Tag Archive for: annual

Black Hat Europe 2022: Hacking tools showcased at annual security conference

/in


Aids and techniques demonstrated at this year’s arsenal track

Black Hat Europe 2022: Hacking tools from this year's conference

Tools to enable the work of security researchers, pen testers, and bug bounty hunters were demonstrated at this year’s Black Hat Europe conference, held at London’s Excel Centre this week.

The annual security conference saw hackers from across the world gather to share research and other insights.

One of the conference’s regular features is the arsenal track, where attendees can witness live demos of various hacking tools.

Node Security Shield

One of the tools showcased this year, Node Security Shield, “provides zero-day protection for NodeJS applications”, Lavakumar Kuppan of Domsdog Security, which created the tool, told The Daily Swig.

“It is a defensive tool designed to be used by developers as well as security engineers,” they said.

“Existing defensive systems like WA [web application firewall], RASP or any of the supply chain attack protection systems all take a similar approach. They look for known bad patterns. This approach is fine for blocking well known attacks, but it is ineffective against zero-days.

“Node Security Shield takes the opposite approach. Application owners typically know and can define the expected behavior of their application. Node Security Shield ensures that only the defined good behavior is allowed, and any deviations are either blocked or trigger an alert.”

Node Security Shield supports a ‘Resource Access Policy’, inspired by Content Security Policy, a simple JavaScript object where the application owner defines the expected behavior of their app.

Read more of the latest news about hacking tools

“This enables us to block or provide exploitation mitigation against zero-day attacks. Also this approach is extremely fast compared to the other systems that have to compare every incoming request against an ever increasing list of attack patterns.

“With systems like WAF and RASP (runtime application self-protection) there is a risk of legitimate functionality being affected because it is unclear what those products will block and allow. That risk is significantly less with this approach since the application owners have a very clear…

Source…

Endace Awarded “Incident Forensics Solution of the Year” in 6th Annual CyberSecurity Breakthrough Awards Program | News

/in


AUSTIN, Texas & AUCKLAND, New Zealand–(BUSINESS WIRE)–Oct 7, 2022–

Endace today announced that EndaceProbe has been selected as the “Incident Forensics Solution of the Year” winner in the 6 th annual CyberSecurity Breakthrough Awards program, conducted by CyberSecurity Breakthrough, a leading independent market intelligence organization that recognizes the top companies, technologies and products in the global information security market today.

“Capturing and analyzing packet data is an indispensable resource for securing the networking and protecting critical infrastructure. Network visibility across the network, from edge to edge, provides the most reliable defense,” said James Johnson, managing director, CyberSecurity Breakthrough. “EndaceProbe leads the industry in storage density, speed, and reliability – providing a common hardware platform for a complete and accurate source of network-wide packet data to all the teams and tools that need access to it – delivering ‘breakthrough’ visibility into network activity. Congratulations to the Endace team on being our choice for ‘Incident Forensics Solution of the Year.’”

The EndaceProbe platform provides accurate, always-on packet capture with zero-loss, and its modular design can scale to large global networks to provide weeks to months of full packet history. Its powerful API allows for integration and hosting of commercial and open-source network security and performance tools to analyze live or historical traffic. The EndaceProbe provides a common infrastructure that allows for the sharing of a single, authoritative source of packet data across SecOps, NetOps, and IT teams.

“Endace has specialized in scalable high performance, high reliability packet capture technology for more than two decades along with a strong legacy of third-party integrations. Organizations increasingly recognize the benefits of adopting a common hardware platform that can integrate with and host their chosen security and performance analytics tools and provide visibility into activity across the entire network,” said Endace CEO, Stuart Wilson. “EndaceProbe gives security analysts the ability to…

Source…

SonicWall Earns Prestigious 2022 CRN Annual Report Card Award for Enterprise Network Security

/in


Solution providers score SonicWall highest as top-performing channel provider for enterprise network security

MILPITAS, Calif., Aug. 21, 2022 /PRNewswire/ — SonicWall today announced that CRN, a brand of The Channel Company, named the cybersecurity leader as one of the winners in the Enterprise Network Security category of the 2022 CRN Annual Report Card (ARC) Awards. This award honors the industry’s top technology vendors for success in providing high levels of satisfaction for channel partners through innovative products, services and partner programs.

“As a 100% channel company, we remain completely committed to delivering our partners and customers with the absolute best products and support to face today’s increasingly complicated security challenges,” said SonicWall President and CEO Bob VanKirk. “We’re excited to be recognized by CRN, especially knowing that they celebrate best-in-class vendors that are committed to driving partner growth and demonstrating outstanding channel performance. SonicWall is uniquely positioned to help partners, including MSSPs, evolve and help facilitate their growth.”

With 37 years of history, CRN’s ARC Awards recognize best-in-class vendors devoted to boosting IT channel growth through innovation in technology and partner strategy. Through the ARC Awards — known as one of the most prestigious honors in the IT industry — solution providers offer key feedback that commends technology manufacturers for designing channel-friendly product offerings, developing strong partner programs, and building long-term successful relationships with solution providers.

SonicWall’s SecureFirst Partner Program and its industry-leading security products help partners and MSSPs exceed customer demands. More than 17,000 active SonicWall partners help protect our customers every day, and because of them SonicWall is one of the unquestioned leaders in the cybersecurity space.

The ARC Awards are based on an invitation-only research survey conducted by The Channel Company. Responses from 3,000 solution providers across North America were evaluated in this year’s survey, rating 82 vendor partners across four criteria: product innovation, support, partnership, and…

Source…

Annual Ransomware Detection Count expected to be the highest this year, WatchGuard Threat Lab report reveals / Digital Information World

/in


As per the WatchGuard Threat Lab’s most-recent quarterly Internet Security Report, the number of Ransomware detected in Q1 2022 was double that of the number recorded across the entire 2021.

Additionally, the study reveals that EMEA still happens to be a safe spot for malware risks. It was also found out that WatchGuard Fireboxes in EMEA were impacted more than those in America and Asia-Pacific.

The chief security officer at WatchGuard, Corey Nachreiner stated that 2022 is on its way to becoming the year with the most annual ransomware detections. He advised companies to opt for a “true unified security approach” that is advanced enough to tackle the evolving attacks.

The research also included some other intriguing revelations such as:

#1 Log4Shell makes its presence felt

The public first got to hear about Log4Shell right before the end of 2021. Fast forward to this quarter, it has already popped up on the top 10 network attack list. Furthermore, WatchGuard’s last report emphasized on Log4Shell as the top security event. It attained a full-on 10.0 on CVSS, making it an extremely critical vulnerability, thanks to the fact that it’s commonly used in Java applications.

#2 Emotet is here to stay

Ever since making a comeback in Q4 2021, Emotet has gone on to secure three slots in the top 10 detections and top widespread malware. The threats related to it are Trojan.Vita, Trojan.Valyria, and MSIL.Mesna.4. Threat Lab suggests that Emotet downloads and installs the file after retrieving it from a malware delivery server.

#3 PowerShell scripts contribute to rising endpoint attacks

The findings for Q1 2022 show a year-over-year increase of 38% in endpoint detections. Almost nine out of every 10 such detections (88% to be precise) were thanks to scripts. Digging deep into the scripts led to the discovery that 99.6% of these were PowerShell ones. This indicates that cybercriminals have been putting extra focus on utilizing credible tools for executing fileless and LotL attacks.

#4 Unauthentic activity coupled with authentic crypto mining operations

Popular mining pool, Nanopool became a hot topic of the study in question. Nanopool domains are perceived as credible domains linked…

Source…