Cybersecurity

Acronis Releases a Free, AI-based Ransomware Protection Tool

Grazed from Acronis

Acronis, a global leader in hybrid cloud data protection and storage, today released Acronis Ransomware Protection, a free, stand-alone version of its unique AI-based Acronis Active Protection technology, which stops ransomware attacks in real-time and helps users to recover data without paying the ransom.

Recent ransomware attacks exposed the vulnerability of endpoint devices, showing that new strains of ransomware can easily bypass traditional anti-virus software to encrypt user data. Acronis Ransomware Protection provides an additional level of defense that can be used together with other data protection solutions already installed on the device, such as anti-virus and backup software. It monitors system processes in real-time to automatically detect and stop the attacks other solutions can't. In event of a ransomware attack, Acronis Ransomware Protection blocks the malicious process and notifies the user with a popup. If any files were damaged in the attack, it facilitates the instant recovery of those affected files.

Carbon Black Announces Cb ThreatSight, the Latest Cybersecurity Innovation Powered by the Cb Predictive Security Cloud

Grazed from Carbon Black

Cb ThreatSight leverages the PSC to provide customers with a managed threat hunting service, which simplifies alert management to prioritize and streamline the validation of important alerts. The service is staffed by top threat experts who keep constant watch over an organization's environment, alert teams to emerging threats, and provide access to critical security services when they are needed most.

As the global threat landscape accelerates, security teams often worry an attack will slip through. Compounding this issue is a scarcity of cybersecurity staffing and expertise. Many organizations, especially SMBs, lack dedicated security professionals to investigate and respond to the flood of alerts and attacks they face. Even skilled professionals miss important alerts in their own environments (or trending threats in the public realm) because they are so resource constrained.

With Cb ThreatSight, organizations can better understand context surrounding alerts, ensure the most important alerts are adequately addressed, and earn peace of mind, knowing they are protected by some of the world's best threat hunters.

 

How To Maintain Reliable And Secure Technology

Maintaining and managing secure, efficient and reliable technology means considering a great number of factors. Your business operates in a high-velocity environment. To ensure your business will continue to thrive and grow each day, it is important to select and maintain the right technology platforms for your business. Enterprise security is an aspect that allows security professionals to understand the bigger picture of your business. In doing so, they will need to enhance the effectiveness across your business strategy.

Making sure that your company is secure from all points of view is a key aspect for every business owner. There are a variety of elements that should be kept in mind while doing so. Ensuring that your data is secure should be a high priority for everyone. As data is at the core of every business, people need to remember that not being able to protect it against all threats could potentially lead to ending the activity of a business. Moreover, business owners should aim to create a scalable, sustainable and stable technology.

Security

Ping Identity Predicts Proliferation of Blockchain Identities and Death of Knowledge-Based Authentication

Grazed from Ping Identity

Ping Identity, the leader in Identity Defined Security, has unveiled its top five cybersecurity predictions for 2018, authored by its CTO office. These include advances in biometrics, the mass exposure of personally identifiable information from numerous data breaches, and a blockchain craze in 2018.

"With rampant data breaches in 2017 targeting victims from consumers and enterprises to politicians and nation states, the protection of personally identifiable information has never been more important," said Patrick Harding, CTO, Ping Identity. "While new threats will continue to emerge, 2018 looks promising for advancements and innovation in cybersecurity."

The following highlights Ping Identity's top five cybersecurity predictions for 2018:

Eastwind Networks Unveils SaaS Platform for Expanded Cyber Terrain Monitoring

Grazed from Eastwind Networks

Eastwind Networks, the cybersecurity solutions and breach analytics cloud platform, announced today the release and immediate availability of Eastwind for SaaS.

This addition to Eastwind's product line provides complete visibility for companies using online services, such as, G Suite, Office 365, Dropbox, Box and Salesforce.

"The ability to respond to a breach reaches well beyond corporate networks and databases with the sprawl of modern technology integrations," said Paul Kraus, CEO, Eastwind Networks. "Eastwind's SaaS offering enables enterprises to unify visibility by gathering and analyzing cloud telemetry from multiple SaaS providers so businesses can embrace new technologies while ensuring complete security of their cyber terrain."

As companies continue to integrate cloud services into their workflows, Eastwind for SaaS provides a full spectrum security platform. The solution integrates collection, analysis and enrichment of telemetry data from hosted applications into the workflow and hunt patterns of cyber threat incident responders. Benefits include:

Poor Security Practices Put Cloud-Driven Business Growth and Cost Savings at Risk

Grazed from Kaspersky Lab

According to new research from Kaspersky Lab, 35 percent of businesses admit that they are unsure if certain pieces of corporate information are stored on company servers or on those of their cloud providers. Businesses are rapidly adopting cloud-based services to leverage cost savings, but the new report shows that this is leaving them unable to safeguard and account for business data, which puts them at risk to the effects of a potential third-party data breach.

Cloud services are enabling companies to take advantage of key technologies to support day-to-day operations and growth plans - without having to worry about maintenance or a hefty price tag. Therefore, it's no surprise that 78 percent of businesses are already using at least one Software-as-a-Service (SaaS) based platform, and nearly the same amount (75%) are also planning to move more applications to the cloud in the future. When it comes to Infrastructure as a service (IaaS), nearly half (49%) of enterprises and 45 percent of SMBs are looking to outsource IT infrastructure and processes to third-parties.

 

Armor Spartan Platform Delivers Protection for Cloud Workloads, Leverages Amazon GuardDuty for Increased Detection and Response

Grazed from Armor

Armor today announced significant advancements in Spartan, the industry's first threat prevention and response platform for private, hybrid and public cloud environments including AWS and Azure. These enhancements enable businesses of all sizes to accelerate the pace of preventing, detecting and eliminating cyber threats in any cloud or on-premise environment. Clients can now leverage features to uncover hidden threats missed by traditional solutions, make faster more accurate decisions to eliminate threats, and gain on-demand access to highly experienced HIPAA, PCI compliance experts. 

"I am very excited that the public cloud providers continue to take security seriously and continue to expose more capabilities like GuardDuty," said founder and CEO, Chris Drake, Armor. "These capabilities allow for Armor to continue to gather more detail from the AWS cloud, allowing us to better identify and remediate threats on behalf of our clients. Due to the power of automation, there will be a day in the not-so-distant future that the public cloud will be seen as the most secure option for IT. Security integration and automation allows cybersecurity professionals to focus on important activities and not be burdened by managing legacy IT security approaches."

Splunk Announces New Integrations with Amazon Kinesis Firehose and Amazon GuardDuty

Grazed from Splunk

Splunk Inc., today announced new product integrations with Amazon Web Services (AWS) that span IT, Security, Big Data and IoT use cases. Integrations with Amazon Kinesis Firehose, the first partner integration of its kind, and Amazon GuardDuty deliver Splunk's commitment to continuous innovation for customers. Customers are already leveraging the Amazon Kinesis Firehose integration to stream AWS data into Splunk solutions to manage and enhance their IT and security environments.

"The new integrations make it even easier for Splunk users from IT, marketing, sales, operations and beyond to access and turn AWS data into answers in Splunk Enterprise and Splunk Cloud," said Richard Campione, chief product officer, Splunk. "Splunk is committed to providing a holistic set of AWS integrations that scale to meet our customers' requirements across every use case in IT, Security, Big Data and IoT. The ultimate goal is to provide our joint customers with end-to-end visibility across their entire infrastructure to empower them to make timely, data-driven business decisions."

Trend Micro Acquires Immunio and Expands Hybrid Cloud Security for DevOps Lifecycle

Grazed from Trend Micro Incorporated

As companies build and deploy applications faster across everything from cloud to containers, any drag on the DevOps lifecycle can create drag on an entire business. In response to this, Trend Micro Incorporated, a global leader in cybersecurity solutions, today announced the expansion of its Hybrid Cloud Security solution scope. New capabilities, attained through a combination of acquiring Montréal, Canada-based Immunio and in-house development, increase the automated protection that Trend Micro can provide throughout the DevOps lifecycle. These capabilities will be demonstrated at AWS re:Invent 2017 in Las Vegas, Nov. 27 through Dec. 1 (booth#1812). 

 

Future Hosting Warns Server Admins To Keep SSH Keys Safe

Grazed from Future Hosting

Future Hosting, a global managed server hosting provider, has warned server hosting clients not to upload private SSH keys to production servers. The warning was prompted by a rapid increase in the number of malicious scans that attempt to discover accidentally uploaded SSH keys (as reported by WordFence on October 18, 2017).

If SSH private keys fall into the hands of malicious third parties, they can be used to compromise servers and the data stored on them. Private keys can be accidentally uploaded to the publicly accessible directories of web servers, and it is trivially easy for a malicious third-party to scan for private keys in those directories.

Future Hosting advises server hosting clients to use passphrases with their SSH key pairs. Using passphrases may be inconvenient, but a key pair with a passphrase is useless to an attacker even if the private key is made public.