Security Roundup: Formjacking, SecBI, Firemon, Palo Alto Networks
… none the wiser. So that’s really where they’re vulnerable: No. 1, the security of the website itself, and No. 2, the fact that third-party apps are often used on these sites.
CF: Does formjacking present a challenge or opportunity for security providers in the channel, with smaller organizations being targeted because their security may not be as strong as larger organizations?
KH: Absolutely. This is another thing that these smaller players need help with, that need the expertise coming from partners to help them protect themselves. There are things they can do around testing. These updates from some of the vendors they use for their website can monitor for suspicious behavior and look for code that’s maybe malicious and has been embedded on the site. They can protect against changes that are made to some of their content policies. But all of those things are probably well beyond the capability of the average retail site that’s running the web server. So they’re going to need help in protecting themselves against this.
CF: What are some other noteworthy findings of this report?
KH: We actually talk about overall attack numbers from ransomware and cryptojacking, which was a big deal last year — those numbers are going down, and that’s good. But what we’ve seen then, is as it goes down, the shift by the attackers has been to go after businesses. So ransomware in general is down, but there was actually a 12 percent increase in attacks against businesses — so that whole drop in attacks was consumer-[related] and businesses are actually more susceptible. And cryptojacking — we see attackers are going after organizations and businesses – again, as opposed to consumers – because they have more machines and more powerful machines. So again, those numbers are dropping, but that means the attacks are concentrating more toward businesses, and people are going to need help and good security partners to help protect them against those.
CF: Based on the report, is this year shaping up to be different than last year and previous years in terms of the threat landscape?
KH: In some ways yes, in some ways no. If we talk about last year or the year before, that was about people trying to get rich quick using cryptojacking. I think we’re going to see that now in formjacking. So it’s similar in that people are going to try to make money; the bad guys are doing this to make money, but it’s different in that they’re going to move on to whatever the latest thing that appears to give them the opportunity to make that money — and that appears to be formjacking.
SecBI Debuts New Tool for MSSPs
SecBI has unveiled an automated threat detection and response offering designed to help MSSPs maximize their productivity and scalability.
The solution automates both threat hunting – based on comprehensive network traffic analysis – and breach response. It offers: improved analyst productivity; automated and improved detection and remediation; integration with existing infrastructure; ease of scalability, with cloud-based, multitenant deployment; and deployment with minimal ramp-up time.
SecBI delivers automated threat detection and investigation for security operations centers (SOCs) and MSSPs.
“With cyberattacks becoming commonplace for every business size, the MSSP market is set to take off,” said Gilad Peleg, SecBI’s CEO. “However, the most successful MSSPs will be those that possess advanced breach detection and remediation expertise, as well as the tools to scale and increase …