About Us

Infortrend Announces the Release of WORM and MFA features on EonStor GS

Infortrend, a leading provider of SAN, NAS, Unified, Hybrid Cloud and AI Storage Solutions, recently added immutable object storage, also known as write-once-read-many (WORM), and multi-factor authentication (MFA) security features to their EonStor GS unified storage systems. These features are introduced to ensure the protection of stored data, particularly against ransomware.

Ransomware attacks are still on the rise today, proving that traditional defenses like firewalls and antivirus software are insufficient to completely stop these threats. In order to secure archived data, businesses have begun using immutable or WORM storage repositories. With immutable object storage, organisations can set the data as WORM to protect it against ransomware encryption and choose a retention term to prevent unintentional data erasure.

Apart from the immutable object storage, the multi-factor authentication (MFA) feature is also integrated into the GS families. A separate one-time password is needed to access account by email or an APP. Even if the password has been hacked, the feature is demonstrated to be effective against unauthorized access. The Cybersecurity & Infrastructure Security Agency claims that implementing the MFA function reduces the likelihood of account hacking by 99 percent.

Frank Lee, Senior Director of Product Planning, said, “The immutable object storage and MFA offer reinforced security. Mandatory for some and highly-recommended safety measure by governments around the globe, especially in government organizations, financial, and medical industries, WORM and MFA functions can further protect sensitive and valuable data from unlawful access.”

Forescout Frontline to Combat Ransomware and Threats

Forescout Frontline is a new threat hunting service from Forescout Technologies. It leverages a team of expert cybersecurity analysts to support cybersecurity teams by proactively identifying risks, enabling accelerated incident response, and maturing security posture. Forescout is providing this complimentary service to organizations that lack the internal resources and visibility required to defend themselves against cybersecurity attacks such as ransomware and advanced persistent threats.

Many organizations employ multiple security tools across teams to assist in the identification of threats and risks. However, due to siloed views of IT, IoT, IoMT, or OT assets, insights may be limited. A variety of these asset types typically exist across an organization’s digital terrain and are frequently interconnected, implying that cybersecurity risk must be identified and addressed holistically.

Shawn Taylor, vice president of Threat Defense at Forescout, “Cybersecurity attacks are on the rise. Simultaneously, cybersecurity teams are perennially understaffed and under-resourced. This has created a perfect storm. Organizations are under immense pressure to cope with the scale and speed of attacks and the havoc caused by adversaries. Forescout is launching this new service to help organizations defend against attacks by providing a complete and holistic view of their assets.”

The Threat Hunting and Risk Identification Service, delivered by Forescout Frontline analysts, overcome staffing resource and asset visibility challenges to uncover threats and identify risks that would otherwise go unnoticed. Frontline will assist organizations against cyber threats and vulnerabilities, and help them to discover, validate, and prioritize all assets, including IT, IoT, IoMT, and OT. It will examine the context and risk factors for all findings along with effective risk mitigation and remediation strategies.

Forescout Frontline levels cybersecurity by operationalizing vulnerability research and threat intelligence produced by Forescout’s Vedere Labs and enhancing it with the Forescout Continuum Platform to provide threat hunting services across multiple dimensions. Forescout Frontline analysts are former public and private sector threat hunters with training in threat detection and incident response.

Read more articles:

The benefits of cyber threat intelligence!

Nebulon TimeJump Features Lenovo ThinkSystem

Nebulon TimeJump offers complete ransomware recovery in less than four minutes. Nebulon TimeJump will feature on the Lenovo rack servers to provide all-around ransomware protection. Lenovo ThinkSystem will have instant recovery capabilities for their edge data centres with this integration, it will also provide Lenovo-based 2-server cluster alternative.

Nebulon TimeJump is the only Lenovo storage and server solution that offers all-around ransomware recovery in less than 4- minutes. TimeJump is available for small 2-servers clusters and ensures significant savings and availability against the 3-node HCI solutions. It is built on Nebulon’s smartInfrastructure cloud control plane, Nebulon ON. Nebulon ON utilizes multi-factor authentication to restrict unauthorized login, a feature offered to all users.

Lenovo ThinkSystem offers efficiency, flexibility, and value to ensure the essential requirements at the enterprise edge. With the integration of TimeJump with ThinkSystems, rapid cyber recovery can be easily ensured with a smaller footprint at the edge.

Siamak Nazari, CEO of Nebulon commented, “Data at the edge faces higher security risks and cost pressures than core data centre deployments. With Nebulon, enterprises can reduce costs while improving cyber resilience at the edge—and if attacked by ransomware, they can recover in under four minutes.”

Ransomware, malware, and wiper attacks are on the rise, they can infect the servers, and the need for ransomware protection is imminent. Cyber resilience for infrastructure at the edge is a solution that administrators are desperate to have. To survive the worse, companies need to have an effective ransomware recovery solution in place.

Nebulon ON also offers integrated role-based access control (RBAC) to let organizations handle who has remote or local access to the data and operating environment. Nebulon’s smartInfrastructure enhances the data security with always active encryption for data at-rest and in-flight. It helps in minimizing the risk of human error with its hardware-generated encryption key.

TimeJump is cost-effective and occupies less space than the traditional 3-node-minimum hyper-converged infrastructure (HCI) solutions. It offers ransomware recovery in less than four minutes.

Read more articles:

cyber threat intelligence!

Nebulon to Support Dell PowerEdge Servers

Nebulon TimeJump safeguards both the operating system and application data, preventing the need for manual server and operating system rebuilds and saving valuable time. Furthermore, Nebulon data security software works in an isolated domain within the server, protecting critical data even if the management servers are compromised. Nebulon TimeJump offers users access to the only combined server and storage solution available. It provides a 4-minute ransomware recovery solution. It can deploy ransomware protection for small, two-node management infrastructure clusters, which reduces server purchases, data center space, power, and cooling costs by 33%.

Nebulon offers enterprises a 2-node alternative for their management infrastructure, with near-instant recovery capabilities and a 33% smaller footprint than 3-node-minimum hyper-converged infrastructure solutions, which also take hours or even days to fully recover from ransomware attacks.

Many mid-sized businesses rely on small management infrastructure clusters, which include services like PXE, DNS, DHCP, LDAP, NTP, Radius, VPN, and license servers, to quickly recover their production application environment after a ransomware attack. Since the infrastructure is on a network it can be compromised by a ransomware attack, malware, or wiper attacks, delaying production environment recovery by hours or even days.

Nebulon TimeJump 4-minute ransomware recovery solution with extended support from Dell PowerEdge-based 2-node management clusters restores the management infrastructure back online.

Siamak Nazari, CEO of Nebulon commented, “Ransomware attacks are inevitable. Many enterprises today are focused on protecting their production systems against ransomware attacks, but few have a strategy in place to quickly recover their management clusters. This can be a costly mistake as management infrastructure is critical to recovering production servers. Enterprises need a simple, fast way to ‘recover so they can recover’ – recover their management infrastructure so they can recover their production environment.”

Nebulon smartInfrastructure includes cybersecurity and ransomware protection as a core component, to prevent unauthorized login. Nebulon ON, the smartInfrastructure cloud control plane, employs mandatory multi-factor authentication (MFA). Furthermore, Nebulon’s service includes role-based access control (RBAC), which limits a malicious user’s privileges and access to the server’s data. smartInfrastructure takes data security a step further by providing always-on data encryption at rest and in-flight via a hardware-generated encryption key, rather than user-generated keys, reducing the risk of keys being lost or misappropriated.

Read more articles:

Developers’ interest in cybersecurity grows

cyber threat intelligence!

 

Cofense Validator Detects Security Overlaps In Email.

Cofense released Cofense Validator, a technology that allows businesses to validate the effectiveness of their secure email gateways (SEGs) with active, live phishing threats on their own.

Secure Email Gateways consume a large percentage of an organization’s budget to prevent phishing attempts. Cofense Validator allows you to compare your spending to that of your colleagues using real-time phishing data.

Cofense CTO and co-founder, Aaron Higbee said, “There are numerous options out there when it comes to selecting a secure email gateway, and they often promise to block 99% of bad emails, some at a much higher cost than others. Until now, customers had to rely on ridiculously contrived bake-offs conducted by the SEG vendors using self-serving datasets. Of course, they are going to pass their test. They know how difficult it is for customers to curate live phishing data to perform their independent testing. Cofense’s 24×7 visibility into threats such as BEC, ransomware, credential harvesting, and malicious attachments that have bypassed major SEGs allows Cofense Validator to be the only objective analyzer of SEG performance.”

The Cofense Validator tests a customer’s SEG by transmitting real, in-the-wild phishing threats recognized by Cofense to see how effective it is at stopping those active threats. Customers see an immediate return on investment thanks to reports that provide quickly actionable data.

Cofense Validator applies what we know about advanced phishing strategies from Cofense Intelligence to evaluate SEG efficacy against the current, verified, live phishing threats – not older threats already found on popular access deny lists or threats cherry-picked to make an SEG review look good.

InterVision RPaaS Helps Businesses in Combating Ransomware Attacks

InterVision launched Ransomware Protection as a Service (RPaaS), a new solution that aims to help businesses combat the growing threat of ransomware by providing cyber threat protection, detection, recovery, and strategic support.

Every 39 seconds, a cyber-attack occurs. These attacks are not only more common but are also more sophisticated, requiring more comprehensive planning. Businesses typically invest in protection and recovery platforms by integrating and managing multiple different solutions, but InterVision’s RPaaS combines protection, response, and recovery into a single, fully managed service. SLAs and a specialized team of experts are also in place to protect against attacks before they occur.

CEO of InterVision, Jonathan Lerner says, “Companies must start planning for ransomware attacks with urgency as they are no longer just a ‘what if’, but a ‘when’ scenario. Implementing tools and software is just one part of the solution. InterVision’s RPaaS also includes strategic support to help customers create a security roadmap and give them experts to turn to for help in the event of an attack.”

The InterVision RPaaS solution comprises the following features:

  • SOCaaS (Security Operations Center as a Service): A trained team of professionals uses preventative measures to detect threats and protect enterprises from ransomware.
  • Ransomware Response as a Service (RRaaS) is a hybrid of Disaster Recovery as a Service (DRaaS) and Backup as a Service (BaaS) that focuses on ransomware protection and recovery strategies.
  • A virtual CISO provides strategic support: During ransomware threat detections, a specialized vCISO directs the maturation of security and risk mitigation and functions as a counselor to a business.

CTO of InterVision, John Gray says, “Ransomware continues to threaten the IT landscape, requiring companies to evolve from traditional, disconnected cybersecurity tools to a comprehensive managed platform, RPaaS is designed to provide the holistic solution businesses need to protect themselves, ultimately gaining peace of mind.”

Developers’ interest in cybersecurity grows substantially in data breaches.

The statistics of O’Reilly’s annual platform analysis, which examines the most popular queries and content on the company’s learning platform, were released. There has been significant growth in interest in specific cybersecurity challenges.

The amount of content about ransomware has nearly tripled (a 270% increase). Privacy (up 90 %), identity (up 50 %), application security (up 45 %), malware (up 34 %), governance (up 35 35 %), and cybersecurity compliance (up 35 %) all saw significant year-over-year growth (up 30 %). This is unsurprising, given the 17 % increase in data breaches observed in 2021 compared to 2020. (ITRC).

With the high-profile occurrences involving ransomware, supply chain attacks, the exploitation of key systems vulnerabilities, and the new focus on cryptocurrency theft from last year, interest in cybersecurity subjects is likely to continue to rise in 2022 and beyond.

The VP of emerging technology content O’Reilly, Mike Loukides said, “Analysing annual trends in technology usage helps our community stay abreast of emerging technology areas—whether it’s learning about software architecture for the cloud, mastering new languages to support cryptocurrency, or productizing AI. These valuable insights empower software developers, data scientists, and other practitioners to begin the hard work of taking emerging technologies and deploying them as real-world solutions.”  

Ransomware Families Evolve with New Attacking Methods

Ivanti, Cyber Security Works and Cyware released a report that identified 32 new ransomware families in 2021, bringing the total to 157, a 26% increase from the previous year.

The report also found that these ransomware groups will continue to target unpatched vulnerabilities and weaponize zero-day vulnerabilities in record time to instigate disabling attacks. Simultaneously, they are broadening their attack spheres and devising new ways to compromise organisational networks and launch high-impact attacks with impunity.

Srinivas Mukkamala, SVP of Security Products at Ivanti, said: “Ransomware groups are becoming more sophisticated, and their attacks more impactful. These threat actors are increasingly leveraging automated tool kits to exploit vulnerabilities and penetrate deeper into compromised networks. They are also expanding their targets and waging more attacks on critical sectors, disrupting daily lives and causing unprecedented damage. Organizations need to be extra vigilant and patch weaponized vulnerabilities without delays. This requires leveraging a combination of risk-based vulnerability prioritization and automated patch intelligence to identify and prioritize vulnerability weaknesses and then accelerate remediation.”

Anuj Goel, CEO at Cyware, said, “The substantive change we’ve observed across the ransomware landscape is that the attackers are looking to penetrate processes like patch deployment as much as they look for gaps in protection to penetrate systems. Vulnerability discovery must be met with an action that treats vulnerability data as intelligence to drive swift response decisions. As ransomware gangs operationalize their tooling, methods and target lists, its essential for SecOps teams to automate processes to self-heal vulnerable assets and systems to mitigate risk through real-time intelligence operationalization.”

LTI Partners with Securonix & Snowflake to Strengthen Cybersecurity Offerings

Larsen & Toubro Infotech, an international technology consulting and digital solutions firm, has partnered with Securonix, a leader in next-gen Security Information and Event Management (SIEM), and Snowflake, a leader in secure cloud computing.

LTI’s Active eXtended Detection & Response platform (Active XDR) will be used to detect internal and external risks early, contextualise and defeat threats with enhanced intelligence-led hunting operations, and automate incident response time thanks to the partnership. LTI Active XDR secures billions of critical alerts and records by storing them in a safe data lake.

“Guarding against cyber threats has become a top priority for every enterprise. LTI Active XDR, backed by the latest technologies from Securonix and Snowflake will strengthen our ability to combat ever-growing threats, responding to increasing ransomware attacks and phishing campaigns on critical infrastructure, large enterprises, and federal sector,” said Sanjay Jalona, CEO & Managing Director, LTI.

“‘Bring your own Snowflake’ is an ideal managed service program, significantly reducing the costs and complexity of scaling advanced threat detection and response services across multiple customer environments. We look forward to bringing additional solutions to market with LTI that more effectively secure today’s cloud and complex enterprise environment,” said Sachin Nayyar, CEO, Securonix.

“Chief Information Security Officers (CISO) are looking for alignment with the CIO to gain richer insights, improve scalability and drive savings. LTI is a strategic partner for Snowflake that has been recognized for its innovation and ability to help customers migrate from legacy solutions. We look forward to extending our partnership into cybersecurity together with industry-leader Securonix and its cloud-native ‘Bring your own Snowflake’ SIEM solution,” Said Christian Kleinerman, SVP of Product at Snowflake.

LTI’s cybersecurity strategy is built on assuring business continuity, brand equity, and managing external compliance. LTI is addressing to the need of the hour by scaling its advanced cyber security managed services to its enterprise customers around the world, equipped with state-of-the-art Cyber Defence Resiliency Centres (CDRCs), a centre-of-excellence (CoE) for cyber security.

Resilience Raised $80 Million In Series C Round

Resilience, a leading cyber insurance and security solutions firm, announced the completion of  $80 million Series C funding round led by General Catalyst and Corey Thomas of Rapid7, with participation from Founders Fund, Charles River Ventures, Lightspeed Venture Partners, Shield Capital, and Intact Ventures.

The investment comes as Resilience moves forward with plans for mid market expansion and international expansion. Middle-market businesses – manufacturing, universities, agriculture, hospitals, and construction – are the backbone of the American economy. As ransomware attacks are rising, the hardened cyber insurance market has allowed newcomers with a fresh perspective to make it to the top.

“We took a deliberate approach entering the middle market. Our clients are discerning buyers with sophisticated infrastructure. We proactively connect their security posture with their insurance policy, not as vendors, but as partners. That personal, integrated approach of transparency and action is what makes us so. This funding round signals that the market is ready for our insure + secure model different,” said Vishaal “V8” Hariprasad, CEO of Resilience.

Resilience has created an Insure + Secure business model that offers its clients with both tailored insurance and security solutions. From risk assessment to post-bind vulnerability monitoring, a team of in-house security engineers works with clients.

“Resilience is building the leading cyber risk and response platform for the insurance industry, helping mid-market enterprises identify and integrate the best insurance and security solutions for their business needs. It’s more than risk mitigation – it’s bespoke security solutions combined with an insurance policy that provides clarity and certainty. General Catalyst is proud to co-lead this funding round with Corey Thomas as we believe Resilience’s integrated model is the future of cyber risk,” said David Fialkow, Managing Partner and Founder at General Catalyst.  

“Resilience’s expertise, combined with an innovative approach to cyber risk, deliver unparalleled value for clients. The team has seen tremendous progress in the past year, setting the course for responsible and profitable growth. Intact Insurance Specialty Solutions is pleased to be a carrier partner,” said Michael Miller, CEO, Global Specialty Lines, Intact.

“At Intact Ventures, we are thrilled to increase the size of our commitment and to invest in a world-class team building a category-defining business,” said Justin Smith-Lorenzetti, Intact Ventures.

This financing enables Resilience to accelerate delivery of Insure + Secure solutions more broadly in North America and now globally.