Tag Archive for: antiransomware

CISA deputy director touts progress, anti-ransomware efforts

/in


In 2023 CISA reached its five-year anniversary, and much has happened in those years.

The Cybersecurity and Infrastructure Security Agency, the U.S. government’s federal agency dedicated to cybersecurity-related issues, has had to contend with a global pandemic, multiple geopolitical conflicts, leadership changes and an evolving, increasingly aggressive cyberthreat landscape.

CISA Deputy Director Nitin Natarajan, who was appointed to the role in February 2021, told TechTarget Editorial in an interview that adapting to such a landscape has been a challenge, but the agency has built a team of individuals who are “used to working in fast-paced and dynamic organizations.” Natarajan said CISA has hired well over a thousand staffers in the last few years, while also receiving increased budget support from Capitol Hill and forming partnerships that have helped it scale up.

Said staffers include individuals from backgrounds across the federal government, state governments, local governments, the private sector, the intelligence community, the Department of Defense and more. This wide range of experience, the deputy director said, has enabled CISA to adapt to the volatile, constantly changing cybersecurity landscape.

CISA recently published its 2023 Year in Review, a webpage detailing the agency’s accomplishments last year. Some of these accomplishments include nearly 6,700 engagements with stakeholders in the private and public sectors, newly updated secure-by-design guidance, 1,200 warnings of early-stage ransomware activity, a public service announcement campaign and more.

Natarajan said that of CISA’s 2023 accomplishments, he was most proud of the agency’s partnerships and collaborations with entities such as global government partners; security researchers; and state, local, tribal and territorial governments.

Nitin Natarajan, deputy director, CISANitin Natarajan

“It’s all about partnerships and collaboration. That is what has allowed us to be successful as well as what has allowed us to mitigate risks. It is what allows us to keep adversaries at bay. It is what’s allowed us to do a lot of what we do,” he said. “It’s not easy. It’s easy to say the words collaboration and partnership, but to really build…

Source…

Kaspersky products proved absolute anti-ransomware effectiveness in regular AV-TEST examination

/in


Kaspersky Endpoint Security for Business, Kaspersky Small Office Security and Kaspersky Standard passed the regular Advanced Threat Protection assessments held by AV-TEST. In the testing, all three products demonstrated complete protection against ransomware in 10 different real-life attack scenarios.

Kaspersky products proved absolute anti-ransomware effectiveness in regular AV-TEST examination

In 2022, Kaspersky solutions detected over 74.2 million attempted ransomware attacks which was 20% more than in 2021. Although law enforcement agencies globally have succeeded in disrupting APT groups such as HIVE and Emotet, malware and malicious code created by the threat actors remain in circulation. As a result, other groups can now modify the rogue code to develop new malware, making it more sophisticated and better targeted. 

In August 2023, AV-TEST examined 33 corporate and customer cybersecurity products in 10 real-life scenarios including five ransomware and five data stealer attacks. The test was made even more complicated for vendors because some malware samples were written in the Rust programming language. Rust gives attackers an advantage of high processing speed, as well as a possibility to perform multiple operations in parallel and evade statistical analysis of many malware detection systems. 

Three Kaspersky products – Kaspersky Endpoint Security for Business and Kaspersky Small Office Security for corporate users, and Kaspersky Standard for consumers were examined in the test. They gained 30 out of possible 30 points and earned the certificates: “Advanced Approved Endpoint Protection” for business security solutions and “Advanced Certified” for consumer product. 

Kaspersky solutions constantly prove their anti-ransomware effectiveness. This year, for example, in February, April  and June Advanced Threat Protection tests by AV-TEST Kaspersky received perfect scores. Previously, Kaspersky also demonstrated the highest quality of protection against complex threats in various tests in February, April, August, October and December of 2022, November of 2021, as well as in the complex research in June-August 2021.

“In 10 scenarios of the August test round, the attackers deployed a variety of techniques, such as DNS TXT Record, encrypted connections,…

Source…

Halcyon Secures $50M Funding for Anti-Ransomware Protection Platform

/in


Halcyon, a Texas startup building an AI-powered anti-ransomware engine to help organizations ward off data-extortion attacks, has snagged $50 million in financing from prominent venture capital investors.

The company said the $50 million Series A was led by SYN Ventures, an investment firm that makes early-stage bets on cybersecurity companies. Halcyon also took on equity investments from  Dell Technologies Capital and Corner Capital.

The new financing provides a runway for Halcyon to speed up development and adoption of what it is calling a “cyber resilience platform” designed to defeat ransomware and extortion campaigns, according to co-founder and chief executive Jon Miller.

Using a lightweight agent that combines prevention engines with AI models trained solely on ransomware, Halcyon is marketing a platform promising a multi-tiered approach to defeat ransomware.

The layered components include pre-execution ransomware prevention, a feature that uses AI/ML engines to detect and block any known bad executables like off-the-shelf commodity ransomware and passes unknown but suspicious executables to the additional protection layers for further analysis. 

Halcyon has also fitted features to trick ransomware into aborting or revealing the attack by exploiting features hardcoded in the ransomware itself.

“We engineered Halcyon to embrace failure as a core concept of protection. Stopping ransomware requires multiple prevention and detection techniques, all trained extensively on years of actual ransomware attacks,” Miller said. 

Related: SYN Ventures Closes $300M Fund for Cybersecurity Bets

Related: Rapid7 Buys Anti-Ransomware Firm Minerva Labs for $38 Million

Related: Investors Bet Big on Safe Security for Cyber Risk Management

Source…

Check Point teams with Intel for processor-level anti-ransomware security

/in


Cybersecurity firm Check Point Software Technologies Ltd. has extended a collaboration with Intel Corp. to offer enhanced anti-ransomware capabilities for Check Point Harmony customers.

Under the collaboration, the Intel vPro platform’s threat detection technology will be available within Check Point Harmony Endpoint. The pairing provides enterprises with processor-level anti-ransomware security at both the hardware and software levels at no extra cost.

The problem being addressed is a well-known one: Cyber criminals are becoming more creative in their attacks. Check Point recorded a 42% global increase in cyberattacks in 2022, with ransomware identified as the No. 1 threat. The company argues that “prevention first” continues is the best cybersecurity strategy because once an attack happens, it can be challenging to repair the damage to the victim and its reputation.

The integration sees Check Point Harmony Endpoint tap into Intel’s Threat Detection Technology Technology, available on the Intel vPro platform, to employ artificial intelligence and machine learning. With the ability to use AI and machine learning, Harmony can analyze processor telemetry and recognize ransomware encryption commands early in the attack flow, raising the barrier against advanced threats, according to the companies.

Combined, the service strengthens prevention and security measures for customers, blocking endpoint threats with capabilities that identify, block and remediate the entire attack chain.

“The Intel vPro platform contains hardware-based security features, including Threat Detection Technology specifically designed to detect ransomware and other advanced threats,” Carla Rodríguez, vice president and general manager, Ecosystem Partner Enabling at Intel, said in a statement. “When paired with Check Point’s security solutions, customers can be confident knowing their endpoints are better protected at both the hardware and software layers.”

Check Point customers benefit from processor-level security that starts at the silicon level and provides anti-ransomware capabilities allowing for earlier prevention and expansive attack surface coverage.

Additional details,…

Source…