The Biggest Cybersecurity News
The security industry moves fast, and this week was no exception. The past seven days saw the launches of multiple new security products, as well as new partnerships and acquisitions to position vendors into new markets. Much of this week's news centered on VMworld 2017, being held in Las Vegas, with vendors forming new partnerships and launching new products around application security and virtualization. This week also saw updates on threats both new and old, with reports of a new massive spambot and recalls and court rulings over previously announced breaches. Here are 10 things you need to know.
VMware Launches AppDefense
VMware led the way with security moves at VMworld, rolling out its long-awaited cloud-based and virtual machine-based security offering. The company said the offering, formerly known as Goldilocks but now called VMware AppDefense, helps customers protect applications and infrastructure based on the VMware NSX software-defined networking platform. The platform includes a focus on applications, infrastructure security, and the overall ecosystem with technology vendor partnerships. Tying the platform to VMware NSX also allows AppDefense to capture and discover applications and determine their behavior, detect something going wrong with an application, and respond to attacks on applications.
Forcepoint Acquires RedOwl
Forcepoint kicked off the week with the news that it had acquired security analytics and user and entity behavior analytics (UEBA) company RedOwl. Terms of the deal were not disclosed. RedOwl offers UEBA technology that looks to analyze large amounts of data and human behaviors to pinpoint anomalies and threats. The company won the prestigious RSA Innovation Sandbox startup contest in 2014. In an interview with CRN, CEO Matt Moynahan said the acquisition builds on the Austin, Texas-based company's strategy to focus on "human-centric" elements of security, rather than traditional indicators of compromise. The two technologies are already integrated due to a previous partnership, but Moynahan said the technologies will be integrated further as a layer across all Forcepoint products.
Palo Alto Networks and Okta Team Up
Palo Alto Networks and Okta said this week at Oktane 2017 in Las Vegas that they were teaming up with a new enhanced partnership to bring further identity and access management capabilities to the network security vendor's platform. The move will secure organizations at the identity level and at the network, cloud and endpoint. Okta said the integration will simplify multifactor authentication enforcement before an event, as well as automate workflows with identity and user access to information in response. The integration brings deep identity capabilities to the Palo Alto Networks platform, Okta co-founder and COO Frederic Kerrest said, extending the company's perimeter approach to identity, which is the "new perimeter" of security. Okta fills that gap in the Palo Alto Networks portfolio, as the company invests in and builds out other areas of its portfolio, he said. The integration also builds on a push by Okta to form more deep technology integration partnerships, Kerrest said.
FDA Recalls 465,000 Pacemakers After Vulnerabilities Discovered
After earlier reports that found vulnerabilities in 465,000 pacemakers offered by Abbott (formerly St. Jude Medical), the FDA announced this week that it had recalled the medical devices. The vulnerabilities could allow hackers to reprogram devices, adjust operation or rapidly drain the battery. The FDA said those affected by the recall could update the firmware in the device instead of having to replace it entirely. Devices affected include the St. Jude Medical pacemaker and CRT-P devices named Accent, Anthem, Accent MRI, Accent ST, Assurity and Allure. The FDA said the recall did not affect cardiac defibrillators or cardiac resynchronization ICDs.
Spambot Discovered With 711 Million Emails
Reports of a new, massive spambot emerged Tuesday. The spambot, called Onliner, reportedly includes 711 million email accounts, including email addresses, passwords, and email servers to send spam. Most of the credentials appear to have come from other data breaches, as first reported by ZDnet. The significance of the spambot is that it can potentially allow more spam to get through to users as it is being sent from legitimate email addresses.
Bromium Secure App Extensions
Bromium at VMworld unveiled the launch of Bromium Secure App Extensions. The launch adds to the Bromium Secure Platform to extend its application protection capabilities to legacy applications. The offering uses virtualization for application isolation and control, making sure each legacy application is hardware-isolated in a micro-VM.
"Our customers describe legacy and often unsupported applications as one of their highest risks," Gregory Webb, Bromium CEO, said in a statement. "They know it's a problem, but these apps are often part of a company's DNA – to swap them out requires an incredible effort. They often have hundreds of these applications, and while organizations work to move them to the cloud or a modern infrastructure, they remain at risk."
Carbon Black Teams Up With VMware
Carbon Black said it was teaming up with VMware to bring together the company's endpoint security offerings with VMware's new AppDefense offering. Carbon Black said AppDefense can now leverage the company's Collective Defense Cloud feed to help classify applications. Carbon Black said the combined offerings include capabilities for behavioral controls of virtual and cloud environments, orchestration and automation, and converged operations.
"With AppDefense, VMware is redefining security for the software-defined data center," said Tom Corn, senior vice president of security products at VMware, in a statement about the partnership. "By working with Carbon Black, we are moving the industry toward a new security model and empowering customers to protect their virtualized environments from the latest advanced threats."
Kaspersky Lab Versus The FBI
The latest in the ongoing saga between Kaspersky Lab and the FBI this week was a report out Monday by Cyberscoop that U.S. spies believe the investigation is being mismanaged, including deliberate media leaks and overblown briefings. The report follows on one from the week prior, which said the FBI had been in talks with multiple private companies to urge them against signing a deal with the vendor, to varying degrees of success. It also builds on a growing contention between the two groups, with the FBI alleging Kaspersky has improper ties to the Russian government and Kaspersky vehemently denying the claims.
Yahoo Data Breach Update
On Thursday, a U.S. judge in San Jose, Calif. said Yahoo must face litigation surrounding its two massive data breaches that occurred between 2013 and 2016 and were brought to light in late 2016. The ruling follows up on Yahoo pushback that victims of the breaches, which affected 1 billion accounts and 500 million accounts, did not have standing to sue the vendor. The judge said Yahoo delayed disclosing the breach, which then delayed users in resetting their password and prolonging the impact. Users also faced increased costs around identity theft and data misuse. Yahoo was acquired by Verizon shortly after the breaches were disclosed for $4.76 billion and is now called Oath.
Unisys said Thursday that its Unisys Federal unit had teamed up with Computer Marketing Associates to expand its security offerings further into the public sector. The partnership surrounds Unisys' Stealth suite of security software, which includes micro-segmentation technologies for adaptive protection across users, data, applications and systems. Unisys said the new partnership will allow CMA to offer Unisys Stealth technology and professional services to its multiple contract vehicles with the federal government, including NASA's Solutions for Enterprise-Wide Procurement (SEWP) V small business contract and the NIH CIO-CS contract.
"By teaming with CMA, Unisys will be able to deliver its Stealth security solutions at unprecedented speed to meet government demands," Susan Becker, vice president of alliances at Unisys Federal, said in a statement. "This agreement provides a new avenue for all federal agencies to gain access to this critically important solution set to provide data and network protection where and when it is most needed."