Wuhan coronavirus exploited to deliver malware, phishing, hoaxes

The Wuhan coronavirus continues to spread and create anxiety across the globe, allowing malicious individuals and groups to exploit the situation to spread fake news, malware and phishing emails. Malicious coronavirus-themed campaings IBM X-Force says … Continue reading Wuhan coronavirus exploited to deliver malware, phishing, hoaxes

Security tools still among the fastest-growing apps in corporate America

More of the tools used throughout the private sector are ones that help company staffers better manage or prevent security incidents. In an analysis based on the log-in activity of more than 7,4000 customers, identity management firm Okta found that of the 10 fastest-growing apps in the enterprise, five are known at least in part for their security offerings. Adoption of the incident management tool Opsgenie, which alerts developers to possible problems, grew by 194%, while Google Cloud implementation climbed by 108%, Splunk by 102%, KnowBe4 by 89% and Jamf Pro enjoyed an 82% increase. The cloud data app Snowflake experienced the greatest uptick in adoption among Okta clients, at 273%, while Looker, visitor management software Envoy, FreshService and Zoom also saw gains over 2019. Last year, the security training platform KnowBe4 experienced the largest growth of all apps among Okta users, followed by the password manager LastPass and the […]

The post Security tools still among the fastest-growing apps in corporate America appeared first on CyberScoop.

Continue reading Security tools still among the fastest-growing apps in corporate America

Is offense really your best defense?

In June, the House Appropriations Committee approved a spending bill that, among other things, included a reintroduction of Rep. Tom Graves Active Cyber Defense Certainty Act (ACDC). According to Rep. Graves’ website, the ACDC “makes targeted changes to the Computer Fraud and Abuse Act (CFAA) to allow use of limited defensive measures that exceed the boundaries of one’s network in order to monitor, identify and stop attackers.” Specifically, the bill gives authorized individuals and companies the legal authority to leave their network to: establish attribution of an attack disrupt cyberattacks without damaging other computers retrieve and destroy stolen files monitor the behavior of an attacker and utilize beaconing technology Cybersecurity is a challenging issue for those who don’t have the luxury of spending every waking minute keeping up with the latest exploits, vulnerabilities and innovations. It is not a partisan issue, but an opportunity for us to show a united […]

The post Is offense really your best defense? appeared first on CyberScoop.

Continue reading Is offense really your best defense?

KnowBE4, Autho0, & Guardicore – Enterprise Security Weekly #138

In the Enterprise News, ThreatQuotient expands integration with MITRE ATT&CK Framework, JASK launches a new Heads Up Display for security operations centers, and we have some acquisition and funding updates from Guardicore, Auth0, and KnowBe4! Ente… Continue reading KnowBE4, Autho0, & Guardicore – Enterprise Security Weekly #138

KnowBe4 to acquire Norwegian assessment company CLTRe

The security training vendor KnowBe4 has acquired CLTRe, a Norwegian company that specializes in measuring clients’ security preparedness, according to an announcement scheduled for Tuesday. Florida-based KnowBe4 describes itself as the world’s largest security awareness training company. The firm is known for providing clients with a simulated phishing platform and partnering with Kevin Mitnick, the hacker-turned-consultant who now works as KnowBe4’s chief hacking officer. KnowBe4 was named among the fastest-growing apps corporate America, according to a survey released in February. CLTRe (pronounced “culture”) is a small firm that created its own security culture framework, which is meant to provide companies with information about how their security culture changes over time. The framework measures corporate behavior, responsibilities, cognition, norms, compliance, communication and attitudes, as all those factors relate to security, over time. Terms of the deal were not disclosed. KnowBe4 currently is integrating the CLTRe assessments into its platform, and does not […]

The post KnowBe4 to acquire Norwegian assessment company CLTRe appeared first on CyberScoop.

Continue reading KnowBe4 to acquire Norwegian assessment company CLTRe

New infosec products of the week: April 5, 2019

Free cybersecurity threat assessment for midsize and large organizations Cynet unveiled the Cynet Threat Assessment program. The free offering for organizations with 500 or more endpoints identifies critically exposed attack surfaces and provides actio… Continue reading New infosec products of the week: April 5, 2019

KnowBe4 releases a new tool aimed to test employees in a phishing scenario

KnowBe4, the provider of the world’s largest security awareness training and simulated phishing platform, announced a new, complimentary tool aimed to gauge how many employees will reply to a phishing email called the Phishing Reply Test (PRT). Highly … Continue reading KnowBe4 releases a new tool aimed to test employees in a phishing scenario

92% of organizations rank users as their primary security concern

Cybercrime continues to evolve and become more sophisticated. AI and machine learning are leveraged by many criminal organizations to help them better understand how to improve their attacks and they are now targeting specific industry verticals, organ… Continue reading 92% of organizations rank users as their primary security concern

There’s business in the basics as corporate America embraces opsec apps

New evidence suggests corporate America is embracing some of the basic cybersecurity functions that the experts have advocated for years. In a survey of more than 5,600 customers, identity management Okta found that three cybersecurity services ranked at the top of the list of the fastest-growing apps in corporate America. The security training platform KnowBe4, the password manager LastPass and the email security service Proofpoint landed in the top three spots, respectively, ahead of the video-conferencing service Zoom and software from Adobe. Security incidents are expensive, after all, and it’s often much more cost-effective to train workers about opsec, safeguard their passwords and protect their emails. An unrelated Ponemon Institute report found that the average cost of a stolen record is $148, and a typical enterprise shells out $3.86 million to recover from a data breach. And the Okta report, published Thursday, provides the latest evidence corporate executives are scrambling to build cybersecurity into their applications in an […]

The post There’s business in the basics as corporate America embraces opsec apps appeared first on CyberScoop.

Continue reading There’s business in the basics as corporate America embraces opsec apps