Tag: deep | Page 2

Gigamon Announces Deep Observability Integration with Amazon Security Lake | National Business

June 8, 2023/in Internet Security

SANTA CLARA, Calif.–(BUSINESS WIRE)–Jun 8, 2023–

Gigamon, the leading deep observability company, today announced that its Deep Observability Pipeline now efficiently delivers network-derived application metadata intelligence (AMI) into Amazon Security Lake from Amazon Web Services (AWS). Amazon Security Lake automatically centralizes an organization’s security data from across their AWS environments, leading SaaS providers, on-premises environments, and cloud sources into a purpose-built data lake, so customers can act on security data faster and simplify security data management across hybrid and multicloud environments. This integration provides organizations the ability to access and analyze data-in-motion across hybrid cloud infrastructure to more efficiently and effectively secure and manage workloads, applications, and data.

The integration of network-derived intelligence with Amazon Security Lake supports important use cases for organizations seeking both completeness and efficiency across their security tools stack. With Amazon Security Lake, Gigamon can provide:

Security analytics based on actual data communications to completely and correctly identify any usage of vulnerable protocols, deprecated ciphers, and expired certificates
Forensics that compare what applications actually did with what logs report
A richer and deeper data set on which to base new AI-driven security analytics via tools like NDR or XDR

Gigamon uniquely leverages deep packet inspection (DPI) to extract more than 7,500 application-related metadata attributes derived from network packets. With Amazon Security Lake integration, users can centralize and gain deep observability into security data across their entire organization. The new integration helps organizations to:

Efficiently deliver AWS traffic to multiple security tools without installing individual agents for each tool
Contain excessive tool and transit costs by filtering unnecessary traffic and deduplicating redundant traffic
Generate NetFlow for SIEMs and raw packets for NPMs and packet sniffer tools

Gigamon is also a launch…

Source…

Live Webinar | Europe's State of Ransomware 2023: MSP Protection Deep Dive

June 4, 2023/in Internet Security

The latest statistics indicate that ransomware remains the top concern for MSPs in 2023. As ransomware attacks continue to evolve and disrupt businesses, MSPs must stay ahead of the curve with the …

Source…

An AI and deep learning-based malware detection system for the Industrial Internet of Things

November 22, 2022/in Computer Security

Details: Published: Tuesday, 22 November 2022 10:23

The Industrial Internet of Things, or IIoT, has recently gained popularity. Powered by wireless 5G connectivity and artificial intelligence (AI), IIoT holds the ability to analyze critical problems and provide solutions that can improve the operational performance of industries ranging from manufacturing to healthcare.

IoT is highly user-centric — it connects TVs, voice assistants, refrigerators, etc. — whereas IIoT deals with enhancing the health, safety, or efficiency of larger systems, bridging hardware with software, and carrying out data analysis to provide real-time insights.

However, while IIoT does have many advantages, it also comes with its share of vulnerabilities such as security threats in the form of attacks trying to disturb the network or siphoning resources. As IIoT is getting more popular in industries, it is becoming crucial to develop an efficient system to handle such security concerns. So, a team of multinational researchers led by Prof. Gwanggil Jeon from Incheon National University stepped up to this challenge.

They took a deep dive into the world of 5G-enabled IIoT to explore its threats and come up with a novel solution to the problem. In a recent review published online in IEEE Transactions on Industrial Informatics, the team presented an AI- and deep learning-based malware detection system for 5G-assisted IIoT systems.

Prof. Jeon explains the rationale behind the study: “Security threats can often lead to operation or deployment failure in IIoT systems, which can create high-risk situations. So, we decided to investigate and compare available research, find out the gaps, and propose a new design for a security system that can not only detect malware attacks in IIoT systems, but also classify them.”

The system developed by the team uses a method called grayscale image visualization with a deep learning network for analyzing the malware, and further applies a multi-level convolutional neural network (CNN) architecture to categorize the malware attack into different types. The team also integrated this security system with 5G, which allows for low latency and high throughput sharing of…

Source…

Hackers maintained deep access inside military organization’s network, U.S. officials reveal

October 4, 2022/in Internet Security

Written by Suzanne Smalley
Oct 4, 2022 | CYBERSCOOP

U.S. cybersecurity, law enforcement and intelligence officials revealed on Tuesday that sophisticated hackers infiltrated a likely U.S. military contractor and maintained “persistent, long-term” access to their system.

The National Security Agency, the Cybersecurity and Infrastructure Security Agency and the FBI released a detailed, joint advisory containing the notification, explaining that in November 2021 CISA responded to a report of malicious activity on an anonymous “Defense Industrial Base (DIB) Sector organization’s enterprise network.”

CISA uncovered a likely compromise, and said that some of the intruders had “long-term access to the environment.” After breaking in, officials said, hackers leveraged an open-source toolkit known as Impacket to “programmatically” construct and manipulate network protocols.

Impacket is a collection of Python libraries that “plug into applications like vulnerability scanners, allowing them to work with Windows network protocols,” Katie Nickels, director of threat intelligence at Red Canary, said via email. Hackers favor Impacket because it helps them retrieve credentials, issue commands and deliver malware onto systems, she said.

The digital intruders in this case also used a custom data exfiltration tool, CovalentStealer, to steal sensitive data and exploited a Microsoft Exchange vulnerability on the defense organization’s server to gain access remotely, officials said. From there, the hackers used the compromised company accounts to further infiltrate the targeted organization.

Nickels said hackers could have gained access by exploiting vulnerabilities in Exchange, but there is “no evidence to support this right now, nor is there evidence that adversaries knew about the ProxyNotShell,” a reference to a new Exchange Server zero-day vulnerability.

There have been a number of Exchange vulnerabilities reported over a span of years, Nickels said. Given how difficult it can be to patch on-premise Exchange servers, she said, many of these vulnerabilities go unfixed, and become vectors for attack.

The…

Source…

Tag Archive for: deep