cyberattacks – Digital IT News

Optiv Security Launches Next-Gen Managed XDR to Stop Threats Earlier in Attack Lifecycle

Leigh Porter — Tue, 03 Aug 2021 16:02:09 +0000

Optiv Security, launched its Managed Extended Detection and Response (MXDR) offering at Black Hat USA 2021. The technology-independent offering enables clients to take rapid and decisive action against today’s most critical cyberattacks and strengthen their security posture.

Optiv Managed XDR is a next-generation tech-enabled service that leverages your existing technology investments and deploys Optiv’s deep expertise to detect, analyze and remediate threats in real time.

“Optiv MXDR brings simplicity, transparency and automation to clients’ environments, enhancing existing defenses to counter known and emerging threats with confidence and speed,” said David Martin, chief services officer for Optiv. “What’s more, we can seamlessly leverage the power of Optiv to extend and layer the offering with a full suite of complementary services like remediation, incident response, threat hunting, and beyond.”

Optiv MXDR is the only managed cloud-based, next-gen advanced threat detection and response service that ingests data across various layers of technologies to correlate, normalize, enrich, and enable automated responses to malicious activity in real-time. By automating incident investigation with actionable insights, organizations can detect threats faster and prioritize which threats to mitigate first, significantly reducing the attack surface.

“We know the threat landscape; both what’s at stake and how to circumvent threat actors while significantly reducing time to detect and respond,” said John Ayers, XDR vice president for Optiv. “We meet clients where they are and customize our continuously managed approach to ease the burden of the unknown and allow teams to detect, respond and remediate threats faster while also automating deeper investigation for future improvements.”

Devo has been named a foundational partner in Optiv MXDR, delivering scalable, cloud-native logging and security analytics via the Devo Platform, enabling full visibility across cloud and on-premise environments for Optiv customers.

“Security teams are eager to learn more about XDR as they look to consolidate their security stack for greater efficiency and accuracy in threat detection and response,” said Ted Julian, SVP of Product at Devo. “Two constraints have always stood in their way: lack of real-time access to historical data, and the inability to collect and analyze the massive data volumes associated with modern operational environments. Devo eliminates these concerns and is uniquely qualified to power solutions like Optiv’s MXDR.”

Optiv delivers threat management solutions to more than 60 percent of Fortune 500 companies. View the complete MXDR service brief and find out how organizations can enhance their security posture with Optiv.

Image licensed by: unsplash.com

Veristor and Network Data Systems Partner to Deliver Services for Managed Secure Networking

The post Optiv Security Launches Next-Gen Managed XDR to Stop Threats Earlier in Attack Lifecycle appeared first on Digital IT News.

Majority of Americans Not Confident in U.S. Government’s Cybersecurity Preparedness Says PC Matic Survey

Leigh Porter — Wed, 05 May 2021 15:35:07 +0000

American cybersecurity firm, PC Matic, released the findings of a public opinion survey which sought to understand public opinion of cybersecurity as it relates to state and federal government preparedness and practices.

In a recent study conducted by cybersecurity firm, PC Matic, 57% of Americans responded that they do not believe the United States Federal Government is prepared to defend itself from cyber threats

The report, entitled “Americans on Cybersecurity,” presents the results of a nationally distributed survey by which nearly 1,400 Americans, representing all 50 states, responded. The findings, which were gathered in March 2021, signal that a majority of Americans lack confidence in government institutions and their abilities to defend themselves from cyber-threats.

Key findings from the report are as follows:

57% of Americans responded that they do not believe the United States Federal Government is prepared to defend itself from cyber threats
Nearly 61% of Americans believe the federal government should be doing more to protect American citizens from cyber threats
46% of IT professionals lack confidence in the United States Government’s ability to defend itself against a cyber attack
Just over 40% of Americans would like to see the United States Congress pass cybersecurity-related legislation
Only a quarter of Americans believe Congress needs to allocate more funding to preventing cybersecurity attacks

“It is imperative that Americans have confidence in their government’s ability to defend itself against cyber threats,” said Rob Cheng, CEO and Founder of PC Matic. “Cybersecurity is the most imminent threat to our national security, and considering the findings of this survey, it’s important systems be reworked to provide better security and to instill more confidence from the public.”

More results and the full report may be found here.

Image licensed by: Pixabay.com

ThinkIQ Announces VisualOps Solutions to Suite of Products

The post Majority of Americans Not Confident in U.S. Government’s Cybersecurity Preparedness Says PC Matic Survey appeared first on Digital IT News.

96% Of Security Professionals Preparing For AI-Powered Cyber-Attacks

Leigh Porter — Thu, 08 Apr 2021 15:48:57 +0000

Darktrace, a leading autonomous cyber security AI company, announced that a study conducted by MIT Technology Review finds that 96% of security leaders are now preparing for the emergence of AI-powered cyber-attacks, with many embracing AI defenses.

MIT Technology Review Insights surveyed over 300 C-level executives, directors and managers worldwide between December 2020 and January 2021 to understand how they address present and future cyber-threats. Key findings include:

The top 3 most concerning attacks were email attacks (74%), ransomware (73%) and cloud-based attacks (68%)
96% of respondents are preparing for the onset of AI attacks
68% expect AI to be used for impersonation and spear-phishing attacks
60% believe that human-driven responses fail to keep up with automated cyber-attacks

The report includes a case study from McLaren Racing, the Formula 1 giant, which uses Darktrace’s Autonomous Cyber AI to detect and respond to fast-moving cyber-attacks. The case study details an instance in which the AI stopped a sophisticated email impersonation attack during a busy race weekend.

The report also details insights from Darktrace’s Director of Threat Hunting and former White Hat Hacker, Max Heinemeyer, who explores the security challenges of ‘fearware’, highly targeted scam emails that have exploited the public’s fears around the pandemic.

“Of the individuals surveyed for this report, 60% are C-level executives and directors,” commented Laurel Ruma, Editorial Director, US at MIT Technology Review. “From the results, it is clear that cyber security is a real and significant issue for business leaders – and AI is going to play a very big part in securing all enterprises.”

“These findings show that we are at a watershed moment and business executives are preparing for a new era of attacks,” commented Nicole Eagan, Chief Strategy & AI Officer at Darktrace. “Approaches that are based on analyzing historical attacks will be ill-equipped to defend against Offensive AI. A fundamentally new approach using self-learning technology and autonomous response will be necessary to augment human security teams.”

Image licensed by: Pixabay.com

Related News:

MemVerge Makes Big Memory Apps Sizzle

ASCENT Launches ASCENT Security Compliance Portal

The post 96% Of Security Professionals Preparing For AI-Powered Cyber-Attacks appeared first on Digital IT News.

Check Point Software’s Security Report Reveals Extent of Global Cyber Pandemic and How Organizations Can Develop Immunity in 2021

Taylor Graham — Wed, 03 Mar 2021 17:26:36 +0000

New report shows how hackers and criminals exploited COVID-19 pandemic in 2020 to target all business sectors and highlights the key tactics used, from cloud exploits to phishing and ransomware.

The world faces over 100,000 malicious websites and 10,000 malicious files daily
87% of organizations have experienced an attempted exploit of an already-known, existing vulnerability
46% of organizations have had at least one employee download a malicious mobile application

Check Point Research (CPR), has published its 2021 Security Report. The report reveals the key attack vectors and techniques observed by CPR researchers as criminal, political and nation-state threat actors exploited the disruption caused by the COVID-19 pandemic to target organizations across all sectors. It also gives cyber-security professionals and C-Level executives the information they need to protect their organizations against these advanced fifth-generation cyber-attacks and threats.

Highlights of the Check Point Research 2021 Security Report include:

Cloud adoption races ahead of security: 2020 saw organizations’ digital transformation programs advance by over five years in response to the pandemic, but public cloud security is still a major concern for 75% of enterprises. Also, over 80% of enterprises found their existing security tools don’t work at all or have only limited functions in the cloud, showing that cloud security problems will continue into 2021.
Remote working is targeted: hackers ramped up ‘thread hijacking’ attacks on remote workers to steal data or infiltrate networks using the Emotet and Qbot trojans, which impacted 24% of organizations globally. Attacks against remote access systems such as RDP and VPN also increased sharply.
Double-extortion ransomware attacks rise: in Q3 2020, nearly half of all ransomware incidents involved the threat of releasing data stolen from the target organization. On average, a new organization becomes a victim of ransomware every 10 seconds worldwide.
Attacks on healthcare sector become an epidemic: in Q4 2020, CPR reported that cyber-attacks (especially ransomware attacks) on hospitals had increased by 45% worldwide, because criminals believe they are more likely to meet ransom demands due to the pressures from COVID-19 cases.
Mobiles are moving targets: 46% of organizations had at least one employee download a malicious mobile application, which threatens their networks and data in 2020. The increased use of mobiles during global lockdowns has also driven growth in banking and information-stealing mobile Trojans.

“Businesses globally surprised themselves with the speed of their digital initiatives in 2020: it’s estimated that digital transformation was advanced by up to seven years. But at the same time, threat actors and cyber criminals also changed their tactics so that they could take advantage of these changes, and the pandemic’s disruption, with surges in attacks across all sectors,” said Dorit Dor, vice president of products, Check Point Software. “We need to act now to stop this cyber pandemic spreading out of control. Organizations need to vaccinate their hyper-connected networks to prevent these damaging cyber-attacks that cause so much disruption.”

Check Point’s 2021 Security Report is based on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cybercrime which delivers threat data and attack trends from a global network of threat sensors; from Check Point’s research investigations over the last 12 months; and on recent survey reports by Check Point of IT professionals and C-level executives. The report examines the latest emerging threats across industry sectors, and gives a comprehensive overview of the trends observed in the malware landscape, in emerging data breach vectors, and in nation-state cyber-attacks. It also includes expert analysis from Check Point’s thought leaders; to help organizations understand and prepare themselves for today´s and tomorrow’s complex threat landscape.

For more details, download the full report.

Image Licensed by: Pixabay.com

39% of Healthcare Organizations Suffered Ransomware Attacks in the Cloud in 2020

The post Check Point Software’s Security Report Reveals Extent of Global Cyber Pandemic and How Organizations Can Develop Immunity in 2021 appeared first on Digital IT News.

Connected Cars Technology Vulnerable to Cyber Attacks

Leigh Porter — Wed, 17 Feb 2021 10:02:01 +0000

Trend Micro Incorporated a global leader in cybersecurity, announced a major new study into connected car security that describes multiple scenarios in which drivers could encounter attacks that threaten the safety of themselves and others.

Click here to access the full report, Cyber Security for Connected Cars: Exploring Risks in 5G, Cloud and Other Connected Technologies.

(PRNewsfoto/Trend Micro Incorporated)

The report reveals the scope of the cybersecurity risks examined. Researchers evaluated 29 real-world attack scenarios according to the DREAD¹ threat model for qualitative risk analysis. These attacks could be launched remotely against and/or from victim vehicles. Examples and highlights include:

DDoS attacks on Intelligent Transportation Systems (ITS) could overwhelm connected car communications and represent a high risk.
Exposed and vulnerable connected car systems are easily discovered, making them at higher risk of abuse.
Over 17% of all attack vectors examined were high risk. These require only a limited understanding of connected car technology and could be accomplished by a low-skilled attacker.

“Our research shows that there are ample opportunities for attackers looking to abuse connected car technology,” said Rainer Vosseler, threat research manager for Trend Micro. “Fortunately, there are currently limited opportunities for attacks, and criminals have not found reliable ways to monetize such attacks. With the U.N.’s recent regulations requiring all connected cars to include cybersecurity, as well as a new ISO standard underway, now is the time for stakeholders across the industry to better identify and address cyber risk as we accelerate towards a connected and autonomous vehicle future.”

More than 125 million passenger cars with embedded connectivity are forecast to ship worldwide between 2018 and 2022, and progress continues to advance towards fully autonomous vehicles. This advancement will create a complex ecosystem comprising cloud, IoT, 5G and other key technologies. It also features an enormous attack surface comprising potentially millions of endpoints and end users.

As the industry develops, there will be multiple opportunities for monetization and sabotage for cybercriminals, hacktivists, terrorists, nation states, insiders and even unscrupulous operators, the report warns. Of all 29 attack vectors studied, the overall risk of successful cyber attacks was assessed as Medium. However, as SaaS applications become embedded in the Electrical/Electronics (E/E) architecture of vehicles and cybercriminals create new monetization strategies, an evolution in attacks will lead to higher risk threats.

To mitigate the risks outlined in the study, connected car security must be designed with an integrated view of all critical areas to secure the end-to-end data supply chain. Trend Micro has the following high-level guidance for protecting connected cars:

Assume compromise and have effective alert, containment, and mitigation processes.
Protect the end-to-end data supply chain across the car’s E/E network, the network infrastructure, backend servers, and VSOC (Vehicle Security Operations Center).
Apply lessons learned to further strengthen defenses and prevent repeat incidents.
Relevant security technologies include firewall, encryption, device control, app security, vulnerability scanner, code signing, IDS for CAN, AV for head unit, and much more.

Trend Micro offers IoT cybersecurity solutions specific to connected cars. Learn more here: https://www.trendmicro.com/en_us/business/solutions/iot/connected-car.html.

Image licensed by unsplash.com

Pure Extends Market Leadership with new Purity Software and Third Generation Capacity Optimized Flash Platform, Unifying File Support and Ransomware Protection across FlashBlade and FlashArray

The post Connected Cars Technology Vulnerable to Cyber Attacks appeared first on Digital IT News.

Malwarebytes Finds Schools and Students Vastly Underprepared for Pandemic Cybersecurity

Leigh Porter — Mon, 07 Dec 2020 20:46:11 +0000

Malwarebytes announced the results of their latest report, “Lessons learned: How education coped in the shift to distance learning,” detailing data from 500 students and 75 IT decision-makers at educational institutions to shed light on the state of cybersecurity in education during the COVID-19 pandemic. The report contains startling findings including a stark lack of training for the new learning environments and a large discrepancy between student and IT decision-maker experiences with cyberevents such as cyberattacks.

“Students during the pandemic are struggling with digital access, engagement and a severe sense of isolation. Cybersecurity should be the least of their concerns, and yet, it’s concerning to find that nearly half of educational institutions show a lack of preparedness,” said Marcin Kleczynski, CEO of Malwarebytes. “It is essential that schools – and all organizations – stop viewing cybersecurity as an afterthought; protecting our students and their data online should be a top priority for educators.”

The report uncovered that cybersecurity preparation made a significant difference in a school’s ability to weather a cybersecurity event. For respondents who engaged in a variety of cybersecurity best practices before transitioning to a distance learning model, none suffered a cyberattack, and none cancelled a single day of distance learning because of a cyberattack.

18.2 percent of these more well-prepared respondents said “teachers or students have suffered a Zoom-bombing attack” compared to the 29.3 percent of all respondents.

In addition, the report revealed major inconsistencies in the perceived experiences between IT decision-makers and students. A remarkably low number of IT decision-makers said their schools suffered a cyberattack—just 2.7 percent—and yet, 46.2 percent of students said their schools suffered a cyberattack. This statistic of students experiencing a cyberattack is even more important as they look to enroll in universities or private schools because 61 percent of students reported that a cyberattack resulted in a significant or strong impact on their trust in their school.

Other key findings from the report include:

50.7 percent of IT decision-makers said that no one (not students, staff or faculty) was required to enroll in cybersecurity training before the new school year began
46.7 percent of IT decision-makers said their schools developed “no additional requirements” for the students, faculty, or staff who connected to the school’s network (no cybersecurity training AND no antivirus tool installations)
Nearly three quarters (70.7 percent) of schools deployed new software needed for distance learning, such as Zoom, Remind, and Google Classroom
In preparing for the new school year, 30.7 percent of schools admitted to not being able to provide for all teachers, administrators, and staff members to work remotely, while 45.3 percent of schools could not provide all the devices needed for every student to attain an equal quality of education
With distance learning in full swing, concerns remain with device shortages:
- 28 percent of IT respondents said their schools are missing laptops, computers or tablets for teachers
- 40 percent are missing those tools for parents and students
- 38.7 percent worry that teachers or students are too quickly using up the data on school-provided WiFi hotspots

Imaged licensed by Upsplash.com

Related News:

AWS Announces Amazon DevOps Guru

With 5G Adoption, Come New Cybersecurity Risks to Mitigate

The post Malwarebytes Finds Schools and Students Vastly Underprepared for Pandemic Cybersecurity appeared first on Digital IT News.

Business Email Compromise Attacks Rise in 75% of Industries

Olivia Rowan — Fri, 30 Oct 2020 21:52:46 +0000

Abnormal Security has released the Abnormal Security Quarterly BEC Report for Q3 2020. The research, which analyzes business email compromise (BEC) attacks tracked by Abnormal from July-September 2020, found that BEC campaign volume increased 15% quarter-over-quarter, driven by an explosion in invoice and payment fraud.

“As the industry’s only measure of BEC attack volume by industry, our quarterly BEC research is important for CISOs to prepare and stay ahead of attackers,” said Evan Reiser, CEO of Abnormal Security. “Not only are BEC campaigns continuing to increase overall, they are rising in 75% of industries that we track. Since these attacks are targeted and sophisticated, these increases could indicate an ability for threat actors to scale that may overwhelm some businesses.”

For this research, Abnormal Security tracked BEC campaigns across eight major industries, including Retail/Consumer Goods & Manufacturing, Technology, Energy/Infrastructure, Services, Medical, Media/TV, Finance and Hospitality. During Q3, Abnormal found that BEC campaign volume increased in six out of eight industries, with Energy/Infrastructure seeing the highest jump of 93% from Q2 to Q3. Retail/Consumer Goods & Manufacturing, Technology and Media received the highest volume of attacks during the quarter.

Among the numerous categories of attacks that Abnormal Security prevents for its Fortune 500 clients, it uniquely stops two types of BEC attacks: social engineering BEC, with a goal to impersonate internal employees and VIPs or external partners, and invoice and payment fraud BEC attacks, with a goal of stealing money from companies. During Q3, attackers continued to focus primarily on invoice and payment fraud, which increased 155% from Q2 to Q3. This trend was particularly notable in Retail/Consumer Goods & Manufacturing.

Threat actors continue to target invoice and payment fraud BEC attacks at finance departments, which increased by 54% on average per week from Q2 to Q3. In addition, attackers shifted tactics by increasing email attacks to group mailboxes by 212%.

Additional findings from Abnormal’s Q3 BEC research:

While credential-phishing COVID-19 related attacks decreased by 82%, invoice and payment fraud that continues to leverage the fear, uncertainty and doubt of the pandemic increased by 81%.
The most impersonated brands returned to the pre-pandemic “normal,” as Zoom dropped away from the top spot, replaced by DHL and followed by Dropbox and Amazon. Rounding out the top five were iCloud and LinkedIn.

The Abnormal Quarterly BEC Report for Q3 2020 report is now available for download.

Abnormal Security is a next-generation cloud email security company that protects organizations from advanced targeted attacks.

Image credit: Unsplash.

The post Business Email Compromise Attacks Rise in 75% of Industries appeared first on Digital IT News.

98% of Public Sector Organizations Worry Cyberthreats Will Compromise the Supply Chain

Digital IT News Editors — Wed, 21 Oct 2020 18:31:59 +0000

Government market findings from the Netwrix 2020 Cyber Threats Report found that with the pandemic, the public sector has become extremely worried about cyberattacks. Nearly all respondents (98%) are now concerned about supply chain compromise, 95% named VPN exploitation as a top threat and 82% cited credential stuffing.

Another drastic shift is related to the misconfiguration of cloud services: 88% of government agencies now say that cloud misconfiguration is a top security threat, while pre-pandemic, only 25% said it was critical. However, only 11% of incidents reported during the first three months of the pandemic were actually caused by this scenario.

In reality, most incidents during this time period involved the human factor: 53% of respondents said they experienced at least one phishing attack, and 18% reported insecure sharing of sensitive data. What’s particularly troubling is that improper data sharing was especially hard for government agencies to spot: nearly all organizations needed days (42%), weeks (32%) or even months (21%) to detect it.

“Government agencies should focus their cybersecurity efforts on mitigating the insider threat, especially when many employees and contractors are accessing the networks remotely. Organizations must ensure that every user understands basic cybersecurity rules and completes security training on a regular schedule. IT teams should look for solutions to speed threat detection and streamline incident investigation. In addition, they should follow proven security best practices like network segmentation, privilege attestation, continuous auditing for malicious activity across data repositories, and alerting on suspicious activity and changes,” said Ilia Sotnikov, VP of Product Management at Netwrix

Other findings discovered by the survey include:

29% of government agencies feel that they are at greater security risk now than they were before the pandemic. 86% of them are worried about stronger or more frequent cyberattacks, which is the highest percentage among all the verticals studied in the report.
Concern about VPN exploitation grew from 10% pre-pandemic to 95% now.
26% of government agencies reported experiencing ransomware or other malware.
6% experienced data theft by employees. None was able to spot it in minutes and only 5% were able to flag the incident in hours. The rest (95%) required days, weeks or months.

The post 98% of Public Sector Organizations Worry Cyberthreats Will Compromise the Supply Chain appeared first on Digital IT News.