Vectra AIは日本の独立系ITコンサルティング・調査会社、株式会社アイ・ティ・アールが2024年6月に発行した、市場調査レポート「ITR Market View:情報漏洩対策市場2024」のNDR市場で、国内NDR市場シェアが35.7%(2023年度予測)となりました。
Vectra AIは本日、Vectra AI Platformの拡張を発表しました。
Vectra AIは国内最大級のオンライン展示会「ITトレンド EXPO 2024 Summer」2024年9月18日(水)~20日(金)に出展します。
~フィッシング・アズ・ア・サービスとAIがフィッシング攻撃者の技術開発をけん引する中、Vectra AIのAI駆動型ソリューションでフィッシング検知・対応、防御~
Vectra AI創業の背景:他社に先駆けセキュリティ領域にAI技術の搭載を決意
Vectra AIプラットフォームの機能拡張により、生成 AIツールの急速な普及により増加しているサイバー脅威から企業を保護する機能を提供します。さらにCrowdStrike のFalcon(R) 次世代 SIEMとの機能統合による、ハイブリッド検知防御機能を強化します。Vectra AIは、これらの機能強化によって日本企業のセキュリティ保護の強化を支援します。
Vectra AIはハッカーグループ「Scattered Spider」の攻撃が頻発している中、同グループのランサムウェア活動による被害が顕在化した2022年から独自に研究分析し、このたび防御方法を発表しました。
Vectra AI創業の背景や国内市場に対する思いを紹介しています。
サイバー脅威検知機能の導入による迅速な検出が効果的な防御を可能に! ヒント満載の電子書籍の提供開始
Vectra AIは、ロシアの対外諜報機関とつながりがある「Midnight Blizzard(ミッドナイトブリザード)」による米国大手IT企業に対する巧妙なサイバー攻撃の2024年1月に報道を受け、セキュリティ専門家や担当者が同様の攻撃から企業のデータやシステムを防御するために知っておくべき8つのポイントを発表しました。
時間領域データと機械学習を駆使し、攻撃者の振る舞いをキャッチすることで迅速な防御を可能に
主要なセキュリティ技術とVectra AIのプラットフォームを統合することで企業のサイバーセキュリティレベルを向上
アイデンティティ攻撃を経験しても効果的な防御手段を持たない企業へAI主導の高性能検知・対応ツールを提供
静岡県西部に事業展開する「遠鉄グループ」Vectra AIのNDRを採用 社会インフラとしての運輸事業、消費者の生活を豊かにするサービス事業を支える企業ネットワークの正確な可視化、的確な運用・管理によりサイバー脅威への万全な対応を目指す。
MFAのセキュリティ機能の限界を知り、情報漏洩リスクを回避するために必要な仕組みと考え方
Vectra AIのAI主導型ネットワーク検知・対応(NDR)ソリューションにより、金融、公共、製造業を中心に日本企業のデータ管理を脅かす高度化するサイバー攻撃に迅速かつ正確に対応
遅延の回避、セキュリティチームの人材の最大活用、組織全体のセキュリティ強化、そして暴露型攻撃の低減を実現する、画期的なソリューション
~Vectra AI PlatformをAWS向けに高度化を実現~ ~攻撃カバレッジの拡張、シグナルの明瞭化、制御の高性能化・拡張により、ハイブリッド攻撃のスピードと規模に対応したSOCチームを支援機能強化~
Vectra AI Platformは、セキュリティ・オペレーション・センター(SOC)に統合されたシグナルを提供し、速度とスケールの両面でハイブリッド型攻撃に対する拡張型検知対応(XDR)を実現
SOCアナリストの90%が現在の脅威検知ツールは効果的と回答した一方。97%が関連するセキュリティイベントを見逃すことを恐れていると報告。
セキュリティ特化型AIにより、マルウェアや不正アクセスといった攻撃の特徴的なパターンである「シグネチャ」を検知、サイバー脅威の調査や発見をより効率的に実現
Dubbed as disparate furtive spiders by the FBI, the Scattered Spider threat group is testing cybersecurity vigilance to the limits
Scattered Spider, a notorious cybercriminal group, continues to weave its intricate web to ensnare IT teams across Australia and New Zealand as it infiltrates company networks and tools through unsuspecting victims
Cybersecurity is no longer a challenge exclusive to large corporations. SMEs are increasingly becoming targets for cyberattacks. With the digital landscape evolving rapidly, it’s essential for SMEs to prioritize robust cybersecurity measures.
Understanding the rise in attacks, the role of AI, and securing critical systems for global events
Here are some reminders to CISOs about the major threats involved with the global event, and how to protect your workplace
As AI Appreciation Day approaches on 16 July, the significance of artificial intelligence (AI) in today's business landscape is becoming increasingly evident.
GenAI models can be highly effective tools in proactive security defence programmes. However, on the flip side, they can also be used against an enterprise’s cyber defence in ways that we cannot afford to ignore.
Make no mistake, the ongoing impact of GenAI is continuing to reshape the cybersecurity landscape, yet again.
Nasdaq sits down for exclusive interviews with industry leaders, cybersecurity experts, and innovative thinkers during RSA Conference Week in San Francisco to discover the latest trends shaping the future of cybersecurity.
The financial services sector is currently witnessing increased deployment of Generative Artificial Intelligence-enabled tools like Microsoft Copilot which are reimagining existing business models in the name of innovation. Unfortunately, this has directly contributed to an alarming spike in cyberattack frequency, severity and diversity.
Modern organisations are increasingly deploying generative artificial intelligence (GenAI)-enabled tools like Microsoft Copilot to reimagine their business models, all in the name of innovation. Unfortunately, this has contributed to the alarming spike in the frequency, severity and diversity of cyber attacks, writes Chris Fisher, regional director for ANZ at Vectra AI.
In this episode of the Cyber Uncut podcast, Chris Fisher, regional director of ANZ at Vectra AI, joins host Liam Garman to unpack how generative artificial intelligence (AI) tools are creating new exploits for malicious actors and how cyber professionals can best prepare for these emerging threats.
Security investments and mindset shift must go hand in hand. In Singapore, the Cyber Security Agency (CSA) has initiated the Cybersecurity Talent, Innovation & Growth (Cyber TIG) Plan, injecting SG$50 million to strengthen the nation’s cybersecurity sector. This includes programmes like CyberBoost. However, implementing these enhanced security measures can be daunting for many organisations, especially given the current shortage of security talent in the region.
As we navigate the rapidly changing digital landscape, the escalation of complex cyber risks is becoming a pressing issue for those in business leadership roles. Striking a balance between the pursuit of innovation and expansion, and the rising necessity for cybersecurity is a dilemma that many are wrestling with.
As we look forward and think about new and innovative ways to tighten security, what remains clear is that a cross-border and multi-stakeholder approach is needed to successfully protect organizations against the increased sophistication of cybercrime in today’s AI-empowered world.
Today’s columnist, Brian Neuhaus of Vectra AI, writes how the healthcare sector has to take a more proactive stance on security following the recent ransomware attack on UnitedHealth’s Change Healthcare.
“AI is advancing at such a pace that there is absolutely a need for a senior AI role within organizations,” said Hitesh Sheth, CEO of cybersecurity company Vectra AI.
From vendors offering SASE platforms to those focused on protecting IoT and connected devices, here’s a look at 20 key network security companies.
New offering removes latency, maximizes security team talent, and reduces exposure while improving security posture across organizations.
UK government and NCSC launch proposed code of practice on cyber security governance to help directors and business leaders toughen their defences
This past summer, the Securities and Exchange Commission adopted new rules that require companies to disclose material cybersecurity incidents and, “disclose on an annual basis material information regarding their cybersecurity risk management, strategy and governance.”
The UK government has published a new Code of Practice on cybersecurity governance, targeting directors and other senior business leaders.
How are Australian entities to meet the threat of potential significant business damage from cyber attacks and maintain their digital productivity? Much hype has surrounded the arrival of AI in the popular consciousness - many alarmist and outlandish claims have been made. Of one thing we can be certain – AI will be mercilessly deployed by the cyber attacker and enterprises that do not adopt a concerted and technologically advanced defence as propositioned by Vectra AI could well be overwhelmed.
GUEST INTERVIEW; It costs the CBA, according to Elizabeth Knight of the Sydney Morning Herald, approximately A$1.4 billion dollars per annum to maintain its branch and ATM network, primarily to handle cash. Around 15 per cent of point-of-sale transactions are now cash according to CEO Matt Comyn.
Surveys show a majority of Americans are increasingly cautious about the growing role of AI in their lives
SC Media UK asked leading cyber security experts what they are bracing for in 2024.
New federal rules will require public companies to disclose cybersecurity incidents as well as material risks from threats. Experts say the rules could be tricky to navigate and leave openings for exploitation by threat actors.
Analysts are sharing their cybersecurity trends and predictions for 2024. From zero-day attacks to generative AI security and increased regulations, is your organization ready?
In our annual Leaders in Technology series, we ask the experts what the year ahead holds. Today we talk security with Vectra AI's Chris Fisher.
The Cybersecurity and Infrastructure Security Agency (CISA) – in partnership with the United Kingdom’s National Cyber Security Centre (NCSC) – has released guidelines to help AI developers make informed cybersecurity decisions.
Oliver Tavakoli of Vectra AI discusses the applicable uses of AI (neural networks + Gen AI) in cybersecurity.
GUEST OPINION: While evolving cloud technologies offer businesses enhanced opportunities across many areas of operations, the added security risks of hybrid infrastructure are leaving security teams struggling with increased alert fatigue, which could heighten the chance of a breach.
Woj explores the escalating challenges faced by Security Operations Centre (SOC) teams in combating sophisticated cyber threats.
Tithirat Siripattanalert, Group CISO and CDO, True Digital Group commented: “Organizations in Thailand have been bearing the brunt of cyberattacks...
Before the situation escalates further, security leaders must drill down on what security teams genuinely need...
The retail sector has made headlines due to many high-profile (and costly) data breaches. What can retailers do to stay clear of the front pages?
Microsoft'ss new Azure Active Directory Cross-Tenant Synchronization (CTS) feature, introduced in June 2023, has created a new potential attack surface that might allow threat actors to more easily spread laterally to other Azure tenants.
A new proof of concept shows that attackers can use Azure AD CTS to leap to Microsoft and non-Microsoft application across tenants.
<p id="">Vectra AI has released a new research report identifying that 97 percent of analysts are worried they will miss security events, with 71 percent admitting their organization may have been compromised and they don't know about it yet.
A report from cybersecurity experts Vectra AI surveying more than 2,000 IT security analysts found that nearly all (97%) are worried they'll miss important security events, while 71% admitted to possibly being compromised, but not knowing.
Recent Salesforce research shows 52 percent of consumers expect their offers to be personalized. To create these tailored offerings and drive a seamless customer experience, retailers gather vast amounts of personally identifiable information (PII) -- from addresses to purchasing history and payment information. This makes them an irresistible -- and relatively low risk -- target for cybercriminals.
With the popularity of cloud-native applications and solutions on the rise, ransomware is also becoming an unfortunate reality for businesses in every industry.
[...] Rob Rosiello, SVP at <strong id="">Vectra AI,</strong> singles out the ransomware threat as the key takeaway from this year's report. "This year's DBIR should act as a stark reminder that organisations cannot afford to fall into the trap of ransomware fatigue, as attacks become more frequent and costly," he tells <em id="">Assured Intelligence</em>. [...]
Unsustainable pressures are being placed on cyber leaders and professionals' mental health because of a combination of factors, such as the growing attack surface, increasing cybersecurity and data regulations and the on-going skills shortage.
Kevin Kennedy, SVP Products, explains how Vectra AI provides enterprises with real-time attack signal intelligence using the power of its 'North Star'
After conferring with security heads from far and wide over the past few months, Vectra EMEA CTO, Steve Cottrell shares some of the best pieces of advice given.
Disneyland Anaheim's Instagram and Facebook accounts were hacked. Vectra CTO for SaaS Protect, Aaron Turner explains why organizations should look to manage the risks of corporate social media accounts.
North Korean state-sponsored cyber threat actors have used Maui ransomware to target both the healthcare and public health sectors, according to U.S. cybersecurity alerts.
Defending organizations' IT networks and data has never been tougher for tech and cybersecurity pros.
Artificial intelligence is more artificial than intelligent.
The Fourth of July weekend is upon us, and so is the risk of a cyberattack. See how to make sure your organization says safe.
Tim Wade, Deputy Chief Technology Officer at Vectra shares about the hype around Artificial Intelligence.
Surviving a ransomware attack is possible, as long as we apply preparation and intentionality to our defense posture.
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
Security experts react following the latest T-Mobile Data Breach.
Vectra AI released a new Security Workforce report highlighting how mounting pressure on security professionals is creating a health crisis in cybersecurity.
Researchers reported on the first publicly known case of malware specifically designed to execute in an AWS Lambda environment.
With ransomware being so prevalent, what should organizations be doing to detect it, mitigate its impact, and prevent any future attacks?
The AvosLocker Ransomware as a Service (RaaS) group has targeted critical infrastructure sectors in the US, such as financial services, manufacturing and government facilities, the FBI said.
Aaron Turner, VP of SaaS Posture at Vectra sits down with ABC 4 Utah to explain how Vectra is able transfer the best cybersecurity knowledge to a company in a really repeatable way.
Vectra CEO, Hitesh Sheth explains how no intelligence agency is certain how the cyber dimension of the Ukraine conflict will evolve.
Steve Cottrell, EMEA Chief Technology Officer at Vectra AI, spoke to Technology magazine about how it helps businesses facing increasing cyber threats
Steve Cottrell, EMEA CTO at Vectra AI, comments about the fine issued by the ICO to Tuckers Sollicitors.
A cloud security report found that only 16% of respondents have comprehensive DevSecOps in place, while some 37% are starting to incorporate some aspect of DevSecOps within their organizations.
A look at 20 network security vendors offering everything from log filtering and encrypted traffic visibility to containerized firewalls and SD-WAN.
Vectra CEO, Hitesh Sheth explains how AI has become pervasive—and increasingly important to our quality of life while it'ss also making an impact on today's cyber landscape.
Ransomware gangs are continuing to evolve new tactics and techniques, and organizations need to be better prepared to defend against them in 2022.
There was a lot to learn from breaches, vulnerabilities, and attacks this year.
A local electric cooperative serving western Colorado'ss Montrose and Delta counties, says a cyberattack first detected Nov. 7 has disabled billing systems and wiped out 20 to 25 years's worth of historic data.
The world of cybersecurity changed for good on Dec. 13, 2020 as a result of the massive cyberattack on SolarWinds.
Experts give their take on the state of cybersecurity as we near the end of 2021.
Over the last year, ethical hackers have prevented more than US$27 billion in cybercrime, according to a report released Tuesday by a leading bug bounty platform.
New research that found some 80% of ethical hackers have recently identified a vulnerability they had not encountered before the pandemic.
Modern complexities of rogue devices, remote employees, and multi-cloud environments have brought previously unseen levels of unpredictability to the SOC.
A report on cloud adoption found cloud usage among respondents has grown to 90%, while 48% say they plan to migrate half or more of their apps to the cloud in 2022.
Here's a look at the most disruptive security incidents associated with AWS misconfigurations and how businesses can prevent misconfigurations in the future.
The U.S. Department of State will create a Bureau of Cyberspace and Digital Policy, led by a Senate-confirmed ambassador-at-large, to advance its cybersecurity diplomacy efforts.
Since taking office in January, the Biden administration has made cybersecurity one of its top priorities.
The Russian-based cybercrime group responsible for the high-profile attack on software maker SolarWinds last year is continuing to take aim at the global supply chain, according to a warning issued by Microsoft this week.
Why it's important to make the most of machine learning when managing cyber-security incidents.
Acer has confirmed that its servers in Taiwan have also been breached, after hackers themselves shared details about the incident with privacy watchdogs, Privacy Affairs.
As security teams start to fight back, attackers have only become more sophisticated. Here are six key trends that your security team should be tracking to ensure that your organization remains cyber resilient.
The previously unknown SnapMC group exploits unpatched VPNs and webserver apps to breach systems and carry out quick-hit extortion in less time than it takes to order a pizza.
A new bill introduced would require ransomware victims to disclose ransom payments within 48 hours of payment — including the amount of ransom demanded and paid the type of currency used for payment of the ransom, and any known information about the entity demanding the ransom.
A new report from Forrester Research indicates organizations should tread carefully between engagement, empathy and punishment because punishment has the tendency to reinforce employees' negative perceptions and resentment of the security team.
No Internet-connected device appears to be safe from potentially being abused by a newly theorized form of distributed denial of service attack.
An Illinois man ran a successful computer takedown service until the feds stepped in.
Vectra Technical Director to the CTO Office, Tim Wade explains how Resilience shifts the focus toward eliminating the probable impact of the full attack chain.
In the sprawling IT landscapes of today, artificial intelligence (AI) will play a decisive role in this war against ransomware, giving organizations the best chance to defeat motivated attackers.
Vectra CEO, Hitesh Sheth explains how AI is the greatest ally when it comes to creating a secure future. AI can learn the differences between normal and malicious activity — independently, without requiring human input.
The security team at the Australian telco got its network detection response down from four hours down to one hour a day.
Organizations aren't maintaining regular patching: With nearly half of all databases globally (46%) containing a vulnerability and the average number of Common Vulnerabilities and Exposures (CVEs) per database standing at 26, it's clear that businesses are ignoring one of the basic tenets of data security which is to patch and update databases as soon and often as possible.
One out of every two on-premises databases globally has at least one vulnerability, finds a new study.
A dual U.S.-Canadian national has been sentenced to more than 11 years in federal prison for conspiring to launder tens of millions of dollars in wire and bank fraud schemes, according to the U.S. Department of Justice. Officials say the activity included cash-out scams for North Korean hackers, including the criminal gang Lazarus Group, which has been associated with a military unit for the authoritarian regime.
It was a short hiatus for the REvil ransomware group that signed off in July following several high-profile attacks by the Russia-based crew on such companies as global meat processor JBS and tech services provider Kaseya.
Chris Fisher, our Director of Security Engineering APJ, discusses how public and private sector organisations – from government and military to banking, energy and transportation – have become digital-centric to seek economic savings, productivity gains and to create customer and citizen value.
Microsoft has a sizeable global channel that raises the question of whether that is the model that all vendors should be aspiring to follow.
Based on industry reports over the past few days, it appears that Paragon Software will include its New Technology File System 3 (NTFS3) kernel driver in the recent Linux Kernel 5.15 release, which promises improved support for Microsoft'ss NTFS file system.
Over the course of the pandemic, one of the biggest disruptions the world faced was to critical national infrastructure, specifically supply chains. Border and port closures, mandated work from home policies, and severe shortages of citizen essential products including PPE and pharmaceuticals, have highlighted vulnerabilities in production, supply, and logistics. Asia is now experiencing a renewed surge in Covid-19 infections, which continues to impact supply chains across the world and manufacturers are yet again faced with complexities.
David Larrimore has been named chief technology officer for DHS, a role he previously held at Immigration and Customs Enforcement between 2016 and 2019. Between federal appointments, Larrimore was lead solution engineer at Salesforce.
The United States Department of Homeland Security (DHS) has announced two senior cybersecurity appointments.<br>
A vendor with a checkered security incident past is not automatically disqualified from future contracts. Rather, there is a playbook for due diligence.
The operators of LockFile ransomware have adopted new techniques, including "intermittent encryption," to help evade detection, according to cybersecurity firm Sophos.
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are customarily closed—in the United States, as recently as the Fourth of July holiday in 2021.<br>
Citing damaging ransomware attacks that it, along with the FBI, has observed over recent holidays, the Cybersecurity and Infrastructure Security Agency issued an alert warning organizations to be prepared as the Labor Day holiday nears.
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a new cybersecurity advisory to highlight precautions and mitigation steps that public and private sector organizations can take to reduce their risk to ransomware and other cyber attacks, specifically leading up to holidays and weekends.
After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline's encrypted files on its leak site.
The LockFile ransomware family has made an impression in the relatively short amount of time it's been around. The malware garnered a lot of attention over the past several months after being detected exploiting high-profile Microsoft vulnerabilities dubbed ProxyShell and PetitPortam.
New research released by Nozomi Networks in tandem with SANS found that 91% of respondents are using cloud technologies to directly support some aspect of industrial control system (ICS) operations.
Public and private sector organisations – from government and military to banking, energy and transportation – have become digital-centric to seek economic savings, productivity gains and to create customer and citizen value.
Despite security improvements over the last seven years, the U.S. Agency for International Development - USAID - needs to better protect the large amounts of personal identifiable data - such as Social Security numbers - that the agency collects, according to an inspector general'ss audit.
The hoards of consumer information that companies collect multiply the damaging effects of data breaches, lawyers and cybersecurity specialists say. In an estimated 1,700 publicly reported data breaches during the first half of 2021, more than 18 billion pieces of information have been exposed, according to research from cybersecurity company Risk Based Security Inc.
Kaseya has obtained a master decryptor key for the REvil ransomware that locked up the systems of at least 60 of its customers in a spate of worldwide cyberattacks on July 2.
As Digital Transformation efforts continue, the survey found that AWS is becoming an even more critical component to organisations that are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service.
The scope of a cyberattack at T-Mobile US keeps growing, as the operator today confirmed personal data on at least 54 million people was exposed and stolen. It pegged the number of people affected at nearly 49 million people earlier this week.
Accenture suffered a LockBit ransomware attack that reportedly encrypted at least 2,500 computers and leaked client information.
A newly published Office of the Inspector General report detailing how the U.S. Census Bureau mishandled a January 2020 cybersecurity incident is a strong reminder to the business community to follow best practices such as IT asset management, frequent vulnerability scanning and mitigation, comprehensive event logging and prompt notification and incident response when a possible incident is suspected.
The U.S. Census Bureau was targeted by a cyberattack last year that compromised some systems but did not result in the theft of census data, according to a new report from the Office of the Inspector General.
Oliver Tavakoli, CTO at Vectra, lays out the different layers of ransomware defense all companies should implement. Determining how hard a target you present for the current wave of human-driven ransomware involves multiple considerations. There are four steps to analyzing how prepared you are for a ransomware attack.
According to a watchdog report, U.S. Census Bureau computer servers were exploited in January 2020 during a cybersecurity attack, but hackers' attempts to keep access to the system were unsuccessful.
T-Mobile USA officials have confirmed that the records of 47.8 million current, former and prospective customers were stolen in a "highly sophisticated cyberattack" late last week.<br>
T-Mobile US has said cyber attackers who breached its computer networks stole personal details of more than 40 million past, current and prospective customers.
Mobile telecommunication company T-Mobile has confirmed a data breach that reportedly affects nearly all of its U.S. customers. Hackers gained access to the company's systems and hacked servers and databases containing the personally identifiable information of approximately 100 million customers.
Microsoft on Monday announced that it received the approval to launch Azure Government Top Secret for its military and intelligence customers.
Global e-commerce giant Amazon is reportedly considering plans to implement a keyboard-stroke monitoring solution for its customer-service representatives.
A proliferation of ransomware attacks has created ripple effects worldwide. Such criminal attacks have since increased in scale and magnitude, as critical hospital and infrastructure targets were shut down.
T-Mobile said in a statement that it had determined that "unauthorized access to some T-Mobile data occurred, however, we have not yet determined that there is any personal customer data involved." The company noted that it's "confident that the entry point used to gain access has been closed" and that a review is ongoing.
T-Mobile is investigating a reported breach in which a hacker claims to be selling the personal information of over 100 million of its customers.
T-Mobile said on Monday it was looking into claims that a hacker has stolen data related to more than 100 million T-Mobile customers in the United States and aims to sell access to part of the information for around $277,000.<br>
Over one-third of organizations worldwide have experienced a ransomware attack or breach that blocked access to systems or data in the previous 12 months, according to new research.
Researchers on Friday reported that an insecure direct object reference (IDOR) vulnerability allowed for the reading and modifying of all user workouts on the cloud-based Wodify fitness platform.
Information technology consulting giant Accenture PLC has been struck by ransomware that resulted in customer data stolen.
Accenture, the multinational consulting firm with tens of billions USD in annual revenue and over half a million employees worldwide, is being blackmailed by the LockBit ransomware group, which has launched a successful attack against them.
Accenture officials are saying they staved off a ransomware attack this week by a cybercriminal ring using the LockBit malware even as the hacker group claimed to have captured data from the massive global IT and business consulting firm and has threatened to release it.<br>
Accenture sent an internal memo confirming that attackers stole client information & work materials in a July 30 "incident."
A group using the LockBit ransomware says it struck the IT consulting firm Accenture and threatened to release data within hours.
In a report on remote workforce security, 52 percent of the U.S. IT and cybersecurity professionals surveyed revealed they experienced remote workers finding workarounds to their organizations' security policies.
Vectra AI has released the findings of its new PaaS and IaaS Security Survey Report. The report presents the results of a survey of 317 IT executives all using AWS, 70 percent coming from organizations of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.
As ransomware and nation-state attacks have become more destructive, older methods of protecting networks and infrastructure, such as perimeter defenses and penetration resistance, can no longer protect organizations's assets and data.
In the wake of a relentless wave of supply chain attacks, security leaders must heed this famous line and change their approach. When relying on traditional prevention-based strategies, victims have faced costly and humiliating results time and time again.<br>
Sharing threat intelligence and proof-of-concept exploits can often help other organizations better defend themselves, but such efforts are hampered by obstacles and restrictions.
In response to the number of high-profile ransomware incidents, the Federal Government has launched Operation Orcus. The cross-agency initiative is designed to target ransomware attacks that have direct links to sophisticated organised crime groups, both in Australia and globally. The Australian Federal Police are leading the initiative, with the Australian Cyber Security Centre (ACSC), Australia Criminal Intelligence Commission, AUSTRAC, and state and territory police agencies also joining the force.
With competitive corporate pressures to reduce IT operations and security costs, transitioning workloads and data to the cloud are unstoppable — but the most challenging question is how to govern the process to ensure a predictable, accountable, and scalable transition, and resulting cloud infrastructure that accounts for the diverse interests of the internal stakeholders and the regulators.
The expansion of AWS services has naturally led to increased complexity and risk. In fact, all of the companies surveyed have experienced at least one security incident in their public cloud environment in the last 12 months. Gartner anticipated that over 99% of cloud breaches will have a root cause of customer misconfiguration.
Every organisation deploying Amazon Web Services (AWS) has experienced at least one security incident.
New report finds 100% of companies have experienced a security incident, but continue to expand their footprint as 64% report deploying new AWS services weekly.
Organizations count on multifactor authentication (MFA) to prevent attacks. However, the belief that you'sre 100% protected because of MFA is just false. Even though there are statistics that highlight how MFA can reduce the risk of identity compromise by 99% over passwords, attackers still know how to bypass it. Our CEO, Hitesh Sheth, shares his thoughts on why MFA isn'st enough.
New report from Vectra AI finds 100% of companies have experienced a security incident, but continue to expand their footprint as 64% report deploying new AWS services weekly.
Vectra AI released the findings of the PaaS & IaaS Security Survey Report. The report compiled the answers of 317 IT executives all using AWS, 70% coming from organization of 1,000+ employees. The findings show a rapid expansion and reliance on AWS services while simultaneously showcasing security blind spots within many organizations.
As digital transformation efforts continue, the survey found that AWS is becoming an even more critical component to organizations who are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service.
Organizations hit by ransomware attacks also report tightened budgets and lingering impacts on productivity, profitability and security posture, suggesting the extensive damage caused in the wake of ransomware attacks has long-lasting effects.
Varonis on Thursday released a report indicating that companies have to focus a bit more on securing their SaaS applications. The study found that 44% of cloud privileges are misconfigured, 3 out of 4 cloud identities for external contractors remain active after they leave, and 15% of employees transfer business-critical data to their personal cloud accounts.
Threat detection and response leader Vectra AI has released details of the top five Microsoft Azure AD and Office 365 threat alerts triggered within financial services organisations. The analysis, conducted during early 2021, recorded and categorised the potential threats detected by Vectra's Cognito Network and Cloud Detection Platform deployments. Each of these detections represents an anomalous behaviour, and therefore helps security teams spot and stop cyber-attacks within their Microsoft cloud environments.
After focusing almost exclusively on Russia for the first seven months of his presidency, Joe Biden's White House shifted part of its cybersecurity attention to China on July 12, with the administration blaming hackers associated with one of the country's security services with carrying out attacks on vulnerable versions of Microsoft Exchange email servers earlier this year.
A little over 10 years ago, Google launched their Vulnerability Rewards Program (VRP), with the goal of establishing a channel for security security researchers to report bugs to Google and offer an efficient way for Google to thank them for helping make Google, users, and the Internet a safer place.
Google celebrated the anniversary of its Vulnerability Rewards Program (VRP) by launching bughunters.google.com, a site that brings together all of the VRPs it has for Google, Android, Abuse, Chrome, and Play, and puts them on a single intake form that aims to make it easier for bug hunters to submit issues.<br>
The LemonDuck malware that for the past couple of years has been known for its cryptocurrency mining and botnet capabilities is evolving into a much broader threat, moving into new areas of cyber attacks, targeting both Linux and Microsoft systems and expanding its geographical reach, according to security researchers with Microsoft.
Vectra is positioned as an integral part of the Microsoft Zero Trust model; it assumes breaches by investigating the behaviour of users, workloads, networks and devices as though they originate from an untrusted network. It does so by leveraging its analytics and understanding of users and accounts, tracking them between on-premises and cloud.
A short-lived outage at the content delivery network supplier Akamai on Thursday, which briefly knocked offline many corporate websites, is another indicator that companies need resiliency built into their systems. That means they should avoid relying on just one CDN provider, security experts say.
The massive hack of the Microsoft Exchange email server software that took place early this year is estimated to have hit tens of thousands of victims, causing disproportionate chaos for smaller businesses. The Biden administration has formally declared that Chinese state-backed APT groups are to blame.
iPhone users, drop what you're doing and update now: Apple has issued a warning about a ream of code-execution vulnerabilities – some of which are remotely exploitable – and experts are emphatically recommending an ASAP update to version 14.7 of iOS and iPadOS.
Organized by Amnesty International and the Paris-based non-profit Forbidden Stories, the Pegasus Project involves 80 journalists in 10 countries. Its subject is the Pegasus spyware sold by NSO Group, a powerful tool that is supposed to only be available to law enforcement and intelligence agencies for legitimate and legal uses.
Vectra AI has announced the Vectra Cognito platform will deliver key Zero Trust capabilities for Microsoft 365 and Microsoft Azure customers. The company says it's uniquely positioned as an integral part of the model, which assumes breaches by investigating the behaviour of users, workloads, networks, and devices as though they originate from an untrusted network.
The software company at the center of a huge ransomware attack this month has obtained a universal key to unlock files of the hundreds of businesses and public organizations crippled by the hack.
Reports that the NSO Group's Pegasus spyware was used by governments to spy on Apple iPhones used by journalists, activists, government officials and business executives is becoming a global controversy for NSO, Apple and a number of governments at the center of the scandal.
The federal government is fighting back against what it says are China-based cyberattacks against U.S. universities and companies with indictments and a "naming-and-shaming" approach — but researchers aren't convinced the efforts will come to much in terms of deterring future activity.
UK rail operator Northern suffered a cyber attack targeting its newly installed self-serve ticketing machines across Northern England, forcing the operator to take all the ticketing machines offline.
Managing access control and data permissions is difficult without a proper understanding of the who, what, and where of data access models. To truly understand data flow and access, organizations need to observe privilege based on real world activity and assess the access that does occur. This would allow an organization to differentiate between what should and should not occur.
Researchers at the security firm CyberMDX have uncovered two significant vulnerabilities in certain Dell Wyse thin client devices that, if exploited, could enable threat actors to remotely run malicious code and access files on affected devices.
Vectra'ss Ammar Enaya says this is a significant example of a well-executed supply chain attack compromising a popular IT administration tool as a penetration mechanism. The subsequent exploitation of authentication controls enabled the threat actor to pivot to the cloud and operate undetected for an extended time in Microsoft 365, which allowed them to gather intelligence.
The SolarWinds hack, which is reportedly being link to Russia, is shaping up to be the biggest cyber-attack this year. The attack targeted the US government, its agencies and several other private companies. It was first discovered by cybersecurity firm FireEye, and since then more developments are being reported each day.
United States officials have blamed Russian hackers for recent breaches at federal agencies, companies, and high-profile cybersecurity vendor FireEye, with the malicious activity appearing to come from highly skilled attackers. "Attackers could also set up automated workflows to consolidate all the activities and run them autonomously while quietly exfiltrating data," Vectra'ss Matt Walmsley shares.
The recentbreach, which began in March, targeted the SolarWinds Orion software, a popular IT network administration tool used by companies around the world and by U.S. government agencies including the Department of Homeland Security, the Treasury Department, the Department of Commerce, the Department of Energy, the Pentagon and the White House. The hackers attached malware to a SolarWinds software update that was downloaded by as many as 18,000 organizations.
Causing 18,000 organizations, the vast majority of which were not actually targets of interest, to have to remediate and possibly rebuild their devices and networks represent a huge amount of collateral damage," Vectra'ss Oliver Tavakoli said. "Obviously, the concept of collateral damage exists on a spectrum – but we can probably all agree this attack was on the far end of the spectrum.
While all of these things together sound like the makings of a best-selling fiction novel, the cyber security industry – and all of the threats and dangers that exist within it – is all too real. That's one reason why cybersecurity books make for some pretty interesting reading both in terms of academics and entertainment. Hashed Out reached out to many IT and cyber security experts within the industry to inquire about their favorite books on cyber security and create a comprehensive list of the "best cyber security books."
Vectra AI has formed a new partnership with Baidam Solutions. This partnership provides First Nations' people with scholarships, a full education and technical skills to combat the rise in cyberattacks against businesses, government and infrastructure.
Solutions Review's NDR Vendors to Watch is an annual listing of solution providers we believe are worth monitoring. Companies are commonly included if they demonstrate a product roadmap aligning with our meta-analysis of the marketplace. Other criteria include recent and significant funding, talent acquisition, a disruptive or innovative new technology or product, or inclusion in a major analyst publication.
The recent supply chain attack, which has affected around 18,000 SolarWinds Orion customers, is thought to have been executed by a sophisticated nation-state threat actor. Vectra'ss Matt Walmsley says that IT administrators and security teams have access to highly privileged credentials as part of their legitimate work. Attacking the digital supply chain of their software tools is an attempt to gain penetration and persistence right at the heart of their operations, gain privileged access and to provide springboard out across their digital hybrid-cloud enterprise.
Vectra'ss Matt Walmsley comments on the recent SolarWinds breach, discussing how security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where.
A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week. Researchers said that includes its use of a default password ("SolarWinds123") that gave attackers an open door into its software-updating mechanism; and, SolarWinds' deep visibility into customer networks.
For many businesses, recovery from the pandemic fallout hinges in part on employees working safely and virus-free outside their homes. That leaves organizations facing the very real possibility that they will serve as both trackers and guardians of health data to ensure the safety of employees.
SolarWinds estimates that between last March and June, roughly 18,000 user organizations downloaded updates of its Orion software that Russian APT actors allegedly corrupted with Sunburst backdoor malware. John Mancini, senior product manager at Vectra, said that a core point of the DHS' guidance for remediating the SolarWinds hack is to analyze for any listed indicators of compromise and then "identify potential behaviors in metadata that may be related to the compromise."
A number of key US government departments have been hacked, with concern that the attack has allowed a foreign power to monitor American government communication.
In what may well turn out to be one of the most significant supply-chain attacks in recent years, a likely nation-state backed group compromised systems at SolarWinds and inserted malware into updates of the company'ss widely used Orion network management products that were released between March and June 2020. Matt Walmsley, EMEA director at Vectra, says the attackers likely manipulated Security Assertion Mark-up Language (SAML) authentication tokens used in Single Sign On to try and escalate privileges in the early stages of the campaign.
With 2021 fast approaching, cybersecurity experts and analysts note that cybersecurity will continue to evolve even as most of the world enters a post-COVID-19 era, with cybercriminals, threat actors and nation-state hackers ready to take advantage of whatever may happen next. This will keep CISOs, their security teams, as well as their counterparts in IT, trying to catch up and stay ahead.
Hackers working on behalf a foreign government are believed to be behind a highly sophisticated attack into a range of key government networks, including in the Treasury and Commerce Departments, and other agencies. The hackers had free access to their email systems.
Business Times
SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June. The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers's computer systems.
The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.<a href="http://www.digitaljournal.com/news/world/hackers-breach-us-agencies-homeland-security-a-reported-target/article/582585#ixzz6geNQYiN0"></a>
After a major data breach, do criminals actually have your password even if it has been encrypted? Companies have various ways of encrypting passwords. There are also techniques called salting and hashing. The upshot is, the average user will not take the time to find out how the affected company does their encrypting—or hashing or salting for that matter.
Oliver Tavakoli, our CTO, shares his thoughts on the upcoming cybersecurity trends to watch.
Chris Fisher, Vectra'ss director of security engineering APJ, shares that as our reliance on technology grows exponentially, so does the need for robust cybersecurity to protect users and keep data and business operations safe from hackers.
The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards.
With the market demand for NDR solutions is generating significant traction among forward-thinking enterprises with this set to continue into 2021, we'sre excited to welcome Jerome Jullien to the Vectra team as vice-president of international partner sales.
As the time for distribution of COVID-19 vaccines comes closer, law enforcement agencies across the world are warning of organized crime threats, including schemes to sell counterfeit vaccine on the dark web, as well as physical and virtual attacks targeting supply chain companies.
To exploit VMware'ss vulnerability, an attacker must have access to the device's management interface. This access can allow attackers to forge security assertion markup language (SAML) credentials to send seemingly authentic requests to gain access to protected data. Chris Morales, our head of security analytics, discusses howthat this is why granted access does not equate to trusted access.
Researchers at Abnormal Security said Monday they blocked an attack where a malicious email impersonating one of their customer's vendors bypassed the customer's Proofpoint gateway and set up a trap to steal Office 365 credentials. Chris Morales, head of security analytics at Vectra, said the known partner compromise technique equates to internal spear phishing, when a phishing email that originates from a trusted and legitimate connection doesn't get blocked by the email gateway.
With more than 25 years' experience in Enterprise Technology, including managing Channels, System Integrator and Service Provider (SI/SP) and Alliances, Jerome Jullien, now Vice President of International Sales, brings a strong track record of building successful business models for the Channel and will play a key role in managing and driving sales via the Vectra partner ecosystem.
Instead of monolithic ransomware, or a single piece of software that did everything and was highly automated, today's ransomware tends to be modular and often obtained from a malicious developer or acquired "as a service". There's an organized dark ecosystem for ransomware with component and service supply chains, not dissimilar to the structures and practices we see in the legitimate world. It's expeditious to change and morph, which makes traditional fingerprinting for signatures less effective.
This week, IBM Security X-Force uncovered a global phishing campaign targeting the COVID-19 Vaccine Cold Chain. The company's task force dedicated to tracking down COVID-19 cyber security threats said it discovered fraudulent emails impersonating a Chinese business executive at a credible cold-chain supply company. The emails, dating back to September, targeted organizations across six countries, including Italy, Germany, South Korea, Czech Republic, greater Europe and Taiwan, the company said. <br>
We are thrilled to announce the appointment of Jerome Jullien as Vice President of International Partner Sales to its leadership team.
The FBI this week made public a private industry notification warning that business email compromise (BEC) scammers are exploiting web-based email clients' auto-forwarding rules to secretly gather intel on their targets and also hide their fraudulent communications. Moreover, if organizations fail to sync their web-based email clients with their desktop-based clients, this suspicious activity may go unnoticed by infosec personnel.
A calculated cybercriminal operation is targeting companies in the coronavirus vaccine supply chain with phishing emails that appear to be designed to steal sensitive user credentials, IBM Security X-Force said in a report released Thursday. The targeted organizations are all associated with a COVID-19 cold chain, a component of the overall supply chain that ensures the safe storage of vaccines in cold environments during storage and transportation.
Clop ransomware is claiming to have stolen 2 million credit cards from E-Land Retail over a one-year period ending with last months ransomware attack. This is a timely reminder that ransomware operators have changed their tactics and become far more targeted. Not only are they performing data theft and public bullying, but they remain active inside an organization for extended periods prior to detection.
Organizations that conduct almost all of their business online now face needing to protect an expanded threat surface. Ammar Enaya, our METNA regional director, shares his takes on how business can protect their data in the cloud.
If businesses do not configure their network to routinely sync their employees's web-based emails to their internal network, an intrusion may be left unidentified until the computer sends an update to the security appliance set up to monitor changes within the email applications. This leaves the employee and all connected networks vulnerable to cybercriminals.
The U.S. Federal Bureau of Investigation (FBI) issued a Private Industry Notification alert, noting that cybercriminals are increasingly implementing auto-forwarding rules on victims's web-based email clients to conceal their activities. According to the FBI, cybercriminals then capitalize on this reduced visibility to increase the likelihood of a successful business email compromise (BEC).
A hacker began selling access to hundreds of stolen executive email accounts last Friday, ZDNet reported. Email and password combinations are being sold for anywhere from $100 to $1,500 on Exploit.in, an underground hacker forum populated by Russian speakers.
Jerome Jullien has been appointed to the leadership team of network threat detection and response (NDR) vendor, Vectra, as the international partner sales vice president.
Artificial intelligence (AI) and machine learning (ML) will help make it possible to create an urban landscape that enables safe, efficient, convenient and self-optimizing traffic eco-systems, while dealing with highly increased complexity. As cities become "smarter", data collected from sensors regarding energy consumption, traffic, sanitation, will all increase at a scale that makes it difficult for certain types of tasks to be done well by humans alone, or would be unthinkable without the aid of automated system.
Next year we will also see more blurred lines across traditional channel boundaries. Sandra Hilt, senior director of channel sales for EMEA, at Vectra, shares her thoughts on how today's channel partners are increasingly positioned as service-led, trusted advisors to their customers. Consequently, the offering of different service engagements is becoming more and more important.
The new cloud capabilities allow Vectra and its users to track and link accounts and data in cloud and hybrid environments. This helps users prevent the loss of visibility when environments expand to the cloud where users leverage multiple accounts and may access resources from shadow IT devices.
Adam Mendler sat down with our CEO, Hitesh Sheth, for a one-on-one interview. Hitesh shared his perspective on leadership, AI, and technology trends.
With more commerce occurring online this year, and with the holiday season upon us, the Cybersecurity and Infrastructure Security Agency (CISA) reminds shoppers to remain vigilant. Be especially cautious of fraudulent sites spoofing reputable businesses, unsolicited emails purporting to be from charities, and unencrypted financial transactions.<br>
Australia's health sector is constantly the target of cyberattacks, and in the first half of 2020, a total o of all Australian data breaches were in the health sector. The real threat is already in healthcare networks in the form of privileged access misuse, the growth in healthcare IoT devices, and that the majority of attacks occur due to underinvestment in security operations or a lack of security awareness by insiders.
Techday'ss 10 Minute IT Jams provide sharp, to-the-point insights into emerging and established technology companies that operate in the Asia-Pacific region. In Techday'ss second IT Jam with Vectra AI, they speak with head of security engineering Chris Fisher, who discusses the organizational impact of security breaches within Microsoft O365, why these attacks are on the rise, and what steps organizations should take to protect employees from attacks.
With the end of the year nearing, two U.S. government agencies are warning shoppers to be cautious of online holiday shopping scams, fake emails and unencrypted financial transactions. Vectra'ss Chris Morales noted that emails containing deals and links to discount websites that seem too good to be true will be the main cause of security issues during the upcoming Black Friday and Cyber Monday.
Vectra has announced broader and deeper cloud capabilities to track and link accounts and data in hybrid environments.
This Presidential election campaign has seen myriad stories and comments published online by supporters on both sides looking to influence voters. While many were written by humans, an increasing number were generated by AI. Advances in machine learning mean AI generated text is now almost indistinguishable from anything written by people.
Organizations in the public and private sectors will continue to grapple with the security implications of remote or hybrid work environments. Between March and July approximately one-third of organizations said ransomware delivered by phishing increased over the five months prior. And more than half recorded a security incident, such as a breach. In the months that have followed, the threats have only accelerated as attackers show an appetite for exploiting anything COVID.