Blog

Defensys announces the out-of-the box support of SAMA framework and GDPR since the current version of the SGRC platform. Now users can perform audits with these standards along with other preinstalled entities and add new requirements to the existing control checks framework.

“During the latest projects of the SGRC in the GCC region especially in the KSA we’ve seen the demand in compliance procedures with these frameworks, so we made it available for all our customers. These are not only lists of requirements but also customised assessment scales, fields for each of the requirements and a possibility to add these requirements into the existing control checks framework, when similar requirements from different standards are mapped with a control, that you assess once and this information is used by Defensys SGRC to automatically set the proper assessment for the requirement inside a specific compliance procedure with a specific standard.

And our customers still have the ability to add their own frameworks and check-lists just using Settings menu of the system without any programming. In our opinion this feature will help cybersecurity specialists to save even more time for performing compliance campaigns with all the local and worldwide standards.

More

Cybersecurity news

• Elementor, a WordPress website builder plugin with over five million active installations, has been found to be vulnerable to an authenticated remote code execution flaw, that could be abused to take over affected websites.
• Threat actors have launched a new marketplace called Industrial Spy that sells stolen data from breached companies, as well as offering free stolen data to its members. Industrial Spy promotes itself as a marketplace, where businesses can purchase their competitors’ data to gain access to trade secrets, manufacturing diagrams, accounting reports, and client databases.
• Hackers are increasingly targeting DeFi cryptocurrency platforms. In 2021 alone, about $3.2 billion worth of digital assets were stolen, which was already an explosion compared to previous years. The trajectory for 2022 looks to be even more aggressive, with almost $1.3 billion already stolen during the Q1 alone.
• Cisco has released a security advisory to warn about a critical vulnerability (CVSS v3 score: 10.0), tracked as CVE-2022-20695, impacting the Wireless LAN Controller software. The security flaw allows remote attackers to log in to target devices through the management interface without using a valid password.

More

Cybersecurity news

• Threat actors are abusing the popular Chocolatey Windows package manager in a new phishing campaign to install new ‘Serpent’ backdoor malware on systems of French government agencies and large construction firms.
• The Cybersecurity and Infrastructure Security Agency (CISA) has added a massive set of 66 actively exploited vulnerabilities to its catalog of ‘Known Exploited Vulnerabilities’. These flaws have been observed in real cyberattacks against organizations, so they are published to raise awareness to system administrations and serve as official advisories for applying the corresponding security updates.
• A new remote access trojan (RAT) named Borat has appeared on darknet markets, offering easy-to-use features to conduct DDoS attacks, UAC bypass, and ransomware deployment. As a RAT, Borat enables remote threat actors to take complete control of their victim’s mouse and keyboard, access files, network points, and hide any signs of their presence.
• Taiwan-based network-attached storage (NAS) maker QNAP warned that most of its NAS devices are impacted by a high severity OpenSSL bug. Attackers can exploit the vulnerability, tracked as CVE-2022-0778, to trigger a denial of service state and remotely crash unpatched devices.

More

Defensys took part in the main information security event in the Gulf region – the GISEC-2022 exhibition, which was held on March 21-23 in Dubai, United Arab Emirates (UAE).

During the GISEC-2022, Defensys team presented key products of its own ecosystem: SOAR Platform, Security GRC Platform, Threat Intelligence Platform, and SENSE – high-tech products for building SOC, automating cybersecurity processes, and early detection of suspicious activities. In addition, visitors of Defensys’s booth were the first ones to see the presentation of the new Defensys Threat Deception Platform (TDP) product, a set of technologies for digital imitation of IT infrastructure for detecting intruders and preventing attacks at early stages.

At the event, Defensys experts held quite a lot of business meetings with our existing clients in the Middle East market, discussed current projects and possible further development of a business cooperation. In addition, many distributors and IT companies, who are particularly careful about what information technology vendors they add to their product portfolios showed interest in the expertise of Defensys.
Throughout the days of the exhibition, the guests of the Defensys stand were invited to take part in the discussions on the latest trends in the field of cybersecurity and received qualified answers to their questions.

More

Cybersecurity news

• A phishing kit has been released that allows red teamers and wannabe cybercriminals to create effective single sign-on phishing login forms using fake Chrome browser windows. When signing into websites, it is common to see the option to sign with Google, Microsoft, Apple, Twitter, or even Steam.
• A new Linux vulnerability known as ‘Dirty Pipe’ allows local users to gain root privileges through publicly available exploits. The vulnerability is tracked as CVE-2022-0847 and allows a non-privileged user to inject and overwrite data in read-only files, including SUID processes that run as root.
• HP has disclosed 16 high-impact UEFI firmware vulnerabilities that could allow threat actors to infect devices with malware that gain high privileges and remain undetectable by installed security software. These vulnerabilities affect multiple HP models, including laptops, desktop computers, PoS systems, and edge computing nodes.
• A set of three critical zero-day vulnerabilities now tracked as TLStorm could let hackers take control of uninterruptible power supply (UPS) devices from APC, a subsidiary of Schneider Electric. The flaws affect APC Smart-UPS systems that are popular in a variety of activity sectors, including governmental, healthcare, industrial, IT, and retail.

More