Day: February 22, 2023

Adversarial Supply Chains Strengthen in Complexity and Sophistication to Counter Evolving Defenses

SUNNYVALE, Calif., Feb. 22, 2023 (GLOBE NEWSWIRE) —

Derek Manky, Chief Security Strategist & Global VP Threat Intelligence, FortiGuard Labs
“For cyber adversaries, maintaining access and evading detection is no small feat as cyber defenses continue to advance to protect organizations today. To counter, adversaries are augmenting with more reconnaissance techniques and deploying more sophisticated attack alternatives to enable their destructive attempts with APT-like threat methods such as wiper malware or other advanced payloads. To protect against these advanced persistent cybercrime tactics, organizations need to focus on enabling machine learning–driven coordinated and actionable threat intelligence in real time across all security devices to detect suspicious actions and initiate coordinated mitigation across the extended attack surface.”

News Summary:

Fortinet® (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the latest semiannual Global Threat Landscape Report from FortiGuard Labs. The threat landscape and organizations’ attack surface are constantly transforming, and cybercriminals’ ability to design and adapt their techniques to suit this evolving environment continues to pose significant risk to businesses of all sizes, regardless of industry or geography. For a detailed view of the report, as well as some important takeaways, read the blog.

Highlights of the 2H 2022 report follow:

• The mass distribution of wiper malware continues to showcase the destructive evolution of cyberattacks.
• New intelligence allows CISOs to prioritize risk mitigation efforts and minimize the active attack surface with the expansion of the “Red Zone” approach.
• Ransomware threats remain at peak levels with no evidence of slowing down globally with new variants enabled by Ransomware-as-a-Service (RaaS).
• The most prevalent malware was more than a year old and had gone through a large amount of speciation, highlighting the efficacy and economics of reusing and recycling code.
• Log4j continues to impact organizations in all regions and industries, most notably across technology, government, and education.

Destructive APT-like Wiper Malware Spreads Wide in 2022
Analyzing wiper malware data reveals a trend of cyber adversaries consistently using destructive attack techniques against their targets. It also shows that with the lack of borders on the internet, cyber adversaries can easily scale these types of attacks, which have been largely enabled by the Cybercrime-as-a-Service (CaaS) model.

In early 2022, FortiGuard Labs reported the presence of several new wipers in parallel with the Russia-Ukraine war. Later in the year, wiper malware expanded into other countries, fueling a 53% increase in wiper activity from Q3 to Q4 alone. While some of this activity was enabled by wiper malware that may have been initially developed and deployed by nation-state actors surrounding the war, it is being picked up by cybercriminal groups and is spreading beyond just Europe. Unfortunately, the trajectory of destructive wiper malware does not appear to be slowing any time soon based on the activity volume seen in Q4, which means any organization remains a potential target, not just organizations based in the Ukraine or surrounding countries.

Mapping CVEs Reveals Vulnerability Red Zone to Help CISOs Prioritize
Exploit trends help show what cybercriminals are interested in attacking, probing for future attacks, and are actively targeting. FortiGuard Labs has an extensive archive of known vulnerabilities, and through data enrichment was able to identify actively exploited vulnerabilities in real time and map zones of active risk across the attack surface.
In the second half of 2022, less than 1% of the total observed vulnerabilities discovered in an enterprise-size organization were on endpoints and actively under attack, giving CISOs a clear view of the Red Zone through intelligence of the active attack surface that they should prioritize efforts to minimize their risk and where to focus patching efforts.

Financially Motivated Cybercrime and Ransomware Threat Holding at Peak Levels
FortiGuard Labs Incident Response (IR) engagements found that financially motivated cybercrime resulted in the highest volume of incidents (73.9%), with a distant second attributed to espionage (13%). In all of 2022, 82% of financially motivated cybercrime involved the employment of ransomware or malicious scripts, showing that the global ransomware threat remains in full force with no evidence of slowing down thanks to the growing popularity of Ransomware-as-a-Service (RaaS) on the dark web.

In fact, ransomware volume increased 16% from the first half of 2022. Out of a total of 99 observed ransomware families, the top five families accounted for roughly 37% of all ransomware activity during the second half of 2022. GandCrab, a RaaS malware that emerged in 2018, was at the top of the list. Although the criminals behind GandCrab announced that they were retiring after making over $2 billion in profits, there were many iterations of GandCrab during its active time. It is possible that the long-tail legacy of this criminal group is still perpetuating, or the code has simply been built upon, changed, and re-released, demonstrating the importance of global partnerships across all types of organizations to permanently dismantle criminal operations. Effectively disrupting cybercriminal supply chains requires a global group effort with strong, trusted relationships and collaboration among cybersecurity stakeholders across public and private organizations and industries.

Adversary Code Reuse Showcases the Resourceful Nature of Adversaries
Cyber adversaries are enterprising in nature and always looking to maximize existing investments and knowledge to make their attack efforts more effective and profitable. Code reuse is an efficient and lucrative way for cybercriminals to build upon successful outcomes while making iterative changes to fine-tune their attacks and overcome defensive obstacles.

When FortiGuard Labs analyzed the most prevalent malware for the second half of 2022, the majority of the top spots were held by malware that was more than one year old. FortiGuard Labs further examined a collection of different Emotet variants to analyze their tendency to borrow and reuse code. The research showed that Emotet has gone through significant speciation with variants breaking into roughly six different “species” of malware. Cyber adversaries are not just automating threats but actively retrofitting code to make it even more effective.

Older Botnet Resurrection Demonstrates the Resiliency of Adversarial Supply Chains
In addition to code reuse, adversaries are also leveraging existing infrastructure and older threats to maximize opportunity. When examining botnet threats by prevalence, FortiGuard Labs discover that many of the top botnets are not new. For example, the Morto botnet, which was first observed in 2011, surged in late 2022. And others like Mirai and Gh0st.Rat continue to be prevalent across all regions. Surprisingly, out of the top five observed botnets, only RotaJakiro is from this decade.

Although it may be tempting to write off older threats as past history, organizations across any sector must continue to stay vigilant. These “vintage” botnets are still pervasive for a reason: They are still very effective. Resourceful cybercriminals will continue to leverage existing botnet infrastructure and evolve it into increasingly persistent versions with highly specialized techniques because the ROI is there. Specifically, in the second half of 2022, significant targets of Mirai included managed security service providers (MSSPs), the telco/carrier sector, and the manufacturing sector, which is known for its pervasive operational technology (OT). Cybercriminals are making a concerted effort to target those industries with proven methods.

Log4j Remains Widespread and Targeted by Cybercriminals
Even with all the publicity that Log4j received in 2021 and the early parts of 2022, a significant number of organizations still have not patched or applied the appropriate security controls to protect their organizations against one of the most notable vulnerabilities in history.

In the second half of 2022, Log4j was still heavily active in all regions and was second. In fact and FortiGuard Labs found that 41% of organizations detected Log4j activity, showing just how widespread the threat remains. Log4j IPS activity was most prevalent across tech, government, and educational sectors, which should come as no surprise, given Apache Log4j’s popularity as open-source software.

Analyzing a Piece of the Malware Story: Delivery Shifts Demonstrate Urgency for User Awareness
Analyzing adversarial strategies gives us valuable insights into how attack techniques and tactics are evolving to better protect against future attack scenarios. FortiGuard Labs looked at the functionality of detected malware based on sandbox data to track the most common delivery approaches. It is important to note that this only looks at detonated samples.

In reviewing the top eight tactics and techniques viewed in sandboxing, drive-by-compromise was the most popular tactic used by cybercriminals to gain access into organizations’ systems across all regions globally. Adversaries are primarily gaining access to victims’ systems when the unsuspecting user browses the internet and unintentionally downloads a malicious payload by visiting a compromised website, opening a malicious email attachment, or even clicking a link or deceptive pop-up window. The challenge with the drive-by tactic is that once a malicious payload is accessed and downloaded, it is often too late for the user to escape compromise unless they have a holistic approach to security.

Shifting to Meet the Threat Landscape Head-On
Fortinet is a leader in enterprise-class cybersecurity and networking innovation, helping CISOs and security teams break the attack kill chain, minimize the impact of cybersecurity incidents, and better prepare for potential cyberthreats.

Fortinet’s suite of security solutions includes a variety of powerful tools like next-generation firewalls (NGFW), network telemetry and analytics, endpoint detection and response (EDR), extended detection and response (XDR), digital risk protection (DRP), security information and event management (SIEM), inline sandboxing, deception, security orchestration, automation, and response (SOAR), and more. These solutions provide advanced threat detection and prevention capabilities that can help organizations quickly detect and respond to security incidents across their entire attack surface.

To complement these solutions and support short-staffed teams strained by the cybersecurity talent shortage, Fortinet also offers machine learning–enabled threat intelligence and response services. These provide up-to-date information on the latest cyberthreats and enable businesses to quickly respond to security incidents, minimizing the impact on their organization. Fortinet’s human-based SOC augmentation and threat intelligence services also help security teams better prepare for cyberthreats and provide real-time threat monitoring and incident response capabilities.

This comprehensive suite of cybersecurity solutions and services enables CISOs and security teams to focus on enabling the business and higher-priority projects.

Report Overview 
This latest Global Threat Landscape Report is a view representing the collective intelligence of FortiGuard Labs, drawn from Fortinet’s vast array of sensors collecting billions of threat events observed around the world during the second half of 2022. Using the MITRE ATT&CK framework, which classifies adversary tactics, techniques, and procedures(TTPs), the FortiGuard Labs Global Threat Landscape Report sets out to describe how threat actors target vulnerabilities, build malicious infrastructure, and exploit their targets. The report also covers global and regional perspectives as well as threat trends affecting both IT and OT environments. 

Additional Resources

• Subscribe to our blog for valuable takeaways from this research as the FortiGuard Labs team examines topics from the report in upcoming weeks.
• Learn more about FortiGuard Labs threat intelligence and research and Outbreak Alerts, which provide timely steps to mitigate breaking cybersecurity attacks.
• Learn more about Fortinet’s FortiGuard Security Services portfolio.
• Learn more about Fortinet’s free cybersecurity training, which includes broad cyber awareness and product training. As part of the Fortinet Training Advancement Agenda (TAA), the Fortinet Training Institute also provides training and certification through the Network Security Expert (NSE) Certification, Academic Partner, and Education Outreach programs.
• Read about how Fortinet customers are securing their organizations.
• Follow Fortinet on Twitter, LinkedIn, Facebook, and Instagram. Subscribe to Fortinet on our blog or YouTube.

About FortiGuard Labs
FortiGuard Labs is the threat intelligence and research organization at Fortinet. Its mission is to provide Fortinet customers with the industry’s best threat intelligence designed to protect them from malicious activity and sophisticated cyberattacks. It is composed of some of the industry’s most knowledgeable threat hunters, researchers, analysts, engineers, and data scientists in the industry, working in dedicated threat research labs all around the world. FortiGuard Labs continuously monitors the worldwide attack surface using millions of network sensors and hundreds of intelligence-sharing partners. It analyzes and processes this information using AI and other innovative technology to mine that data for new threats. These efforts result in timely, actionable threat intelligence in the form of Fortinet security product updates, proactive threat research to help our customers better understand the threats and actors they face, and threat intelligence to help our customers better understand and defend their threat landscape. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.

About Fortinet
Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet’s solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.

FTNT-O

Copyright © 2023 Fortinet, Inc. All rights reserved. The symbols ® and denote respectively federally registered trademarks and common law trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet’s trademarks include, but are not limited to, the following: Fortinet, the Fortinet logo, FortiGate, FortiOS, FortiGuard, FortiCare, FortiAnalyzer, FortiManager, FortiASIC, FortiClient, FortiCloud, FortiMail, FortiSandbox, FortiADC, FortiAI, FortiAIOps, FortiAntenna, FortiAP, FortiAPCam, FortiAuthenticator, FortiCache, FortiCall, FortiCam, FortiCamera, FortiCarrier, FortiCASB, FortiCentral, FortiConnect, FortiController, FortiConverter, FortiCWP, FortiDB, FortiDDoS, FortiDeceptor, FortiDeploy, FortiDevSec, FortiEdge, FortiEDR, FortiExplorer, FortiExtender, FortiFirewall, FortiFone, FortiGSLB, FortiHypervisor, FortiInsight, FortiIsolator, FortiLAN, FortiLink, FortiMoM, FortiMonitor, FortiNAC, FortiNDR, FortiPenTest, FortiPhish, FortiPlanner, FortiPolicy, FortiPortal, FortiPresence, FortiProxy, FortiRecon, FortiRecorder, FortiSASE, FortiSDNConnector, FortiSIEM, FortiSMS, FortiSOAR, FortiSwitch, FortiTester, FortiToken, FortiTrust, FortiVoice, FortiWAN, FortiWeb, FortiWiFi, FortiWLC, FortiWLM and FortiXDR. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, contract, binding specification or other binding commitment by Fortinet or any indication of intent related to a binding commitment, and performance and other specification information herein may be unique to certain environments.

Media Contact:	Investor Contact:	Analyst Contact:
Travis Anderson	Peter Salkowski	Brian Greenberg
Fortinet, Inc.	Fortinet, Inc.	Fortinet, Inc.
408-235-7700	408-331-4595	408-235-7700
pr@fortinet.com	psalkowski@fortinet.com	analystrelations@fortinet.com

GlobeNewswire Distribution ID 8754219

The report highlights Acronis’ latest ESG goals and presents its new objectives and initiatives to reach significant environmental success

SHAFFHAUSEN, Switzerland, Feb. 22, 2023 (GLOBE NEWSWIRE) — Acronis, a global leader in cyber protection, today released its 2022 Environmental, Social, and Governance (ESG) Report. The comprehensive report highlights diversity, sustainability, and community development efforts and programs which demonstrate the organization’s commitment to a sustainable future and investment in its people.

In 2021, Acronis appointed a dedicated group of employees to sit on Acronis’ ESG committee to direct and uphold the company’s sustainability efforts. Committed to extending its ESG initiatives to be climate and resource efficient and socially responsible for its employees, customers, and community, Acronis is proud of the accomplishments it has achieved.

“Acronis helps service providers to modernize their clients’ security and backup solutions with integrated cyber protection – and we’re committed to doing it in the most efficient and sustainable way,” said Patrick Pulvermueller, CEO of Acronis. “From reviewing data center power usage effectiveness to providing a diverse and inclusive working environment, we are focused on long-term benefits for our partners and employees.”

Key highlights from Acronis’ 2022 ESG report include:

• Acronis Cyber Cloud data centers. In 2022, Acronis opened 13 new data centers, bringing the total to over 50 worldwide. Acronis only selects new data center vendors after careful consideration of their certification and energy efficiency practices. Acronis data centers are necessary to serve business and customers’ needs, and the company is aware of the considerable energy use that this requires and the number of CO2 emissions that are produced. In line with ESG commitments to becoming more energy efficient, Acronis has begun to use power usage effectiveness (PUE) to assess the efficiency of its data center vendors in its move towards the goal of becoming climate neutral.
• Suppliers. Acronis has assessed its top 50 suppliers on sustainable practices by using a standard questionnaire querying ESG initiatives and goals. The company is thrilled to report no risk detected within these suppliers with 70% of vendors having published ESG reports recently and others expressing ESG initiatives publicly.
• Sustainable merchandise. In 2022, Acronis began an initiative to utilize merchandise produced from eco-friendly materials avoiding the use of plastic. This has prevented 1,826,000 plastic bottles — or 21,000 kg/46,000 pounds of plastic — from going into the ocean.
• Renewable energy. Acronis has begun to explore ways to help partners, especially those in developing countries, turn to renewable energy projects and mitigate raising energy costs. As part of this effort, Acronis has subsidized the installation of solar panels at partner offices in Nigeria ultimately helping to reduce the effects of climate change.
• Humanitarian aid. Acronis is committed to providing aid to regions suffering from conflict or natural disasters. In 2022, the company has partnered with non-profit agencies while Acronis employees volunteered their time to help families affected by the conflict in Ukraine.
• Acronis Cyber Foundation Program. The Foundation program launched five years ago as an initiative to engage in community development projects together with partners. In 2022, Acronis has built five schools in underserved communities and has conducted multiple IT skills programs, reaching over 13,000 people globally.
• Diversity and inclusion. A diverse and inclusive workforce leads to better outcomes for employees and customers. In 2022, Acronis introduced a Women in Tech mentorship program for 50 employees and introduced regional #CyberWomen chapters covering 10 countries and reaching more than 450 participants through global webinars for networking and career development.
• Health and well-being. Acronis believes its employees are its most valuable asset and is committed to their wellness and safety. To encourage a healthy lifestyle and work-life balance, in 2022 Acronis introduced new benefits including an additional no-work day and access to the Employee Assistance Program (EAP). This global resource is available in 27 languages to employees and eligible family members to support with the stresses brought on by pandemic isolation and current world events. The company also includes physical activities to support well-being at global summits such as the Cyber Dragon Cup – a soccer game between regional sales teams.
• Governance. To increase transparency and clarity for Acronis employees, customers, and its community, the company publishes key compliance documents online at https://www.acronis.com/en-us/sustainability-governance/ and conducts regular training sessions for all stakeholders.

The Acronis 2022 ESG Report also outlines the company’s plans and goals for 2023 ESG initiatives. Acronis strives to continue its journey of creating a sustainable future, strengthening communities on a global scale, and fostering an inclusive work environment.

To find out more and download the Acronis 2022 ESG report, please visit: https://www.acronis.com/en-us/sustainability-governance/

About Acronis

Acronis unifies data protection and cybersecurity to deliver integrated, automated cyber protection that solves the safety, accessibility, privacy, authenticity, and security (SAPAS) challenges of the modern digital world. With flexible deployment models that fit the demands of service providers and IT professionals, Acronis provides superior cyber protection for data, applications, and systems with innovative next-generation antivirus, backup, disaster recovery, and endpoint protection management solutions powered by AI. With advanced anti-malware powered by cutting-edge machine intelligence and blockchain based data authentication technologies, Acronis protects any environment – from cloud to hybrid to on premises – at a low and predictable cost.

Acronis is a Swiss company, founded in Singapore. Celebrating two decades of innovation, Acronis has more than 2,000 employees in 45 locations. Acronis Cyber Protect solution is available in 26 languages in over 150 countries and is used by 16,000 service providers to protect over 750,000 businesses.

Contact for press release: Karl Bateson | karl.bateston@acronis.com

GlobeNewswire Distribution ID 8754140

Purpose-Built and Widely Deployed by Leading Telecom Operators, the New Synchronoss Personal Cloud Includes Genius, BackTrack and Other Features to Ensure Data Security and Privacy

BRIDGEWATER, N.J., Feb. 22, 2023 (GLOBE NEWSWIRE) — Synchronoss Technologies, Inc. (“Synchronoss” or the “Company”) (NASDAQ: SNCR), a global leader and innovator in cloud, messaging and digital products and platforms, today announced it will showcase the latest version of Synchronoss Personal Cloud at Mobile World Congress in Barcelona, Spain.

The new Synchronoss Personal Cloud platform enables telecom operators to offer premium and value-added services to backup and manage files, photos, videos, and digital content stored on mobile phones and other devices.

Leveraging artificial intelligence (AI) the new Genius feature provides tools to optimize photos. Users can colorize black and white photos, enhance photos, and touch up faces, among other effects. The addition of BackTrack provides the capability to revert back and restore files if they are deleted, corrupted, or lost. Additionally, by integrating machine learning, the platform’s Advanced Highlights feature makes it easy to categorize and tag photos, videos, and other digital content so they can be easily highlighted, managed, and shared.

“Unlike OTT apps, our cloud platform provides a carrier-grade solution for service providers to deliver value-added services that also focus heavily on data security and privacy,” said Jeff Miller, President and CEO of Synchronoss. “The capabilities of generative AI and machine learning allow us to deliver innovative functionality such as Genius, BackTrack, and Advanced Highlights, giving users new ways to engage and share their digital content.”

The new features of Synchronoss Personal Cloud are being rolled out to millions of subscribers, including cloud users at AT&T, Verizon, and one of the largest global operators that recently signed a multi-year cloud agreement launching later this year.

Entering Mobile World Congress, Synchronoss will also showcase its carrier-grade email platform, Synchronoss Email Suite. The company recently announced a new contract expansion with a prominent service provider that is delivering email services to over 50 million users, powered by Synchronoss Email Suite and the Mx9 core messaging platform.

“Representing the future of connectivity and drawing the biggest names in the industry, Mobile World Congress is a tremendous venue to build on the momentum of the new Synchronoss Personal Cloud and Synchronoss Email Suite platforms. We look forward to working with our global customers, partners, and new prospects to deliver innovative cloud, messaging, and digital solutions that drive new revenue opportunities for their business,” added Miller.

Meet Us in Barcelona

To schedule a meeting at Mobile World Congress, visit: https://synchronoss.com/events/#schedule.

About Synchronoss

Synchronoss Technologies (NASDAQ: SNCR) builds software that empowers companies around the world to connect with their subscribers in trusted and meaningful ways. The company’s collection of products helps streamline networks, simplify onboarding, and engage subscribers to unleash new revenue streams, reduce costs and increase speed to market. Hundreds of millions of subscribers trust Synchronoss products to stay in sync with the people, services, and content they love. Learn more at www.synchronoss.com.

Media Relations Contact:
Domenick Cilea
Springboard
dcilea@springboardpr.com

Investor Relations Contact:
Matt Glover / Tom Colton
Gateway Group, Inc.
SNCR@gatewayir.com

GlobeNewswire Distribution ID 8754201