Blog

Challenge

The Credit bureau with millions of loan and credit records was looking for automation tools to quickly respond on incidents, manage IT infrastructure and meet cyber security standards. Defensys solutions attracted Bureau’s attention, because they’re flexible, customizable and easy to work with. The Defensys SOAR and SGRC were chosen to meet the Company’s needs.

Implementation

As for the major part of our customers, Defensys’ team has integrated the SOAR and SGRC with an antivirus and AD. Furthermore, an integration with a data base was implemented to receive information regarding networks and equipment.

A challenging part for Defensys’s engineers was the integration with the platform, which is used as incident repository in the company. This platform also acts as the first line of the company’s SOC. Accordingly the Defensys SOAR has become the second SOC line. Due to this reason, the SOAR should constantly receive a lot of information, classify it, and save in its register. Limited integration functions of the Customer’s platform didn’t allow the Defensys team to implement a pre-installed connector, that’s why Defensys engineers managed to develop a customized integration to connect with the platform and transfer incident data to the SOAR.

More

Dear colleagues,

We are excited to announce that Defensys has released a new update of the Defensys SGRC Platform v. 5.4. Besides all the other features that will be highlighted soon, there is an update of the content base of the SGRC for our KSA customers and partners.

Beginning this month, Defensys SGRC includes the full set of 7 NCA controls, as well as the Guide to Essential Cybersecurity Controls implementation and Cybersecurity Toolkit, all readily available in the SGRC Documents library.

Furthermore, we are pleased to inform you that Defensys SGRC now supports SDAIA PDPL, which allows to launch compliance campaigns and assess how organization aligns with personal data protection requirements.

For more information on these enhancements, please do not hesitate to reach out to us.

Thank you for your continued support.

More

Cybersecurity News

• Apple has sent a new batch of threat notifications to users in 92 countries who may have been targeted by mercenary spyware attacks.
• Cybersecurity researchers have disclosed the first native Spectre v2 exploit against the Linux kernel on Intel systems. It could be used to read sensitive data from the memory.
• Researchers have found multiple vulnerabilities in LG webOS running on smart TVs that could allow attackers to gain root access to the devices.
• Google has introduced a new feature for its Chrome browser, which should eliminate, or at least minimize, memory corruption vulnerabilities.
• The U.S. HHS Department has warned that hackers can be using social engineering tactics to target IT help desks across the Healthcare and Public Health sector.
• An almost 6-year-old vulnerability in the Lighttpd web server used in Baseboard Management Controllers has been detected. The security issue could lead to the exfiltration of process memory addresses.
• Experts have discovered HTTP/2 protocol vulnerabilities, which can lead to DoS attacks. The flaws can be used to crash web servers with a single TCP connection in some implementations.

More

Cybersecurity News

• Experts has warned of info stealer malware targeting macOS users via malicious ads and rogue websites. One of the attacks relies on sponsored ads proposed to the users while searching for “Arc Browser” on Google.
• Cisco has notified its customers of password-spraying attacks that have been targeting Remote Access VPN services of Cisco Secure Firewall devices.
• Security vulnerabilities discovered in Dormakaba’s Saflok electronic RFID locks used in hotels could be weaponized by threat actors to forge keycards and stealthily slip into locked rooms.
• Scientists have identified a vulnerability inVirtual Reality headsets that could let hackers access private information without the wearers’ knowledge.
• Researchers have developed ZenHammer, the first variant of the Rowhammer DRAM attack. It works on CPUs based on recent AMD Zen microarchitecture that map physical addresses on DDR4 and DDR5 memory chips.
• Experts demonstrated a new side-channel attack, named GoFetch, against Apple CPUs. The attack could allow an attacker to obtain secret keys.
• Microsoft has released emergency out-of-band updates to fix a known issue causing Windows domain controllers to crash.

More

Cybersecurity News

• Researchers have demonstrated a new acoustic side-channel attack on keyboards. It can deduce user input based on their typing patterns, even in poor conditions, such as environments with noise.
• Three types of vulnerabilities that can possibly lead to data exposure and account takeovers have been discovered in ChatGPT. One of the vulnerabilities can be exploited to install malicious plugins on ChatGPT users.
• SIM swappers have adapted their attacks to steal a target’s phone number by porting it into a new eSIM card, a digital SIM stored in a rewritable chip present on many recent smartphone models.
• Researchers have warned that of the critical vulnerability CVE-2024-21762 in Fortinet FortiOS. This flaw could potentially impact 150,000 exposed devices.
• The financially motivated hacking group Magnet Goblin uses various 1-day vulnerabilities to hack servers and install malware. Windows and Linux systems are at risk.
• The threat actors behind the BianLian ransomware have been observed exploiting security flaws in JetBrains TeamCity software to carry out their extortion-only attacks.
• Hackers have been conducting widescale attacks on WordPress sites to inject scripts that force visitors’

More