Omni Hotels & Resorts Hack: Attackers Have Stolen Information

andreasc
-
0
Omni Hotels & Resorts Hack: Attackers Have Stolen Information
[ad_1]

Omni Hotels & Resorts has revealed that it was the target of a recent cyberattack, which resulted in the theft of customer information.

The hospitality giant has been working closely with a leading cybersecurity response group to investigate the incident and mitigate the impact on its guests.

Limited Customer Data Compromised

According to the company’s statement, the attack has impacted a subset of Omni’s customers.

The stolen data includes customer names, email addresses, mailing addresses, and information related to the company’s Select Guest Loyalty program.

The compromised data does not include sensitive financial information, such as payment details or social security numbers.

Omni Hotels & Resorts has reported the matter to law enforcement and is collaborating with cybersecurity experts to address the situation.

Document
Stop Advanced Phishing Attack With AI

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

The company has taken swift action to shut down its systems and contain the data breach, with most of its systems now restored to full functionality.

Commitment to Guest Experience and Security

Despite the disruption caused by the cyberattack, Omni Hotels & Resorts has remained committed to maintaining its exceptional guest experience.

The company has continued to welcome guests and accept new reservations online and through its customer care center.

In a statement, Omni emphasized its dedication to the security of its systems and data, stating, “We take the security of our systems and data very seriously, and while this remains an ongoing investigation, Omni continues to collaborate with a leading cybersecurity response group and deploy all available resources to address the situation.”

The hospitality industry has been a frequent target of cyberattacks in recent years, underscoring the importance of robust cybersecurity measures and vigilance in protecting customer information.

Omni’s swift response and commitment to transparency in this incident serve as a reminder of the critical role that organizations play in safeguarding their customers’ trust.

Looking to Safeguard Your Company from Advanced Cyber Threats? Deploy TrustNet to Your Radar ASAP


[ad_2]
Source link

New ransomware group demands Change Healthcare ransom

andreasc
-
0
New ransomware group demands Change Healthcare ransom
[ad_1]

The Change Healthcare ransomware attack has taken a third cruel twist. A new ransomware group, RansomHub, has listed the organisation as a victim on its dark web leak site, saying it has 4 TB of “highly selective data,” which relates to “all Change Health clients that have sensitive data being processed by the company.”

The announcement follows a series of events that require some unpacking.

Change Healthcare is one of the largest healthcare technology companies in the USA, responsible for the flow of payments between payers, providers, and patients. It was attacked on Wednesday February 21, 2024, by a criminal “affiliate” working with the ALPHV ransomware group, which led to huge disruptions in healthcare payments. Patients were left facing enormous pharmacy bills, small medical providers teetered on the edge of insolvency, and the government scrambled to keep the money flowing and the lights on.

American Hospital Association (AHA) President and CEO Rick Pollack described the attack as “the most significant and consequential incident of its kind against the US health care system in history.”

The notorious ALPHV ransomware group claimed responsibility, chalking up Change Healthcare as one of a raft of healthcare victims in what looked like a deliberate campaign against the sector at the start of 2024.

ALPHV used the ransomware-as-a-service (RaaS) business model, selling the software and infrastructure used to carry out ransomware attacks to criminal gangs known as affiliates, in return for a share of the ransoms they extorted.

On March 3, a user on the RAMP dark web forum claimed they were the affiliate behind the attack, and that ALPHV had stolen the entirety of a $22 million ransom paid by Change Healthcare. Shortly after, the ALPHV group disappeared in an unconvincing exit scam designed to make it look as if the group’s website had been seized by the FBI.

ALPHV’s exit left Change Healthcare with nothing to show for its $22 million payment, a disgruntled affiliate looking for a ransom, and very possibly two different criminal gangs—ALPHV and its affiliate—in possession of a huge trove of stolen data.

Now, a month later, a newcomer ransomware group, RansomHub has listed Change Healthcare as a victim on its website.

Change Healthcare is listed as a victim on the RansomHub dark web leak site
Change Healthcare is listed as a victim on the RansomHub dark web leak site

While some have speculated that Change Healthcare has suffered a second attack, the RansomHub site itself makes the connection to the events surrounding February 21 quite clear:

As an introduction we will give everyone a fast update on what happened previously and on the current situation.

ALPHV stole the ransom payment (22 Million USD) that Change Healthcare and United Health payed in order to restore their systems and prevent the data leak.

HOWEVER we have the data and not ALPHV.

RansomHub first appeared in late February and its arrival dovetails neatly with ALPHV’s disappearance in very early March, leading some to think they are the same group under two different names.

The statement also pours water on the idea that RansomHub is a rebrand of the ALPHV group with its suggestion that “we have the data and not ALPHV.” However, any public statement like this has to be tempered by the fact that ransomware groups are prolific liars.

It’s not uncommon for affiliates to work with multiple RaaS providers, so the most likely explanation is that having lost its money to ALPHV, the affiliate that ransacked Change Healthcare has paired up with a different ransomware group.

Whatever the reason, there is no comfort in it for Change Healthcare. Having apparently already paid a ransom thirty times greater than the average demand, it now has to decide whether it’s going to pay out again.

For everyone else, it’s a lesson in how devastating ransomware can be, and how badly things can go even when you pay a ransom.

How to avoid ransomware

  • Block common forms of entry. Create a plan for patching vulnerabilities in internet-facing systems quickly; and disable or harden remote access like RDP and VPNs.
  • Prevent intrusions. Stop threats early before they can even infiltrate or infect your endpoints. Use endpoint security software that can prevent exploits and malware used to deliver ransomware.
  • Detect intrusions. Make it harder for intruders to operate inside your organization by segmenting networks and assigning access rights prudently. Use EDR or MDR to detect unusual activity before an attack occurs.
  • Stop malicious encryption. Deploy Endpoint Detection and Response software like ThreatDown EDR that uses multiple different detection techniques to identify ransomware, and ransomware rollback to restore damaged system files.
  • Create offsite, offline backups. Keep backups offsite and offline, beyond the reach of attackers. Test them regularly to make sure you can restore essential business functions swiftly.
  • Don’t get attacked twice. Once you’ve isolated the outbreak and stopped the first attack, you must remove every trace of the attackers, their malware, their tools, and their methods of entry, to avoid being attacked again.

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Want to learn more about how we can help protect your business? Get a free trial below.


[ad_2]
Source link

Android 15 will bring wireless charging support via NFC

andreasc
-
0
Android 15 will bring wireless charging support via NFC
[ad_1]

Google is reportedly planning on adding wireless charging support via NFC with Android 15. Wireless charging is a handy feature and has often been seen on Android and iPhones for a long time now. Not to forget, when one mentions wireless charging, the Qi wireless charging standard often comes to mind.

Although, the Qi wireless charging standard is quite popular in smartphones, not much of smaller electronic gadgets have this feature. Well, there’s a reason for it. Unlike smartphones, small electronic gadgets don’t have enough space inside, making it tough to fit in a coil to adequately receive power. But, this is set to change soon as wireless charging via NFC might debut with the Android 15 update.

NFC Wireless Charging (WLC) support with Android 15 can be a game-changer

Notably, NFC Wireless Charging is still yet to make its way on many smaller gadgets despite its introduction a few years ago. One of the reasons behind this could be a lack of support from major platforms including Android. However, that might change with the Android 15 update as preparations are going on to add support for NFC Wireless Charging.

According to a recent code analysis report by Mishaal Rahman, Google might introduce NFC Wireless Charging (WLC) support for smaller devices with Android 15. This will eventually open up charging capabilities for smaller gadgets still incompatible with the Qi charging standard.

One key difference between WLC and NFC is the use of different-sized antennas. Unlike NFC, WLC features smaller antennas. That means it can be fit inside smaller gadgets including smartwatchs, earbuds, smart tags, and more. The best part about these antennas is that the same antenna also allows NFC data transfer, saving extra internal space.

NFC Wireless Charging can streamline smaller gadgets

As Google prepares to introduce NFC Wireless Charging with Android 15, smaller devices are the ones that will benefit from it. For reference, smart trackers are often too small to fit in a Qi coil but can feature the NFC Wireless Charging antenna instead. One might wonder what’s so special about these antennas. These antennas can be smaller than 1cm and often fit inside a flexible PCB making it easier to fit them in tiny devices.

Not to forget, the power transmission speed isn’t likely to beat the speed of Qi. But, it still could be super handy. With the new tech, you won’t have to rely on incredibly smaller batteries to enjoy using these tiny gadgets.

Google might introduce NFC Wireless Charging as an experimental feature in Android 15. However, if it turns out to be successful, we might see makers of smaller gadgets embracing the feature. No doubt, this tech has all the potential to revolutionize the future of small wearable gadgets.

Imagine the future where you can enjoy interacting with smaller devices without worrying much about draining batteries. Now that this wireless charging tech is in the works, it will be interesting to see what the future holds.


[ad_2]
Source link

Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges

andreasc
-
0
Ex-Security Engineer Jailed For Hacking Decentralized Cryptocurrency Exchanges
[ad_1]

Ahmed exploited a vulnerability in a decentralized cryptocurrency exchange’s smart contract by injecting fabricated pricing data, which triggered the generation of inflated fees totaling $9 million, which he subsequently withdrew in cryptocurrency. 

Following the theft, Ahmed attempted to extort the exchange, proposing the return of a portion of the stolen funds ($7.5 million) on the condition that they refrain from involving law enforcement. 

He exploited a vulnerability in Nirvana Finance’s smart contracts to buy cryptocurrency at a significantly discounted price and then resold it back to Nirvana at market value, draining $3.6 million—almost all their funds. 

To hide the stolen funds, he employed various laundering techniques by converting the stolen crypto into different tokens (token-swap transactions) and then “bridged” these funds from the Solana blockchain to the Ethereum blockchain, essentially moving them across different networks. 

At last, he converted everything to Monero, a privacy-focused cryptocurrency, and used anonymous exchanges and mixers to further obfuscate the trail.

Document
Stop Advanced Phishing Attack With AI

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

Knowledge of Blockchain Security

Capitalizing on his in-depth knowledge of blockchain security, AHMED, a US citizen and senior security engineer at a prominent international technology company, carried out successful cyberattacks against two cryptocurrency exchanges. 

His professional background in reverse engineering smart contracts, which involves analyzing and understanding their code to identify potential weaknesses, and blockchain auditing, a process focused on ensuring the security of blockchain transactions, provided him with the perfect toolkit for exploiting vulnerabilities within the exchanges’ smart contracts. 

The vulnerabilities, which stemmed from flaws in the code governing the exchanges’ operations, allowed AHMED to manipulate data for his own gain and by executing these sophisticated attacks, he was able to steal over $12 million in cryptocurrency.

A New York resident, Ahmed (34), received a three-year prison sentence and three years of supervised release for exploiting vulnerabilities in cryptocurrency exchanges.

The court further mandated the forfeiture of $12.3 million and an undisclosed amount of cryptocurrency. 

He is liable for over $5 million in restitution for the compromised exchanges and Homeland Security Investigations and the Internal Revenue Service’s Criminal Investigation Unit were commended for their contributions to the case.  

According to the Justice Government, Shakeeb Ahmed, a former security engineer, was sentenced to 3 years in prison for hacking two decentralized cryptocurrency exchanges (DEXs) in a first-ever conviction for a smart contract hack. 

He used his expertise in reverse engineering and blockchain audits to exploit vulnerabilities in the smart contracts and was also ordered to forfeit $12.3 million and a significant amount of cryptocurrency, along with $5 million in restitution to the affected DEXs. 

The case highlights the collaborative effort between the Illicit Finance and Money Laundering Unit and the Complex Frauds and Cybercrime Unit to address cryptocurrency-related cybercrime. 

Secure your emails in a heartbeat! To find your ideal email security vendor, Take a Free 30-Second Assessment.


[ad_2]
Source link

Global Hack Exposes Personal Data: Implications & Privacy Protection

andreasc
-
0
Global Hack Exposes Personal Data: Implications & Privacy Protection
[ad_1]

In a digital age where information is the new currency, the recent global hack has once again highlighted the urgent need for enhanced cybersecurity measures.

The breach was identified as Midnight Blizzard, from the Russian state-sponsored actor known as NOBELIUM. It has affected Millions of individuals and government agencies worldwide, underscoring the far-reaching consequences of cyberattacks and the critical importance of protecting sensitive information.

The Scope of the Breach

The scale of the global hack is staggering. Hackers gained unauthorized access to databases containing a wealth of personal data, including financial records, social security numbers, email addresses, and passwords.

The exposed information poses a significant risk of identity theft, financial fraud, and other forms of cybercrime. The breach has impacted individuals across various sectors, including government agencies, businesses, and private citizens, highlighting the pervasive nature of cyber threats.

Implications for Individuals

The fallout from a hack can be devastating for individuals whose data has been compromised. Identity theft, in particular, poses a significant threat. Hackers use stolen information to open fraudulent accounts, make unauthorized purchases, or even commit acts of impersonation. Moreover, the exposure of sensitive personal information can erode trust and privacy, leaving individuals vulnerable to exploitation and manipulation.

Response and Accountability

After the breach, affected organizations must take swift and decisive action to mitigate the damage and restore trust. This includes implementing robust cybersecurity measures, notifying affected individuals, and cooperating with law enforcement agencies to identify and apprehend the perpetrators.

Additionally, there must be accountability for those responsible for the breach, whether they are individuals, criminal organizations, or state-sponsored actors. Holding perpetrators accountable prevents future attacks and conveys that protecting personal data is paramount.

Safeguarding Privacy in an Era of Cyber Threats

While the global hack serves as a sobering reminder of the dangers posed by cyberattacks, it also underscores the importance of proactive cybersecurity practices. Individuals and organizations alike must remain vigilant in safeguarding sensitive information and adopting best practices for data protection.

This includes using strong, unique passwords, encrypting sensitive data, regularly updating security software, hiring the right cybersecurity company for monitoring, and being cautious when sharing personal information online. Moreover, governments and regulatory bodies must enact robust data protection laws and regulations to hold organizations accountable for safeguarding personal data and provide recourse for individuals affected by breaches.

Hack Aftermath

The exposure of personal data in the recent global hack serves as a wake-up call for individuals, businesses, and governments alike. Cybersecurity must be a top priority in an interconnected world where data is increasingly valuable and vulnerable.

That is why Axios Security Group believes that implementing robust security measures, fostering a culture of accountability, and advocating for more robust data protection laws, can be implemented together to mitigate the risks of cyber threats and safeguard the privacy and security of personal information. Only through collective action can we effectively confront the challenges posed by cybercrime and ensure a safer, more secure digital future.

About Axios Security Group

Axios Security Group is a trusted leader in comprehensive security solutions, offering organizations physical and digital protection. With a dedicated team of experts, Axios created tailored security strategies to safeguard assets, personnel, and data.

Its physical security services range from on-site personal security to cutting-edge surveillance technologies, while our cybersecurity experts provide robust digital defences, including threat detection and incident response. Axios collaborates closely with each client to ensure our solutions align with their unique needs, industry regulations, and budgetary constraints.

Axios Security Group provides a vCSO (Virtual Security Officer) program in addition to physical and cyber security. A vCSO (Virtual Chief Security Officer) is a C-suite-level security expert who enhances your company’s security. They bring strategic vision, devising comprehensive security plans encompassing digital information and physical asset protection.

By collaborating closely with your leadership team, a vCSO tailors security solutions to your unique needs, aligning them with your organizational goals and industry regulations. This approach ensures that your organization is well-prepared to navigate the ever-evolving landscape of security challenges, creating a robust, adaptable, and resilient security infrastructure. A vCSO provides all the same security expertise and protections for your organization at a 1/3 of the cost of a full-time CSO (Chief Security Officer.)

Contact Axios to learn how Axios Security Group can protect one of your most considerable corporate assets.

Contact

Contributor
Robin Carter
News Break
8004853983
[email protected]


[ad_2]
Source link

Telegram introduces the option to create custom stickers

andreasc
-
0
Telegram introduces the option to create custom stickers
[ad_1]

Most messaging platforms, including WhatsApp, have had the ability to create custom stickers for quite some time. Now, this feature is finally coming to Telegram, which means you will be able to create and send custom stickers to your friends on Telegram as well.

Enhance your messaging experience by using custom stickers on Telegram

The main function of any messaging platform, such as Telegram, is to send and receive messages. However, what sets a messaging service apart from others is the type of features it offers to enhance your messaging experience. The ability to create and share custom stickers is one such feature. It allows you to add a personal touch to your messages. This is something that Instagram is testing as well.

The latest Telegram 10.11 build has introduced a new sticker editor that enables you to create custom stickers and sticker packs. The best part is that this feature is available to both free and premium users.

To use this feature, tap on the messaging field, and then open the sticker panel window. Then, tap on the (+) button. You will then have the option to take a photo from your camera or choose an existing photo to create the sticker. Let’s say you have chosen to use an existing photo from your gallery.

You will get the Cut Out an Object option, which you can tap to cut out the main object of your image and remove the background. You also have the option to manually erase and restore parts of your photo, which can be helpful in a photo that has multiple objects, and you want to create a sticker of a particular object.

Cut Out an Object option in Telegram.

Telegram also gives you the option to Add an Outline to your sticker, giving it a built-in Telegram sticker look. Once you have created your sticker, tap the check icon, and then choose the Send Sticker option to send it.

Send Sticker option in Telegram.

Create and share your custom sticker sets

Another interesting thing about the new sticker feature is that you can create a set of your custom stickers and share them with your friends. To create a new custom sticker set, tap on the check icon once you’re done creating the custom sticker, then choose the Add to Sticker Set option.

Select New Sticker Set and then give it a name. After that, tap on the Create option to finalize creating the set.

New Sticker Set option in Telegram.

Once you’ve added all the stickers to the set, you can share it with your friends so they can use it in their chats. To share the sticker set, you simply need to open the sticker palette on Telegram and tap the Edit option next to your sticker set.

Edit option in the Telegram Sticker Palette.

After that, tap on the three-dot button in the top-right corner, choose the Share option, select the contact to which you want to send the sticker, and then tap on the Send icon. Telegram will also allow you to add existing stickers to your custom sticker sets, making it easy to have a lot of similar stickers under one name and place.

Share option on Telegram.

If you’re an avid Telegram user, April is going to be an exciting month for you. Telegram also teased about 16 new features that are coming to the platform later this month, but they didn’t give much hint on what new features are coming.


[ad_2]
Source link

Verizon offers free home internet for 6 months

andreasc
-
0
Verizon offers free home internet for 6 months
[ad_1]

In a move to expand internet accessibility, Verizon is offering new customers six months of free home internet service through its Verizon Forward program. This promotion targets qualified low-income residents, aiming to bridge the digital divide.

What does the free internet plan entail?

The free internet offer applies to Verizon’s 5G Home, LTE Home, and Fios 300 Mbps internet plans. This allows new subscribers to choose the option that best suits their needs, whether it’s the blazing-fast speeds of 5G or the reliable connection of Fios fiber optics. Notably, there’s a one-time $99 setup fee for Fios installations, while the other plans come without this charge.

The free service period lasts for six months, kicking in after installation and activation. The discount is then reflected as a credit on the customer’s bill within one or two billing cycles. This is a limited-time offer, with the activation deadline set for September 3rd, 2024.

To qualify for Verizon Forward and its free six-month internet offer, new Verizon internet service customers must meet specific eligibility criteria. This includes having received a Federal Pell Grant within the past year or participated in a qualifying government assistance program in the last 180 days.

While the government’s Affordable Connectivity Program (ACP) ends soon, Verizon assures existing ACP customers their current discounts will continue.

What happens after six months of free home internet?

Following the free six-month period, customers will transition to Verizon’s standard internet plans. Verizon Forward plans typically start at $20 per month, but the exact price will depend on the specific plan you choose and any additional discounts you qualify for.

Overall, Verizon’s free home internet offer is a welcome development for budget-conscious households. With a variety of plans to choose from and the potential to combine the offer with other discounts, Verizon Forward could be a game-changer for those seeking affordable internet access.


[ad_2]
Source link

Meta shuts down Threads in Turkey, here’s what to do

andreasc
-
0
Meta shuts down Threads in Turkey, here’s what to do
[ad_1]

Meta is about to shut down for a period its Threads, the newest social media platform that was supposed to combat Elon Musk’s X/Twitter.

The shut-down will be solely in Turkey, starting April 29 and the reason is that Meta needs to comply with an interim order of the Turkish competition authority (via Reuters).

The company assures in a blog post that Threads’ activity ceasing won’t impact Meta’s other social media platforms like Facebook, Instagram, and WhatsApp in Turkey.

“We are taking steps to minimize any disruption as much as possible”, reads the blog post and adds:

  • Everyone using Threads in Turkey will be notified of this decision within the Threads app before 29 April.
  • People using Threads in Turkey can choose whether to deactivate but not delete their Threads profile, or to delete their profile.
  • If a person chooses to deactivate their profile, then users’ posts and interactions with other people’s posts will become visible again if Threads returns to Turkey.
  • People with deactivated profiles can download their posts and preserve their existing content through our Download Your Information tool at any time.

But why?


The reason for the shut-down is that there’s an ongoing investigation into Meta’s potential abuse of its dominant position in the market, as we’ve reported earlier.This action follows the initiation of a probe in December by Turkey’s competition watchdog into Meta, the parent company of Facebook, for potentially breaching competition laws by linking Instagram with its newer platform, Threads. The watchdog stated that the interim measure will be in effect until a conclusive verdict is reached, since the data obtained and merged through these two apps could “violate competition law and cause irreparable damage” in the market.

On a side note, the Turkish authority fined Meta 4.8 million lira ($148,000) daily as part of a separate investigation over a notification message that the company sends users about the sharing of data.
The notification about data sharing between the company’s Facebook, Instagram, and WhatsApp services did not provide sufficient information and was not transparent enough, it said.

The authority also noted that the manner in which the notification prompts users to consent to data sharing does not adequately mitigate concerns regarding anticompetitive behavior.


[ad_2]
Source link

OpenSSF Warns of Fake Maintainers Targeting JavaScript Projects

andreasc
-
0
OpenSSF Warns of Fake Maintainers Targeting JavaScript Projects
[ad_1]

The open-source software community, the foundation of modern technology, is facing a growing threat from social engineering attacks. The Open Source Security (OpenSSF) and OpenJS Foundations issued alerts for social engineering takeovers of open-source projects after unknown malicious actors tried to gain control of an OpenJS-hosted project.

The Attack

The OpenJS Foundation Cross Project Council, which hosts popular JavaScript projects used by billions of websites, recently received a series of emails requesting updates to one of its popular JavaScript projects for addressing critical vulnerabilities, with no specifics. The authors wanted OpenJS to designate them as new maintainers although none had privileged access to the project. 

The good news, according to OpenSSF’s blog post, is that the OpenJS Foundation had effective security measures in place, which prevented unauthorized access to the project. The Foundation, demonstrating commendable proactiveness, reported the incident to the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Homeland Security.

This approach resembles a recent incident involving the XZ Utils project, a popular data compression tool, where a malicious actor named Jia Tan infiltrated it by gaining the trust of its maintainer. The attack involved claims of expertise and malicious code insertion.

Soon after, a backdoor in xz/liblzma was discovered on the oss-security mailing list, affecting xz compression tools and libraries with versions 5.6.0 and 5.6.1. Fortunately, the compromise was discovered before widespread damage occurred.

A Wake-Up Call for Open Source Community

Open-source software can pose threats to any part of the supply chain, but the community’s due diligence and oversight can always ensure quick detection and resolution. 

Open-source maintainers should be cautious against social engineering by implementing measures like Multi-Factor Authentication (MFA), granting contributors the right access, conducting rigorous code reviews, fostering a strong community, and being wary of unsolicited help. Limiting privileges can add additional security, while also being cautious of individuals offering “critical” updates or requesting access.

Open Source Tools = Lucrative Target

Over 30 million open-source projects are hosted on the GitHub platform, highlighting their widespread adoption by individuals and businesses. However, this vast number also makes these projects lucrative targets for cybercriminals.

For instance, a few months ago, a new hacker group called GambleForce was discovered exploiting open-source tools to compromise their targets successfully. This has encouraged initiatives such as bug bounty programs from Google and the EU (European Union) specifically for Open Source tools.

Experts Opinion

Chris Hughes – chief security advisor at open source security company, Endor Labs and Cyber Innovation Fellow at CISA, where he focuses on supply chain security – says these attack attempts are not surprising, but they do raise awareness of bigger OSS security issues.

“It is not surprising at all to hear about these increased social engineering takeover attempts and these will increase with the recent xz utilities example providing insight to malicious actors on how to conduct this attack, in fact we can likely suspect that many of these are already underway and may have already been successful but haven’t been exposed or identified yet. ” Chris warned.

  1. Enhancing Team Coordination With Open-Source Tools
  2. Patched OpenSSH Exploited for IoT, Linux Cryptomining
  3. Dark Web Pedophiles Using Open-Source AI to Generate CSAM
  4. Use of open-source libraries left web apps vulnerable to attacks

[ad_2]
Source link

Guardz Welcomes SentinelOne as Strategic Partner and Investor to Boost Cybersecurity Defenses for SMBs – Latest Hacking News

andreasc
-
0
Guardz Welcomes SentinelOne as Strategic Partner and Investor to Boost Cybersecurity Defenses for SMBs – Latest Hacking News
[ad_1]

[Miami, FL – April 16, 2023] Guardz, the cybersecurity company securing and insuring small and medium-sized businesses, today announced a strategic partnership with SentinelOne, the leader in AI-powered security. The partnership includes an investment from S Ventures, SentinelOne’s venture fund. Guardz and SentinelOne will collaborate on technological advancements and go-to- market strategies, together empowering Managed Service Providers (MSPs) to better serve their small and medium-sized business (SMB) clients in the face of rising and increasingly sophisticated cyber threats.

Today, SMBs are faced with unique cybersecurity challenges amidst the ever-evolving threat landscape. Growing cloud and SaaS adoption combined with constrained budgets and staffing limitations pose significant challenges in managing these businesses’ IT infrastructure. With 43% of cyber-attacks targeting SMBs and only about one-quarter (26%) of SMBs saying they possess cyber insurance, the need for tailored solutions is clear – and SMBs are increasingly turning to MSPs to handle their cybersecurity, reflecting a growing demand for specialized and customer-centric cyber protection.

The AI-powered Guardz platform is purpose-built for MSPs, empowering them to safeguard their SMB customers. Unlike conventional point solutions, Guardz offers a unified AI-driven platform equipped with automated detection and response capabilities to enable MSPs to proactively secure SMBs’ digital assets across users, emails, devices, data and cloud applications. Its cost-effective solution offers full-stack security from a single pane of glass, with easy onboarding. Together, Guardz and SentinelOne will work to advance the Guardz technology and go-to-market strategy. In doing so, they will help make comprehensive, cutting-edge cybersecurity available to businesses of all sizes, ensuring they can defend themselves with the same level of sophistication and efficiency as larger enterprises.

“This strategic partnership marks a significant milestone for Guardz. With SentinelOne’s industry expertise and reach and our track record of providing tailored cybersecurity for MSPs and their customers, we will together ensure a more cyber resilient future for SMBs amid increasingly sophisticated cyber threats,” said Dor Eisner, CEO and Co-Founder of Guardz. “We look forward to continuing to innovate and push the envelope together to ensure the continuity of these businesses and build a safer digital ecosystem across the globe.”

In January of 2024, Guardz raised a $18M Series A led by Glilot+, the early growth fund of Glilot Capital. Since its launch in 2023, the company has experienced rapid growth, having partnered with hundreds of MSPs and securing thousands of the businesses they manage in the US and Europe over the past year.

“Guardz offers a modern approach to protect the underserved SMB market, developing a unified cybersecurity solution that is built for MSPs from day one,” said Ken Marks, Vice President, Worldwide Channels & MSSP at SentinelOne. “This investment underscores SentinelOne’s unwavering commitment to pioneering cybersecurity solutions and amplifies our partner-first philosophy.” 

For more information about Guardz and their partnership with SentinelOne please visit XX. 

About Guardz

Guardz is a holistic cybersecurity solution built to empower MSPs to secure and insure SMEs against ever-evolving threats such as phishing, ransomware attacks, data loss, and user risks by leveraging AI and a multilayered approach. The solution streamlines cybersecurity with its automated detection and response capabilities across users, emails, devices, data, and cloud apps, all from a single pane of glass. By combining robust cybersecurity technology and deep insurance expertise, Guardz ensures that businesses’ security is consistently monitored, managed, and optimized to prevent the next attack and mitigate the risk. Guardz was founded in 2022 by Dor Eisner and Alon Lavi along with a team of cyber and insurance experts who combine innovation, experience, and creativity to create a safer digital world for small businesses.

About SentinelOne 

SentinelOne is a global leader in AI-powered security. SentinelOne’s Singularity™ Platform detects, prevents, and responds to cyber attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with speed, accuracy, and simplicity. Over 11,500 customers, including Fortune 10, Fortune 500, Global 2000 companies, and prominent governments, trust SentinelOne to secure the future. To learn more, visit www.sentinelone.com

Media Contact
Allison Grey
Headline Media
[email protected]

US: +1 323 283 8176

UK: +44 203 807 4482

IL: +972 53 820 2606


[ad_2]
Source link
1...173174175...1,452Page 174 of 1,452