Addressing the ConfusedPilot Threat

ConfusedPilot attacks, a term coined by University of Texas at Austin students mentored by Symmetry CEO Dr. Mohit Tiwari, represent a new class of threats targeting RAG-based systems like Microsoft Copilot. These attacks can lead to the dissemination of misinformation, potentially compromising critical decision-making processes within enterprises.

“The research into ConfusedPilot attacks highlights the asymmetry of AI security threats – these attacks are as easy as uploading a file, but defending against them is difficult,” said Dr. Mohit Tiwari, CEO of Symmetry Systems. “Our enhanced Data+AI Security suite now provides robust protection against Confused Pilot attacks, ensuring that organizations can confidently leverage AI technologies without compromising data integrity or decision-making processes.”

Key Features of the Enhanced Data+AI Security Suite

This enhanced product line offers six key capabilities:

• Advanced Document Scanning: Utilizes Symmetry’s advanced data discovery and classification algorithms to identify potentially malicious documents that could be used in ConfusedPilot attacks.
• Content Integrity Monitoring: Implements checks to monitor the origin, authenticity and integrity of data used by RAG-based systems, and alert on changes by unauthorized personnel.
• Decision Impact Analysis: Provides insights into how potentially compromised data could affect enterprise decision-making processes.
• Prompt Monitoring: Searches, monitors, and alerts on suspicious prompts being used across the enterprise.
• Information Flow Barriers: Implements Data Firewalls to segment data sources for users, ensuring appropriate access controls.
• External Data Source Alerting: Monitors and alerts on the use of external data sources that could potentially introduce vulnerabilities.

Comprehensive Protection for the AI Era

This update to Symmetry’s Data+AI Security suite complements Symmetry’s existing capabilities and offers businesses a holistic approach to Data+AI security, covering everything from deployment readiness to ongoing threat protection.

“As organizations rapidly adopt AI tools like Microsoft Copilot, the need for cohesive security measures that look at both the data+AI has never been more critical,” added Tiwari. “Our expanded capabilities not only address immediate threats but also prepare businesses for the future of AI in the workplace.”

Availability and Implementation

The enhanced Data+AI Security suite with ConfusedPilot protection is available as an add-on for existing Symmetry Systems customers and will be offered to all new clients. Symmetry’s team of expert consultants is prepared to assist organizations in implementing these new features and integrating them into their existing security frameworks.

Find our more at the Data+AI Security Summit 2024

For those interested in learning more about ConfusedPilot and other emerging threats in the AI security landscape, we invite you to join us at the Symmetry Data+AI Security Summit 2024. This event will bring together industry experts, researchers, and practitioners to discuss the latest developments in AI security. For more information and to register, please visit the website here.

To learn more about Symmetry Systems expansion of its Data+AI Security and DSPM capabilities to combat the emerging threat of ConfusedPilot attacks, visit the website here.

Related News:

Enterprise Gen AI Product Line Launched by Symmetry Systems

OCR Image Analyzer Unveiled by Symmetry Systems

The post Symmetry Boosts Data+AI Security Suite with ConfusedPilot Protection appeared first on Digital IT News.

“BigPanda’s analytical AI capabilities for event and incident management are a game changer for our managed services clients,” said Matt Bynum, Senior Vice President, Managed Services, Verinext. “With this partnership, we’re able to provide fast, automated insights and suggest root causes for incidents in real time, identifying problems before they escalate and ultimately mitigating downtime. This fits perfectly with our commitment to delivering next-generation IT solutions that keep businesses running smoothly.”

“We are excited to partner with Verinext, a proven managed services leader that empowers businesses to transform and secure their operations through technology,” said Chris Reites, Vice President, Pre Sales & Global Alliances, BigPanda. “Our AI-powered platform quickly detects issues before they become incidents and accelerates investigation with automated incident analysis that delivers clear, natural language summaries. This results in improved team productivity and faster resolution times, enabling IT to meet business requirements while lowering costs.”

BigPanda’s AI-powered event and incident management solutions power critical stages of the incident lifecycle, giving teams highly relevant insights to detect, investigate, and resolve incidents quickly.  IT operations and managed services teams using this technology are able to standardize and centralize data, unify communication across stakeholders, and reduce escalations to senior staff. BigPanda’s AI-driven platform enables enterprises to maintain service uptime while delivering operational efficiency.

Verinext offers BigPanda’s AI-powered IT operations and incident management platform as part of its comprehensive suite of managed services designed to enhance operational efficiency, security, and business resilience. By combining BigPanda’s advanced technology with Verinext’s services expertise in cybersecurity and IT transformation, customers are empowered to streamline incident management processes, reduce operational friction, and unlock new efficiencies.

For more information about Verinext and BigPanda’s Incident Management, visit the website here.

Related News:

Halcyon and Verinext Partner to Close Endpoint Security Gaps

Verinext Partners with Veracode to Secure Software from Code to Cloud

The post Verinext and BigPanda Join Forces to Transform Incident Management appeared first on Digital IT News.

The funding round was led by Punja Global Ventures, with investment also from AXA XL, Prosegur/SegTech and HCS Capital. As part of this investment, Rimmo Jolly, co-founder at Punja Global Ventures, will join DeNexus’ Board of Directors, while Libby Benet, Global Chief Underwriter Officer at AXA XL, will join as a Board Observer. With this new funding, DeNexus is well-positioned to address the growing need for comprehensive cyber risk management in industrial environments, helping organizations navigate the complex landscape of cybersecurity threats and regulations.

“This investment is a strong vote of confidence in DeNexus’ vision and our ability to address the critical cybersecurity challenges faced by industrial enterprises and physical critical infrastructures,” said Jose Seara, CEO of DeNexus. “We’re poised to expand our go-to-market team, enhance our product offerings, and continue delivering on our commitment to provide a full-stack, end-to-end cyber risk management solution to our customers.”

DeNexus has demonstrated significant traction, with its solutions currently deployed at over 200 sites across the USA, UK, and Europe. Building on its product offering from the initial customers in the power electricity sector, the company has also successfully implemented its technology with a top data center hyperscaler, as well as a global manufacturer, and has secured contracts to serve one of the world’s largest airport owners and operators. The company is contributing to the cyber risk management of these critical activities and infrastructures at the backbone of our civilization.

“DeNexus is at the forefront of a crucial shift towards risk-based cybersecurity management,” said Rimmo Jolly of Punja Global Ventures. “Their approach aligns perfectly with new cybersecurity regulations in the U.S., EMEA and APAC, which demand that corporations report on how they manage and govern cyber risk. We’re excited to support DeNexus as they continue to innovate in this critical space.”

The cybersecurity market is at an inflection point, with enterprises spending over $200 billion on cybersecurity solutions and cyber insurance, yet still feeling vulnerable, especially in OT infrastructures. DeNexus addresses this challenge by empowering organizations to make data-driven, evidence-based decisions about cyber risk, and whether to mitigate, accept, avoid, or transfer it using its state-of-the-art, AI/ML-powered flagship product DeRISK.

“As cyber threats to critical infrastructures continue to evolve, it’s crucial that we support innovative solutions that can protect these vital systems, including proper affirmative insurance protection,” said Libby Benet of AXA XL. “DeNexus’ approach to cyber risk management is both timely and essential to build resilience in industrial companies and physical critical infrastructures, and we’re proud to be part of their journey.”

“In industrial environments, the boundaries between physical and cybersecurity get rapidly blurred,” says Barbara Albizuri, Director at Prosegur Tech Ventures. “Prosegur’s partnership with DeNexus reinforces our joint commitment to safeguarding critical infrastructure by combining cutting-edge cyber risk management technology with physical security expertise.”

DeNexus’ Board of Directors includes industry veterans Jose Seara, Alex Horvitz, Herb Madan, Rosa Kariger and Rimmo Jolly, bringing a wealth of experience to guide the company’s strategic direction.

“The insights generated by DeNexus’ technology open tremendous opportunities to improve the security in OT environments and to transfer risks from industrial operators to risk carries in the insurance and reinsurance market,” said Alex Horvitz, CEO of HCS Capital and Board Member of DeNexus.

To learn more about DeNexus’ Cyber Risk Management, visit the website here.

Related News:

Forescout Risk and Exposure Management Marks Milestone

MDR Service Launched by Darktrace to Bolster Security Operations

The post DeNexus Raises $17.5M in Series A to Transform Cyber Risk Management appeared first on Digital IT News.

As the prevalence of cyberattacks continues to grow, the resulting downtime, business disruption, and financial losses have become increasingly severe for victims. Consequently, a broad spectrum of stakeholders, including regulators, leading cyber lawyers, and informed security professionals, are now concentrating their efforts on a long-overlooked aspect of cyber resiliency: recovery.

“The cyber industry is largely focused on helping organizations resist cyberattacks, and while resistance is important, no organization will ever perfectly resist every possible cyberattack. Therefore, every organization must invest in a realistic recovery strategy that will bring their business back up and running within hours and days, not weeks or months of a cyberattack,” said Mark Grazman, CEO of Conversant Group.

Conversant’s Securitas Summa program offers businesses something truly unique: an assurance of recoverability, reverse engineered with in-depth knowledge of what the world’s biggest threat actors are doing right now. By combining ongoing managed data and infrastructure protection, real-time threat intelligence, a program of hardening and breach resistance, and the world’s leading recovery firm, Securitas Summa ensures businesses are prepared to effectively resist, and most importantly, rapidly recover from a cyberattack.

“The Securitas Summa program provides comprehensive cyber protection at every stage, providing customers with the tools they need to not only survive an attack, but to ensure business continuity in the face of a threat,” said John Anthony Smith, CSO and Founder of Conversant Group.

Key program benefits include:

• Rapid Implementation: Within 60 days, customers will have complete administrative controls and identity systems in place with no disruption to company employees.
• Ongoing Hardening: The first nine months focus on a hardening advisory program, followed by years of ongoing breach context and hardening recommendations.
• Fenix24 Guarantee: The inclusion of a no-cost recovery guarantee from Fenix24 provides a unique safety net, assuring businesses of their recoverability at no future charge if restoration (i.e. recovering from managed backups) is required.

For more information about Conversant’s Securitas Summa that is now available to current and new customers, visit the website here.

Related News:

Absolute Security Acquires Syxsense With Reimagined Cyber Resilience

Cyber Resilience Strategy Found Overestimated Research Finds

The post Conversant Group Launches Securitas Summa appeared first on Digital IT News.

“Based on our beta testing, the added coverage of Entra ID in Netwrix Threat Manager 3.0 shows the real possibility of safeguarding both our on-premises and cloud environments with a single solution. The product demonstrated the capability to provide greater control and visibility, which we believe could make it easier for organizations like ours to manage data security across hybrid infrastructure,” said a Senior Systems Engineer at a US non-profit testing organization.

The latest Netwrix Threat Manager enhances the protection of sensitive data and empowers customers to:

• Avoid attack escalation by detecting and preventing improper changes in AD and Entra ID, including analysis of abnormal user behavior, modifications to application permissions, changes in sensitive roles like Global Admin, and more.
• Contain security incidents on-premises and in the cloud by automating threat response with account disablement, reset of the affected user’s password, terminating all active sessions of the affected account, and marking the user account as compromised to trigger additional security measures and investigation.
• Minimize data overexposure thanks to more granular role-based access control for reporting and investigations across Active Directory and Entra ID.

“In 2024, 48% of organizations had to make changes to their security posture to meet the criteria of the cyber insurance policy they chose. To help our customers face digital threats with confidence and ensure their eligibility for cyber insurance, we remain focused on delivering strong, consistent security measures across the entire on-premises and cloud infrastructure,” says Michael Tweddle, Chief Product Officer at Netwrix.

To learn more about the new version of Netwrix Threat Manager, visit the product page here.

Related News:

84% of Large Enterprises Faced a Security Incident in the Past Year

In the Education Sector 77% of Organizations Spotted a Cyberattack

The post Netwrix Threat Manager 3.0 Extends its Capabilities appeared first on Digital IT News.

Digital certificates are used in everything from regular email communication or websites to the most modern industrial automation setups that depend on multiple entities with reliable identities communicating with each other in complex legacy and new hardware and software setups. In PKI architectures, certificates rely on asymmetric key pairs: a public key that is exposed and acts like a real-life passport or ID card and a private key that remains with the owner; both together are a virtual guarantee that the identity of the bearer is genuine. However, the safe storage of the private keys is the natural weak spot of many certificates.

Wibu-Systems has brought its decades of experience with cryptographically secure license creation, management, and storage to the certificate world to address this problem. Its solution, CodeMeter Certificate Vault, uses CmDongles, secure hardware elements to hold the private keys and run the necessary cryptographic operations within the embedded smart card chip from Infineon. This equips enterprises and private users who do not have access to high-end hardware secure modules with a safe repository for their digital identities.

CodeMeter Certificate Vault stands as the quintessential tool for securely storing and utilizing X.509 certificates, alongside safeguarding encrypted software license keys within a robust hardware dongle. Designed as a PKCS#11 compliant token provider, it ensures that keys nestled in CmDongles remain impenetrable, shielded against any form of duplication or tampering. This level of security ensures that applications leveraging the PKCS#11 interface find a seamless ally in CodeMeter Certificate Vault. Furthermore, its compatibility extends through OpenSSL integration, paving the way for seamless incorporation with diverse applications, including OPC UA servers. Engineered to work with RSA 2048 encryption, CodeMeter Certificate Vault is not just a solution but a fortress for digital security, redefining the standards of protection in the digital realm.

Now, CodeMeter Certificate Vault has just earned the prestigious AWS IoT Greengrass badge. This qualification not only underscores its seamless hardware security integration but also aligns it with the AWS service renowned for empowering edge devices. By facilitating local computation, messaging, data caching, synchronization, and Machine Learning inference, AWS IoT Greengrass enables devices to function autonomously while maintaining cloud connectivity for comprehensive management and storage solutions. This achievement marks a significant milestone for CodeMeter Certificate Vault, reaffirming its commitment to providing cutting-edge security solutions that meet the dynamic needs of the embedded technology landscape.

For Marco Blume, Product Manager at Wibu-Systems, the new qualification badge is a mark of maturity for CodeMeter Certificate Vault: “Security in the online world often depends on identities – the ability to know and trust that the service, device, or person one is dealing with is indeed who they say they are. With AWS IoT Greengrass qualification, our authentication solution enters a new phase where innovation and optimized performance increase customer confidence, contributing to the popularity of the solution.”

To learn more about Wibu Systems’ CodeMeter Certificate Vault, visit the website here.

Related News:

pkimetal Launched by Sectigo to Simplify Certificate Linting

ColorTokens Acquires PureID to Enhance Xshield Microsegmentation Platform

The post CodeMeter Certificate Vault Earns AWS IoT Greengrass 2.12.0 Qualification appeared first on Digital IT News.

Malwarebytes released new research revealing the alarming prevalence and financial impact of romance scams, also known as confidence fraud, dating or pig butchering scams. According to the survey, more than 66% of respondents have been targeted by romance scams with 10% of victims losing more than $10,000 and a shocking 3% parting with $100,000 or more. With 94% of those that lost money unable to recover it, the results highlight the urgent need for increased awareness and protective measures.

“Romance and dating scams are run by sophisticated cybercriminals who know what they’re doing. They conduct research, follow a playbook, and last year alone, these scams raked in over $650 million,” said David Ruiz, Senior Privacy Advocate, Malwarebytes. “Consumers need to be vigilant—stop and think before sending money, buying gift cards, or investing in cryptocurrency schemes from people they meet online. The more we can remove the stigma surrounding victims and provide education and resources, the faster we can minimize the devastating effects of these scams.”

Key Findings

Romance scams commonly target individuals on social media and online dating platforms to build trust over weeks and months. Individuals believe they are in a relationship and are tricked into sending money, personal and financial information, or items of value to the perpetrator or to launder money or items to assist the perpetrator. These types of scams have risen in prevalence over the past few years, driven by the loneliness epidemic and proliferation of digital platforms.

• Shifting targets: The demographics of romance scams remain largely the same, with the majority of targets over the age of 55 (74%) and male (56%). But younger demographics shouldn’t be overlooked—11% of victims were between the ages of 18 and 44, and 40% of targets were female.
• The long game: 26% of victims were engaged with the scammer for an extended period, with 12% communicating for several months and 5% entering relationships lasting a year or longer. These findings underscore the ongoing need for user education and heightened awareness.
• Stigma and shame: The survey revealed 40% of respondents never told anyone about their experience and only 11% took the step of reporting the scam to law enforcement or nonprofit organizations. Only 4% of victims sought help from a therapist or support group after their ordeal.
• Social media entry: 38% of scammers reached their victims via social media, followed by 31% via online dating profiles, 16% via email, and 11% via text. The rise of these entry points reflects how romance scammers are exploiting our increasingly digital lives.

How to Avoid Falling Prey to Romance Scams

• Keep personal information private: Limit the personal and financial information you share online, especially with new or unverified contacts. Use tools such as the Malwarebytes Personal Data Remover to minimize the amount of data accessible through search engine results, spam lists, and people search sites. This online personal data scanner will allow you to find out what sites are selling your information and get options on removing your details.
• Verify identities and sources: Exercise caution with unsolicited contacts, especially via social media, email or text message. Scammers often contact people “out of the blue.”
• Consult with a third party: If an investment opportunity seems promising, consult with a financial advisor or investment professional who can provide an objective opinion. Run any big financial requests from an online acquaintance by a trusted friend or family member for a gut check.
• Report suspicious activities: If you encounter something suspicious, report it to the appropriate authorities—local law enforcement or the FBI via its Internet Crime Complaint Center. Your action could prevent others from falling victim.

To read the blog, “Romance scams costlier than ever: 10 percent of victims lose $10,000 or more” and full survey results, visit the website here.

Related News:

Malwarebytes Unveils Personal Data Remover to Enhance User Privacy

Malwarebytes Adds Support for ARM-Based Chips

Research Methodology:

Malwarebytes conducted a pulse survey of its newsletter readers between August 5 and 15, 2024, via the Alchemer Survey platform. In total, 850 people across the globe responded.

The post Research Finds 10% of Romance Scams with Victims Losing Over $10,000 appeared first on Digital IT News.

The post Absolute Security Adds AI Threat Insights Module to its SSE appeared first on Digital IT News.

According to the survey, 84% of organizations in the large enterprises sector spotted a cyberattack within the last 12 months, compared to only 65% in 2023. The most common security incidents are phishing, user or admin account compromise, and ransomware or other malware attack.

“The surge in the attack rates across organizations of all sizes, including the enterprise sector, may indicate that threat actors found AI automation extremely beneficial. With the introduction of AI, sending a massive number of phishing emails and probing systems and services for vulnerabilities is only a matter of orchestration on those platforms operated by cybercriminals. Constant pressure stresses the security teams and might lead to reduced and worn-out protection levels. To ease this burden, organizations should consider involving third-party investigators as a part of their incident response plan. It will help offload the internal security team when dealing with an ongoing attack,” says Dirk Schrader, VP of Security Research and Field CISO EMEA at Netwrix.

For 53% of attacked large organizations, a security incident resulted in additional unexpected expenses to fix security gaps. Each fifth enterprise faced compliance fines (22%) and a reduced competitive edge (21%). Moreover, 30% of enterprises estimated their financial damage from cyber threats to be at least $50,000, compared to just 17% among organizations overall.

“Typically, large enterprises have already implemented the basic security controls and thus must address more complex and costly issues in the aftermath of an attack. Where a smaller organization may have a quick fix available and can accept certain risks, enterprises must invest in the security team, process changes, and tooling to close even the smallest gaps exploited by the attacker,” says Ilia Sotnikov, Security Strategist at Netwrix.

To view Netwrix’s additional findings for the enterprise sector, visit the website here. Or to review its annual global 2024 Hybrid Security Trends Report, visit the website here.

Related News:

In the Education Sector 77% of Organizations Spotted a Cyberattack

MSPs Face Unplanned Security Expenses from 51% of Cyberattacks

The post 84% of Large Enterprises Faced a Security Incident in the Past Year appeared first on Digital IT News.

As headlines have continued to show since the infamous British Airways breach, the third-party code scripts that businesses add to their websites are often poorly monitored and undersecured. While these scripts are necessary for critical site functions such as analytics, chatbots, and error handling, the scripts change frequently without a business’ knowledge—posing significant risks. Malicious actors exploit vulnerabilities within the scripts to redirect website visitors, steal sensitive information, or manipulate website content. As a result of increased security awareness on the infrastructure and open source supply chain, malicious actors increasingly seek to weaponize the browser as the place of execution—yet most sites have nothing in place to monitor client-side behavior.

With an advanced proxy service and an AI-driven detection engine, c/side offers a comprehensive toolkit to identify and neutralize malicious scripts in real-time. The innovative solution not only bolsters website security, but also significantly enhances website performance. Beyond safeguarding organizations from cyberattacks, c/side’s technology also simplifies compliance with stringent industry regulations like PCI DSS 4.0, making it a critical and particularly timely tool for businesses accepting digital payments via their sites.

“Even in the few short months since we launched, major browser supply chain attacks like polyfill[.]io and regulatory breach incidents like the one at Kaiser Permanente have underscored just how significant and rapidly-escalating this attack vector has become,” said Simon Wijckmans, CEO and founder, c/side. “Security and IT teams cannot take a ‘set it and forget it’ approach to the third-party web scripts that run through their organization’s website. We understand what’s required to ensure ongoing visibility and protection, and offer an end-to-end solution that’s simple to deploy. We’re thrilled to bring on new investors with our seed funding, and look forward to our next stage.”

“c/side is addressing client-side app security, one of the most challenging threats to digital organizations and a problem that has been largely overlooked until now,” said Andy McLoughlin, Managing Partner at Uncork Capital. “Their AI-driven solution not only identifies these threats but acts swiftly to neutralize them, ensuring robust client-side web security. We’re thrilled to lead this round and support the c/side team as they develop solutions to protect businesses from costly and damaging browser-executed attacks.”

“We’re impressed by c/side’s AI-driven approach and its potential to revolutionize client-side security at scale,” said Alex Pall, General Partner, Mantis VC. “This team has the expertise and vision to make a significant and lasting impact across the cybersecurity landscape, making web security more accessible to all. Whether you’re an early-stage grinding entrepreneur or a large established brand, c/side will grow to have your back. Simon and the team will make things rock!”

The seed funding will enable c/side to accelerate the development of its flagship product, the powerful proxy solution for securing third-party web scripts. The company will also deepen its vulnerability detection engine’s capabilities and grow its team to support customer service, sales, partnership, and marketing functions.

c/side’s free tier is now fully operational and available—anyone can sign up and begin securing their site from third-party risks in minutes here.

Related News:

Browser Supply Chain Secured with c/side AI-Fueled Security Solution

Remote Browser Isolation Launched as part of Keeper Connection Manager

The post c/side Secures Funding to Protect Websites from Third-Party Web Script Risks appeared first on Digital IT News.