Zurich and Barrier Networks partner to Offer Enterprise Cyber Risk Assessments

Barrier Networks, a Cybersecurity Managed Service Provider, has announced it has entered into a new partnership with Zurich Resilience Solutions, part of Zurich UK, to help businesses improve their cyber resilience.

Zurich Resilience Solutions (ZRS) provides underwriting assurance to underwriters to help them better understand cyber risk and exposures of client environments, as well as cyber risk and resilience advisory services to clients to improve cyber resilience. Barrier compliments ZRS internal cyber risk advisory services, offering technical expertise and services including penetration testing, managed cybersecurity services, assessment and consulting.

The partnership will not only focus on enterprise security, but it will also cater to organisations running Operational Technology in critical industrial environments. These organisations have come under increased threat from cybercrime recently, and Barrier Networks and Zurich will help meet these needs by helping them reduce the risk of data breaches that could be caused by unidentified cybersecurity issues.

“We are delighted to be working with such an established cyber insurance player as Zurich. Cybersecurity is an enormous task for most businesses and very few have the resources to manage it alone. Our partnership will help organisations overcome this challenge as we help them improve their security and tackle key issues to meet critical cyber insurance requirements. No organisation can gamble with their cyber defences today, and through our partnership we will be arming more businesses with the skills and expertise they need to stay secure,” said Ian McGowan, Managing Director of Barrier Networks.

Arunava Banerjee, Cyber Risk Consulting Lead, Zurich Resilience Solutions, said: “This partnership will further strengthen the suite of cyber risk advisory services we offer to customers.  Cyber risk is a critical threat facing companies of all sizes. By strengthening their cyber defences, we can help businesses to both reduce their exposure to attacks and better navigate the present hard market for insurance cover.”

The post Zurich and Barrier Networks partner to Offer Enterprise Cyber Risk Assessments appeared first on IT Security Guru.

DomainTools Launches Global Partner Program to Bring Best-in-Class Internet Intelligence and Threat Hunting Capabilities to Enterprise Security Teams

DomainTools, the leader for Internet intelligence, today launched its Global Partner Program led by Tim Durant, the recently appointed Vice President, Global Channels and Alliances. 

Threat intelligence plays an increasing role in the Security Operations Center (SOC) as security teams struggle to cope with the rising threat landscape. The DomainTools Global Partner Program features the company’s best-in-class threat intelligence solutions, providing channel partners with the tools needed to help enterprise security teams proactively detect emerging threats and attackers lurking in their networks. 

According to Chris Nelson, Chief Revenue Officer at DomainTools, “We’re thrilled that Tim Durant has joined our executive team and to launch our new Global Partner Program. Tim brings more than 15 years of experience creating high-impact programs that build revenue through new partners, products/services and routes to market on a global scale. The channel is one of the key growth drivers for DomainTools and we’re excited for Tim to spearhead our channel strategy and growth, and to reinforce our commitment as a channel-first organization.” 

“Having worked with DomainTools since 2019, it’s great to see them bolster their commitment and investment into their channel business and partnerships like ours,” said Phil Higgins, CEO at Brookcourt Solutions, a leading UK-based IT services provider. “The data and products from DomainTools have allowed us to meaningfully enhance the security postures of dozens of firms. We look forward to building many further opportunities with DomainTools as a trusted partner.” 

The DomainTools Global Partner Program will expand existing channel relationships as well as build new partnerships across the globe. It offers a wide range of benefits to channel partners, including generous and simple margin structure for new and renewal business, access to in depth training, online deal registration, and joint promotional programs. 

“I’m eager to deepen our existing partner relationships and to expand our incredible partner ecosystem,” said Tim Durant. “DomainTools seeks to work with a wide variety of partners, from cybersecurity technology companies, to VARs, and MSSPs. Each of these partners brings specialized expertise and market knowledge, and we’re excited about the opportunity to not only expand their portfolio but also work together to help augment an organization’s limited threat intelligence resources.” 

In his new role, Tim will lead the DomainTools channel program and sales and revenue goals and will be responsible for go-to-market strategies within the diverse DomainTools partner ecosystem. Prior to DomainTools, Tim spent nearly a decade at Hitachi Vantara, where he was Sr. Director of Strategic Global Alliances. 

The post DomainTools Launches Global Partner Program to Bring Best-in-Class Internet Intelligence and Threat Hunting Capabilities to Enterprise Security Teams appeared first on IT Security Guru.

Newly Discovered Android Spyware ‘RatMilad’ Targets Enterprise Devices in Iran

Earlier this week, a newly discovered Android spyware family dubbed ‘RatMilad’ has been observed trying to infect an enterprise device in the Middle East.

It appears that the discovery comes from security researchers at Zimperium, who said the original variant of the previously unknown RatMilad spyware hid behind a VPN and phone number spoofing app called Text Me.

In recent news, after identifying the RatMilad spyware, the Zimperium team also uncovered a live sample of the malware family distributed through NumRent, a graphically updated version of Text Me.

The malicious actors reportedly developed a product website advertising the app to socially engineer victims into believing it was legitimate.

Additionally, from a technical standpoint, the RatMilad spyware is installed by sideloading after a user enables the app to access multiple services. This allows the malicious actors to collect and control aspects of the mobile endpoint.

Following installation, the user is asked to allow access to contacts, phone call logs, device location, media and files, alongside the ability to send and view SMS messages and phone calls.

Therefore, a successful attack will result in threat actors accessing the camera to take pictures, record video and audio, get precise GPS locations and more.

“Though this is not like other widespread attacks we have seen in the news, the RatMilad spyware and the Iranian–based hacker group AppMilad represent a changing environment impacting mobile device security,” explained Richard Melick, director of mobile threat intelligence at Zimperium.

The executive has reported a growing mobile spyware market is available through legitimate and illegitimate sources, including tools like Pegasus and PhoneSpy.

“RatMilad is just one in the mix,” Melick added. “The group behind this spyware attack has potentially gathered critical and private data from mobile devices outside the protection of Zimperium, leaving individuals and enterprises at risk.”

It appears that the discovery comes months after Zimperium published its 2022 Global Mobile Threat Report, which suggested a 466% increase in zero–day attacks against mobile devices.

The post Newly Discovered Android Spyware ‘RatMilad’ Targets Enterprise Devices in Iran appeared first on IT Security Guru.

API Security for the Modern Enterprise

In today’s cloud-based enterprise, APIs are a critical part of every business. They’re used extensively to foster more rapid application development, and without proper security measures, sensitive data can easily get into the wrong hands.

 

As modern organizations become more dependent on APIs to achieve their goals, their API security strategy must be up-to-date and in line with recent developments in technology.

 

API Security is an important aspect of the API lifecycle which makes sure that the API and its data are protected from various threats. This includes protecting it from unauthorized access, denial of service, data leakage, and other security breaches. It’s more than just protecting data from being stolen or misused; it also helps protect against potential vulnerabilities that could cause reputational damage.

The API Security Landscape is a Complex one

API security is quite different from other standard cyber threats due to its constantly changing nature, shortcomings of shift-left tactics, and the challenge of low-and-slow attacks. Per a recent report from Q4 2020 to Q4 2021, the average number of APIs per company increased by 221% in 12 months and that API attack traffic grew by 681% while overall API traffic grew by 321%.

Microservices Architecture has Created a Security Blind Spot

Microservices are small, modular, independent services that can be deployed, scaled, and updated independently. They offer many advantages over traditional monolithic applications: they’re more scalable, agile, and have lower maintenance costs but one negative side effect of microservice architectures is that they create an environment where attackers can easily find targets based on their size.

 

Microservices communicate over APIs. When you have multiple services communicating with each other through APIs, then your entire system becomes exposed when any one service gets hacked.

Internal APIs or Private APIs are not Immune

Internal APIs are just as vulnerable to attacks, data breaches, and fraud as public APIs. An attacker could use an internal API to launch DDoS attacks against companies by sending large volumes of traffic over a short period.

 

An internal API might allow a malicious actor to access data from another company’s API that you are using in your application. Or, if you’re using an external API for authentication, then your authentication token could be stolen by an attacker who has gained access to the server hosting that external service via some other means such as social engineering or brute force attacks on their account credentials (e.g., password guessing).

API Security needs to be a Top Priority for the Modern Enterprise

There’s no getting around it — API security is a shared responsibility. It’s not just about securing your access controls, but also about making sure that you’re keeping up with changes in the industry and staying ahead of any threats that might be coming down the pipeline.

 

Security as an end-to-end process requires comprehensive measures across every aspect of your API strategy—from designing APIs that are secure from day one, through testing and monitoring them throughout their lifecycle (and beyond), all the way through to maintaining audit trails and making sure your users aren’t abusing them.

 

The best way to secure an API is to design it with security in mind from the start. That means understanding what threats might exist, what data needs to be protected, how the API will be used, and how it will interact with other systems. It also means defining policies that define acceptable use of the API, including who can access it and under what circumstances.

 

This means that everyone who works with APIs needs to have an active role in keeping them safe: developers building apps or services on top; administrators managing their infrastructure; system administrators ensuring things run smoothly on both sides; security professionals looking out for threats, both internal and external (like hackers).

 

API Security Tools

Tools like two-factor authentication, rate limiting, and DDoS protection can go a long way in securing APIs. Two-factor authentication helps add a layer of security to your API. Rate limiting limits how many requests per second an app makes against an API while still being able to make requests as needed. DDoS protection protects against attacks where lots of people simultaneously try getting information from servers by flooding them with data packets; these floods overwhelm servers’ resources so much that they crash under pressure and stop responding properly altogether. DDoS protection can also protect against other types of attacks such as SQL injection attacks which involve entering malicious code into databases where it would otherwise cause problems with data integrity issues within those databases.

 

A modern enterprise also needs a security solution that can protect its APIs, data, and other assets from cyberattacks. This can be done by turning to API Security Platforms. API Security Platforms are a complete end-to-end security solution for protecting web APIs from attacks and securing data in transit and at rest. They provide authentication, authorization, encryption, anomaly detection, and protection against DDoS attacks. Although the market for integrated API security solutions is still in its beginning stages, a recent study found almost 70% of respondents ranked an API protection platform as “very important”.

Conclusion

API security is a critical component of the modern enterprise. Even if you’re not using APIs for your core service, there are still many other applications that rely on API-based services. That means there’s a lot at stake when it comes to ensuring that your organization isn’t vulnerable to attacks or fraud. It also means that you have to take some extra steps when securing access to those APIs. There is no one-size-fits-all solution for API security. Companies need to consider their needs and then find the best solution for them.

The post API Security for the Modern Enterprise appeared first on IT Security Guru.