About Us

OPSWAT launched MetaDefender Kiosk K2100 to protect critical networks in harsh environments 

OPSWAT unveiled the MetaDefender Kiosk K2100, a brand-new, incredibly tough mobile kiosk created to protect crucial networks under even the worst circumstances. Many industries rely on operational technology (OT) and industrial control systems (ICS), but they are frequently isolated via air-gapped networks. As a result, OT personnel must rely on removable media to install updates, perform audits, and transfer data. 

However, if not properly managed, these removable media devices can introduce potential vulnerabilities and malware that can then spread throughout the network. Before entering or leaving a secure environment, the MetaDefender Kiosk acts as a digital security guard, inspecting all media for malware, vulnerabilities, and sensitive data. 

Sid Snitkin, VP, Cybersecurity Services at ARC Advisory Group stated, “OPSWAT has a deep understanding of the challenges OT security teams face. I am impressed with the comprehensive suite of security solutions and services the company offers to address those challenges, and I’m excited that our ARC Industry Leadership Forum attendees will get to experience it firsthand.” 

The ruggedized military-grade solution enables the secure use of portable and removable media in all conditions and environments. Like the other MetaDefender Kiosk models, the K2100 was constructed using the best cyber-threat prevention technologies from OPSWAT, such as multiscanning with over 30 anti-malware engines, file vulnerability assessment and compliance checks. 

Pete Lund, VP of Products, OT Security of OPSWAT commented, “I am pleased to unveil the mobile iteration of our MetaDefender Kiosk. Critical infrastructure operators and security professionals are faced with both demanding environmental conditions and protecting critical systems against uncontrolled removable media and malware. The new MetaDefender Kiosk 2100 operates in the most challenging environments. It is built to withstand rain, dust, vibrations, and more – and most importantly easily, in full gear and gloves.” 

Hornetsecurity has released two tools to combat phishing attacks and malicious links 

Hornetsecurity has released two new tools to combat growing cyber threats: the QR Code Analyzer and Secure Links. These launches are in response to an increase in fake QR codes and the ongoing threat of phishing, which accounts for 40% of all cyber threats. 

Hornetsecurity has also released a new automated mailbox migration solution that enables partners to deploy and operate Microsoft 365 in the cloud for their customers in an efficient and secure manner – while remaining secure from cyberattacks. Furthermore, it has simplified its partner program to allow partners to work equally and centrally on projects and MSP business. 

Daniel Hofmann, CEO of Hornetsecurity stated, “Hornetsecurity is committed to pre-empting and responding to new cybersecurity threats and customer concerns. Phishing attacks and fake QR codes are on the increase, so we are pleased to launch unique technologies that will combat these ever-growing threats. The QR Code Analyzer and Secure Links tools will benefit businesses by fighting cybersecurity attacks in a safe, reliable and cost-effective way.” 

According to research from Hornetsecurity’s Security Lab, email-borne QR codes are being used by cybercriminals to acquire sensitive information. With the introduction of its QR Code Analyzer, Hornetsecurity is enhancing its Advanced Threat Protection and 365 Total Protection Suite for Microsoft 365 in order to combat this most recent threat. When scanned, this technology determines whether QR codes lead to harmful websites. 

The introduction of Hornetsecurity’s “Secure Links” functionality will also aid in reducing cyberattacks, particularly attempts at ransomware. This new service secure-checks each email link before allowing the recipient to open it without risk. Businesses and their employees can feel more secure knowing that their email communications are secure thanks to both new technologies. 

Daniel Blank , COO HornetsecuritY commented, “Hornetsecurity has listened to our partners’ needs, which has led to the launch of our efficient and safe Mailbox Migration Tool, at the same time as our new partner program is rolled out. 

This launch package is just the start of what will be a busy 2023 for Hornetsecurity as we monitor, learn and respond to new sophisticated cyberattacks, and continue to keep our customers’ data safe from ever-present threats.” 

The Mailbox Migration Tool was created in response to the difficulties that Hornetsecurity partners had in transferring mailboxes from on-premises to Microsoft 365 cloud. This new offering enables Hornetsecurity partners to automatically migrate customers in a secure, efficient, and time-saving manner, allowing them to provide peace of mind by offering full Microsoft 365 security via 365 Total Protection. 

Hornetsecurity has also simplified its partner program. The newly revised program is intended to unify partner levels and includes both managed service (MSP) and project business. These updates reduce entry barriers, allowing partners to provide Hornetsecurity’s services with little effort and investment. 

Artificial Intelligence (AI) and the Fight Against Cyberattacks

In the current digital era, cyberattacks are one of the biggest problems that organizations are dealing with. As our dependence on technology is increasing so is the number of cyberattacks, harming both businesses and people on a large scale. The damage caused by cyberattacks is expected to increase exponentially, so it is critical for organizations to implement effective security measures to safeguard their assets.

Artificial intelligence (AI) can be an effective weapon in the fight against cyberattacks as it has the potential to completely change how businesses identify, stop, and respond to cyberattacks. AI algorithms can easily analyze massive amounts of data in real time. It can also be trained to spot anomalies and notify security teams of potential threats. AI-based security systems are important to an organization’s cybersecurity strategy because they can learn from previous attacks and become more effective over time.

Implementing cybersecurity through AI

In the fight against cybercrime, AI can effectively mitigate cyberattacks, especially in the area of threat detection. AI algorithms can be used to monitor network activity and identify patterns that indicate a potential threat. For example, AI can detect unusual patterns of login attempts, which could indicate a brute-force attack or detect unusual file transfers, which could indicate data exfiltration. By detecting these threats early on, AI-based security systems can help prevent cyberattacks and reduce the impact of the attack.

Another area where AI can play a critical role is in the identification of malware. AI algorithms can be used to scan large volumes of data to detect and classify malware. The algorithms can analyze the behavior of the malware and compare it to known malware to determine its nature. This will allow security teams to quickly identify and respond to new and evolving threats, making it possible to mitigate the impact of the attack.

AI can also be used to automate the response to cyberattacks. In the event of an attack, AI algorithms can be used to isolate the affected systems, prevent the spread of the malware, and restore normal operations. By automating the response, AI-based security systems can reduce the time it takes to respond to an attack, minimize the impact of the attack, and minimize the risk of data loss.

Moreover, artificial intelligence can also be used to improve the overall security posture of an organization. AI algorithms can be used to monitor network activity and identify areas that are vulnerable to attack. The algorithms can also be used to recommend security measures that can be taken to improve the overall security posture of the organization. By taking a proactive approach, AI-based security systems can help organizations stay ahead of the threat and reduce the risk of cyberattacks.

Another aspect of AI in the fight against cyberattacks is the use of machine learning algorithms. Machine learning algorithms can be used to analyze vast amounts of data and detect patterns that indicate a potential threat. These algorithms can be trained to recognize the behavior of cybercriminals and detect anomalies that may indicate a threat. Additionally, machine learning algorithms can also be used to improve the effectiveness of other security measures, such as firewalls and intrusion detection systems, by analyzing the data generated by these systems and making recommendations for improvement.

Advantages and limitations of Artificial Intelligence

One of the main advantages of AI-based security systems is their ability to scale. With the exponential growth of data, manual security systems are becoming increasingly inefficient. AI-based security systems, on the other hand, can process vast amounts of data in real-time and make decisions based on this data. This allows organizations to stay ahead of the threat and respond quickly to potential threats.

Another advantage of AI in the fight against cyberattacks is its ability to adapt to new threats. As cybercriminals evolve their tactics, AI-based security systems can also adapt by learning from past attacks and improving their effectiveness over time. This makes AI-based security systems an essential component of an organization’s cybersecurity strategy, as they can provide the agility and adaptability needed to stay ahead of the threat.

In addition to its ability to detect and respond to cyberattacks, AI can also be used to improve the overall cybersecurity posture of an organization. For example, AI algorithms can be used to monitor network activity and identify areas that are vulnerable to attack. The algorithms can then recommend security measures that can be taken to improve the overall security posture of the organization. This proactive approach can help organizations stay ahead of the threat and reduce the risk of cyberattacks.

While AI has the potential to revolutionize the fight against cyberattacks, it is essential to remember that it is not a silver bullet. AI-based security systems can be vulnerable to attacks. Organizations need to take a multi-layered approach to cybersecurity that includes human expertise and a range of security measures. For example, organizations can use Artificial Intelliegence in conjunction with human expertise, such as security analysts, to detect and respond to cyberattacks. Additionally, organizations can also use AI in conjunction with other security measures, such as firewalls and intrusion detection systems, to create a comprehensive security strategy.

The Bottom Line

Artificial Intelligence is emerging as a crucial tool in the fight against cyberattacks. With its ability to detect and respond to threats in real-time, AI-based security systems have the potential to revolutionize the way organizations protect their assets. However, organizations need to be aware of the limitations of AI and take a multi-layered approach to cybersecurity that includes human expertise and a range of security measures. By combining AI with other security measures, organizations can improve their overall security posture and reduce the risk of cyberattacks.

Cybereason Raises $275 Million in Crossover Financing to Expand Its XDR Leadership Globally

Cybereason, the specialist in operation-centric cyber attack protection, declared that it has raised $275 million in financing led by Liberty Strategic Capital, with contributions from Irving Investors, certain Neuberger Berman Investment Advisers LLC funds, and Softbank Vision Fund 2. The company’s success as the foremost inventor in offering XDR, EDR, EPP, and anti-ransomware solutions is validated by this latest round of funding. The funds will be used to support Cybereason’s hypergrowth, which has been driven by strong market demand for its AI-powered Cybereason Defense Platform. Softbank Group, CRV, Spark Capital, and Lockheed Martin previously invested $389 million in the company.

The Cybereason Defense Platform, unlike typical alert-centric models, is operation-centric, exposing and terminating complete “malicious actions” (MalOps). A MalOp discovered by Cybereason isn’t just another warning; it’s a fully contextualized view of all components of a cyberattack as it progresses across an organization. Because today’s experienced cybercriminals construct cyberattack operations rather than single-target attacks, the ability to detect MalOps is critical to successfully combating current cyber threats, particularly advanced ransomware. The attacker’s goal is to spread malware across the entire organization, and they’re well-organized and funded.

“Cybereason is fast becoming the global leader in cyber defense technology, and we could not be more pleased to make this extraordinary innovator the first addition to Liberty Strategic Capital’s portfolio. Cybereason has established itself as a visionary in prevention, detection and response, and Liberty Strategic Capital is excited to partner with the Cybereason team in their cutting-edge work to defend critical information networks, businesses, and governments around the world against the growing danger of cyber attacks. We are confident in Cybereason’s ability to deliver a superior product to customers and provide best-in-class critical infrastructure defense.” said Secretary Mnuchin, Founder and Managing Partner of Liberty Strategic Capital.

“Over the past year, we’ve experienced hypergrowth across the globe as defenders recognize that ending advanced attacks isn’t possible using solutions that rely on meaningless alerts and human intervention. Existing – even ‘next-gen’ – solutions are fundamentally flawed, creating the dynamic we have today where the defender is constantly struggling to keep pace with attackers. Unlike our prolific alert-generating competitors, Cybereason takes an approach that enables defenders to end malicious operations instantly, resulting in the most comprehensive prevention, detection and response solution on the market. This is how we are returning the high ground to the defenders – and we are just getting started,” said Lior Div, CEO and co-founder of Cybereason.

DRT Cyber, a VersaBank subsidiary based in Washington, DC, has signed an agreement with EzoTech to expand its Cybersecurity offering with AI Penetration Testing

VersaBank announced that DRT Cyber Inc. (“DRT Cyber”), its wholly-owned Washington, DC-based subsidiary, has signed a reseller and development agreement with EzoTech Inc. (“EzoTech”), the creators of the world’s first AI-powered Autonomous cybersecurity penetration testing platform. Penetration testing is the process of imitating a cyber cyberattack on a company’s assets and infrastructure in order to find both strengths and vulnerabilities in security systems and processes so that real-world cyber attacks can be avoided.

DRT Cyber will expand its solutions to present and new customers throughout the United States, Canada, and Europe with an AI-powered, automated, on-demand penetration testing platform under the reseller component of the arrangement. DRT Cyber will use EzoTech’s advanced AI Cyber Security technology and prowess to develop and rollout what it anticipates to be the world’s first AI-powered, automated, and continuous cyber security posture reporting platform for businesses of all types and sizes, as part of the development component of the agreement.

“Our agreement with EzoTech is a significant step forward in our strategy to expand DRT Cyber’s suite of cybersecurity offerings to complement existing services to our clients, as well as attract new clients, as we leverage our acquisition of Digital Boundary Group (DBG) last November. DRT Cyber’s acquisition of DBG provided a tremendous platform to build one of the pre-eminent cybersecurity businesses in North America; DRT Cyber boasts a client roster of national and multinational corporations, as well as government entities, including infrastructure assets, numerous police departments in the U.S., national retailers, and many others.  The addition of AI-powered, automated penetration testing, followed by a continuous, automated cyber security reporting solution, designed for organizations large and small, will significantly help expand DRT’s client roster, as the identification of cyber security vulnerabilities moves to the top of the priority list for IT departments globally,” said David Taylor, President and CEO of VersaBank and DRT Cyber.

“We are very pleased to be working with the team at DRT Cyber. Our fully autonomous, AI-driven penetration testing platform is licensed and deployable in a number of ways: as a stand-alone testing platform, as an autonomous test in combination with manual testing resources, and also ultimately as the engine for continuous reporting at the executive and working levels, to deliver a high level of confidence to organizations that their systems, networks and assets are well positioned to thwart cyber threats that are growing globally at an accelerating rate,” said Xristos Silaidis, President and CEO, EzoTech. 

“Businesses, governments and other entities are especially vulnerable to cybersecurity breaches due to a number of factors including, but not limited to, continuous changes in infrastructure, patch management issues and incorrect or stale security configurations, all of which can result in unforeseen security consequences that may not be readily apparent. In today’s IT environment, in which systems are being continuously deployed, updated or moved, continuous cyber security testing is essential to ensure that an organization’s IT systems are resistant to adversarial attacks 24/7, every week of the year. Our goal is to provide an automated and continuous cyber security reporting solution that not only is best-in-class for large organizations but also fits the IT budgets for the mass market of small-to-mid-size businesses and government entities,” said Gurpreet Sahota, Chief Operating Officer, DRT Cyber. 

Juniper Networks and Corero Network Security team up to give Critical DDoS Protection Solution to Plusnet GmbH

Corero Network Security plc, a global provider of real-time, automated Distributed Denial of Service (DDoS) cyber defence solutions and Juniper Networks, a worldwide leader in secure, AI-driven networks, have collaborated to provide Plusnet, a provider of communications and network services to 25,000 enterprises in Germany, with a combined DDoS Protection Solution to safeguard its infrastructure, business, and clients.

DDoS attacks have been a part of the threat landscape for more than two decades, but their frequency, scale, and intelligence are constantly increasing. Plusnet, which serves 200 cities and regions across Germany, used to examine anomalies in traffic patterns using an internal data filtering system. However, when attacks grew and changed, this in-house security solution required manual intervention, which was neither practicable nor successful. To protect its national network from attack-driven outages, Plusnet wanted to automate DDoS mitigation with effective, dynamic, and scalable security.

Ralf Weber, Head of Competence Center Network & Security, Plusnet said, “During the testing phase of the Juniper-Corero solution, we could immediately see a manageable stream of DDoS attacks. With the Juniper-Corero solution, Plusnet is able to further improve network protection without any significant impact on network performance.”

“More than ever before, providers need to ensure that their infrastructure and business operations are always available to deliver an exceptional user experience. This can only be achieved when security is built into the same network infrastructure that provides connectivity and extended across every point of connection. Plusnet is a great example that leverages Juniper Connected Security to enable the threat-aware network, ensuring its operations are comprehensively protected 24/7 against the growing risk of DDoS attacks,” said Samantha Madrid, Vice President, Security Business & Strategy, Juniper Networks.

“We are very pleased to continue partnering with Juniper Networks to provide a superior DDoS solution that is now protecting thousands of customers around the globe. The SmartWall TDD solution couples Corero’s surgically accurate, real-time automatic DDoS protection with the high-performance packet filtering of Juniper MX Series routers. This, along with the comprehensive visibility into attacks, enabled Plusnet to implement a cutting-edge solution that can detect and mitigate DDoS attacks in seconds to protect its network and the ones of its customers,” said Lionel Chmilewsky, Chief Executive Officer at Corero Network Security.

Paubox Launched Zero Trust Email Security

Paubox, the leader in HIPAA-compliant email, has announced Zero Trust Email, a new addition to the Paubox Email Suite. Zero Trust Email is the first and only solution of its type, designed to help healthcare institutions protect sensitive data and Protected Health Information (PHI) against cyber-attacks.

Because more than 93 percent of healthcare businesses have had at least one security breach in the last three years, a solution to counteract phishing assaults that infiltrate email security systems was critical. Attackers are creating accounts on GoDaddy, AWS, and Mailgun servers, which are all controlled by American infrastructure corporations. This enables these thieves to bypass spam and malware detection software used by the sector. Paubox responded by launching Zero Trust Email.

Hoala Greevy, Founder CEO of Paubox said “A core tenet of Zero Trust security is multi-factor authentication (MFA). While most of us associate MFA with text messages or authenticator apps, there is a broader definition. MFA simply means more than one piece of evidence is required to authenticate a user. As it relates to Zero Trust Email, we built a system whereby an additional piece of evidence from the sender’s mail server is required before it passes our Inbound Security checks. The additional evidence is determined by an Artificial Intelligence (AI) algorithm we created. In effect, we are incorporating email AI into the core of Paubox. Healthcare continues to be a primary target for cybersecurity attacks. This extra layer of verification is critical to keeping bad actors at bay.”

Zuellig Pharma Chooses CYFIRMA to Strengthen Cybersecurity and Enhance Cyber-intelligence Capabilities

CYFIRMA, a threat discovery and cyber-intelligence platform organization backed by Goldman Sachs, Zodius Capital, and Z3Partners, announced that Zuellig Pharma, a renowned healthcare services provider in Asia, has chosen DeCYFIR, a cloud-based, AI-powered cybersecurity platform, to gain greater insight into its external threat landscape and prevent cyberattacks.

Zuellig Pharma has boosted its cyber defence power with CYFIRMA’s DeCYFIR technology, allowing it to accurately detect cyberattacks at the early planning stage and take remedial actions to shut vulnerabilities before hackers can breach the network. The platform expands visibility into the exterior threat landscape by monitoring the dark web, hacker forums, and other closed communities for threat indicators that indicate hackers planning to use security flaws that could disrupt business.

“As a healthcare services company delivering life-saving medicines to those who need them the most, we own and operate some of the most advanced cold chain facilities, managing temperature-sensitive medicines through innovative and digitalized processes. The rapidly evolving threat landscape in the healthcare industry has shown us the importance of managing cybersecurity in dynamic ways, particularly as we continue rolling out more digitalization initiatives. CYFIRMA’s DeCYFIR will guide us in our response to cyber risks by providing us with real-time insights and early warnings to malicious activities targeting us,” said Mike Brewster, Vice President Technology, Zuellig Pharma.

“We are honoured to be working with Zuellig Pharma to deploy our DeCYFIR platform, which will play a pivotal role in helping them fend off cybercriminals who are out to pilfer intellectual property, conduct corporate espionage, cause business disruption and damage brand and reputation. Cybercrime has escalated rapidly in recent times, and this is a clear sign that businesses need to relook at how they are currently managing their cybersecurity strategies and programs. DeCYFIR’s ability to predict imminent attacks will give defenders the much-needed edge over cybercriminals,” said Kumar Ritesh, Founder and CEO, CYFIRMA. “

Deception Technology – How it works?

Deception technology creates deceptive traps or decoys that mimic an organization’s technological assets like servers, databases, employee sessions, passwords etc. This makes it difficult for attackers to tell difference between real and fake. These decoys are capable of running in a real or virtual operating system environment.

How Deception Technology Works?

Deception technology detects perpetrators as they make their first move within an organization’s network by taking advantage of the fact that attackers have a predictable attack pattern after gaining access to a network: surveillance and exploitation. Attackers no longer have the luxury of moving freely within a network and returning to the same network several times, using the same exploits and resources each time. Instead, they’re being pushed to devote more money, time, and effort to their attack attempts, and they’re constantly worried that they’ll make a mistake. Deception in other words creates a hostile environment for attackers, one in which using malicious software or vulnerabilities on the wrong target means the attack is over since attackers are fingerprinted. Signatures and patterns of their attacks are created and circulated across the organization. Some methods used by deception technology are baiting, monitoring, fingerprinting and analyzing.

Understand Attacker’s Actions and Motivation

Every day attackers are developing new attacking strategies and tools. The usage of these new attacking technologies has forced security analyst teams of companies to extend their threat detection procedures from classic network attacks to web service applications and cloud security in order to address a wide range of attacking techniques. Understanding attackers’ strategies, on the other hand, does not prevent attacks, breaches, or harm. This information is used by deception planning security teams to increase the probability of triggering a deceptive “Trap”. This gathered information gives security teams an idea about the motive of attackers.

Deception Technology Vs Honeypots

When people hear the word “Deception Technology” common misunderstanding is ‘it’s like a honeypot’. Honeypots are a part of deception Technology. For example, Tokens are bits of information intended to be picked up by attackers accumulating information for the next movement. These are for the purpose of detection. These information pieces or elements aren’t part of the organization’s normal operations, so anyone who touches them is likely doing it maliciously.

AI-based Interactive Deception Technology

The artificial intelligence-based deception technology can help security teams to detect, monitor, learn and adapt to attackers’ techniques. The deception technology platform gathers immense information about attackers during an engagement by using high-interaction decoys based on real operating systems. This data is used to generate forensic reports and automate security response decreasing the time of response. With machine learning algorithms applied to these activities deception technology, becomes more accurate and intelligent.

Technology Integration

It’s also crucial to evaluate the effectiveness of existing security controls and technologies. Deception can easily integrate with existing security technologies or leverage their features like security reports. Deception technology can report to centralized detection solutions e.g., Security information and event management (SIEM) or Intrusion Detection System (IDS). They can also utilize the benefits of other technologies like firewalls. Deception technology is easy to deploy and can easily scale up as per the need of an organization.

Security teams of an organization must be correct 100 percent of the time, but if attackers are correct only once the cost is huge for an enterprise firm. It gives an idea of the problems security teams face. However, deception technology has changed the scenario, now to evade detection by deception technology attackers must be correct 100 percent of the time and security teams are empowered with each attack detection. The most crucial advantage an organization gets from Deception Technology is that it protects real resources and reduces the probability of security breach with the help of decoys resulting in huge cost saving.

Anti-Money Laundering (AML) challenges | Intelligent Automation, AI and Machine Learning

Intelligent Automation, Artificial Intelligence (AI), and Machine Learning (ML) are increasingly being incorporated into AML Technologies:

Financial outlook is experiencing a revolutionary transformation, tech-savvy customers expect banks to deliver smoother and swifter experiences. As a result, financial enterprises are embracing new technology innovations and integrating intelligent automation with AI and ML into their AML compliance solutions which is the future banking. Intelligent automation, AI and ML are crucial as it empowers banks to manage large volume data-sets, combat and prevent frauds quickly thereby optimizing operational efficiencies, by reducing costs and maximizing profits.

AI and ML identify patterns and supports the systems in acquiring configuration rules based on the patterns and information detected. Furthermore, ML aids in detecting suspicious financial transactions and money-laundering activities thereby flagging suspicious activities and helps in reducing false positives. Hence, it is crucial for banks to adapt to intelligent automation, AI, and ML and incorporate them into AML solutions.

AML Key Drivers_Intelligent Automation, AI and Machine Learning

The AML software, when coupled with intelligent automation, Al and ML can offer a lot of benefits like reduction in compliance costs, enhanced transaction monitoring process thereby providing an enhanced and effective solution.