Archive for Fortra

Threat Researcher Provides Advice In Terms Of Avoiding Scams During The Holiday Shopping Season

Posted in Commentary with tags on November 19, 2022 by itnerd

Black Friday and Cyber Monday are right around the corner which means online shoppers need to be extra vigilant and watch out for email scams such as phishing. These emails can make it past most security controls because they appear to be coming from a trusted source; someone they know or a trusted brand.

Common scenario: You receive an email from the sporting supply company you purchased from several times in the past. But look carefully, is it really coming from that well-known brand?

John Wilson, senior fellow of threat research at Agari by Fortra says:

Take a minute to pause and check. Before you click on that link with that great savings offer, check the body of the email and the sender information to look for misspellings. Is the email from amaz0ndeelz2022@gmail.com, not Amazon.com? Do not click on any links but hover over them to see if the URL is correct. Clicking on that offer link may be all it takes to grant a grinch access to personal or business data. If an email receiver does click on the link, it could be an imposter website created by a scammer imitating a trusted brand’s website domain. Make sure the URL in your browser’s address bar matches the brand’s actual website before giving up any personal information such as a username or password.

Google it. Type a short description of the situation plus the word “scam.” If you see 40 entries with similar stories, you’ve just saved yourself a lot of hassle.

Verify another way. If you get an email from what looks like a trusted organization or contact, verify that it’s real by phone. Just don’t use the number shown in the footer of the email, as fraudsters may have switched out the actual number with their own. If you receive a phone call that’s supposedly from your bank, hang up and dial the number on the back of your card.

Report the incident. Criminals count on victims to be too embarrassed or hesitant to report scams. But it’s important to file a police report and notify the Internet Crime Complaint Center (ic3.gov) about the fraud.”

Fortra Names Matthew Schoenfeld President  

Posted in Commentary with tags on November 17, 2022 by itnerd

Fortra announced today that it welcomes Matthew Schoenfeld to the organization as its new president. A software industry veteran with more than a decade of experience in cybersecurity, Schoenfeld has a proven record as a dynamic, purposeful leader. He has a strong history of growing sales and revenue while helping customers solve challenges through a collaborative approach, a Fortra hallmark. Current president Jim Cassens will continue to support the business as an executive director.  

Schoenfeld joins Fortra from Absolute Software, where he was EVP and chief revenue officer overseeing global sales, channel partnerships, and the customer experience. He has an impressive background in the technology and cybersecurity space developed over more than two decades, which included his tenure as executive in residence at Greylock Partners, senior vice president of the Americas and partner channel at FireEye and as an advisory board member for Abnormal Security.  

Cassens will continue to play a crucial role in the next phase of the company’s strategy as an advisor to Matthew and the entire executive team. Cassens joined the organization in 2001. Over the next two decades, he influenced the direction of the business through numerous executive roles, most recently as president leading the sales organization. As executive vice president of mergers and acquisitions, he led the company toward its historic growth on a global scale. Cassens also served as president of the cross-platform business units, chief technical officer, and vice president of international sales.  

Fortra is a cybersecurity company like no other. They’re creating a simpler, stronger future for their customers. Their trusted experts and portfolio of integrated, scalable solutions bring balance and control to organizations around the world. They’re the positive changemakers and your relentless ally to provide peace of mind through every step of your cybersecurity journey. Learn more at fortra.com.       

Hackers Using Steganography For Malware Attacks 

Posted in Commentary with tags on November 15, 2022 by itnerd

In early September 2022, researchers identified a threat group called Worok that targeted many victims, including government entities around the world, to gain access to devices. They concealed malware used to steal information inside PNG images by least significant bit (LSB) encoding which attaches malicious code to the LSB in the image’s pixels.

To get a view of this attack from the security industry, I have Alyn Hockey, VP Product Management at cybersecurity software and services provider Fortra:

“It’s a hack that’s easily undetected and the old technique is increasingly used to hide malware payloads. So, when an image is viewed by a member of an organization, the payload, otherwise known as a virus, worm or Trojan, can start work immediately – resulting in damage to systems and loss of data.

Steganography examples can be traced back as early as 5 BC when used as a defense tactic by Histiaeus, a Greek ruler of Miletus. Histiaeus shaved and tattooed a man’s head with messages that would go unnoticed once his hair grew back. The alleys, aware of the practice, found the warning messages on the man’s scalp.

Fast forward to 2022 when an employee of General Electric was convicted of conspiracy to commit economic espionage. While this sounds like something out of a thrilling motion picture, the former employee simply used steganography. He was able to take company secrets in files by downloading, encrypting, and hiding them in a seemingly mundane sunset photo. He used his company email address to email the image to his personal email address. According to court documents, the encryption process took less than 10 minutes. 

Again, while not as common as other cyberattacks, the shocking and quick way it can fly under the radar is reason enough to have a security solution that protects not only from external threats like malware but keeps data safe through effective data loss prevention methods. Organizations can apply an anti-steganography feature to sanitize all images as they pass through the secure email gateway. Anti-steganography removes anything hidden within the image, which will not visually alter the image but make it impossible for recipients to recover hidden information – including accidental opening of malware. While this will cleanse all images, it mitigates the overall risk thereby keeping the organization safe – doing so in milliseconds, so the flow of business won’t be disrupted.”

The Bleeping Computer story that I linked to has a lot of detail that is very much worth reading.

Industry Experts Provide Their 2023 Security Industry Predictions

Posted in Commentary with tags on November 15, 2022 by itnerd

As 2022 comes to a close and people look forward to 2023, one has to wonder what’s on the horizon in terms of information security. To that end I have gathered some executive quotes from cybersecurity company Fortra who under their umbrella have Alert Logic, Digital Guardian, Cobalt Strike, Tripwire, Digital Defense, Agari, PhishLabs, Core Security, and other well-known software and services providers:

Donnie MacColl, Senior Director of Technical Support / GDPR Data Protection Officer

  • We are already seeing many organizations taking action and consolidating their vendors. However, a large number of businesses are also making the decision to consolidate and merge their solution providers. Companies are becoming very aware that, after reviewing and understanding the functionality of their solutions, one supplier is capable of providing much more value than they are currently receiving from two separate ones. Organizations can then combine solutions together, creating a much stronger proposition. For example, a vulnerability management solution can pass prioritized vulnerabilities to an automation tool to perform remediation tasks, as opposed to displaying the vulnerability on a screen and waiting for a person to manually step in.
  • When it comes to laws and regulations, I suspect we will start seeing countries introducing more granular, local regulations. For example, in the UK, there is already talk that the Data Protection and Digital Information Bill will be refined or replaced by the “British GDPR”. By introducing more country-specific regulations, organizations will not only protect personal data but will also simplify international business operations by removing a considerable amount of red tape.
  • Outsourcing will increase in Managed Security Services, as we saw with operations many years ago. Companies are realizing that IT takes resources away from their core business – particularly when it comes to data protection and security which is difficult and challenging to maintain. In addition to this, Managed Security Services will broaden to become Vulnerability Management, Managed Detection and Response, Penetration Testing and Red Teaming, likely on a more “buy what you need” model.

Nick Hogg, Director of Technical Training

  • Security Awareness and Compliance Training – Organizations will be re-evaluating their security awareness and compliance training programs to move away from the traditional once-a-year, ‘box-ticking’ exercises that have proven to be less effective. The goal is to deliver ongoing training that keeps security and compliance concerns front and center in employees’ minds, allowing them to better identify phishing and ransomware risks as well as reducing user error when handling sensitive data.
  • DLP and Compliance – Organizations will be using digital transformation and ongoing cloud migration initiatives to re-evaluate their existing DLP and compliance policies. The goal is to ensure stronger protection of their sensitive data and meet compliance requirements, while replacing complex infrastructure and policies to reduce the management overhead and interruptions to legitimate business processes. It’s important to gather metrics to build confidence in executive leadership and ensure that changes to policy and systems do not have a negative impact on business processes or increase any form of risk.
  • Email Security – Organizations will be looking to plug gaps in their Microsoft 365 defenses to combat increasingly sophisticated phishing, ransomware and spyware attacks, while reducing the time spent by busy security teams triaging and responding to reports of suspicious messages. The goal is to prevent attacks such as sophisticated credential theft or business email compromise from making it into employees’ mailboxes. In 2023, it will be important to provide security teams with automated analysis of risks within reported messages, along with identification of other messages that have entered the organization as part of the same phishing campaign, in order to reduce time spent on triage and remediation.

Chris Reffkin, CISO

  • Security as a Business Enabler – People, processes and technology controls are all key to a good security program. Where people and technology controls will be tied to the size of an organization, organizations of any size can focus on processes to positively impact their security program’s capabilities. As all parts of an organization overlap with security, it could benefit all other functional areas such as support, manufacturing, design, services, delivery, to enhance revenue and increase positive customer outcomes. This creates a unique role for security to enhance business operations whilst increasing its security posture.

Wade Barisoff, Director of Product – Data Protection

  • Data Centric Security – As companies moved collaboration to cloud-based providers, the natural reaction was to extend what was already understood, which was attempting to control access to the containers where the data was stored rather than the data itself. As the use of cloud rapidly expanded, organizations had large volumes of customer and company data that was not well understood, in environments they may have had some access control over. Today, global organizations are starting to focus more on access to the data rather than the containers, as that is easier for business groups to understand. Tools that help secure data regardless of repository are coming into focus, as poorly maintained access control lists to repositories, that have been failing internally for decades, are now being pushed to cloud environments.
  • Data Classification Standards – Interoperability – For the last decade, data classification has slowed to zero adoption, primarily utilized by government and military organizations in any scale. File classification, for the most part, is a one-way street, where labels or tags only mean something to the company that created the data, but if shared, those classifications are lost on any external organization. There are a number of discussions (NIST for example) that are looking to create a standardization of labels in use to extend value beyond a single company. As a result, companies in the same industry can apply proper protections to the data shared with them and avoid labeling and re-labeling the same data, leading to systems such as data loss prevention having consistent actions on the content.

Tom Huntington, Executive Vice President of Technical Solutions

  • Open Source Creates More Targets – As more organizations deploy open source worldwide, this creates a larger target for bad actors to find loopholes in poorly engineered modules. Vulnerability scans and penetration testing efforts need to be taken seriously to help find where organizations are still running vulnerable code. The process of automating the deployment of patches through RPA can help to alleviate the shortages of staff.

John Grancarich, EVP, Strategy

  • Supply Chain Attacks on Organizations Will Increase – Between 2020 to 2021, supply chain attacks increased four-fold across the globe. As organizations get better at protecting themselves, sophisticated attackers will increasingly look more broadly at the end-to-end value chain of an organization for an opening. These supply chain targets will include everything from raw material providers to the retail channels that deliver goods to customers.
  • Attack Surface Management Evolves Into Critical Surface Management – We are all familiar with the term ‘attack surface management’, which is the process of continuously assessing and improving the security of an organization’s assets. However, this is inconsistent with how value is created in an organization – for example, is a development test server in a remote office as valuable as the intellectual property associated with a firm’s new invention? Organizations will evolve from a ‘how much can I protect’ approach to a ‘what is most critical to protect first’ mindset, improving the allocation of resources and value preservation in the process. Zero Trust architecture will play a critical role in this evolution.
  • A Shift From Product to Platform – We often hear from our customers that there are too many vendors, too many products, not enough integration and not enough optimization. This is a big reason why the cybersecurity industry is trying to hire 3 million more people around the world. It’s a broken paradigm, and the way to fix it is for the industry to shift to modular platforms which offer a simpler user experience and a more comprehensive and interoperable/integrated set of capabilities. Done well, organizations will be able to solve the majority of their cybersecurity challenges, with far fewer vendors than they typically use today.

Tom Huntington, Executive Vice President of Technical Solutions

  • Dismal Economy Strives Security Fatigue – As managements worries about the economy in 2023, the continued attempts by the bad actors of the world creates a security fatigue in the market. End users and IT teams are worn out by trying to keep up on a depleting battery. Now more than ever managed security offerings in DLP (Data Loss Prevention), File Monitoring, Email, MDR (Managed Detection and Response) and Digital Risk Management have become popular as security teams can’t keep up with their desired management needs. CISOs realize it is the right time to turn to a managed offering.

Tom Gorup, Vice President, Security Operations, Alert Logic by Fortra

  • Struggle to Bridge the Talent Gap – Demand for security will skyrocket in 2023 driven by economic downturn, consumer expectations and new compliance requirements. Meanwhile the talent pool for addressing the demand will remain depleted. This mismatch of security expectations and lack of quality talent supply will drive businesses to seek out third parties to solve their problems. As a result, we will experience choice overload in the MDR, MSPs and MSSPs spaces, seeking to fill the gaps for companies that don’t have the resources or in-house expertise to manage their own security challenges.
  • Security Complexity Grows – Security tools as standalone solutions are failing to enable businesses to effectively protect themselves. Tools that lack integration, offer complicated metrics and reporting, and generate exorbitant volumes of alerts, incidents, and telemetry are complicating the lives of CISOs and their teams. Even with the grandiose promises of Artificial Intelligence and Machine Learning technologies, designed to deliver increased efficiency and insight, security operations remain tough. Economic downturns will exacerbate these problems as organizations seek to reduce their expenses and turn to more 3rd parties for help. Businesses will begin to better understand the value of Managed Detection and Response services which are purpose-built to standardize and solve these operational challenges.
  • Ransomware Attacks Rise in Economic Downturn – Don’t expect ransomware attacks to abate any time soon – not only are they simply too lucrative and have a high potential for success, but, as we experience economic downturn, digital crimes will increase at an alarming rate. As a result, the demand for security solutions will rise dramatically.

Eric George, Director, Solutions Engineering, Digital Risk Protection and Email Security

  • Phishing As A Service use will expand – PaaS platforms simplify the creation and execution of credential theft phishing attacks which target the customers or employees of enterprise brands. These platforms cater to the lesser experienced threat actors and therefore have the potential to significantly expand the number of criminals conducting phishing attacks. 
  • Impersonation scams will increase and become more complicated and believable – 2022 saw a substantial amount of brands and individuals impersonated to add legitimacy to an assortment of online scams. And, in 2023, this will only increase in volume and complexity. We’re already beginning to see the possibilities of ‘deep fake’ on social media platforms and the Open Web, but as technology improves, these scams will become more common and harder to combat. 
  • MFA Platforms Targeted by phishers – Compliance requirements are making MFA more prevalent among enterprise organizations and, as such, it’s likely that attackers will follow suit. By compromising MFA, threat actors can potentially access multiple enterprise applications. 
  • Mobile device targeting increases – SMS phishing is much more difficult for the security community to track and respond to than traditional phishing attacks. In 2023, these attacks will likely continue to increase as our society continues to move toward mobile. 
  • Is this the year for web 3 or other decentralized platforms (such as blockchain domains) scams to grab the spotlight? Scams leveraging web 3 or other decentralized platforms haven’t yet targeted the bigger brands in a notable way, but it’s only a matter of time.

HelpSystems Is Now Fortra

Posted in Commentary with tags on November 2, 2022 by itnerd

HelpSystems announced today that it has become Fortra™ a name synchronous with security and defense. This evolution reflects the company’s enhanced commitment to helping customers simplify the complexity of cybersecurity in a business environment increasingly under siege. With a stronger line of defense from a single provider, organizations of all kinds can look to Fortra to increase security maturity while reducing the burdens to everyday productivity.  

In recent years, Fortra has grown to more than 3,000 employees with offices in 18 countries and over 30,000 global customers. As part of this evolution, the company shifted its focus to cybersecurity and automation, building a best-in-class portfolio with key capabilities in data security, infrastructure protection, and managed security services. These acquisitions have included Alert Logic, Digital Guardian, Cobalt Strike, Tripwire, Digital Defense, Terranova Security, Agari, PhishLabs, Core Security, GoAnywhere, Titus, and other well-known software and services providers. 

Such a rich collection of proven solutions has built the organization’s roster of industry experts and enabled innovative integrations to help customers solve challenges in new, streamlined ways. These integrations incorporate emerging threat intelligence for more effective protection against rapidly evolving cyberthreats. In fact, Fortra’s 350-person threat research and intelligence team stays abreast of emerging threats not only to guide customers in their defense efforts, but also to infuse its software and services with critical insights. 

Find out more at Fortra.com.

GoAnywhere Achieves SOC 2 Type 1 Compliance

Posted in Commentary with tags on December 6, 2021 by itnerd

GoAnywhere by Fortra announced today it has successfully completed the SOC 2 (System and Organization Controls) audit assessment for its managed file transfer (MFT) solution. Completing this audit assessment demonstrates Fortra’s commitment to ensuring customers have the highest level of cybersecurity possible as they transfer files. SOC 2 assessment completion also gives customers additional confidence in GoAnywhere for secure file transfer activity. 

As a key part of Fortra’s security and automation portfolio, GoAnywhere MFT is an industry leader in the secure movement, automation, and integration of data both in and out of the cloud. 

SOC 2 engagement is an attestation standard defined by the AICPA (American Institute of Certified Public Accountants). 

GoAnywhere by Fortra is an award-winning cybersecurity product line that helps more than 3,000 global enterprises, governments, and small and medium organizations safely connect to their trading partners, automate their IT processes, protect their data, and keep their sensitive information out of the DMZ. 

Fortra is a software company focused on helping exceptional organizations Build a Better IT. Their cybersecurity and automation software simplifies critical IT processes to give customers peace of mind. Learn more at  https://www.fortra.com/.