Connect with us

New cybersecurity solutions of the week: October 21, 2021

Published

on

A brief overview of the main innovations on the security solutions market this week.

ReliaQuest has added two new features to its XDR GreyMatter platform to improve the efficiency of enterprise cybersecurity operations. For example, the platform now allows security teams to measure, test, and report the success of their programs. Information security experts can also see the specific steps that should be taken to put this knowledge into practice to improve the security of their organization, taking into account the latest threats and weaknesses in their unique environment.

Datto has released the Datto SaaS Defense SaaS security solution for Microsoft 365. The data-agnostic solution enables Managed Services Providers (MSPs) to protect their customers from malware (including ransomware) attacks, BEC attacks, and phishing attacks that target on Microsoft Exchange, OneDrive, SharePoint and Teams. The technology detects unknown threats that other security solutions miss by analyzing the contents of an email, chat or document instead of scanning for known security threats.

Aqua Security has released Cloud Native Application Protection Platform (CNDR). The platform fully protects the entire stack, in any cloud, on virtual machines, in containers and without servers. The solution scans artifacts for vulnerabilities, malware, secrets, and other threats during development and pipelining. Aqua Security CNDR allows you to set flexible dynamic policies to manage deployments in runtime environments.

American telecommunications conglomerate AT&T has released a managed platform for advanced detection and response (XDR) to security threats called AT&T Managed XDR. The platform provides autonomous endpoint protection through rapid threat detection, response, and recovery. AT&T Managed XDR combines cloud security platform, cyber threat analytics, machine learning, and third-party connectors to protect endpoints, network and cloud assets with automated and managed malware attack prevention, threat detection and response.

ReliaQuest has added two new features to its XDR GreyMatter platform to improve the efficiency of enterprise cybersecurity operations. For example, the platform now allows security teams to measure, test, and report the success of their programs. Information security experts can also see the specific steps that should be taken to put this knowledge into practice to improve the security of their organization, taking into account the latest threats and weaknesses in their unique environment.

Datto has released the Datto SaaS Defense SaaS security solution for Microsoft 365. The data-agnostic solution enables Managed Services Providers (MSPs) to protect their customers from malware (including ransomware) attacks, BEC attacks, and phishing attacks that target on Microsoft Exchange, OneDrive, SharePoint and Teams. The technology detects unknown threats that other security solutions miss by analyzing the contents of an email, chat or document instead of scanning for known security threats.

Aqua Security has released Cloud Native Application Protection Platform (CNDR). The platform fully protects the entire stack, in any cloud, on virtual machines, in containers and without servers. The solution scans artifacts for vulnerabilities, malware, secrets, and other threats during development and pipelining. Aqua Security CNDR allows you to set flexible dynamic policies to manage deployments in runtime environments.

American telecommunications conglomerate AT&T has released a managed platform for advanced detection and response (XDR) to security threats called AT&T Managed XDR. The platform provides autonomous endpoint protection through rapid threat detection, response, and recovery. AT&T Managed XDR combines cloud security platform, cyber threat analytics, machine learning, and third-party connectors to protect endpoints, network and cloud assets with automated and managed malware attack prevention, threat detection and response.

Huntress introduced Managed Antivirus (Managed AV), a managed antivirus solution that leverages the built-in Microsoft Defender antivirus solution in Windows. With multitenancy support, the Huntress Managed AV dashboard allows you to centrally manage detections and events, track scans and protections, set exceptions, and take corrective actions for all protected endpoints.

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Security

Hacker hacked "smart" dog feeder and spied on the mistress

Published

on

The owner of the smart dog feeder had been using this device for many years and had no problem until she heard a man’s voice coming from the feeder.

An unknown man broke into a smart dog feeder equipped with a camera, gained access to the camera and spied on the owner of one of the animals. Reported by Nine.com.au.

Smart pet feeders are popular around the world. They provide feeding of pets remotely, at the command given by a person via the Internet. In addition, many devices are equipped with webcams and speakers. With their help, the owner of the animal can admire his pet from anywhere in the world and even say a few affectionate words to him.

Australian resident Angela Cuniberti has become a victim of her love for modern devices. An unknown intruder managed to connect to the camera of her dog’s smart feeder.

One day a woman was passing by the trough and she heard a man’s voice say “Hello, beauty!” Angela was very frightened, as she thought that a stranger had got into the house. Moreover, her dog began to get very nervous and bark.

“I saw that a red light was on and I thought it was strange,” she said. The woman suspected that she was being spied on.

When Cuniberty decided to take a closer look at the camera, she heard a man’s laugh.

Angela consulted a feeder manufacturer. The company’s specialists checked the product and found out that someone had hacked into the home Wi-Fi network and gained access to the camera. This was very strange, since not long before that the woman had changed the password and was sure of its reliability.

It is unknown how long the attacker watched the girl. Now the police are looking for the hacker, and the woman has replaced the feeder with a webcam with an ordinary dog ​​bowl.

Continue Reading

Security

Experts talk about 17 frameworks for attacks on physically isolated systems

Published

on

For 15 years, 17 frameworks have been discovered that are used by APT groups in attacks on SCADA systems and ICS.

In the first half of 2020 alone, four different malicious frameworks were discovered designed to attack physically isolated networks, and the total number of these tools, paving the way for cyber-espionage and theft of classified information, reached 17 in 15 years.

“All frameworks are designed for some form of espionage, and all frameworks use USB sticks as a physical means of transferring data to and from targeted physically isolated networks.” told ESET researchers Alexis Dorais-Joncas and Facundo Muñoz in a new study.

Since physical isolation is one of the most common ways to protect SCADA systems and process control systems, government-funded APT groups are increasingly looking at critical infrastructure in the hope of injecting malware into physically isolated networks to monitor targets of interest.

According to ESET experts, frameworks are mainly designed to attack computers running Windows. At least 75% of frameworks use malicious LNK or AutoRun files on USB drives, either to initially compromise physically isolated systems or to move laterally on physically isolated networks.

Experts managed to associate some frameworks with well-known APT groupings:

Retro – DarkHotel (aka APT-C-06 or Dubnium);

Ramsay – DarkHotel;

USBStealer – APT28 (aka Fancy Bear, Sednit or Sofacy);

USBFerry – Tropic Trooper (aka APT23 or Pirate Panda);

Fanny – Equation Group;

USBCulprit – Goblin Panda (aka Hellsing or Cycldek);

PlugX – Mustang Panda;

Agent.BTZ – Turla Group.

“Each framework works differently, but they all have one thing in common – they all, without exception, use malicious USB drives. The main difference between connected and offline frameworks is how the flash drive itself has been modified, ”the researchers said.

Connected frameworks work by deploying a malicious component to a connected system that monitors the plugging of new USB drives and automatically places the malicious code needed to compromise a physically isolated system. In the case of offline frameworks like Brutal Kangaroo, EZCheese, and ProjectSauron, attackers must infect their own USB drives with malware to carry out an attack.

As a precautionary measure, organizations with critical information systems are advised to block e-mail access on connected systems, disable USB ports, “disinfect” USB drives, restrict the execution of files on removable drives, and regularly examine isolated systems for signs of suspicious activity.

Continue Reading

Security

Simple vulnerability in smart contract software allows hacker to steal $ 31 million worth of digital currency

Published

on

An accounting error in MonoX Finance’s software allowed an attacker to raise the price of the MONO token.

Blockchain startup MonoX Finance has fallen victim to cyberattacks , during which a hacker stole $ 31 million. The cybercriminal took advantage of a vulnerability in the software that the platform uses to draft smart contracts.

The company uses the MonoX decentralized financial protocol, allowing users to trade digital currency tokens without the specific requirements of traditional exchanges. An accounting error in the company’s software allowed an attacker to raise the price of the MONO token and then use it to cash out all other deposited tokens.

The cyber attack used the same token as in tokenIn and tokenOut, which are methods of exchanging the value of one token for another. MonoX updates prices after each swap, calculating new prices for both tokens. When the swap is complete, the price of tokenIn (the token sent by the user) decreases and the price of tokenOut (the token received by the user) increases.

By using the same token for both tokenIn and tokenOut, the hacker increased the price of the MONO token significantly because the tokenOut update overwritten the tokenIn price update. The hacker then exchanged the token for $ 31 million worth of tokens on the Ethereum and Polygon blockchains. MonoX Finance management attempted to contact the attacker by sending a message via a transaction on the ETH mainnet. Recall that in October of this year, an unknown attacker hacked the Discord server of the Creature Toadz NFT project and tricked community members into sending him money. In total, the hacker managed to lure out more than 88 ETH from the victims (over $ 340 thousand at the exchange rate at the time of the crime). It is noteworthy that the hacker later returned all the money.

Continue Reading

Most Popular