Tag Archive for: Vendor

IronNet named a “Vendor Who Shaped the Year” for second time by IDC

/in


IDC released its Worldwide Cybersecurity AIRO and Tier 2 SOC Analytics Market Shares, 2020. The Seeds That Become Cloud-Native XDR, which highlights the growth of the $12.8B advanced cybersecurity market that include Network Intelligence and Threat Analytics, mobile device management and the emerging cloud-native extended detection and response (XDR) category. For the second time in less than twelve months, IronNet was highlighted as a Vendor Who Shaped the Year for our ability detect threats using AI-based behavioral analysis and our ability to generate attack intelligence through IronNet’s unique real-time Collective Defense capability. 

With cyber attacks like SUNBURST, Colonial Pipeline, and Kaseya making headlines, it is clear that network defenses continue to play an important role in any organization’s cybersecurity controls. The ability to identify suspicious activity using advanced and scalable behavioral analytics on network traffic, and the ability to automatically acquire contextual data and prioritize detected anomalies using industry leading response playbooks based on risk to the organization through the use of an Expert System, is critical for modernizing cyber defense against supply chain threats, ransomware attacks, and other high impact cyber attacks. 

Equally important is the ability to share attack intelligence in near real-time across a community of peers in a Collective Defense formation. The ability to share threat insights across a supply chain, business ecosystems, region, or nation against the numerous threat groups (e.g., such as Russian cyber attack groups) allows enterprises to scale cyber defenses to meet these targeted threats.

“The IronNet differentiator is its Collective Defense platform that consists of its IronDefense network detection and response and its unique IronDome threat sharing solution that facilitates a crowdsource-like environment, in which IronDefense threat detections from individual companies are shared anonymously and in real time among members of a secured Collective Defense community … IronNet addresses the scarcity of security professionals, closing the talent gap with AI-based behavioral analytics that…

Source…

City of Trenton Stops Sophisticated Vendor Phishing Scam in Its Tracks

/in


Trenton to Launch Updated Cyber Security Training for Employees

Trenton, N.J. – Mayor W. Reed Gusciora announced today that the City of Trenton will launch updated cybersecurity employee training over the next few weeks after the City successfully stopped a sophisticated phishing scheme that used fake email addresses and URLs to closely mimic official city accounts.

“We’ve heard of an uptick in fraudulent calls and emails against our residents throughout the pandemic,” said Mayor Gusciora. “Looks like City Hall is also a target, and this is just one of several cyber-attacks we’ve had to fend off over the last year. As such, we’re launching updated training modules for City employees to ensure those attacks continue to be unsuccessful in the future.”

The scam, which started targeting Trenton’s Request for Quote (RFQ) process in February, was uncovered by the City’s IT Department, under the direction of CTO Joseph Rivera.

Cyber criminals posing as the City Business Administrator – complete with phony emails and phone numbers – sent fraudulent RFQs to vendors for potentially millions in stolen goods. The CTO was able to track down that a spoof Website was created called “tren0nNJ.org” with an email [email protected] on NameCheap.com.

After notifying vendors of the situation, the City reached out to the U.S. Secret Service Trenton Office, which worked with the City of Trenton IT and Law departments to convince NameCheap.com that fraud had occurred. After a cease-and-desist letter was issued from the City, NameCheap took the appropriate steps to shut down the URL and all affiliated emails. To date, efforts to prevent damage from the scam have been successful, and no losses have been incurred by the City.

Following the scam, the City of Trenton updated its training protocols regarding cybersecurity and will launch an online training module for all employees in the coming weeks.

This event follows another attempted cyberattack in the Spring of 2020, in which a hacker diverted upwards of $982,000 in funds from the City of Trenton in relation to Brit Global Insurance Company. Trenton’s IT Department worked with the company as part of an extensive…

Source…

No vehicle inspections in Mass. through Sunday due to malware attack on vendor

/in


The Registry of Motor Vehicles said there will be no vehicle inspections Friday and through the rest of the weekend in Massachusetts due to a problem with a vendor that was attacked by digital malware, officials said.

The agency confirmed the troubling news via Twitter on Thursday night.

“Due to a production issue with our vendor Applus Technologies, inspection stations will be unable to inspect vehicles Friday, 4/2, through Sunday, 4/4. Please visit http://mavehiclecheck.com for more information,” the RMV tweeted. The agency also said that it had notified law enforcement, and asked for their cooperation in using their discretion to not cite those with an expired sticker who may have visited a station this week. The problem first arose on Wednesday.

Earlier Thursday, the agency had tweeted a similar message.

“The RMV has been notified by our vehicle inspection vendor (Applus Technologies) of a Vendor production issue that will prevent vehicles from being inspected on Thursday, 4/1,” the RMV tweeted. “The vendor has confirmed that this is a nationwide system issue that they are working to resolve.”

A virtual trip to the website early Friday morning showed users another message about the issue.

“Applus Technologies, Inc. detected and stopped a malware attack which has temporarily interrupted the process of conducting vehicle inspections in Massachusetts and other locations,” the website said. “The restoration involves resetting Applus Technologies’ IT environment and will take some time to fully restore the safety and emissions stations to testing capabilities. We know our customers and vehicle owners rely on our technology and we are committed to restoring normal operations as soon as possible. We apologize for any inconvenience this may cause.”

The 60-day retest requirement, the site said,will be extended during this time. Massachusetts Vehicle Check Customer Service (1-844-358-0135 or [email protected]) will be kept up-to-date on the current Program status and available to assist with questions. Information will be provided on this website when stations are able to begin testing again.”

In a statement issued Thursday afternoon around 2:40 p.m.,…

Source…

Home Health Firm Reports 2nd Cloud Vendor Incident

/in


Breach Notification
,
Fraud Management & Cybercrime
,
Incident & Breach Response

Latest Attack Affected 753,000 Patients, Employees

Marianne Kolbasuk McGee (HealthInfoSec) •
March 29, 2021    

Ransomware: Home Health Firm Reports 2nd Cloud Vendor Incident

A home healthcare company says a data breach affecting more than 753,000 patients, employees and former workers stems from a ransomware attack on its private cloud hosted by managed service providers. The company reported a similar incident 15 months ago.

See Also: Live Webinar | Mitigating the Risks Associated with Remote Work

Lake Success, New York-based Personal Touch Holding Corp., which operates about 30 Personal Touch Home Care subsidiaries in about a dozen states, says it discovered on Jan. 27 that “it experienced a cybersecurity attack on the private cloud hosted by its managed service providers.”

The notification statement does not name the vendors involved.

A breach notification report filed with the Maine attorney general’s office notes that the incident involved ransomware and affected 753,107 individuals, including 93 residents of that state.

PTHC declined to provide additional information about the incident to Information Security Media Group.

In January 2020, PTHC submitted 16 breach reports on behalf of its subsidiaries in six states to the Department of Health and Human Services. Those involved a ransomware attack on Wyomissing, Pennsylvania-based Crossroads Technologies, which hosted the home healthcare provider’s cloud-based electronic health records (see: Ransomware Attack on EHR Vendor Impacts Home Health Chain).

Patient, Employee Data…

Source…