Tag: Platform | Page 3

Tag Archive for: Platform

“Augmented usage of ransomware as a service platform, a SaaS model for eCrime”

March 10, 2023/in Internet Security

CrowdStrike Inc., a global cybersecurity leader, recently released the 2022 CrowdStrike Global Threat Report. According to the annual Global Threat Report, the threat landscape saw a number of significant shifts and trends.

From a significant increase in interactive intrusions to the proliferation of access brokers on the dark web, and the re-weaponization of vulnerabilities, the report paints a picture of a threat landscape that is becoming increasingly sophisticated and difficult to defend against and an area of grave worry.

Adam Meyers, Head of Intelligence at CrowdStrike delved into an insightful interaction with Minu Sirsalewala Executive Editor – Special Projects, Dataquest about the trends and what they mean for organizations going forward. Meyers has over 20 years of experience in the cybersecurity industry and is an expert in cyber threat intelligence and investigations.

Meyers speaks about the most significant findings in the report and offers some practical advice on improving response times, to more strategic considerations for developing a comprehensive cybersecurity strategy, he offers valuable insights for organizations looking to stay ahead of the curve and secure their digital assets.

How have the last 12 months been like, and what do you envision the next 12 months?

To start with, I think the biggest story or the biggest concern that people should have is the trend towards data exploitation. We have seen threat actors from the eCrime world, nation, and state threat actors and hacktivists, all weaponizing data against their victims, and that’s the most concerning area and we have pointed out in the report that 28% of ransomware actors are no longer even bothering to do ransomware. They are moving surely to data extortion, and this is significant, because they are able to expand their target set, and they are able to get more money from the victim. As with data extortion, they can actually make more money, because the fundamental model of ransomware is to cause downtime, and that downtime can be measured in financial dollars and cents. But it is not about downtime, it’s about the legal, regulatory and compliance impact of the data…

Source…

Malwarebytes Expands Platform With New Application Block Capabilities

February 22, 2023/in Mobile Security

SANTA CLARA, Calif., Feb. 21, 2023 /PRNewswire/ — Malwarebytes™, a global leader in real-time cyberprotection, today announced the addition of Malwarebytes Application Block to its Nebula and OneView endpoint protection platforms. The new threat prevention module helps resource-strained security teams quickly guard against unsafe third-party Windows applications, meet key compliance requirements and encourage productivity without adding management complexity.

Third-party apps pose a serious security threat to businesses with limited IT resources and expertise. Vulnerabilities in Android applications have led to more than one million malicious application downloads, with researchers frequently uncovering malware-ridden applications on Google Play. Since 63% of workers use unauthorized applications, businesses of all sizes can be vulnerable to phishing schemes or exploitation – two of the four leading ways attackers gain access to a company’s network.1

For the over 1.4 billion monthly active Windows 10 or Windows 11 devices2, Application Block allows IT admins to blacklist or restrict access to outdated, untrusted, or unsafe applications with known vulnerabilities or that lack the latest patches. IT security teams can use Application Block’s dashboard to understand what applications are being blocked in real-time, as well as its reporting features to meet key compliance requirements and navigate increasing data protection regulations.

“Third-party applications are essential to productivity, but they also greatly expand organizations’ attack surfaces,” said Malwarebytes Chief Product Officer, Mark Strassman. “Malwarebytes Application Block can be near-instantly deployed, helping resource-strapped organizations to effectively manage secure access to third-party apps and add another protective layer without added complexity.”

Malwarebytes Application Block is immediately available for Windows endpoints within the Malwarebytes Nebula and OneView platforms to help organizations:

Improve Application Security – Stop the execution of vulnerable applications so that companies can test and apply updates or block the vulnerable application until a patch is available.

Encourage…

Source…

https://spinsafe.com/wp-content/uploads/2021/12/og-image.jpg 342 342 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-02-22 06:00:092023-02-22 06:00:09Malwarebytes Expands Platform With New Application Block Capabilities

Kaspersky launches XDR platform to combat growing ransomware threats in Southeast Asia

February 20, 2023/in Internet Security

Kaspersky has responded to the increased risk of targeted ransomware attacks on businesses in SEA by introducing the Kaspersky Extended Detection and Response (XDR) platform.

Kaspersky’s latest data indicates that Lockbit, a targeted ransomware group, attacked 115 businesses in SEA.

Digital kidnappers are targeting enterprises in Southeast Asia (SEA), and global cybersecurity company Kaspersky predicts that this trend will continue in the coming years, albeit in more sophisticated and targeted ways. Ransomware, a type of malware that locks computer and mobile devices or encrypts electronic files, is used by cybercriminals to demand a ransom in exchange for a decryption key or the return of data.

Ransomware has evolved as a threat since the first known attack in 1989; and since 2016, attackers have shifted from targeting users to larger enterprises. High-impact incidents, such as the WannaCry ransomware attack, have caused estimated damages of up to US$4 billion. Ransomware groups continue to target enterprises worldwide, including those in SEA, due to the high return on investment.

Kaspersky warns about the advancements in ransomware

Kaspersky is taking proactive steps to combat the escalating danger of targeted ransomware attacks on businesses in Southeast Asia. Its latest move is the introduction of the Kaspersky Extended Detection and Response (XDR) platform, which offers comprehensive protection against such attacks through its multi-layered defense mechanisms. Kaspersky reports that there has been a significant increase of almost 181% in daily ransomware attacks worldwide in the last year, resulting in approximately 9,500 encrypted files per day.

The attackers behind these attacks constantly improve their tactics and tools to demand higher ransoms and create a greater reputational impact. In 2020, Kaspersky warned of the rise of Ransomware 2.0, which employs highly targeted attacks and “pressure tactics” to achieve these goals.

Targeted ransomware groups have emerged as a new form of extortion in the past two years, using tactics such as reselling hacked data or files, conducting DDoS attacks, and launching targeted phishing campaigns. This tactic has been dubbed Ransomware…

Source…

https://spinsafe.com/wp-content/uploads/2023/02/shutterstock_643434676-scaled.jpg 1709 2560 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-02-20 20:00:042023-02-20 20:00:04Kaspersky launches XDR platform to combat growing ransomware threats in Southeast Asia

Microsoft applies coat of Rust to Azure Sphere IoT platform • The Register

January 13, 2023/in Internet Security

Developers can now use the Rust programming language when creating applications on Azure Sphere platform for internet-connected devices.

Programmers can apply the performance and security capabilities within Rust to make software for Internet of Things devices and other embedded systems that can be the target of botnets and other malware.

Want to try a null-pointer dereference? Not gonna happen! For embedded systems this is a lifeline…

“Rust and Azure Sphere are a good match – a programming language that can improve safety of code with strict compile time safety checks alongside Azure Sphere’s secure identity, update, and end-to-end encrypted communication services for internet-connected devices should provide greater security to the customer applications,” Akshatha Udayashankar, an embedded software engineer at Microsoft, wrote in a blog post this week.

The move by Microsoft – which previewed the idea in June 2022 – comes the same week Google said it will support third-party Rust libraries in its open-source Chronium project. Like Microsoft, Google touted the security features in the programming language.

As our sister site DevClass wrote at the time, the attraction is not just safety. “Other factors include a greater likelihood of correctness, as a side-effect of safety guarantees, and more reliable concurrency. Rust’s ‘rich type system’ assists in writing expressive code.”

Azure Sphere already includes built-in security features for internet-connected devices and comprises hardware built atop chips from MediaTek and a Linux-based operating system. In addition, it includes the cloud-based Azure Sphere Security Services (AS3) that creates a secure connection between the devices and the internet or cloud.

AS3 ensures a secure boot, device identity authentication, the trust of the software, and certification the devices are running trusted code. It also enables Microsoft to securely download updates to…

Source…

https://spinsafe.com/wp-content/uploads/2023/01/rust.jpg 625 1000 SecureTech https://spinsafe.com/wp-content/uploads/2024/01/SS-Logo.svg SecureTech2023-01-13 20:00:072023-01-13 20:00:07Microsoft applies coat of Rust to Azure Sphere IoT platform • The Register