What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2024-04-15 06:00:31 | Comment la protection d'identification de la preuve peut vous aider à répondre aux exigences de conformité CMMC How Proofpoint Impersonation Protection Can Help You Meet CMMC Compliance Requirements (lien direct) |
The Cybersecurity Maturity Model Certification (CMMC) program enforces the protection of sensitive unclassified information that the U.S. Department of Defense (DoD) shares with its contractors and subcontractors. Threat actors know how to hijack your trusted organization communications. They can impersonate you, your brand or your organization partners. And they can make a nice profit doing it. The FBI\'s 2023 Internet Crime Report notes that last year\'s adjusted losses from organization email compromise (BEC) cases exceeded $2.9 billion-up 7.4% from 2022. Bad actors use spoofed domains, lookalike domains, compromised supplier accounts and other tactics in their attacks. So it\'s important to keep communications with trusted partners, customers and suppliers safe. This should be a top focus for government agencies and the organizations that they work with since they are key targets for bad actors. Proofpoint helps you mitigate the risk of impersonation abuse with a holistic, multilayered approach. With Proofpoint Impersonation Protection, you can: Protect your organization\'s communications from impersonation threats Stop attackers from impersonating your brand Detect and defend against risky suppliers, including compromised supplier accounts Secure user and application emails so that they can be trusted We help our federal and defense industrial base customers with Level 3 CMMC controls around the Risk Assessment (RA) and Identification and Authentication (IA) Practices. Here\'s how. CMMC overviews for Level 3 controls In this section, we match CMMC compliance requirements with the capabilities of Proofpoint Impersonation Protection. CMMC Level 3 – Risk Assessment Practice RA.L3-3.11.1e – Threat-Informed Risk Assessment CMMC compliance requirement Employ threat intelligence, at a minimum from open or commercial sources, and any DoD-provided sources, as part of a risk assessment to guide and inform the development of organizational systems, security architectures, selection of security solutions, monitoring, threat hunting and response and recovery activities. RA.L3-3.11.3e – Advanced Risk Identification CMMC compliance requirement Employ advanced automation and analytics capabilities in support of analysts to predict and identify risks to organizations, systems and system components. RA.L3-3.11.6e – Supply Chain Risk Response CMMC compliance requirement Assess, respond to and monitor supply chain risks associated with organizational systems and system components. RA.L3-3.11.7e – Supply Chain Risk Plan CMMC compliance requirement Develop a plan for managing supply chain risks associated with organizational systems and system components; update the plan at least annually, and upon receipt of relevant cyber threat information, or in response to a relevant cyber incident. How Proofpoint Impersonation Protection meets the Risk Assessment (RA) Practice needs above Proofpoint Nexus Supplier Risk Explorer gives you insights into supplier risk. This includes threats where attackers are impersonating your agency as well as compromised suppliers and third parties. Supplier Risk can also be used as part of a vendor risk management process when sourcing and choosing new vendors/suppliers. Proofpoint provides visibility into supply chain threats, lookalike detection, and impersonations of your brand with Supplier Risk and Domain Discover. This helps to create the supply chain risk plans that are needed to comply with CMMC. Supplier Risk Explorer identifies supplier domains and shows you which suppliers pose a risk to your organization. As noted above, Supplier Risk Explorer assesses the risk level of supplier domains by evaluating several dimensions, including: Threats sent to your organization Threats sent to other Proofpoint customers The lookalikes of supplier domains Whether a domain was recently registered Whether a domain has a DMARC reject policy By ranking an | Threat Industrial Prediction Commercial | ★★ | |
|
2024-04-02 09:34:09 | ProofPoint en tête de KuppingerCole Leadership Compass pour la sécurité des e-mails Proofpoint Tops KuppingerCole Leadership Compass for Email Security (lien direct) |
Email is the primary threat vector for cybersecurity threats. And these days, many malware, phishing and social engineering schemes target your people. The 2023 Verizon Data Breach Investigations Report notes that 74% of all data breaches include a human element. Threats are constantly evolving, too. It doesn\'t matter how sophisticated or complex your business is, it is a daunting task to protect your people from modern threats. At Proofpoint, we understand how critical it is for any business to protect its people from today\'s email threats. That\'s why we innovate every day. Recently, the industry has once again recognized our efforts to help our customers protect their people and their businesses. This time, our email security was recognized by major industry analyst firm KuppingerCole. Here is what they said about Proofpoint Threat Protection-and what makes it stand out from the competition. Proofpoint named an Overall Leader KuppingerCole just named Proofpoint an Overall Leader in the KuppingerCole Leadership Compass for Email Security Report, 2023. This is the third time in the past year that our email security has been named a leader by a major industry analyst firm. This recognition “triple crown” is the direct result of our commitment to helping businesses protect their people from modern email threats and change user behavior for the better. It keeps us innovating year after year. In the report from KuppingerCole, Proofpoint Threat Protection received the highest “strong positive” rating in all categories, including: Security Functionality Deployment Interoperability Usability With its ratings, KuppingerCole positioned Proofpoint as a leader in all evaluation categories, including product, technology, innovation and market. KuppingerCole named Proofpoint a leader in the product, technology, innovation and market categories. What makes Proofpoint stand out Here is a closer look at how we can help you protect your people from advanced email threats. Stop the widest variety of threats with accuracy Proofpoint uses a multilayered detection stack to identify a wide array of email threats with accuracy. Because we have a broad set of detection technology, we can apply the right technique to the right threat. For example, we have robust sandbox technology to detect URL-based threats, like quick response codes (QR Codes) and behavioral analysis for business email compromise (BEC) and telephone-oriented attack delivery (TOAD) threats. Our machine learning (ML) and artificial intelligence (AI) models are trained by our experts using one of the richest sets of data in the industry. This ensures we provide superior accuracy. Every year, we analyze more than 3 trillion messages across our 230,000+ customer, global ecosystem. Our modular detection stack enables agility and speed to adapt to changes in the threat landscape. It allows us to quickly deploy new models to address new threats like BEC, TOAD and QR Codes. And it enables us to tune our existing detection models more frequently. Prevent email threats before they reach your people\'s inboxes Predelivery detection from Proofpoint stops known and emerging threats at the front door of your business-not after they are delivered. Proofpoint threat intelligence and research found that nearly 1 in 7 malicious URL clicks happen within one minute of an email\'s arrival. That\'s why predelivery protection is so critical. If a threat ends up in your users\' inboxes, it increases your risk of a cyberattack or data breach. We analyze all messages, links and attachments with our robust detection stack before they can reach an inbox. This analysis, combined with our predelivery sandboxing and behavioral analysis of suspicious QR codes, allows us to stop malicious messages before they become a risk to your business. Gain actionable insights into your human risks Proofpoint quantifies your people\'s risk so that you can prioritize budget and resources to focus o | Data Breach Malware Threat Mobile Commercial | ★★★ | |
|
2024-01-24 06:00:39 | 5 Common Privilege Escalation Attack Techniques with Examples (lien direct) | Privilege escalation is often a top aim for cybercriminals as they traverse the attack chain to exploit your IT crown jewels. It lets them achieve critical steps in the attack chain, like maintaining persistence and moving laterally within an environment. Once they\'ve initially compromised a host, they will seek to acquire higher privileges to gain access to valuable assets and create other mischief or damage. This blog post explains why privilege escalation is a significant challenge for today\'s businesses. We also present five common techniques, along with brief examples of each. And we offer a real-world example to underscore how bad actors use privilege escalation as a key intermediary step to carry out attacks. Understanding privilege escalation In cybersecurity, privilege escalation is the process by which an attacker gains access or permissions on a system that is at a higher level of privilege than what they had at the time of the initial compromise. Attackers look to escalate privileges in one of two ways. They either do this horizontally or vertically. Horizontal example This approach involves an attacker moving laterally within a network by compromising accounts at the same privilege level. As they move across the network, they can discover more targets and find more valuable data or systems. Here\'s an example of how a horizontal privilege escalation attack might unfold: An attacker uses stolen credentials to access a host with regular privileges within a company\'s network. The attacker identifies a file server within the network that has sensitive data. Multiple users can access it, but they can only read and write files. The attacker takes advantage of this shared access. They modify files within the shared file system, injecting malicious code or replacing critical configuration files. This activity may go unnoticed for a time because legitimate users regularly modify files on the shared file server. As other users interact with the compromised files, the attacker can increase the number of compromised accounts and hosts, collect sensitive data and prepare to launch a more widescale attack. Vertical example In this approach, attackers exploit identity vulnerabilities within a system or application to escalate their privileges from a basic user account to a privileged user. They might use social engineering tactics like phishing at first to trick users into handing over their login credentials. Here is how a vertical privilege escalation attack might play out: An attacker uses a compromised user account to gain access to a targeted system. They identify a known vulnerability in an application or service that is running on the system. The attacker creates and deploys an exploit to take advantage of this vulnerability. In this case, they take advantage of a flaw in the code that allows a user to escalate privileges without being authorized. The attacker can now change their privileges to a higher level, like system admin. Now that they have a lot of control over the system, the attacker can carry out a range of malicious actions. For example, they might change system configurations or steal data. Why it is important to prevent privilege escalation attacks The examples above make it clear that privilege escalation-enabled attacks can have a significant impact on businesses. To underscore the risk further, here are several other reasons these attacks are a cause for concern: Unauthorized access to and exposure of sensitive data Compromised user accounts and user identities Manipulated systems and configurations Disrupted business operations Data tampering and manipulation, such as with ransomware Legal and regulatory repercussions Reputational damage 5 Common privilege escalation attack techniques and examples Now that you understand the two main categories of privilege escalation and why you must be vigilant in defending against these techniques, let\'s look at five tactics that bad actors might use in | Tool Vulnerability Threat Commercial | ★★★ | |
|
2024-01-24 06:00:39 | (Déjà vu) 5 Techniques d'attaque d'escalade communes avec des exemples 5 Common Privilege Escalation Attack Techniques with Examples (lien direct) |
Privilege escalation is often a top aim for cybercriminals as they traverse the attack chain to exploit your IT crown jewels. It lets them achieve critical steps in the attack chain, like maintaining persistence and moving laterally within an environment. Once they\'ve initially compromised a host, they will seek to acquire higher privileges to gain access to valuable assets and create other mischief or damage. This blog post explains why privilege escalation is a significant challenge for today\'s businesses. We also present five common techniques, along with brief examples of each. And we offer a real-world example to underscore how bad actors use privilege escalation as a key intermediary step to carry out attacks. Understanding privilege escalation In cybersecurity, privilege escalation is the process by which an attacker gains access or permissions on a system that is at a higher level of privilege than what they had at the time of the initial compromise. Attackers look to escalate privileges in one of two ways. They either do this horizontally or vertically. Horizontal example This approach involves an attacker moving laterally within a network by compromising accounts at the same privilege level. As they move across the network, they can discover more targets and find more valuable data or systems. Here\'s an example of how a horizontal privilege escalation attack might unfold: An attacker uses stolen credentials to access a host with regular privileges within a company\'s network. The attacker identifies a file server within the network that has sensitive data. Multiple users can access it, but they can only read and write files. The attacker takes advantage of this shared access. They modify files within the shared file system, injecting malicious code or replacing critical configuration files. This activity may go unnoticed for a time because legitimate users regularly modify files on the shared file server. As other users interact with the compromised files, the attacker can increase the number of compromised accounts and hosts, collect sensitive data and prepare to launch a more widescale attack. Vertical example In this approach, attackers exploit identity vulnerabilities within a system or application to escalate their privileges from a basic user account to a privileged user. They might use social engineering tactics like phishing at first to trick users into handing over their login credentials. Here is how a vertical privilege escalation attack might play out: An attacker uses a compromised user account to gain access to a targeted system. They identify a known vulnerability in an application or service that is running on the system. The attacker creates and deploys an exploit to take advantage of this vulnerability. In this case, they take advantage of a flaw in the code that allows a user to escalate privileges without being authorized. The attacker can now change their privileges to a higher level, like system admin. Now that they have a lot of control over the system, the attacker can carry out a range of malicious actions. For example, they might change system configurations or steal data. Why it is important to prevent privilege escalation attacks The examples above make it clear that privilege escalation-enabled attacks can have a significant impact on businesses. To underscore the risk further, here are several other reasons these attacks are a cause for concern: Unauthorized access to and exposure of sensitive data Compromised user accounts and user identities Manipulated systems and configurations Disrupted business operations Data tampering and manipulation, such as with ransomware Legal and regulatory repercussions Reputational damage 5 Common privilege escalation attack techniques and examples Now that you understand the two main categories of privilege escalation and why you must be vigilant in defending against these techniques, let\'s look at five tactics that bad actors might use in | Tool Vulnerability Threat Commercial | ★★★ | |
|
2023-12-29 08:35:15 | Pointpoint de preuve nommé fournisseur représentatif en 2023 Gartner & Reg;Guide du marché pour la gouvernance des communications numériques Proofpoint Named as a Representative Vendor in 2023 Gartner® Market Guide for Digital Communications Governance (lien direct) |
It has been more than a year since Gartner retired its Magic Quadrant for Enterprise Information Archiving, which it had published for many years. When it first happened, many of us from the compliance, e-discovery and archiving world wondered what research would come next. Now the wait is over. On November 13, 2023, Gartner unveiled its new Market Guide for Digital Communications Governance (DCG). And it named Proofpoint as a Representative DCG solution Vendor. Gartner says, “Gartner retired the Magic Quadrant for Enterprise Information Archiving in 2022. This DCG research recognizes the rise in communication tool complexity and demand from clients to seek guidance on the selection of vendors and solutions that specialize in communications governance.” The Gartner Market Guide presents a “definition, rationale and dynamics” for the DCG market and a list of Representative Vendors. It is now up to clients to download the Market Guide so that they can learn more about digital communications governance. And they can refer to Gartner recommendations as they look into DCG solutions that will work best for their business. In this blog post, I go over some of initial coverage of DCG by Gartner. I also provide insights into some of the key points that are made in the new report. Assessing a strategic planning assumption Gartner specifies two strategic planning assumptions in the Market Guide. Here is a look at the first one: “By 2027, 40% of enterprise customers will proactively assess workstream collaboration and meeting solution content for corporate policy and general business insights, up from less than 5% in 2023.” We believe this seems reasonable at face value if you apply it to businesses that operate in regulated industries like financial services. But I question its validity if the intent is to expand it to all verticals. Customers that use a DCG solution as a way to improve their litigation readiness will likely find the deployment of a supervision/surveillance solution for “corporate policy and general business insights” to be a “nice to have,” not a “must have.” I suspect that, in general, these customers will agree to the value in principle. But they will struggle to gain executive sponsors and budget in the absence of: Regulatory mandates that compel relevant action, like the Financial Industry Regulatory Authority (FINRA) or the U.S. Securities and Exchange Commission (SEC) for financial services Widely accepted performance statistics, such as archive search performance or archive system availability It will be interesting to revisit this assumption in 2027. At that point, we\'ll see how much progress has been made on the regulatory and statistics fronts-and the percentage of enterprise customers. Compliance risk versus security risk In the Market Direction section of the report, under “Compliance risk versus security,” Gartner states, “Most frequently used for adherence to compliance use cases, solutions are expanding to broader uses in security risk.” No vendor will do integrations simply because they are cool ideas. They need compelling use cases and business cases. However, with Proofpoint you have a single vendor that offers leading technology for both digital communications governance and security. To learn more about these platforms, check out Proofpoint Aegis threat protection and the Proofpoint Sigma information protection. For more than 15 years, we have provided innovative solutions to address compliance use cases as well as security use cases. Most of the customers we work with who use Proofpoint Intelligent Compliance offerings are Proofpoint security customers, as well. The use of machine learning to improve supervision and surveillance Gartner addresses the use of these technologies in the Market Analysis section of the Market Guide, under “Supervision and surveillance capabilities.” It says, “The results can be used for improved automated monitoring/tagging, and accuracy and efficiency outcomes | Tool Threat Commercial | ★★ | |
|
2023-11-30 07:23:34 | Améliorations aux solutions fédérales de preuvepoint: un nouveau moteur de détection AI / ML, mises à jour du tableau de bord TAP et plus Enhancements to Proofpoint Federal Solutions: A New AI/ML Detection Engine, Updates to the TAP Dashboard and More (lien direct) |
ProofPoint a fait plus d'investissements dans notre plate-forme de protection contre les menaces AEGIS cette année qui peut aider à soutenir nos clients et partenaires de nos agences fédérales dans leurs missions.Ce blog donne un aperçu de certaines de ces innovations et améliorations récentes.
Moteur comportemental de supernova
En octobre, nous avons commencé à déployer le moteur comportemental Supernova pour Proofpoint FedRamp Reptection Environments.Supernova est une pile de détection de pointe qui utilise l'intelligence artificielle avancée et l'apprentissage automatique pour arrêter les menaces en temps réel.
Non seulement Supernova arrête le spam, mais il protège également contre les menaces qui ne comptent pas sur des logiciels malveillants, comme les compromis par courrier électronique (BEC), la fraude des fournisseurs et les attaques de livraison d'attaques axées sur le téléphone (TOAD).Il détecte également les menaces basées sur les logiciels malveillants, comme les ransomwares.Et il analyse les messages de phishing avant la livraison afin qu'ils ne soient jamais livrés aux utilisateurs.
Le moteur comportemental Supernova utilise la langue, les relations, la cadence et le contexte pour détecter les anomalies et prévenir les menaces en temps réel en utilisant l'IA / ML.
Avec cette récente version, Supernova est désormais disponible pour tous les clients de la sécurité des e-mails de ProofPoint à travers le monde.Il s'agit d'une mise à niveau de pile de détection gratuite qui est intégrée dans notre plate-forme plus large.Vous pouvez en savoir plus sur le moteur comportemental Supernova ici.
Autres investissements de point de preuve qui profitent aux clients fédéraux
Supernova n'est pas le seul nouveau déploiement.Ce sont des améliorations de produits supplémentaires qui soutiennent la communauté du gouvernement fédéral et ses missions:
FedRamp Email Gateway (Proofpoint à la demande, alias FedPod).Nous avons mis à niveau FedPod pour aligner la parité des fonctionnalités plus étroitement avec nos environnements commerciaux.Cela comprend des améliorations des balises d'avertissement de messagerie de preuves et du cercle de confiance de ProofPoint.
Tableau de bord de protection contre les attaques ciblés par FedRamp (TAP).Désormais, le tableau de bord TAP comprend un résumé détaillé de la menace.Il présente des informations sur les menaces sur les principales menaces à l'échelle mondiale et au sein de votre agence ou de votre verticale.Ceci s'ajoute aux vulnérabilités et aux expositions courantes (CVE) que nous organisons à partir de nos analystes émergents des données de renseignement des menaces et des analystes de renseignements sur les menaces de preuve.
Solutions de point de preuve pour le gouvernement fédéral
Il existe des centaines de clients fédéraux qui utilisent des dizaines de solutions sur site et cloud de Proofpoint.Ce ne sont que quelques-uns:
Département américain de la défense
La base industrielle de la défense
La communauté du renseignement
Agences civiles fédérales
Intégrateurs de systèmes fédéraux
ProofPoint a obtenu la certification modérée FedRamp dans ces quatre solutions basées sur le cloud:
Protection de la protection des e-mails
ProofPoint Email Data Loss Prevention (DLP)
Tap de point de preuve
Archivage de preuves
Apprendre encore plus
Les missions de l'agence fédérale sont sous attaque constante.Et les agences sont confrontées à une tâche intimidante: ils doivent mettre en œuvre des mesures qui protègent les données vitales tout en permettent à leurs employés de réaliser leurs missions.Le point de preuve peut aider.
Pour plus de détails sur la façon dont Proofpoint aide à protéger les agences gouvernementales fédérales, consultez cette solution brève.Vous pouvez en savoir plus sur nos solutions gouvernementales ici.
Proofpoint has made more investments in our Aegis threat protection platform this year that can help support our federal agency customer |
Ransomware Spam Malware Vulnerability Threat Industrial Cloud Commercial | ★★ |
1
We have: 6 articles.
We have: 6 articles.
To see everything:
Our RSS (filtrered)
