Sophos has once again been named a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms, as we have been for the past decade. This year, there were one of only three in this category. This positioning confirms the ongoing innovation and impressive results of Sophos Intercept X, one of the industry’s most comprehensive endpoint protection.
Get your complimentary copy of the Magic Quadrant Report, click here,
In the report, Gartner states that the definition of an Endpoint Protection Platform (EPP) has been updated: “In September 2017, in response to changing market dynamics and client requirements, we adjusted our definition of an EPP. An EPP is a solution deployed on endpoint devices to prevent file-based malware, to detect and block malicious activity from trusted and untrusted applications, and to provide the investigation and remediation capabilities needed to dynamically respond to security incidents and alerts…Organizations are placing a premium on protection and detection capabilities within an EPP, and are depreciating the EPP vendors’ ability to provide data protection capabilities such as data loss prevention, encryption or server controls.”
“The threat landscape is evolving at an astonishing rate,” said Dan Schiappa, senior vice president and general manager of products at Sophos. “During the last 12 months alone we have seen repeated ransomware attacks that traditional endpoint protection alone cannot adequately protect against. To stay at the forefront of endpoint protection, vendors must continually analyze the landscape and innovate the approach to protection faster than cybercriminals can innovate their attack techniques. We believe Gartner’s continued placement of Sophos in the Leaders quadrant in the Magic Quadrant for Endpoint Protection Platforms demonstrates that Sophos is able to innovate and deliver solutions that organizations of all sizes can use every day. Predicting future threats is the future of security protection and the deep learning capabilities we have added to our portfolio is enabling us to do just that, more effectively than any other next-generation vendor.”
Further strengthening the advanced levels of protection within its endpoint portfolio, Sophos also announced today that it has added deep learning neural network and advanced anti-exploit technology to the newest release of its next-generation Intercept X. Intercept X can be installed alongside any traditional endpoint protection from any vendor, immediately boosting detection speed and accuracy. Sophos believes that its next-generation enduser, server, and network protection technologies will further its leadership and continue to keep customers protected as threats evolve. The advanced machine learning technology has been further developed by Sophos to enhance Sophos Sandstorm capabilities and is powering automated threat analysis in SophosLabs facilities worldwide.
IBM X-Force, the cybersecurity intelligence and research unit of IBM, has reportedly discovered a cybercriminal ring operating out of Ukraine targeting Canadian businesses.
Recent reports in Security Intelligence said the criminals are deploying custom phishing attacks against business customers of Canadian banks to gain access to their bank credentials, passwords and authentication codes. The attackers send a spear phishing email to a target with seemingly legitimate contents, including a bank logo.
The emails are sent with PDF attachments designed to hide from detection tools. Analysts said it is possible that the criminals may have first deployed an earlier attack on their targets to learn more about the companies’ account information before launching the PDF-related attack. The PDFs urge readers to synchronize their devices and re-activate with one-time passwords and tokens, while links in the PDF send users to phishing sites.
The scheme is designed to give attackers access to business bank accounts.
According to IBM X-Force, the same attackers have also been operating a separate ring targeting consumers, though cybercriminals have recently been heightening their focus on corporate victims and high-value accounts.
The cybercrime ring identified by IBM X-Force is one of several that have taken to targeting businesses in recent months. Last June, in the wake of WannaCry, Bloomberg reported on another “massive cyberattack” originating in Europe. Investigators found Mondelez International, A.P. Moller-Maersk and BNP Paribas Real Estate to be among the targeted victims.
A research report released in October by Deutsche Bank and Economist Intelligence Unit found cybercriminals are particularly interested in targeting the corporate treasury department, which holds a trove of sensitive company and customer data.
“Sophisticated cybercriminals often use social engineering and insight information to execute high-value thefts via corporate treasuries,” said Deutsche Bank head of cash management Michael Spiegel, in a statement at the time. “Our research has identified serious gaps in corporate defense, including vulnerabilities hidden with third parties and their subcontractors. This gives cybercriminals the opportunity to steal data.”
New research reveals that cyber-attacks by unsophisticated hackers this year have successfully exploited vulnerabilities that many of the world’s famed businesses were already aware of but did nothing to fix.
Despite upcoming laws that will charge them millions in penalties if found non-compliant, many businesses worldwide continue to neglect standard security procedures.
The latest evidence comes from the 20th annual EY Global Information Security Survey (GISS), which breaks some disconcerting news regarding the willingness of big businesses to beef up security.
While the surveyed companies weren’t named in the report, the research was conducted with the aid of “1,200 C-level leaders of the world’s largest and most recognized organizations.” Here’s what EY found:
Only 56% of those surveyed are changing or planning to change their strategies due to the increased impact of cyber threats. Even though most organizations are spending more on cybersecurity, only 12% expect an increase of more than 25% this year.
Potential damage from a cyber-attack isn’t always immediately obvious, yet 64% say an attack that “did not appear to have caused any harm” would not likely persuade the powers-that-be to spend more on cybersecurity.
Many, however, recognize that lack of adequate resource allocation can increase cybersecurity risks. As many as 20% of respondents admit they do not have enough of a grasp on current information security implications and vulnerabilities to decide what needs to be done.
Cybersecurity budgets are bigger in organizations that place dedicated security officers in key lines of business, as well as in companies that report on cybersecurity to the board audit committee at least twice a year.
However, while 50% report to the board regularly, only 24% say the go-to person with responsibility for cybersecurity sits on that board. Moreover, only 17% of respondents say boards have enough of a grasp on IT security matters to properly assess the effectiveness of preventive measures.
The report also reveals, perhaps most importantly, that common attacks described as “cyberattacks carried out by unsophisticated, individual attackers” have successfully exploited vulnerabilities that many of the surveyed organizations were aware of. According to EY analysts, this finding points to “a lack of rigor in implementing standard security procedures.”
Other findings include:
- Malware and phishing are regarded as the most prolific threats in the past 12 months
- Careless, unaware and/or malicious employees are seen as the most significant increasing vulnerability to organizations’ security
- 75% rate the maturity of their vulnerability identification as “very low to moderate.”
- 12% say they have no formal breach-detection program
- 35% describe their data-protection policies as ad-hoc or non-existent
- 38% either have no identity and access program or have not formally agreed on such a program.
- 57% of respondents have an “informal” threat intelligence program or do not have one at all
- just 12% of respondents can confidently say they can detect a sophisticated cyberattack targeting their organization
If you have questions or would like to discuss how to improve your security posture – contact us.
Ransomware has been around for a few years but has become an albatross around everyone’s neck—from big businesses and financial institutions to hospitals and individuals worldwide—with cyber criminals making millions of dollars.
In just past few months, we saw a scary strain of ransomware attacks including WannaCry, Petya and LeakerLocker, which made chaos worldwide by shutting down hospitals, vehicle manufacturing, telecommunications, banks and many businesses.
Before WannaCry and Petya, the infamous Mamba full-disk-encrypting ransomware and the Locky ransomware had made chaos across the world last year, and the bad news is—they are back with their new and more damaging variants than ever before.
Diablo6: New Variant of Locky Ransomware
First surfaced in early 2016, Locky has been one of the largest distributed ransomware infections, infecting organisations across the globe.
By tricking victims into clicking on a malicious attachment, Locky ransomware encrypts nearly all file formats on a victim’s computer and network and unlocks them until the ransom in Bitcoins is paid to attackers.
The ransomware has made many comebacks with its variants being distributed through Necurs botnet and Dridex botnet.