Vectra VP of Marketing Mike Banic predicts data science and machine learning will become the focus of the fight on cyber-attacks, cyber security will get social, and new entrants will continue to disrupt the cyber security market.
Our roundup of intriguing new products from companies such as Dell, CloudBerry and Vectra (See Slide 16).
Real-time cyber-attack detector Vectra Networks has introduced a real-time detection platform for insider and targeted threats.
Working in information security for the past 20 years, I have seen a lot. Though there have been many multi-million dollar impact breaches, the recent Sony Pictures hack and subsequent data exposure and extortion is probably the most impactful to a company out of the previous breaches this year.
Vectra Networks has released an updated real-time detection platform – X-series platform – aimed for insider and targeted threats detection.
Regardless of how well we secure our assets from outside parties, we ultimately need to give access to our employees, contractors and partners in order for them to do their jobs. Misuse of this privileged access, whether through data theft or damage, is an unfortunate, yet inherent risk of doing business for most organizations.
Vectra Networks announced release of a real-time detection platform to protect organizations and government agencies from insider and target threats.
The Vectra X-series platform is designed to detect sophisticated threats by using a combination of security research, data science and machine learning. According to the company, the product is capable of detecting attacks on all operating systems, applications and devices regardless of the method and location of the initial delivery.
Vectra Networks has released its updated X-series platform, the first real-time detection solution designed to discover insider and targeted threats. The new platform promises to help organizations gain instant visibility into potential threats by leveraging a combination of dynamic community threat analysis and real-time detection of cyberattacks.
CEO Hitesh Sheth tells Bloomberg TV's Pimm Fox how Community Threat Analysis dynamically creates a clear picture of typical network access through the entire corporate network, identifying anomalies and flagging unauthorized access to documents, data and intellectual property, making it an effective way of recognizing insider attacks.
Frank Ohlhorst details how data breaches happen and what Vectra’s X-series security appliances can do to detect and prevent them.
“We've gone from an environment where people were essentially stationary with fixed computing assets to one where everything is porous and people are mobile and applications and data and information are all in the cloud,” says Hitesh Sheth, president and CEO for Vectra Networks.
The systems of entertainment giant Sony have been hacked once again, and although the full extent of the breach is not yet known, the incident will likely be added to the list of most damaging cyberattacks.
Vectra Networks' X-series of appliances combine advanced analytics with AI to identify threats in real time.
Ten percent of hosts experience at least one or more cyberattacks that bypass enterprise security perimeter defenses, according to a new study by security solution provider Vectra Networks.
The new "C" version of the NotCompatible malware that targets Android devices is very difficult to stop – but it's not that hard to avoid.
A report by data security company Vectra Networks looks at how cybercriminals bypass perimeter defenses, andwhat they do inside a network once they have gained access.
When it comes to the darkhotel issue and the fast-evolving threat landscape, "what the malware is doing" is more important than "what the malware is."
There's speculation that China might be behind a months-long hack attack that breached USPS servers, compromising personal data of workers and customers.
An attack happens and he or she is able to squeeze by the perimeter defense; that is just the beginning for an assault on a network, a new report shows.
Vectra Networks collected data over five months from more than 100,000 hosts within sample organizations to gain a deeper understanding of breaches that inevitably bypass perimeter defenses, and what attackers do once inside networks.
Mobile technologies can be a boon to productivity, but they also introduce cyber-security vulnerabilities that technologists and insurers are laboring to protect.
Got malware? More than likely you do, but don't panic: The bulk of infections can be traced to standard botnet activity like spamming and click-fraud rather than data theft, a new study of real-world breaches has found.
Highly organized, sophisticated and successful cyber attacks continue to assail organizations and while most are opportunistic, a higher than expected percentage are targeted, according to results from a recent study.
This is the first report, using real-world data from the Vectra X-series platforms currently in production networks, that reveals what attackers do within a network once they evade perimeter defenses.
Forbes hottest cybersecurity startups of 2015
In 2015, there were few hotter areas in Silicon Valley than cybersecurity, and Vectra ranked in the top 10 of that competitive group.
Uncovering covert attack communications inside your network
Cyber attackers are slipping through perimeter defenses and hiding in the shadows and dark corners of networks.
Algorithms are the key to detecting and mitigating cyber attacks
Gerard Bauer, vice president of EMEA sales at Vectra, shares his security predictions for 2016.
Hello Kitty fixes website security flaw
Sanrio says the loophole that provided an attack entry method potentially allowing cyber criminals to bypass traditional security defences in order to enter and exploit internal systems with the appearance of a legitimate user, has been closed and data is now safe.
Automated threat detection helps fulfill protection goals of critical security controls
New technologies, such as machine learning, have evolved to help organizations improve their response to modern attacks. Although the financial industry has been using machine learning since the 1970s to detect fraudulent behavior, use of machine learning in the information security sector is a recent phenomenon.
Cybersecurity in virtual networks
In this eighth annual VMblog.com series exclusive, virtualization and cloud executives share their predictions for 2016.
Protecting the university network and flagging attacks — in real time
Higher education is a key target for cyber attacks because of the open networks common on college and university campuses. Thousands of students and faculty wander on and off the network with their own devices, bringing viruses and malware to the wider community and creating nightmares for security teams.
The state of cybersecurity: What 2016 will bring
In 2016, what organisations need are tools that identify the activities of the attacker inside a network before a data breach occurs, with a focus on how to quickly intervene, minimise the time they are exposed and reduce the impact of cyberthreats.
How one university addresses targeted attacks in progress
Hernan Londono, associate CIO at Barry University in Miami, talks about embracing campus mobility and BYOD, and explains why a strong Advanced Persistent Threat (APT) defense is vital to protecting the university's network from mobile devices that it doesn't own or manage.
SANS Institute shows true power of automated threat detection
A SANS Institute report, backed with findings from Vectra, explains how an automated threat detection system that combines behavioral analysis, data science and machine learning can help organizations meet Critical Security Control (CSC) mandates.
Data science, machine learning and behavioral analysis help identify new security threats
Automated network threat detection tools that use data science, machine learning and behavioral analysis work with perimeter security to help organizations meet security goals defined in the CIS Critical Security Controls recommendations and protect against attackers, according to a new report from the SANS Institute.
Detecting and preventing cyberattacks in your network
Despite being vulnerable to cyberattacks, many universities still have insufficient threat management defenses. Attackers can easily evade perimeter security defenses and spy, spread and steal for the better part of a year, undetected. In the process, they'll take vital research data, personal info and financial records from campus community members.
Fleeting strategic importance? 2016, the year of the CISO
The core view of most of the experts we spoke to was that, while it is not clear if there is a higher number of CISOs now, these individuals are definitely gaining a stronger position within the business.
Nothing's sacred: VTech hackers stole kids photos and chat histories
VTech hackers purportedly made off with millions of pieces of customer information and have now been revealed to have stolen photos and private chat histories, too. VTech sold an app called Kid Connect that lets parents use their smartphones to talk to their kids through their VTech devices.
Detecting and preventing cyberattacks in your network
Officials from Vectra Networks and Barry University in Miami discuss insufficient cyber attack defenses at many colleges, despite existing vulnerabilities. They also discuss new defense-in-depth models that quickly pinpoint and mitigate threats in progress and share security strategies that enable mobility as well as open and collaborative learning.
The exploitation game
What steps can be taken to detect and block exploits that take advantage of software vulnerabilities? And how can security teams better understand the behaviour of legitimate software components? Preventing the exploitation of software vulnerabilities is desirable but their detection is a must for organisations and their security teams.
VTech Holdings: Data from 5 million customer accounts breached
VTech, maker of electronic toys for kids, said that 5 million of its customer accounts were leaked in a data breach that accessed user names, birthdays and passwords but not their credit card or personally identifiable information. Company officials noted that the breach was mounted by an "unauthorized party."
Why ransomware is not going away any time soon
Ransomware is targeting enterprise networks with a vengeance. In addition to user hard drives, it's been increasingly successful at encrypting file-shares and network drives. Consequently, ransomware has evolved from a mere nuisance to a potentially debilitating attack that holds critical business assets and intellectual property hostage.
Vectra wins 2015 Computer Technology Review Most Valuable Product award
Vectra advanced persistent threat (APT) security software was chosen by the Computer Technology Review editorial panel based on rigorous judging criteria that included product innovation, functionality and affordability.
No signatures required
However, the most dangerous threat to data, user and system security is not the known known, but rather the unknown unknowns – the threats that have yet to be captured in the wild and mapped. We don’t know if they exist, we don’t have visibility into what they do, and there’s no way signatures can catch them.
The Internet of Things is making oil production vulnerable to hacking
The oil and gas industry is caught in a slump, with prices going up and down and profits in decline. But it faces another major problem that's gotten less attention: Cyber attacks could threaten industry stability and worker safety.
GSN announces winners and finalists in 2015 Homeland Security Awards
Government Security News is pleased to announce that Vectra has been named a finalist in its seventh annual Homeland Security Awards for Best Threat Intelligence Solution.
A look at real risks to school networks, with a level-headed security approach
Unlike vendors that attempt to make every piece of malware sound like the end of the world, it is important to show IT security teams which threats actually pose the greatest risks to the university.
Vectra helps organizations identify intruders that are already in their networks
Most security solutions have one at-bat, yet attackers can typically survive undetected in a network for around 225 days, says Vectra’s Mike Banic. “Every network has likely been hacked, but they just don’t know it yet,” he says.
Video: Top Vectra executive talks about cyber security with TMCnet editors
Vice president of marketing Mike Banic shares the company's latest developments and discusses its recent advancements in the real-time detection of in-progress cyber attacks that spread inside networks.
Was CFOs aus Hackerangriffen lernen können
Erfolgreiche Cyberattacken auf Konzerne häufen sich. CFOs sollten daher genau überlegen, ob sie bei Investitionen in die IT-Sicherheit auf die Bremse treten. Denn Einsparungen an der falschen Stelle können den wirtschaftlichen Erfolg eines Unternehmens schnell gefährden. Hitesh Sheth, CEO bei Vectra Networks erklärt in FINANCE, warum vor allem immer öfter firmeneigene Rechenzentren Ziel von Hackerangriffen werden.
How artificial intelligence will solve the security skills shortage
The infosec world is embracing artificial intelligence and the seismic changes it will bring to threat detection and mitigation, Vectra CSO Günter Ollmann writes in Dark Reading. As networks become more sophisticated, generate more data, and are exposed to advanced threats, AI and the automation it empowers are the cure.
The truth is, the Yahoo! data breach is not the exception
The magnitude of the Yahoo! data breach – more than 1 billion user accounts compromised – is by far the largest that has ever occurred. But Yahoo! is not the exception. Routers, switches and servers in the vast majority of data centers where customer account information is kept are largely unprotected and highly vulnerable to cyber attacks.
Video: Cybersecurity woes in the U.S.
The incoming U.S. administration would be well advised to take the recent Democratic and Republican National Committee hacks seriously, Vectra CEO Hitesh Sheth tells CNBC. "We can safely assume that nation-state actors will continue their efforts to affect U.S. economic interests as well as our democratic and political processes."
What the infosec jobs sector will look like in 2017
Vectra CSO Gunter Ollmann says that experienced infosec employees are twice as valuable to the global market, demanding higher pay and improved roles. To retain them, organizations are offering “senior” titles and accompanying pay hikes. Meanwhile, the skills and job tasks between “junior” and “senior” remain unfulfilled.
Insurance claims for data breaches are on the rise
On news that data breach insurance claims are being made at a rate of over one a day, Matt Walmsley, Vectra EMEA director, says “By automating detection using the very latest self-learning security tools, and with it the response to an incident based on early indicators, many attacks can be nipped in the bud before they become costly incidents.”
Encrypt everthing. Don't let security be the reason you don't (and attackers do)
Chris Morales, head of security analytics at Vectra, says encrypted network traffic is having an impact on security that relies on deep packet inspection, whose efficacy degrades as more traffic is encrypted. Even worse, traditional security responses to handling encrypted traffic will suffer due to certificate and public key pinning built into applications.
Data breach claims are made at a rate of more than one a day
Matt Walmsley, EMEA director at Vectra , says that a rise in claims for digital theft and intrusions was taking place amid growing nation state-driven cyber crimes and the looming risk posed by GDPR compliance requirements and punitive fines. There is also growth in corporate cyber extortion using ransomware and malware.
Remain paranoid, err vigilant, with online security in 2017
There are a lot more tools necessary and available to combat the cyber threat, at the edge, at the endpoint and in between. “It is important to identify, develop and train associates who are motivated cyber warriors, and it is an ongoing process, due to the velocity of change," says Joe Duffey, CISO at Natixis Global Asset Management.
Hitesh Sheth, CEO at Vectra, outlines his top cybersecurity predictions for 2017. Attacks on the U.S will increase during Drumpf’s administration, new forms of ransomware will become a big headache for security response teams, data center attacks will increase, and firewall vulnerabilities will continue to be ignored.
What 2017 has in store for cybersecurity
Chris Morales, head of security analytics at Vectra, tells CSO that critical firewall vulnerabilities will continue to be ignored in 2017. According to the Shadow Server website, there are still more than 816,000 Cisco firewalls connected to the Internet that are vulnerable, undermining the inherent trust placed in firewalls.
AI: Revolutionizing the information security industry
Günter Ollmann, CSO at Vectra, explores how the information security industry is starved of experienced security workers and how it is proving detrimental to its advancement and exposing IT systems and Internet businesses to criminality and ransom. In the next 25 years, AI defense systems will unleash unimaginable ways to combat cyber threats.
InfoSec skills shorage: The No. 1 threat to Internet security
It is estimated that today there are over 1 million InfoSec positions unfilled – growing to over 1.5 million by 2019 – and more than 200,000 of those vacancies are in the U.S. This global shortage of expertise and experience lies at the very heart of the InfoSec world’s ability to respond to cyber attacks – affecting vendors and consumers alike.
Data center security – Is it safe?
Data centers are the main repository for digital assets and resources, and their high value makes them a target for attackers. But threats in the data center are relatively mature by the time they manifest. With more assets residing in data centers than ever before, how safe is it? Matt Walmsley, EMEA director at Vectra, explains.
Device agnostic IoT security
With more unmanaged and seldom-updated devices connecting to our networks, behavior-based security is an essential line of defense. It ensures that unusual activity and volume are quickly identified and addressed, and this can be done regardless of the device being targeted. Matt Walmsley, EMEA director at Vectra, makes the case.
Who's afraid of APT?
What can organizations who expect to be a target do about an APT? And how sure can anyone really be that they are ready to respond? Expecting the unexpected is a difficult task, says Matt Walmsley, EMEA director at Vectra, quite reasonably, although in terms of cyberattacks the truth is that prevention alone fails.
Hackers may go holiday shopping online, too
Employees who reuse credentials or shop from their work computers are at risk, says Chris Morales, head of security analytics at Vectra. Fake Best Buy or Amazon promotional emails could be a phishing attack infecting computers with ransomware or exploits to initiate a targeted cyber attack, while everyone is supposed to be enjoying holiday cheer.
US-Wahl 2016 und der Umgang mit Big Data
Große Daten-und Datenwissenschaften können verschiedene Arten von Prognosen zu erstellen. Das Brexit-Referendum und die US-Wahlen von 2016 führten zu zwei Ergebnissen, die sich stark von den vorhergesagten Ergebnissen unterschieden. David Pegna, Leiter der Data Science bei Vectra, erklärt, was Cyber-Sicherheit aus den großen Datenfehlern lernen kann.
Bigger walls won't keep data safe
For years, the security community focused on perimeter defenses, but ensuring all is well requires more than building a bigger wall. Hackers only need about 146 days to spy, spread and steal, according to Mike Banic, vice president of marketing at Vectra. And it only takes about three days for an attacker to gain administrative credentials.
Where cybercriminals go to buy your stolen data
Darknet website AlphaBay sells tens of thousands of items related to malware, exploits, hacked accounts, stolen credentials, and hacking services. Christopher Doman, a threat analyst at Vectra, talks about the AlphaBay market and forum and explains the various ways this information can be used for nefarious purposes.
Evaluating AI-powered threat detection technologies
Unlike signature-based detection systems, today’s AI-powered security technologies are rarely suited to a plug-it-in-and-watch-it-light-up evaluation strategy. They often include a mix of supervised and unsupervised machine learning, automated threat hunting, trained classifiers, and focus on reducing erroneous and unactionable alerts.
Compliance doesn’t equal security but it sure does help
As more business decisions rely on big data analytics, cybercriminals have greater incentive to pollute the incoming data to alter decisions or make them predictable so they can be monetized, says Vectra CTO Oliver Tavakoli. This can cause a hedge fund to buy or sell a stock. “Criminals can make large sums of money front-running the transaction.”
DHS hiring puts into question the cybersecurity skills shortage
"Everyone with a newly minted computer science degree is being encouraged to get into cybersecurity, as the lack of candidates is driving up salaries," says Vectra CSO Günter Ollmann. Although the U.S. Department of Homeland Security event "was pitched under the banner of cybersecurity, it is not clear what jobs were actually being filled."
What will the next ransomware note say?
In 2017, ransomware will be used with other techniques for blended attacks, says Vectra CSO Günter Ollmann. Despite ransomware detection improvements made in 2016, most organizations still do not have a sufficient offline backup strategy to restore files, whether the ransom is paid or the attacker provides the encryption key.
Cybersecurity predictions for 2017
Alex Waterman, senior director of product management at Vectra, predicts that cybercriminals will step up their efforts to use more vulnerable IoT devices to mount attacks and the tools published by the Shadow brokers hacking group will be used against the data center’s unprotected physical infrastructure.
Podcast: An all-out AI war is imminent in 2018
Vectra CEO Hitesh Sheth talks with Bloomberg Markets about the crucial role that artificial intelligence will play in detecting and responding to cyberattackers in 2018. It will be an AI war, with nation-state hackers and organized cybercriminals using their AI threat arsenal to attack organizations who use AI as a defensive weapon.
Security burnout: Avoidable or inevitable?
AI is the inevitable next phase in cybersecurity. What is avoidable, however, is security burnout. By implementing key business and professional-growth programs – and augmenting the work of security analysts with AI – organizations can greatly reduce the security burnout rate while nurturing and developing future security analysts.
Industry reactions to U.S. blaming North Korea for WannaCry
When WannaCry was first detected, we saw similarities in the code used for that ransomware attack with previous attacks attributed to North Korea, like the Sony hack. North Korea has been targeting banks directly with banking malware while using ransomware against other organizations to acquire a large volume of Bitcoin.
Savoir ce qui se passe vraiment sur SI: casse-tête du RSSI
AI propose désormais de plus en plus de fonctionnalités de sécurité, en commençant par la possibilité d'automatiser le traitement de ces volumes de données, alertes, gérables et intégrant des algorithmes d'apprentissage automatique détectant le comportement agresseur, explique Christophe Jolly, directeur France chez Vectra.
Emerging Tech Hub: Vectra hunts partners for threat detection platform
Vectra is hunting for channel partners in the UK after trebling its revenue in Q3, says Matt Walmsley, head of EMEA marketing. Vectra revenue jumped 294 percent in the third quarter this year, which Walmsley said was driven by a need for enterprises to address the detection gap that allows cybercriminals to easily breach networks.
How ready are you to stop an advanced attack?
In his latest installment in the CSO “Thinking Security” column, Vectra CTO Oliver Tavakoli explores the benefits of running red team exercises. Red team exercises enable organizations to understand how to respond when dealing with real-world advanced attacks and adapt to respond quickly to these threats.
AI is changing security ops: What security analysts need to know
The security operations center at Texas A&M serves 11 universities and seven state agencies. But with just seven full-time analysts and a risk-rich environment of 174,000 students and faculty, triaging security events was overwhelming, but with the help of Vectra Cognito, and it now takes 10-20 minutes to resolve an incident, on average.
Nation-state attackers shut down industrial plant with new ICS malware
"The IoT and IT/OT convergence is accelerated by the speed of business and the implementation of AI to drive decisions in ICS environments," says Chris Morales, Vectra head of security analytics. "In addition, more ICS devices are running commercial operating systems, exposing ICS systems to a wider swath of known vulnerabilities."
Triton framework used in industrial control attacks
"To gain access to the industrial control systems, the threat actor infected an SIS engineering workstation on what is supposed to be an isolated network," says Chris Morales, Vectra head of security analytics. "An infected laptop can be brought in by a contractor, connect to the network and spread to the controlled ICS environment."
Traffic to major tech firms rerouted to Russia
People who use Google, Apple, Facebook and Microsoft trust that their communication is secure because of the use of HTTPS, says Chris Morales, Vectra head of security analytics. But entities can manipulate the border gateway protocol to perform man-in-the-middle attacks and manipulate TLS/SSL encryption to eavesdrop on users.
Researchers untangle Patchwork gang's cyberespionage attacks
“The motivation of the attacker is always financial or competitive gain or theft of intellectual property,” says Chris Morales, Vectra head of security analytics. “The constantly changing landscape makes it nearly impossible to track cyberespionage organizations without a team of researchers focused on attribution.”
Oops...some HP laptops shipped with hidden keylogger
Keyloggers are an important weapon in the arsenal of cyberattackers, says Chris Morales, Vectra head of security analytics. "They're often used in the recon phase of targeted attacks to steal user credentials and other sensitive information that are used to compromise user accounts. Keyboard loggers are hard to spot with consumer anti-virus."
2018 security predictions: More hacks from everywhere
"Data exfiltration from cloud-based storage will accelerate," says Vectra CTO Oliver Tavakoli. "This will occur at the cross-section of IaaS and PaaS. And organizations will often have no idea that their data has been stolen. Virtual forms of traditional security products will be powerless to contain this threat."
HP fixes hidden, deactivated keylogger in 460 laptop models
"Why would a hardware vendor install this kind of software on their computers?" asks Chris Morales, head of security analytics at Vectra. "The key logger was a software development or test tool that should have been removed before the code was released. Any attacker could easily monitor everything a user does on their system.”
Bitcoin exchange NiceHash hacked as cryptocurrency hits new highs
"This NiceHash attack is reminiscent of the Carbanak heist in which the sophisticated attackers used the bank's own tools to steal their money," said Chris Morales, head of security analytics at Vectra. Morales says the most important security controls monitor internal traffic for the misuse of administrative credentials and administrative protocols.
Cyberthieves loot tens of millions in bitcoin from NiceHash cryptocurrency marketplace
“If you are risk averse, transfer deposits made to your bitcoin wallet to a hard currency account with a bank,” says Matt Walmsley, Vectra EMEA director. However, he added, "Many exchanges may limit the amount you can transfer in one instance and you may not be able to empty your account, so buyers beware.”
What is a botnet? And why they aren't going away anytime soon
"Consumers have no security controls to monitor botnet activity on their personal networks," Chris Morales, head of security analytics at Vectra, tells CSO magazine. "Security teams prioritize attacks targeting their own resources rather than attacks emanating from their network to external targets.”
What will be the single biggest security threat of 2018?
"Exfiltration of data from cloud-based storage will accelerate," says Matt Walmsley, Vectra EMEA director. "Infrastructure-as-a-service (IaaS) and platform-as-a-service (PaaS) attacks will see massive tranches of data from organizations being taken from the cloud, without IT/security team even knowing."
Künstliche Intelligenz für Cybersicherheit
Die Coop-Gruppe nutzt die auf KI basierende Cognito-Plattform von Vectra zur Erkennung von Cyberbedrohungen. Mit 2.476 Filialen und mehr als 85.000 Mitarbeitern ist Coop einer der größten Einzel- und Großhändler in der Schweiz.
Vectra ajoute du contexte avec le renseignement sur les menaces
Cognito de Vectra utilise AI pour analyser le comportement des hôtes, puis s'appuie sur des algorithmes d'apprentissage automatique pour détecter les cyberattaques cachées dans les réseaux, notamment pendant les phases de reconnaissance interne, de mouvement latéral et d'extraction de données.
Most UK Uber users and drivers caught up in data breach
"We're now at a time where artificial intelligence needs to be introduced to identify and respond to threats automatically and in real-time, a task that humans alone are simply incapable of performing at adequate scale and speed," says Matt Walmsley, Vectra EMEA director.
La machine auto-apprenante offre-t-elle une meilleure protection ?
“On ne consulte pas le contenu d'une boîte mail, mais le comportement du trafic sur un appareil et s'il s'agit ou non d'une tentative d'attaque," précise Chris Morales, responsable security analytics de Vectra. “On peut même constater des attaques sur un réseau crypté."
Vectra ajoute l'intégration d'intelligence de menace et les détections d'attaque d'Active Directory
Vectra intègre l'intelligence des menaces et les flux d'indicateurs de compromis (IoC) dans sa plateforme Cognito. La plateforme détecte également les activités de découverte d'attaquants ciblant les services Active Directory via LDAP et Kerberos.
Three lessons to learn from the Uber breach
Chris Morales, head of security analytics at Vectra, notes that the challenge is that traditional security and methods for internal data centers don't have the same visibility in cloud environments. "Companies like Uber who rely on cloud infrastructure need a security strategy with processes and tools that provide visibility into cloud attacks."
Uber data breach wrap-up: Experts’ opinions
"Normal security tools and methods built for internal data centers do not have the same visibility in cloud environments where your systems and data are sharing a neighborhood (the internet and cloud apps) with millions and millions of other people, both good and bad," says Chris Morales, Vectra head of security analytics.
Back to the future for 2019
"We will see an increase in the use of deep learning, such as recursive neural nets, that enable algorithms to continuously learn and evolve," says Chris Morales, head of security analytics at Vectra. "2019 will see deep learning become the best practice for detecting cyberattacks."
AI und Cyber Security im kommenden Jahr
"Geopolitische Spannungen und Handelskriege werden das Wachstum der kommerziellen Cyberspionage vorantreiben," sagt Gerard Bauer, Vizepräsident der EMEA-Region von Vectra. "Diese Angriffe werden von vielen Opferunternehmen nicht erkannt, da sie keine versteckten Bedrohungen in Netzwerken erkennen können."
Security holes at U.S. missile defense systems data centers shocks experts
The problem wasn't that the data centers lacked the authentication or encryption tools. "The controls existed but were not implemented and used equally and regularly," Chris Morales, head of security analytics at Vectra, says.
Best security software: How 25 cutting-edge tools tackle today's threats
The Vectra Cognito platform incorporates artificial intelligence (AI), deep machine learning and traffic monitoring into a tool that is able to detect threats that other programs miss, even if they are already entrenched inside a protected network.
Smartphones and the new cybersecurity threat
Chris Morales, head of security analytics at Vectra, says the biggest risk posed by mobile devices in a corporate network is malicious apps gaining access to enterprise data. Make sure mobile devices do not share network connectivity with critical infrastructure or systems with sensitive information.
Emotet-Malware: Hohe Schäden in Unternehmensnetzen
Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg alter Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cybersecurity-Konzepten beruhen.
Alphabet's VirusTotal: A security solution for your small business?
"VirusTotal provides value only if you have the necessary staff to extract value from it," says Oliver Tavakoli, chief technology officer at Vectra. "This is reflective of the fact that the VirusTotal data repository is of most value to large and expert IT security teams."
Cyberattacke auf Marriott-Hotelkette politisch motiviert?
"Dieser Cyberangriff ist eine Form der Spionage von Nationalstaaten", sagt Gerard Bauer, Vizepräsident von EMEA bei Vectra. "Der einzige Unterschied ist jetzt, dass es im Cyberspace passiert, anstatt in ein Gebäude einzubrechen und physische Dokumente zu stehlen."
As manufacturing moves into cyberspace, so do security threats
Vectra’s artificial intelligence-based platforms detected “a higher-than-normal rate of malicious internal reconnaissance behaviors” from attackers inside of manufacturers’ systems and that this “indicates that attackers are mapping-out manufacturing networks in search of critical assets to steal or damage.”
China suspected of massive Marriott data breach
"Hacks are getting bigger because the volume of data generated on the Internet every single day is so large," says Chris Morales, head of security analytics at Vectra. "Just like a user employs a search engine to get information, a cyber spy will search massive online databases for information."
Former Equifax CEO blamed for 'entirely preventable' data breach
"Prevention will never be 100%," says Chris Morales, head of security analytics at Vectra. "That is unrealistic. The report states the breach was entirely preventable. I don't believe that is true. It is the same notion as building a wall would stop the drug trade. The criminal build tunnels instead."
Clemson's cautionary cryptomining tale
“Cryptomining efforts are popular across higher education," according to a study published in March from Vectra. Vectra reported that 85% of cryptocurrency mining instances happened in higher education between August 2017 and January 2018, compared to just three percent in the technology sector.
Damning report on Equifax security failures is a lesson for all enterprises
"We can improve our ability to detect and respond to breaches by looking for the type of behaviors an attacker performs," says Chris Morales, head of security analytics at Vectra. "The most critical threat behaviors should be correlated with compromised hosts in real time before they become a problem."
Equifax breach was ‘entirely preventable,’ congressional report says
“It is a classic ‘could have, should have’ scenario,” says Chris Morales, head of security analytics at Vectra. “As long as a motive exists, attackers will continuously attempt to compromise networks until they succeed. The failure comes down to people and process, not necessarily technology."
Emotet-Malware verursacht schwere Schäden in Unternehmensnetzwerken
Für Gérard Bauer, Vizepräsident von EMEA bei Vectra, zeigt der Erfolg der "alten" Emotet-Malware eines der grundlegenden Probleme vieler IT-Sicherheitslösungen, die immer noch auf klassischen Cyber-Sicherheitskonzepten basieren.
UK spy agency joins NSA in sharing zero-day disclosure process
"Zero days are saved for the most critical needs," says Chris Morales, head of security analytics at Vectra. Most attackers don’t like to waste this type of knowledge when they can simply convince a user to give them access to their system instead."
The next big risk to your security is your child’s video-game habit
“Gaming has always been an arena for hacking and attacks,” says Chris Morales, head of security analytics at Vectra. “In today's competitive and financially lucrative gaming world, that means bypassing developer controls to gain a competitive advantage or disrupt other players.”
30 years ago, the Morris worm changed our view of cybersecurity
“Enterprises are unable to spot worm reconnaissance and lateral movement behaviors," says Matt Walmsley, EMEA director at Vectra. "Security analysts can't operate at the speed and scale required to manually identify the threat and close down their lines of communication and movement."
Marriott reconnaît une brèche affectant 500 millions de clients
"Disposer de systèmes qui surveillent le comportement d'exfiltration plutôt que d'essayer d'inspecter les charges utiles de données peut être un moyen de relever ce défi," déclare Gregory Cardiet de Vectra. "La détection de ces comportements à un stade précoce est essentielle."
Marriott: Quelles conséquences de la violation de données de 500 millions de clients?
"La réponse aux incidents prend trop de temps et, dans de nombreux cas, les équipes de sécurité tentent de comprendre ce qui s'est passé et comment l'empêcher de se reproduire plutôt que de détecter et d'intervenir tôt dans le cycle de l'attaque pour éviter le vol et les dommages," a déclaré Gregory Cardiet. un expert en cybersécurité chez Vectra.
AI companies race to get upper hand in cybersecurity before hackers do
To detect cyberthreats, their AI software sifts through massive stores of computer network data. Wall Street analysts are eyeballing and a handful of other private firms. With AI tools, the new AI companies are taking customers away from cybersecurity industry incumbents, analysts say.
500 Millionen Datensätze bei Marriott ausgecheckt
"Was die Datenschutzverletzung selbst anbelangt, war die Exfiltration der Daten innerhalb der Verschlüsselung möglicherweise ein Versuch, Sicherheitskontrollen wie Systeme zum Schutz vor Datenverlust zu umgehen", sagt Gerard Bauer, Vizepräsident der EMEA.
Violation massive de données des clients Starwood
"Les attaquants avancent lentement et par étapes pour obtenir des privilèges et adopter une variété de comportements avant d’accéder aux données souhaitées, de les exfiltrer," explique Gregory Cardiet, expert en cybersécurité chez Vectra. "La détection de ces comportements à un stade précoce est essentielle."
500 millions de clients des hôtels Marriott piratés
"Si les dates sont vraies, entre la date de détection initiale ou le 8 septembre 2018 et la divulgation publique de la faute, l'exigence de notification GDPR de 72 heures était très loin d'être respectée," déclare Gregory Cardiet, expert en cybersécurité chez Vectra.
Marriott Starwood data breach details: What was taken?
Incident response continues to take too long as security teams try to figure out what happened and how do we stop it happening again, says Chris Morales, head of security analytics at Vectra. "It's important to spot and close down an attacker earlier in its lifecycle to minimize or stop a breach from occurring."
Should you use a VPN for security? Experts weight in
“Think carefully about the VPN provider you use. Many of the free VPN providers are in the business of monetizing your personal data to pay for their services," says Chris Morales, the head of security analytics at Vectra.
Digital Health’s review of 2019 part one: January to June
A Vectra 2019 Spotlight Report on Healthcare found ransomware attacks are becoming less prevalent as cyber criminals look to new ways of attacking a system.
Top 25 AI startups who raised the most money in 2019
Vectra AI - Raised $100M from a Series E round on June 10th.
Santa and the zero-trust model: A Christmas story
How would the world's most generous elf operate in a world of zero-trust security? A group of cybersecurity experts lets us know.
2019 Tech advances
A zero-trust architecture fundamentally distrusts all entities in a network and does not allow any access to resources until an entity has been authenticated and authorized to use that specific resource, i.e. trusted.
5 Security operations and analytics trends to watch in 2020
According to ESG research, 36% of organizations are actively integrating disparate security analytics and operations tools in pursuit of a more cohesive security technology architecture.
The 10 biggest cybersecurity news stories of 2019
Vectra closed a $100 million round led by TCV, bringing the company’s overall haul to $222.5 million since being founded nine years ago.
Cybersecurity: artificial intelligence will not (immediately) replace humans
The frantic pace at which the adoption of artificial intelligence (AI) has grown in recent years is starting to have transformative effects in many areas.
Findings from the Vectra 2018 Security Spotlight Report on the financial service sector identified vulnerabilities posed to financial services organizations by attackers using hidden tunnels to surreptitiously access and steal data.
Vectra’s EMEA director questions AI: Hype or reality for today’s challenges?
AI is augmenting security analysts and also making a considerable contribution to bridging the cyber skills and resource gap by allowing less experienced analysts to enter the profession and achieve more, more quickly.
Artificial intelligence as a weapon for hackers
Vectra’s Cognito platform uses AI to detect cyber attacks in real-time. Combining human intelligence, data science, and machine learning, Cognito automates tasks that are normally done by security analysts and greatly reduces the work that’s required to carry out threat investigations.
2019's biggest Australian channel job moves
Network security vendor Vectra tapped former Telstra channel exec Dee Clinton as its Asia-Pacifc channel chief.
Why humans remain at the core of good security operations
The use of AI in cybersecurity not only expands the scope of what a single security expert is able to monitor, but importantly, it also enables the discovery of attacks that would have otherwise been undetectable by a human.
Mergers and acquisitions: Cybersecurity risks
In mergers and acquisitions, cyber risk management should not be confined to a paragraph of the contract announcing the devaluation of the company absorbed, if there is an attack.
Ring camera hacker uses home security systems to spew racial slurs at Florida family
Matt Walmsley, a director at cybersecurity and artificial intelligence firm Vectra, told Newsweek password integrity "seems to be a significant factor in this disturbing case."
New approach needed following DDoS attacks
Matt Walmsley, Head of EMEA Marketing at Vectra, says extortion is a well-established approach for cyber criminals and is used through tactics that include threatening denial of service, doxing, and ransomware.
How commodities firm ED&F Man solved its threat detection challenges
After a minor server breach, leading commodities trader turned to Vectra’s Cognito service to expose hidden threats, spot privilege misuse, and conduct conclusive investigations.
How can firms use Remote Desktop Protocol without leaving the door open for cybercriminals?
Recent research conducted by Vectra sought to quantify the threat, finding that nine out of ten organizations have experienced some form of malicious RDP behavior.
Vectra comments on the international crackdown of IM-RATs
‘Remote Access Trojans (RATs) are an insidious set of attacker tools that invade our systems, data and privacy. With so much legitimate remote access happening across our networks and hosts, there’s plenty of opportunity for RATs to operate undiscovered as they hide in plain sight.
CISA pushing U.S. agencies to adopt vulnerability disclosure policies
“Public vulnerability disclosure should be a basic practice for every company, not just government agencies,” Chris Morales, head of security analytics at Vectra.
ED&F Man uses AI to protect its network
The Cognito Privileged Access Analytics module has also been deployed to monitor the actions of privileged accounts.
12 Black Friday scams to watch out for
If you've never heard of a third-party website, avoid signing up for it, said Chris Morales, head of security analytics at Vectra.
Black Friday & cyber Monday security tips
KTVU's Alex Savidge spoke to Chris Morales, head of security analytics at San Jose based Vectra about online safety tips this holiday shopping season.
How Essilor gains visibility on its network
The eyeglass lens specialist decided to rely on Vectra's solution to gain global visibility into its information system, with a view to setting up a global security operational center.
ED&F Man transforms threat detection and investigation
ED&F Man selected the Cognito network detection and response platform from Vectra to expose attackers hidden inside its network, spot privilege misuse and perform conclusive incident investigations.
Kawasaki Heavy Industries, a Partner of Defense Companies and Agencies, Reports Breach
Managing access control and data permissions is difficult without a proper understanding of the who, what, and where of data access models. To truly understand data flow and access, organizations need to observe privilege based on real world activity and assess the access that does occur. This would allow an organization to differentiate between what should and should not occur.
Cyber Attack, Terrorism, Theft and Scams: Threats to Covid-19 Vaccines
La France a mis en place un protocole sécuritaire très strict afin d’acheminer et stocker ces vaccins en France, alors que la menace qui plane sur ces antidotes au coronavirus est protéiforme.
Critical Flaws Put Dell Wyse Thin Client Devices at Risk
Researchers at the security firm CyberMDX have uncovered two significant vulnerabilities in certain Dell Wyse thin client devices that, if exploited, could enable threat actors to remotely run malicious code and access files on affected devices.
SolarWinds hack: Security experts weigh in on US cyber-attack
The SolarWinds hack, which is reportedly being link to Russia, is shaping up to be the biggest cyber-attack this year. The attack targeted the US government, its agencies and several other private companies. It was first discovered by cybersecurity firm FireEye, and since then more developments are being reported each day.
Highly Skilled Hackers Breach US Agencies and Private Companies
United States officials have blamed Russian hackers for recent breaches at federal agencies, companies, and high-profile cybersecurity vendor FireEye, with the malicious activity appearing to come from highly skilled attackers. "Attackers could also set up automated workflows to consolidate all the activities and run them autonomously while quietly exfiltrating data," Vectra's Matt Walmsley shares.
The 25 Best Cyber Security Books — Recommendations from the Experts
While all of these things together sound like the makings of a best-selling fiction novel, the cyber security industry – and all of the threats and dangers that exist within it – is all too real. That’s one reason why cybersecurity books make for some pretty interesting reading both in terms of academics and entertainment. Hashed Out reached out to many IT and cyber security experts within the industry to inquire about their favorite books on cyber security and create a comprehensive list of the “best cyber security books.”
Vectra and Baidam to offer cybersecurity scholarships for Indigenous peoples
Vectra AI has formed a new partnership with Baidam Solutions. This partnership provides First Nations’ people with scholarships, a full education and technical skills to combat the rise in cyberattacks against businesses, government and infrastructure.
5 NDR Vendors to Watch in 2021
Solutions Review’s NDR Vendors to Watch is an annual listing of solution providers we believe are worth monitoring. Companies are commonly included if they demonstrate a product roadmap aligning with our meta-analysis of the marketplace. Other criteria include recent and significant funding, talent acquisition, a disruptive or innovative new technology or product, or inclusion in a major analyst publication.
The SolarWinds Perfect Storm: Default Password, Access Sales and More
A perfect storm may have come together to make SolarWinds such a successful attack vector for the global supply-chain cyberattack discovered this week. Researchers said that includes its use of a default password (“SolarWinds123”) that gave attackers an open door into its software-updating mechanism; and, SolarWinds’ deep visibility into customer networks.
SolarWinds Cyberattack Likely Affected Thousands Worldwide
Vectra's Matt Walmsley comments on the recent SolarWinds breach, discussing how security teams need to drastically reduce the overall risk of a breach by gaining instant visibility and understanding of who and what is accessing data or changing configurations, regardless of how they are doing it, and from where.
Cyber Experts Weigh-In on FireEye Breach, SolarWinds Supply Chain Attack
The recent supply chain attack, which has affected around 18,000 SolarWinds Orion customers, is thought to have been executed by a sophisticated nation-state threat actor. Vectra's Matt Walmsley says that IT administrators and security teams have access to highly privileged credentials as part of their legitimate work. Attacking the digital supply chain of their software tools is an attempt to gain penetration and persistence right at the heart of their operations, gain privileged access and to provide springboard out across their digital hybrid-cloud enterprise.
US Treasury, Commerce Departments Hacked
A number of key US government departments have been hacked, with concern that the attack has allowed a foreign power to monitor American government communication.
A Safe Return to Office May Mean Higher Burden for Companies to Collect, Protect Medical Data
For many businesses, recovery from the pandemic fallout hinges in part on employees working safely and virus-free outside their homes. That leaves organizations facing the very real possibility that they will serve as both trackers and guardians of health data to ensure the safety of employees.
Here Are the Critical Responses Required of All Businesses After SolarWinds Supply-Chain Hack
SolarWinds estimates that between last March and June, roughly 18,000 user organizations downloaded updates of its Orion software that Russian APT actors allegedly corrupted with Sunburst backdoor malware. John Mancini, senior product manager at Vectra, said that a core point of the DHS’ guidance for remediating the SolarWinds hack is to analyze for any listed indicators of compromise and then “identify potential behaviors in metadata that may be related to the compromise.”
Email Systems Breached at the US Treasury and Commerce Departments
Hackers working on behalf a foreign government are believed to be behind a highly sophisticated attack into a range of key government networks, including in the Treasury and Commerce Departments, and other agencies. The hackers had free access to their email systems.
Cybersecurity in 2021: 5 Trends Security Pros Need to Know
With 2021 fast approaching, cybersecurity experts and analysts note that cybersecurity will continue to evolve even as most of the world enters a post-COVID-19 era, with cybercriminals, threat actors and nation-state hackers ready to take advantage of whatever may happen next. This will keep CISOs, their security teams, as well as their counterparts in IT, trying to catch up and stay ahead.
18,000 Organizations Possibly Compromised in Massive Supply-Chain Cyberattack
In what may well turn out to be one of the most significant supply-chain attacks in recent years, a likely nation-state backed group compromised systems at SolarWinds and inserted malware into updates of the company's widely used Orion network management products that were released between March and June 2020. Matt Walmsley, EMEA director at Vectra, says the attackers likely manipulated Security Assertion Mark-up Language (SAML) authentication tokens used in Single Sign On to try and escalate privileges in the early stages of the campaign.
Hackers breach US agencies, Homeland Security a reported target
The US Department of Homeland Security was the third federal department to be targeted in a major cyberattack, US media reported Monday, a day after Washington revealed the hack which may have been coordinated by a foreign government.
Hackers breach US agencies, Homeland Security a reported target
Cyberespionnage des Agences US : comment les attaquants compromettent les comptes Microsoft 365 commente Vectra
L’Agence de cybersécurité et de sécurité des infrastructures (CISA) du gouvernement américain a publié une directive d’urgence appelant « toutes les agences fédérales américaines à examiner leurs réseaux à la recherche d’indicateurs de compromission et à déconnecter ou éteindre immédiatement les produits SolarWinds Orion ».
Hackers breach US agencies, Homeland Security a reported target
SolarWinds over the weekend admitted that hackers had exploited a backdoor in an update of some of its software released between March and June. The hacks are part of a wider campaign that also hit major cybersecurity firm FireEye, which said its own defenses had been breached by sophisticated attackers who stole tools used to test customers' computer systems.
The next big thing in security
Oliver Tavakoli, our CTO, shares his thoughts on the upcoming cybersecurity trends to watch.
How Worried Should I Be About My Password Being Compromised, Stolen In A Data Breach? Experts Say This
After a major data breach, do criminals actually have your password even if it has been encrypted? Companies have various ways of encrypting passwords. There are also techniques called salting and hashing. The upshot is, the average user will not take the time to find out how the affected company does their encrypting—or hashing or salting for that matter.
Why accelerated cloud adoption exposes organisations to security risk
Chris Fisher, Vectra's director of security engineering APJ, shares that as our reliance on technology grows exponentially, so does the need for robust cybersecurity to protect users and keep data and business operations safe from hackers.
IoT Cybersecurity Improvement Act Signed Into Law
The IoT Cybersecurity Improvement Act has been officially signed into law. The bipartisan legislation, sponsored by Reps. Robin Kelly, D-Ill., and Will Hurd, R-Texas, and Sens. Mark Warner, D-Va., and Cory Gardner, R-Colo., requires that any IoT device purchased with government money meet minimum security standards.
Wake-up call required to defend APAC’s critical national infrastructure
Chris Fisher, our Director of Security Engineering APJ, discusses how public and private sector organisations – from government and military to banking, energy and transportation – have become digital-centric to seek economic savings, productivity gains and to create customer and citizen value.
Cybercrime Money Launderer Handed 11-Year Sentence
A dual U.S.-Canadian national has been sentenced to more than 11 years in federal prison for conspiring to launder tens of millions of dollars in wire and bank fraud schemes, according to the U.S. Department of Justice. Officials say the activity included cash-out scams for North Korean hackers, including the criminal gang Lazarus Group, which has been associated with a military unit for the authoritarian regime.
REvil Ransomware Group Resurfaces After Two Months Away
It was a short hiatus for the REvil ransomware group that signed off in July following several high-profile attacks by the Russia-based crew on such companies as global meat processor JBS and tech services provider Kaseya.
Protecting Asia Pacific’s supply chain from cyber risk
Over the course of the pandemic, one of the biggest disruptions the world faced was to critical national infrastructure, specifically supply chains. Border and port closures, mandated work from home policies, and severe shortages of citizen essential products including PPE and pharmaceuticals, have highlighted vulnerabilities in production, supply, and logistics. Asia is now experiencing a renewed surge in Covid-19 infections, which continues to impact supply chains across the world and manufacturers are yet again faced with complexities.
NTFS Support in New Linux Kernel Promises to Make New Release More Cryptographically Sound
Based on industry reports over the past few days, it appears that Paragon Software will include its New Technology File System 3 (NTFS3) kernel driver in the recent Linux Kernel 5.15 release, which promises improved support for Microsoft's NTFS file system.
Is having many partners always better?
Microsoft has a sizeable global channel that raises the question of whether that is the model that all vendors should be aspiring to follow.
DHS Announces Two Senior Cybersecurity Appointments
The United States Department of Homeland Security (DHS) has announced two senior cybersecurity appointments.
DHS Announces David Larrimore as CTO
David Larrimore has been named chief technology officer for DHS, a role he previously held at Immigration and Customs Enforcement between 2016 and 2019. Between federal appointments, Larrimore was lead solution engineer at Salesforce.
Behind the Firewall: What to Do if Your Vendor Has a Security Incident
A vendor with a checkered security incident past is not automatically disqualified from future contracts. Rather, there is a playbook for due diligence.
LockFile Ransomware Using New Techniques to Evade Detection
The operators of LockFile ransomware have adopted new techniques, including "intermittent encryption," to help evade detection, according to cybersecurity firm Sophos.
CISA: Examine Cybersecurity Posture Ahead of Labor Day Holiday
The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) have observed an increase in highly impactful ransomware attacks occurring on holidays and weekends—when offices are customarily closed—in the United States, as recently as the Fourth of July holiday in 2021.
FBI and CISA Issue Warning for Labor Day Holiday
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) published a new cybersecurity advisory to highlight precautions and mitigation steps that public and private sector organizations can take to reduce their risk to ransomware and other cyber attacks, specifically leading up to holidays and weekends.
CISA Warns of Holiday Ransomware Attacks
Citing damaging ransomware attacks that it, along with the FBI, has observed over recent holidays, the Cybersecurity and Infrastructure Security Agency issued an alert warning organizations to be prepared as the Labor Day holiday nears.
LockBit Jumps Its Own Countdown, Publishes Bangkok Air Files
After Bangkok Airways disclosed that it had been clobbered by a cyberattack last week, the LockBit 2.0 ransomware gang tossed its own countdown clock in the trash and went ahead and published what it claims are the airline’s encrypted files on its leak site.
LockFile Ransomware Uses Unique Methods to Avoid Detection
The LockFile ransomware family has made an impression in the relatively short amount of time it’s been around. The malware garnered a lot of attention over the past several months after being detected exploiting high-profile Microsoft vulnerabilities dubbed ProxyShell and PetitPortam.
Cloud technologies omnipresent with ICS operations
New research released by Nozomi Networks in tandem with SANS found that 91% of respondents are using cloud technologies to directly support some aspect of industrial control system (ICS) operations.
Defending SEA’s critical national infrastructure from cyber threats
Public and private sector organisations – from government and military to banking, energy and transportation – have become digital-centric to seek economic savings, productivity gains and to create customer and citizen value.
Audit: USAID Needs to Enhance Data Protections
Despite security improvements over the last seven years, the U.S. Agency for International Development - USAID - needs to better protect the large amounts of personal identifiable data - such as Social Security numbers - that the agency collects, according to an inspector general's audit.
Kaseya Obtains Universal Decryptor for REvil Ransomware
Kaseya has obtained a master decryptor key for the REvil ransomware that locked up the systems of at least 60 of its customers in a spate of worldwide cyberattacks on July 2.
Company Data Hoards Create Tempting Targets for Hackers
The hoards of consumer information that companies collect multiply the damaging effects of data breaches, lawyers and cybersecurity specialists say. In an estimated 1,700 publicly reported data breaches during the first half of 2021, more than 18 billion pieces of information have been exposed, according to research from cybersecurity company Risk Based Security Inc.
Vectra AI reveals cybersecurity blind spots in PaaS and IaaS environments with security survey
As Digital Transformation efforts continue, the survey found that AWS is becoming an even more critical component to organisations that are regularly deploying new workloads, leveraging deployments in multiple regions and are relying on more than one AWS service.
T-Mobile’s Repeated Security Blunders Yield Lessons for Rivals
The scope of a cyberattack at T-Mobile US keeps growing, as the operator today confirmed personal data on at least 54 million people was exposed and stolen. It pegged the number of people affected at nearly 49 million people earlier this week.
Accenture Downplays the LockBit Ransomware Attack That Reportedly Encrypted 2,500 Computers, Leaking 6 Terabytes of Data
Accenture suffered a LockBit ransomware attack that reportedly encrypted at least 2,500 computers and leaked client information.
Government Report Finds Census Bureau Hacked But Data Not Stolen
The U.S. Census Bureau was targeted by a cyberattack last year that compromised some systems but did not result in the theft of census data, according to a new report from the Office of the Inspector General.
US Census Bureau Cyberattack Was Unsuccessful
According to a watchdog report, U.S. Census Bureau computer servers were exploited in January 2020 during a cybersecurity attack, but hackers’ attempts to keep access to the system were unsuccessful.
Cyber Conflict Overshadowed a Major Government Ransomware Alert
The FBI warns that ransomware targets are no longer predictably the biggest, richest organizations, and that attackers have leveled up to victimize organizations of all sizes.
Latest T-Mobile Data Breach Has Some Wondering ‘How Lapsus$ Got Access in the First Place’
Security experts react following the latest T-Mobile Data Breach.
Vectra Research Exposes Cybersecurity Health Crisis
Vectra AI released a new Security Workforce report highlighting how mounting pressure on security professionals is creating a health crisis in cybersecurity.
First Malware Targeting AWS Lambda Serverless Cloud Environment Discovered
Researchers reported on the first publicly known case of malware specifically designed to execute in an AWS Lambda environment.
Techniques for Ransomware Detection
With ransomware being so prevalent, what should organizations be doing to detect it, mitigate its impact, and prevent any future attacks?
FBI Warns of Cyberattacks Using AvosLocker Ransomware
The AvosLocker Ransomware as a Service (RaaS) group has targeted critical infrastructure sectors in the US, such as financial services, manufacturing and government facilities, the FBI said.
How To Avoid Getting Hacked
Aaron Turner, VP of SaaS Posture at Vectra sits down with ABC 4 Utah to explain how Vectra is able transfer the best cybersecurity knowledge to a company in a really repeatable way.
Steve Cottrell, EMEA CTO at Vectra AI, on cyber threats
Steve Cottrell, EMEA Chief Technology Officer at Vectra AI, spoke to Technology magazine about how it helps businesses facing increasing cyber threats
Hard Truths from Ukraine: The Government Cannot Save us in Cyberwar
Vectra CEO, Hitesh Sheth explains how no intelligence agency is certain how the cyber dimension of the Ukraine conflict will evolve.
Tuckers Solicitors ICO Fine
Steve Cottrell, EMEA CTO at Vectra AI, comments about the fine issued by the ICO to Tuckers Sollicitors.
Only 16% of Organizations Have Comprehensive DevSecOps in Place
A cloud security report found that only 16% of respondents have comprehensive DevSecOps in place, while some 37% are starting to incorporate some aspect of DevSecOps within their organizations.
CRN: Coolest Network Security Companies of 2022
A look at 20 network security vendors offering everything from log filtering and encrypted traffic visibility to containerized firewalls and SD-WAN.
Reacting with Confidence to a New Trojan Horse Cyber Threat
Vectra CEO, Hitesh Sheth explains how AI has become pervasive—and increasingly important to our quality of life while it's also making an impact on today’s cyber landscape.
Defending Against Modern Ransomware Tactics
Ransomware gangs are continuing to evolve new tactics and techniques, and organizations need to be better prepared to defend against them in 2022.