Skip to main content
Monthly Archives

August 2022

The Sky-High Cost of a Cyber-Breach

By Blog

The Sky-High Cost of a Cyber-Breach

A new study by Kroll found that the financial toll suffered courtesy of a significant cyberattack has mushroomed. In most cases, the damage amounts to at least $5 million. About one third of companies said it cost them between $10 million and $25 million. 16% said it came to more than $25 million. This includes loss of market valuation. When a company is attacked, the PR fallout is widespread. Customers, partners, and investors become wary. Stock prices fall. Attribution rates increase. New contracts are more difficult to obtain. It takes time to ride the wave of negative publicity and return things to some kind of normalcy.

What were the top causes of incidents, according to the study? Business email compromise (BEC) via phishing scored high. 65% said it had become a problem in their organizations. 62% said the attack had come via the supply chain – an incident that originated with a third-party vendor. Publicly exposed databases were third with 53%, followed by insider threats at 41%, and ransomware at 33%. This survey, though, focused squarely on finance teams. This may have skewed results more toward BEC and away from other threats such as ransomware.

Overconfidence in High Places

Kroll also asked Chief Financial Officers about their confidence level in facing future attacks. The poll revealed what might be interpreted as a surprising level of overconfidence. While 87% expressed confidence in their organizations’ ability to thwart attacks, almost two third admitted that they had been subjected to at least three significant incidents in the previous 18 months. This stands in sharp contrast to how things are viewed from the Chief Information Security Officer (CISO) perspective. 66% of CISOs considered their organization to be vulnerable to cyberattack.

Some CFOs, then, may have their heads in the sand with regard to cybersecurity. The Kroll survey dug deeper: 60% of finance teams do not receive regular briefings on security team. 37% admitted that they had never received a single update about cybersecurity during their time with the company. Maybe this disconnect between CFO and CISO perception is one of the reasons that cybersecurity investment lags behind the rate of successful data breach. Yes, cybersecurity spending is increasing overall. 45% of organizations intend to raise security spending by 10% or more. Another 33% intend to increase it by less than 10%. For the rest, spending will either remain flat or will decrease.

Why would some plan to decrease the security budget? Cybersecurity spending in verticals like financial services has gradually been absorbing more and more of the IT budget in recent years. Per the survey, 82% devote more than 10% of their IT budget to security. 21% spend more than 20% on cybersecurity – yet the number of successful ransomware attacks, breaches, and data loss incidents continues to increase.

Clearly, it isn’t the quantity of spending that safeguards the organization. Spending in general needs to be smarter and more targeted. That’s where Syxsense Enterprise comes in. It takes endpoint security to another level by centralizes multiple point tools into one Unified Security and Endpoint Management (USEM) suite. It delivers real-time vulnerability monitoring and instant remediation for every single endpoint in your environment. It can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread. It can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 feature updates. IT and security teams can use Syxsense Enterprise to collaborate on the detection and closing of attack vectors. It offers management, control, and security for any and all desktops, laptops, servers, virtual machines, and mobile devices.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 31, 2022
Love0
Why Endpoint Management?

New Syxsense Zero Trust Delivers Industry’s Only End-To-End Solution for Zero Trust Solution.

By News, Press Release

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

Black Hat USA, Las Vegas – August 10, 2022 – Syxsense, a global leader in Unified Security and Endpoint Management solutions, today announced Syxsense Zero Trust, a new module within Syxsense Enterprise that enables endpoint compliance with Zero Trust Network Access policies (ZTNA).  Zero Trust initiatives require a hyper-focus on endpoint protection, but traditional authentication solutions lack the ability to evaluate device health, ensure granular policy compliance, and automate risk remediation. Syxsense’s new Zero Trust module was designed to serve as an organization’s “Trust Evaluation Engine” for endpoints. Not only does it offer unparalleled visibility and control over network access policies, but also enables security teams to build sophisticated access policies and remediation workflows to ensure ZTNA compliance.

 

“As organizations work to build a Zero Trust strategy, many are facing implementation challenges. One of those challenges is the ability to ensure that endpoints accessing the network are trustworthy and conform to policies. Most solutions simply accept or deny access without an understanding of the current Device Security Posture,” said Ashley Leonard, CEO of Syxsense. “In talking with customers, they wanted the ability to evaluate endpoint access for ZTNA based on policies and if not compliant, be able to apply fixes or remediate in real time to enable proper access. Syxsense Zero Trust does just that by allowing organizations to have full control of endpoints and automating the end-to-end process.”

 

The true power of Syxsense Zero Trust lies in three key areas. First, the granularity of hundreds of parameters IT can use to report and act on device compliance. For example, is a laptop accessing your NetSuite server after hours and with an IP address from an unfamiliar location? If so, block it. Second, the power to enforce compliance with Zero Trust policies prior to granting access on an asset-by-asset basis. And third, the automated remediation of non-compliant endpoints, which could include patching the system, enabling an antivirus tool and making sure it is up to date on patterns, emailing IT about unauthorized access, and much more. When combined with the simplicity of building policy playbooks quickly and simply using the powerful workflow orchestration and automation tool of Syxsense Cortex™, these tools give organizations a uniquely powerful endpoint evaluation and network access solution for Zero Trust.

The specific features of Syxsense Zero Trust include:

  • Complete visibility into all endpoints’ configuration and state of compliance using a single agent.
  • Build sophisticated access policies based on a large array of configuration and security parameters, setting unique policies for each individual corporate asset.
  • Automate the immediate enforcement of access policy requirements and remediation of non-compliant endpoints using the Syxsense Cortex remediation engine.
  • Verify trusted user authentication requests via the Syxsense console or optionally, connect with external multi-factor authentication (MFA) tools to provide a “go, no-go” security status of devices. For example, if a customer uses Duo, Okta, or other MFA tools, simply connect those tools with the Syxsense API and it will report compliance on each endpoint looking to access corporate assets.

 

Syxsense Zero Trust will be available for purchase in late September 2022, but attendees at Black Hat on August 10th and 11th can experience a product overview at the Syxsense booth #1272. For more information about Syxsense at Black Hat click here.

About Syxsense

Syxsense is a leading provider of innovative, intuitive endpoint security and management technology that combines the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices including mobile. Syxsense is the first unified security and endpoint management platform that centralizes the three key elements of endpoint security management (vulnerabilities, patch and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex,™ all through a single cloud-based platform, enabling greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. For more information, visit www.syxsense.com

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 30, 2022
Love0

MSPs Beware: Cybercriminals Are After You

By Blog

MSPs Beware: Cybercriminals Are After You

Cybercriminals are realizing that the richest pickings come when they can piggyback on other companies and use their software and services to infiltrate multiple other sites. The SolarWinds and Kaseya hacks were examples of supply chain hacks whereby the bad guys infected software that was then passed on to a many other enterprises.

Think about it from the criminal perspective. Why go to great lengths to phish and scam the systems of consumers, home users, or regular organization employees when you can gain more ground with one targeted attack. Accordingly, they are going after areas of the highest potential return. That’s why MSPs are now in the spotlight.

Online Criminal Ads in Chat Rooms

A recent report from Huntress showcased how hackers are advertising in criminal online forums, primarily in Russian. One ad said:

“Looking for a Partner for MSP processing. I have access to the MSP panel of 50+ companies. Over 100 ESXi, 1000+ servers. All companies are American and approximately in the same time zone.”

What is emerging is a raft of initial access brokers (IABs) – criminal groups that attempt to sell access to MSP clients and corporate networks. This is all part of the evolving cybercriminal supply chain. Instead of the extortion, ransomware, and having to spend time gaining a foothold inside prized networks, IABs do the initial donkey work. By relying on IABs, other criminal hacking groups can use the access rights provided to launch more sophisticated attacks that lock down entire systems. They are happy to pay a finder’s fee to IABs. Unfortunately, there are plenty of potential buyers.

On the IAB side, they gain money without too much risk. The major gangs are the ones directly extorting millions. They are more likely to fall afoul of the FBI and other agencies. IABs are probably regarded as small fry – akin to small-time street hustlers selling a relatively small amount of illegal drugs. The authorities are more interested in their suppliers and the criminal kingpins behind them.

IABs just focus on one skill: the art of gaining entry into secure networks by whatever means necessary. They look for outdated software, misconfigurations, and unpatched systems that they can exploit. They seek to lure gullible users into clicking on malicious links or attachments. They know how to use brute force techniques to crack the passwords of desirable users. Thus, the passwords of MSP service providers have now graduated into the highly prized category.

Imagine the embarrassment and the fallout if an MSP found itself responsible for infecting all its users due to malware hidden in its software or due to one of its email accounts being hacked? That’s why MSPs need to up their security game – and fast.

Security Starts at Home

MSPs are laser-focused on delivering services to their clients. In security, for example, they are keen to sell vital services to customers to help them secure their networks.

However, in light of recent events and the rise of IABs, MSPs are urged to begin with a thorough assessment of their own systems. The last thing an MSP needs is to find malware lurking in its own network. This could be catastrophic to customers.

Before offering Syxsense Enterprise to customers, therefore, it is strongly recommended that it be implemented internally. It takes care of vulnerability scanning, patch management, mobile device management, IT management, and included automatic remediation features. This enables the MSP to achieve a clean bill of health.

From that strong foundation, the MSP can reach out to its clientele to offer them the best unified endpoint security and management (USEM) suite on the market.

Set a great example internally for your customer base. Encourage them to implement Syxsense Enterprise today.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 24, 2022
Love0
Patch Management

Syxsense Enterprise Recognized as the Best Endpoint Security Solution in 2022 Tech Ascension Awards

By News, Press Release

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

ALISO VIEJO, Calif. August 23 2022 Syxsense, a global leader in Unified Security and Endpoint Management solutions, today announced that Syxsense Enterprise has been recognized as the Best Endpoint Security Solution in the 2022 Tech Ascension Awards. The awards recognize B2B and B2C companies and leaders that drive cutting edge, innovative technologies that solve critical challenges in the market.

Launched earlier this year, Syxsense Enterprise is the world’s first Unified Security and Endpoint Management (USEM) solution that delivers real-time vulnerability monitoring and facilitated remediation for every endpoint across an organization’s entire environment. It combines Syxsense Secure, Syxsense Manage, Mobile Device Manager, and newly released Zero Trust to deliver a completely unified platform that scans and manages all endpoints, resolves problems in real-time, and reduces the risks associated with system misconfigurations. This enables organizations to better predict, identify, and remediate endpoint vulnerabilities.

Tech Ascension recognized Syxsense Enterprise for addressing the three key elements of endpoint security – vulnerabilities, patch, and compliance. By layering on a powerful workflow automation tool called Syxsense Cortex™ , the platform remediates and eliminates endpoint security weaknesses – all through a single cloud-based, drag-and-drop management interface, with hundreds of prebuilt workflows. This includes the ability to identify software vulnerabilities in both OS and 3rd party applications, misconfigurations from open ports, disabled firewalls, ineffective user account polices and more.

As the market shifts to a hybrid workforce, the number of endpoints is growing exponentially, with corporate network-connected mobile endpoints rising,” said Ashley Leonard, CEO of Syxsense. “The need to manage and secure an increasing number of endpoints, including desktops, servers, virtual devices, mobile phones and other devices, is becoming more and more apparent as complex, sophisticated threats continue to grow. We are thrilled to be recognized by Tech Ascension for our work in endpoint security and look forward to continually evolving our product to keep up with the ever-changing security landscape.”

The Tech Ascension Awards recognized the very best innovations in cybersecurity. The Tech Ascension awards judged cybersecurity applicants based on technology innovation, market research, and competitive differentiators. The class-leading vendors that received recognition from these awards showcased technology that solves critical industry challenges and produces invaluable business outcomes for their customers.

“Organizations are now tasked with navigating the extreme security challenges of new remote and hybrid work environments while combatting a surge in emerging advanced threats,” said David Campbell, CEO, Tech Ascension Awards. “These recognized security industry leaders are producing innovative technology and services to drive cyber forward in a truly evolving digital environment.”

The key features of Syxsense Enterprise include:

  • Vulnerability Scanning – Prevent cyberattacks by identifying scanning authorization issues, security implementation problems, and antivirus status.
  • Patch Everything – Automatically deploy OS and third-party patches to remediate all endpoint vulnerabilities inside the network and on roaming devices outside the network.
  • Prove Compliance and Device Health – Document patching with reporting for risk assessments, vulnerable devices, task summaries and more. And scan and prioritize patching relative to risk exposure.
  • Quarantine Devices – Block communication for an infected device, isolate endpoints, and kill malicious processes before they impact the network.
  • Control All Mobile Devices – Oversee devices remotely, silently push OTA configurations, applications, and policies from iOS to Android to Windows and more.
  • Collaborate with Ease – IT and security teams can now collaborate in a single console to identify and close endpoint attack vectors quickly.
  • Newly introduced Zero Trust, the industry’s first end-to-end Zero Trust solution, allows granular access to corporate assets based on device security posture.

For more details on Syxsense Enterprise or to schedule a demo, visit: https://www.syxsense.com/gc-demo-syxsense

About Syxsense

Syxsense is a leading provider of innovative, intuitive endpoint security and management technology that combines the power of artificial intelligence with industry expertise to help customers predict and remove security threats across all devices including mobile. Syxsense is the first Unified Security and Endpoint Management platform that centralizes the three key elements of endpoint security management (vulnerabilities, patch and compliance) and layers on a powerful workflow automation tool called Syxsense Cortex,™ all through a single cloud-based platform, enabling greater efficiency and collaboration between teams. The always-on technology performs in real-time so businesses can operate free of disruption from security breaches that cripple productivity and expose them to financial risk and reputational harm. For more information, visit www.syxsense.com

 

 

About the Tech Ascension Awards 

The Tech Ascension Awards elevate companies that possess cutting-edge, innovative technology that solve critical challenges in their respective markets. Tech Ascension winners rise above the crowded consumer and enterprise technology industries and receive validation from an independent organization. Applicants are judged based on technology innovation and uniqueness, market research (analyst reports, media coverage, customer case studies), hard performance stats, and competitive differentiators. The awards recognize leaders in cybersecurity, DevOps, big data and consumer technology. For information about the Tech Ascension Awards, please visit www.techascensionawards.com.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 19, 2022
Love0

As the Data Explosion Ramps Up, Security Vulnerabilities Grow Exponentially

By Blog

As the Data Explosion Ramps Up, Security Vulnerabilities Grow Exponentially

Several new studies make it clear that the data explosion is far bigger than most people could ever have imagined. Some say that it has gone past the point where human ability alone can even comprehend it, never mind manage it.

Statista data indicates that the total amount of data created, captured, copied, and consumed globally will rise to more than 180 zettabytes (ZB) per year over the next five years. 74 ZB of new data was created in 2021 alone, up from 41 ZB in 2019.

In case your eyes glaze over when things go beyond a megabyte (MB): if you multiply a MB by roughly 1000 you get a gigabyte (GB). By another 1000 and you get a terabyte (TB), another 1000 to get a petabyte (ZB), and then yet another 1000 to arrive at a ZB.

To put it another way, the three massive buildings of the American Library of Congress in Washington DC that hold the more than 170 million books, manuscripts and other material – all of that amounts to only 15 TB.

Another study by Capital One states that we now create as much information every two days as we did from the beginning of time until 2003. And more than 90% of all data in the world was created in the previous two years, according to Ocient. That report highlights the fact that almost everyone

(97%) believes the volume of data they manage will grow rapidly over the next one to five years. As few are coping well with the current volume of data, this spells trouble ahead in both the data management and the security arenas.

The IoT is a Security Nightmare

And then there is the looming threat of the Internet of Things (IoT). According to Statista, there were 8.6 billion IoT connected devices in 2019. By the end of this year, the number will surpass 13 billion. By the end of the decade, we will arrive at around 30 billion.

That is a lot of devices. Add to it the billions of smart phones, laptops, PCs, tablets, servers, switches, routers, and other endpoints in the world and what do you have? A security nightmare of epic proportions.

Each one of those scores of billions of devices represents a potential channel of incursion into the enterprise. We have already heard stories of IoT-connected coffee makers, fridges, and cameras being used by hackers to infiltrate networks.

There is no certainty that the billions of new IoT devices and sensors heading our way will be secure. It is a hard pill to swallow, but security remains something that usually follows on the wake of innovation. Developers and product creators develop their tools, inventions, and game changers – and once the security vulnerabilities begin to become apparent, safeguards are developed and put in place. Thus, there is always a game of catch up.

That’s why Syxsense Enterprise is such a must have in every enterprise. It automates the entire process of managing, monitoring, patching, scanning and remediating endpoints anywhere. It provides the necessary level of automation to make it feasible for IT to manage a vast number of endpoints, and soon, an even larger number of IoT devices and sensors. A new study pointed out that 71% of CIOs in large organizations admit that the ongoing explosion of data is beyond human ability to manage. 59% demanded a more automated approach to IT operations to avoid their teams becoming overloaded. That’s where Syxsense comes in. It automates all aspects of endpoint management and security. It is the only way to stay on top of patches, vulnerabilities, and endpoint security.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 17, 2022
Love0
4 Big Trends in Mobile Device Management

Four Big Trends In Mobile Device Management

By Blog

Four Big Trends In Mobile Device Management

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

Mobility has progressed, in recent years, to the point where some enterprise users hardly ever need to use a laptop or desktop. Many CEOs, for example, only use their phone. Any desktop duties are typically referred to an executive assistant or secretary. Sales jobs, too, can often be accomplished to a greater degree via smartphone.

Certainly, there are many other jobs where this isn’t the case. But regardless of the title, mobile devices are taking up more and more of the enterprise workload. Mobile Device Management (MDM) technology has advanced to provide the processes and tools the mobile workforce needs to stay productive and secure. Further, MDM provides IT with the ability to more easily provision mobile devices, manage them, inventory them, and protect assets and data.

Here are four of the top trends in MDM:

BYOD

Bring Your Own Device (BYOD) was an inevitable consequence of the COVID-19 pandemic. With everyone ordering home almost overnight, IT had no alternative other than to allow employees to use the laptops, desktops, tablets, and smartphones they had at home or used for personal tasks. A few of the lucky organizations (or the ones with deeper pockets) had already provided all employees with a dedicated work laptop, tablet and/or smartphone. By doing that, IT could arrange role-based access to enterprise data and email, and provide services such as a secure VPN, GPS tracking, password-protected applications, and access to a host of enterprise security applications. Beyond that, mobile chaos became the norm. BYOD continues to predominate in many organizations.

This has made MDM a more important field than ever. IT policies may have been relaxed with regard to BYOD. But in tandem, IT has had to up its game in managing mobile devices. MDM has stepped into the breach. Organizations use MDM to remotely enroll personal devices into the enterprise systems. This allows them to monitor behavior, enforce security policies, and facilitate productivity, and detect threats and breaches.

MDM Innovation

The flood of money into MDM tools has encouraged the vendor community to innovate.
MDM solutions are becoming more sophisticated. Machine learning and AI are being incorporated to enable data and systems to be subjected to analysis. MDM systems are appearing that are able to assign or enroll devices with pre-programmed data profiles, VPN access, software, access privileges, and much more. IT now has the ability to track its dispersed workforce more easily, as well as monitor, troubleshoot, and decommission devices when the need arises. Some tools can even wipe device data in the event of theft, loss, or breach.

Virtual Reality

The marriage of MDM and various forms of virtual reality (VR) is opening new doors for field service, maintenance, and technically challenging occupations. For example, augmented reality (AR) tools are emerging that use special glasses, goggles, and headsets that allow field technicians and support personnel to compare physical equipment to digital specifications, job requests, and other information.
As the technician or field rep looks at the object, component, or system, a digital representation appears within their field of vision to verify it is the right valve to inspect, the correct place to weld, or the exact piece of equipment that needs to be removed. The best systems even allow a less experienced person to show a senior engineer (sitting far away) to see the job site so they can walk the other person through the task or answer questions.

MDM Meets Security

MDM has always had some interest in security. It was unavoidable. To manage mobile devices effectively means providing certain safeguards – if only alerting others in the enterprise to a potential situation. MDM is now heading one step further. It is merging more tightly with security applications. Syxsense, for example, provides MDM within a suite that includes integrated patch management, vulnerability scanning, security threat remediation, and IT management. This greatly enhances security while keeping mobile devices safe from malware and other cyber threats. IT can use the Syxsense Enterprise platform to spot anomalous behavior, detect strange activity at ports, at exfiltration attempts, and more.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 10, 2022
Love0
Unified Endpoint Management

Unified Endpoint Management Enters the Mainstream

By Blog

Unified Endpoint Management Enters the Mainstream

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

Once upon a time, there was anti-virus. Then anti-spam, adware, malware protection, ransomware protection, mobile device protection, and on and on. As new threats appeared, the vendor community came out with a fix.

According to Gartner, the big trend these days is to bring all, or many, of these tools together in one integrated package. Known as Unified Endpoint Management (UEM), Gartner analyst Dan Wilson says UEM is entering the mainstream. It has achieved a market penetration of between 20% and 50%, depending on the vertical and the size of the organization.

“Unified endpoint management (UEM) tools provide agent-based and agentless management of computers and mobile devices through an employee-centric view of endpoint devices running Windows, Google Android and Chrome OS, Apple macOS, iPadOS, and iOS,” said Wilson. “UEM tools apply for data protection, device configuration and usage policies using telemetry from identities, apps, connectivity and devices. They also integrate with identity, security and remote access tools to support zero trust.”

In essence, UEM consolidates a disparate collection of tools to bring greater simplicity to endpoint management. It streamlines a great many manually intensive tasks and processes across multiple devices, platforms, and operating systems. And the field continues to evolve. Beyond unified management of a few tools, it is heading more closely towards complete integration of identity, security and remote access services while beginning to a role in support for zero-trust security initiatives. Further, analytics, machine learning, and Artificial Intelligence (AI) are also gradually being incorporated to further the goals of end-to-end automation of scanning, deployment of agents, software, updates, and patches, and remediation of threats and other issues. This not only reduces IT overhead, it helps to improve the overall employee experience while greatly improving the organizational security profile.

Gartner listed some of the advantages:
• Location-agnostic endpoint management and patching.
• Enabling the anywhere workforce.
• Reduced total cost of ownership (TCO) of managing endpoint devices.
• Simplification of device management and support processes.
• Reduced security risk through support for more device types and OSs
• Enhances policy management.
• Integration with identity, security, and remote access tools.

“IT looks to simplify and streamline endpoint deployment, management and patching to enable provisioning of new devices for remote employees, improve device performance and reliability as well as visibility across the endpoint estate, and reduce security risk,” said Wilson.

Market Evolution
There are signs, though, that the market is evolving yet again. Two distinct branches are appearing.

• UEM tools focused on endpoint management and bringing together a diverse range of tools.
• Unified Endpoint Security to unify multiple security tools under one umbrella.

Syxsense Enterprise takes things a stage further. It unified UEM and UES to create the world’s first Unified Security and Endpoint Management (USEM) solution, delivering real-time vulnerability monitoring and instant remediation for every single endpoint in your environment, as well as IT management across all endpoints. This represents the future of threat prevention as it brings everything needed for endpoint management and protection onto one console. Breaches can be detected and remediated within a single solution. The Syxsense platform can scan for all vulnerabilities on any device, block communication from an infected device to the internet, isolate endpoints, and kill malicious processes before they spread. It can automatically prioritize and deploy OS and third-party patches to all major operating systems, as well as Windows 10 feature updates. IT and security teams can use Syxsense Enterprise to collaborate on the detection and closing of attack vectors. It offers management, control, and security for any and all desktops, laptops, servers, virtual machines, and mobile devices.
For more information, visit …

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 9, 2022
Love0

Flaws, Bugs, Zero Days, and Breaches: Welcome to the New Normal

By Blog

Flaws, Bugs, Zero Days, and Breaches: Welcome to the New Normal

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

Endless bad news typically results in people becoming inured to it. The recent media 24-7 death counts on COVID-19 caused many people to switch off. It was just too much. Rating plummeted at CNN and other networks.

In IT security, there is a danger of the same thing happening with reports of flaws, bugs, zero-day attacks, ransomware heists, and breaches. Hardly a day goes by without a new one. Some are more virulent than others. But all gain some kind of coverage. It quickly becomes too much. People tend to gloss over it and worse, get on with business as usual.

At Syxsense, therefore, as a public-spirited gesture, we will quickly summarize some of the recent carnage into one short report. Yes, it is important to know what is going on and where to be vigilant. But most importantly, it is vital to know that something can always be done about it. Those enterprises that are the least prepared are the ones that suffer the most in dangerous times like these.

Recent Flaws and Breaches
Here is an incomplete list of some recent news on security issues:

JFrog Security Research identified hundreds of malicious packages designed to steal personally identifiable information (PII) in a large-scale typo-squatting attack from Azure users. A similar supply chain attack targeting German industrial companies such as Bertelsmann, Bosch, Stihl, and DB Schenker uses the npm repository to take control over infected machines.

A C programming library for IoT products has been found to be vulnerable to Domain Name System (DNS) cache-poisoning attacks. The bug generates incremental transaction identifiers in DNS response and request network communications. Patches are being developed to resolve these issues.
Google issued a supply chain attack warning about open-source software. Despite being a proponent of open source, Google voiced its support for the Package Analysis Project of the Open Source Security Foundation (OpenSSF). The goal is to automate the detection of malware introduced into popular open source repositories such as npm for JavaScript and PyPl for Python.

Plug-ins and extensions for content management systems (CMSs) are being increasingly used to hijack websites. Sucuri’s 2021 Website Threat Research Report called attention to potential issues with WordPress, Joomla, and Drupal due to vulnerable plugins and extensions.

Hackers are getting more patient. One group stayed inside a network for 18 months before striking – quietly waiting for the right opportunity. The group is known as UNC3524 also installs backdoors so normal security tools can’t completely eliminate it. If IT finds the malware and removes it, the bad guys can reinstall it almost immediately.

Phishing success continues. One criminal set up a website to look like a U.S. Department of Defense site and diverted $23.5 million to his bank account that was supposed to go to a jet fuel supplier. And an owner of a nail salon in California tricked a public school district in Michigan into wiring its monthly health insurance payment of $2.8 million to his bank account. Meanwhile, LinkedIn has emerged as the new favorite of scammers, according to Check Point. Apparently, more than half of all phishing attacks in one month used LinkedIn. The goal is to obtain login credentials and take it from there. And of course, phishing campaigns now seek to capitalize on the latest Ukraine news to tempt people to click on a malicious link or attachment. Finally, Phishing-as-a-Service has emerged to make it easy for non-technical criminals to profit from phishing scams. One group provides phishing services aimed at Coinbase, Netflix, Amazon, and eBay users.

Ransomware claims more victims. NCC Group reported that ransomware attacks increased 53% from the previous month with Industrials (34%), Consumer Cyclicals (21%), and Technology (7%) being the most targeted areas. Examples: Coca-Cola suffered a server breach and a hacking group claims it stole 161 GB of data. The FBI warned that the agriculture sector is suffering ransomware attacks timed to coincide with spring planting or fall harvesting periods.

Industrial control systems (ICS) are a new target. An FBI investigation found that custom tools now exist that can gain access to ICS platforms and supervisory control and data acquisition (SCADA). This particularly applies to programmable logic controllers (PLCs) from Schneider Electric and OMRON Sysmac NEX, as well as Open Platform Communications Unified Architecture (OPC UA) servers. If undetected, hackers could gradually work their way up the food chain and potentially take over control of an energy facility/

A Java vulnerability known as CVE-2022-21449 allows an attacker to intercept communication and messages that should have been encrypted, such as SSL communication and authentication processes. Fixes are now available.

Enhance Your Security Now
Perhaps the worst news among all this is that the above summary represents a small fraction of ongoing hacks, breaches, and vulnerabilities. Now is the time to upgrade your security profile by implementing automated tools. Syxsense Enterprise is the world’s first Unified Security and Endpoint Management (USEM) solution, delivering real-time vulnerability monitoring and instant remediation for every single endpoint in your environment, as well as IT management across all endpoints.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 8, 2022
Love0
Mobility Linked to Surge in Cybercrime

Mobility Linked to Surge in Cybercrime

By Blog

Mobility Linked to Surge in Cybercrime

An endpoint ecosystem study by Mobile Mentor found a direct correlation between the rise in mobility and a recent surge in cybercrime. How can IT teams better manage the trade-off between endpoint security and the employee experience?

An endpoint ecosystem study by Mobile Mentor found a direct correlation between the rise in mobility and a recent surge in cybercrime. With the pandemic forcing people to work remotely and to rely on devices beyond the traditional desktop, the study found that cybercrime has jumped overall by 500% since the start of the COVID-19 era. Smartphones, laptops, and tablets became the tools of choice of the work-from-home (WFH) brigade. And this led to a much greater security risk, particularly in highly regulated industries.

The report highlighted a big area of difficulty for IT: the trade-off between endpoint security and the employee experience (EX). At one extreme, things can be made so secure that almost no one can access systems or communicate to anyone else. At the other end of the scale, everything is so easy to access that criminals waltz in unannounced and undetected, steal valuable data, take over user identities, gain administrative privileges, and drain corporate bank accounts.

Researchers make the point that the explosion in mobility and WFH overstretched the capabilities of many IT departments. Security, in particular, fell badly behind in an increasingly distributed and autonomous workforce world. Not only are companies getting hacked in far greater numbers, but employee frustration has risen sharply. They are resigning in greater numbers than we have seen for decades. A talent crunch is emerging right at a time when more staff are badly needed across all functions. IT and security teams are threadbare in many cases. And good IT team members can’t be counted upon to stay loyal as headhunters are always looking to lure them elsewhere with higher pay.

Study Findings
The study discovered that relatively few employees are aware of security risks and corporate policies addressing these risks. 27% of employees only view security policies once per year or less. Similarly, 39% receive security awareness training less than once per year. Out of sight, out of mind appears to be the case. Instead of constant reminders, they get a quick dose of security training or policy awareness which is soon forgotten.

In any case, 41% believe security policies restrict the way they work. They just don’t accept that they shouldn’t use a USB drive or that they should be deprived of convenient online services. For example, 53% consider that they are more efficient using Dropbox and Gmail than their approved corporate tools.

Passwords came up as another major bone of contention. 31% of people use a password management tool. The other 69% select passwords that are easy to remember. There is a link here to EX. Most users have countless passwords, pins, logins and security safeguards they are supposed to remember. For work, most have dozens of passwords when you factor in HR, production tools, financial systems, payroll, benefits, corporate intranet, VPN, and email. And then there are personal accounts which often have to be accessed during work hours such as preferred hotel sites, airlines, personal banking, personal email, and more.

The policy may require 10-character passwords and that Xd! must be included – and must be changed every month. But when so many passwords and characters are in play and password managers aren’t trusted due to being a single point of failure, sloppiness is inevitable.

Bring Your Own Device (BYOD) reared its head as another area of big risk. The study found the use of BYOD has surged over the past two years. These days, 64% of people use personal devices for work. Unfortunately, less than a third of organizations have instituted a program to enhance BYOD security. On top of that, shadow IT has become an even bigger issue. IT has lost control of the use of the approval process for apps. As they often don’t control the devices, they don’t know what’s been put on them. Even when they do have some control, the accessibility of cloud and SaaS resources can make it hard to know if some department head or staffer has subscribed to online services. Some may be very secure. But many aren’t.

Bottom line: 72% of employees values their personal privacy over company security. In such a climate, security must rise to the challenge. It must be comprehensive, but it must also not inhibit the user from performing their duties. By automating security and delivering it over the cloud, Syxsense Enterprise provides real-time vulnerability monitoring and instant remediation for every single endpoint in an environment. This represents the future of threat prevention. Breaches can now be detected and remediated within one endpoint solution, Syxsense.

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 5, 2022
Love0
passwords will get hacked be ready

Passwords Will Get Hacked: Be Ready

By Blog

Passwords Will Get Hacked: Be Ready

Business Email Compromise (BEC) breaches are turning into the go-to strategy for cybercriminals. What actions should you take?

May 5th of 2022 was celebrated as World Password Day. News stories were everywhere about how to improve password security, the best ways to implement multi-factor authentication, why a stronger password policy was needed, and what tools to use to better educate users. All represent vital actions and approaches. But they won’t be enough. According to a Google study, 24% of personal and professional accounts have used “password,” “Qwerty” or “123456” as their account password. “Admin” is another popular one. And, of course, people often use their date of birth, or that of their spouse, children, or grandchildren – all of these are easily hacked.

The same Google study found that only a third of users change their passwords frequently. Most of the rest hope to never have to change a password ever again. When forced to do so by adding yet more digits as well as capitals, numbers, and symbols, they often feel resentment. Instead of enhancing security, such security policies often have a contrary effect. Some users get even sloppier: Post-It note reminders in open view; and writing down passwords in a log, or in a document in a computer file.

Meanwhile, the bad guys have gotten smarter, faster, and more devious. They have password guessing algorithms that can crack soft passwords in no time at all. That’s why users are regularly prompted to add to more digits to their password. Six digits were once enough. Then eight. Now it is ten or more.

As the number of passwords increases and they become more and more complex, the current industry solution is to use a password management tool. But Google found that less than a third of people use them. Many don’t trust them as they have then no idea about any of their passwords should an emergency arise such as losing their phone or laptop. Thus, more than two-thirds of users continue to select passwords that are relatively easy to remember. Made to use ten digits, they often choose 1Password! to get around the latest security policy inconvenience.

Helpful tips are everywhere attempting to explain to users why they must change their habits. These tips all make sense: Don’t use sequential numbers or letters, avoid the use of your birth year/month/day; combine letters, numbers, and symbols and use unrelated words; avoid the names or words found in dictionaries; use a password manager, and don’t reuse passwords. Yet user habits are proving hard to break.

Password Breaches Are Inevitable
No matter the security policies set, the number of digits demanded, or the multiple authentication factors demanded, there is one sad, inconvenient, and inevitable truth. The bad guys are going to crack a password somewhere in the enterprise – or convince some gullible person to click on a malicious link or attachment. There is no avoiding this fact.

Despite that, organizations must continue to set good password and security policy, enforce it tirelessly, and add as many safeguards as they can to minimize the chances of password breaches. But they must understand, too, that a password somewhere or other will be hacked – and maybe it already has.

That’s why organizations must regularly scan the network and all devices for potential vulnerabilities. Vulnerability scanning is a proven way to prevent cyber security attacks. Scans will quickly detect any signs of a breach: where a password has been compromised, the back doors and ports re-configured by hackers, and any signs of data exfiltration attempts. IT can then prevent serious damage. By scanning authorization issues, security implementations, and antivirus status, vulnerability scans offer insights into any misconfigurations or compliance violations that may be present. By addressing these rapidly, the organization greatly reduces its attack surface and minimizes the chances of a breach.

The Syxsense vulnerability scanner is not only a complete security management package, but it is also effortless to employ with a user-friendly interface. As it is automated, that allows IT to focus on priority tasks while it scans and secures the system. Decide how often and for how long it should run, and the scanner runs monitors and secures the entire network at the pre-determined frequency and time. It also is available in an automated and integrated suite that includes patch management, mobile device management, and IT management.
For more information:

Syxsense demo

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
August 2, 2022
Love0