Tag Archive for: Identify

Menlo Security Launches Free Security Assessment Toolkit to Help Companies Identify Highly Evasive Adaptive Threats (HEAT) Fueling Ransomware & Data and Credential Theft

/in


MOUNTAIN VIEW, Calif.–()–Menlo Security, a leader in cloud security, today announced that it has released the HEAT Security Assessment Toolkit designed to provide organizations with the ability to assess their levels of protection and current exposure to Highly Evasive Adaptive Threats (HEAT). Since July 2021, Menlo Security has seen a 224% increase in HEAT attacks. These attacks allow threat actors to deliver malicious content, including ransomware, to the endpoint by adapting to the targeted environment. The HEAT Security Assessment Toolkit includes a HEAT Check test and a HEAT Analyzer that runs on the Splunk Platform. The HEAT Check enables customers to run a light penetration test to identify if they are susceptible to HEAT attacks. The Menlo Security HEAT Analyzer App for Splunk provides organizations with visibility around HEAT attacks that their network may have been exposed to over the past 30 days.

What is a HEAT Attack?

Highly Evasive Adaptive Threats (HEAT) are a class of cyber threats targeting web browsers as the attack vector and employs techniques to evade multiple layers of detection in current security stacks including firewalls, Secure Web Gateways, sandbox analysis, URL Reputation, and phishing detection. HEAT attacks are used as the initial access point to deliver malware or to compromise credentials, which in many cases leads to ransomware attacks.

Ransomware, data and credential theft and other malware are on the rise. Couple this with the Log4J vulnerability, the Lazarus and Conti groups increased attacks targeting web browsers and the result is security teams worldwide facing a nearly non-stop barrage of incidents,” said John Grady, Senior Analyst, ESG. “Tools such as the HEAT Security Assessment can help ensure companies are aware of potential attacks before they have a chance to happen.”

HEAT Security Assessment Toolkit

The HEAT Security Assessment Toolkit provides a lightweight penetration and exposure assessment to help an organization better understand their susceptibility to HEAT attacks.

HEAT attacks are defined by the techniques that adversaries are increasingly using to evade detection by traditional…

Source…

CrowdStrike Introduces CrowdStrike Asset Graph to Help Organizations Proactively Identify and Eliminate Blind Spots

/in


AUSTIN, Texas and RSA Conference 2022, SAN FRANCISCO – June 6, 2022 – CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today introduced CrowdStrike Asset Graph, a new graph database powered by the CrowdStrike Security Cloud that provides IT and security leaders with a 360-degree view into all assets (both managed and unmanaged) alongside unprecedented visibility into their attack surface across devices, users, accounts, applications, cloud workloads, operational technology (OT) and more to simplify IT operations and stop breaches.

As organizations accelerate their digital transformation, they are expanding their attack surface exponentially. This has dramatically increased their risk exposure to adversaries who are discovering and exploiting these soft targets and vulnerabilities faster than IT and security teams can discover them. Visibility is one of the foundational principles of cybersecurity because you cannot secure and defend the assets you don’t know exist. This, in turn, creates a race between adversaries and companies’ IT and security teams to find these blind spots. According to a 2022 report from Enterprise Strategy Group (ESG), “69% of organizations have experienced a cyberattack in which the attack itself started through the exploit of an unknown, unmanaged, or poorly managed internet-facing asset.”

CrowdStrike Asset Graph solves this problem by dynamically monitoring and tracking the complex interactions between assets, providing a single holistic view of the risks those assets pose. While other solutions simply provide a list of assets without context, Asset Graph provides graphic visualizations of the relationships between all assets such as devices, users, accounts, applications, cloud workloads and OT, along with the rich context necessary for proper security hygiene and proactive security posture management to reduce risk in their organizations.

“Digital transformation has led to an equal and pronounced acceleration of security transformation in the modern enterprise. For companies furthest along on this journey, IT operations and security teams – once distinct silos – are…

Source…

nscs: India’s security coordinator kicks off new project to identify privacy, security issues in mobile phones, apps

/in


The government’s National Security Council Secretariat (NSCS) has kicked off a project to identify privacy and security issues in the mobile ecosystem in India and prevent cyber frauds due to application and device vulnerabilities and unsafe user habits.

Under the project, called ‘Indian Citizens Assistance for Mobile Privacy & Security (I-CAMPS)’, the NCSC will create a technology platform with a mobile application and desktop site to support Indian citizens and help them mitigate the vulnerabilities in their mobile handsets due to certain operating system versions, pre-installed apps or any other app available in app stores.

For this, the NSCS is collaborating with the ministries of information technology and communications, finance and home affairs, besides several government departments.

The Internet and Mobile Association of India (IAMAI) has been tasked with execution of the project by closely working with these departments along with the Indian internet industry and the security community.

India’s National Cyber Security coordinator Lt General (retd) Rajesh Pant told ET that the project has “just started and will take some time”.

The NCSC has sent letters to some ministries and is planning to reach out to some more shortly.

The project’s aim is to build an integrated system which can collate all mobile security related information and provide customised and actionable knowledge to citizens to secure their mobile devices.

The mobile ecosystem is vast and includes devices, manufacturers, mobile phone operators, OS companies, app providers as well as government departments dealing with mobile management, security and governance. While each plays an important role, they are disconnected with each other due to the nature of their objectives. Hence, I-CAMPS was conceptualised to form a single organisation allowing all stakeholders’ involvement.

“Work has started on multiple levels. The base framework is being developed for now. There will be a central database in the middle and the information will be available as an API,” Satyendra Verma, head of I-CAMPs and advisor — Cybersecurity & Mobile security at IAMAI, told ET. “In case users want specific…

Source…

How API attacks work, and how to identify and prevent them

/in


In early May, fitness company Peloton announced that it had exposed customer account data on the internet. Anyone could access users’ account data from Peloton’s servers, even if the users set their account profiles as private. The cause: a faulty API that permitted unauthenticated requests.

Application programming interfaces (APIs) allow for easy machine-to-machine communication.  API use has seen explosive growth lately. According to Akamai, API communications now account for more than 83% of all internet traffic.

They’re also the cause of a lot of security issues. In addition to Peloton, other companies in the news recently for API-related cybersecurity problems include Equifax, Instagram, Facebook, Amazon and Paypal.

API use and attacks growing

According to a report released in February by Salt Security, 91% of companies had security problems last year related to APIs. Most common were vulnerabilities, with 54% of respondents, authentication issues at 46%, bots at 20%, and denial of service (DoS) at 19%.

Source…