Author: bacohido

Even in the cloud era, Microsoft Exchange Server remains a staple business communications tool across the globe.

Related: The need for robust data recovery policies.

One critical issue faced by organizations that rely on Exchange Server is the risk of a corrupt Exchange Server database cropping up.

Fortunately, effective tools and wise best practices can help mitigate this this exposure enabling companies to indefinitely leverage Exchange Server as a productive, resilient and secure communications tool.

Navigating new risks

Today, heavy reliance on cloud-centric IT infrastructure and cloud-hosted applications has become the norm. Yet a significant number of enterprises and small and mid-sized businesses (SMBs) continue to rely on Exchange Server.

Microsoft introduced this e-mail and calendaring server in 1996 and over time it has over time become ubiquitous in enterprises and small and mid-sized businesses (SMBs) alike.

While the rise of cloud computing brought alternatives like Microsoft 365 (formerly Office 365,) Exchange Server adapted by offering both on-premises and hybrid deployments.

Empowering control

In an operating environment of hyper interconnectivity and rapid software development, Exchange Server can offer tangible, hands-on control over sensitive data. And this has material value for organizations concerned about data sovereignty.

At the same time, rising digital complexity has given rise to unprecedented failure scenarios involving hardware, software and cloud-configuration lapses. These can lead to costly disruptions, data loss, not to mention  leave businesses wide-open exposure to criminal hackers.

Exchange server ordeal

Take what recently happened to iConnect Consulting, a San Francisco-based supplier of Laboratory Information Management System (LIMs) consulting services.

iConnect  faced a major disruption of its Exchange services, stemming from a corrupted RAID drive and extending into their backups. This rendered their Exchange databases “dirty,” posing a substantial threat to their data integrity. Exhaustive data recovery attempts using logs, databases and Exchange shell prompts proved futile.

The inability to recover email historic data in a timely manner put the company’s core operations at risk, affecting user satisfaction and potentially undermining its reputation.

This led iConnect to deploy Stellar Repair for Exchange Software, a specialized Exchange recovery tool designed to preserve Exchange Server folder structures and customizations while expediting the overall restoration process.

Stellar Repair for Exchange scans corrupt EDB files and recovers mailbox items, including emails, attachments, contacts, calendars, notes, tasks, journals, and public folders. It then can repair the exchange database in case of missing log files or any severe database corruption error.

The user interface is intuitive, making it accessible for users with varying levels of technical expertise. Recovered mailboxes can be exported directly to the live Exchange server, with minimal downtime, or even to Office 365, by establishing a connection through valid admin credentials.

Proactive management

Bhushan

While it is great to have a powerful data recovery tool, like Stellar Repair for Exchange, readily at hand, businesses today should also proactively manage Exchange Server risks springing from the rising digital complexity. Here are a few ‘dos:’

•Rigorous vulnerability management. Diligently apply the latest security patches and updates provided by Microsoft to protect against known Exchange Server vulnerabilities.

•Robust access control. Implement strong password policies and multi-factor authentication to prevent unauthorized access.

•Comprehensive monitoring. Employ continuous monitoring for suspicious activities and have a well-defined incident response plan ready to address any security breaches.

•Backup strategies. Encrypt sensitive data and maintain regular, secure backups to ensure data integrity and availability, even in the event of system failures or cyber attacks.

•User education: Regularly train employees on cybersecurity best practices, including recognizing phishing attempts and secure handling of sensitive information.

These practices are foundational for maintaining the security and operational integrity of Exchange Server environments.

About the essayist: Bharat Bhushan is technical marketer at Stellar Data Recovery. He is skilled in Microsoft Exchange Database, MSSQL Database troubleshooting and data warehousing.

Tel Aviv, Israel, Jan. 31, 2024 — Oasis Security, the leading provider of Non-human Identity Management (NIM) solutions, announced today that it raised a total of $40 million funding led by Sequoia Capital (Doug Leone, Bogomil Balkansky), alongside Accel (Andrei Brasoveanu), Cyberstarts (Lior Simon) and Maple Capital. Guy Podjarny, founder of Snyk and Michael Fey, Co-Founder and CEO of Island, also participated in the financing.

The rapidly growing number of non-human identities – such as service accounts, secrets, API keys, tokens and certificates – deployed in organizations’ hybrid and multi cloud environments poses a dual security and operational challenge.

Non-human identities now outnumber human identities by a factor of 50 to 1, creating a massive attack surface that has become a primary target of malicious actors. The security risks are further compounded as, on average, there are 10 times more non-human identities with broader access privileges to sensitive data than there are humans. With more business processes being automated via AI-workflows and accessed by machines, it is critical that organizations deploy an enterprisewide non-human identity strategy.

Brickman

“Shifts in infrastructure and workloads have completely changed the identity stack. Non-human identities have grown exponentially and become the weak link in enterprise cybersecurity,” said Danny Brickman, Co-founder and CEO of Oasis Security. “The compromise of a single service account or token could allow a malicious actor to delete an entire cloud environment. Traditional human identity and secrets management tools can’t handle the scale and complexity of non-human identities, leaving most organizations flying blind and severely exposed. Oasis delivers a comprehensive yet easy-to-use solution that allows growth and security to go hand-in-hand.”

Oasis is the first enterprise platform purpose-built to automate the lifecycle of non-human identities. Oasis is extremely easy to use and to integrate with all the major cloud and on-premise identity sources. Oasis instantly provides holistic visibility with deep contextual insights on every non-human identity – who owns it, consumes it, what resources it grants access to and how privileged. The built-in Oasis Posture & Remediation Intelligence (PRI) module automatically identifies vulnerabilities, prioritizes the most severe issues, and generates remediation plans drastically shortening the time to detection and incident resolution.

“Oasis has revolutionized our approach to non-human identity management, effectively addressing security challenges that remained unsolved by conventional methods. Their solution has significantly enhanced our security and governance framework, providing us with holistic visibility and lifecycle automation. This represents a new paradigm in non-human identity management, far surpassing the capabilities of traditional legacy systems.” Chris Mosteller, Head of Identity Security, JLL

“Identity is the new perimeter, and non-human identity is the gaping hole in that perimeter,” said Bogomil Balkansky, partner at Sequoia Capital. “We are excited to work with the Oasis team to solve one of the biggest challenges in cybersecurity today. The company has come out of the gate very strong and fast, signing up blue chip customers less than a year after it was founded, which is a testament to the latent demand for such a solution and to this team’s capabilities and commitment.”

“Driven by increasingly fragmented and complex cloud environments, non-human identities have grown exponentially over the past few years,” said Andrei Brasoveanu, partner at Accel. “Early on, Danny and Amit spotted this security challenge for CISOs and, since founding Oasis, have seen impressive adoption from large enterprise customers. We feel the team has what it takes to build a large category-defining company and we look forward to the journey ahead.”

Simon

“Danny and Amit’s journey has been a Cyberstarts textbook process – incredibly talented duo who ventured into entrepreneurship with a resolute mission to address a crucial cybersecurity pain point. Through dozens of dialogues with CISOs and industry leaders, they chose a differentiated approach in the emerging non-human identity security space,” said Lior Simon, General Partner at Cyberstarts. “It has been a privilege to partner with the Oasis team since their inception, and I look forward to the next chapters of Oasis, building together a lasting cybersecurity business.

About Oasis Security: Oasis is the market leading platform for non-human identity management. With modern systems and development teams now increasingly distributed, non-human identities, such as secrets, API keys, and RPA accounts, have surged creating a massive attack surface that legacy tools can’t manage. Oasis solves this critical security challenge by automatically discovering all non-human identities across all environments, providing holistic visibility, risk assessment with vulnerability auto-remediation and simplifying secret management compliance. 

Media contact: Cameron Morrissey, cmorrissey@thisisoutcast.com, +44 7773 005644

Uncategorized

San Francisco, Calif., Jan. 31, 2024 – Reken, an AI & cybersecurity company, today announced the close of its $10M oversubscribed seed round, led by Greycroft and FPV Ventures. Other investors in the round include Firebolt Ventures, Fika Ventures, Omega Venture Partners, Homebrew, and JAZZ Venture Partners.

The funding will be used for core research and development to build new AI technology and products to protect against generative AI threats, such as deepfake social engineering and autonomous fraud.

Ghosemajumder

“Generative AI cybercrime poses the greatest security challenge of our time,” said Shuman Ghosemajumder, co-founder & CEO of Reken. “While billions have been spent on security products, the impact of cybercrime has actually been getting worse. The reality is that existing cybersecurity doesn’t work as well as we’d like against even yesterday’s threats, let alone against new attacks based on generative AI. For threats such as deepfake video, audio, images, phishing, and fraud, it’s clear that we need a new approach.”

Reken’s backers include top venture capital funds led by many early Google employees and Google-connected investors, including Wesley Chan (FPV), Hunter Walk & Satya Patel (Homebrew), Eva Ho (Fika), and Gokul Rajaram.

Google DeepMind executive Jon Steinback (Sequoia Capital Scout Fund) and Vishal Vasishth (co-founder, Obvious Ventures) also invested in the round. Greycroft partner and Bay Area head, Marcie Vu, who helped lead Google’s IPO, joins the Reken board.

Vu

“Safeguarding against generative AI threats is essential for the future of the internet,” said Vu. “Reken’s founders have unparalleled experience building large-scale AI platforms to defend against sophisticated attacks for some of the world’s largest companies. Shuman and Rich are uniquely positioned to build an important company that will help tackle the evolving challenges presented by generative AI threats, which will only increase over time. Reken’s mission strongly aligns with Greycroft’s core focus on artificial intelligence.”

Reken was founded in January by Ghosemajumder (formerly Google’s Global Head of Product for Trust & Safety; Head of AI at F5; and CTO at Shape Security) and Rich Griffiths (formerly VP of Product at Shape Security). The two helped build Shape from its early stages into the leading AI bot defense platform, which was acquired by F5 for $1B in 2020.

About Reken: Reken is building a new category of AI products and platform to protect against generative AI threats. For more information, please visit https://reken.ai.

About Greycroft: Greycroft is a seed-to-growth venture capital firm that partners with entrepreneurs who are striving to build category-defining companies across intelligent consumer and enterprise applications, AI infrastructure, sustainability, and consumer products.

Greycroft has raised over $3 billion in capital, including the recent closing on over $980 million across its core flagship vehicles, Greycroft Partners VII and Greycroft Growth IV, enabling the firm to invest in software businesses that are taking advantage of advancements in artificial intelligence. Recent Greycroft investments in the Bay Area in artificial intelligence include Together AI, Peer AI, Character.AI, Contextual AI, Rembrand, and Merly.AI. For more information, please visit https://www.greycroft.com.

About FPV: FPV is a new $450 million fund focused on backing and serving mission-driven founders throughout their entire journey. Founded by Wesley Chan (former Google product leader who founded Google Analytics and Google Voice) and Pegah Ebrahimi (former COO and CIO of Morgan Stanley Tech Banking and COO of Cisco Collaboration), the firm has backed well-known, high-impact startups including Canva, Flexport, Guild Education, Xilis, and Manifold Bio. For more information, please visit https://fpvventures.com.

About Shuman Ghosemajumder: Shuman Ghosemajumder is co-founder and CEO of Reken, an AI & cybersecurity company building a new category of products and platform to protect against generative AI threats.

As an early Google employee, he helped build Gmail and grow AdSense. As Global Head of Product for Trust & Safety, he started the Trust & Safety product group, protecting over $20B/year in revenue and over 1B users.

He was later CTO of Shape Security, an AI cybersecurity company protecting the largest banks, airlines, and federal agencies against sophisticated bots. He helped build Shape from a pre-product startup to its $1B acquisition by F5. After the acquisition, he became F5’s GM & Global Head of Artificial Intelligence. He founded their AI & Data product group, building products leveraging over 500PB/day of data from F5 products powering the world’s largest websites.

Shuman is also co-founder and chairman of TeachAids, an educational technology NGO spun out of Stanford University. TeachAids builds free, research-based public health education software used in 82 countries, helping educate more than 500 million people.

Shuman is co-author of CGI Programming Unleashed (Macmillan Publishing), a contributing author to Crimeware (Symantec Publishing), and has written for publications such as Harvard Business ReviewVox, and VentureBeat. He is also a regular guest lecturer at Stanford. He is a graduate of MIT and in 2011 was named by The Boston Globe to their MIT150 list of the top MIT innovators of the past 150 years.

Media Contact: press@reken.ai

There’s no denying that castle walls play a prominent role in the histories of both military defense, going back thousands of years, and — as of the start of the current millennia — in cybersecurity.

Related: How Putin has weaponized ransomware

In his new Polity Press book, The Guarded Age, Fortification in the Twenty-First Century, David J. Betz, delves into historic nuances, on the military side, and posits important questions about the implications for cybersecurity, indeed, for civilization, going forward.

Betz is Professor of War in the Modern World at Kings College London. I asked him about how and why certain fundamental components of ancient, fortified structures have endured. Below are highlights of our discussion, edited for clarity and length.

LW: You cite many examples of instant castle walls, if you will, getting erected in current-day war zones. How can this be, given modern warfare tactics and smart weaponry?

Betz: Picture a US Army fort during the American Indian wars of the nineteenth century. By the standards of the best weapons and tactics of the day they were ridiculously inadequate. The thing is, though, the Indians against whom they were fighting did not possess the best weapons and tactics of the day.

Against them, wooden marching forts not much different from those built by the Romans two thousand years earlier were perfectly fine. Many of the fortifications that I describe cropping up in current-day war zones are viable for the same reason.

A vast system of Russian field fortifications played a large role in shattering the Ukraine counter offensive last summer.  Or think of the chain of fortified reefs that China has constructed as the central part of its strategy to lay claim to control of the South China Sea.

Likewise, consider the challenge which Hamas’ underground fortification of Gaza presents to the Israel Defense Forces right now, despite its distinct material and tactical advantages. For that matter, Hezbollah’s fortification of southern Lebanon, throughout which it has hidden thousands of rockets in hardened casements, is an even bigger challenge.

LW: You make the point that governments and private industry erect and maintain fortified structures continuously, in ways that would surprise ordinary citizens. How pervasive is this trend?

Betz: As a matter of regulation, installations like airports and port facilities and buildings including schools, shopping malls, hospitals, museums, hotels, sport and entertainment venues, as well as bridges, monuments, and many city streets are hardened against attack by bombing, shooting, or vehicle ramming.

The scale of this effort is quite enormous in money terms. As a small example, the area around the university in which I work, King’s College London, has recently completed a security upgrade, which has seen a major road fully pedestrianized and anti-vehicle barriers installed around the entire periphery. The cost for one urban block: £34 million.

For a larger indicator, consider the global airport security market, which had an estimated value in 2020 of around $11 billion with a projected growth to as much as $25 billion by 2028, of which perimeter security amounts for about a third of total spending. The annual value of the airport operations business in total is reckoned to be around $130 billion, about 20% of which at current rates of growth is consumed by defense.

I could go on. The main point is that the private fortification industry is extremely diverse and highly creative. As an illustrative example, consider the American firm ArmorCore, based in Waco, Texas, which specializes in the making of ballistic-resistant fiberglass panels.

Their products can be found in banks, government offices, critical infrastructure facilities, hospitals, police stations and courthouses, a range of military uses including army recruitment centers and drill halls, residential construction of all types, safe rooms, and schools.

Basically, if you interact with any of these sorts of places you will have encountered the products of ArmorCore, or of hundreds of other similar companies operating in this sector.

LW: Are you suggesting this trend will continue, or perhaps accelerate? What are the drivers?

Betz: Yes, I expect that this trend has a good long way to run yet. Ultimately, one might argue that fortification is the time-honored human response to the fear of being attacked.

Poor and working-class people build walls studded with glass around their homes, install bars, and strengthen their doors because they genuinely fear home invasion. Rich people build more luxurious fortified compounds because they can afford luxury on top of security.

Corporations fortify their headquarters and store their computer servers in ex-military munitions bunkers and deep underground caverns because of their judgment of the likelihood of attack and potential loss.

LW: World Wars I and II made classic fortified structures, like the Maginot Line, obsolete. Similarly, the rise of cloud-connected digital services made on-premise network defenses, like classic firewalls, obsolete. Can you extend that comparison?

Betz: I confess you hit a bit of a sore spot with the remark about the Maginot Line being shown to be obsolete. The maligned Maginot Line failed because it was bypassed. In the few instances it was fought over, its powers of resistance, even with low-quality garrison troops, was very high.

Today the fortification industry is a massive, growing market. The annual value of the global data security market was $187.35 billion 2020, projected to rise to $517.17 billion by 2030.The investment in target hardening of data centers is only a fraction of those numbers but is likely large.

Indeed, it is because of the demand of data security that there has been a huge growth in a heretofore very niche sector of the real estate market, specifically abandoned mines, large natural caverns, and ex-military bunkers.

In Britain, a company known as The Bunker operates two ultra-high-security facilities, one in Kent and the other in Newbury, both based on ex-military nuclear shelters. Of the former site, Colo-X, which is a British brokerage company specializing in data centers, enthuses:

‘The entire complex is located underground and was built to withstand a 22-kiloton nuclear blast! Thus, with 3m-thick concrete walls and up to 100 feet underground, the building sits on rubber buffer strips to absorb shocks and each room is Faraday caged, with blast doors in the corridors.’

Betz

You made an allusion to a modern military fortification with the Maginot Line. I would suggest, a better analog is very much older than that. The very ancient hillforts and palisaded villages built by those first humans to develop settled agriculture packed their strongholds with hand tools, ploughs, seeds, and livestock—everything that they needed to continue functioning as an agricultural society after an attack by their nomadic neighbors.

The essential infrastructure of the knowledge economies of the information age rests on a different foundation of delicate physical stuff—computers, routers, fiberoptic cables, and such like—but it all needs to be guarded all the same, and essentially how we do that is rather the same still.

LW: I absolutely agree with you that the fortification zeitgeist, as you put it, runs counter to the openness of digital systems that hyperconnectivity requires. So where do we go from here?

Betz: You ask a highly pertinent and vexing question. The most honest answer is I don’t know. If I may, though, I would suggest a few things.

One, in all the history which I explore in my book it might be said that there is something of a cycle or pendulum. For a time, the power of weapons seems to drive the idea of static defense into retreat, only then to swing back in the favor of defense making the idea of offense seem futile. We are closer to the beginning of the fortification zeitgeist than towards the end. Ultimately, though, the trend will slow and reverse again.

Two, while I think that the perils of openness and hyperconnectivity have become very evident to many people. Much of what I have observed in the book I would consider an overreaction. A paranoiac society firmly locked down behind stout walls, ubiquitously digitally filed, monitored, and regulated is not one in which I wish to live. I cannot pretend though that we are not on the trajectory toward such a society.

Third, on an individual and unconscious level I think that a great deal of what is driving the developments which I have described is a reaction to the frenetic pace of change of the last generation. It is not just that things are moving fast, it is also that the pace of change is accelerating. The natural response is to hold on tightly to something solid—and there’s nothing more solid than a fort.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

 

New York City, New York – Jan. 30, 2024; In an increasingly competitive and malicious environment vulnerabilities in enterprise codebases can lead to catastrophic security failures.

Many times these can be fatal for businesses built on a foundation of customer trust and reliability. Data security is the most fundamental promise that a business can make to its users. Despite this, we have grown accustomed to hearing about massive data exploits on an almost daily basis. It is logical that recent research has found that 71% of software engineers are concerned about software reliability at their workplace.

p0 has launched from stealth and today announces that it has raised $6.5m from Lightspeed Venture Partners with participation from Alchemy Ventures to help stop catastrophic software failures.

p0’s proprietary technology leverages Large Language Models (LLMs) to identify safety and security issues in software before it is ever run in a production environment. p0’s technology provides a single-click solution with no need for additional user configuration.

“Across the world, recent catastrophic software failures have led to real-world impact on human life and poor outcomes for businesses,” said Prakash Sanker, p0 co-founder and CTO. At p0, we are determined to stop these safety and security issues affecting our society. Leveraging AI, we can go further than traditional software reliability”

p0 can handle a wide range of software issues including data integrity issues and validation failures (including those affecting data security), alongside speed and timeout issues. p0 noiselessly surfaces intelligent and actionable output far more effectively than traditional software reliability and security solutions.

“We’re building a phenomenal team and product at p0, all focused around protecting our clients and their users the damage that software vulnerabilities and reliability bugs can cause,” Kunal Agarwal, pO co-founder and CEO.Through developer teams simply connecting their Git code repositories to p0, they can rapidly gain insight beyond what traditional rule-based static analysis tools can provide – with the ability to run code scans in just 1-click.”

“As software becomes more intricate and pervasive, the importance of robust testing and reliability checks has never been more apparent. p0 is here to fundamentally change how organisations tackle these challenges head-on by harnessing the analytical power of AI. Our innovative approach empowers developers to write safer, more secure code thereby pre-empting serious run-time failures and exploits..”

Before founding p0, Sanker studied math and computer science at Stanford University and worked at companies including Palantir. Agarwal, an economics graduate from Harvard College, has previously founded a company backed by Lightspeed, Priority Vendor Technologies, which was acquired by Kansas-based

Mohapatraff

Hemant Mohapatra, Partner at Lightspeed, commented: ““At Lightspeed we’ve backed over 50 companies using generative AI to create new markets and upend old ones. p0’s cutting-edge approach to code and API security is unique and amongst the first ever truly LLM-native ways of solving this age-old and ever-evolving problem. We are excited to have incubated and backed them from when this was just an idea on paper”

p0 will use the capital to develop its product further, as it seeks to gain adoption from more users and build its team further.

About p0: Founded by Prakash Sanker and Kunal Agarwal, p0 leverages AI to help software teams surface critical security issues in software before their code is deployed to production. Through connecting with Git code repositories, p0 can identify a variety of software issues, using Generative AI to go further in identifying bugs than other tools can. For more information, please visit https://p0.inc/

About Lightspeed: Lightspeed is a global multi-stage venture capital firm focused on accelerating disruptive innovations and trends in the Enterprise, Consumer, and Health sectors. Since 2000, Lightspeed has backed entrepreneurs and helped build companies of tomorrow, including: Affirm, Acceldata, AppDynamics, Darwinbox, Hasura, Nutanix, OYO, Razorpay, Snap, Supabase, and Udaan. Lightspeed and its affiliates currently manage more than $18 Billion across the global Lightspeed platform, with investment professionals and advisors in India, Silicon Valley, Israel, China, Southeast Asia and Europe. www.lsip.com

Media contact: Bilal Mahmood, Stockwood Strategy, Mob: +44 (0) 771 400 7257

Uncategorized

Silver Spring, Maryland, Jan. 30, 2024 — Aembit, the Workload Identity and Access Management (IAM) platform that enables DevOps and security teams to discover, manage, enforce and audit access between workloads, today announced the availability of a new integration with the industry-leading CrowdStrike Falcon® platform to give enterprises the ability to dynamically manage and enforce conditional access policies based on the real-time security posture of their applications and services. This integration signifies a significant leap in Aembit’s mission to empower organizations to apply Zero Trust principles to make workload-to-workload access more secure and manageable.

Workload IAM transforms enterprise security by securing workload-to-workload access through policy-driven, identity-based, and secretless access controls, moving away from the legacy unmanaged, secrets-based approach.

Bernard

“Today’s attacks are increasingly identity-based, which is why enforcing identity-protection across the enterprise at every layer is critical for modern security. The CrowdStrike Falcon platform is rapidly becoming the center of cybersecurity’s ecosystem. This integration with Aembit enables organizations to secure machine identities as part of a holistic approach to security.” said Daniel Bernard, chief business officer at CrowdStrike.

Through this partnership, the Aembit Workload IAM solution checks to see if a CrowdStrike Falcon agent is running on the workload and evaluates its real-time security posture to drive workload access decisions to applications and data.

With this approach, now enterprises can protect their workloads from unauthorized access, even against the backdrop of changing conditions and dynamic access requirements.

Goldschlag

“The launch of the Aembit Workload IAM Platform on the CrowdStrike Marketplace represents a significant advancement in our joint mission to securely manage workload-to-workload access,” said David Goldschlag, CEO and co-founder at Aembit.

Additional customer benefits from this partnership include:

•Managed workload-to-workload access: Enforce and manage workload access to other applications, SaaS services, and third-party APIs based on identity and policy set by the security team, driving down risk.

•Seamless deployment: Drive consolidation by effortlessly integrating the Aembit Workload IAM Platform with the Falcon platform in a few clicks, providing a unified experience for managing workload identities while understanding workload security posture.

•Zero Trust security model: Embrace a Zero Trust approach, ensuring that every access request, regardless of the source, is verified before granting access rights. Aembit’s solution enforces the principle of least privilege based on identity, policy, and workload security posture, minimizing potential security vulnerabilities.

•Visibility and monitoring: Gain extensive visibility into workload identities and access permissions, enabling swift detection and response to potential security threats. Monitor and audit access logs based on identity for comprehensive security oversight.

This industry-first collaboration builds on the recent CrowdStrike Falcon Fund strategic investment in Aembit, underscoring the global cybersecurity leader’s commitment to fostering innovation within the space.

“We are excited to bring the power of Aembit’s Workload IAM to the CrowdStrike Marketplace. This collaboration enables us to deliver Zero Trust for workload access in a way that simplifies and automates the evolving security challenges faced by DevOps and DevSecOps teams,” said Apurva Dave, CMO at Aembit.

The investment reflects the recognition of the growing demands for securing workload access.

Aembit Workload IAM is available in the CrowdStrike Marketplace, a one-stop destination and world-class ecosystem of third party products. See more here.

About Aembit: Aembit is the Workload Identity and Access Management (IAM) Platform that lets every business safely build its next generation of applications by inherently trusting how it connects to partners, customers, and cloud services. Aembit provides seamless and secure access from your workloads to the services they depend on, like APIs, databases, and cloud resources, while simplifying application development, delivery, compliance, and audit.

Media contact: Apurva Dave, Chief Marketing Officer,press@aembit.io

Each of us has probably sat through some level of cybersecurity awareness training during our professional lives.

Related: Dangers of spoofed QR codes

Stop and think before you click on a link within an email from an unexpected source. Don’t re-use a password across multiple sites. Beware over-sharing personal information online, especially on social media platforms. All good advice!

When we sit back and think about the target audience for this training, much of this advice is designed to reach the busy or distracted employee who postpones laptop software updates or who copies sensitive or who copies proprietary information to a USB stick and takes it home.

Irresistible lure

This classic take-a-USB-stick-home scenario has been around for a couple of decades. The careless employee places the information on that stick at considerable risk of theft or even outright loss. But have you thought about the potential impact of an adversary introducing a USB stick to a curious employee?

Consider an employee who leaves the office or the house in the middle of the day to grab lunch somewhere nearby. They place their order, get their food, and because it’s a nice day, they grab a table outside.

But today’s lunch run has a new ingredient: a lonely, presumably lost USB stick sitting on the ground. Even better, there is an especially delicious label on the stick: “Upcoming RIF” or “Executive Strategy PPT” or “Post-Acquisition Plans?”

Dedicated adversaries

Smith

Sound far-fetched? Think about this from the perspective of the bad guys. Most companies have multiple IT/security layers of defense in place designed to keep bad actors out, and to prevent good actors inside the company from making mistakes. If a bad actor can’t get in through the front door, maybe there is some other way to initiate an attack.

Wouldn’t a dedicated adversary consider a location known to be visited by employees of the company they are targeting, like a nearby restaurant where many employees eat daily? Or how about a USB stick left at some other plausible location like a hotel or your local print shop?

The employee picks up the stick, carries it back into the office, and plugs it in. The malware installs itself to the now-infected laptop, and the attack is underway.

In most cases, determining how the malware gets onto one of your machines takes a back seat to remediating, or cleaning up, that infected machine. You need to put out that fire as quickly as you can, before that fire spreads across the network to other machines and servers.

Staged attacks

If there is any good news in this scenario, it’s this: most malware is designed to communicate back to the adversary at some stage of the cyberattack. Perhaps it needs to contact the mother ship which may have additional instructions or code for that malware to deliver.

That initial broadcast or beaconing message is often a simple one, announcing the equivalent of “I’ve been installed successfully, what’s the next step?” Or perhaps the malware has already completed its mission and is ready to send out or exfiltrate the information it has collected.

Ongoing forensics

It’s at this critical stage that comprehensive, real-time visibility across your environment is so important. Many organizations keep logs sourced from devices and applications scattered throughout their IT environment; depending on your industry, this may be a regulatory requirement. But logs are not nearly enough.

Mature organizations are also collecting and storing their network traffic for potential forensic use in support of a future investigation. It’s very powerful to be able to produce an authoritative answer to the question, “What network traffic was moving through this part of my infrastructure ten days ago?” Being able to “replay” that activity is often the only way to piece together what was actually happening as the attack rolled forward.

Factor this scenario into your awareness training, and more importantly, ensure that the visibility you have into your environment is not just a collection of logs. Network-level visibility is the highest-fidelity source available to you and your security team today. Only by seeing what’s on your network, both right now and from the recent past, can you detect and respond to real-time incidents in the fastest and most comprehensive way.

About the essayist: Ben Smith is Field Chief Technology Officer with NetWitness, a threat detection and response firm. His prior employers include RSA Security, UUNET, and the US Government, along with several technology startups.

To sell us more goods and services, the algorithms of Google, Facebook and Amazon exhaustively parse our digital footprints.

Related: The role of ‘attribute based encryption’

There’s nothing intrinsically wrong with companies seeking to better understand their customers. However, over the past 20 years the practice of analyzing user data hasn’t advanced much beyond serving the business models of these tech giants.

That could be about to change. Scientists at NTT Research are working on an advanced type of cryptography that enables businesses to perform aggregate data analysis on user data — without infringing upon individual privacy rights.

I had the chance to visit with , senior scientist at NTT Research’s Cryptography & Information Security (CIS) Lab, to learn more about the progress being made on a promising concept called “privacy preserving aggregate statistics.”

Rising data privacy regulations underscores the need for such a capability, Boyle told me. And in the long run, the capacity to analyze our online behaviors in a much more inspired, respectful way could serve a much greater good than just fostering impulsive consumer purchases. For a full drill down, please view the accompanying videocast. Here are a few key takeaways:

Rising regulations

It’s not just the tech giants that have a strategic imperative to better understand user behaviors. Companies across all industries have long sought to better understand how consumers use their product and services; this guides their product improvements and can dictate future investments, often shaping the next big innovations.

Our smartphones, wearables, vehicles and buildings have come to be saturated with sensors that collect granular information about our daily activities and provide a wellspring of information about what we prefer and how we behave. However, this intensive ingestion of personal data points — in the absence of reasonable oversight — has triggered consumer anxiety, and rightly so.

This, in turn, has led to rising data privacy regulations. Europe’s General Data Protection Regulation (GDPR) and California’s Consumer Privacy Act (CCPA,) for instance, are two significant pieces of legislation aimed at protecting consumer privacy in the digital age. Both regulations have profound implications for companies seeking to collect and apply aggregate statistical analysis to consumer data.

GDPR requires companies to establish a legal basis for data processing as well as ensure that the aggregation and anonymization methods protect individual identities. Meanwhile, CCPA focuses on ensuring that personal information isn’t sold without the consumer’s knowledge or against their will.

Partitioning user data

So now the rub is this: companies yearn to extract useful insights from user data, yet many have lost sight of the fact that it’s going to become much more expensive for them to possess granular tracking details, going forward. This has led NTT Research to seek a way to enable businesses to perform aggregate data analysis on consumer data — with privacy built in, Boyle says.

Privacy preserving aggregate statistics revolves around partitioning sensitive user data into pieces, which each on their own tells nothing about the original, but we can perform meaningful computations on the pieces, which can eventually be recombined. Boyle explained how a private telemetry system can be set up to split sensitive user data into two segments in such manner.

One segment retains broad, general information, useful for tracking usage patterns; the other segment converts the individual’s private details into a  random sequence of zeros and ones. As more data pours in from other users the former gets aggregated to give shape to emerging patterns, while the latter remains incomprehensible, ensuring that individual privacy remains sacrosanct.

Beyond meeting compliance, this approach can improve the bottom line, she says, by significantly reducing the cost associated with collecting and storing sensitive personal data. In addition to developing and getting in position to supply the technology, Boyle says.

“The goal is to develop solutions that allow us to only learn aggregate information, while never touching the data of individuals, in some sense, by taking private information and splitting it into pieces,” she says. “The tricky part is designing this splitting procedure so that you can actually compute on these pieces separately.”

A greater good

In a world that’s becoming increasingly cautious about data privacy, this new twist to data analysis could help businesses comply with privacy regulations and temper consumer anxiety. It could also provide a means for businesses to gain data-driven insights in a more efficient, respectful, way.

Boyle

Boyle pointed out how companies across all industries — healthcare, financial services, energy and consumer goods – could immediately leverage this new approach in way that would allow them to begin to extract much more useful insights from the data lakes of consumer data swelling somewhat randomly.

They’d be able to examine the steadily rising influx of consumer data at a summarized level and discover overall patterns and trends. NTT Research, for instance, has successfully tested advanced privacy-preserving computations on common benchmarking tools like histograms, mean vs. standard deviations, maximums vs. minimums, topmost common values and more.

That’s just a starting point. As the type of advanced cryptography moves into mainstream use, it has the potential to inspire innovators to leverage our digital footprints for more than just tweaking advertisements.

In one project, for instance, social scientists in Boston applied privacy-preserving computations to wages and benefits data for employees across several companies to determine whether there was a wage gap between males and females.

It’s not hard to imagine how privacy-preserving statistical analysis could help climatologists better understand energy usage patterns, or medical researchers track the spread of a disease.

“Being able to somehow combine this information and learn something globally across it can have tremendous power,” Boyle says. “It’s very exciting to be in a position where mathematical concepts like abstract algebra actually play a role in designing logical systems that help solve big problems.”

The transformation progresses. I’ll keep watch and keep reporting.

Acohido

Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

Washington D.C. Jan. 22, 2024 – Today, the National Cybersecurity Alliance (NCA), announced the program for its third annual Data Privacy Week campaign, which will take place from January 22nd to January 27th.

Throughout the week, NCA will emphasize the critical significance of digital privacy for both consumers and businesses through a series of educational webinars featuring experts from various industries.

“Knowing how to safeguard your personal information has never been more important than it is today. Between social media, mobile apps, internet-connected devices and the rise of artificial intelligence vast amounts of personal data is being gathered constantly, putting individuals’ privacy at risk,” said Lisa Plaggemier, Executive Director at NCA. “As innovation continues to outpace regulation, individuals and businesses alike need to make concerted efforts to educate themselves and take a proactive role in preserving the privacy of sensitive data. Through Data Privacy Week we hope to inspire better data stewardship and empower people to reclaim control of their digital footprints, balancing innovation with privacy.”

This year’s Data Privacy Week will center around one core theme – Take Control of Your Data:

Online presence generates a significant amount of data collected by websites, apps, and companies globally, including details about interests, purchases, and behaviors. This even includes information about a person’s physical well-being, like health data from apps. While you can’t control every bit of collected data, it’s crucial to assert your right to data privacy. Empower yourself by adopting repeatable behaviors to actively manage your data.

Plaggemier

In addition to a collection of publicly available educational materials, NCA is hosting a series of events featuring privacy experts, policymakers, and engineers to promote the campaign’s core theme. These events aim to foster interactive discussions, share insights, and provide practical strategies for individuals and businesses to navigate the evolving landscape of data privacy effectively:

Sharing is Caring… Or is it? – Today, January 22nd, from 2:30 – 3:30 PM (ET), Jennifer Mahoney, Manager of Data Governance, Privacy and Protection at Optiv and Lisa Plaggemier, Executive Director, National Cybersecurity Alliance will do a deep dive into the topic of data sharing permissions. They’ll discuss keeping data hygiene squeaky clean, best practices for businesses and how organizations and individuals can best protect their data, especially in situations where there aren’t clear government regulations.

Give Data Brokers the Slip! – Tomorrow, January 23rd, from 3:00 – 3:30 PM (ET), Alan Smith, Manager, Community Leadership at Consumer Reports, and Don Marti, VP of Ecosystem Innovation at Raptive, will discuss strategies to “Give Data Brokers the Slip.” They will delve into best practices for data protection and navigating the landscape of data brokers.

Protect Our Kids’ Privacy! – On Wednesday, January 24th, from 1:00 – 1:30 PM (ET), Kalinda Raina, Vice President and Chief Privacy Officer at LinkedIn, and Lisa Plaggemier, Executive Director at the National Cybersecurity Alliance, will delve into the critical topic of children’s privacy. They will discuss effective strategies to “Protect Our Kids’ Privacy,” offering valuable insights into safeguarding children’s online data and promoting a secure digital environment.

Privacy on the AI Frontiers – On Thursday, January 25th, from 1:30 – 2:00 PM (ET), Laura Gardner Rogers, Senior Corporate Counsel for Privacy, Safety, and Regulatory Affairs at Microsoft, Arjun Bhatnagar, Co-founder and CEO at Cloaked and Lisa Plaggemier, Executive Director, National Cybersecurity Alliance, will explore the opportunities and challenges of privacy in the era of AI. They’ll discuss how AI models, fueled by data, boost productivity and learning, prompting inquiries about safeguarding data rights in a changing digital environment and addressing consumer needs.

Privacy and the Law – The exploration of the intersection of privacy and the law is scheduled for Friday, January 26th, from 1:00 – 1:30 PM (ET). Moderated by John Elliott, Author at Pluralsight, this session will feature Brandon Pugh, Director of Cybersecurity and Emerging Threats at R Street Institute, and Divya Sridhar, Director of Privacy Initiatives at BBB National Programs, providing insights into key aspects of “Privacy and the Law” to keep attendees informed about legal perspectives on data privacy.

Data Privacy Week builds on the success of Data Privacy Day which began in the United States and Canada in January 2008 as an extension of Data Protection Day in Europe. Data Protection Day commemorates the January 28, 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection.

To become a Data Privacy Week Champion, please visit: https://staysafeonline.org/programs/data-privacy-week/champion/

For more information about NCA’s Data Privacy Week, please visit: https://staysafeonline.org/programs/data-privacy-week/

 About National Cybersecurity Alliance: The National Cybersecurity Alliance is a non-profit organization on a mission to create a more secure, interconnected world. We advocate for the safe use of all technology and educate everyone on how best to protect ourselves, our families, and our organizations from cybercrime. We create strong partnerships between governments and corporations to amplify our message and to foster a greater “digital” good. National Cybersecurity Alliance’s core efforts include Cybersecurity Awareness Month (October); Data Privacy Week (Jan. 22-28th); and CyberSecure My Business™, which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information, please visit https://staysafeonline.org.

 

Tel Aviv, Israel – Jan. 23, 2024 — Sternum, the pioneer in embedded IoT security and observability, today announced enhanced security for the ChargePoint Home Flex.

In a comprehensive research project, Sternum identified a potential vulnerability involving the reverse SSH tunnel and deprecated NTP client and HTTP servers. ChargePoint, with its last firmware update, has disabled the HTTP server and updated the NTP client to address the issues.

Thanks to the analysis and help of Sternum IoT, ChargePoint was able to correct weaknesses in CPH50, reduce the attack surface and thus improve the security of the product.

Mukkavilli

“ChargePoint is committed to the security of all customer data, and through this collaboration, we’ve implemented critical enhancements to Home Flex,” said Teza Mukkavilli, Chief Information Security Officer of ChargePoint. “Our focus remains on delivering a convenient, dependable, and safe EV charging experience for all drivers.”

As part of ChargePoint’s commitment to customer security, the company encourages researchers to collaborate with ChargePoint InfoSec to identify potential new vulnerabilities in its products or environment. For more information, please email the InfoSec team at: infosec@chargepoint.com.

Attack methodology

Sternum’s experts acquired three different iterations of the ChargePoint Home Flex device. After analyzing a variety of board revisions and through meticulous hardware and software security research, Sternum gained access to the device’s firmware and secured a root shell using the JTAG headers on the device.

Findings

The newly discovered vulnerability in the ChargePoint devices revolves around a flaw in the reverse SSH (rSSH) tunnel, established by each unit upon booting. This tunnel, intended to allow ChargePoint to access each charger for telemetry and diagnostics, presents a potential security risk.

The vulnerability arises from the way these devices handle their SSH connections. Newer devices use a more secure on-demand approach but could still be exploited if the attacker waits for an on-demand connection from the server to the device (which can be initiated by requesting technical support).

Older versions of the software, however, still use an ‘always-connect’ default setting. While direct SSH login to the devices is not possible, the vulnerability lies in the potential to forward target ports, such as the HTTP server port, and exploit them for unauthorized access or manipulation.

During the firmware analysis, Sternum identified:
•an outdated HTTP server,
•deprecated NTP client with known vulnerabilities,
•deprecated kernel, and
•device certificates with unlimited expiration time (See figure 1).

Implications of the Vulnerability

Dumping the key pairs from the device implies that an attacker, upon authenticating to ChargePoint’s central server, could potentially create their own tunnel. This unauthorized access could extend to each connected charger. Sternum replicated the client-server setup in its testing facility to validate these findings.

Remediations

Following the discovery, the company actively collaborated with ChargePoint to address the vulnerability, which has been updated in the latest software release.

The update included patching the NTP client, disabling the HTTP Server and changing the SSH connection default to ‘on-demand’ to mitigate the vulnerability. ChargePoint’s fast response to patching these vulnerabilities is a testament to the importance of securing critical infrastructure.

Conclusion

This vulnerability highlights the broader challenges in securing Internet of Things (IoT) devices, especially those linked to critical infrastructure like electric vehicle charging stations. It accentuates the necessity for continual vigilance and regular updates in the IoT landscape to protect against evolving cybersecurity threats. Sternum’s objective is to ensure the ongoing security and reliability of IoT devices and infrastructure, including EV charging systems. The company remains dedicated to collaborating with ChargePoint and other IoT device manufacturers, reinforcing its commitment to safeguard against such vulnerabilities in the future.

Tweet This: @Sternum IoT Security Discovers Critical Vulnerability in ChargePoint Home Flex Device – https://sternumiot.com/iot-blog/

Resources:
•Visit http://www.sternumiot.com to learn more
•Book a live demonstration of the Sternum platform at https://sternumiot.com/request-demo/

About Sternum: Founded by ex-8200 (Israel’s elite intelligence unit) and Forbes 30UNDER30 Alumni, Sternum offers an embedded platform built for connected devices. By augmenting every device with patented runtime security and granular observability, Sternum provides product, business, security, engineering, and compliance teams with continuous in-field product and fleet monitoring, built-in security, and invaluable business insights. Deployed on millions of devices and serving the world’s leading device manufacturers, Sternum enables organizations to improve operational efficiency and achieve business excellence.

Uncategorized