of changing all your credentials immediately. It’s pretty clear that LastPass isn’t secure based on their recent history of being pwned, and has no path to become secure anytime soon. Thus moving your passwords off their service with urgency is your best course of action.

Leave a comment »

Appdome Announces the Industry’s First Mobile XDR for Brands Globally

Posted in Commentary with tags on February 28, 2023 by itnerd

Appdome, the mobile app economy’s one and only Cyber Defense Automation platform, today released its next generation ThreatScope product, delivering Extended Detection and Response (XDR) for consumer mobile apps and brands globally. For the first time in mobile history, mobile brands gain the power and agility of XDR to address any cyber, fraud and other attacks in the mobile app channel.

Global consumers now prefer mobile apps over other digital channels. While XDR, EDR, SIEM and other solutions serve web, cloud and enterprise environments well, these solutions do not provide attack and threat detection or response from the increasingly dominant mobile revenue stream and mobile channel used by consumers. Prior to ThreatScope Mobile XDR, cyber, fraud and dev teams at consumer brands were left in the dark, with no practical means to gather, share or use data from siloed and fragmented cyber and fraud systems. 

Appdome’s ThreatScope Mobile XDR gathers thousands of threat signals from mobile app security, hacking, fraud, malware, cheat and bot attacks from inside each of 100M deployed mobile apps and translates that data into brand relevant views that cyber, fraud and business teams can use to evaluate and respond to mobile threats and attacks in real time. There is no need for coding, SDK, MDM, EMM or UEM, or for any user to install an additional app on the user’s device. ThreatScope Mobile XDR goes beyond device-level attestation and gets its data straight from attacks and threats impacting the brand’s in-production mobile apps. ThreatScope Mobile XDR is pre-integrated with Appdome’s Cyber Defense Automation platform for Android and iOS apps for instant response to any cyber or fraud attack.

ThreatScope Mobile XDR provides mobile businesses and mobile brands:

Consolidated Attack and Threat Intelligence – Consolidated, real-time, attack and threat intelligence from across the cyber security, fraud, malware, cheat and bot attack landscape, all from in-production Android and iOS apps.

Threat-Views – Allows brands to create, save and monitor attacks and threats by mobile app, specific threat, threat type, OS platform and other business-specific perspectives. Isolates specific cyber security, fraud, malware, cheat and bot attacks, reduces noise and zeros in on the attacks with the biggest impact to each app, release, brand and users.

Track 1 to 1000s of Mobile Attacks – With configuration as code ease, monitor and respond to one, any combination or all of ThreatScope’s 1000s of unique threats, attack vectors, attack techniques and methods applicable to Android and iOS apps with ease. New detections targeting Android and iOS apps added weekly.

Automated Threat Response – Automate cyber defense and response to each cyber incident or fraud attack with updated security and anti-fraud features tailored to each specific threat or attack, build-by-build and release-by-release, adding agility and eliminating the impact on the mobile business and users.

Analytics Grade Threat Inspection – ThreatScope comes with a powerful, easy to use analytics engine that allows developers and cyber teams to gain 360-degree threat visibility to filter, set thresholds, inspect, investigate and monitor attack and threat trends on-demand or over time.

Shift-Left Cyber Defense for Mobile Apps – With 360° attacks and threat visibility and intelligence, mobile developers and cyber and fraud teams can shift left and collaborate on threat response in each release of Android and iOS apps.

High Fidelity Threat Intelligence – ThreatScope Mobile XDR does not rely on external servers, SDKs, extra apps or attestation services. So, there is no risk of in-transit exploit, signal spoofing, hijacking or other attacks that can compromise the integrity of the threat signal. Hardened binding between the ThreatScope and the mobile app eliminates the risk of an attacker disabling ThreatScope telemetry.

No Code/No SDK Implementation – The entire ThreatScope Mobile XDR capability can be added in Android and iOS apps without any burden on mobile dev teams, including no code, no SDK and no servers to deploy.

For more information about ThreatScope Mobile XDR visit: https://www.appdome.com/threat-scope-mobile-xdr/.

Leave a comment »

Radiant Logic Announces Industry-First Identity Data Intelligence Innovation to Improve Decision Making

Posted in Commentary with tags on February 28, 2023 by itnerd

Radiant Logic, the Identity Data Fabric company, today announces the launch of its radically redesigned Identity Data Platform, offering an identity-first approach to security and business decisions. To drive confident policies, enterprises need real-time access to a tremendous amount of data, synchronized across hybrid and complex environments. It must be accurate, available in real-time, and presented in a meaningful way. The next generation of Radiant solutions offer a re-imagined approach to identity data management, with advanced identity observability and visualization capabilities, all built on an extensible API-layer and available as a SaaS offering. 

These new innovations directly respond to the need for high-quality, real-time identity data to serve the enterprise. In a recent report, Gartner wrote “Increasing demands on IAM infrastructure require higher levels of automation and more sophisticated use of identity data and identity configuration data. With up to 84% of breaches being identity-related, and the average enterprise managing more than 20 identities per user, harnessing and leveraging the power of identity data has never been more critical. 

Throughout 2023, Radiant Logic will deliver unparalleled abilities for organizations to automate their identity data analysis to quickly understand the health and quality of the identity data. Offering first-to-market identity observability, Radiant will be able to discover and alert on identity anomalies caused by outliers, incorrect group entitlements, and role assignments. Through intelligence and automation processes that address identity data quality issues, organizations can flag potential issues that measurably improve their overall security posture and accelerate the move to identity-first security. 

With the new Radiant Logic capabilities, organizations will soon be able to access new insights into their data with the following: 

  • Actionable Identity Observability: Adds visibility across all identities and related objects to help organizations easily radically improve data quality to improve security posture and minimize risk. New visual templates and data science tooling makes it easy to spot anomalies and provides insights to make Zero Trust a reality.
  • Easy-to-Use Identity Manager: Enables helpdesks to quickly and accurately identify users and provide password reset and other self-service tasks to minimize the overall resource burden for these manual tasks. 
  • Enhanced User Experience: Makes identity data easily accessible with low-code/no-code data modeling and API-first extensibility, allowing non-technical users and developers to access only the identity information needed for their task, and reducing the skills required for configuration and ongoing maintenance. 
  • Seamless Cloud-Native SaaS Deployment: Provides a fully managed, single-tenant SaaS offering for organizations which minimizes resources required to deploy and manage RadiantOne for faster time-to-value, reduced ongoing maintenance, and greater ease of use. 

Upon the close of the Brainwave GRC acquisition, Radiant plans to leverage identity analytics driven by advanced AI/ML as a core capability. By combining these unique capabilities into a single solution, customers can leverage identity data science to speed time-to-value for IGA deployments and simplify user access decisions.

The Spring 2023 release, available today, debuts RadiantOne in a fully managed, single-tenant SaaS environment. 

Radiant Logic, together with Brainwave GRC, will showcase their solutions at the Gartner IAM Summit in London on March 6-7, 2023, and the Gartner IAM Summit in Grapevine, TX on March 20-22, 2023. Meet us there to ask questions or get a demo. 

Leave a comment »

State of Pentesting Report: 92% Increase In IT Security Budgets Despite Economic Headwinds

Posted in Commentary with tags on February 28, 2023 by itnerd

Pentera has released the findings of its second annual industry survey: The State of Pentesting 2023. Pentera undertook this research to understand the current state of security validation practices and investment in enterprises.

Pentera surveyed 300 CIOs, CISOs and security executives from enterprises across Europe and the USA. The report provides insights on current IT and security budgets, cyber security validation practices, and how cyber exposure is being managed, while showing differences between the regions and enterprise sizes.  

Report highlights include:

  • Despite large investments in Defense-in-Depth strategies, 88% of organizations have suffered recent attacks – On average, companies have almost 44 security solutions in place, indicating a defense-in-depth strategy, where multiple security solutions are layered to best protect critical assets. However, despite the large number of security solutions implemented, 88% of organizations have admitted to being compromised by a cyber attack over the past two years. 
  • Cybersecurity budgets aren’t impacted by the financial slowdown – Despite the recent global economic slowdown, cybersecurity budgets are not expected to be impacted in 2023. 92% of organizations are reporting a raise of their IT security budgets, and 86% are reporting a raise of budget for pentesting specifically. 
  • The drivers for  pentesting have evolved beyond regulations – While the need for pentesting originated with regulatory requirements, the top-of-mind motivations for pentesting today are security validation, threat potential damage impact assessment and cyber insurance. With only 22% of respondents citing compliance as their primary motivation for the practice, regulatory or executive mandates are still impactful, but not the primary rationale driving pentesting.   

The results of the report will be presented by Aviv Cohen at Pentera’s XPOSURE Summit on March 1, 2023. The summit focuses on actionable methodologies for developing and executing successful Exposure Management strategies. Register online here.

Leave a comment »

New Malware Phishing Attack Targeting 15,000 Inboxes Disguised as a Microsoft OneNote file to Extract Sensitive Info

Posted in Commentary with tags on February 28, 2023 by itnerd

Armorblox has released its latest research analyzing a malware attack campaign that has been making waves, spreading its infection through a seemingly innocuous attachment disguised as a Microsoft OneNote note-taking app file. 

How it works: Victims are presented with an email coming from what appears to be a trusted vendor or service provider. The email uses financial-based language to talk about the completion of a sale and prompts recipients to open the attached OneNote file where the billing expenses can be found. The OneNote file contains Windows Command Script (.cmd), which when opened, initiates the encoded powershell command to download the Qakbot payload onto the victim’s device to steal sensitive information.

You can read the research here.

Leave a comment »

Aptum Announces Multi-Tenant Cloud Solution

Posted in Commentary with tags on February 28, 2023 by itnerd

Aptum, a hybrid multi-cloud managed service provider, today announced the launch of Multi-Tenant Cloud (MTC), a powerful virtual data centre solution providing the ability to deploy virtual machines, virtual appliances, and other services in a multi-tenant environment using a consumption-based billing model.

Aptum’s MTC was designed with today’s businesses’ needs in mind, regardless of their size. Available in the US, UK, and Canada, the new private cloud service ensures an organization’s data is stored in the region where they’ve deployed it, thereby meeting compliance and data sovereignty requirements. Additionally, it offers high levels of resiliency and assists with controlling costs. 

Aptum’s MTC portal enables customers to deploy virtual data centres, appliances and machines, as well as services, all through one simple-to use-interface.

Aptum leverages industry-leading technology solutions from VMware and enterprise-grade hardware from Dell to ensure continuous availability by building redundancies of critical components in the MTC cloud environment. Other key features of the solution include:

  • Control of the cloud infrastructure: Aptum’s MTC enables customers to provision and deploy virtual machines to build an IT environment tailored to their specific business and operational requirements
  • Effective cost management: Analytical insight provides organizations with the opportunity to optimize costs based on usage patterns, while reducing operating expenses
  • Flexibility and scalability: Organizations are able to rapidly scale through automation — leveraging APIs ­­— in order to meet demand as business needs and the market fluctuates 
  • High reliability: With multiple redundancies included in the MTC environment — including at the network, hypervisor, and storage subsystem levels — organizations are provided with a highly reliable infrastructure with low latency
  • 24/7/365 live support: Aptum’s accredited experts are available live at any time ­to speak with customers live to immediately provide support and address any issues

In addition to supporting Aptum customers, MTC is a new opportunity for the company’s partners who can now offer this high-performance cloud solution under their own brand to clients. This provides Aptum partners the opportunity to expand their business with existing and new customers. 

Aptum’s MTC is available now in the US, UK, and Canada. For more details about the solution, please visit https://aptum.com/services/private-cloud/multi-tenant-cloud/

Leave a comment »

« Older Entries
Newer Entries »