Category Archives: Internet Security
Guardz Launches AI-Powered Multilayered Phishing Protection To … – PR Newswire
With more than 3 billion phishing emails sent every day, Guardz protects SMEs from the increased risk of this growing attack vector
TEL AVIV, Israel, June 8, 2023 /PRNewswire/ -- Guardz, the cybersecurity company securing and insuring SMEs, today announced a new AI-powered Multilayered Phishing Protection solution to help small and medium-sized enterprises (SMEs) and managed service providers (MSPs) prevent phishing attacks before their security is compromised. The hassle-free and cost effective solution uses AI to provide small businesses and the MSPs that support them with automatic detection and remediation capabilities to protect against phishing attacks the number one threat they face. By combining email security, web browsing protection, perimeter posture, and awareness culture in one native solution, businesses can now efficiently safeguard against phishing threats, bolstering resilience and future-proofing their systems.
Ninety percent of all cyber attacks are initiated with phishing, which relies on social engineering to prey on human nature. Cybercriminals attempt to obtain sensitive information such as usernames, passwords, and credit card details by tricking recipients clicking on malicious links or providing personal information, which can then be used for identity theft, ransomware attacks, or other malicious activities. These attacks can result in data breaches, financial loss, and reputational damage to small businesses and even compromise the security of a business's entire network, leading to the exposure of further confidential information.
Guardz's new Multilayered Phishing Protection: continuously scans for all inbound traffic with its advanced anti-phishing email protection solution; initiates detection through AI-powered anti-phishing and anti-malware engines; removes risky emails from users' inboxes and automatically sends them to quarantine; monitors internet browsing to detect potential phishing attempts and delivers real-time alerts to system admins to enable timely responses; and provides ongoing, active cyber awareness training and tailored phishing simulations for employees, fostering a culture of caution and vigilance. Perhaps most importantly when dealing with phishing, the Guardz solution empowers every employee to behave in ways that support and strengthen the business's cybersecurity posture.
"The proliferation of phishing attack as a service (AaaS) tools sold on the dark web is putting the SME ecosystem increasingly at risk. Our new AI-powered phishing protection solution provides SMEs and MSPs with a holistic and accessible solution to prevent the success of phishing attacks," said Dor Eisner, CEO and Co-Founder of Guardz. "This is a significant addition to Guardz's holistic cyber security offering for small businesses, ensuring that they can react to cyber risks in real time with swift remediations, but also be protected by cyber insurance for complete peace of mind a true secure and insure approach."
The Multilayered Phishing Protection enables MSPs to provide their SME customers complete protection across all potential phishing attack vectors. It does so by automatically scanning the perimeter posture, inbound email traffic and internet browsing, and by providing ongoing, tailored cyber awareness training and simulation for employees. The platform automatically verifies emails for authentication protocols including Domain-based Message Authentication, Reporting and Conformance (DMARC), Sender Policy Framework (SPF) and checks for malicious forwarding rules.
The new Multilayered Phishing Protection solution is available now from Guardz. For further details, please visit Guardz's website:https://guardz.com/phishing-protection/
About Guardz
Guardzis a holistic cyber security and insurance solution designed for SMEs. Guardz's solution continuously monitors businesses' digital landscapes to protect their entire range of assets, enables them to react to cyber risks in real time with swift remediations, and provides cyber insurance for peace of mind. Its all-in-one, affordable platform is on guard 24/7, and is easy to use for both in-house IT personnel and MSPs. With cutting-edge technologies stacked into a robust platform, Guardz was founded in 2022 by Dor Eisner and Alon Lavi along with a team of cyber and insurance experts who combine innovation, experience, and creativity to create a safer digital world for small businesses.
Media Contact
Allison GreyHeadline Media[emailprotected]US: +1 323 283 8176UK: +44 203 807 4482IL: +972 53 820 2606
SOURCE Guardz
Link:
Guardz Launches AI-Powered Multilayered Phishing Protection To ... - PR Newswire
From Passwords To AI: The Future Of Cybersecurity In The Digital Age – Tech Build Africa
As the pace of digital change accelerates, so will the quantity and intelligence of data breaches. Even if you have a team of professionals working together to improve internet security, be rest assured that phishers, hackers, scammers, and fraudsters are becoming more advanced by the day, to break into your secured vault.
The globe is researching alternate authentication techniques and moving away from depending entirely on standard passwords.
While AI does not replace passwords directly, it does play a role in enabling more secure and convenient authentication processes.
AI is a strong technology that provides sophisticated capabilities for combating assaults by detecting and preventing threats as well as securing networks and services, compared to conventional cybersecurity techniques, which only detect known risks, AI uses autonomous algorithms and learning patterns to avoid future assaults.
The field of cybersecurity is undergoing substantial shifts in the digital age, with old password-based systems being supplemented and, in certain instances, supplanted by AI-driven solutions.
Beyond conventional password-based tactics, the future of cybersecurity involves integrating AI technology to improve threat detection, enhance authentication methods, assess risks, and implement proactive defense mechanisms.
As AI advances, it will become increasingly important in bolstering cybersecurity defenses in the digital age
Lets take a look at the future of cybersecurity where it transitions away from passwords and toward AI:
With the advancement of technology, passwords have become very vulnerable to theft, loss, or poor user behavior.
Biometric identification, such as fingerprint, iris, or facial recognition, is a safer and more user-friendly option. AI algorithms are critical in correctly recognizing and verifying biometric data.
Furthermore, behavioral authentication analyzes user behavior characteristics, such as typing speed or mouse movements, to authenticate users without depending simply on passwords.
Also, conventional techniques of detecting and responding to cyber threats frequently fail to keep up with the threat landscapes rapid evolution.
AI-powered cybersecurity solutions can more effectively analyze large amounts of data, discover trends, and detect anomalies.
Machine learning algorithms may learn from new data indefinitely to increase threat detection accuracy and automate responses, allowing firms to remain ahead of emerging dangers, passwords cant cut it
By evaluating historical data, user activity, and network patterns, AI-driven predictive analytics can analyze prospective cybersecurity vulnerabilities.
These insights enable firms to discover vulnerabilities proactively and make informed decisions to eliminate risks before they become major security breaches.
Conventional cybersecurity methods tend to depend on static rules and signatures, which can be circumvented by smart attackers.
AI allows the creation of adaptive security systems capable of learning and adapting to new threats in real-time.
These systems may automatically adapt their defenses in response to changing attack patterns, resulting in a more robust security posture.
AI technology can be used to proactively look for sophisticated threats and vulnerabilities in threat hunting and intelligence collecting.
To identify prospective risks and anticipate attack routes, AI algorithms may scan massive volumes of data from numerous sources, such as threat intelligence feeds, dark web tracking, and security logs.
As AI gets more integrated into cybersecurity, privacy, and ethical concerns become increasingly important.
AI models should be built and implemented using privacy-preserving strategies to ensure te safety of users personal data.
Furthermore, to avoid misuse or unforeseen repercussions, ethical AI norms like transparency, fairness, and accountability should be followed.
Dont miss important articles during the week. Subscribe totechbuild weekly digestfor updates.
More here:
From Passwords To AI: The Future Of Cybersecurity In The Digital Age - Tech Build Africa
University of Manchester hit by cyber attack – ComputerWeekly.com
The University of Manchester in northern England has been hit by a cyber attack that appears to have resulted in the exfiltration of an as-yet unknown quantity of data.
In a statement, the universitys registrar, secretary and chief operating officer, Patrick Hackett, revealed that some of its systems had been accessed by an unauthorised party and data copied.
Hackett told students that the universitys IT teams and external cyber support was working to establish what data has been compromised, and fully resolve the incident.
The organisation has also been in contact with the Information Commissioners Office (ICO), the National Cyber Security Centre (NCSC) and the National Crime Agency (NCA).
We know this will cause concern to members of our community and we are very sorry for this, said Hackett. Our priority is to resolve this issue and provide information to those affected as soon as we are able to, and we are focusing all available resources.
Hackett told students and staff to carry on as usual but to be vigilant in regard to any suspicious activity targeting them, particularly phishing emails.
We also advise staff not to download files from university systems in order to back them up, he added.
Although limited information is available at this stage, students and staff can contact the university via email at [emailprotected] if they have further questions.
At the time of writing, there is no available evidence to suggest that the University of Manchester is dealing with a ransomware attack, although it certainly bears some of the hallmarks of this type of incident. Its external-facing websites remain accessible from the internet.
A member of the Russell Group of UK research universities, the red-brick University of Manchester is the third largest university in the country with more than 90,000 undergraduate applications every academic year. Its consolidated income for the 2021-22 year was 1.2bn, 270.6m of this figure received from research grants and contracts.
Notable alumni include the recently deceased novelist Martin Amis, Ed OBrien of Radiohead, and actors Benedict Cumberbatch and Toby Jones. Its Department of Computer Science, the longest established in the UK, produced names such as computer designer and former chief scientific advisor to Margaret Thatchers government, John Fairclough, the designer of the BBC Micro and the ARM 32-bit RISC microprocessor, Steve Furber, and of course Alan Turing.
Universities face a variety of cyber security threats thanks to the large amount of data they hold on their student bodies, which is highly valuable to cyber criminals seeking financial gain. However, besides financially motivated cyber attacks, they are also considered vulnerable to nation-state backed threat actors looking to steal data and intellectual property to gain strategic advantages on the world stage.
The NCSC assesses that cyber crime presents the most immediately evident and disruptive problem to the academic sector, whereas that state-backed actions are more likely to cause long-term damage, with knock-on effects including impacts to the value and quality of research, falls in investment, and damage to the UKs science and technology sector.
The rest is here:
University of Manchester hit by cyber attack - ComputerWeekly.com
Match Group Tells Spammers To Bot Off As It Continues Investing In … – PR Newswire
Match Group says it companies have blocked nearly 5 million spam and bot accounts in the first quarter at sign up or before a user sees it
DALLAS, June 9, 2023 /PRNewswire/ -- To mark Internet Safety Month, today, Tinder and Match Group are highlighting Tinder's efforts to combat online fraudsters through tools that help reduce spam on the platform. Match Group companies are continuing making investments to enhance machine learning tools that proactively detect, prevent and remove spam across Match Group's global portfolio.
Tinder has also led the portfolio on rolling out several safety features, including Photo Verification with selfie video, background checks through Garbo and in-app video chat, which have been implemented in other Match Group brands.
According to internet crime experts, cyber criminals use various tactics and forms of communications across online platforms, from email and text phishing scams to social media platforms and online dating services. Match Group companies constantly invest in advanced detection and removal tools to help maintain the integrity of their services.
Match Group says every minute, there are an average of 44 spam accounts removed across its portfolio as an effort to help curtail suspected fraudulent accounts either blocked at sign up or before a user sees them. Additionally, nearly 5 million bots and spam accounts have been removed between January and March of this year before the account gained access to the platform or shortly after signup, in an effort to prevent potential harm.
"Tinder has an exceptional team with deep experience in detecting bad behavior, including spam," said Rory Kozoll, SVP of product integrity, Tinder. "Fraud detection is just one of many efforts we deploy to remove potential fraudulent accounts and it is something we will continue to invest in. By simultaneously investing in and building innovative online tools, we are also adding an additional level of security and confidence for users across the portfolio.
Over the few years, Tinder says spammers have evolved their tactics to exploit common member behaviors like posting a social handle on their bio to direct traffic to another platform, where they often monetize directly, or share yet another link that redirects to a third site for monetization.
In its continued efforts to help create a fun and safer place to meet new people, Tinder announced changes to its existing Community Guidelines last month, outlining the good behaviors that help lead to the best possible experience for everyone on the app. As part of these changes, Tinder says it will remove social handles from public bios that advertise or promote their social profiles to gain followers, sell things, fundraise, or campaign.
"We are continuously enhancing our spam prevention tools to help make them more effective, while also making investments in machine learning, both which we view as essential for Match Group to help maintain a safer service for our users around the world," said Jess Johnson, director, safety product, Match Group. "By implementing a combination of technology, human moderation, and user education to encourage reporting of suspicious activity, we are able to help remove the vast majority of spam at sign up or before a user ever sees it."
Garbo first launched on Tinderin March of 2022 and is now available on Plenty of Fish, Match and Stir. Following new enhancements incorporated in Tinder's Photo Verification process, the tools were implemented on Hinge, Archer, and Plenty of Fish, with more brands to follow.
About Match GroupMatch Group (NASDAQ: MTCH), through its portfolio companies, is a leading provider of digital technologies designed to help people make meaningful connections. Our global portfolio of brands includes Tinder, Match, Meetic, OkCupid, Hinge, Pairs, PlentyOfFish, OurTime, Azar, Hakuna Live, and more, each built to increase our users' likelihood of connecting with others. Through our trusted brands, we provide tailored services to meet the varying preferences of our users. Our services are available in over 40 languages to our users all over the world.
SOURCE Match Group
Go here to read the rest:
Match Group Tells Spammers To Bot Off As It Continues Investing In ... - PR Newswire
Security Analytic Market Trends and ForecastThe global security analytic market is expected to reach an estimated $31.3 billion by 2028 with a CAGR of…
ReportLinker
Trends, opportunity and forecast in the global security analytic market to 2028 by component (platform, services, and professional services), organization (large enterprises and small and medium-sized enterprises (SMES)), application (web security analytics, network security analytics, endpoint security analytics, application security analytics, and others), vertical (BFSI, retail and ecommerce, media and entertainment, travel and hospitality, telecom and it, healthcare, and others), and region (North America, Europe, Asia Pacific, and the Rest of the World).
New York, June 07, 2023 (GLOBE NEWSWIRE) -- Reportlinker.com announces the release of the report "Security Analytic Market: Trends, Opportunities and Competitive Analysis [2023-2028]" - https://www.reportlinker.com/p06465855/?utm_source=GNW
Security Analytic Market Trends and ForecastThe future of the global security analytic market looks promising with opportunities in the BFSI, retail and ecommerce, media and entertainment, travel and hospitality, telecom and IT, and healthcare markets. The global security analytic market is expected to reach an estimated $31.3 billion by 2028 with a CAGR of 17.2% from 2023 to 2028. The major drivers for this market are growing demand for detection of real-time advanced persistent, increasing trend of IoT, connected network devices, and cloud computing, and rising adoption of advanced technologies in internet security across the globe.
A more than 150-page report is developed to help in your business decisions. Sample figures with some insights are shown below.
Security Analytic Market by Segment
The study includes a forecast for the global security analytic market by component, organization, application, vertical, and region, as follows:
Security Analytic Market by Component [Value ($B) Shipment Analysis from 2017 to 2028]: Platform Services Professional Serviceso Consulting Serviceso Support and maintenance
Security Analytic Market by Organization [Value ($B) Shipment Analysis from 2017 to 2028]: Large enterprises Small and medium-sized enterprises (SMEs)
Security Analytic Market by Application [Value ($B) Shipment Analysis from 2017 to 2028]: Web Security Analytics Network Security Analytics Endpoint Security Analytics Application Security Analytics Others
Security Analytic Market by Vertical [Value ($B) Shipment Analysis from 2017 to 2028]: BFSI Retail and eCommerce Media and Entertainment Travel and Hospitality Telecom and IT Healthcare Others
Security Analytic Market by Region [Value ($B) Shipment Analysis from 2017 to 2028]: North America Europe Asia Pacific The Rest of the WorldList of Security Analytic CompaniesCompanies in the market compete on the basis of product quality offered. Major players in this market focus on expanding their manufacturing facilities, R&D investments, infrastructural development, and leverage integration opportunities across the value chain. With these strategies security analytic companies cater to increasing demand, ensure competitive effectiveness, develop innovative products & technologies, reduce production costs, and expand their customer base. Some of the security analytic companies profiled in this report include. IBM HPE Broadcom Splunk RSA Security FireEye Juniper Networks LogRhythmSecurity Analytic Market Insights The analyst forecasts that small and medium-sized enterprises (SMES) will remain the larger segment over the forecast period due to escalating demand for end-point security solutions across various e-commerce start-ups like retail and financial sectors. BFSI is expected to remain the largest segment due the growing demand for robust security against phishing attacks and frauds and digital privacy systems across financial, insurance, and banking institutes. North America will remain the largest region due to the growing frequency of data breaches, malware assaults, and persistent threats and increasing acceptance of technological advancements in the region.Features of the Security Analytic Market Market Size Estimates: Security analytic market size estimation in terms of value ($B) Trend and Forecast Analysis: Market trends (2017-2022) and forecast (2023-2028) by various segments and regions. Segmentation Analysis: Security analytic market size by various segments, such as by component, organization, application, vertical, and region Regional Analysis: Security analytic market breakdown by North America, Europe, Asia Pacific, and the Rest of the World. Growth Opportunities: Analysis on growth opportunities in different by component, organization, application, vertical, and regions for the security analytic market. Strategic Analysis: This includes M&A, new product development, and competitive landscape for the security analytic market. Analysis of competitive intensity of the industry based on Porters Five Forces model.FAQQ1. What is the security analytic market size?Answer: The global security analytic market is expected to reach an estimated $31.3 billion by 2028.Q2. What is the growth forecast for security analytic market?Answer: The global security analytic market is expected to grow with a CAGR of 17.2% from 2023 to 2028.Q3. What are the major drivers influencing the growth of the security analytic market?Answer: The major drivers for this market are growing demand for detection of real-time advanced persistent, increasing trend of IoT, connected network devices, and cloud computing, and rising adoption of advanced technologies in internet security across the globe.Q4. What are the major segments for security analytic market?Answer: The future of the security analytic market looks promising with opportunities in the BFSI, retail and ecommerce, media and entertainment, travel and hospitality, telecom and IT, and healthcare markets.Q5. Who are the key security analytic companies?
Answer: Some of the key security analytic companies are as follows: IBM HPE Broadcom Splunk RSA Security FireEye Juniper Networks LogRhythmQ6. Which security analytic segment will be the largest in future?Answer:The analyst forecasts that small and medium-sized enterprises (SMES) will remain the larger segment over the forecast period due to escalating demand for end-point security solutions across various e-commerce start-ups like retail and financial sectors.Q7. In security analytic market, which region is expected to be the largest in next 5 years?Answer: North America will remain the largest region due to the growing frequency of data breaches, malware assaults, and persistent threats and increasing acceptance of technological advancements in the region.Q8. Do we receive customization in this report?Answer: Yes, The analyst provides 10% Customization Without any Additional Cost.This report answers following 11 key questionsQ.1.What are some of the most promising, high-growth opportunities for the security analytic market by component (platform, services, and professional services), organization (large enterprises and small and medium-sized enterprises (SMES)), application (web security analytics, network security analytics, endpoint security analytics, application security analytics, and others), vertical (BFSI, retail and ecommerce, media and entertainment, travel and hospitality, telecom and IT, healthcare, and others), and region (North America, Europe, Asia Pacific, and the Rest of the World)?Q.2. Which segments will grow at a faster pace and why?Q.3. Which region will grow at a faster pace and why?Q.4. What are the key factors affecting market dynamics? What are the key challenges and business risks in this market?Q.5. What are the business risks and competitive threats in this market?Q.6. What are the emerging trends in this market and the reasons behind them?Q.7. What are some of the changing demands of customers in the market?Q.8. What are the new developments in the market? Which companies are leading these developments?Q.9. Who are the major players in this market? What strategic initiatives are key players pursuing for business growth?Q.10. What are some of the competing products in this market and how big of a threat do they pose for loss of market share by material or product substitution?Q.11. What M&A activity has occurred in the last 5 years and what has its impact been on the industry?
Read the full report: https://www.reportlinker.com/p06465855/?utm_source=GNW
About ReportlinkerReportLinker is an award-winning market research solution. Reportlinker finds and organizes the latest industry data so you get all the market research you need - instantly, in one place.
__________________________
Story continues
Cybernetics Empowers Businesses with Customized Solutions to … – Digital Journal
Stockport, United Kingdom, 10th Jun 2023, King NewsWire A leading provider of investigative services, Cybernetics, recently unveiled a new lineup of products meant to help businesses tackle internet security risks. Cybernetics works directly with companies that have been the target of different kinds of cybercrimes to provide a full range of services to successfully handle these issues. These services include specialized case analysis, in-depth transaction investigations, active stakeholder engagement to assess criminal methodologies, the development of an event trail for root cause analysis, and the deployment of strong security measures to prevent future incidents.
The Chief Information Officer at Cybernetics, Jessica Walker expressed the objective, stating, Our primary focus is to aid businesses in recovering from the consequences of online crime and equipping them with the necessary tools to prevent its recurrence. By closely collaborating with our clients, we gain a deep understanding of their unique challenges and provide customized solutions accordingly. Our team of seasoned experts possesses extensive experience in investigating and mitigating online crime, and we are committed to delivering the highest quality service to our clients.
In todays digital landscape, the detrimental consequences of online crime on an organizations reputation, operations, and financial stability cannot be understated. Recognizing the utmost importance of protecting businesses from the far-reaching repercussions of cybercrime, Cybernetics takes a proactive stance by offering personalized and comprehensive solutions tailored to meet the unique needs of those seeking services on how to get their stolen crypto back.
At the core of Cybernetics offerings is a suite of services specifically designed to aid businesses in navigating the complex world of cyber threats. These services are meticulously tailored to address the unique requirements of each organization, especially committed to helping those impacted by crypto trading platform crimes. By leveraging their expertise and staying at the forefront of technological advancements, Cybernetics empowers businesses to proactively protect their assets and effectively respond to any incidents of online crime.
Jessica, confidently asserts that their services will bring about significant benefits for businesses affected by online crime. We have absolute certainty that our services will make a tangible impact on businesses grappling with the consequences of online crime, stated the chief information officer. At Cybernetics, their team of specialists is dedicated to delivering personalized solutions that are tailored to meet the unique needs of each client, including crypto recovery services to help get stolen bitcoin back. The company firmly believes that every business should have the assurance of being shielded against online crime, and they are fully committed to turning that belief into a reality.
For more information about Cybernetics and their services, visit the website.
About Cybernetics
Cybernetics is a Hi-tech company, offering a range of services to help victims of cybercrime recover their stolen funds. The companys team of experts has years of experience in investigating and recovering funds from online transactions, using advanced technology and techniques to trace and recover stolen funds. Cybernetics is committed to providing a transparent and reliable service to its clients, and they work closely with law enforcement agencies and financial institutions to ensure that the culprits are brought to justice.
Organization: Cybernetics
Contact Person: Jessica Walker
Website: https://cybernetics-services.com/
Email: [emailprotected]
Address: Carpenter Court, 1 Maple Road, Bramhall, Stockport, Cheshire, SK7 2DH.
City: Stockport
Country: United Kingdom
Release Id: 1006234072
The post Cybernetics Empowers Businesses with Customized Solutions to Combat Online Crime appeared first on King Newswire.
Information contained on this page is provided by an independent third-party content provider. Binary News Network and this Site make no warranties or representations in connection therewith. If you are affiliated with this page and would like it removed please contact [emailprotected]
Read the original here:
Cybernetics Empowers Businesses with Customized Solutions to ... - Digital Journal
Barracuda Urges Replacing Not Patching Its Email Security … – Krebs on Security
Its not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.
The Barracuda Email Security Gateway (ESG) 900 appliance.
Campbell, Calif. based Barracuda said it hired incident response firm Mandiant on May 18 after receiving reports about unusual traffic originating from its Email Security Gateway (ESG) devices, which are designed to sit at the edge of an organizations network and scan all incoming and outgoing email for malware.
On May 19, Barracuda identified that the malicious traffic was taking advantage of a previously unknown vulnerability in its ESG appliances, and on May 20 the company pushed a patch for the flaw to all affected appliances (CVE-2023-2868).
In its security advisory, Barracuda said the vulnerability existed in the Barracuda software component responsible for screening attachments for malware. More alarmingly, the company said it appears attackers first started exploiting the flaw in October 2022.
But on June 6, Barracuda suddenly began urging its ESG customers to wholesale rip out and replace not patch affected appliances.
Impacted ESG appliances must be immediately replaced regardless of patch version level, the companys advisory warned. Barracudas recommendation at this time is full replacement of the impacted ESG.
In a statement, Barracuda said it will be providing the replacement product to impacted customers at no cost, and that not all ESG appliances were compromised.
No other Barracuda product, including our SaaS email solutions, were impacted by this vulnerability, the company said. If an ESG appliance is displaying a notification in the User Interface, the ESG appliance had indicators of compromise. If no notification is displayed, we have no reason to believe that the appliance has been compromised at this time.
Nevertheless, the statement says that out of an abundance of caution and in furtherance of our containment strategy, we recommend impacted customers replace their compromised appliance.
As of June 8, 2023, approximately 5% of active ESG appliances worldwide have shown any evidence of known indicators of compromise due to the vulnerability, the statement continues. Despite deployment of additional patches based on known IOCs, we continue to see evidence of ongoing malware activity on a subset of the compromised appliances. Therefore, we would like customers to replace any compromised appliance with a new unaffected device.
Rapid7s Caitlin Condon called this remarkable turn of events fairly stunning, and said there appear to be roughly 11,000 vulnerable ESG devices still connected to the Internet worldwide.
The pivot from patch to total replacement of affected devices is fairly stunning and implies the malware the threat actors deployed somehow achieves persistence at a low enough level that even wiping the device wouldnt eradicate attacker access, Condon wrote.
Barracuda said the malware was identified on a subset of appliances that allowed the attackers persistent backdoor access to the devices, and that evidence of data exfiltration was identified on some systems.
Rapid7 said it has seen no evidence that attackers are using the flaw to move laterally within victim networks. But that may be small consolation for Barracuda customers now coming to terms with the notion that foreign cyberspies probably have been hoovering up all their email for months.
Nicholas Weaver, a researcher at University of California, Berkeleys International Computer Science Institute (ICSI), said it is likely that the malware was able to corrupt the underlying firmware that powers the ESG devices in some irreparable way.
One of the goals of malware is to be hard to remove, and this suggests the malware compromised the firmware itself to make it really hard to remove and really stealthy, Weaver said. Thats not a ransomware actor, thats a state actor. Why? Because a ransomware actor doesnt care about that level of access. They dont need it. If theyre going for data extortion, its more like a smash-and-grab. If theyre going for data ransoming, theyre encrypting the data itself not the machines.
In addition to replacing devices, Barracuda says ESG customers should also rotate any credentials connected to the appliance(s), and check for signs of compromise dating back to at least October 2022 using the network and endpoint indicators the company has released publicly.
Update, June 9, 11:55 a.m. ET: Barracuda has issued an updated statement about the incident, portions of which are now excerpted above.
Read the original:
Barracuda Urges Replacing Not Patching Its Email Security ... - Krebs on Security
AIIMS Delhi hit by fresh cyberattack for second time in a year | Mint – Mint
The All India Institute of Medical Science (AIIMS) in New Delhi was hit by fresh cyberattacks on Monday. The premier medical institution said that the attempt of malware attack was successfully thwarted and the threat was neutralized in time.
The All India Institute of Medical Science (AIIMS) in New Delhi was hit by fresh cyberattacks on Monday. The premier medical institution said that the attempt of malware attack was successfully thwarted and the threat was neutralized in time.
"A malware attack was detected at 2:50 pm by the cyber-security systems in AIIMS, New Delhi. The attempt was successfully thwarted, and the threat was neutralised by the deployed cyber-security systems..," tweets All India Institute of Medical Sciences, New Delhi.
"A malware attack was detected at 2:50 pm by the cyber-security systems in AIIMS, New Delhi. The attempt was successfully thwarted, and the threat was neutralised by the deployed cyber-security systems..," tweets All India Institute of Medical Sciences, New Delhi.
This is the second cyberattack against AIIMS Delhi within a year as the premier medical institute faced disruption in services due to a cyberattack in November 2022. The servers of the medical institute went out of order due to the attack and the AIIMS also suspended two analysts for the alleged breach of cyber security.
This is the second cyberattack against AIIMS Delhi within a year as the premier medical institute faced disruption in services due to a cyberattack in November 2022. The servers of the medical institute went out of order due to the attack and the AIIMS also suspended two analysts for the alleged breach of cyber security.
The internet services at the hospital remained blocked for several days as Delhi Police joined the investigation with Indian Computer Emergency Response Team (CERT-In) and National Informatics Centre (NIC). The National Investigation Agency (NIA) also visited the hospital and helped the investigative agencies in the case.
The internet services at the hospital remained blocked for several days as Delhi Police joined the investigation with Indian Computer Emergency Response Team (CERT-In) and National Informatics Centre (NIC). The National Investigation Agency (NIA) also visited the hospital and helped the investigative agencies in the case.
The cyberattack led to the disruption of many services, especially online-based processes. The hospital launched Standard Operation Procedures (SoP) under manual admission and discharge procedure.
The cyberattack led to the disruption of many services, especially online-based processes. The hospital launched Standard Operation Procedures (SoP) under manual admission and discharge procedure.
The investigation into the AIIMS cyberattack revealed that the servers used in the cyberattack might have originated in China and Hong Kong. Delhi also wrote to the Central Bureau of Investigation (CBI) and asked it to obtain more information from Interpol.
The investigation into the AIIMS cyberattack revealed that the servers used in the cyberattack might have originated in China and Hong Kong. Delhi also wrote to the Central Bureau of Investigation (CBI) and asked it to obtain more information from Interpol.
The reports also said that AIIMS was not the only target of cyberattacks as attempts at the servers of other premier institutions were also made and the website of the Indian Council of Medical Research (ICMR) was reportedly targeted 6,000 times, but the hackers failed to hack it.
The reports also said that AIIMS was not the only target of cyberattacks as attempts at the servers of other premier institutions were also made and the website of the Indian Council of Medical Research (ICMR) was reportedly targeted 6,000 times, but the hackers failed to hack it.
Read more here:
AIIMS Delhi hit by fresh cyberattack for second time in a year | Mint - Mint
Work hard, play hard: These are the best (and worst) places for a … – Euronews
From high internet speeds to the cost of accommodation, new research ranks 60 cities around the world for working from home.
Where we work is more flexible than ever. With many of us working from home or even considering a digital nomad lifestyle, theres no need to be chained to your desk.
And as the summer holiday season approaches, you might be thinking about moving your home office abroad. But choosing where to go can be tricky.
New research from Culture Trip has taken a look at top destinations around the world to determine the best place for a working holiday.
They looked at five essential remote work criteria like internet speed, cyber security score and the cost of a coffee. The study also considered five criteria for things you need while on holiday such as accommodation and tourist attractions.
So across 60 different cities around the world, which came out on top for remote work?
Porto in Portugal was named the best city for a working holiday. The second fastest internet speed of any country and a solid cyber security score make it well suited to remote work. Outside of this, the city has plenty of green space and a wide selection of Airbnbs - more than 4,000 in total. When youre done with work, Porto also has 11 different five-star rated attractions.
Spanish cities also dominated the top of the rankings with Valencia and Barcelona taking 2nd and 3rd place and Madrid securing the 10th spot.
Valencia did well in all categories with high cyber security and internet scores. It also has 2,701 hours of sunshine a year meaning you can soak up some rays when you arent working. Barcelona also ranked highly due to its 6,576 sunny hours a year, plentiful green spaces and attractions including Gaudis famous artwork.
Next on the list was Lyon. This French city scored very well for cyber security but where it stands out from the rest is its low costs for coffee and public transport.
Rounding out the top 10 are Lisbon, Naples, Marseille, Paris, Milan and Madrid.
Destinations further afield lagged behind European cities due to slow internet speeds that arent suitable for logging on while youre away.
Three cities in Pakistan, Lahore, Karachi and Faisalabad came in the bottom three spots for internet speed. The country also had the lowest cyber security score of any included in the list.
Other destinations, including those in the US, ranked low because of their relatively high cost of living. New York, Chicago and Los Angeles were particularly expensive with LA coming top of the list for accommodation costs.
Go here to read the rest:
Work hard, play hard: These are the best (and worst) places for a ... - Euronews
Vulnerability exploitation volumes up over 50% in 2022 – ComputerWeekly.com
Driven by significant cyber security disclosures affecting supply chain dependencies, such as Log4j and Realtek, threat actors have vastly increased their use of vulnerabilities as a means to work their way inside their victims systems, with vulnerability exploitation attempts per customer up by 55% year on year (YoY) over the course of 2022, according to data compiled by Palo Alto Networks Unit 42 threat intelligence experts.
Presented in the latest edition of its Network threat trends research report, Unit 42s data was drawn from across its parents portfolio of network monitoring and cloud products and services, including its next-generation firewalls, extended detection and response (XDR), and secure access service edge (SASE) offerings, as well as external feeds and sample exchanges among its peers in the industry.
Unit 42s research team described a race between suppliers and threat actors to uncover and seal off new avenues of exploitation, which is creating a process of constant churn and piling pressure on end-user security teams.
Their findings tally with elements of Verizons annual Data breach investigations report (DBIR), which was also released this week, revealing that Log4j may potentially be the most exploited vulnerability in history.
Attackers are using both vulnerabilities that are already disclosed and ones that are not yet disclosed aka exploiting zero-day vulnerabilities, the research team wrote. We continue to find that vulnerabilities using remote code execution (RCE) techniques are being widely exploited, even ones that are several years old.
While using old vulnerabilities might seem counterproductive, they still have significant value to attackers. In some cases, vulnerabilities discovered years ago have not been patched. This could be either because the company failed to fix the issue, or they didnt provide the patch in a way that customers could easily find. In other cases, the product could lack a patch because the product is at the end of its supported lifespan.
However, they argued, the weight of responsibility for fixing this problem should not just fall on the security supplier community end-user organisations must have appropriate processes in place for remediating vulnerabilities safely and quickly, paying particular attention to acquiring, testing and applying patches, but also accounting for issues that might not immediately spring to mind, such as the network bandwidth needed to rush a patch out across a large enterprises entire IT estate.
Others also lack awareness of available patches, and are effectively rendering old, well-known vulnerabilities into which category Log4j must soon fall, if it has not done so already as dangerous as a newly discovered zero-day.
Threat actors know these problems exist, and they continue to try these old vulnerabilities because theyre counting on organisations to fail at some point in the process of applying patches, they said.
The full report contains insight into a great many security trends, but perhaps among the most notable statistic is a 910% increase in monthly registrations for domains related to OpenAIs ChatGPT tool, and a 17,818% increase in attempts to mimic ChatGPT through domain squatting.
While these increases are of course starting from a base of zero given ChatGPT was only launched in 2022, they nonetheless highlight some of the more realistic risks of tools driven by artificial intelligence (AI). Whereas much has been written about how ChatGPT may be able to create malicious activity, Unit 42s team said that they had not seen any noticeable rise in attributable, real-world activity in this regard.
However, they said, many more traditional techniques are attempting to take advantage of AI, and it is this that is leading to a boom in fraud attempts and scams.
The speed with which scammers used traditional techniques to profit off the AI trend underscores that organisations need to exercise caution around internet activity and software that are getting attention in popular culture, the team wrote.
At the same time, it remains possible that threat actors could find ways to take advantage of the unique technological capabilities of AI. For the time being, the main way that organisations can prepare for this possibility is to continue to employ defence-in-depth best practices. Security controls that defend against traditional attacks will be an important first line of defence against any developing AI-related attacks going forward, they said.
View original post here:
Vulnerability exploitation volumes up over 50% in 2022 - ComputerWeekly.com