Category: Insider Security

HackNotice launched phishing capabilities to empower users

Posted on by Infosecurity News

HackNotice has launched continuous phishing functionality to assist firms to achieve cybersecurity compliance by educating staff about phishing and social engineering attacks. HackNotice’s phishing assists individuals in understanding and recognizing the many forms of attacks that threat actors can use. Writing, sending, and reviewing phishing campaigns may be a time-consuming procedure for the security team, especially when pricey phishing platforms leave a lot to be desired. 

Steve Thomas, CEO of HackNotice commented, “Social engineering attacks are rampant, and this is after the fact that security awareness training and phish testing are mandatory programs people must enroll in at work. However, the problem is that these programs are compliance-focused instead of people-focused. 

Our new phishing capability not only helps companies get to compliance, but it also opens up the conversation about phishing and helps people to understand how phishing is tied to overall threat awareness.” 

HackNotice’s phishing can be implemented with the click of a mouse, enabling people to identify phishing emails and determine what measures to do if they receive them. While HackNotice currently assists employees in identifying dangerous conduct, increasing security awareness, and monitoring, measuring, and managing employee progress, the latest component assists businesses in developing a comprehensive strategy to battle cyber threats

Phishing is covered in the current service for clients who use HackNotice to defend their firm. The new feature includes dynamic phishing emails and landing sites, open and clicks tracking, and more dashboards and analytics to help you evaluate how your staff is progressing. 

Insight Enterprises expanded its Managed XDR

Posted on by admin

Insight Enterprises announced the expansion of its managed security service with new extended detection and response (XDR) capabilities to help enterprises modernize and strengthen their security posture without adding overhead for internal IT teams. 

Stephen Moss, senior vice president of managed services at Insight stated, “There’s no doubt that finding the right skills in security — like many other technology disciplines — is incredibly difficult today. Our clients are seeing a dramatic decrease in security fatigue and burnout through the automation that this service provides — building correlations in the background eliminates manual interventions and transforms reaction time drastically. Our clients are consuming a service that’s outcome-based while leaning on a full-spectrum security provider they can trust. This not only spans managed service but consulting and project services for an end-to-end experience.” 

The Insight Managed XDR service is part of managed IT services offered by Insight that simplify asset management, quicken issue resolution, cut down on operational costs, and free up in-house IT staff to concentrate on strategic initiatives. This allows CISOs and CIOs to source all their technology requirements from a single partner and extends Insight’s security architecture and overall IT modernization services. 

By giving 24/7 visibility into the entire IT environment and covering the entire digital estate, including endpoints, cloud, and data center infrastructure. Insight Managed XDR both lowers risk and streamlines security management by removing simple fixes for every attack surface. Utilizing analytics powered by AI and machine learning to identify threats and reducing the months-long process of discovering a security breach attempt to hours or even minutes. Providing automated orchestration and built-in orchestration for quick incident response and remediation. 

DartPoints launched an enhanced MDR product

Posted on by Infosecurity News

DartPoints launched an updated managed detection and response (MDR) product. The product combines MDR, endpoint detection and response (EDR), extended detection and response (XDR), and security orchestration, automation, and response (SOAR) into one complete solution with support and monitoring by DartPoints experts. 

Brad Alexander, CTO for DartPoints “Executives and security leaders know they need a multi-layered cybersecurity strategy that combines MDR, EDR, SOAR, and XDR solutions, but increasingly, they don’t have the in-house resources to make that happen. Plus, with the hundreds of tools and providers on the market, analysis paralysis sets in. We are proud to help our clients by bringing these best-in-class security vendors and technologies together into one comprehensive, airtight solution.” 

The prevalence of ransomware and other cybersecurity incidents makes it more important than ever to have a solution that can quickly identify threats across endpoints, networks, clouds, and SaaS applications. 

The enhanced MDR offering from DartPoints addresses a number of flaws in traditional antivirus and security solutions, including the exorbitantly high number of alerts and false positives. The solution is designed for high-risk, compliance-sensitive verticals like finance, government, manufacturing, education, and healthcare. It offers advanced threat detection, continuous threat hunting, 24-hour monitoring, and investigations. 

The improved product will be especially helpful to organizations with compliance, standard, or framework requirements, those looking to purchase or renew cyber insurance, and those without their own security operations center. 

An average of 270 cyberattacks per company are expected in 2021, up 31% from the year before, according to a global survey of nearly 4,800 executives, as detailed in Accenture’s State of Cybersecurity Resilience 2021 report. Ransomware attacks, meanwhile, nearly doubled in 2021. According to IBM’s most recent Cost of a Data Breach Report, in 2022 the average cost of a data breach will reach a record high of $4.35 million. 

NETSCOUT and Palo Alto Networks to provide end-to-end visibility

Posted on by Infosecurity News

NETSCOUT SYSTEMS has integrated Omnis Cyber Intelligence (OCI), the central console for its network detection and response solution, with Palo Alto Networks Panorama management platform to centrally manage all form factors of Palo Alto Networks market-leading MLPowered Next-Generation Firewalls. 

Tom Raimondi, chief marketing officer, NETSCOUT commented, “By integrating the actionable, packet-based, and highly scalable, end-to-end visibility technology of NETSCOUT OCI with the powerful threat response of Palo Alto Networks Panorama, we’re helping our joint customers reduce their security risks through better intelligence, efficiency, and speed. Our customers benefit from our measures to proactively improve their security posture.” 

This integration will give enterprise security operation teams end-to-end, scale-based visibility of packets, which is crucial for quickly and consistently blocking threats. 

Joint customers can also more easily resolve their network and security issues thanks to this partnership. Threat detection is streamlined, response times are sped up, and manual tasks are decreased through the integration of NETSCOUT OCI and Palo Alto Networks Panorama. 

NETSCOUT OCI provides visibility into network traffic and identifies Indicators of Compromise (IoCs) early in the attack lifecycle or retrospectively through investigation of packets and layer 2-7 metadata by leveraging Omnis CyberStream scalable deep packet inspection (DPI) and patented Adaptive Service Intelligence (ASI) technology. 

This data is sent to Palo Alto Networks Panorama, a platform for network security management that provides features for policy creation and centralized management so that Palo Alto Networks firewalls can be provisioned centrally and can react quickly to security incidents. 

HelpSystems acquires Outflank to help address dangerous IT vulnerabilities

Posted on by admin

HelpSystems acquired Outflank, an Amsterdam-based team of professionals who collaborates with financial institutions, multinational corporations, and other organizations that demand the highest level of security by using ethical hacking techniques that closely resemble those used by cybercriminals in the real world. 

To assist clients in assessing and preventing risk from various perspectives, the company has joined the HelpSystems Offensive Security portfolio of solutions for vulnerability management, penetration testing, and red teaming/adversary simulation. 

Kate Bolseth, CEO, HelpSystems commented, “This is an incredibly fast-moving and exciting space, and we’re thrilled to welcome the Outflank experts to the HelpSystems family. Offensive security tactics like adversary simulation are an essential part of a well-rounded cybersecurity strategy, particularly for organizations operating in complex, sensitive IT environments. Our customers can rest assured that we’re able to support them with an unparalleled combination of targeted software and expert-led services.” 

In the form of red teaming operations, advanced security assessments are sought after by many organizations, but few possess the internal resources to successfully complete this crucial task. 

Some members of the red team create their own tools or search for specialized open-source solutions before starting an engagement. 

In order to help rigorously vetted organizations, assess their defenses in light of the current high-stakes security environment, Outflank offers consulting, training, and a SaaS-based software toolkit. In fact, the company created its Outflank Security Tooling solution to collaborate with Cobalt Strike from HelpSystems for a powerful adversary simulation strategy. 

Outflank team stated, “Our team is passionate about offensive security and proud of our critical role as a red teaming leader in the cybersecurity industry. We excel at supporting, challenging, and training security teams to identify and correct gaps in their defenses through advanced adversary simulations. With our SaaS solution for red teams, we offer an extremely powerful toolset to our customers so they can execute sophisticated attack scenarios themselves. As part of HelpSystems, we can expand our market reach and support more security teams, while continuing to apply stringent controls over the access to our powerful toolset and staying mindful of how our solution is used.”

VerSprite adopts Stellar Cyber’s Open XDR Platform!

Posted on by admin

VerSprite, an Atlanta-based cybersecurity threat management consultant and service provider, and Stellar Cyber, the creator of Open XDR, announced that VerSprite has adopted Stellar Cyber’s Open XDR platform as the foundation of its managed security service offering. For each client in a variety of vertical industries, including healthcare, fintech, information services, and retail, VerSprite develops unique, contextual threat models. Since the Stellar Cyber platform has built-in multitenancy, connects with any EDR, and includes configurable playbooks that recognize and address each client’s security risks, it is perfect for VerSprite’s managed security service. 

Stephan Tallent, vice president for global service providers at Stellar Cyber said, “Each end customer’s environment is different, and it’s critical to understand the context and shape of evolving threats. VerSprite has a unique perspective on the threat landscape, and our Open XDR platform enables them to implement their vision in the SOC.” 

The Process for Attack Simulation and Threat Analysis (PASTA) methodology, which underpins VerSprite’s threat modelling procedure, was co-developed by Uceda Velez. Organizations as diverse as Microsoft and Carnegie Mellon University have endorsed PASTA. 

Tony UcedaVélez, CEO of VerSprite said, “The reason our clients come to us is that we provide an understanding of everything in their security environment, and we build an organizational threat model that’s contextual to their specific business. We looked at several different SOC platforms that could implement a secure environment based on our threat modeling, and Stellar Cyber’s platform stood head and shoulders above the rest.” 

Dynatrace Expanded Its Application Security Module

Posted on by admin

Dynatrace has announced the expansion of its Application Security Module to detect and protect against vulnerabilities in runtime environments such as the Node.js runtime, .NET CLR, and Java Virtual Machine (JVM).  

Dynatrace now also supports Go-based applications, with these enhancements, the Dynatrace platform now provides visibility and vulnerability analytics across the entire application stack, including custom code, open-source and third-party libraries, language runtimes, container runtimes, and container orchestrators. 

Steve Tack, SVP of Product Management at Dynatrace commented, “The number of entry points attackers use to target applications continues to expand. Vulnerabilities can creep into applications from any part of the software supply chain, including open-source or third-party components and application runtimes.” 

Dynatrace not only identifies vulnerabilities across these layers but also analyzes them to provide actionable and precise answers. This enables development and security teams to better assess risk, prioritize and remediate threats, and innovate faster and with greater security.  

“Traditional approaches can’t accurately surface vulnerabilities at runtime or analyze their potential exploitability and impact. Dynatrace is the only solution that provides runtime vulnerability analysis across the entire application stack and AI-assisted prioritization for the most popular cloud-native application technologies, now including Golang. With these capabilities, DevSecOps teams can focus on remediating the most impactful vulnerabilities. This helps them innovate faster, with the confidence that all layers of their applications are vulnerability-free.”, Tack continued. 

Language runtimes are an important component of the application stack because they ensure that apps can run on any platform without being rewritten or recompiled. Dynatrace delivers application vulnerability analysis in pre-production and production environments by extending its Application Security Module to support runtimes in the adopted programming languages. 

Luca Domenella, Head of Cloud Operations and DevOps at Soldo stated, “We have a proud heritage as a cloud-native business that harnesses agile delivery practices, the latest technology, and a state-of-the-art, secure development lifecycle to bring continuous innovation to our customers. Dynatrace Application Security helps to make this possible by giving us comprehensive visibility and analytics across all layers of our complex application ecosystem, ensuring no vulnerability escapes our secure DevOps lifecycle. In addition, it helps us instantly understand the risk and potential impact of zero-day vulnerabilities, such as Log4Shell, and automatically prioritizes the steps required to resolve them. This saves our teams from wasting weeks triaging alerts and enables them to resolve new vulnerabilities in just days or less, so they can stay focused on innovating.” 

Fastly Announces Partnership with HUMAN

Posted on by admin

Fastly, an American cloud computing services provider, recently collaborated with HUMAN, a leading cybersecurity company, to protect customers against fraud and account abuse. This partnership is also aimed at offering bot protection and reducing cyber-attacks.

Fastly is a global programmable edge cloud that enables clients to address issues using the tools of their choice. It offers first- and third-party products in security, edge computing, network services, and observability. Fastly’s WAF offers a solution with a variety of deployment choices, flexibility, and tooling interfaces. Following its integration with HUMAN, customers will have access to all the advantages of Fastly’s WAF combined with HUMAN’s bot cleanup and prevention features.

Lakshmi Sharma, Chief Product and Strategy Officer at Fastly, said, “In response to the rapid growth of bot-based cyberattacks, it was imperative for Fastly to offer our customers a world-class bot detection solution to complement our Signal Sciences-powered Next-Gen WAF. HUMAN will not only help safeguard Fastly customers from bot attacks and fraud, but also help increase ROI while decreasing data contamination and cybersecurity exposure. Together with HUMAN, we’re helping our valued customers protect what matters most: their users and their assets.”

Automated online attacks, commonly referred to as “bot attacks,” can seriously harm a company’s financial line and ruin digital experiences. Today, bots are responsible for three out of every four online attacks, including account theft, money fraud, content manipulation, etc. Bad bots make up at least 25% of all internet traffic, consuming resources and overwhelming companies. In order to deal with this threat, HUMAN uses defense to confirm the humanity of over 15 trillion interactions per week for some of the biggest businesses and online platforms.

Tamer Hassan, Co-Founder and CEO at HUMAN, said, “We look forward to deploying our modern defenses – including internet observability, collective protection, and actionable threat intelligence – to complement Fastly’s sophisticated security suite, resulting in fully protected customers.”

AU10TIX Adds Expanded Capabilities to its Fraud Intelligence Platform

Posted on by admin

AU10TIX, a leading identity intelligence provider, expanded its fraud intelligence platform, INSTINCT, to enhance fraud mitigation defense.

INSTINCT offers protection against fraud including swarm attacks, deep fakes, and synthetic identities by employing traffic-level intelligence gathered from a global consortium of neural network partners. The expanded capabilities will now help INSTINCT to layer over AU10TIX’s core verification engine for a 2-in-1 defense or coexist with an organization’s native identity verification solution. In addition to this, the software will now provide risk management and mitigation as well.

Nir Stern, VP Product, AU10TIX, said, “More than just ‘a world first’, INSTINCT is the only fraud intelligence platform of its kind. You can get automated fraud intelligence at scale with an emphasis on privacy protection to defend your business. We are proud to upgrade it based on feedback from our customers and take fraud prevention to the next level.”

Since the beginning of 2022, AU10TIX has shielded businesses from fraud-related damages totalling $2 billion. This year, synthetic fraud detection has been boosted by over 200 percent by INSTINCT. In addition, compared to the preceding six months, the platform showed a 110 percent rise in all detected potential fraud. In the most recent quarter, face recognition was recognized as the best kind of link-analysis method to detect fraud.

Powered by data signals from leading global businesses, INSTINCT’s expanded fraud-mitigation capabilities include the following:AU10TIX now offers more easy and simple integration in addition to other existing identity verification solutions delivered by AU10TIX or any other vendor in the market.

  • AU10TIX now excels in recognizing and proactively allocating identity reputation scoring for “trusted users” to legitimate clients and lawfully participating partner services.
  • It now offers both manual and automatic triggers, such as text queries (name, phone, or other personal information) or ID document scanning.
  • It has the capacity to detect and eliminate fraud risks that are already present in a system of a company, even after front-line defenses have been breached.

Read More : Threat Intelligence – Everything You Need To Know

AI Shield from AB Handshake Identifies Voice Fraud Attacks

Posted on by admin

An AI-based FMS called AI Shield was introduced by AB Handshake. It blocks speech fraud attempts on all incoming and outgoing traffic on an operator’s network in real-time. Fraud has long been a concern for the telecom sector. There hasn’t been a comprehensive answer, even if traditional fraud management systems (FMS) have been able to halt some fraud attacks.

The $39.9 billion lost to telcos globally each year—a number that keeps increasing—sums up the impact of fraud. With a particular emphasis on robocalls, the FCC is actively engaged in the battle against worldwide telecom fraud. In its newest offering, AI Shield, AB Handshake has integrated machine learning and Big Data technology to lessen this threat. This technology achieves a new benchmark of 97% accuracy in identifying and stopping all significant voice fraud types.

AI Shield Capabilities-

AI & ML– detects early on well-covert attacks and patterns of telecom fraud.

Real-time monitoring: identifies and warns of impending threats or prevents them.

200+ parameters make up a complex system that reduces all major fraud types.

Instant Benefits of AI Shield

  • Money and time savior as it stops fraud in real-time.
  • Engine of AI Shield has been trained on large volumes of wholesale and retail voice traffic and renders the greatest level of fraud detection accuracy on the market. 
  • More revenue generation occurs by averting service denial. The in-built IVR module notifies you when calling high-risk number ranges.
  • A user-friendly interface enabled with instant flexibility, allowing customization for blocking, alerting, and reports.

AI Shield is a one-stop voice fraud protection system that offers incredible cost reductions right away by thwarting fraudulent calls and halting revenue loss. In comparison to other FMSs, it offers organizations far higher telecom fraud protection at a lesser cost with practically seamless integration into a company’s current network’s default settings.