Security breaches

AppGuard Parent Company, Blue Planet-Works, Establishes a Distribution Agreement with Mori Trust Co., Ltd., One of Japan's Leading Real Estate Development, Hotel Management, and Investment Businesses

Retrieved on: 
Tuesday, May 25, 2021
Cybercrime, Computer security, Data security, Cyberwarfare, Security breaches, Endpoint security, Malware

"Government agencies and major Japanese companies have reported serious damage, including the suspension of operations and the leakage of confidential customer data.

Key Points: 
  • "Government agencies and major Japanese companies have reported serious damage, including the suspension of operations and the leakage of confidential customer data.
  • AppGuard prevents endpoint infringement, protecting against known and unknown attacks, keeping systems and data secure."
  • In 2017, the Blue Planet-works Group acquired the AppGuard business, including its patented technology and intellectual property.
  • Unlike detection-based endpoint security solutions, AppGuard outsmarts malicious actors to ensure businesses can do what they need to do, and malware can't do what it wants to.

Canopy Secures First Patent for AI-Powered Data Breach Response

Retrieved on: 
Tuesday, May 25, 2021
Security breaches, Data security, Data breach, Secure communication, Breach, Security, Articles, Privacy law

RESTON, Va., May 25, 2021 (GLOBE NEWSWIRE) -- Canopy Software, Inc., the leader in data breach response software, today announced the allowance of its first U.S. patent application titled Systems and Methods for Identifying Compliance-Related Information Associated with Data Breach Events.

Key Points: 
  • RESTON, Va., May 25, 2021 (GLOBE NEWSWIRE) -- Canopy Software, Inc., the leader in data breach response software, today announced the allowance of its first U.S. patent application titled Systems and Methods for Identifying Compliance-Related Information Associated with Data Breach Events.
  • It harnesses the full power of AI and machine learning to accelerate data processing, data assessment, and entity management in the growing area of data breach response.
  • Canopy makes the worlds leading data breach response software, providing fast, accurate, and secure analysis of compromised data.
  • Connect with one of our Foresters today at [email protected] or visit www.canopyco.io to learn more about our data breach response solution.

Global Data Exfiltration Market (2021 to 2026) - Growth, Trends, COVID-19 Impact, and Forecasts - ResearchAndMarkets.com

Retrieved on: 
Wednesday, May 19, 2021
Technology, Security, Data security, Computing, Computer security, Security breaches, Secure communication, Computer network security, Cryptography, Equifax, Data exfiltration, Data breach

b"Most of the SMEs focus on preventing threats from entering the network than on detecting and stopping the data from being infiltrated and generally opt to practices, such as purchasing more security products and investment in employee security training.\nFor instance, Security training by Barracuda Network Called Barracuda PhishLine trains employees to understand the latest trend security attacks, subtle clues, prevent email fraud, data loss through continuous stimulation.\nAlso, employees at SMEs due to lack of security training are prone to human and procedural failures, such as failing to maintain security certifications, which evidently makes it easier for data exfiltration to occur.

Key Points: 
  • b"Most of the SMEs focus on preventing threats from entering the network than on detecting and stopping the data from being infiltrated and generally opt to practices, such as purchasing more security products and investment in employee security training.\nFor instance, Security training by Barracuda Network Called Barracuda PhishLine trains employees to understand the latest trend security attacks, subtle clues, prevent email fraud, data loss through continuous stimulation.\nAlso, employees at SMEs due to lack of security training are prone to human and procedural failures, such as failing to maintain security certifications, which evidently makes it easier for data exfiltration to occur.
  • For instance, the Investigation report on Equifax by the United States Senate state that Equifax's negligence of cybersecurity and human errors caused it to suffer a devastating data breach.\nAdditionally, as organizations around the world are addressing the scourge of COVID-19 pandemic since the announcement of lockdown, companies mitigated the spread of the coronavirus by allowing employees to work remotely, but cybercriminals could potentially take advantage of the situation by perpetrating new attacks tied to health care and financial efforts.\nIt has been reported by various media outlets that cyber attackers are mimicking communications from major health organizations, such as WHO, CDC, and government bodies including Medicare, SSA, and IRS and attacking organization by means of phishing attacks, vishing campaigns to indulge fear and gain access to sensitive data.\nAccording to the report, Grand Theft Data published by McAfee suggest that organizations in Asia-Pacific reported the average highest number of breaches with more than 10% of Asia-Pacific companies accounting 20 breaches.\nThe study also states that data exfiltration due to insider thefts accounted for 50% data loss at the organization in Asia-Pacific compared to less than 40% in the United Kingdom and 41% in North America.\nThe organizations in the region experiencing data loss across a wide range of formats, content, and methods ranging from documents to databases reported 90% of them were the case of exfiltration of data, which evidently elevates the growth of the market.\nAlso, over recent years, countries in the region have been working on the expansion of broadband infrastructure so as to build a stronger ICT industry by embracing and deploying cloud infrastructure and cloud computing that hold potential liability for data exfiltration, thereby fostering the market growth.
  • For instance, according to the World Bank Study on Interoperability Readiness and Demand Assessment of government agencies showcased that government agencies in countries, such as the Philippines, prefer to deploy public services through cloud offerings.\n"

Corelight Introduces Command And Control Collection For Targeted Insights And Detections

Retrieved on: 
Tuesday, May 18, 2021
Computer security, Cybercrime, Computing, Cyberwarfare, Computer network security, Malware, Security breaches, Zeek, Network security, Core Security Technologies, Vectra AI

"The ability to identify hidden command and control communication gives our customers the signals they need to disrupt the lifecycle of determined attackers.

Key Points: 
  • "The ability to identify hidden command and control communication gives our customers the signals they need to disrupt the lifecycle of determined attackers.
  • With Corelight\'s data and detections, customers can quickly track down malware and attack tools in their networks, remediate them, and then verify that their systems are no longer compromised.
  • The collection contains numerous packages developed by the Corelight Labs team focused on behavioral and statistical detection techniques.
  • Based in San Francisco, Corelight is an open-core security company founded by the creators of Zeek, the widely-used network security technology.

UpGuard Announces Theme for May Summit 2021: Third-Party Risk

Retrieved on: 
Thursday, May 13, 2021
Data security, Security, Articles, Cyberwarfare, Computer network security, Security breaches, UpGuard, Computer security, Security convergence, Data breach

b"SYDNEY, May 13, 2021 /PRNewswire-PRWeb/ -- UpGuard, the third-party risk and attack surface management platform, is hosting UpGuard Summit, a quarterly virtual summit designed to explore the future of security, on Wed, May 19, 9:00 AM (AEST).

Key Points: 
  • b"SYDNEY, May 13, 2021 /PRNewswire-PRWeb/ -- UpGuard, the third-party risk and attack surface management platform, is hosting UpGuard Summit, a quarterly virtual summit designed to explore the future of security, on Wed, May 19, 9:00 AM (AEST).
  • This event will focus on the pervasive problem of third party vendor risk, and will arm attendees with new strategies to attack this challenge in their organization.\nOver 60% of data breaches are caused by third parties, and more third party breaches are being discovered than ever before.
  • The discipline of third-party risk management (or TPRM) has evolved to help manage this evolving threat surface.
  • Register here: https://summit.upguard.com/events/details/upguard-events-presents-upguar...\nUpGuard is a cybersecurity platform that helps global organizations prevent data breaches, monitor third-party vendors, and improve their security posture.

Zscaler Ransomware Report Reveals Sophisticated Double Extortion Attacks are Targeting Essential Industries Causing Significant Business Disruption

Crime, Security breaches, Ransomware, Encryption, Extortion, Security

b'Over the last year, ThreatLabz has identified seven \xe2\x80\x9cfamilies\xe2\x80\x9d of ransomware that were encountered more often than others.

Key Points: 
  • b'Over the last year, ThreatLabz has identified seven \xe2\x80\x9cfamilies\xe2\x80\x9d of ransomware that were encountered more often than others.
  • The top three industries Maze targeted were high-tech (11.9%) manufacturing (10.7%), and services (9.6%).
  • Conti uses the Windows restart manager API before encrypting files, allowing it to encrypt more files as part of its double-extortion approach.
  • Victims that won\xe2\x80\x99t or are unable to pay the ransom have their data regularly published on the Conti data leak website.

Farsight Security Contributes to Verizon Business 2021 Data Breach Investigations Report

Retrieved on: 
Thursday, May 13, 2021
Data security, Telecommunications, Computing, Security breaches, Cyberwarfare, Data breach, Secure communication, Computer security, Verizon Communications

b"SAN MATEO, Calif., May 13, 2021 (GLOBE NEWSWIRE) -- Farsight Security, a leading provider of DNS Intelligence, today announced that the company contributed to The Verizon Business 2021 Data Breach Investigations Report (2021 DBIR), the highly-anticipated annual industry report that examines data breaches around the globe.

Key Points: 
  • b"SAN MATEO, Calif., May 13, 2021 (GLOBE NEWSWIRE) -- Farsight Security, a leading provider of DNS Intelligence, today announced that the company contributed to The Verizon Business 2021 Data Breach Investigations Report (2021 DBIR), the highly-anticipated annual industry report that examines data breaches around the globe.
  • This year, the 2021 DBIR analyzed 29,207 quality security incidents, across 12 industries, of which 5,258 were confirmed breaches \xe2\x80\x93 a significant increase on the 3,950 breaches analyzed in last year\xe2\x80\x99s report.\n\xe2\x80\x9cThe 2021 DBIR sets the gold-standard in data breach investigations.
  • Farsight Security is proud to contribute our historical passive DNS data to help the DBIR team gain greater visibility and actionable insights into the cyberthreats facing organizations today.
  • When the security community works together, we all benefit so we greatly appreciate their contribution,\xe2\x80\x9d said Gabriel Bassett, Lead Data Scientist of the Verizon Business DBIR.\nPhishing remains a rising threat.

April 2021’s Most Wanted Malware: Dridex Remains in Top Position Amidst Global Surge in Ransomware Attacks

Retrieved on: 
Thursday, May 13, 2021
Cybercrime, Crime, Security breaches, Identity theft, Security, Malware, Social engineering, Phishing, QuickBooks, Keystroke logging, Dridex, Security hacker

The phishing emails used QuickBooks\xe2\x80\x99s branding and were trying to lure the user with fake payment notifications and invoices.

Key Points: 
  • The phishing emails used QuickBooks\xe2\x80\x99s branding and were trying to lure the user with fake payment notifications and invoices.
  • Increasingly, these hackers are using double extortion methods, where they will steal sensitive data from an organization and threaten to release it publicly unless a payment is made.
  • AgentTesla is an advanced RAT (remote access Trojan) that has been active since 2014 and functions as a keylogger and password stealer.
  • Dridex contacts a remote server, sends information about the infected system and can also download and execute arbitrary modules on command.

Cybercrime thrives during pandemic: Verizon 2021 Data Breach Investigations Report

Retrieved on: 
Thursday, May 13, 2021
Security breaches, Ransomware, Financial services

For example, in Financial and Insurance industries, 83 percent of data compromised in breaches was personal data, whilst in Professional, Scientific and Technical services only 49 percent was personal.

Key Points: 
  • For example, in Financial and Insurance industries, 83 percent of data compromised in breaches was personal data, whilst in Professional, Scientific and Technical services only 49 percent was personal.
  • Further highlights include:\nFinancial and Insurance \xe2\x80\x93 Misdelivery represented 55 percent of Financial sector errors.
  • The Financial sector frequently faces credential and Ransomware attacks from External actors.\nHealthcare - Basic human error continues to beset this industry as it has for the past several years.
  • Headquartered in New York City and with a presence around the world, Verizon generated revenues of $128.3 billion in 2020.

Actiphy Announces New Webinar Series

Retrieved on: 
Wednesday, May 12, 2021
Software, Technology, Other Technology, Data management, Security breaches, Computing, Cybercrime, Ransomware, Security, Data management, Technology, Malware, Backup

b'Actiphy, Inc. publisher of disk imaging backup and disaster recovery solutions announces a free webinar series that begins with an introduction to our flagship product, ActiveImage Protector, and how this backup and recovery solution can safeguard your system and data against the threat of ransomware.\nThe decentralized workforce elevates security risks making corporate data more vulnerable to theft, malware, and ransomware.

Key Points: 
  • b'Actiphy, Inc. publisher of disk imaging backup and disaster recovery solutions announces a free webinar series that begins with an introduction to our flagship product, ActiveImage Protector, and how this backup and recovery solution can safeguard your system and data against the threat of ransomware.\nThe decentralized workforce elevates security risks making corporate data more vulnerable to theft, malware, and ransomware.
  • Maintaining backups is more important than ever.
  • In this free webinar series we will walk you through the aspects of how ActiveImage Protector can and will solidify your backup plan by not just safeguarding your data, but maintaining the integrity of your data.\nIn this, our first in the series, we will define Actiphy\xe2\x80\x99s role in providing peace of mind when it comes to protecting your data against unnatural disasters like ransomware.\nThe subsequent free webinars will be more technical in nature and geared towards the IT-centric crowd.\nFuture webinars are in the works to cover topics such as:\n'