US cybersecurity services firm continues expansion into Latin America.

**Scottsdale, Ariz., Jan. 10, 2023 --** Cerberus Sentinel (NASDAQ: CISO), an industry leader as a managed cybersecurity and compliance provider, based in Scottsdale, Ariz., announced that it has signed a definitive agreement for the acquisition of RAN Security, a cybersecurity company with headquarters in Buenos Aires, Argentina, and offices in Chile, Peru, Bolivia, and Paraguay. Under the terms of the agreement, RAN Security will become a wholly owned subsidiary of Cerberus Sentinel. The transaction is expected to close later in the year, subject to the satisfaction of customary closing conditions, including applicable regulatory approvals.

RAN Security provides a broad range of secured managed services to organizations across South America. Roberto Tursi, CEO, will continue to manage the company's team of professionals and will work closely with the leadership team in Latin America. 

“RAN Security expands our growth strategy in Latin America and adds to our SOC/managed detection and response services,” said David Jemmett, CEO and founder of Cerberus Sentinel. “Cybersecurity requires global capabilities to properly address the security demands of businesses and organizations. RAN Security is an excellent cultural fit with the Cerberus Sentinel family of companies.”

“We are excited to join forces with Cerberus Sentinel and lead the future revolution of new security services,” said Roberto Tursi, RAN Security founder and CEO. “We believe joining the Cerberus Sentinel family of companies will result in our ability to deliver a more trusted security experience. Innovation, quality of services, and knowledge are values that we share with Cerberus Sentinel.”

RAN Security will continue to be based in Argentina. It is part of a growing network of companies acquired by Cerberus Sentinel in Latin America, including Arkavia, CUATROi, and NLT, to meet the cybersecurity needs of organizations across the continent.

Cerberus Sentinel announced plans on Dec. 22 for a corporate rebrand and launch. At the heart of the rebranding is a change of the company name to CISO Global, Inc., website, and an update to its corporate logo. The new brand identity marks another major milestone in the evolution of Cerberus Sentinel, embodies the enthusiasm of its employees, and it is indicative of a company on the move.

Reflecting its growth since 2019 on three continents, including North America, South America, and Europe, Cerberus Sentinel leaders believe that creating a strong parent brand in the marketplace is essential while ensuring the new identity matches the global enterprise the company is actively becoming.

**About Cerberus Sentinel**

Cerberus Sentinel is an industry leader as a managed cybersecurity and compliance provider. The company is rapidly expanding by acquiring world-class cybersecurity, secured managed services, and compliance companies with top-tier talent that utilize the latest technology to create innovative solutions to protect the most demanding businesses and government organizations against continuing and emerging security threats and compliance obligations.

**Safe Harbor Statement**

This news release contains certain statements that may be deemed to be forward-looking statements under federal securities laws, and we intend that such forward-looking statements be subject to the safe-harbor created thereby. Such forward-looking statements include, among others, our expectation regarding the closing of the RAN Security acquisition; our expectation that the CEO of RAN Security will continue to manage the company’s team of professionals and will work closely with the leadership team in Latin America; our belief that RAN Security expands our growth strategy in Latin America and adds to our SOC/managed detection and response services; our belief that cybersecurity requires global capabilities to properly address the security demands of businesses and organizations; our belief that RAN Security is an excellent cultural fit with the Cerberus Sentinel family of companies; our belief that we will lead the future revolution of new security services; the belief that RAN Security joining the Cerberus Sentinel family of companies will result in the ability to deliver a more trusted security experience; our plans for a corporate rebranding and launch; and our belief that creating a strong parent brand in the marketplace is essential while ensuring the new identity matches the global enterprise the company is actively becoming.  These statements are often, but not always, made through the use of words or phrases such as "believes," "expects," "anticipates," "intends," "estimates," “predict,” "plan," “project,” “continuing,” “ongoing,” “potential,” “opportunity,” "will," "may," "look forward," "intend," "guidance," "future" or similar words or phrases. These statements reflect our current views, expectations, and beliefs concerning future events and are subject to substantial risks, uncertainties, and other factors that could cause actual results to differ materially from those reflected by such forward-looking statements. Such factors include, among others, risks related to our ability to raise capital; our ability to increase revenue and cash flow and become profitable; our ability to recruit and retain key talent; our ability to identify and consummate acquisitions; our ability to acquire, attract, and retain clients; and other risks detailed from time to time in the reports filed with the Securities and Exchange Commission, including the Annual Report on Form 10-K for the fiscal year ended December 31, 2021 and the Quarterly Report on Form 10-Q for the quarter ended June 30, 2022. You should not place undue reliance on any forward-looking statements, which speak only as of the date they are made. Except as required by law, we assume no obligation and do not intend to update any forward-looking statements, whether as a result of new information, future developments, or otherwise.

Cerberus Sentinel to Acquire RAN Security

A paper by two dozen Chinese researchers maintains that near-future quantum computers could crack RSA-2048 encryption, but experts call the claims misleading.

A research paper that claimed a quantum breakthrough that could "challenge RSA-2048" encryption received significant attention in the past week, followed by significant criticism as experts weighed in.

The paper, titled "Factoring integers with sublinear resources on a superconducting quantum processor," proposes a general-purpose quantum algorithm combining two methods of optimization to speed up the process of discovering the prime factors of a given number — an operation that is central to traditional public-key encryption. 

The combination of a classical approach along with a quantum approach could allow RSA 2,048-bit public-key encryption to be decrypted much faster and would only require a 372-physical-qubit computer, according to the paper.

While the paper frames the research as a significant breakthrough — computer scientists love algorithms that reduce problems to sublinear time — quantum-computing experts began casting doubts on the two-dozen authors' claims in the past week. Scott Aaronson, the director of the University of Texas at Austin's Quantum Information Center, summarizes his opinion with three words: "No. Just No."

"The paper claims … well, it’s hard to pin down what it claims, but it’s certainly given many people the impression that there’s been a decisive advance on how to factor huge integers, and thereby break the RSA cryptosystem, using a near-term quantum computer," he says.

Quantum computers take advantage of the unique physics of quantum systems to probabilistically solve problems that would take exponential time and effort on the classical digital computers that the industry uses today. For information security professionals, quantum computers threaten to unravel the complex mathematics on which relies some widely used encryption, such as public key crypto-systems and elliptic curve cryptography.

To address the future threat of quantum computers, the National Institute of Standards and Technology (NIST) has developed post-quantum encryption algorithms that are just as difficult for quantum systems to decrypt.

**A Quantum Leap?**

With private industry investing significantly in various promising technologies, quantum computers have become much more capable. In November, for example, IBM announced the largest quantum computer to date at 433 qubits, a trebling of capability in a year.

The threat, however, remains some ways off, experts say.

"The theoretical ability of a quantum computer to perform ultrafast factorization of giant integers and thus match keys for a number of asymmetric crypto-algorithms — including RSA encryption — has long been known," cybersecurity firm Kaspersky said in a blog post this week. "So far, all experts have agreed that a quantum computer large enough to crack RSA would probably be built no sooner than in around a few dozen decades."

Given those expectations, the claims of the researchers from various academic institutions in China, if proved out, would have been a breakthrough. The researchers showed that their approach worked on a smaller problem on a 10-qubit computer, but Aaronson and others point out that the optimization techniques — known as Schnorr's algorithm and the Quantum Approximate Optimization Algorithm (QAOA) — on which the researchers relied remain unproven.

The researchers should demonstrate their technique by finding some of the larger primes in the RSA Factoring Challenge, a contest created in the early 1990s as a way to test new decryption algorithm, well-known cryptographer Bruce Schneier, now chief of security architecture at decentralized data security firm Inrupt, wrote in a blog poston the paper .

"Several times a year, the cryptography community received 'breakthroughs' from people outside the community," Schneier wrote. "In general, the smart bet is on the new techniques not working. But someday, that bet will be wrong. Is it today? Probably not."

**Paper Treated "Surprisingly Seriously"**

The paper claims that its approach is the least resource-intensive for the specific tasks involving factorization and that a physical 372-qubit computer could "challenge" RSA-2048. The researchers applied the technique to factoring 11-bit, 26-bit, and 48-bit integers.

Yet they concluded the paper on a tentative note.

"It should be pointed out that the quantum speedup of the algorithm is unclear due to the ambiguous convergence of QAOA," the authors stated in their conclusion.

Other quantum experts accused the researchers of burying the lead, producing "one of the most actively misleading quantum computing papers (in 25 years)," according to UT Austin's Aaronson.

"It seems to me that a miracle would be required for the approach here to yield any benefit at all, compared to just running the classical Schnorr's algorithm on your laptop," Aaronson says. "And if the latter were able to break RSA, it would’ve already done so."

Yet information security professionals should still expect a future where quantum computers pose a significant threat for pre-quantum encryption. While the Chinese research may not threaten information security at present, it will likely only be a matter of time before reasonable resources could yield encryption keys, as sustained and intensive research into breaking RSA or ECC continues, Michele Mosca, co-founder and CEO of evolutionQ, stated in an analysis of the paper.

"\[W\]e shouldn't procrastinate in moving along the complex migration to quantum-safe cryptography, including replacing RSA and ECC with standardized post-quantum algorithms," he said. "Further, new methods might also lead to advances in breaking the post-quantum algorithms, so we must also be ready to respond to this in a pragmatic way."

Quantum Decryption Breakthrough? Not So Fast

The cryptomining malware, which typically targets Linux, is exploiting weaknesses in an open source container tool for initial access to cloud environments.

A malware that typically targets Linux environments for cryptocurrency mining has found a new target: vulnerable images and weakly configured PostgreSQL containers in Kubernetes that can be exploited for initial access, Microsoft has found.

Kinsing is a Golang-based malware best known for its targeting of Linux environments, but Microsoft researchers recently observed the Kinsing malware evolving its tactics, Microsoft security researcher Sunders Bruskin divulged in a recently published report. 

Kubernetes, meanwhile, has become the standard open source tool for managing enterprise application deployment mainly because it's cost-effective, offers autoscaling, and can run on any infrastructure. Indeed, 85% of IT leaders consider Kubernetes "extremely important" to cloud-native strategies.

That Kinsing would begin to find new ways to exploit Kubernetes clusters is on brand for the malware, especially because Kubernetes, like the cloud itself, is notoriously difficult to secure. Attackers have found multiple holes in Kubernetes — including the discovery of more than 380,000 open Kubernetes API servers exposed on the Internet — that have made it open season on cloud environments that use the management platform. Threat actors are even using compromised Kubernetes clusters to launch further malicious attacks.

"Exposing the cluster to the Internet without proper security measures can leave it open to attack from external sources," Bruskin acknowledged in the post.

**Targeting Vulnerable Container Images**

One of the new ways Kinsing is targeting Kubernetes environments is by targeting images that are vulnerable to remote code execution (RCE), the researchers found. This allows attackers with network access to exploit the container and run their malicious payload, they said.

In their observations, Microsoft researchers observed several application images frequently infected with Kinsing malware, including PHPUnit, Liferay, Oracle WebLogic, and WordPress, Bruskin wrote.

A series of high-severity vulnerabilities in WebLogic that Oracle revealed in 2020 — CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883 — have become particular targets of attackers wielding the Kinsing malware, which goes after unpatched WebLogic server images, researchers said.

Attacks begin with scanning of a wide range of IP addresses, looking for an open port that matches the WebLogic default port (7001), Bruskin revealed.

"If vulnerable, attackers can use one of the exploits to run their malicious payload (Kinsing, in this case)," he wrote, using a malicious command.

**PostgreSQL in the Crosshairs**

Microsoft researchers also recently observed a significant amount of Kubernetes clusters running PostgreSQL containers that were infected with Kinsing. They attributed the infections to attackers targeting several common misconfigurations that expose these servers, they said.

One is to use the "trust authentication" setting to configure these containers, which means PostgreSQL will assume that anyone who can connect to the server is authorized to access the database with whatever database user name they specify.  
"However, in some cases, this range is wider than it should be or even accepts connections from any IP address (i.e. 0.0.0.0/0)," Bruskin explained in the post. "In such configurations, attackers can freely connect to the PostgreSQL servers without authentication, which may lead to code execution."

Some network configurations in Kubernetes also are prone to Address Resolution Protocol (ARP) poisoning, which allows attackers to impersonate applications in the cluster. This means that even specifying a private IP address in the "trust" configuration may pose a security risk, the researchers said. ARP is the process of connecting a dynamic IP address to a physical machine's MAC address.

Indeed, as a general rule, configuring a PostgreSQL container to allow access to a broad range of IP addresses is exposing it to a potential threat, Bruskin warned.

Even if administrators don't configure it using an unsecured "trust authentication" method, attackers can brute-force PostgreSQL accounts, use denial-of-service (DoS) or distributed DoS (DDoS) attackers on the container's availability, or exploit the container and the database itself to compromise Kubernetes clusters, he wrote.

**Protecting the Enterprise Cloud**

Researchers offered both general rules of thumb for enterprises implementing Kubernetes environments and specific mitigations to avoid exposing them to attacks that target vulnerable images and common PostgreSQL misconfigurations.

In general, security teams must remain aware of exposed containers and vulnerable images and try to mitigate the risk before they are breached, Bruskin advised.

"Regularly updating images and secure configurations can be a game changer for a company when trying to be as protected as possible from security breaches and risky exposure," he wrote.

To mitigate the risk of implementing containers with vulnerable images, organizations can take several steps when deploying an image to the container, the researchers said. The first is to ensure that the image is from a known registry and that it's been patched and updated to the latest version, they said.

Organizations should also scan all images for vulnerabilities, identifying which ones are vulnerable and what those vulnerabilities are, especially the ones that are used in exposed containers. Finally, the researchers said, minimizing access to the container by assigning access to specific IPs and applying the "least privileges" rule to the user can also prevent attackers from exploiting vulnerable images in Kubernetes environments.

Microsoft: Kinsing Targets Kubernetes via Containers, PostgreSQL

nVisium's cloud and application security experts join NetSPI to support, scale, and deliver the most comprehensive suite of offensive security solutions.

**MINNEAPOLIS****,** **Jan. 10, 2023** **/PRNewswire/ --** NetSPI, the leader in enterprise penetration testing and attack surface management, today announced the acquisition of nVisium to further scale its offensive security solutions and address heightened demand for human-delivered penetration testing. nVisium will support NetSPI's continued efforts to deliver strategic security testing solutions to enterprises.

nVisium is an authority in security testing, with an impressive track record of delivering cloud and application pentesting to Fortune 500 companies and well-known brands such as Carfax, 1Password, Bluescape, Deltek, EAB, and Trimble.

With the acquisition, NetSPI now has over 450 offensive security experts globally who can support and scale to meet the needs of current and future clients.

"Our decision to acquire nVisium comes down to one core factor: acquiring amazing talent," said Aaron Shilts, CEO at NetSPI. "We're bringing two brilliant, culturally-aligned, and complementary offensive security teams together who are committed to delivering the highest standard of penetration testing on the market today. I'm excited to see what nVisium and NetSPI can accomplish together."

NetSPI welcomes Jack Mannino, CEO and founder of nVisium, to its senior leadership team. He founded nVisium in 2009 on the foundation of inventing new and more efficient ways of protecting software and scaling secure development in the software development lifecycle (SDLC).

"NetSPI's market leadership and people-first culture are a natural complement to what we've built at nVisium. We're all-in on the mission to help organizations keep pace with their ever-evolving attack surface," added Jack. "By joining forces with NetSPI, we have a massive opportunity to expand the breadth and depth of solutions we deliver, improve the client experience, and introduce new growth opportunities to our employees."

This acquisition follows NetSPI's $410 million growth investment from KKR and the December 2020 acquisition of Silent Break Security. Visit www.netspi.com or contact us to learn more.

**About NetSPI:** 

NetSPI is the leader in enterprise penetration testing and attack surface management. Today, NetSPI offers the most comprehensive suite of offensive security solutions – penetration testing as a service, attack surface management, and breach and attack simulation. Through a combination of technology innovation and human ingenuity NetSPI helps organizations discover, prioritize, and remediate security vulnerabilities. For over 20 years, its global cybersecurity experts have been committed to securing the world's most prominent organizations, including nine of the top 10 U.S. banks, four of the top five global cloud providers, four of the five largest healthcare companies, three FAANG companies, seven of the top 10 U.S. retailers & e-commerce companies, and 50 percent of the Fortune® 50. NetSPI is headquartered in Minneapolis, MN, with global offices across the U.S., Canada, the UK, and India. Follow NetSPI on Facebook, Twitter, and LinkedIn. 

**About nVisium:**

nVisium empowers organizations to eliminate security vulnerabilities through proven in-depth assessments, remediation, and training programs. Our experienced team of security-savvy engineers help organizations establish best practices with high ROI for their engineering and development lifecycles. Through services, software solutions, and R&D, nVisium provides security support for applications, operating systems, networks, mobile, cloud, and IoT unique to business operations, compliance initiatives, and more. Additionally, nVisium offers instructor-led and online security training. Privately owned and founded in 2009, nVisium is headquartered in Falls Church, VA, and names Fortune 500 companies and household brands as customers.

NetSPI Acquires nVisium

New Add-On Empowers SOCs and MSPs to Automate & Orchestrate Incident Response for Microsoft 365.

**SAN FRANCISCO****,** **Jan. 10, 2023** **/PRNewswire/ --** Vade, the global leader in threat detection and response with 1.4 billion mailboxes protected, today announced the availability of Threat Intel & Investigation. An add-on for Vade's flagship product, Vade for M365, Threat Intel & Investigation provides the integrations, intel, and tools for SOCs and MSPs to investigate and respond to email-borne threats transiting through networks.

According to a 2021 report, breaches caused by phishing emails take an average of 213 days to be identified and another 80 days to be contained. This lag time gives cybercriminals the runway they need to conduct additional attacks on an organization, causing even more damage than the initial attack.

"Email is the #1 vector for cyberattacks," said Adrien Gendre, Chief Technology & Product Officer and cofounder at Vade. "Unfortunately, SOCs and MSPs don't always have visibility into how or when an email threat infiltrated their organization or how far it has spread throughout the network. The speed at which today's cybercriminals are working means that organizations cannot afford to lose precious time on incident response."

Vade for M365 is an AI-based email security solution for Microsoft 365 that catches the advanced phishing, spear phishing and malware threats that bypass Microsoft's native security. The Threat Intel & Investigation add-on for Vade for M365 features five core capabilities designed to empower SOCs and MSPs to automate investigations, orchestrate responses and move swiftly and with precision to live threats:

*   **File Inspector:** Deconstructs files and attachments directly in the Vade for M365 interface—without exposing administrators to risk. File Inspector reveals critical details about files and attachments, providing admins with the data required to make faster decisions, cross-check threats across networks and accelerate incident response across affected endpoints and users.
*   **Log Export:** Injects live email and event logs into any security management system, a powerful two-way integration powered by the Vade for M365 API. Connect Vade's email threat intelligence into your organizations' SIEM or SOAR to trigger automation playbooks and enhance your disaster recovery program.
*   **Reported emails:** Automates collection of user-reported emails and clusters similar, unreported emails in one dashboard, speeding user-based incident response and eliminating time-consuming, manual investigations. Receive alerts when users report emails via Outlook and quickly triage and remediate reported emails, similar emails, and forwarded emails with one click.
*   **Download emails/attachments:** Provides access to raw email intelligence for objective evaluation by threat analysts, saving precious time and resources that are typically wasted on searching for and analyzing raw email data.
*   **Add-on for Splunk:** Integrates Vade for M365 with Splunk without the need for custom software development. Combine Vade's threat intelligence with Splunk's SIEM and SOAR capabilities to have better visibility into the threat landscape and actionable insights with which to orchestrate rapid responses.

Vade partners and customers are already experiencing the benefits of Threat Intel & investigation, including Huntington Technology, a US-based MSP offering comprehensive managed services and managed security services:

"One of my helpdesk technicians excitedly came into my office last week. He asked if I had seen the new 'Reported emails' function within Vade," said William Bluford, Vice President, Huntington Technology. "He explained that we can now see which emails are reported as malicious. Not only can we see those emails, but we can see how many users are affected, and we can then remediate and remove those emails from all user mailboxes. This saves time for my helpdesk team and keeps our clients protected."

"Our customers have made clear that they need better visibility into their cybersecurity landscape," Gendre said. "They're challenged to monitor and manage threats from an array of end points, and IT is overburdened by too many complex tools. Threat Intel & Investigation was designed to give our customers the tools they need to thoroughly investigate threats, cross check those threats across their networks, and develop incident response processes—without the burden of complexity."

Threat Intel & Investigation on brings all these capabilities to Vade for M365. Vade's latest innovation will reduce incident response time, eliminate the need for additional security investments, and free up critical IT resources. Threat Intel & Investigation is available today in Vade for M365. To learn more, visit Threat Intel & Investigation.

**About Vade**

Vade is a global cybersecurity company specializing in the development of threat detection and response technology with artificial intelligence. Vade's products and solutions protect consumers, businesses, and organizations from email-borne cyberattacks, including malware/ransomware, spear phishing/business email compromise, and phishing.

Founded in 2009, Vade protects more than 1.4 billion corporate and consumer mailboxes and serves the ISP, SMB, and MSP markets with award-winning products and solutions that help increase cybersecurity and maximize IT efficiency.

To learn more, please visit www.vadesecure.com and follow us on Twitter @vadesecure or LinkedIn https://www.linkedin.com/company/vade-secure/.

SOURCE Vade

Vade Releases Advanced Threat Intel & Investigation Capabilities

2023 Security Service Edge (SSE) Adoption Report finds that SSE technology addresses key pain points including much-needed solution consolidation, transition to hybrid work and need for hardened security.

**PLANO, Texas****,** **Jan. 10, 2023** **/PRNewswire/ --** Axis, in partnership with Cybersecurity Insiders, released industry-first data with its 2023 Security Service Edge (SSE) Adoption Report. This report distills insights from 355 cybersecurity professionals on the migration from legacy access solutions such as Virtual Private Networks (VPNs) in light of the new hybrid workplace and the rapidly growing SSE market.

With 88% of organizations supporting a hybrid or remote work model, it's clear that the way people work has changed, thus organizations are realizing that the means in which secure access is achieved must also adapt.

**SSE is crowned queen when it comes to securing the modern workplace**

In just under two years since the term was first introduced, SSE has become immensely popular, with nearly three out of four cybersecurity professionals (71%) now familiar with the category. The study found that SSE now ranks as more critical than SSO, MFA, endpoint security, and SIEM when it comes to zero trust. Furthermore, 65% of organizations plan to adopt an SSE platform in the next 24 months, with 43% planning on implementing it before the end of 2023.

This year the industry will see SSE quickly become a top strategic initiative for organizations as it plays a major role in Secure Access Service Edge (SASE) adoption, and successful Zero Trust implementation. 67% state that they will start their SASE strategy with an SSE platform, compared to 33% with SD-WAN. One bonus statistic that was uncovered was regards to single-vendor SASE vs. multi-vendor SASE preference. The audience was split (~50% for each).

**The benefits of SSE for cost reduction and productivity are clear drivers of business adoption**

The impact of remote and hybrid work has led to the proliferation of security solutions for organizations. The research found that 63% of enterprises have 3 or more security solutions in use to enable access, while nearly a quarter leverage 6 or more. This contributes to an increase in costs to the business, and complexity in management. Respondents stated that complexity in access management ranked second, right behind the fact legacy access solutions grant too much inherent trust to users – when it came to top challenges.

SSE services provide a means of reducing costs and reliance on the internal appliance stack and external appliance stack in a new macroeconomic climate. The top two legacy solutions that enterprise security teams will look to replace with SSE will be VPN Concentrators (63%) for VPN, SSL inspection services (50%) and DDoS (44%) with data loss prevention services (42%) being a very close fourth place.

Cost reduction, high availability, and reliability, have long been benefits of cloud services. Hence, it was not surprising that 60% of respondents said that they prefer SSE services built on a public cloud backbone. In addition, there was overwhelming agreement that including Digital Experience Monitoring (DEM) is important for any SSE platform (90%). As teams evaluate SSE, they are prioritizing platforms with DEM capabilities.

As teams contemplate where they should begin utilizing SSE for their business, nearly 50% of organizations have decided to start by securing access for their remote and hybrid employees. And, given the mass adoption of hybrid work, this a logical starting point for the businesses.

"Uncovering this data shines light on the truth about SSE adoption in the context of SASE, the criticality of SSE compared to other zero trust ecosystem technologies, and the positive impact SSE has on business as they transform" said Dor Knafo, Co-founder and CEO of Axis. "We are even more excited to continue to build on our Atmos SSE platform for our customers, and deliver on the promise of SSE and SASE, as we continue our mission of harmonizing secure access for the modern workplace."

Read the full 2023 Security Service Edge Adoption report here

**About Axis Security**

Axis' vision is to bring harmony to workplace connectivity and that the sooner IT adopts zero trust, the sooner we can witness a world where the exchange of information is always fast, seamless, and secure. With 350 Axis cloud service edges across the world, Axis helps IT leaders enable their employees, partners, and customers to securely access business data without the pitfalls of network-centric solutions or application limitations that every other zero trust service faces. Through its world-class research and development and founding team which hails from Israel's acclaimed Unit 8200, Axis aims to accelerate the world's transition to a modern workplace where hybrid work is made simple, digital experience becomes a competitive advantage and business data remains protected from cyber threats even as it moves to the cloud. For more information, visit www.axissecurity.com. Follow us on Twitter and on LinkedIn.

SOURCE Axis Security

65% of Organizations Plan to Adopt a Security Service Edge Platform in Next 2 Years: Axis Security

401 distinct cloud apps shown to deliver malware; Microsoft OneDrive delivered 30% of all cloud malware downloads.

**SANTA CLARA, Calif.****,** **Jan. 10, 2023** **/PRNewswire/ --** Netskope, a leader in Secure Access Service Edge (SASE), today unveiled new research showing that over 400 distinct cloud applications delivered malware in 2022, nearly triple the amount seen in the prior year. Netskope researchers also found that 30% of all cloud malware downloads in 2022 originated from Microsoft OneDrive.

Cloud apps are widely used by businesses, a fact not lost on attackers, which view these apps as an ideal home for hosting malware and causing harm. The Cloud & Threat Report from Netskope Threat Labs examines how these cloud security trends are shifting and advises organizations on how to improve their security posture based on those shifts.

"Attackers are increasingly abusing business-critical cloud apps to deliver malware by bypassing inadequate security controls," said Ray Canzanese, Threat Research Director, Netskope Threat Labs. "That is why it is imperative that more organizations inspect all HTTP and HTTPS traffic, including traffic for popular cloud apps, both company and personal instances, for malicious content."

**Rise in Uploads to Cloud Apps Means Rise in Malware-Delivered Downloads** 

The most significant change in cloud application use in 2022, compared to 2021, was the marked increase in the percentage of users uploading content to the cloud. According to Netskope data, over 25% of users worldwide uploaded documents daily to Microsoft OneDrive, while 7% did so for Google Gmail and 5% for Microsoft Sharepoint. The drastic increase in active cloud users across a record number of cloud applications led to a sizable increase in cloud malware downloads in 2022 from 2021, after remaining close to flat in 2021 compared to 2020.

The correlation between uploads and downloads among the most popular apps is no coincidence. Nearly a third of all cloud malware downloads originated from Microsoft OneDrive, with Weebly and GitHub coming in the next closest among cloud apps at 8.6% and 7.6%, respectively. 

**Cloud-Delivered Malware Is Increasingly More Prevalent Than Web-Delivered Malware**

Industries have increased their reliance on cloud applications and cloud infrastructure to support business operations over the last several years—a trend further accelerated by the COVID-19 pandemic and a worldwide shift toward hybrid work. As a result, cloud-delivered malware is now responsible for a much higher percentage of all malware delivery than ever before, especially in certain geographic regions and industries.

In 2022, several geographic regions saw significant increases in the overall percentage of cloud vs. web-delivered malware compared to 2021, including:

*   Australia (50% in 2022 compared to 40% in 2021)
*   Europe (42% in 2022 compared to 31% in 2021)
*   Africa (42% in 2022 compared to 35% in 2021)
*   Asia (45% in 2022 compared to 39% in 2021)

In certain industries, cloud-delivered malware also became more predominant globally, especially:

*   Telecom (81% in 2022 compared to 59% in 2021)
*   Manufacturing (36% in 2022 compared to 17% in 2021)
*   Retail (57% in 2022 compared to 47% in 2021)
*   Healthcare (54% in 2022 compared to 39% in 2021)

**Cyber Preparedness: The Remote Workforce is Here to Stay**

Companies have made considerable adjustments to enable remote and hybrid workplaces to flourish. While some industries sought to bring employees back to the office on a more frequent basis in 2022, remote work options appear to remain largely in place. According to Netskope data, user dispersion—the ratio of the number of users on the Netskope platform to the number of network locations from which those users' traffic originates—is 66%, the same percentage it was at the start of the pandemic over two years ago.

Remote and hybrid work dynamics continue to pose multiple cybersecurity challenges, including how to securely provide users access to the company resources they need to do their jobs and how to scalably and securely provide users access to the internet.

Netskope recommends organizations take the following actions to avoid increased risk of security incidents stemming from cloud- and web-delivered malware:

*   Enforce granular policy controls to limit data flow, including flow to and from apps, between company and personal instances, among users, to and from the web, adapting the policies based on device, location, and risk.
*   Deploy multi-layered, inline threat protection for all cloud and web traffic to block inbound malware and outbound malware communications.
*   Enable multi-factor authentication for unmanaged enterprise apps.

Get the full Netskope Cloud and Threat Report: 2022 Year in Review here.

For more information on cloud-enabled threats and our latest findings from Netskope Threat Labs, visit Netskope's Threat Research Hub.

**About Netskope**

Netskope, a global SASE leader, is redefining cloud, data, and network security to help organizations apply zero trust principles to protect data. Fast and easy to use, the Netskope platform provides optimized access and real-time security for people, devices, and data anywhere they go. Netskope helps customers reduce risk, accelerate performance, and get unrivaled visibility into any cloud, web, and private application activity. Thousands of customers, including more than 25 of the Fortune 100, trust Netskope and its powerful NewEdge network to address evolving threats, new risks, technology shifts, organizational and network changes, and new regulatory requirements. Learn how Netskope helps customers be ready for anything on their SASE journey, visit netskope.com.

Netskope Threat Research: Malware-Delivering Cloud Apps Nearly Tripled in 2022

While it has been a perennial forecast that efficient universal quantum computers are “a decade away,” that prospect now seems a legitimate possibility. Organizations need to get ready now.

Public announcement of the 433-qubit IBM Quantum Osprey processor at the 2022 IBM Quantum Computing Summit on Nov. 9 represents another evolutionary milestone in the development of universal quantum computers. Not content with the increase in computational power provided by the Osprey quantum processor unit (QPU), IBM intends to release the 1,121-qubit Condor processor in 2023, followed by the Kookaburra platform with over 4,158 qubits in 2025. Kookaburra will exploit quantum parallelization of large processors, and its planned release will coincide with the availability of enhanced error-correction tooling that is essential for the practical application of IBM's vision of quantum-centric supercomputing.

The near prospect of scalable multi-QPU clustering, underpinned by growth in the size of universal quantum processors, means that increased attention must now be paid to the disruptive effects associated with quantum computing. While the research investment, technical skills, and operational considerations associated with the development of universal quantum computers suggest an adoption path analogous to that of digital supercomputers, with centralized availability of computing resources concentrated in the hands of wealthy corporations, international scientific collaboratives, and nation-states, the implications of the IBM development trajectory affect us all.

Back in 1994, two significant events in the history of quantum computing occurred when the publication of an algorithm by Peter Shor was followed in August of that year by the first NIST Workshop on Quantum Computing and Communication. Side-stepping the complex mathematics involved, in the context of the cryptographic methods we currently use to protect data, Shor’s algorithm established a method for efficiently resolving the prime factors of a given number using quantum computation. Lov Grover subsequently defined a different quantum mechanical algorithm in 1996 that delivers an exponential reduction in the time required to search for a discrete value within a list of possible alternatives.

Shor’s algorithm is significant because it provides an efficient means to derive the cryptographic keys on which modern public key cryptography depends, rendering established cryptographic methods such as RSA and Diffie-Hellman key exchange obsolete. Grover’s contribution affects existing data security practices because it reduces the effective bit-length security of symmetric AES cryptographic keys by half under a fault-tolerant quantum brute-force attack.

**It's Time To Get Ready for Quantum Computing****

The implications of universal quantum computers for our data security are well documented. Indeed, IBM reiterated the issues for data encryption in its announcement of the IBM Osprey QPU, commenting on the need for the industry to prepare for the inevitable impact now. It’s worth noting, however, that to defeat RSA 2,048-bit cryptography, approximately 6,190 fault-tolerant logical qubits would be needed — predicating parallel configuration of large QPUs. Even with computation resources at the necessary scale, the effective computational cost of breaking RSA 2048-bit encryption remains in excess of _1.17 megaqubitdays_ (i.e., 1.17 million qubits performing a prime factorization attack in a 24-hour period).

While it has been a perennial forecast that efficient universal quantum computers are “a decade away,” that prospect now seems a legitimate possibility. Neven's Law of double exponential improvement in quantum computational power may soon be observed in the pace of technical development. The 1994 NIST Workshop on Quantum Computing gave rise to the NIST Post-Quantum Cryptography Standardization project, which seeks to derive new cryptographic protocols that are resistant to quantum attacks and assume increased importance in the wake of the IBM Osprey announcement. The search for effective post-quantum cryptography (PQC) was advanced in July 2022, following the third round of algorithm evaluations, with the communication by NIST that four algorithms are candidates for standardization. The search continues, with a fourth round of evaluation now underway.

So, how should organizations heed the advice of IBM and providers of data security in order to adapt to the immanence of quantum-centric supercomputing? The first practical step is to recognize the implications of the new quantum paradigm and the importance of maintaining a flexible approach to developments in PQC. Under an expectation that universal quantum computers of the scale necessary to perform effective attacks on today's encrypted data will be concentrated in the hands of sufficiently capable service providers and nation-states, companies must consider that encrypted data appropriated today could be successfully decrypted in years to come.

The lifespan of data and its sensitivity must, therefore, be considered within contemporary risk assessments. Where exposure of data in the quantum era must be prevented, organizations should consider the adoption of the early candidate algorithms for NIST standardization. This requires the implementation of key management systems and cryptographic interfaces that retain the necessary agility should new PQC algorithms supersede the methods selected at this point in time. If standards change, or candidate protocols are found to be exploitable, it is vital that data can be encrypted to new levels of security, without constraint.

****Handle With Care**

A second, more cerebral, step in preparing for the impact of quantum computing at scale is to reflect on the way that quantum-centric supercomputing, as envisioned by IBM and others, will affect the way that sensitive data must be handled during processing. Whereas migration to public cloud services has yielded new operational models and economies of scale for customer organizations, it also has brought challenges in terms of the dual concerns regarding data sovereignty and retention of control over data security by the data owner. Understanding the additional implications for data security, and the competitive advantages to be gained from the adoption of quantum computing methods, should now be the focus of senior data and information security professionals and business leaders.

The NIST PQC Standardization project points to potential solutions to the quantum challenge to privacy and confidentiality that is rapidly approaching. Niels Bohr, one of the preeminent figures in the history of atomic physics, once said that if you are not shocked by the implications of quantum theory, then you have not understood it. The same could be said of the implications of universal quantum computers for global data security. Although the future remains opaque, it's certain that today's organizational leaders and technology providers must begin the path to the adoption of PQC. Their data depends on it.

Preparing for the Effects Of Quantum-Centric Supercomputing

Annual survey uncovers surprising data but warns against complacency.

**REDWOOD CITY, Calif.****,** **Jan. 10, 2023** **/PRNewswire/ --** Delinea, a leading provider of Privileged Access Management (PAM) solutions for seamless security, today published its 2022 State of Ransomware Report which finds that things may be looking up in the fight against ransomware. Cyber-attacks using the popular compromising tactic have declined significantly over the past 12 months compared to the previous year, and fewer companies are paying ransoms. Still, there are red flags in the annual report related to spending, planning, and using cybersecurity tools available to combat ransomware.

The survey of 300 US-based IT decision makers, conducted on Delinea's behalf by Censuswide, found that only 25% of organizations were victims of ransomware attacks over the past 12 months, a stunning 61% decline from the previous 12-month period when 64% of organizations reported being victims. Furthermore, the number of victimized companies who paid the ransom declined from 82% to 68%, which could be a sign that warnings and recommendations from the FBI to not pay ransoms are being heeded. Larger companies are much more likely to be victims of ransomware, as 56% of companies with 100 or more employees said they were victims of ransomware attacks.

Along with these positive results, the survey also raised concerns that a potentially reduced threat could lead to complacency. Budget allocations for ransomware are in decline, as only 68% of those surveyed said they are currently allocated budget to protect against ransomware versus 93% during the prior year. The number of companies with Incident Response Plans also declined from 94% to 71%, and only half are taking proactive, proven steps to prevent ransomware attacks such as enforcing password best practices (51%) and using Multi-Factor Authentication (50%).

"The reduction of ransomware attacks is an encouraging sign, but organizations need to make sure they keep their guard up against this constant, evolving threat," said Art Gilliland, CEO of Delinea. "Staying vigilant by maintaining a strong least privilege approach backed by stronger password protection, authentication enforcement, and access controls can help continue this downward trend."

The survey also revealed that the consequences of ransomware attacks are now more tangible, as more respondents specified that their companies lost revenue (56%) and customers (50%) compared to the previous year. Fewer organizations (43%) reported reputational damage as a result of being victims of a ransomware attack.

A complimentary copy of the 2022 State of Ransomware Report is available at delinea.com/resources.

**About Delinea**

Delinea is a leading provider of privileged access management (PAM) solutions that make security seamless for the modern, hybrid enterprise. Our solutions empower organizations to secure critical data, devices, code, and cloud infrastructure to help reduce risk, ensure compliance, and simplify security. Delinea removes complexity and defines the boundaries of access for thousands of customers worldwide. Our customers range from small businesses to the world's largest financial institutions, intelligence agencies, and critical infrastructure companies. Learn more about Delinea on LinkedIn, Twitter, and YouTube.

Delinea 2022 State of Ransomware Report Reveals That Attacks Are Down 61% From the Previous Year, and Ransom Payments Are Also on the Decline

Moving Analytics, leading provider of virtual cardiac rehabilitation and prevention, announced that it is launching single sign on authentication for its entire software platform.

**IRVINE, Calif.****,** **Jan. 9, 2023** **/PRNewswire-PRWeb/ --** Moving Analytics, leading provider of virtual cardiac rehabilitation and prevention, announced that it is launching single sign-on authentication for its entire software platform.

This means that any clinician user will require one set of login credentials from their host enterprise institution to gain access to the Moving Analytics application suite.

"Our single sign-on functionality enhances our patient data security, which is one of our top priorities," said Shuo Qiao, Chief Technology Officer for Moving Analytics. "Implementation of SSO enhances our ability to meet the needs of our enterprise clients."

The benefits are numerous, and include:

*   Increased Clinician Productivity: Instead of having to remember and manage multiple login credentials, clinicians will enter one username and password. This streamlined process will allow them to quickly log in, then move on to more important work.

*   Improved Security: When people try to remember multiple usernames and passwords, they are more apt to reuse passwords or write them down and store them in a way that's not secure. Single sign-on reduces these risks and protects data with one complex password.

*   Better user experience: Logging into various applications or accounts can be frustrating. With single sign-on, the login process is a simple experience, and there's no need to worry about forgetting or resetting multiple passwords.

"We are committed to being the best-in-class virtual cardiac rehab and prevention solution in the market and to increasing ease of use for our customers," said Harsh Vathsangam, CEO of Moving Analytics. "This feature is just one of many exciting features planned to achieve that mission."

**About Moving Analytics**

Moving Analytics is the leading national telehealth provider of remote cardiac rehab and cardiovascular prevention programs. The company combines evidence-based guidelines, behavioral science, remote monitoring and telehealth coaching to engage patients to adopt heart-healthy lifestyles and improve their wellbeing. Moving Analytics developed its programs in partnership with Stanford University, based on more than 30 years of published research. Patients in Moving Analytics' programs exercise more, have better medication adherence, lower blood pressure, lower rates of depression/anxiety, and lower rates of hospital readmission. Moving Analytics works with leading healthcare organizations including Veterans Affairs Administration, Healthcare Services Corporation, Highmark Health Plan, Capital District Physicians' Health Plan, Mayo Clinic and others.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

Source

DARKReading