Full M2150-768 Question bank from killexams.com

It truly is our specialty to offer updated, valid in addition to the latest M2150-768 Practice Questions that usually are verified to end up being working in a genuine M2150-768 exam. We include tested IBM Security Sales Mastery Test v4 questions in addition to answers in the download section from the website for the users to get at one simple click. M2150-768 Exam Braindumps is also up to date accordingly.

Exam Code: M2150-768 Practice test 2022 by Killexams.com team
IBM Security Sales Mastery Test v4
IBM Security test Questions
Killexams : IBM Security test Questions - BingNews https://killexams.com/pass4sure/exam-detail/M2150-768 Search results Killexams : IBM Security test Questions - BingNews https://killexams.com/pass4sure/exam-detail/M2150-768 https://killexams.com/exam_list/IBM Killexams : IBM Report: Data Breach Costs Reach All-Time High

For the twelfth year in a row, healthcare saw the costliest breaches among all industries with the average cost reaching $10.1 million per breach.

CAMBRIDGE, Mass. — IBM (NYSE: IBM) Security released the annual Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. With breach costs increasing nearly 13% over the last two years of the report, the findings suggest these incidents may also be contributing to rising costs of goods and services. In fact, 60% of studied organizations raised their product or services prices due to the breach, when the cost of goods is already soaring worldwide amid inflation and supply chain issues.

The perpetuality of cyberattacks is also shedding light on the “haunting effect” data breaches are having on businesses, with the IBM report finding 83% of studied organizations have experienced more than one data breach in their lifetime. Another factor rising over time is the after-effects of breaches on these organizations, which linger long after they occur, as nearly 50% of breach costs are incurred more than a year after the breach.

The 2022 Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches experienced by 550 organizations globally between March 2021 and March 2022. The research, which was sponsored and analyzed by IBM Security, was conducted by the Ponemon Institute.

Some of the key findings in the 2022 IBM report include:

  • Critical Infrastructure Lags in Zero Trust – Almost 80% of critical infrastructure organizations studied don’t adopt zero trust strategies, seeing average breach costs rise to $5.4 million – a $1.17 million increase compared to those that do. All while 28% of breaches amongst these organizations were ransomware or destructive attacks.
  • It Doesn’t Pay to Pay – Ransomware victims in the study that opted to pay threat actors’ ransom demands saw only $610,000 less in average breach costs compared to those that chose not to pay – not including the cost of the ransom. Factoring in the high cost of ransom payments, the financial toll may rise even higher, suggesting that simply paying the ransom may not be an effective strategy.
  • Security Immaturity in Clouds – Forty-three percent of studied organizations are in the early stages or have not started applying security practices across their cloud environments, observing over $660,000 on average in higher breach costs than studied organizations with mature security across their cloud environments.
  • Security AI and Automation Leads as Multi-Million Dollar Cost Saver – Participating organizations fully deploying security AI and automation incurred $3.05 million less on average in breach costs compared to studied organizations that have not deployed the technology – the biggest cost saver observed in the study.

“Businesses need to put their security defenses on the offense and beat attackers to the punch. It’s time to stop the adversary from achieving their objectives and start to minimize the impact of attacks. The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases.” said Charles Henderson, Global Head of IBM Security X-Force. “This report shows that the right strategies coupled with the right technologies can help make all the difference when businesses are attacked.”

Over-trusting Critical Infrastructure Organizations

Concerns over critical infrastructure targeting appear to be increasing globally over the past year, with many governments’ cybersecurity agencies urging vigilance against disruptive attacks. In fact, IBM’s report reveals that ransomware and destructive attacks represented 28% of breaches amongst critical infrastructure organizations studied, highlighting how threat actors are seeking to fracture the global supply chains that rely on these organizations. This includes financial services, industrial, transportation and healthcare companies amongst others.

Despite the call for caution, and a year after the Biden Administration issued a cybersecurity executive order that centers around the importance of adopting a zero trust approach to strengthen the nation’s cybersecurity, only 21% of critical infrastructure organizations studied adopt a zero trust security model, according to the report. Add to that, 17% of breaches at critical infrastructure organizations were caused due to a business partner being initially compromised, highlighting the security risks that over-trusting environments pose.

Businesses that Pay the Ransom Aren’t Getting a “Bargain”

According to the 2022 IBM report, businesses that paid threat actors’ ransom demands saw $610,000 less in average breach costs compared to those that chose not to pay – not including the ransom amount paid. However, when accounting for the average ransom payment, which according to Sophos reached $812,000 in 2021, businesses that opt to pay the ransom could net higher total costs – all while inadvertently funding future ransomware attacks with capital that could be allocated to remediation and recovery efforts and looking at potential federal offenses.

The persistence of ransomware, despite significant global efforts to impede it, is fueled by the industrialization of cybercrime. IBM Security X-Force discovered the duration of studied enterprise ransomware attacks shows a drop of 94% over the past three years – from over two months to just under four days. These exponentially shorter attack lifecycles can prompt higher impact attacks, as cybersecurity incident responders are left with very short windows of opportunity to detect and contain attacks. With “time to ransom” dropping to a matter of hours, it’s essential that businesses prioritize rigorous testing of incident response (IR) playbooks ahead of time. But the report states that as many as 37% of organizations studied that have incident response plans don’t test them regularly.

Hybrid Cloud Advantage

The report also showcased hybrid cloud environments as the most prevalent (45%) infrastructure amongst organizations studied. Averaging $3.8 million in breach costs, businesses that adopted a hybrid cloud model observed lower breach costs compared to businesses with a solely public or private cloud model, which experienced $5.02 million and $4.24 million on average respectively. In fact, hybrid cloud adopters studied were able to identify and contain data breaches 15 days faster on average than the global average of 277 days for participants.

The report highlights that 45% of studied breaches occurred in the cloud, emphasizing the importance of cloud security. However, a significant 43% of reporting organizations stated they are just in the early stages or have not started implementing security practices to protect their cloud environments, observing higher breach costs2. Businesses studied that did not implement security practices across their cloud environments required an average 108 more days to identify and contain a data breach than those consistently applying security practices across all their domains.

Additional findings in the 2022 IBM report include:

  • Phishing Becomes Costliest Breach Cause – While compromised credentials continued to reign as the most common cause of a breach (19%), phishing was the second (16%) and the costliest cause, leading to $4.91 million in average breach costs for responding organizations.
  • Healthcare Breach Costs Hit Double Digits for First Time Ever– For the 12th year in a row, healthcare participants saw the costliest breaches amongst industries with average breach costs in healthcare increasing by nearly $1 million to reach a record high of $10.1 million.
  • Insufficient Security Staffing – Sixty-two percent of studied organizations stated they are not sufficiently staffed to meet their security needs, averaging $550,000 more in breach costs than those that state they are sufficiently staffed.

To obtain a copy of the 2022 Cost of a Data Breach Report, visit https://www.ibm.com/security/data-breach.

Fri, 29 Jul 2022 02:16:00 -0500 CS Staff en text/html https://www.campussafetymagazine.com/research/ibm-report-data-breach-costs-reach-all-time-high/
Killexams : Know How Automation Testing Market Growing Massively by 2022-2028 Focusing on Top Players – IBM, CA Technologies, Micro Focus, Capgemini

Automation Testing is anticipated to increase from USD 20.7 billion in 2021 to USD 49.9 billion by 2028. The market for automation testing is expanding as a result of the quick uptake of cutting-edge technology.

The COVID-19 pandemic has had a significant influence on the retail, banking, logistics, education, manufacturing, and healthcare industries. Automation testing services and solutions are widely used in these industries. As a result, the component is thought to have a High Impact. The short-term impact on the technology industry, which includes a disruption in the supply of raw materials, instability in the electronics value chain, and the potential for inflationary product risk.

The automated testing sector has a fantastic opportunity to evaluate these cutting-edge technical applications as modern technologies like IoT, AI, and machine learning are rapidly developing. Currently, rule-based software manages the majority of corporate processes digitally. The ability to handle important problems with this approach is somewhat limited.

Employee productivity and organisational performance eventually suffer as a result of the lengthy processes and excessively repetitive work that employees must perform.

Request sample Copy of this Report: 

https://www.infinitybusinessinsights.com/request_sample.php?id=655958

To prevent unauthorised access to data, governments apply data regulation laws from different economies. Numerous national and international rules, like the Health Insurance Portability and Accountability Act (HIPAA) in the US and the Data Protection Directive in the EU, must be adhered to when it comes to data storage security and privacy. Businesses have total control over their data when it is kept on-site, but data kept on the cloud is more open to security risks.

The use of smartphones and the internet is now a necessary part of daily life. Software apps are one of the sectors in the mobile and web business that are growing the fastest. This market expansion is attributed to factors such as the low cost of smartphones, the abundance of web-based applications, the decline in data pricing, and the increased purchasing power of end users. End customers obtain programmes based on treatment and rejection, two variables that are intimately related to the effectiveness of the application. Mobile applications also have a quicker development and life cycle than other types of applications. In order to develop the life cycle of mobile apps, automation testing for mobile applications is crucial. Companies may increase regression test cases and testing productivity.

Information security and privacy are concerned with how and where data is stored. Data security is one of the most important factors to take into account when implementing automation testing solutions. Data storage and media flow both need to use encryption. Additional security measures apply to the network and firewall where data storage occurs in an organisation. Infrastructure as a Service, Platform as a Service, and Software as a Service are all in high demand. Automation testing is gaining popularity, particularly in the BFSI and retail industries. Systems are exposed to a number of hazards due to the prevalence of smart, connected IoT-enabled gadgets that gather and exchange massive amounts of produced data.

An organisation with more than 1000 people that is not a micro, small, or medium firm is considered a large enterprise. Large businesses need automation testing services to ensure that their business operations run smoothly. Additionally helpful for lowering operational costs and raising client satisfaction, these automation services. With the growth of technologies, large corporations have developed a variety of the latest technology-based solutions and applications. It is necessary to periodically test these most recent technology-based solutions and applications to ensure that they precisely satisfy the set business objectives and aims. Because it gives security testing an advantage over other testing methods, large organisations supply software security the highest priority.

Regional Insight: 

The Americas ,US, Canada, Europe, UK, Germany, France, Europe as a whole, APAC, New Zealand and Australia, Japan, the rest of APAC, China, MEA, Africa and the Middle East Other MEA, South America, Brazil, Mexico, Latin America as a whole are major regions according to their contribution to the automating testing market.

Competitive Analysis:

The top manufacturers in the automation testing industry are Accenture (Ireland), AFour Technologies, Applitools, Astegic, Broadcom, Capgemini, Cigniti Technologies, Codoid, Cygnet Infotech, froglogic (Germany), IBM, Infostrecth, Invensis, Keysight Technologies, Micro Focus, Microsoft, Mobisoft Infotech, Parasoft, ProdPerfect, QA Mentor, QA Source, and QualityKi (US). To expand in the worldwide providing market, these players have taken a number of different strategies. The paper offers a thorough competition analysis of these major market participants who provide automation testing, together with information about their organisations, recent accomplishments, and important business strategies.

Some of the key questions answered in this report:
1. What will the market growth rate, growth momentum or acceleration market carries during the forecast period?
2. Which are the key factors driving the Automation Testing market?
3. What was the size of the emerging Automation Testing market by value in 2021?
4. What will be the size of the emerging Automation Testing market in 2028?
5. Which region is expected to hold the highest market share in the Automation Testing market?
6. What trends, challenges and barriers will impact the development and sizing of the Automation Testing market?
7. What are sales volume, revenue, and price analysis of top manufacturers of Automation Testing market?

If you need anything more than these then let us know and we will prepare the report according to your requirement.

For More Details On this Report @:

https://www.infinitybusinessinsights.com/enquiry_before_buying.php?id=655958

Table of Contents:
1. Automation Testing Market Overview
2. Impact on Automation Testing Market Industry
3. Automation Testing Market Competition
4. Automation Testing Market Production, Revenue by Region
5. Automation Testing Market Supply, Consumption, Export and Import by Region
6. Automation Testing Market Production, Revenue, Price Trend by Type
7. Automation Testing Market Analysis by Application
8. Automation Testing Market Manufacturing Cost Analysis
9. Internal Chain, Sourcing Strategy and Downstream Buyers
10. Marketing Strategy Analysis, Distributors/Traders
11. Market Effect Factors Analysis
12. Automation Testing Market Forecast (2022-2028)
13. Appendix

Contact Us:
473 Mundet Place, Hillside, New Jersey, United States, Zip 07205
International – +1 518 300 3575
Email: [email protected]
Website: https://www.infinitybusinessinsights.com

Thu, 04 Aug 2022 23:39:00 -0500 Newsmantraa en-US text/html https://www.digitaljournal.com/pr/know-how-automation-testing-market-growing-massively-by-2022-2028-focusing-on-top-players-ibm-ca-technologies-micro-focus-capgemini
Killexams : Search IBM Courses No result found, try new keyword!Once enrolled you can access the license in the Resources area <<< This course, Advanced Machine Learning and Signal Processing, is part of the IBM Advanced ... customer questions, you've got ... Thu, 22 Apr 2021 07:23:00 -0500 text/html https://www.usnews.com/education/skillbuilder/provider-search/ibm Killexams : Necessity is the mother of the ‘Rugged DevOps’ movement

No matter how good your perimeter security is, experts agree: Your system has been breached, whether you know it or not. The costs of security flaws—cybersecurity expert Joe Franscella calls them “The Five Horsemen of the Internet Apocalypse: Scam, Extortion, Embarrassment, Theft and Death”—are enormous. So why don’t we consider security a first-class citizen in DevOps?

“Security is still one of the last places where that archaic approach of development handing off the software to a different team and walking away still reigns,” said Tim Buntel, vice president of products for XebiaLabs. “Secure software is just good software, and good software is secure software. Everything that we’re doing in DevOps is allowing us to build better software at scale and release it faster.”

But building security in from the start rather than tacking it on at the end “takes a lot more than getting the security guys to attend standup meetings,” Buntel continued. All too often, he said, even large regulated industries have a tiny cadre of security experts vetting a fraction of a huge portfolio. And these enterprise static analysis runs can take days.

(Related: Putting the test back in DevOps)

For this DevOps Buyer’s Guide, XebiaLabs, along with Microsoft, Dynatrace, CollabNet, Appvance and CloudBees, spoke with SD Times about best practices for Rugged DevOps (a term coined by DevOps author Gene Kim) or DevSecOps. All agree that the time is ripe for adding security scans and stack analysis earlier in the DevOps workflow and mitigating malicious activity. To paraphrase Bruce Schneier, software security may be getting better—but it’s getting worse faster.

Is there a move toward Rugged DevOps?
The open-source Jenkins Continuous Integration (CI) platform has had a pivotal role in the DevOps tool chain and even the cultural lore. CI today, however, is just one piece in the DevOps Continuous Delivery pipeline. Sacha Labourey, CEO and founder of CloudBees, which commercializes Jenkins, has seen his own company paralleling the evolution of DevOps.

“We saw it through the fast adoption of Continuous Delivery, which led to increasingly sophisticated ‘flows’ being implemented on top of Jenkins, he said. “Consequently, about two years ago, we initiated the development of what’s now known as Jenkins Pipeline, a core feature of the newly released Jenkins 2.0. We also see an increased use of Docker, since it makes it very easy to have the exact same container used in development, testing and production. To that end, we also contributed a lot of features back to the Jenkins community.”

With a large target on its back, Microsoft has focused on security for years. Today, CEO Satya Nadella encourages a “live site culture,” or production-first mindset.

“Part of that mindset is saying, ‘Anytime I see something go wrong, it’s an opportunity for learning. Anytime I see a breach in security, I need to ask what can I do so this doesn’t happen again.’ How can we shorten our detection time, Improve mitigation, and limit the radius of users affected?” said Sam Guckenheimer, product owner for Visual Studio Cloud Services at Microsoft.

Those questions are more common today in part thanks to the movement that began 15 years ago, said Guckenheimer. “You had in 2001 the Agile Manifesto: Build software in potentially shippable increments. In 2007, you had 10 deploys a day at Flickr. I think DevSecOps is next,” he said.

What’s holding us back is cultural, but it’s also technical. “Part of the problem is that most security tools are too slow to work in a Continuous Integration model,” said Guckenheimer. “Checkmarx is probably the tool that’s cracked that first. Ideally, you want to be able to have your code scanned as part of the pull request in the Continuous Integration flow, and that’s just not practical with most tools that exist.”

Increasingly automated software delivery tool chains and pipelines can become critical assets similar to the “infrastructure as code” concept. But all the vendors interviewed agreed that Rugged DevOps is primarily a cultural effort. “Tooling needs to help make that happen, but won’t lead it,” said Labourey.

Combatting apathy, enforcing empathy
At Microsoft, one method of instilling application-level security in team culture is via war games waged on software in production. Red teams are attackers, blue teams are defenders, and a referee verifies findings and lets the blue team know if they have thwarted a red team attack or a discovered a genuine external threat. “There are rules of engagement: You can’t compromise the customer SLA (service level agreement), you can’t exfiltrate data, you can’t damage the database or bring down the service, but as the red team, you prove that you can get right to that point,” said Guckenheimer.

While some Microsoft teams, such as Azure public cloud, do war games continuously, “For us it’s more like quarterly. We do not have a permanent red team; we rotate them,” said Guckenheimer. “We do have a permanent blue team who are real defenders. The goal is to make them better. When you do a retrospective on these things, everyone comes and listens.”

As a result of war games, Guckenheimer lives by basic security rules:

• Use just-in-time administration

• Use multifactor authentication

• Manage and rotate secrets via key vaults

• Use a DevOps release pipeline

• Destroy compromised instances

• Don’t tip your hand to attackers

• Segregate domains; don’t dual-home servers

• Use different passwords

• Don’t use open file share

• Assign only one admin per workstation

• Think before clicking links (to stop phishing)

“Shift left” is the mantra for DevOps, and security is no exception, according to Appvance CEO Kevin Surace. “DevOps means shifting everything left, including app penetration and DDoS (distributed denial of service) testing,” he said.

“It’s great to do once-a-year tests outside or have a security center of excellence. But any build can and does add security risks, which need to be found and evaluated. Source-code scanning should always be run, but you won’t be able to find everything until you execute use-case-driven [app penetration testing] at every build or at a minimum for each release candidate.”

War games and penetration tests are fun, but how do you create that empathetic connection between development and security? One controversial technique used to create empathy is giving pagers to developers so that they feel the pain of late-night operations snafus. Is there a similar approach that could happen with security?

“I don’t like the pager idea,” said Andreas Grabner, a developer advocate for Dynatrace. “What I like is that the team itself, we don’t deploy after 1 p.m. Why? Because we monitor. We still have three to four hours before we go home to figure out if that was a good or bad deployment. If at 1:30 p.m. we see an impact on end users, then we can say we introduced a bad deployment, or we roll back to a previous state.”

A pipe dream for low-tech companies
“These days, every business in the world relies on software to do business, but only a small percentage are actually software companies,” said Grabner. “They have to become software-defined businesses, but there’s not enough talent in the world to go around. That’s why the only way out of this is with solid automation and detecting all these problems in your pipeline.”

But is a Continuous Delivery pipeline with security gates even possible for many organizations? “That’s what everyone wants, but it’s very far away,” Grabner admits. Test automation is still in its infancy. “But the awareness that quality needs to be a core part of development is extremely increased.”

The concept of quality gates comes from Toyota’s iconic production line innovations, where any worker can stop the line if a quality check fails. In the case of software pipelines, according to Grabner, the automated quality gate can track architectural metrics such as the number of database queries executed, the number of web services calls, memory usage and more. “What we do with these quality gates is, we are detecting regressions caused by changes pushed on the pipeline: Something has changed from the way it used to be,” said Grabner.

“This feature consumed x amount of memory, and now it consumes y. If it has a negative impact, we need to stop the pipeline. This is what we call metrics-driven Continuous Development.” Teams can also aim to Improve the mean time from finding the issue to fixing it.

Monitoring deployed software is key. “We always also combine it with synthetic monitoring. That means if I deploy a new feature, I can monitor how real users use that feature, while synthetic monitoring checks the feature every 10 minutes,” said Grabner.

Securing components not your own
What about the code you didn’t write? How do you add security to 90% of code that is third-party components or open source? “Never just assume security and do use a governed adoption process and DevOps tools that support that,” said Ward Osborne, information security officer at Collabnet. “Limit your use of third-party to what you need. Test it. Disable all the stuff you don’t need at the start. Go through security testing.

“Back to the empathy question, if open source is important to your work, then it is good to establish relationships with the creators of the code and help them make it more secure—that is always a plus. Going forward, what we will see, as security becomes more integrated into development processes, is that open-source code will become more secure as well.”

There’s no excuse for playing fast and loose with frameworks, components and libraries, according to Guckenheimer: “Anyone worth their salt these days will only use trusted libraries. There are companies that specialize in that: WhiteSource and Black Duck and Sonatype, who will try to ensure that you are using trusted versions.”

Further, the pipeline also helps enforce policies around trusted components. “Presumably, you don’t consume anything, by policy, that isn’t acceptable because of known vulnerabilities and unsuitable maintenance on its side. These policies are reasonably easy to enforce with tooling,” said Guckenheimer.

Automation: If it hurts, do it more
The vendors surveyed agree that one baby step must happen before achieving the nirvana of a perfectly built app: test automation. “You need to aim for total automation, and if it hurts, it probably means you need to do it more, not less,” said Labourey. “That’s the only way to reliably and deterministically build products and make sure nobody can intrude through that process.

“Some initial reactions lead to thinking that automation will reduce security and just accelerate the deployment of buggy and insecure applications to production. Au contraire: If the right process is applied, automation behaves exactly like a boa constrictor, increasingly constricting any space left for human error, making it possible to reliably inject quality and security improvements through the process.”

But it will take a cultural change to get those who talk about DevOps and those who talk about security to do the unthinkable: eat lunch together at the next RSA conference. Creating virtuous loops, training consistently around phishing and other exploits, employing quality gates, scanning code and searching for anomalies is never-ending, but you’d better get good at it: It’s no longer optional.

DevOps war stories
SD Times asked security experts what their most frightening app-level security problem they’ve ever seen in their professional life, and what were the outcomes.

Ward Osborne, information security officer, Collabnet
“Complete indifference to security as a whole, and lack of understanding of security and how to build it in are the general components there. For example, some years back a major financial institution had failed an audit of the development center. The specific application that was flawed was an ATM platform, so every ATM essentially had a built in backdoor. The audit found weaknesses across CM, lack of peer reviews, and no location- or roles-based controls, which meant contractors could check out code, work on it at home and check it back in.

“It took six months to reengineer security into the ATM platform. This was very expensive: tens of millions of dollars. Had the model of methodology plus training plus tools been utilized to enforce best practices, this could have been prevented.”

Tim Buntel, vice president of products, XebiaLabs
“Honestly, the kinds of things that I’ve seen over the years are distressingly simple in many cases. SQL injection continues to plague so many applications.

“The presence of private keys, Amazon Web Services tokens, database credentials and credentials for third-party APIs in public repos is a common problem. I believe that was behind the Ashley Madison hack. Uber had an exploit that was based on a key stored in an available repo. That’s starting to change: Windows Azure has added a key vault that gives you a nice way to securely manage your keys.”

Kevin Surace, CEO, Appvance
“We witnessed a financial services company where under certain circumstances, particularly under heavier loads, a user would log in to their account and access other people’s data. In the end this was a caching issue with a pointer not moving fast enough when the system was at capacity. But this is the kind of thing that could have cost that company embarrassment and even financial losses or legal action. This begged for performance testing early in the cycle and often, looking for situations where response data does not match the expected under nominal and even extreme load conditions.”

Andreas Grabner, developer advocate, Dynatrace
“An example from our own organization happened to us a couple weeks ago. We provide a free version of our product, and someone used a security hole in our own signup form for malicious link injection. We became a spambot for them. That was scary, but we have monitoring in place, and we found out that number of requests from a specific geographic location jumped like crazy—in our case, in China. We saw business hours and IP addresses in China. Because we capture all the parameters, we saw they were using malicious link injection. So we saw spikes of load with malicious links.

“That allowed us do two things: Talk with the ops team about blocking that IP address, and talk with the dev team about not allowing just any kind of text to be filled into that form.”

Sam Guckenheimer, Visual Studio Cloud Services, Microsoft
“Any company of significance needs to assume that they are breached. Phishing is often very not random, very targeted. The Sony hack in 2014 was a case where the attackers were very sophisticated in targeting individuals. They like to target sys admins because they have admin credentials and network access.

“In terms of general DevOps goodness, if you can redeploy from the bare metal up very quickly, then it’s much easier to get rid of any attacker than if you have an infrastructure that stays in place for months or years. If you have static infrastructure and rigid change management, you’re in trouble. If you look at all highly publicized attacks, they all have that characteristic.

“The thing about APTs (advanced persistent threats) is, these are highly sophisticated agencies willing to do months of reconnaissance and stay undetected indefinitely if they can. The goal is often to plant themselves inside a network and just stay there.”

Sacha Labourey, CEO and founder, CloudBees
“At JBoss, over time, we had a number of security issues detected in the application server. Much like for any platform provider (operating systems, application servers, etc.), the situation is pretty stressful as you know that fixing the bug is only the first and probably easiest part of fixing the problem. The fixed binary now has to be deployed in dozens or thousands of clusters, which might take a very long time, and you don’t really control that part. This makes it pretty stressful as you can discover unpatched instances long after the problem was fixed.

“Sometimes, those companies simply didn’t react or didn’t know about the issue, information got lost. But in some cases, companies can make the conscious decision not to upgrade and wait for the next upgrade cycle, due to the fear of introducing instability in their systems. This is where having a fully-automated Continuous Delivery environment can hugely increase security as it makes it possible to test the new patched environment for a very low cost, in very little time.”

A guide to ‘Rugged DevOps’ offerings
Appvance: The Appvance Unified Test Platform (UTP) is designed to make Continuous Delivery and DevOps faster, cheaper and better. It features the ability to create tests, build scenarios, run tests and analyze results; a codeless recording environment; a full test suite; and multiple deployment options. In addition, Appvance UTP allows users to work with their existing tools, write once, and aims to provide a beginning-to-end testing solution.

Atlassian: Atlassian products accelerate delivery pipelines and amplify feedback. Teams have full visibility into their delivery pipeline thanks to JIRA Software, Bitbucket and Bamboo. Teams monitor operations via HipChat integrations and JIRA Service Desk, then collect and organize that input in Confluence to build a shared understanding of customers’ pain points.

BlazeMeter: BlazeMeter aims to fill an important gap missing in the Continuous Delivery pipeline: performance testing. The company helps keep up with demands modern software delivery teams have to deal with by making load and performance testing part of any workflow. The BlazeMeter solution features the ability to create and control tests using an automation-friendly domain specific language (DSL), run locally or from any of 30 cloud locations at any scale from a single test plan, receive real-time reporting and analytics and integrate via API and CLI to any other solution.

CA Technologies: CA Technologies DevOps solutions automate the entire application’s life cycle—from testing and release through management and monitoring. The CA Service Virtualization, CA Agile Requirements Designer, CA Test Data Manager and CA Release Automation solutions ensure rapid delivery of code with transparency. The CA Unified Infrastructure Management, CA Application Performance Management and CA Mobile App Analytics solutions empower organizations to monitor applications and end-user experience to reduce complexity and drive constant improvement.

Chef: Chef Enterprise delivers a shared repository of code for automating applications and resources. The solution provides a way for development and operations teams to collaborate and move at the speed of the market. It includes role-based access control, centralized reporting, activity monitoring, an enhanced management console, and multi-tenancy.

CloudBees: CloudBees, the enterprise Jenkins company, is the Continuous Delivery (CD) leader. CloudBees provides solutions that enable DevOps teams to respond rapidly to the software delivery needs of the business. Building on the strength of Jenkins, the world’s most popular open-source CD hub and ecosystem, the CloudBees Jenkins Platform provides a wide range of CD solutions that meet the unique security, scalability and manageability needs of enterprises.

CollabNet: CollabNet offers TeamForge, the industry’s No. 1 open application life-cycle-management platform that helps automate and manage enterprise application life cycle in a governed, secure and efficient fashion. CollabNet delivers enterprise software collaboration, life-cycle tool integration, and visibility to an expanded marketplace that must efficiently manage distributed agile implementations and DevOps initiatives. Leading global enterprises and government agencies rely on TeamForge to extract strategic and financial value from accelerated application development and delivery.

Dynatrace: Dynatrace offers products to help DevOps teams make more successful deployments by identifying bad code changes early and providing collaboration features to communicate success and failures between business and engineering. Dynatrace Application Monitoring automatically detects problems in production, traces end-to-end transactions, identifies end-user impact, provides code-level visibility for root cause diagnostics, eliminates false alarms, and can be automated into the Continuous Delivery processes to stop bad builds early in the delivery pipeline. Dynatrace User Experience Management monitors end users and all their interactions on their devices. It provides crash reports for mobile native apps, user behavior analysis and root cause analysis when bad user experience impacts behavior.

Electric Cloud: Electric Cloud is the leader in DevOps release automation. We help organizations developing enterprise web/IT, mobile and embedded systems applications deliver better software faster by automating and accelerating build, deployment and release processes at scale. Leading organizations like Cisco, E-Trade, Gap, GE, HP, Intel, Lockheed Martin, Qualcomm and Sony use Electric Cloud solutions and services to boost DevOps productivity and agile throughput, while providing a scalable, auditable, predictable and high-performance pathway to production.

IBM: IBM Bluemix provides the easiest, fastest on-ramp for any developer to create next-generation apps for the enterprise with IBM Cloud. Bluemix has grown exponentially since its launch in 2014, rapidly becoming one of the largest open public cloud deployments in the world. Onboarding more than 20,000 new developers each week, Bluemix currently offers more than 140 services and APIs—including advanced tools in cognitive, blockchain, Internet of Things, analytics and more—to design next-era, competitive apps which use data in new ways. Combining the power of these high-value services with the instant and easily accessible infrastructure of IBM Cloud, Bluemix is continuously delivering to developers—rapidly defining and adding what they need to build and iterate quickly.

JetBrains: TeamCity is a Continuous Integration and Delivery server from JetBrains (the makers of IntelliJ IDEA and ReSharper). It takes moments to set up, shows your build results on the fly, and works out of the box. TeamCity will make sure your software gets built, tested, and deployed, and will notify you on that the way you choose. TeamCity integrates with all major development frameworks, version-control systems, issue trackers, IDEs, and cloud services, providing teams with an exceptional experience of a well-built intelligent tool. With a fully functional free version available, TeamCity is a great fit for teams of all sizes.

Microsoft: Visual Studio Team Services, Microsoft’s cloud-hosted DevOps service, offers Git repositories; agile planning; build automation for Windows, Linux and Mac; cloud load testing; Continuous Integration and Continuous Deployment to Windows, Linux and Microsoft Azure; application analytics; and integration with third-party DevOps tools. Visual Studio Team Services supports any development language and is based on Team Foundation Server. It also integrates with Visual Studio and other popular code editors. Visual Studio Team Services is free to the first five users on a team, or to users with MSDN.

Serena Software: Serena Deployment Automation bridges the DevOps gap by simplifying and automating deployments and supporting Continuous Delivery. With Deployment Automation, teams can deliver efficient, reliable and high-quality software faster while reducing cycle times and providing feedback. Features include the ability to manage test and production environments, deployment pipeline automation, tool-chain integration, inventory tracking, the ability to create and visualize end-to-end deployment processes, and a reliable and repeatable process.

Tasktop: Tasktop integrates the tools that software delivery teams use to build great software. Tasktop Sync provides fully automated, enterprise-grade synchronization among the disparate life-cycle- management tools used in software development and delivery organizations. It allows practitioners in various disciplines to collaborate on the artifacts and work items they create while operating in their tool of choice. This enhances efficiency, visibility and traceability across the entire software development and delivery life cycle. Tasktop Data collects real-time data from these tools, creating a database of cross-tool life-cycle data and providing unparalleled insight into the health of the project.

XebiaLabs: XebiaLabs’ enterprise-scale Continuous Delivery and DevOps software provides companies with the visibility, automation and control they need to deliver software better, faster and with less risk. Global market leaders rely on XebiaLabs software to meet the increasing demand for accelerated and more-reliable software releases. For more information, please visit www.xebialabs.com.

Wed, 29 Jun 2022 12:00:00 -0500 en-US text/html https://sdtimes.com/appvance/necessity-mother-rugged-devops-movement/
Killexams : Pyongyang's [un]H0lyGh0st. Devlopments in the criminal underworld. $10m for troll-farmer info. Hacktivism in a hybrid war.

Dateline Moscow and Kyiv: A shift in momentum during an operational pause.

Ukraine at D+155: A shift in momentum? (The CyberWire) Russia's difficulties filling its depleted ranks (down nearly 50%, the US Intelligence Community is said to have told Congress) and its inability to advance (during what looks more like exhaustion and neutralization than it does operational pause) appear to have given Ukraine an opportunity to take back the initiative in the North, East, and, especially, the South. A look at hacktivism in the Ukrainian interest.

Russia-Ukraine war: List of key events, day 156 (Al Jazeera) As the Russia-Ukraine war enters its 156th day, we take a look at the main developments.

Russia-Ukraine war latest: what we know on day 156 of the invasion (the Guardian) Ukraine steps up campaign to retake Russian-controlled regions in south; Kyiv accuses Russia of a war crime over the deaths of more than 40 prisoners of war

Ukraine steps up counteroffensive against Russian forces (Al Jazeera) Ukrainian officials say campaign to retake parts of Kherson, Zaporizhia oblasts has begun, urging civilians to leave.

Russia-Ukraine war: Zelenskiy says grain exports ready to start; Kyiv and Moscow both launch investigations into PoW deaths – live (the Guardian) Ukraine’s president says Black Sea ports ready to export grain; Kyiv calls on world leaders to condemn Russia over attack that led to death of 40 PoWs

Ukraine could be turning the tide of war again as Russian advances stall (Washington Post) Russian advances in Ukraine have slowed almost to a standstill as newly delivered Western weapons help Ukrainian forces reclaim much of the advantage they had lost in recent months, opening a window of opportunity to turn the tide of the war in their favor again.

Ukraine war: Russian Kalibr cruise missiles strike military base near Kyiv (The Telegraph) Russian forces have struck a military base north of the capital Kyiv, Ukraine has said in a rare admission of a successful attack by Moscow on its military infrastructure.

Northern Ukraine Comes Under Burst of Russian Attacks Far From Front Lines (Wall Street Journal) Missiles and rockets rained down on northern Ukraine, marking the first time in weeks that the Kyiv region, far from the fighting in the country’s east and south, has been hit.

Ukraine war: West's modern weapons halt Russia's advance in Donbas (BBC News) Ukrainian soldiers credit the arrival of modern Western weapons for a sharp fall in Russia's attacks.

‘Half of Russian troops’ sent into Ukraine have been killed or injured (The Telegraph) According to US intelligence, casualties have rocketed to more than 75,000 – a loss equivalent to almost the entire British Army

Russia, Ukraine trade blame for deadly attack on POW prison (AP NEWS) Russia and Ukraine accused each other Friday of shelling a prison in a separatist region of eastern Ukraine, an attack that reportedly killed dozens of Ukrainian prisoners of war who were captured after the fall of a key southern city in May.

The Kremlin’s Plans to Annex Southeastern Ukraine Go into Effect (Wilson Center) After five months of all-out war, the Kremlin appears to have refined its plans for the future of the temporarily occupied territories in southeastern Ukraine.

Climbing the escalation ladder in Ukraine: A menu of options for the West (Atlantic Council) Our experts have assembled a list of possible policy responses the West ought to consider if Russia escalates its war against Ukraine.

Cascading Impacts of the War in Ukraine: Mental, Maternal, and Newborn Health (New Security Beat) This article was originally published as part of the summer 2022 issue of the Wilson Quarterly: Ripples of War.Ukraine and its people will feel the effects of the Russian invasion for years to [...]

Long Read: Russian Youth against War (Wilson Center) Young Russians strongly oppose the war in Ukraine. It is increasingly clear to them that the war is stealing their future and was started only to keep Vladimir Putin, his friends, and their heirs in power for as long as possible.

WSJ News Exclusive | New Group to Promote Open-Source Intelligence, Seen as Vital in Ukraine War (Wall Street Journal) A group of ex-U.S. national security officials has formed a professional association to promote the tradecraft of ‘open-source’ intelligence, the analysis of publicly available data that has helped Western powers understand and track Russia’s war on Ukraine.

Why Russia’s War in Ukraine Is a Genocide (Foreign Affairs) It’s not just a land grab, but a bid to expunge a nation.

Putin believed his own propaganda and fatally underestimated Ukraine (Atlantic Council) Russian President Vladimir Putin likes to pose as an unrivalled expert on Ukrainian history and identity politics. However, it is now apparent that his understanding of Ukraine has been hopelessly distorted by the wishful thinking of his own propaganda. When the Russian dictator gave the order to invade Ukraine five months ago, he seems to have genuinely believed his army would be met with cakes and flowers by a grateful population. Instead, he has plunged Russia into a disastrous war and turned his country’s closest neighbour into an implacable enemy.

Long Read: Russian Youth against War (Wilson Center) Young Russians strongly oppose the war in Ukraine. It is increasingly clear to them that the war is stealing their future and was started only to keep Vladimir Putin, his friends, and their heirs in power for as long as possible.

The Paradoxes of Escalation in Ukraine (Foreign Affairs) Slowly but surely, Russia and the West are drawing their redlines.

Climbing the escalation ladder in Ukraine: A menu of options for the West (Atlantic Council) Our experts have assembled a list of possible policy responses the West ought to consider if Russia escalates its war against Ukraine.

Can Putin Survive? (Foreign Affairs) The lessons of the Soviet collapse.

Is Viktor Orban right about the Ukraine war? (The Telegraph) The Hungarian leader's call for peace may make sense for Hungary now - but long-term it would cripple his country and the West

Putin 'embarrassed' as hackers launch cyber war on Russian President over Ukraine invasion (Express.co.uk) HACKERS are targeting and "embarrassing" Vladimir Putin in a bid to crush the Russian cybersecurity regime as it continues to wage its illegal war on Ukraine.

Is Anonymous Rewriting the Rules of Cyberwarfare? Timeline of Their Attacks Against the Russian Government (Website Planet) Jeremiah Fowler, together with the Website Planet research team, took an in depth look at how the hacker collective has changed the landscape of what

Ukraine’s tech excellence is playing a vital role in the war against Russia (Atlantic Council) Russia’s invasion of Ukraine is now in its sixth month with no end in sight to what is already Europe’s largest conflict since WWII. In the months following the outbreak of hostilities on February 24, the courage of the Ukrainian nation has earned admiration around the world. Many international observers are encountering Ukraine for the first time and are learning that in addition to their remarkable resilience, Ukrainians are also extremely innovative with high levels of digital literacy.

Russia’s pulling the plug on space cooperation. Should the world be worried? (Atlantic Council) Our experts break down Moscow’s extraplanetary plans after it pulls out of the International Space Station.

Crops ‘Stored Everywhere’: Ukraine’s Harvest Piles Up (New York Times) Farmers who have lived under the risk of Russian missile attacks have their doubts about an international agreement to ease a blockade on grain shipments through the Black Sea.

Ukraine to double energy exports amid Russian gas cuts to Europe (Fox Business) Ukraine will double its energy exports to Europe as EU nations cope with an energy standoff with Russia amid an international gas crisis.

Russian economy ‘crippled at every level’ despite Putin’s propaganda (The Telegraph) Country in ‘dire straits’ as exodus of Western firms knocks out 40pc of GDP

Isolation complication? US finds it's hard to shun Russia (AP NEWS) The Biden administration likes to say Russia has become isolated internationally because of its invasion of Ukraine . Yet Moscow's top officials have hardly been cloistered in the Kremlin.

‘Merchant of Death’ offered up by US in exchange for jailed citizens held in Russia (The Telegraph) Viktor Bout has been in US custody for 10 years for running a major arms smuggling operation

Russia has slowed flows of gas to Europe to a trickle - and the energy crisis could drag on until 2025, Goldman Sachs says (Markets Insider) Natural gas prices finally eased Thursday but have soared 145% since the start of June - and the crisis could continue for years, strategists said.

If Putin is using gas prices to fight Europe, how can it fight back? (the Guardian) Analysis: in this massive hybrid war, Europe is preparing its defences before winter and hoping sanctions bite

Attacks, Threats, and Vulnerabilities

How Threat Actors Are Adapting to a Post-Macro World (Proofpoint) In response to Microsoft’s announcements that it would block macros by default in Microsoft Office applications, threat actors began adopting new tactics, techniques, and procedures (TTPs).

CISA Releases Log4Shell-Related MAR (CISA) From May through June 2022, CISA responded to an organization that was compromised by an exploitation of an unpatched and unmitigated Log4Shell vulnerability in a VMware Horizon server. CISA analyzed five malware samples obtained from the organization’s network and released a Malware Analysis Report of the findings. Users and administrators are encouraged to review MAR 10386789-1.v1 for more information. For more information on Log4Shell, see:

MAR-10386789-1.v1 – Log4Shell (CISA) Since December 2021, multiple threat actor groups have exploited Log4Shell on unpatched, public-facing VMware Horizon and Unified Access Gateway (UAG) servers. From May through June 2022, CISA provided remote incident support at an organization where CISA observed suspected Log4Shell PowerShell downloads. During remote support, CISA confirmed the organization was compromised by malicious cyber actors who exploited Log4Shell in a VMware Horizon server that did not have patches or workarounds applied. CISA analyzed five malware samples obtained from the organization’s network: two malicious PowerShell files, two Extensible Markup Language (XML) files, and a 64-bit compiled Python Portable Executable (PE) file.

Threat Advisory: Hackers Are Selling Access to MSPs (Huntress) We’re currently monitoring a situation that entails a hacker selling access to an MSP with access to 50+ customers, totaling 1,000+ servers.

Experts warn of hacker claiming access to 50 U.S. companies through breached MSP (The Record by Recorded Future) Experts have raised alarms about a post on a hacker forum by someone claiming to have access to 50 different U.S. companies through an unknown managed service provider.

Exploit of Log4Shell Vulnerability Leads to Compromise of Major South American Vaccine Distributor (SecurityScorecard) Exploit of Log4Shell Vulnerability Leads to Compromise of Major South American Vaccine Distributor

Exploitation of recent Confluence Vulnerability Underway (SecurityWeek) Security researchers are already seeing the recent Questions for Confluence hardcoded password vulnerability being exploited in attacks.

Moxa NPort Device Flaws Can Expose Critical Infrastructure to Disruptive Attacks (SecurityWeek) Vulnerabilities found in Moxa’s NPort devices could allow attackers to cause significant disruption, including in critical infrastructure organizations.

Nuki Smart Lock Vulnerabilities Allow Hackers to Open Doors (SecurityWeek) NCC Group security researchers have identified 11 vulnerabilities impacting Nuki smart lock products, including some that allow attackers to open doors.

Vulnerability in Dahua’s ONVIF Implementation Threatens IP Camera Security (Nozomi Networks) Nozomi Networks Labs publishes a vulnerability in Dahua's ONVIF standard implementation, which can be abused to take over IP cameras.

Protestware on the rise: Why developers are sabotaging their own code (TechCrunch) A wave of software developers have self-sabotaged their code to protest big corporations to Russia's war in Ukraine.

Italian Insurer's Data Breach Uncovered Sensitive Staff Documents (Website Planet) Italian Insurer's Data Breach Uncovered Sensitive Staff Documents Vittoria Assicurazioni's open buckets exposed hundreds of thousands of files contai

Security Patches, Mitigations, and Software Updates

Google announces new Play Store policies around intrusive ads, impersonation and more (TechCrunch) Google announced new Play Store policies for developers on Wednesday that aim to address issues with intrusive ads, alarms, VPNs and impersonation of brands and other apps. The company said these policies will go into effect during different timeframes so developers have ample time to make changes …

Mitsubishi Electric Factory Automation Engineering Software (Update B) (CISA) 1. EXECUTIVE SUMMARY CVSS v3 8.3 ATTENTION: Exploitable remotely Vendor: Mitsubishi Electric Equipment: Mitsubishi Electric, Multiple Factory Automation Engineering Software products Vulnerability: Permission Issues 2.

Mitsubishi Electric FA Engineering Software (CISA) 1. EXECUTIVE SUMMARY CVSS v3 5.5 ATTENTION: Low attack complexity Vendor: Mitsubishi Electric Equipment: FA Engineering Software Vulnerabilities: Out-of-bounds Read, Integer Underflow 2. RISK EVALUATION Successful exploitation of these vulnerabilities may cause a denial-of-service condition.

Rockwell Products Impacted by Chromium Type Confusion (CISA) 1. EXECUTIVE SUMMARY CVSS v3 4.0 ATTENTION: Low attack complexity/public exploits are available Vendor: Rockwell Automation Equipment: FactoryTalk Software, Enhanced HIM for PowerFlex, Connected Components Workbench Vulnerability: Type Confusion 2. RISK EVALUATION Successful exploitation of this vulnerability could cause a denial-of-service condition.

2022 ForgeRock Consumer Identity Breach Report (ForgeRock) ForgeRock’s Consumer Identity Breach Report found that unauthorized access was the leading cause of breaches, accounting for 50% of all records compromised during 2021. To learn about the current threat landscape, obtain the report.

The State of Vulnerability Intelligence: 2022 Midyear Edition (Flashpoint) The State of Vulnerability Intelligence report empowers organizations to focus on what matters most, helping them to keep workloads manageable.

Software Supply Chain Risk (Coalfire) Coalfire, in conjunction with survey partner Cyber Risk Alliance, has developed our latest report to advance the cybersecurity community by researching and analyzing the risks currently facing the software supply chain.

Cyberattacks on satellites may only be getting more worrisome (Washington Post) Space is a burgeoning battleground for cyberattacks

It’s Not Just Loot Boxes: Predatory Monetization Is Everywhere (Wired) The UK recently declined to regulate prize draws as a form of gambling, but does it matter? The industry has moved on to more problematic ways to make money.

Marketplace

Cyber insurance is on the rise, and organizational security postures must follow suit (VentureBeat) When it comes to cyber insurance, much like other types of insurance, organizations should know what to look for — as well as what is expected of them. 

Cyber Insurance Price Hike Hits Local Governments Hard (Pew Trusts) Some rates have more than doubled, and many insurers require new security protections.

Cybersecurity Growth Investment Flat, M&amp;A Activity Strong for 2022 (SecurityWeek) While global markets have suffered, sales of cybersecurity software have remained strong. VC investment in cybersecurity has adapted to the world economy rather than stalled.

Decentralized data platform Space and Time raises $10 million in seed round (The Block) Funds raised in the Framework Ventures-led round will be used to expand Space and Time's engineering team and decentralized network.

ThreatX Recognized as a sample Vendor in the 2022 Gartner® Hype Cycle™ for Application Security (Business Wire) ThreatX today announced the company has been acknowledged twice as a sample Vendor in the Gartner Hype Cycle for Application Security, 2022 report.

Axis Named Most Innovative Security Services Company at 2022 Golden Bridge Business and Innovation Awards (PR Newswire) Axis announced today that it has been named Most Innovative Security Services Company at the 2022 Golden Bridge Business and Innovation Awards...

Gartner Magic Quadrant PAM | Delinea Positioned as a Leader (Delinea) Download a complimentary copy of Gartner’s 2020 report on the PAM market and vendors to see why Delinea is recognized as a leader.

Axonius Appoints Tom Kennedy as Vice President of Axonius Federal Systems (Axonius) Axonius today announced it has appointed Tom Kennedy as its Vice President of Axonius Federal Systems LLC, the company’s government-focused subsidiary.

Products, Services, and Solutions

Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud (Business Wire) Fastly Partners with HUMAN Security to Protect Customers from Bot Attacks and Fraud

Everything Blockchain Inc. Launches EB Control (Business Wire) Everything Blockchain Inc., (OTCMKTS: OBTX), a technology company that enables real-world use of blockchain to solve critical business issues, today a

Technologies, Techniques, and Standards

Cyber grades bring down agencies’ scores in FITARA 14 (Federal News Network) The 14th version of the FITARA scorecard shows one agency increased their score, while eight earned lower scores, mostly due to cybersecurity shortcomings.

Legislation, Policy, and Regulation

EU to Open San Francisco Office Focused on Tech Regulation (Wall Street Journal) The European Commission is opening a San Francisco office, an effort to Improve trans-Atlantic tech policy relations after years of tension between European regulators and U.S. tech firms.

Why Indonesia Has Embraced Huawei (Foreign Policy) If the U.S. wants to compete with China in developing countries, our research shows it needs to offer tangible assistance in response to real needs.

Victim of Private Spyware Warns It Can be Used Against US (SecurityWeek) Months after her father was lured back to Rwanda under false pretenses and jailed, Carine Kanimba discovered her own phone had been hacked using private spyware.

House Passes Cybersecurity Bills Focusing on Energy Sector, Information Sharing (SecurityWeek) The House has passed two cybersecurity bills: the Energy Cybersecurity University Leadership Act and the RANSOMWARE Act.

House Passes Chips Act to Boost U.S. Semiconductor Production (Wall Street Journal) The $280 billion bill passed despite a late push by Republican leaders to block the legislation over a separate Democratic spending proposal.

CHIPS Act clears Congress, ensuring $52 billion boost to US foundries (The Verge) The vote was the long-awaited bill’s final hurdle before Biden.

Congressional Democrats Introduce Net Neutrality Bill (CNET) Senate and House Democrats introduce a bill to reinstate Obama-era net neutrality rules and to supply the FCC authority over broadband networks.

Top White House cyber official says Congress should push for digital security mandates (The Record by Recorded Future) A senior White House official on Thursday said Congress could do more to set basic cybersecurity standards for critical infrastructure sectors to better protect them against digital threats.

Litigation, Investigation, and Law Enforcement

Police to share coding of AN0M app used in Operation Ironside arrests (ABC) Experts for alleged criminals charged in one of Australia's biggest criminal sting operations will be given access to the coding of a messaging app built by the Australian Federal Police to catch those allegedly involved in organised crime.

Rewards for Justice – Reward Offer for Information on Russian Interference in U.S. Elections (United States Department of State) The U.S. Department of State’s Rewards for Justice (RFJ) program, administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information on foreign interference in U.S. elections. The reward offer seeks information leading to the identification or location of any foreign person, including a foreign entity, who knowingly engaged […]

Crackdown on BEC Schemes: 100 Arrested in Europe, Man Charged in US (SecurityWeek) Authorities in Europe announce the arrests of 100 individuals for invoice fraud as the US indicts a Florida man for role in BEC scheme.

U.S. Justice Department probing cyber breach of federal court records system (Reuters) The U.S. Justice Department is investigating a cyber breach involving the federal court records management system, the department's top national security attorney told lawmakers on Thursday.

US DoJ probing 'incredibly significant' breach of federal records (Computing) The breach dates back to early 2020

Justice Department investigating data breach of federal court system (POLITICO) House Judiciary Committee Chair Jerrold Nadler described a "system security failure" of the U.S. Courts' document management system.

France Closes 'Cookies' Case Against Facebook (SecurityWeek) French privacy regulators on Thursday closed a case against Facebook after determining the US tech giant had changed the way it collected user data to comply with the law.

Fri, 29 Jul 2022 04:26:00 -0500 text/html https://thecyberwire.com/newsletters/daily-briefing/11/145
Killexams : IBM Research Open-Sources Deep Search Tools

(Laborant/Shutterstock)

IBM Research’s Deep Search product uses natural language processing (NLP) to “ingest and analyze massive amounts of data—structured and unstructured.” Over the years, Deep Search has seen a wide range of scientific uses, from Covid-19 research to molecular synthesis. Now, IBM Research is streamlining the scientific applications of Deep Search by open-sourcing part of the product through the release of Deep Search for Scientific Discovery (DS4SD).

DS4SD includes specific segments of Deep Search aimed at document conversion and processing. First is the Deep Search Experience, a document conversion service that includes a drag-and-drop interface and interactive conversion to allow for quality checks. The second element of DS4SD is the Deep Search Toolkit, a Python package that allows users to “programmatically upload and convert documents in bulk” by pointing the toolkit to a folder whose contents will then be uploaded and converted from PDFs into “easily decipherable” JSON files. The toolkit integrates with existing services, and IBM Research is welcoming contributions to the open-source toolkit from the developer community.

IBM Research paints DS4SD as a boon for handling unstructured data (data not contained in a structured database). This data, IBM Research said, holds a “lot of value” for scientific research; by way of example, they cited IBM’s own Project Photoresist, which in 2020 used Deep Search to comb through more than 6,000 patents, documents, and material data sheets in the hunt for a new molecule. IBM Research says that Deep Search offers up to a 1,000× data ingestion speedup and up to a 100× data screening speedup compared to manual alternatives.

The launch of DS4SD follows the launch of GT4SD—IBM Research’s Generative Toolkit for Scientific Discovery—in March of this year. GT4SD is an open-source library to accelerate hypothesis generation for scientific discovery. Together, DS4SD and GT4SD constitute the first steps in what IBM Research is calling its Open Science Hub for Accelerated Discovery. IBM Research says more is yet to come, with “new capabilities, such as AI models and high quality data sources” to be made available through DS4SD in the future. Deep Search has also added “over 364 million” public documents (like patents and research papers) for users to leverage in their research—a big change from the previous “bring your own data” nature of the tool.

The Deep Search Toolkit is accessible here.

Related Items

MIT-IBM Watson AI Lab Tackles Power Grid Failures with AI

IBM Acquires Observability Platform Databand.ai

A Nutrition Label for AI

Mon, 18 Jul 2022 02:37:00 -0500 text/html https://www.datanami.com/2022/07/18/ibm-research-open-sources-deep-search-tools/
Killexams : The Best Antivirus Software for 2022

If you live in a part of the US that’s subject to summertime tornadoes and lightning, you may have a lightning rod (or rather, a lightning protection system(Opens in a new window)) on your house. Maybe you don’t expect to need it. Maybe you’ve never seen it in action. But you’ve protected your domicile from lightning strikes and fires caused thereby. Keeping your computers protected with antivirus software is similar. You mostly don’t notice it, but if a virus, a Trojan, or a ransomware attack strikes, the antivirus safely disables it. Don’t have antivirus? Install it now. You don’t even have to wait for dry weather, or climb up on the roof.

If you haven’t already arranged security protection, we can help. We’ve reviewed more than 40 antivirus utilities so you can easily select one that fits your needs. We've gathered the top 10 tested products here, along with what to look for when selecting the right antivirus for you.


The Best Antivirus Deals This Week*

*Deals are selected by our commerce team

More About Our Picks

Bitdefender Antivirus Plus

Best Overall Antivirus

Bottom Line:

With impressive antivirus lab results and a collection of features that puts many full security suites to shame, Bitdefender Antivirus Plus is an excellent choice for protecting your PC.

Pros

  • Outstanding scores in independent lab tests and our web protection tests
  • Enhanced ransomware protection
  • Active Do Not Track
  • Banking protection
  • Offers a VPN
  • Many security-centered bonus features

Cons

  • Unlimited VPN access requires separate subscription

Why We Picked It

You can buy an antivirus utility that does everything an antivirus should, or you can buy one that does more—way more. That would be Bitdefender Antivirus Plus. The Plus in this case represents a multitude of features. Ransomware protection, a hardened browser for your financial transactions, VPN protection for your connections, a feature that smacks down ad trackers, automatic detection of missing security patches, a simple password manager…the list goes on. While its name says antivirus, this product's feature list beats many security suites.

Not only that, but it’s also a good antivirus. The independent testing labs routinely grant it perfect or near-perfect scores, and it aces many of our hands-on tests. Its ransomware-specific defense system proved itself in testing, too. And its Autopilot feature means that all this happens with minimum bother for you, the user.

Oh, there are a few minor nits. The password manager doesn’t have all the fanciest features, for example. And if you want unlimited use of the VPN, you must pay a bit extra. But, overall, this is a marvelous choice for antivirus protection.

Who It’s For

If you want maximal antivirus protection with minimal interaction, just fire up Bitdefender Antivirus Plus and turn on its Autopilot. Now you can sit back and do, well, anything you want!

Read Our Full Review

Best for Multi-Device Households

Bottom Line:

McAfee AntiVirus Plus protects every Windows, Android, macOS, and iOS device in your household, all for an excellent price, though it does less on Apple platforms.

Pros

  • Security for all your Windows, macOS, Android, and iOS devices
  • Excellent scores in our hands-on tests
  • Robust firewall
  • Virus protection pledge
  • New interface focuses on the user

Cons

  • Some features not working at present
  • Very slow full scan on Windows and macOS
  • One lab test failure
  • Mac edition less feature-rich than Windows or Android
  • Even fewer features for iOS

Why We Picked It

Installing antivirus protection on your main production computer is a good thing. Extending that protection to all your other devices is even better. With McAfee AntiVirus Plus, one subscription lets you install security software on every Windows, macOS, Android, and iOS device in your household. When all your devices are armored against attack, the whole network benefits.

McAfee gets plenty of high scores from the independent labs, though there are occasional slips. Its scores in our own hands-on tests are simply dazzling. And it goes beyond basic antivirus protection, with Ransom Guard, a simple firewall, a scan for missing security patches, a system to foil cryptojacking, and more. You’ll have to dig a little to find the My Network security scanner, but it’s worth the effort.

Who It’s For

How many computing devices are there in your household? If you lost count, if you couldn’t begin to say how many, McAfee AntiVirus Plus is just the antivirus you need. You can use any protected device to extend an installation invitation to any unprotected device, until your whole network is wrapped in protection.

Read Our Full Review

Best for Techies

Bottom Line:

In lab tests and our own hands-on tests, ESET NOD32 Antivirus earns some impressive scores. It also packs extras that go far beyond the antivirus basics, such as exploit protection and device control.

Pros

  • Some excellent scores from independent labs
  • Some good scores in our hands-on tests
  • HIPS component blocks exploits
  • Comprehensive device control

Cons

  • Poor score in our hands-on malware blocking test
  • Device control too complex for most users
  • Ransomware protection not effective in testing

Why We Picked It

When you see ESET’s blue-eyed cyborg mascot gazing serenely from the screen of ESET NOD32 Antivirus, you just know you’ve got some high-tech protection. It hits top scores in some independent lab tests and some of our own tests—we always like to see both. And ESET goes beyond many competitors with unusual high-tech features like its UEFI (Unified Extensible Firmware Interface) scan, a cut above the more common boot sector scan. It even looks for intrusions in the WMI (Windows Management Instrumentation) database.

Yes, you need some technical expertise to understand and make use of these high-tech features. The same is true of the Host Intrusion Prevention System (HIPS), which aims to detect and block attacks that try to leverage vulnerabilities in the operating system or in popular programs. As for the Device Control system, it’s a techie’s dream. You can exert total control on all types of external devices, or on individual devices. For example, you could ban the use of USB drives, so the kids don’t bring home malware with their homework, but specifically allow use of devices you’ve vetted yourself. At the device or type level, you can block all use, force read-only access, or just display a warning.

Who It’s For

Some antivirus tools do their best to work in the background with no technical involvement by the user. That’s not ESET NOD32 Antivirus. This product is great for those who want to get their hands dirty, taking an active role in security protection. If you have the knowledge and skills to use them, ESET has the features for you.

Read Our Full Review

Best for Speedy Scans

Bottom Line:

Malwarebytes Premium now functions as a full-blown antivirus, not just an assistant to your main antivirus. It earns excellent scores in our hands-on tests and its scores with independent testing labs are improving.

Pros

  • Maximum possible score in our hands-on malware protection test
  • Excellent scores in phishing and malicious URL blocking tests
  • Speedy full scan
  • Includes exploit protection, ransomware protection, behavior-based detection
  • More independent lab test results

Why We Picked It

For years, the cleanup-only Malwarebytes Free has been the go-to solution when your regular antivirus can’t do the job, but it was always a specialty tool, not for everyday use. Malwarebytes Premium, on the other hand, offers all the features you expect in a full-scale antivirus, starting with scanning on demand, on schedule, and on file access. Its full scan is speedy, and it uses a variety of techniques for real-time protection, including behavior-based detection, ransomware activity detection, and protection against exploit attacks.

It’s true that lab results for Malwarebytes are mixed, some great, some so-so. The company contends that its advanced detection techniques aren’t a perfect fit for standardized tests. In our own hands-on tests, it proved highly effective, earning a rare 10 of 10 points for malware protection and excellent scores for defending against malicious and fraudulent web pages.

Who It’s For

Anyone who’s used Malwarebytes Free to remedy another antivirus tool’s slip-up will appreciate the full-powered Malwarebytes Premium. Even if you never needed that kind of rescue, this product’s speedy scan and excellent hands-on test results are a big draw.

Read Our Full Review

Best for Single-Desktop Protection

Bottom Line:

Norton AntiVirus Plus gets impressive scores in independent lab tests and our own hands-on tests, and it and offers a wealth of useful features. However, it's expensive and doesn't offer deals for multiple-computer households.

Pros

  • Excellent scores in independent lab tests and our hands-on tests
  • Data Protector foils ransomware attacks
  • Includes online backup, firewall, exploit protection, password manager, and other bonus features

Cons

  • Expensive
  • No multi-license pricing

Why We Picked It

Quick, name three antivirus companies. Was one of them Norton? Probably. Norton’s antivirus prowess has developed over decades, and Norton AntiVirus Plus is the pinnacle of that evolution. All the testing labs we follow report on Norton’s capabilities, and it gets plenty of perfect scores. Norton also aces our hands-on tests, including a test using a dozen real-world ransomware samples.

There’s more to this product than just antivirus, too. Its firewall protects against both outside attacks and betrayal from within, without bombarding the unsuspecting user with confusing popup queries. A separate module enhances firewall protection by detecting and blocking exploit attacks. Other bonus features include a backup system that can archive your files locally or in the provided online storage, a spam filter for those who still need such a thing, a simple password manager, and more.

The one thing you don’t get with Norton is multi-device protection. This antivirus is strictly for Windows, and it’s a single-license product, with no volume discounts. If you need more Norton, try the company’s suite products.

Who It’s For

Not everyone needs to protect a houseful of devices. Some of us are happy with a single, powerful computer, protected by a single, powerful antivirus. Is that you? If so, Norton AntiVirus Plus is just what you need.

Read Our Full Review

Best for Thrifty Users

Bottom Line:

The affordable Sophos Home Premium expands on basic antivirus with protection forged in the company's enterprise-level products, including a convenient remote management app.

Pros

  • Excellent scores in some hands-on tests
  • Convenient mobile management app
  • Protects against ransomware, keyloggers, exploits
  • Remotely manages up to 10 PCs or Macs
  • Inexpensive

Cons

  • Limited results from testing labs
  • Parental control and webcam protection limited
  • So-so phishing test score
  • Advanced features require uncommon tech expertise

Why We Picked It

Sophos is a big name in business-level antivirus, with remote management to keep the IT team in charge of security. Sophos Home Premium brings that same remote management to you, the consumer. You can install antivirus protection for your family and friends, whether they’re across town or across the country, and manage all the installations without leaving your lair. Best of all, it’s seriously inexpensive, with a 10-license price that matches what many competitors charge for just three licenses.

This antivirus only has one recent lab test score, but it’s a good one—AAA certification from SE Labs. In our hands-on malware protection test it managed 100% detection and scored 9.9 of 10 possible points. It also earned 100% for defending against malware-hosting web pages. But its protection doesn’t stop there. Packed in its tiny local agent program are effective ransomware protection, defense against exploit attacks, an admittedly less-effective parental control content filter, protection for your financial transactions, webcam hijack prevention, and more.

As noted, you can manage all your installations from a convenient online console. More recently, Sophos has extended that remote control ability to apps for Android and iOS, meaning you can exercise your remote control powers from anywhere.

Who It’s For

Are you the default security expert for your extended family or circle of friends? Are you tired of driving across town to rescue your beloved uncle after he clicked something he shouldn’t have? With Sophos Home Premium you can take good care of your peeps from wherever you happen to be.

Read Our Full Review

Best for No-Frills Protection

Bottom Line:

F-Secure Anti-Virus's advanced network protection and DeepGuard behavior-based detection system make it a powerful malware fighter, but its ransomware protection stumbled in our testing.

Pros

  • Good scores in independent lab tests and our tests
  • Detects brand-new malware, including ransomware
  • Advanced network protection
  • Streamlined, simple interface
  • Inexpensive

Cons

  • Failed some ransomware protection tests
  • No phishing protection

Why We Picked It

Sometimes you feel like a suite, sometimes you don’t. F-Secure Anti-Virus sticks to the essential tasks of an antivirus: scanning for malware on demand, on schedule, and on file access. An F-Secure full scan is speedy, a re-scan even speedier, and it has a simple, streamlined user interface. As a bonus, the typical price for one antivirus license gets you an F-Secure threefer.

When we last reviewed it, F-Secure had test results from all four of the labs we follow, and an aggregate labs score of 9.1 points (with 10 points the maximum). Only two of the latest reports include F-Secure, but it got a perfect score from AV-Test and passed a grueling test by MRG-Effitas. A network-level filter blocks access to dangerous malware-hosting websites, though it doesn’t attempt detection of phishing frauds. And the antivirus took a decent score in our hands-on malware protection test.

Who It’s For

If you want an inexpensive, speedy antivirus tool that does its job without a lot of fuss, F-Secure Anti-Virus is for you.

Read Our Full Review

Best Breadth of Features

Bottom Line:

G Data Antivirus gets decent marks from the independent testing labs and excellent scores in some of our own tests. Beyond basic antivirus, it includes a spam filter as well as components designed to fight ransomware and other malware types.

Pros

  • Excellent score in our hands-on malware protection test
  • Protects against banking Trojans, keyloggers, ransomware, and exploits
  • Includes spam filter

Cons

  • Mixed scores in independent lab tests

Why We Picked It

The G Data website states that G Data released the first antivirus program in 1985. Whether or not it was the very first, G Data Antivirus has a long and storied history. Two of the four independent labs we follow supply the nod to this venerable tool in their latest tests. AV-Test gives it the top possible rating, while its scores in tests by AV-Comparatives range from passing to perfect. In our hands-on malware protection and malicious obtain defense tests, G Data scored very near the maximum.

Over the course of its evolution, this antivirus tool has picked up quite a few bonus security tools. With the regular antivirus disabled, its behavior-based ransomware protection layers detected half the samples we threw at it. An exploit detection component scored better than most competitors in testing. Other bonus features include spam filtering, BankGuard protection for financial transaction, active defense against keyloggers, and fine-grained control over startup programs.

Who It’s For

Some folks lean toward the newest, shiniest antivirus protection, while others prefer a mature product that’s had plenty of time to shake out any weaknesses. G Data Antivirus is definitely full-grown, and includes quite a few security bonuses. It’s just thing for those seeking a well-aged antivirus tool.

Read Our Full Review

Trend Micro Antivirus+ Security

Best for Single-PC Protection

Bottom Line:

In addition to malware protection for a single Windows computer, Trend Micro Antivirus+ Security offers layered protection against ransomware, a firewall booster, protection for online banking, and more.

Pros

  • Very good scores in our antiphishing and malicious URL blocking tests
  • Multilayered ransomware protection
  • Pay Guard protects online transactions
  • Many bonus features

Cons

  • Poor score in our hands-on malware protection test
  • Some poor scores in independent lab tests
  • Social network link protection choices dated
  • No multi-device volume licensing

Why We Picked It

Though it originated in Los Angeles, Trend Micro is now a global security corporation based in Japan, one that’s acquired many other security businesses over the years. Its collective technology makes Trend Micro Antivirus+ Security more than just an antivirus. Among other components, Trend Micro features: Pay Guard to protect your financial transactions; a Firewall Booster; spam filtering with a separate Fraud Buster component; multi-layered ransomware protection; a detector for unauthorized cryptocurrency mining; and markup of dangerous links in search results and social media.

But does it work? AV-Test’s latest report gives Trend Micro a perfect score, and past evaluations by SE Labs certified it at the top AAA level. It doesn’t take top scores from AV-Comparatives, though. And it failed two admittedly difficult tests by MRG-Effitas. On the plus side, it earned very good scores in our tests of defense against malicious and fraudulent websites.

Like Norton, this is a single-device product, with no volume discounts. If you want a multi-device license from Trend Micro you’ll have to opt for one of its suite products.

Who It’s For

Don’t turn to Trend Micro Antivirus+ Security to protect a house full of computing devices. That’s not what it’s for. Rather, install it on that one essential computer where you spend your work and play time.

Read Our Full Review

Where Did Kaspersky Go?

Kaspersky Anti-Virus has topped the antivirus lab testing charts for many years, garnering perfect scores, or at least near-perfect. It has also held PCMag's Editors' Choice honor for countless years. It's both attractive and effective. And it no longer appears in our list of best antivirus products. Here's why.

For years, Kaspersky has faced accusations and censure based on its Russian origins, though none of the accusations have come backed by hard evidence of malicious behavior. We at PCMag focused on the capabilities of the products, not on the brouhaha around the company. However, the current war in Ukraine has raised the stakes. Governments and third parties are cutting ties with Kaspersky. The FCC labeled Kaspersky a national security risk.

After consideration, we can no longer recommend you purchase Kaspersky security products. We've left the reviews in place, with a warning, since they provide useful information. But at least for now, we're removing Kaspersky products from our "Best of" lists.


What Are Viruses, Malware, and Ransomware?

We call it antivirus, but in truth it's unlikely you'll get hit with an genuine computer virus. Malware these days is about making money, and there's no easy way to cash in on spreading a virus. Ransomware and data-stealing Trojans are much more common, as are bots that let the bot-herder rent out your computer for nefarious purposes. Modern antivirus utilities handle Trojans, rootkits, spyware, adware, ransomware, and more. As noted, PCMag has reviewed more than 40 different commercial antivirus utilities, and that's not even counting the many free antivirus tools. Out of that extensive field we've named several Editors' Choice products and honored others with a four-star rating. If you have malware, one of the products listed in this article should take care of the problem.

These commercial products offer protection beyond the antivirus built into Windows; the best free antivirus utilities also offer more than Windows does. However, Microsoft Windows Defender Security Center is looking better and better lately, with some very good scores from independent testing labs. The combination of good lab scores and a great score in our hands-on malware protection test was enough to bring it up to 3.5 stars. It doesn't appear in this roundup of commercial antivirus products, naturally.


We Listen to the Antivirus Testing Labs

We take the results reported by independent antivirus testing labs very seriously. The simple fact that a company's product shows up in the results is a vote of confidence, of sorts. It means the lab considered the product significant, and the company felt the cost of testing was worthwhile. Of course, high scores in the tests are also important.

We follow four labs that regularly release detailed reports: SE Labs, AV-Test Institute(Opens in a new window), MRG-Effitas, and AV-Comparatives. We've devised a system for aggregating their results to yield a rating from 0 to 10.


How We Test Malware, Spyware, and Adware Defenses

We also subject every product to our own hands-on test of malware protection, in part to get a feeling for how the product works. Depending on how thoroughly the product prevents malware installation, it can earn up to 10 points for malware protection.

Our malware protection test necessarily uses the same set of samples for months. To check a product's handling of brand-new malware, we test each product using a large collection of extremely new malware-hosting URLs supplied by MRG-Effitas(Opens in a new window), noting what percentage of them it blocked. Products get equal credit for preventing all access to the malicious URL and for wiping out the malware during download.

Some products earn stellar ratings from the independent labs, yet don't fare as well in our hands-on tests. In such cases, we defer to the labs, as they bring significantly greater resources to their testing. Want to know more? You can dig in for a detailed description of how we test security software.


What's the Best Antivirus for Malware?

Antivirus products distinguish themselves by going beyond the basics of on-demand scanning and real-time malware protection. Some rate URLs that you visit or that show up in search results, using a red-yellow-green color-coding system. Some actively block processes on your system from connecting with known malware-hosting URLs or with fraudulent (phishing) pages.

Software has flaws, and sometimes those flaws affect your security. Prudent users keep Windows and all programs patched, fixing those flaws as soon as possible. The vulnerability scan offered by some antivirus products can verify all necessary patches are present, and even apply any that are missing.

Spyware comes in many forms, from hidden programs that log your every keystroke to Trojans that masquerade as valid programs while mining your personal data. Any antivirus should handle spyware, along with all other types of malware, but some include specialized components devoted to spyware protection.

You expect an antivirus to identify and eliminate bad programs, and to leave good programs alone. What about unknowns, programs it can't identify as good or bad? Behavior-based detection can, in theory, protect you against malware that's so new researchers have never encountered it. However, this isn't always an unmixed blessing. It's not uncommon for behavioral detection systems to flag many innocuous behaviors performed by legitimate programs.

Allow-listing is another approach to the problem of unknown programs. This type of security system only allows known good programs to run. Unknowns are banned. This mode doesn't suit all situations, but it can be useful. Sandboxing lets unknown programs run, but it isolates them from full access to your system, so they can't do permanent harm. These various added layers serve to enhance your protection against malware.


What's the Best Antivirus for Ransomware Protection and Firewalls?

Firewalls and spam filtering aren't common antivirus features, but some of our top products include them as bonuses. In fact, some of these antivirus products are more feature-packed than certain products sold as security suites.

Among the other bonus features you'll find are secure browsers for financial transactions, secure deletion of sensitive files, wiping traces of computer and browsing history, credit monitoring, virtual keyboard to foil keyloggers, cross-platform protection, and more. And of course, we've already mentioned sandboxing, vulnerability scanning, and application whitelisting.

We're seeing more and more antivirus products adding modules specifically designed for ransomware protection. Some work by preventing unauthorized changes to protected files. Others keep watch for suspicious behaviors that suggest malware. Some even aim to reverse the damage. Given the growth of this scourge, any added protection is beneficial.


Beyond Antivirus: Install a VPN

Your antivirus utility works in the background to keep out any faint possibility of infestation by malware, but its abilities don't extend beyond the bounds of your computer. When you connect to the wild and wooly internet, you risk the possibility your data could be compromised in transit. Sticking to HTTPS websites when possible can help, but for full protection of your data in transit you should install a Virtual Private Network, or VPN. This component is important enough that we're starting to see it as a bonus feature in some antivirus tools.


What Is the Best Antivirus?

Which antivirus should you choose? You have a wealth of options. Bitdefender Antivirus Plus routinely takes perfect or near-perfect scores from the independent antivirus testing labs, and it has more features than some security suites. A single subscription for McAfee AntiVirus Plus lets you install protection on all your Windows, Android, Mac OS, and iOS devices. Its unusual behavior-based detection technology means Webroot SecureAnywhere Antivirus is the tiniest antivirus around. We've named these three Editors' Choice for commercial antivirus, but they're not the only products worth consideration. Read the reviews of our top-rated products, and then make your own decision.

Sun, 05 Jun 2022 13:08:00 -0500 en text/html https://www.pcmag.com/picks/the-best-antivirus-protection
Killexams : Review: QRadar Is Ready to Detect, Halt and Analyze Network Threats

Keeping networks free of threats in higher education is a difficult task. With potentially hundreds of faculty members and thousands of students online, separating good and bad traffic while identifying both legitimate users and potential threats is extremely challenging. With the pandemic forcing many students and staff into remote learning environments, the problem has only gotten worse, and threat actors have been quick to respond with increased attacks.

Two of the biggest problems for cybersecurity teams in higher education are a lack of resources and an inability to coordinate defenses. The IBM Security QRadar Security Information and Event Management (SIEM) solution was designed to help with both of those problems.

MORE ON EDTECH: Establish a long-term security plan for remote staff and faculty in higher ed.

Components for Comprehensive Network Security

While the SIEM solution itself is powerful, it also comes with an entire system of assets that enhances its visibility and usefulness. This includes event collectors, event processors, flow collectors, flow processors and data nodes in addition to the central console.

All those components are designed to fit into any environment. They can be deployed as hardware, software or virtual appliances, and both the software and virtual appliance options can be deployed on-premises, as a service or distributed across hybrid environments.

In addition to its own network of components for monitoring and analyzing traffic and data, QRadar comes ready to automatically connect with more than 450 other security appliances.

In most cases, you can simply point the logs of those devices to the SIEM solution and it will automatically detect and integrate that feed into its activities. This way, universities can coordinate all their defenses in one place and keep watch over the entire enterprise with a much smaller staff than would normally be required.

Click the banner below to unlock premium content exploring network security.

Uses Data to Detect Known and Unknown Threats

Once in place, QRadar begins to access a prebuilt set of thousands of security use cases, anomaly detection algorithms, real-time correlation policies and rules to detect both known and unknown threats.

As potential threats are discovered, the SIEM solution will correlate all network activity to determine if the discovered activity is a lone attack or part of a coordinated campaign. You can even import threat feeds using the standard STIX/TAXII format to add even more context to incidents, and IBM includes its own X-Force threat feeds as well.

In addition to collecting insight about logs, traffic flows, anomalies and potential threats across on-premises, Software as a Service, multicloud and hybrid environments, QRadar also presents this information in an easy-to-understand graphical format.

While higher-level technicians will probably want to dig into the raw data, the graphical interface makes it easy for even the most junior technicians to quickly understand the biggest threats to the network and what actions need to be taken to restore security. Thereafter, QRadar helps with post-attack activities to plug vulnerabilities and prevent recurrences. 

Click the banner to learn about Westminster College's new approach to cloud security.

A SIEM Solution That Plays Well with Others

In cybersecurity, most companies pitch their products as the best and lobby their customers to remove everything else from their networks. IBM takes a different approach with QRadar and makes it easy to connect with almost any other kind of security device in order to coordinate defenses. Given that many college network defenses have grown up organically over time, this approach works well to protect campus networks.

To test this out, a QRadar instance was installed on a test network with a variety of other security appliances. Once configured, malware was introduced via a variety of paths, including one advanced persistent threat to test QRadar’s ability to coordinate defenses.

Setup of QRadar was surprisingly easy. Many of the security tools from other companies were automatically detected by QRadar and easily integrated into the appliance’s main interface. For those that were not detected, simply pointing the log files at QRadar was enough to trigger their inclusion.

For custom tools or log files generated by unique devices, QRadar provides an editor that makes onboarding those tools a quick process.

LEARN MORE: A proactive approach to avoiding zero-day attacks in higher education.

Once configured, we began to introduce malware to the test network using a variety of methods, from cloud-based incursions to direct introductions using endpoint hardware.

In all cases, the QRadar SIEM solution was able to detect those events and put them all in one place for analysis. It was even able to determine that several attacks were related, even though they were entering the test network from different avenues and were detected using different tools.

Despite the hodgepodge nature of the defenses, QRadar presented the situation in one place and helped to coordinate a unified defense. It also provided context for the attacks, correctly deducing that it was part of an ongoing campaign and showing how to prevent them from breaching defenses in the future.

As such, QRadar would be an invaluable tool and a real force multiplier for overworked IT staff trying to protect higher education networks. Its ease of use and simplicity of operations helps QRadar earn extra credit for its impressive performance.

SPECIFICATIONS

Device Type: Security Information and Event Management solution
Number of Supported Security Devices: 450+
Features: Threat detection, prioritization, investigation and response
Monitored Assets: Endpoints, network devices, cloud applications, threat intelligence, containerized assets, software services and others
Configuration: Hardware, software or virtual appliance

Wed, 05 Jan 2022 04:49:00 -0600 John Breeden II en text/html https://edtechmagazine.com/higher/article/2022/01/review-qradar-ready-detect-halt-and-analyze-network-threats
Killexams : IBM Report: Consumers Pay the Price as Data Breach Costs Reach All-Time High

60% of breached businesses raised product prices post-breach; vast majority of critical infrastructure lagging in zero trust adoption; $550,000 in extra costs for insufficiently staffed businesses

CAMBRIDGE, Mass., July 27, 2022 /PRNewswire/ -- IBM (NYSE: IBM) Security today released the annual Cost of a Data Breach Report,1 revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. With breach costs increasing nearly 13% over the last two years of the report, the findings suggest these incidents may also be contributing to rising costs of goods and services. In fact, 60% of studied organizations raised their product or services prices due to the breach, when the cost of goods is already soaring worldwide amid inflation and supply chain issues.

60% of breached businesses studied stated they increased the price of their products or services due to the data breach

The perpetuality of cyberattacks is also shedding light on the "haunting effect" data breaches are having on businesses, with the IBM report finding 83% of studied organizations have experienced more than one data breach in their lifetime. Another factor rising over time is the after-effects of breaches on these organizations, which linger long after they occur, as nearly 50% of breach costs are incurred more than a year after the breach.

The 2022 Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches experienced by 550 organizations globally between March 2021 and March 2022. The research, which was sponsored and analyzed by IBM Security, was conducted by the Ponemon Institute.

Some of the key findings in the 2022 IBM report include:

  • Critical Infrastructure Lags in Zero Trust – Almost 80% of critical infrastructure organizations studied don't adopt zero trust strategies, seeing average breach costs rise to $5.4 million – a $1.17 million increase compared to those that do. All while 28% of breaches amongst these organizations were ransomware or destructive attacks.
  • It Doesn't Pay to Pay – Ransomware victims in the study that opted to pay threat actors' ransom demands saw only $610,000 less in average breach costs compared to those that chose not to pay – not including the cost of the ransom. Factoring in the high cost of ransom payments, the financial toll may rise even higher, suggesting that simply paying the ransom may not be an effective strategy.
  • Security Immaturity in Clouds – Forty-three percent of studied organizations are in the early stages or have not started applying security practices across their cloud environments, observing over $660,000 on average in higher breach costs than studied organizations with mature security across their cloud environments.
  • Security AI and Automation Leads as Multi-Million Dollar Cost Saver – Participating organizations fully deploying security AI and automation incurred $3.05 million less on average in breach costs compared to studied organizations that have not deployed the technology – the biggest cost saver observed in the study.

"Businesses need to put their security defenses on the offense and beat attackers to the punch. It's time to stop the adversary from achieving their objectives and start to minimize the impact of attacks. The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases." said Charles Henderson, Global Head of IBM Security X-Force. "This report shows that the right strategies coupled with the right technologies can help make all the difference when businesses are attacked."

Over-trusting Critical Infrastructure Organizations
Concerns over critical infrastructure targeting appear to be increasing globally over the past year, with many governments' cybersecurity agencies urging vigilance against disruptive attacks. In fact, IBM's report reveals that ransomware and destructive attacks represented 28% of breaches amongst critical infrastructure organizations studied, highlighting how threat actors are seeking to fracture the global supply chains that rely on these organizations. This includes financial services, industrial, transportation and healthcare companies amongst others.

Despite the call for caution, and a year after the Biden Administration issued a cybersecurity executive order that centers around the importance of adopting a zero trust approach to strengthen the nation's cybersecurity, only 21% of critical infrastructure organizations studied adopt a zero trust security model, according to the report. Add to that, 17% of breaches at critical infrastructure organizations were caused due to a business partner being initially compromised, highlighting the security risks that over-trusting environments pose.

Businesses that Pay the Ransom Aren't Getting a "Bargain"
According to the 2022 IBM report, businesses that paid threat actors' ransom demands saw $610,000 less in average breach costs compared to those that chose not to pay – not including the ransom amount paid. However, when accounting for the average ransom payment, which according to Sophos reached $812,000 in 2021, businesses that opt to pay the ransom could net higher total costs - all while inadvertently funding future ransomware attacks with capital that could be allocated to remediation and recovery efforts and looking at potential federal offenses.

The persistence of ransomware, despite significant global efforts to impede it, is fueled by the industrialization of cybercrime. IBM Security X-Force discovered the duration of studied enterprise ransomware attacks shows a drop of 94% over the past three years – from over two months to just under four days. These exponentially shorter attack lifecycles can prompt higher impact attacks, as cybersecurity incident responders are left with very short windows of opportunity to detect and contain attacks. With "time to ransom" dropping to a matter of hours, it's essential that businesses prioritize rigorous testing of incident response (IR) playbooks ahead of time. But the report states that as many as 37% of organizations studied that have incident response plans don't test them regularly.

Hybrid Cloud Advantage
The report also showcased hybrid cloud environments as the most prevalent (45%) infrastructure amongst organizations studied. Averaging $3.8 million in breach costs, businesses that adopted a hybrid cloud model observed lower breach costs compared to businesses with a solely public or private cloud model, which experienced $5.02 million and $4.24 million on average respectively. In fact, hybrid cloud adopters studied were able to identify and contain data breaches 15 days faster on average than the global average of 277 days for participants.

The report highlights that 45% of studied breaches occurred in the cloud, emphasizing the importance of cloud security. However, a significant 43% of reporting organizations stated they are just in the early stages or have not started implementing security practices to protect their cloud environments, observing higher breach costs2. Businesses studied that did not implement security practices across their cloud environments required an average 108 more days to identify and contain a data breach than those consistently applying security practices across all their domains.

Additional findings in the 2022 IBM report include:

  • Phishing Becomes Costliest Breach Cause – While compromised credentials continued to reign as the most common cause of a breach (19%), phishing was the second (16%) and the costliest cause, leading to $4.91 million in average breach costs for responding organizations.
  • Healthcare Breach Costs Hit Double Digits for First Time Ever– For the 12th year in a row, healthcare participants saw the costliest breaches amongst industries with average breach costs in healthcare increasing by nearly $1 million to reach a record high of $10.1 million.
  • Insufficient Security Staffing – Sixty-two percent of studied organizations stated they are not sufficiently staffed to meet their security needs, averaging $550,000 more in breach costs than those that state they are sufficiently staffed.

Additional Sources

  • To obtain a copy of the 2022 Cost of a Data Breach Report, please visit: https://www.ibm.com/security/data-breach.
  • Read more about the report's top findings in this IBM Security Intelligence blog.
  • Sign up for the 2022 IBM Security Cost of a Data Breach webinar on Wednesday, August 3, 2022, at 11:00 a.m. ET here.
  • Connect with the IBM Security X-Force team for a personalized review of the findings: https://ibm.biz/book-a-consult.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development, and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide. For more information, please check www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

Press Contact:

IBM Security Communications
Georgia Prassinos
gprassinos@ibm.com

1 Cost of a Data Breach Report 2022, conducted by Ponemon Institute, sponsored, and analyzed by IBM
2 Average cost of $4.53M, compared to average cost $3.87 million at participating organizations with mature-stage cloud security practices

IBM Corporation logo. (PRNewsfoto/IBM)

Cision View original content to obtain multimedia:https://www.prnewswire.com/news-releases/ibm-report-consumers-pay-the-price-as-data-breach-costs-reach-all-time-high-301592749.html

SOURCE IBM

Tue, 26 Jul 2022 17:00:00 -0500 en-US text/html https://fox8.com/business/press-releases/cision/20220727NY26218/ibm-report-consumers-pay-the-price-as-data-breach-costs-reach-all-time-high/
Killexams : IBM Report: Consumers Pay the Price as Data Breach Costs Reach All-Time High

60% of breached businesses raised product prices post-breach; vast majority of critical infrastructure lagging in zero trust adoption; $550,000 in extra costs for insufficiently staffed businesses

CAMBRIDGE, Mass., July 27, 2022 /PRNewswire/ -- IBM (NYSE: IBM) Security today released the annual Cost of a Data Breach Report,1 revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations. With breach costs increasing nearly 13% over the last two years of the report, the findings suggest these incidents may also be contributing to rising costs of goods and services. In fact, 60% of studied organizations raised their product or services prices due to the breach, when the cost of goods is already soaring worldwide amid inflation and supply chain issues.

60% of breached businesses studied stated they increased the price of their products or services due to the data breach

The perpetuality of cyberattacks is also shedding light on the "haunting effect" data breaches are having on businesses, with the IBM report finding 83% of studied organizations have experienced more than one data breach in their lifetime. Another factor rising over time is the after-effects of breaches on these organizations, which linger long after they occur, as nearly 50% of breach costs are incurred more than a year after the breach.

The 2022 Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches experienced by 550 organizations globally between March 2021 and March 2022. The research, which was sponsored and analyzed by IBM Security, was conducted by the Ponemon Institute.

Some of the key findings in the 2022 IBM report include:

  • Critical Infrastructure Lags in Zero Trust – Almost 80% of critical infrastructure organizations studied don't adopt zero trust strategies, seeing average breach costs rise to $5.4 million – a $1.17 million increase compared to those that do. All while 28% of breaches amongst these organizations were ransomware or destructive attacks.

  • It Doesn't Pay to Pay – Ransomware victims in the study that opted to pay threat actors' ransom demands saw only $610,000 less in average breach costs compared to those that chose not to pay – not including the cost of the ransom. Factoring in the high cost of ransom payments, the financial toll may rise even higher, suggesting that simply paying the ransom may not be an effective strategy.

  • Security Immaturity in Clouds – Forty-three percent of studied organizations are in the early stages or have not started applying security practices across their cloud environments, observing over $660,000 on average in higher breach costs than studied organizations with mature security across their cloud environments.

  • Security AI and Automation Leads as Multi-Million Dollar Cost Saver – Participating organizations fully deploying security AI and automation incurred $3.05 million less on average in breach costs compared to studied organizations that have not deployed the technology – the biggest cost saver observed in the study.

"Businesses need to put their security defenses on the offense and beat attackers to the punch. It's time to stop the adversary from achieving their objectives and start to minimize the impact of attacks. The more businesses try to perfect their perimeter instead of investing in detection and response, the more breaches can fuel cost of living increases." said Charles Henderson, Global Head of IBM Security X-Force. "This report shows that the right strategies coupled with the right technologies can help make all the difference when businesses are attacked."

Over-trusting Critical Infrastructure Organizations
Concerns over critical infrastructure targeting appear to be increasing globally over the past year, with many governments' cybersecurity agencies urging vigilance against disruptive attacks. In fact, IBM's report reveals that ransomware and destructive attacks represented 28% of breaches amongst critical infrastructure organizations studied, highlighting how threat actors are seeking to fracture the global supply chains that rely on these organizations. This includes financial services, industrial, transportation and healthcare companies amongst others.

Despite the call for caution, and a year after the Biden Administration issued a cybersecurity executive order that centers around the importance of adopting a zero trust approach to strengthen the nation's cybersecurity, only 21% of critical infrastructure organizations studied adopt a zero trust security model, according to the report. Add to that, 17% of breaches at critical infrastructure organizations were caused due to a business partner being initially compromised, highlighting the security risks that over-trusting environments pose.

Businesses that Pay the Ransom Aren't Getting a "Bargain"
According to the 2022 IBM report, businesses that paid threat actors' ransom demands saw $610,000 less in average breach costs compared to those that chose not to pay – not including the ransom amount paid. However, when accounting for the average ransom payment, which according to Sophos reached $812,000 in 2021, businesses that opt to pay the ransom could net higher total costs - all while inadvertently funding future ransomware attacks with capital that could be allocated to remediation and recovery efforts and looking at potential federal offenses.

The persistence of ransomware, despite significant global efforts to impede it, is fueled by the industrialization of cybercrime. IBM Security X-Force discovered the duration of studied enterprise ransomware attacks shows a drop of 94% over the past three years – from over two months to just under four days. These exponentially shorter attack lifecycles can prompt higher impact attacks, as cybersecurity incident responders are left with very short windows of opportunity to detect and contain attacks. With "time to ransom" dropping to a matter of hours, it's essential that businesses prioritize rigorous testing of incident response (IR) playbooks ahead of time. But the report states that as many as 37% of organizations studied that have incident response plans don't test them regularly.

Hybrid Cloud Advantage
The report also showcased hybrid cloud environments as the most prevalent (45%) infrastructure amongst organizations studied. Averaging $3.8 million in breach costs, businesses that adopted a hybrid cloud model observed lower breach costs compared to businesses with a solely public or private cloud model, which experienced $5.02 million and $4.24 million on average respectively. In fact, hybrid cloud adopters studied were able to identify and contain data breaches 15 days faster on average than the global average of 277 days for participants.

The report highlights that 45% of studied breaches occurred in the cloud, emphasizing the importance of cloud security. However, a significant 43% of reporting organizations stated they are just in the early stages or have not started implementing security practices to protect their cloud environments, observing higher breach costs2. Businesses studied that did not implement security practices across their cloud environments required an average 108 more days to identify and contain a data breach than those consistently applying security practices across all their domains.

Additional findings in the 2022 IBM report include:

  • Phishing Becomes Costliest Breach Cause – While compromised credentials continued to reign as the most common cause of a breach (19%), phishing was the second (16%) and the costliest cause, leading to $4.91 million in average breach costs for responding organizations.

  • Healthcare Breach Costs Hit Double Digits for First Time Ever– For the 12th year in a row, healthcare participants saw the costliest breaches amongst industries with average breach costs in healthcare increasing by nearly $1 million to reach a record high of $10.1 million.

  • Insufficient Security Staffing – Sixty-two percent of studied organizations stated they are not sufficiently staffed to meet their security needs, averaging $550,000 more in breach costs than those that state they are sufficiently staffed.

Additional Sources

  • To obtain a copy of the 2022 Cost of a Data Breach Report, please visit: https://www.ibm.com/security/data-breach.

  • Read more about the report's top findings in this IBM Security Intelligence blog.

  • Sign up for the 2022 IBM Security Cost of a Data Breach webinar on Wednesday, August 3, 2022, at 11:00 a.m. ET here.

  • Connect with the IBM Security X-Force team for a personalized review of the findings: https://ibm.biz/book-a-consult.

About IBM Security
IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM Security X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development, and delivery organizations, monitors 150 billion+ security events per day in more than 130 countries, and has been granted more than 10,000 security patents worldwide. For more information, please check www.ibm.com/security, follow @IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

Press Contact:

IBM Security Communications
Georgia Prassinos
gprassinos@ibm.com

1 Cost of a Data Breach Report 2022, conducted by Ponemon Institute, sponsored, and analyzed by IBM
2 Average cost of $4.53M, compared to average cost $3.87 million at participating organizations with mature-stage cloud security practices

IBM Corporation logo. (PRNewsfoto/IBM)

Cision

View original content to obtain multimedia:https://www.prnewswire.com/news-releases/ibm-report-consumers-pay-the-price-as-data-breach-costs-reach-all-time-high-301592749.html

SOURCE IBM

Tue, 26 Jul 2022 21:33:00 -0500 en-AU text/html https://au.news.yahoo.com/ibm-report-consumers-pay-price-040100294.html
M2150-768 exam dump and training guide direct download
Training Exams List