Showing posts with label Cyber. Show all posts
Showing posts with label Cyber. Show all posts

Thursday, October 19, 2017

Intezer raises $8M for malware analysis

Intezer, a start-up based in San Francisco and Tel Aviv, Israel, announced $8 million in series A funding for its malware analysis and detection solution.

The funding round was led by Intel Capital with co-investors Magma and Samung NEXT. This round will be used to expand the company's global sales efforts and open new opportunities in targeted markets.

Intezer said its approach to cyber security is to replicate the concepts of the biological immune system. The idea is to map and identifying the DNA of every single piece of code within seconds. The company has demonstrated the effectiveness by detecting code similarities in the latest high profile attacks such as WannaCry, Turla and NotPetya.

“Intezer has developed the most advanced technology for detecting code-reuse, effectively performing ‘DNA mapping’ for software. With this technology, we are able to identify every single piece of code running in the organization, enabling us to detect the most sophisticated cyber attacks and help security teams to respond immediately,” stated Itai Tevet, co-founder and CEO of Intezer.

Saturday, October 7, 2017

FireEye updates its Cybersecurity Threat Detection

FireEye announced major new software releases and next-generation hardware to drive drive performance at scale and increase deplyment flexibility. FireEye solutions updated with the new software and next-generation hardware include FireEye Network Security (NX), FireEye Email Security (EX), File Content Security (FX), Central Management (CM), and Malware Analysis (AX). The new releases include:


  • FireEye Network SmartVision is a new capability to address post-breach attacks and insider threats. It leverages a machine-learning framework to detect suspicious lateral threat movements (East-West traffic) and data exfiltration. This capability is designed to provide customers with greater detection and expanded visibility across their perimeter and now network core and servers.
  • FireEye Network (NX) deployments can now burst network traffic to FireEye’s MVX Smart Grid during periods of high-content scanning activity, to address overload and gaps in protection that might otherwise occur. Other new software capabilities include significant updates to alert handling, event change visualization, expanded logging, and overall usability improvements.
  • Fifth-generation FireEye hardware features the latest Intel processors, increased storage and port density. The four models are engineered to deliver throughput from 300 Mbps to 2500 Mbps, replacing existing fourth-generation models that are available until the end of October 2017.
  • FireEye File Content Security (FX) is a new virtual offering that extends FireEye protection further into hybrid IT environments.

Thursday, October 5, 2017

WSJ: Russian hackers stole NSA data in 2015

There was another major cyber breach at the U.S. National Security Agency. According to a report from The Wall Street Journal, an NSA employee accessed classified information using a personal computer at home that was running  Kaspersky's antivirus software. The incident reportedly occurred in 2015 and led to the cyber theft of sophisticated hacking tools used by the NSA's Tailored Access Operations group.

https://www.wsj.com/articles/russian-hackers-stole-nsa-data-on-u-s-cyber-defense-1507222108

Thursday, September 7, 2017

Equifax reports major cyber intrusion

Equifax, which is one of the three big consumer credit reporting agencies, suffered a major cybers intrusion between mid-May through July 2017 that potentially impacts some 143 million U.S. consumers.

The company said the attackers exploited a U.S. website application vulnerability to gain access to certain files, but not its core consumer or commercial credit reporting databases. Equifax said information stolen could include names, Social Security numbers, birth dates, addresses and, in some instances, driver’s license numbers. In addition, the intruders accessed credit card numbers for approximately 209,000 U.S. consumers, and certain dispute documents with personal identifying information for approximately 182,000 U.S. consumers.

“This is clearly a disappointing event for our company, and one that strikes at the heart of who we are and what we do. I apologize to consumers and our business customers for the concern and frustration this causes,” said Chairman and Chief Executive Officer, Richard F. Smith. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations. We also are focused on consumer protection and have developed a comprehensive portfolio of services to support all U.S. consumers, regardless of whether they were impacted by this incident.”

https://www.equifaxsecurity2017.com/

Friday, August 11, 2017

Cylance reports 283% YoY revenue growth

Cylance, a privately held company that offers AI-powered cyber defense, reported the following metrics:

  • 283 percent growth in overall revenue
  • 119 percent growth in overall bookings
  • 169 percent growth in the number of customers
  • Over 5 million endpoints sold
  • 171 percent growth in deals
  • 100 percent growth in the number of OEM partnerships

Cylance also announced the appointment of Brian Robins as chief financial officer. Robins previously served as chief financial officer at AlienVault. Before that, he served as vice president and chief financial officer of Global Business Services at CSC, a multinational IT and professional services corporation. Earlier in his career, Robins was executive vice president and chief financial officer of Verisign.

http://www.cylance.com

Cylance: AI and Cybersecurity


Stuart McClure, CEO and founder of Cylance, discusses the intersection of artificial intelligence and cybersecurity. Cylance, which has been selling its AI-based solution for about 2 years, has grown to over 700 employees and about 3,000 customers with some 3 million endpoints. Filmed at Net Events' Global Press & Analyst Summit in California.   See video: https://youtu.be/27yUlW0lskg http://www.netevents.o...


Monday, February 13, 2017

IBM's Watson Powers Cognitive Security Operations Center

IBM is putting Watson to work as the augmented intelligence technology for security operations centers (SOCs).

Specifically, Watson for Cyber Security will be integrated into IBM’s new Cognitive SOC platform, bringing together advanced cognitive technologies with security operations and providing the ability to respond to threats across endpoint, network, users and cloud. IBM Security also is announcing a new endpoint detection and response (EDR) solution called IBM BigFix Detect.

IBM Security said that over the past year, Watson has been trained on the language of cybersecurity, ingesting over 1 million security documents. Watson can now help security analysts parse thousands of natural language research reports that have never before been accessible to modern security tools. The centerpiece of this platform is IBM QRadar Advisor with Watson, a new app available in the IBM Security App Exchange, which is the first tool that taps into Watson’s corpus of cybersecurity insights.

“The Cognitive SOC is now a reality for clients looking to find an advantage against the growing legions of cybercriminals and next generation threats,” said Denis Kennelly, Vice President of Development and Technology, IBM Security. “Our investments in Watson for Cybersecurity have given birth to several innovations in just under a year. Combining the unique abilities of man and machine intelligence will be critical to the next stage in the fight against advanced cybercrime.”

http://www-03.ibm.com/press/us/en/pressrelease/51577.wss

Sunday, February 5, 2017

Deutsche Telekom Launches Security Business Unit

Deutsche Telekom launched a new Telekom Security business unit with a goal of double digit growth in cyber security services.

Anette Bronder, Director of the T-Systems Digital Division, will now take on the additional role of Director of Telekom Security. Dirk Backofen will manage the new division operationally.

“No business today can afford to offer solutions and not factor in security. We are a pioneer here with Telekom Security working shoulder to shoulder with the Digital Division. We continue to offer the main pillars of digitization with solutions for the Internet of Things and for the cloud – along with compatible security solutions. Everything from a single source,” said Anette Bronder, Director of T-Systems, Digital Division and Telekom Security at an event in front of some 1,200 Telekom Security employees.

https://www.telekom.com/en/media/media-information/archive/telekom-wants-to-grow-faster-than-the-market-in-security-484876

Monday, January 9, 2017

Trend Micro Intros Next Gen TippingPoint Intrusion Prevention Systems

Trend Micro released its TippingPoint NX Series Next-Generation Intrusion Prevention Systems (NGIPS), including a first-to-market standalone NGIPS solution that delivers up to 100 Gb inspection throughput with low latency.

The new TippingPoint 7600NX intrusion prevention system is designed to protect data centers and enterprise networks in real-time from known, undisclosed and unknown vulnerabilities without adversely affecting network performance.

“Customers with high traffic environments require a solution that can operate seamlessly and help prioritize the threats they need to focus on first,” said Don Closser, vice president and general manager for Trend Micro TippingPoint. “Our 100 Gb solution’s superior performance as well as exclusive insight into undisclosed vulnerability data through our Zero Day Initiative program provides them real-time, accurate threat prevention between vulnerability discovery and patch availability.”

The TippingPoint 7540NX NGIPS is also available with up to 40 Gb inspection throughput.

http://www.trendmicro.com/us/business/network-security/intrusion-prevention-system

Tuesday, December 13, 2016

Symantec Files Patent Complaint Against Zscaler

Symantec has filed a patent infringement lawsuit against Zscaler, asserting violation of seven Symantec patents across a variety of network security technologies including web security, data loss prevention, threat prevention, access control and antivirus techniques. This lawsuit is based on U.S. Patent Nos. 6,279,113; 7,203,959; 7,246,227; 7,392,543; 7,735,116; 8,181,036; and 8,661,498.

https://www.symantec.com/about/newsroom/press-releases/2016/symantec_1212_01

Tuesday, November 15, 2016

NYT: Secret Backdoor in Some U.S. Phones Sent Data to China, Analysts Say

Certain low-cost Android phones in the U.S. equipped with a certain Firmware Over The Air (FOTA) update software system were found to be sending data to a server in China without the owners' consent, according to The New York Times.

The case involves firmware developed by Shanghai Adups Technology Company, which claims its code runs on more than 700 million devices worldwide. The phones in question were sold under the BLU brand name in the U.S., although the article also cites other prominent Chinese mobile phone vendors as customers of Adups.

The discovery of the backdoor is credited to Kryptowire, a start-up based in Virginia that provides mobile application security analysis tools, anti-piracy technologies, mobile app marketplace security analytics, and Enterprise Mobility Management (EMM) solutions.

Kryptowire said the firmware that shipped with the mobile devices and subsequent updates "allowed for the remote installation of applications without the users' consent and, in some versions of the software, the transmission of fine-grained device location information."

http://www.nytimes.com/2016/11/16/us/politics/china-phones-software-security.html?smid=tw-share&_r=0

http://www.kryptowire.com/adups_security_analysis.html

Tuesday, October 11, 2016

A10 Rolls Out Big Gun to Fight DDoS Attacks

A10 Networks introduced "the industry’s biggest gun" in the rapidly escalating war against DDoS attacks -- the A10 Thunder 14045 TPS (Threat Protection System) for Service Providers, Internet Content Providers, and Cloud operators.  The appliance packs 300 Gbps of mitigation throughput capacity (or 2.4 terabits per second in a cluster).

A10 is also expanding its Thunder TPS family with a new 840 model offering 2 Gbps of mitigation throughput capacity for medium-sized enterprises or remote sites. In addition, the company is introducing NFV-based DDoS solutions at performance tiers from 1 to 5 Gbps.

A10 said its Thunder TPS can block multi-vector DDoS attacks to stop disruption, detecting and mitigating them at the network edge, and functioning as a first line of defense for the network infrastructure.

“It’s all about the customer,” said Raj Jalan, CTO of A10 Networks. “We’re helping service providers and enterprises fight back against the rising DDoS onslaught so they can be proactive, not reactive. True multi-vector, always-on protection helps them ensure uptime, exceed operational readiness and productivity, and avoid brand damage due to costly outages.”

Some highlights:

A10 Thunder 14045 TPS
Performance: 300 Gbps, 440 Mpps, 2.4 Tbps in a cluster.
Specification highlights: SPE with FPGA, 4x18 core Xeon, 3 RU, 4x100 GbE, 2+2 redundant 80 Plus Platinum rated power supplies.

A10 Thunder 840 TPS 
Performance: 2 Gbps, with hardware bypass option.

A10 vThunder TPS 
Performance: 1, 2, and 5 Gbps. Available on VMware ESXi and Microsoft Hyper-V hypervisors.

https://www.a10networks.com/news/stop-multi-vector-ddos-disruption-expanded-thunder-tps-solution

Wednesday, September 28, 2016

Cylance: AI and Cybersecurity

James E. Carroll

Stuart McClure, CEO and founder of Cylance, discusses the intersection of artificial intelligence and cybersecurity.

Cylance, which has been selling its AI-based solution for about 2 years, has grown to over 700 employees and about 3,000 customers with some 3 million endpoints.

Filmed at Net Events' Global Press & Analyst Summit in California.

 

See video: https://youtu.be/27yUlW0lskg

http://www.netevents.org/
http://www.cylance.com


Sunday, September 25, 2016

IBM to Implement Blockchain for Banking App in China

IBM will implement a blockchain solution to support a loyalty bonus points exchange among multiple banks in China.

The project with China UnionPay E-payment Research Institute will enable consumers to exchange loyalty bonus points between any of the banks they do business with. Currently, credit card bonus points cannot be freely exchanged among different banks, so many bonus points go unused because of strict bonus points policies or a limited selection of goods for exchange.

"The combination of blockchain technology and expertise from IBM coupled with an innovative business approach by China UnionPay in the payment industry has resulted in a significant first of a kind demonstration of blockchain technology in the financial payments industry,” said Dr. Shen Xiaowei, Director of IBM Research - China, CTO of IBM Greater China Group.  “IBM is partnering with the Hyperledger Project to build an open source, enterprise-grade blockchain platform and is helping clients define and develop more industry use cases. In time, we expect this to result in widespread adoption of permissioned blockchain networks to solve a number of business challenges.”

http://www.ibm.com

Thursday, September 22, 2016

Level 3 Launches Adaptive Threat Intelligence Service

Level 3 Communications is launching an Adaptive Threat Intelligence service that provides customized threat intelligence and alerting for customers. The cloud-based service leverages Level 3's expansive view of worldwide Internet traffic and a broad view of risks. The solution distills actual communications, indicators of compromise (IoC), between customers and bad actors.

The company said the new offer works as follows:

  • Adaptive Threat Intelligence is a one-stop shop for customers. They no longer have to purchase reputation feeds for malicious activity, manage on-premises boxes or have in-house resources to correlate threat data and identify risks on their network.
  • Adaptive Threat Intelligence is a cloud-based service that handles these requirements, providing a personalized, ranked list of actual malicious communications, no hardware needed.
  • Sampled customer data is correlated against known malicious communications using Level 3 proprietary analysis from threat data sources, including its DNS, CDN and MSS infrastructure, and third-party data.
  • Customers receive near real-time alerts for correlated events on their network.
  • Level 3 SOC experts are available to provide additional context, and if needed, to mitigate threats or escalating Distributed Denial of Service (DDoS) attacks.
  • The interactive near-real time reporting system also provides historical views for additional analysis.

"Investigating threats using intelligence or reputation feeds is painful for customers. They need a smart filter for their security alerts to help them understand their priorities and to allocate resources. We correlate and prioritize live communications and rank the potential risks for customers, taking the burden off their IT and security teams so they can focus on their core business initiatives," stated Anthony Christie, Chief Marketing Officer, Level 3.

http://news.level3.com/

Tuesday, July 19, 2016

Skycure Raises $16.5 Million for Mobile Threat Defense

Skycure, a start-up based in Palo Alto, California, announced $16.5 million in series B funding for its mobile threat defense.

Skycure helps enterprises secure employee mobile devices when adopting BYOD to increase productivity.

The new funding was led by Foundation Capital and included the participation of all of the company’s previous investors, including Shasta Ventures, Pitango Venture Capital, Skycure customer New York Life, and private investors Peter McKay, and Michael Weider. This round brings Skycure’s total funding to $27.5 million.  The company also added Lane Bess, industry veteran and former CEO of Palo Alto Networks, as a private investor in this series.
 
“The more devices we carry to streamline business, the larger the attack surface to the organizations grows,” said Yair Amit, CTO and co-founder of Skycure. “IT departments just can’t deal with the massive assault on their mobile devices every day from vulnerability exploits, malware, and network threats. Skycure’s predictive technology uses a multi-layered approach that leverages our crowd-sourced threat intelligence, plus device- and server-based analysis, to proactively protect mobile devices from all of these threats. Solutions using a single approach are just not effective. With our new funding we can focus more on research and invest more in development, further enhancing our security innovation and expanding our product leadership in the market.”

http://www.skycure.com

Friday, July 15, 2016

Bay Dynamics Raises $23 Million for Cyber Risk Analytics

Bay Dynamics, a start-up based in San Francisco, announced $23 million in Series B financing for its cyber risk analytics.

Bay Dynamics' flagship analytics software, Risk Fabric, automates the process of analyzing security information so that it's traceable, trustworthy and prioritized.

The funding round was led by Carrick Capital Partners and included capital from Series A investor Comcast Ventures, the venture capital affiliate of Comcast Corporation.

"We are very impressed with the quality of Bay Dynamics' cyber risk analytics platform and the endorsements we have heard from Bay Dynamics customers," said Jim Madden, co-founder and Managing Director of Carrick Capital Partners. "We believe the strongest and highest quality companies, like Bay Dynamics, will continue to thrive and we are excited to be a part of that growth."

http://baydynamics.com/



Monday, July 11, 2016

UEFA Euro 2016 Brought Increased Cyber Threats to Fans

The risks for digitally active sports fans more than doubled during the 2016 UEFA European Championship, according to a new report from Allot Communications, in collaboration with Kaspersky Lab. The research analyzed the mobile app and website usage of one million randomly selected mobile subscribers from countries participating in EUFA Euro 2016, before and during the matches.

Some highlights of the Allot MobileTrends Report UEFA Euro 2016: How Sports Events Put Mobile Users at Risk:

  • 17% of mobile users who exhibited little or no use of sports apps or websites before the games, became active sports fans during the games. Nearly 50% of these “casual fans” transitioned into sports fans’ behavior profiles with high potential risk for malware.
  • The total number of mobile sports fans at high risk for cyber threats more than doubled during the games.
  • Increases in online sports betting and social networking are major contributors to increased cyber security risk.
  • The number of mobile sports fans accessing betting sites more than doubled during the tournament’s matches. Before the matches, 1 in 9 users visited sports betting sites. During the matches, 1 in 4 visited sports betting sites.
  • During matches, the average time users spent on social media apps or sites tripled over their pre-tournament activity.

"Cyber-criminals often use big events to lure users with phishing emails and fake websites, exposing fans to intensified and new potential cyber risks. Users should be aware of potential threats and lookout when clicking on links, entering their credentials on websites or making financial transactions.” noted Alexander Karpitsky, Head of Technology Licensing, Kaspersky Lab. “We at Kaspersky Lab recommend sports fans take a proactive approach to their online security, especially when mobile, safeguarding their devices with IT security solutions at all times.”

“As sports fans are going mobile and devices are used widely for watching, recording, and sharing experiences, users must protect themselves online, and CSPs are in the best position to deliver these value added services to subscribers,” said Yaniv Sulkes, AVP Marketing at Allot Communications. “Since major sports events are shown to be times of high risk for mobile users, it’s also when mobile service providers have an opportunity to educate customers regarding malware risks and to offer network-based security services to protect mobile devices. With Rio 2016 Summer Olympics on the horizon, mobile operators who adopt a proactive cyber protection strategy for their customers will be able to leverage monetization opportunities.”

http://www.allot.com


Thursday, July 7, 2016

Veriflow Pioneers Mathematical Network Verification

Veriflow, a start-up based in San Jose, announced $8.2 million in Series A funding for its work in network breach and outage prevention.

Veriflow said it uses formal mathematical network verification to eliminate change-induced network outages and breaches. The technique was created by a team of computer science professors and Ph.D. students at the University of Illinois at Urbana-Champaign.

The funding round was led by Menlo Ventures and included current investor New Enterprise Associates (NEA).

“The feedback from customers and analysts indicates the market is ready for a new approach to network breach and outage prevention. Our use of mathematical network verification, grounded in data-plane information, gives customers a proactive approach to identifying vulnerabilities before they are exposed to catastrophic problems,” said James Brear, president and CEO of Veriflow. “Veriflow provides a comprehensive view of the network that gives administrators the confidence to make changes without fear of damaging critical services and layers of defense. We’ve spent several years developing our innovative technology, and this funding will enable us to hire key talent, bring our product to market more quickly and expand into new markets.”

Veriflow’s automated approach predicts how and if network policies will be violated before an incident occurs.

http://veriflow.net


  • Veriflow exited stealth mode in April 2016 with $2.9 million in initial investor funding from New Enterprise Associates (NEA), the National Science Foundation and the U.S. Department of Defense.
  • Veriflow is led by James Brear, who was previously CEO of Procera until its successful acquisition in August 2015, along with the company’s founders, who include Fulbright and Alfred P. Sloan fellows and an ACM SIGCOMM Rising Star awardee. 


Sunday, May 22, 2016

Video: BT Americas - Cloud Security is a Board-level Issue

Security cannot be an afterthought when moving to the cloud. The perimeter has completely changed and is now about the individual and the data.

Identity and access management coupled with the cloud are of such critical importance that they have become board-level concerns, says Jason Cook, BT Americas' CISO.

See video: https://youtu.be/dM7-3tbZzaE





Thursday, April 21, 2016

Anomali Raises $30 Million for Early Threat Detection

Anomali, a start-up based in Redwood City, California, raised $30 million in series C funding for its ThreatStream threat intelligence and Anomali Enterprise platforms.

The company, which was previously known as ThreatStream, delivers early detection and identification of adversaries in a network. The company says this makes it possible to correlate tens of millions of threat indicators against real time network activity logs and up to a year or more of forensic log data.

The new funding, led by Institutional Venture Partners (IVP), includes significant investments from General Catalyst Partners, GV (formerly Google Ventures) and Paladin Capital Group. The round raises Anomali’s total funding to more than $56 million since launching in 2013.

"Anomali is entering a very exciting era of cybersecurity, and we couldn’t be happier to have the support and backing of our customers and partners. Our rebrand, new product suite and this latest round of funding validates our vision for reducing business risk for large enterprises and small to medium sized businesses," said Hugh Njemanze, CEO of Anomali. "We are truly in a unique position as the only security vendor who can scale to meet the challenge of making ever increasing amounts of threat intelligence useful for the entire security team while detecting and preventing attacks enabled by long adversary network dwell times.”

http://www.anomali.com

See also