Tag Archive for: adds

VirusTotal Adds Collections Feature for Better Collaboration and Context

/in


VirusTotal, a key repository of malware samples and suspicious files for security researchers and defenders, is introducing a new service that enables users to collaborate and share data and indicators of compromise in real time.

The Collections feature allows any user to create a new collection for a file or malware sample that includes a variety of different IOCs, such as file hashes, domains or URLs or other information. The collection can also include a description and VirusTotal will add other information to the collection, such as tags and metadata.

Researchers and security teams often use informal methods such as Twitter, Pastebin, or Dropbox for sharing IOCs, threat intelligence, hashes of malware samples, and lists of suspicious domains. There are also a number of private forums in which that information is shared, but those tend to be small and so data is not disseminated widely. Those methods work for specific use cases, but getting threat information out to the widest possible audience of defenders and researchers can make a significant difference in heading off attacks.

The VirusTotal Collections feature is designed to enable researchers and defenders to update their contributions as needed and allow others to consume them.

“Collection owners can update these by adding or removing IoCs. They are public via our UI and API, and they can be shared using their permalink. This makes it a very convenient way of linking to listings of IoCs in blog posts, research reports and the like,” Juan Infantes of VirusTotal said in a post.

VirusTotal has been the default platform for checking potentially malicious files and URLs for many years, and has evolved into a resource for community sharing and discussion, as well.

“Time evolves and now most investigations go beyond one observable, quickly adding up several indicators of compromise (IOCs) for one single incident . With many security researchers sharing their findings in blog posts and tweets, it’s getting hard to keep track of all these data inputs. Moreover, these investigations change over time bringing more difficulty into reporting the new findings,” Infantes said.

Source…

Box adds ransomware content security; Box Sign goes GA

/in


Box Inc. has announced new integrations with Microsoft Office, Slack and Zoom in an effort to increase collaboration among users.

The Slack integration, planned for later this year, will enable Slack users to upload files to Box within the Slack interface as well as maintain Box content security protocols and user-set compliance rules. A Box app for Zoom, launched last month in the Zoom App Marketplace, cuts down on clicks for presenting Box files in Zoom meetings. It also enables users to browse, preview and share Box files directly from Zoom, whether the meeting is active or not.

For Box users whose organizations meet and collaborate with Teams and use Microsoft Office apps such as Excel, Word and PowerPoint, the latest integrations enable multi-person collaboration in Word online and desktop apps in Box files. For companies that use both Teams and Box — which Box claims is in the hundreds of thousands — the Box-Teams integration enables Box to be the default storage destination for content.

For users of the Box Shield content security add-on, Box released more content security features that include ransomware detection that quarantines files before they can shut down a Box user’s network. The Box Shield approach to content security is “ingenious,” said Deep Analysis founder Alan Pelz-Sharpe, because while a Box customer may have millions of documents spread among petabytes in its Box instance, Box Shield focuses on only the ones that are active at any given moment. Box’s security features and security certifications such FedRAMP High keep them ahead of many competitors, he said.

“Truthfully, that’s been their big differentiator,” Pelz-Sharpe said. “[Companies] that are in product selection mode who ask me about file-sharing systems, it’s just become rote to say, ‘Well, if you’re really, really concerned about compliance and security, you definitely should be looking at Box.'”

Box for Microsoft integration
Among the features unveiled at BoxWorks Digital 2021 is an integration with Microsoft Word that enables multi-party live editing of files in Box.

Box adds mobile document scanner

Vendors are turning smartphones into document scanners that perform optical character recognition. Adobe released…

Source…

Commvault adds new ransomware protection and response services

/in


Details
Published: Tuesday, 14 September 2021 10:57

Commvault has announced new ransomware services designed to help businesses prepare for, protect against, and respond to ransomware. The new offering is called Commvault Ransomware Protection and Response Services and provides the resources and expertise needed to harden customers’ Commvault solutions from an attack, review the state of their data protection solution over time, and help them recover critical data when an attack does occur.

Commvault Ransomware Protection and Response Services includes two specific areas@

The Ransomware Protection Design and Plan service assists customers in validating their preparedness for ongoing threats and attacks. The offering will help organizations understand potential threats and risks impacting their ability to be ready. It offers tangible outcomes such as a readiness scorecard, key findings, and recommendations and a prioritised action plan.

The Commvault Ransomware Response Service provides the expertise and resources to help recover from an attack. As part of the service, Commvault provides a Ransomware Recovery Incident Manager backed by the Commvault Recovery Operations team. The service works with customers to identify and recover critical data and expedite a return to normal business operations.

These services complement Commvault Ransomware Protect and Recover solutions that deliver the critical capabilities for ransomware data protection.

More details.

Source…

Chrome Android Incognito Mode Adds Extra Layer of Security | PIN, Face Unlock, or Fingerprint Access

/in




Urian B., Tech Times

Chrome Android Incognito Mode Adds Extra Layer of Security | PIN, Face Unlock, or Fingerprint Access
(Photo : Image from Pexels) Chrome Android Incognito Mode Adds Extra Layer of Security | PIN, Face Unlock, or Fingerprint Access

Chrome Android incognito mode is adding an extra layer of security with PIN, face unlock, or even fingerprint access. The new feature highlights ways that can improve users’ security through their phone when accessing incognito mode.

Google Incognito Mode

According to the story by SlashGear, private browsing, otherwise known as incognito mode, is one of the very basic forms of privacy protection mechanisms existing in web browsers today. Although it can sometimes be mistaken for complete privacy protection, incognito mode actually only makes sure that the user won’t leave any traces of their activity on the browser itself.

The protection, however, can be considered quite pointless if there is already someone else that holds the users’ phone and the browser is left open. This is why Google has now been working on another re authentication mechanism for its incognito mode scheduled to come to Android pretty soon.

PIN or Biometric Authentication

Physical access to a particular device will almost always make security features quite moot. This is especially true when the users’ phone is already unlocked. Incognito mode can also be rendered useless when the tabs are already opened within the browsers’ background. Google allows complete search history deletion despite not even using incognito mode.

All that it would take is for an unauthorized user to simply switch everything back to it in order to see what the original user has been secretly browsing. Another lock for the incognito mode would add an extra layer of security. This is presumably if users already have enabled their PIN or biometric authentication on their device.

Chrome Android Canary Version

Chrome Story reports that a brand new flag in Chrome for Android’s very own development Canary version will add exactly that. Once the flag has reportedly been enabled and Chrome has finally been restarted, a brand…

Source…