top of page

CYBERSIFT Change.log 05.24

Cybersift updates: Change.log April 2024

The CyberSift team has made some key updates and enhancements across our main solutions this spring, aiming to strengthen our security measures and drive innovation, keeping us vigilant in the cyber space.


Here's our May Update:


SIEM Updates:


The ExtractGrokMerge NiFi processor now includes an advanced feature that allows users to "drop" matched fields.


This enhancement is particularly useful for discarding unnamed fields, such as GREEDYDATA, which are often extraneous and not required for further processing.


By enabling this functionality, users can streamline data management and improve processing efficiency by focusing only on the essential fields needed for their specific use cases.

TUTELA Updates:


  • Improved detection for Mozilla ESR: Our latest update enhances the detection capabilities for Mozilla Extended Support Release (ESR), ensuring better security and compliance monitoring.

  • Initial support for SNMP version scanning: We have introduced initial support for Simple Network Management Protocol (SNMP) version scanning, allowing for more comprehensive network device management. See configuration article here.

  • End of Life screen shows “WARNING” if end of support is less than 3 months away: The End of Life (EOL) screen now displays a “WARNING” notification if a product's end of support is less than three months away, providing timely alerts for proactive planning and updates.


DNS-Protect Updates:


  • New block page. When visiting a blocked web site, a block page is now displayed

The new CS-DNS Block Page


  • Addition of a new Duration field in dashboards. This field shows the amount of time in milliseconds that it took for CS-DNS to classify and allow/deny a DNS request


The new ''duration'' field in milliseconds


 



Business Breakfast in Collaboration with Netskope

It was a pleasure hosting a lot of you at our Business Breakfast in collaboration with Netskope. We deeply appreciate your participation and engagement during the event.


During this insightful session, we explored Netskope ONE, a cutting-edge cloud-native platform meticulously designed to meet the dynamic security and networking needs of modern organizations. Our distinguished experts shed light on how Netskope ONE addresses the challenges posed by Secure Access Service Edge (SASE) and the Zero Trust transformation.


Our session delved into the evolving landscape of cybersecurity in our hyperconnected online world. The emphasis was placed on the necessity of a novel security approach that transcends the traditional methods of simply allowing or blocking access based on user identity or specific services. Instead, we highlighted the importance of contextual enforcement in implementing finely tuned security policies.


Participants gained valuable insights into the critical elements beyond identity that are essential for an effective Zero Trust strategy. By understanding these elements, attendees learned about the holistic approach required to strengthen their organization's security posture in today's dynamic threat landscape.


Moreover, Paolo Passeri, Principal Sales Engineer and Cyber Intelligence Specialist at Netskope, provided an in-depth explanation of how various security controls—such as data protection, threat protection, and behavior analytics—work together to safeguard modern enterprises.


Access the full event presentation here:



 

May 2024, top Cybersecurity news from around the globe:

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million

Yaroslav Vasinskyi, a member of the REvil ransomware group, has been sentenced to over 13 years in prison and fined $16 million for his involvement in numerous ransomware attacks, extorting over $700 million in cryptocurrency.


New Cuttlefish Malware Hijacks Router Connections, Sniffs for Cloud Credentials

The "Cuttlefish" malware targets small office/home office routers, intercepting network communications and gathering authentication data from HTTP requests. It sniffs for cloud service credentials and can act as a proxy for unauthorized access to cloud resources.


Operation PANDORA Shutdown 12 Fake Call Centers that Steal Over €10M

Europol led Operation PANDORA, dismantling a network of fraudulent call centers that defrauded victims of over €10 million through sophisticated phone scams. This operation involved multiple countries and resulted in arrests and the seizure of evidence.


Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds

The "Elliptic2" dataset, used for Bitcoin blockchain forensic analysis, revealed patterns of money laundering and criminal proceeds, tracing them to entities like cryptocurrency mixers and darknet markets. This analysis showcases the potential of machine learning in financial crime investigations within the cryptocurrency space.


 


Comments


Commenting has been turned off.
bottom of page