Category: News Alerts

Dubai, UAE, June 20, 2024, CyberNewsWire — 1inch, a leading DeFi aggregator that provides advanced security solutions to users across the entire space, has announced today the launch of the 1inch Shield.

This solution, that is offering enhanced protection against a wide range of potential threats, was completed in partnership with Blockaid, a major provider of Web3 security tools.

Scam tokens masquerading as legitimate assets have long been creating problems for Web3 users. Now, due to collaboration with Blockaid, all tokens of this kind will be instantly detected and marked, so that users can avoid transacting with these tokens.

Speaking about the partnership, Sergej Kunz, co-founder of 1inch, said, “The collaboration between Blockaid and 1inch is anticipated to set a new standard for security in the cryptocurrency landscape. By combining Blockaid’s innovative security solutions with the 1inch’s advanced features, this partnership aims to enhance user safety and asset protection, contributing to the growth and mainstream adoption of DeFi.”

“The collaboration with 1inch represents a pivotal step forward in our mission to secure the Web3 ecosystem. By integrating our robust security solutions with the 1inch, we are enhancing the safety of digital assets while fostering trust and confidence among users in the DeFi space. Our joint efforts will pave the way for a more secure and accessible DeFi environment for everyone”, said Ido Ben-Natan, co-founder and CEO of Blockaid.

Blockaid acts like an anti-virus for Web3, leveraging superior data and machine learning to identify and protect against malicious attackers. The provider with a better data can produce a better product, allowing multiple layers of security for users. Whenever a user connects their wallet to sign a transaction, Blockaid provides clear information about what will actually happen when the transaction is executed.

Blockaid can also simulate any transaction involving a wallet, dApp, or smart contract across multiple blockchains. What transforms simulation into security is validation. In simple terms, validation involves determining whether a given transaction is malicious or benign, allowing users to transact with confidence. Now, this transaction simulation capacity is used to protect 1inch users.

Meanwhile, blockchain users also encounter AML compliance risks. The 1inch Shield mitigates these risks by running 24/7 screening of blockchain addresses for ties to sanctions, terrorist financing, hacked or stolen funds, ransomware, human trafficking and more. Based on the outcome of screening, suspicious addresses are immediately blocked.

The screening component is powered by TRM Labs, which uses on-chain and off-chain data to detect possible security risks.

Finally, a blocklisting functionality provided by Etherscan Pro is also included in the 1inch Shield to immediately blocklist suspicious blockchain addresses.

The Shield API will be gradually integrated into 1inch products. This API is available on the 1inch Developer Portal alongside a suite of other cutting-edge tools intended for Web3 developers.

About 1inch: 1inch is a leading DeFi project empowering Web3 users with innovative blockchain products and solutions. Launched in 2019 at a hackathon in New York City, 1inch offers users and developers the most secure, reliable, and efficient tools for growing and expanding the Web3 space.

Currently, 1inch Swap is the best DEX aggregator on the market, facilitating cost-efficient and secure crypto swaps across multiple liquidity sources. The 1inch Wallet is one of the most user-friendly and secure Web3 wallets. 1inch Portfolio is the most efficient DeFi tracker, providing accurate analytics on the market for numerous DeFi protocols. In line with its active involvement in the community, in 2023, 1inch launched the Developer Portal, offering an extensive suite of Web3 tools and services. For more information, users can visit https://1inch.io.

Media contact: PR lead Pavel Kruglov, 1inch Labs, p.kruglov@1inch.io

The post News Alert: 1inch partners with Blockaid to enhance Web3 security through the 1inch Shield first appeared on The Last Watchdog.

Cary, NC, June 20, 2024, CyberNewsWire — 2024 is rapidly shaping up to be a defining year in generative AI.

While 2023 saw its emergence as a potent new technology, business leaders are now grappling with how to best leverage its transformative power to grow efficiency, security, and revenue. With the near-universal integration of AI into global technology, the need for AI-ready cybersecurity teams is more critical than ever.

INE Security, a leading global cybersecurity training and cybersecurity certification provider, predicts large language model (LLM) applications like chatbots and AI-drive virtual assistants will be at particular risk.

“AI systems are invaluable, enabling us to process vast amounts of data with unmatched speed and accuracy, detect anomalies, predict threats, and respond to incidents in real-time. But these revolutionary technologies are also empowering attackers, leveling the playing field in unprecedented ways,” said Lindsey Rinehard, COO and Head of AI Integration at INE Security. “As automated attacks increase, our defense strategies must also be automated and intelligent. The accelerating arms race between cyber attackers and defenders underscores the vital need for ongoing training and development for cybersecurity teams.”

According to the IBM X-Force Threat Intelligence Index 2024, cybercriminals mentioned AI and GPT in over 800,000 posts in illicit markets and dark web forums last year. Training and preparation for AI in infosec are no longer optional: organizations must deploy employee training for AI and cybersecurity to maintain effectiveness and stay ahead of attackers.

Optimization strategies

Incorporate structured team training programs. The first step in building an AI-ready cybersecurity team is to implement structured training programs that focus on both foundational cybersecurity principles and advanced AI applications. These programs should offer certifications and courses from recognized institutions and industry leaders to ensure they meet high standards. For example, courses offered by INE Security provide comprehensive training that covers both traditional cybersecurity skills and newer AI-based tools. The ideal training program will include:

•Skills gap analysis: Conduct an analysis to identify where the team’s capabilities may be an area of improvement, particularly concerning AI integration.

•Tailored curriculum development: A training curriculum that addresses identified cybersecurity skills gaps, incorporating both core cybersecurity principles and advanced AI applications.

•Blended learning approach: A mix of online courses, hands-on labs, and real-world scenario simulations to accommodate different learning styles and enhance practical application skills.

Promote a culture of learning

Building a culture that encourages ongoing learning and curiosity is equally important. Google, for instance, fosters a learning culture where employees are encouraged to spend 20% of their time on learning new skills or on side projects, many of which involve AI and cybersecurity innovations. This not only keeps their skills fresh but also helps in retaining talent and fostering a proactive approach to security challenges.

To effectively implement a culture of learning that supports the development of AI-ready cybersecurity teams, organizations can adopt several strategies:

•Provide access to resources: Offer subscriptions to leading industry publications, access to specialized online courses, and entry to relevant conferences and seminars that focus on AI and cybersecurity.

•Reward continuous learning: Establish a rewards system that recognizes and incentivizes team members who actively engage in learning new skills or who earn new certifications, particularly those that integrate AI technologies with cybersecurity practices.

•Create innovation labs: Set up dedicated spaces or times when employees can experiment with new technologies or develop new solutions independently of their regular tasks. This can help stimulate creative thinking and practical application of learned skills.

Leverage simulation-based learning

Simulation-based learning tools like cyber ranges provide hands-on experience in dealing with real-world cybersecurity scenarios and help users learn how to use AI. Cyber ranges provide a simulated environment where professionals can safely engage with and respond to real-world cyber threats using AI tools, without the risk of impacting actual operations (this hands-on lab from INE Security is a great example).

This practical exposure is crucial for understanding how AI can be integrated into cybersecurity practices to detect, analyze, and mitigate threats. By training in a cyber range, team members can develop and refine their skills in a controlled yet realistic setting, which improves their ability to effectively utilize AI in live environments. The hands-on experience also helps in bridging the gap between theoretical knowledge and practical application, enhancing the team’s overall readiness and responsiveness to emerging cyber threats.

To effectively leverage cyber ranges for building an AI-ready cybersecurity team, consider implementing the following strategies:

•Regular tabletop exercise: Incorporate regular sessions within the cyber range into the team’s training schedule. This ensures consistent practice and skill refinement in handling AI-driven security scenarios.

•Scenario variety: Develop a variety of threat scenarios that reflect the latest AI-driven attack techniques and the most common threats specific to the organization’s industry. This variety helps prepare the team for a wide range of potential real-world situations.

•Cross-functional exercises: Include team members from various functional areas in cyber range sessions to foster a comprehensive understanding of how AI impacts different aspects of cybersecurity across the organization.

•Post-exercise reviews: Conduct debriefing sessions after each cyber range exercise to discuss what was learned and how it can be applied. This reinforces the lessons and integrates them into everyday practices.

Encouraging participation in hackathons and competitions.

Participation in hackathons and cybersecurity competitions can also play a crucial role in continuous learning. These events challenge participants to solve complex problems with innovative solutions, often under time constraints. They are excellent for learning new skills, testing existing ones, and keeping up with the latest cybersecurity and AI technologies.

To effectively implement a strategy that encourages participation in hackathons and competitions, organizations can adopt the following approaches:

•Promote awareness: Regularly inform team members about upcoming hackathons and competitions through internal newsletters, meetings, or dedicated communication channels. Highlight the benefits of participation, such as skill enhancement and potential recognition.

•Incentivize participation: Offer incentives such as bonuses, extra vacation days, or public recognition within the organization for those who participate and especially for those who perform well in these events.

•Post-event learning sessions: After each event, hold a session where participants can share their experiences, learnings, and new techniques discovered during the competition. This helps disseminate new knowledge across the entire team, enriching the organization’s skill base.

Conclusion

The integration of AI into cybersecurity is not just an enhancement of existing frameworks; it is a fundamental shift that requires a new kind of expertise. Continuous learning is critical for cybersecurity professionals to remain effective in their roles as defenders of digital assets. By embracing a culture of ongoing education and utilizing advanced training tools and techniques, cybersecurity teams can develop the resilience and adaptability needed to stay one step ahead of attackers in this fast-paced digital world.

As the landscape of cyber threats continues to evolve, so too must the capabilities of those tasked with protecting against them. An investment in continuous learning is an investment in the future security of our digital lives.

To learn more about INE Security’s cybersecurity training and certifications, click here.

About INE Security: NE Security is the premier provider of online networking and cybersecurity training and certification. Harnessing the world’s most powerful hands-on lab platform, cutting-edge technology, global video distribution network, and world-class instructors, INE Security is the top training choice for Fortune 500 companies worldwide for cybersecurity training in business, and for IT professionals looking to advance their careers. INE Security’s suite of learning paths offers an incomparable depth of expertise across cybersecurity and is committed to delivering advanced technical training while also lowering the barriers worldwide for those looking to enter and excel in an IT career.

 Media contact: Kathryn Brown, INE Security, kbrown@ine.com

The post News Alert: INE Security lays out strategies for optimizing security teams to mitigate AI risks first appeared on The Last Watchdog.

Torrance, Calif., June 10, 2024, CyberNewsWire — AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced that it has started selling its paid threat detection data from its CTI search engine ‘Criminal IP‘ on the Snowflake Marketplace.

Criminal IP is committed to offering advanced cybersecurity solutions through Snowflake, the leading cloud-based data warehousing platform.

Criminal IP’s Intelligence for Fraud Detection and Privacy Protection is meticulously crafted to address the growing concerns surrounding fraudulent activities and privacy breaches. By aggregating data on known malicious and masked IP addresses, including those with historical abuse records such as IDS, malware, phishing, ransomware, and blocked IPs, this dataset equips organizations with actionable insights to identify and mitigate fraudulent activities in real time.

Additionally, the product boasts advanced capabilities to detect servers infected by botnet and C2 software, as well as IP addresses leveraging masking services like VPNs, proxies, and hosting. This product is tailored to support fraud detection (FDS) and malicious IP plans, enabling organizations to bolster their security posture and streamline incident response protocols.

Criminal IP’s Intelligence for Threat Detection & Incident Response is designed to empower organizations to combat cyber threats effectively. This comprehensive cyber threat intelligence dataset provides invaluable insights into malicious IP addresses, leveraging data sourced from Criminal IP’s Cyber Threat Intelligence Database (CTIDB).

These new datasets on the Snowflake Marketplace offer granular, real-time threat intelligence, enabling organizations to safeguard digital assets, mitigate risks, and respond swiftly to security incidents. Snowflake’s global customers can access a complimentary trial of up to 1,000 data items, with subscription options for daily updates.

About AI Spera. AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, significantly expanded its reach by launching its flagship solution, Criminal IP, in 2023. Since then, the company has formed technical and business collaborations with over 40 renowned global security firms, including VirusTotal, Cisco, Tenable, Sumo Logic, and Quad9.

Besides the CTI search engine, the company offers Criminal IP ASM, a SaaS-based Attack Surface Management Solution on AWS and Azure Marketplace, and Criminal IP FDS, an AI-based Anomaly Detection Solution used for credential stuffing prevention and fraud detection. Available in five languages (English, French, Arabic, Korean, and Japanese), the search engine provides a powerful service for users worldwide.

 Media contact: Michael Sena, AI SPERA support@aispera.com

The post News Alert: Criminal IP unveils innovative fraud detection data products on Snowflake Marketplace first appeared on The Last Watchdog.

Washington D.C., May 29, 2024, PRNewswire — DNSFilter announced today that it has joined the WeProtect Global Alliance to help prevent the spread of child sex abuse material (CSAM) online.

This partnership will help further WeProtect’s mission and work toward creating a safer online environment for children.

The WeProtect Global Alliance was founded to create a cohesive, comprehensive response to the widespread issue of online child sexual abuse and exploitation. It brings together partners from governments, non-profit organizations and the private sector to develop policies and solutions. Research by the Alliance has found that the volume of reported abuse material cases increased by 87% between 2019 and 2023.

As a cybersecurity company, DNSFilter’s role encompasses more than just defending against malware and phishing; it extends to protecting the physical and emotional safety of individuals. DNSFilter permanently blocks the CSAM category with no exceptions, underscoring the company’s commitment to protecting the safety of the individuals affected by this content.

In the first quarter of 2024 alone, DNSFilter has already blocked nearly 1 million requests for CSAM and is on track to block five times as much CSAM content this year as it did in 2023.

Membership of the Alliance will enable DNSFilter to help address this challenge on a wider-scale as well as for its own customers, including larger-scale organizations looking to lock down this section of the internet even more.

Iain Drennan, executive director, WeProtect Global Alliance, said: “The growth of child sexual abuse and exploitation online is not an inevitable consequence of technological advances, it is a preventable problem.

“Technology has a significant role in providing solutions to the problem and we are delighted DNSFilter has joined the Alliance to share knowledge, collaborate and empower others. DNSFilter joins over 300 other member organizations worldwide from government, civil society and the private sector – together we are a real force for change in keeping children safe online worldwide.”

Ken Carnesi, CEO and co-founder, DNSFilter, said: “Blocking CSAM is inherent to what we do at DNSFilter, because online security goes beyond phishing and malware—it includes physical and emotional safety. Our goal is to protect people, not just the machines that they use.

“We take great pride in our firm stance against CSAM and feel fortunate to ally with such an impactful and passionate organization. We’re looking forward to learning from their educational resources and meetings and translating that knowledge into more effective strategies to protect children.”

 

The post News Alert: DNSFilter joins the WeProtect Global Alliance to help protect children online first appeared on The Last Watchdog.

Cary, NC, May 28, 2024, CyberNewsWire — If there is a single theme circulating among Chief Information Security Officers (CISOs) right now, it is the question of how to get stakeholders on board with more robust cybersecurity training protocols.

There are key points debated about why you should provide cybersecurity training to your IT professionals, like the alarming increase in cyberattacks (an increase of 72% over the all-time high in 2021, according to the Identity Theft Research Center’s 2023 Data Breach Report), or the rapid evolution in technology, creating a constant game of catch-up.

But it isn’t a question of ”if” an organization will be targeted, but “when.” CISOs are increasingly anxious because while they realize the ax will fall on them when the inevitable breach occurs, securing boardroom support for heavy investment in preventative measures, like training, is challenging in a world where revenue is demanded for each dollar spent.

“The path to securing the boardroom’s buy-in is more complex than simply having the right statistics and studies on paper,” says Dara Warn, the CEO of INE Security, a global cybersecurity training and certification provider. “To bridge the gap between CISOs and stakeholders, CISOs must adopt a strategic approach that combines financial impact data, relevant case studies, and compelling narratives. Framing cybersecurity training as an essential investment rather than an optional expense is critical.”

The human factor

Cybersecurity is not just about technology; it’s about people. Human error remains one of the leading causes of security breaches. A study by Verizon in their 2023 Data Breach Investigations Report found that 68% of breaches involved a human element, such as social engineering, misuse of privileges, or simple mistakes. This highlights the importance of equipping employees with the knowledge and skills to recognize and respond to potential threats.

Capital One case study

In 2019, Capital One experienced a data breach that exposed the personal information of over 100 million customers. The breach was caused by a misconfigured web application firewall, which allowed an attacker to access sensitive data stored on Amazon Web Services (AWS). This incident underscores the importance of training employees on cloud security practices and the proper configuration of security tools. In response, Capital One enhanced its cybersecurity training programs to include cloud security, emphasizing the need for regular audits and configuration checks. This case illustrates how specialized training can prevent costly breaches and protect sensitive data.

 Training ROI

Investing in cybersecurity training is not just a defensive measure; it’s a strategic investment that can yield significant returns. A well-trained workforce, not just security awareness but the SOC and networking teams, can serve as the first line of defense against cyber threats, reducing the likelihood of breaches and minimizing potential damages. According to the Ponemon Institute’s 2023 Cost of Data Breach Report, organizations with extensive incident response planning and testing programs saved $1.49 million compared to those with lower levels.

 Maersk NotPetya case study

In 2017, shipping giant Maersk was hit by the NotPetya malware, which spread rapidly through its global network, causing a complete shutdown of its IT systems. The attack was initiated by a compromised software update, exploiting poor cybersecurity hygiene and a lack of employee training on identifying malicious software. The incident cost Maersk over $300 million in losses. In response, Maersk implemented a comprehensive cybersecurity training program focusing on recognizing malicious software, securing software updates, and responding to cyber incidents. This case highlights the necessity of training employees on the latest cyber threats and best practices.

Boardroom narrative

The company’s financial data and case studies are important to secure, but communicating that to the boardroom remains a challenge for CISOs. To get the message across, CISOs must also craft a compelling narrative that resonates with the board members. Here are some key strategies:

•Speak the Board’s Language. Board members are often more attuned to financial metrics and business outcomes than technical jargon. CISOs should frame cybersecurity training as a business enabler that protects the organization’s bottom line. Highlighting the potential financial losses from breaches and the ROI of training programs can make a compelling case.

•Use Real-World Examples. Real-world case studies, like the attacks on Maersk NotPetya and Capital One, can illustrate the tangible impact of cybersecurity training. These examples provide relatable scenarios that underscore the importance of investing in employee education.

•Leverage Data and Statistics. Presenting data from reputable sources can lend credibility to the argument. Statistics that demonstrate the prevalence of human error in breaches and the financial benefits of training can be powerful tools in persuading the board.

•Emphasize Regulatory Compliance. Regulatory requirements, such as GDPR and CCPA, mandate stringent data protection measures. Failure to comply can result in hefty fines and reputational damage. Emphasizing how cybersecurity training can help meet these regulatory requirements can be an effective angle to secure board buy-in.

•Highlight Competitive Advantage. In an increasingly competitive market, robust cybersecurity measures can be a differentiator. Companies known for their strong security posture are more likely to attract and retain customers. CISOs can highlight how a comprehensive training program can enhance the organization’s reputation and competitive edge.

Overcoming objections

Board members may raise objections regarding the cost and time required for cybersecurity training. CISOs should be prepared to address these concerns with data-driven arguments and strategic insights.

Cost Concerns

While the initial investment in training programs may seem significant, CISOs can emphasize the long-term cost savings from preventing breaches. According to the Ponemon Institute, the average cost of a data breach in 2023 was $4.45 million. Investing in training can mitigate these costs by reducing the likelihood and severity of breaches.

Time Constraints

Board members may worry about the time employees will spend on training. CISOs can advocate for flexible, modular training programs that allow employees to learn at their own pace without disrupting productivity. Additionally, emphasizing the efficiency of targeted training programs can alleviate concerns about time investment.

CISOs are key players in protecting their organizations from cyber threats. Getting the boardroom to buy into an investment in cybersecurity training is no easy task, but utilizing some of these strategies can make it more successful. Including these steps in the process of communicating your needs to stakeholders will help secure the support and resources needed to roll out effective training programs and ultimately better safeguard the organization’s digital and physical assets. The stakes are high, and having all stakeholders on the same team is critical to the long-term success and security of an organization.

About INE Security. INE Security is the premier provider of online technical training and cybersecurity certifications. Harnessing the world’s most powerful hands-on lab platform, cutting-edge technology, global video distribution network, and world-class instructors, INE is the top training choice for Fortune 500 companies worldwide, and for IT professionals looking to advance their careers. INE’s suite of learning paths offers an incomparable depth of expertise across cybersecurity, cloud, networking, and data science. INE is committed to delivering advanced technical training, while also lowering the barriers worldwide for those looking to enter and excel in an IT career.

Media contact: Press Team, INE, press@ine.com

The post News Alert: INE Security enables CISOs to secure board support for cybersecurity training first appeared on The Last Watchdog.

Torrance,Calif., May 22, 2024, CyberNewsWire — AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, announced today that its proprietary search engine, Criminal IP, is now available on the AWS Marketplace.

This integration ensures efficient software procurement and deployment, aligning seamlessly with customers’ existing cloud architectures.

After meeting specific technical and security standards set by AWS, the SaaS-based Criminal IP search engine ensures reliability and seamless integration with AWS services. The AWS Marketplace, a significant platform primarily used in the US, provides Criminal IP with access to a vast global customer base, enhancing its visibility and credibility. This listing demonstrates the critical role of AWS Marketplace in the software’s adoption and success.

<Criminal IP, a comprehensive threat intelligence tool, is now available on the AWS Marketplace>

Criminal IP excels in threat detection, empowering cybersecurity with unparalleled intelligence.

Criminal IP is the industry’s leading IP address intelligence tool, leveraging AI and machine learning to provide unparalleled visibility into the risks associated with internet-connected devices. It offers comprehensive solutions for fraud detection,attack surface management, and threat hunting.

Additionally, Criminal IP offers seamless API integration, allowing effortless incorporation of threat intelligence data into existing services and security systems such as SOAR and SIEM. With a rich repository of cyber threat intelligence data, including risk classification, geographical insights, vulnerable asset graphs, and more, Criminal IP empowers organizations to stay ahead in the ever-evolving landscape of cybersecurity.

Seamless Integration and Payment Flexibility Between AWS Marketplace and Criminal IP

Criminal IP’s presence on the AWS Marketplace brings several conveniences for users. The interconnected tokens of AWS and Criminal IP seamlessly exchange information, allowing users to leverage both platforms’ strengths without encountering data silos or compatibility issues.

Additionally, customers enjoy consistent plans and subscription options on Criminal IP, regardless of whether transactions are initiated through Criminal IP or the AWS Marketplace. This uniformity extends to credit usage monitoring for specific features and APIs, accessible directly from the dashboard, promoting transparency and ease of management.a

<Payments on AWS Marketplace seamlessly reflect on Criminal IP>

“The most important aspect of entering the AWS Marketplace was to ensure easier compatibility between AWS Cloud and ‘Criminal IP’ threat intelligence. We paid a lot of attention to interoperability with AWS products and credit management systems,” stated Byungtak Kang, CEO of AI SPERA. “We will continue to pursue Marketplace registration to secure global customers and increase interoperability with various clouds in the future.”

Explore the detailed features of the newly listed Criminal IP on the AWS Marketplace, as well as Criminal IP ASM, an Automated Attack Surface Management SaaS solution that monitors all internet-connected assets and vulnerabilities.

About AI Spera: AI SPERA, a leader in Cyber Threat Intelligence (CTI) solutions, significantly expanded its reach with the launch of its flagship solution, Criminal IP, in 2023. Since then, the company has established technical and business collaborations with over 40 renowned global security firms, including VirusTotal, Cisco, Tenable, Sumo Logic, and Quad9.

Available in five languages (English, French, Arabic, Korean, and Japanese), the search engine ensures a powerful service for users worldwide.

In addition to the CTI search engine, the company also offers Criminal IP ASM, a SaaS-based Attack Surface Management Solution available on Azure Marketplace, and Criminal IP FDS, an AI-based Anomaly Detection Solution used for credential stuffing prevention and fraud detection.

Contact: Michael Sena, AI SPERA, support@aispera.com

The post News alert: AI SPERA integrates its ‘Criminal IP’ threat intelligence tool into AWS Marketplace first appeared on The Last Watchdog.

New York, NY, May 21, 2024, CyberNewsWire — Memcyco Inc., provider of digital trust technology designed to protect companies and their customers from digital impersonation fraud, released its inaugural 2024 State of Website Impersonation Scams report.

Notably, Memcyco’s research indicates that the majority of companies do not have adequate solutions to counter digital impersonation fraud, and that most only learn about attacks from their customers.

More than half of all respondents (53%) said their existing cybersecurity solutions do not effectively address website impersonation attacks, and 41% said their existing solutions only protect them and their customers “partially.” Just 6% of brands claimed to have a solution that effectively addresses these attacks despite 87% of companies recognizing website impersonation as a major issue and 69% admitting to having had these attacks carried out against their own website.

The creation of fake websites used for phishing-related attacks (which are a top cause of account takeover (ATO)) is a growing problem that has earned cybercriminals an astonishing $1 billion+ in 2023 alone, according to data from the U.S. Federal Trade Commission. That’s more than three times the amount reported stolen in 2020.

The report found that 72% of companies have a monitoring system in place to detect fake versions of their website, but still, 66% said that they primarily learn about digital impersonation attacks when they are flagged by customers.. More alarmingly, 37% of respondents learn about website impersonation attacks as a result of “brand shaming” by impacted customers on social media.

The inability to adequately protect against digital impersonation fraud raises a question about companies’ responsibility to reimburse their customers. 48% of survey respondents are already aware of upcoming regulations likely to enforce customer reimbursements, making effective protection against digital impersonation fraud a ‘must-have’ for avoiding revenue loss.

“One of the most alarming takeaways from the report is that website impersonation scams are growing because attackers rely on companies having limited visibility into these kinds of attacks,” said Israel Mazin, Chairman and CEO of Memcyco. “This creates a glaring blindspot in cybersecurity — the inability of companies to protect their customers online.”

The State of Website Impersonation Scams report was conducted together with Global Surveyz Research, based on the responses of 200 full-time employees ranging from Director to C-level executives at organizations in the security, fraud, digital, and web industries, operating transactional websites with traffic of more than 10,000 monthly visits.

Memcyco’s solution suite addresses the rising tide of website impersonation scams by using real-time alerts to secure end-users on every website visit and provides organizations with unparalleled insights into the scope and impact of all attacks on their sites.

The full report can be found here.

About Memcyo: Memcyco offers a suite of AI-based, real-time digital risk protection solutions for combating website impersonation scams, protecting companies and their customers from the moment a fake site goes live until it is taken down. Memcyco’s groundbreaking external threat intelligence platform provides companies with complete visibility into the attack, attacker, and each individual victim, helping to prevent ATO fraud, ransomware, and data breaches before they occur. Memcyco’s “nano defender” technology detects, protects, and responds to attacks as they unfold, securing tens of millions of customer accounts and reducing the negative impact of attacks on workload, compliance, customer churn, and reputation.

About Global Surveyz: Global Surveyz is a global research company providing survey report-as-a-service that covers the whole process of creating an insightful and impactful B2B or B2C report for any target market. Global Surveyz was established in 2020 and is the brain-child of Ramel Levin.

Media contact: Sheena Kretzmer, sheena@memcyco.com

The post News alert: Memcyco report reveals only 6% of brands can stop digital impersonation fraud first appeared on The Last Watchdog.

London, United Kingdom, May 13, 2024, CyberNewsWire — Logicalis, the global technology service provider delivering next-generation digital managed services, has today announced the launch of Intelligent Security, a blueprint approach to its global security portfolio designed to deliver proactive advanced security for customers worldwide.

Intelligent Security has been designed by Logicalis’ worldwide team of security specialists to give customers the most comprehensive observability and protection available. It is based on tracking and analysing cyber threats and knowledge of the latest prevention methods deployed across its customer base.

Logicalis’ tenth annual CIO report surveyed 1,000 CIOs globally and found that of the 83% of CIOs who experienced cyber-attacks in the last 12 months, only 43% feel prepared for another breach. Designed to help CIOs manage these pressures, Intelligent Security will leverage Logicalis’s security capabilities as well as its relationships with global partners such as Cisco and Microsoft, where it has the highest levels of security accreditations.

Logicalis CTO Toby Alock said: “Many organisations focus on one area of the security fabric; we recognise in today’s cyber security landscape there are no silos; organisations must look across the entire footprint, from secure connectivity, securing the cloud, securing the hybrid worker and weaving secure operations across the entire organisation”.

The Intelligent Security global portfolio delivers a concise and comprehensive proposition for customers, including:

•Advisory: Providing customers with a range of advisory services dedicated to helping them understand their security needs and identify the right solutions for their business.

•Secure workplace: Securing worker communications and devices as remote working continues to impact the•

•Secure connectivity: Enforcing zero trust security from edge-to-edge, ensuring networks are robust enough to enable safe IoT, 5G and edge computing.

•Secure hybrid cloud: Safeguarding cloud environments to ensure data, applications, and IT resources are safe.

•Secure Operations: Providing 24/7/365 best practice proactive threat detection and incident response, across three global security regions, using AI and automation to identify and triage.

In addition to the Intelligent Security global portfolio, the company is announcing several key investments in cyber skills and capabilities to bolster its position as a global leader in security services.

•Expanding the Managed Security (SOC) team in Portugal, which currently serves customers across EMEA, including the UK, Ireland and Germany

•Partnering with Cisco to develop a Cyber Academy and a pipeline of qualified cybersecurity graduates into the EMEA Security team

•Partnering with local universities in Portugal to develop an Intern program, which helps develop cybersecurity skills to serve the EMEA region and beyond.

Logicalis continues to prove its robust security offer by achieving Microsoft-verified Managed Extended Detection and Response (MXDR) Partner Status, launching Cisco Powered Intelligent Connectivity, built on zero-trust security, and being one of only six partners globally working with Cisco to develop an XDR proposition and enhance its Cisco security capabilities.

Intelligent Security will be underpinned by Logicalis’ Digital Fabric Platform, providing CIOs with deeper-level insights and recommendations to enhance the performance of their entire digital ecosystem.

Toby Alock concludes, “We are at a pivotal point as security threats grow in scale and sophistication. CIOs and IT leaders are rethinking security in the era of AI and considering whether they have the in-house skills necessary to operate safely. Logicalis has seen a 300% surge in demand globally for Managed Security services in the past 12 months. Our customers are looking for a holistic, proactive approach to navigating security; we believe our simplified portfolio, our partnerships, and our investments in cyber talent for the next generation will deliver customers what they need: AI ready Managed Security with governance and SOC Protection wherever they are in the world”.

For more information please contact: Logicalis Team at Another Word, Email: logicalis@anotherword.com. Tel: 020 3176 0014

About Logicalis: We are Architects of Change™. We help organisations succeed in a digital-first world. At Logicalis, we harness our collective technology expertise to help our clients build a blueprint for success, so they can deliver sustainable outcomes that matter. Our lifecycle services across cloud, connectivity, collaboration and security are designed to help optimise operations, reduce risk and empower employees.

As a global technology service provider, we deliver next-generation digital managed services, to provide our clients with real-time visibility and actionable insights across the performance of their digital ecosystem including; availability, user experience, security, economic performance and sustainability.

Our 7000+ ‘Architects of Change’ are based in 30 territories around the globe, helping our 10,000+ clients across a range of industry sectors create sustainable outcomes through technology.

Logicalis has annualised revenues of $1.7 billion, from operations in Europe, North America, Latin America, Asia Pacific, and Africa.

It is a division of Datatec Limited, listed on the Johannesburg Stock Exchange, with revenues of over $5.1 billion.

Media contact: Katie Fraser, ANOTHER WORD, katie.fraser@anotherword.com, 07908229152

Philadelphia, Pa., May 8, 2024, CyberNewsWire — Security Risk Advisors (SRA) announces the launch of their OT/XIoT Detection Selection Workshop, a complimentary offering designed to assist organizations in selecting the most suitable operational technology (OT) and Extended Internet of Things (XIoT) security tools for their unique environments.

Led by seasoned OT/XIoT security consultants, the workshop provides participants with an invaluable opportunity to gain insights into both best-in-class and novel solutions, to identify those closest aligned to their specific needs.

In today’s increasingly interconnected digital landscape, the importance of choosing the right OT/XIoT security tools cannot be overstated. These tools serve as the first line of risk reduction and defense against cyber threats targeting critical industrial processes and infrastructure.

Making informed decisions, whether adding a new solution or replacing an incumbent, significantly impacts an organization’s ability to mitigate threats and protect its assets. During the half-day consultation, participants will delve deep into their OT/XIoT security environments, examining current tools and analyzing their infrastructure.

The free workshop will result in personalized recommendations of the best-fit solutions from industry vendors.

“We recognize the importance of selecting the right security tools for cyber-physical environments,” says Jason Rivera, Director of OT/XIoT Security at SRA. “Our workshop empowers organizations to make informed decisions, giving confidence that their selection is fit for purpose.”

Submit your application here.

About Security Risk Advisors. Security Risk Advisors offers Purple Teams, Cloud Security, Penetration Testing, OT Security and 24x7x365 Cybersecurity Operations. Based in Philadelphia, SRA operates across the USA, Ireland and Australia. For more information, visit SRA’s website at https://sra.io.

 Media contact: Douglas Webster, Marketing Manager, news@sra.io
215-867-9051