WithSecure™, has been positioned as one of only 15 recognized vendors in the 2024 Gartner Magic Quadrant for Endpoint Protection Platforms (EPP). This recognition comes on the heels of recent product innovations, including the expansion of WithSecure’s cost-effective Elements platform with capabilities such as Exposure Management and Identity Security, designed to meet the evolving security needs and outcomes of mid-sized businesses.
WithSecure™ is excited to announce the launch of a new data processing location in Japan, expanding our data residency capabilities for Salesforce customers in the area. The new data center, which is expected to be available by the end of 2024, is an addition to existing data centers in the USA, EU (Ireland), Australia, and Singapore, reinforcing WithSecure’s commitment to enterprise-grade Salesforce security in Japan.
With adversaries constantly adapting their tactics, traditional security measures and spot solutions often fail to provide comprehensive protection. This is where XDR steps in. XDR represents a holistic approach to threat detection and response, integrating and correlating data from multiple security solutions across endpoints, email, identity, and cloud environments.
The Information Regulator of South Africa, led by Advocate Pansy Tlakula, has urged gated communities and office parks to adhere to the Protection of Private Information Act (POPIA) regarding data collection practices. Concerns were raised about the excessive personal information gathered via scanning vehicle registration discs and driver’s licenses. Tlakula emphasized that only essential information, such as the driver’s name, vehicle registration number, and car colour, should be collected. Additionally, At the Gate (ATG) Digital, a provider of access management systems, claims to comply with POPIA by implementing security practices such as data de-identification, encryption, and employee training to protect personal data.
Organized criminal syndicates are increasingly targeting couriers delivering online orders in South Africa, especially following a surge in e-commerce transactions during the COVID-19 pandemic. Reports indicate a rise from approximately 20 daily hijackings to 65 per day by mid-2024. Criminals employ sophisticated tactics, including deceptive fake orders, primarily affecting parcel and food delivery drivers who may not be trained in identifying security risks. This rise in hijackings leads to delays and increased costs for consumers, while courier companies face higher operational costs. Industry leaders are urged to collaborate to enhance safety and mitigate delivery costs.
Microsoft SharePoint Remote Code Execution Vulnerability
“An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server”
Fake LockBit
LockBit is a Ransomware-as-a-Service (RaaS) that has been involved in numerous cyber attacks over the years. “By the tail end of the attack, the device’s wallpaper is changed into an image mentioning LockBit. This might lead affected users to think that LockBit is to be blamed for the incident, especially since this ransomware family had been active in recent years and even had the highest file detections during the first half of this year”
New PowerRAD and DCRAT through Gophish
“Threat actor abuses Gophish to deliver new PowerRAT and DCRAT. The campaign involves modular infection chains that are either Maldoc or HTML-based infections and require the victim’s intervention to trigger the infection chain.“
Bumblee and Latrodectus
“Two malware families that suffered setbacks in the aftermath of a coordinated law enforcement operation called Endgame have resurfaced as part of new phishing campaigns. Bumblebee and Latrodectus, which are both malware loaders, are designed to steal personal data, along with downloading and executing additional payloads onto compromised hosts.”
1.“Cybersecurity or Catastrophe”: According to a recent article published by South African Instrumentation Control, cyberthreats to be one of the most prominent risks for businesses in 2024/25 as data breaches rise.
2. Crypto wallets under attack: According to a recent article published by The Hacker News, Crypto Wallets are being targeted with malicious code via Python package.
3. ‘Non-attack’ data breach claims: According to a recent article published by Moonstone, “As data breaches have become a major driver of class action litigation in the United States, two leading experts in competition and consumer law predict it is only a matter of time before South Africa sees a rise in “non-attack” data claims.”
4. Cybersecurity Awareness Month: According to a recent article published by CEO Today, “As October unfolds, it brings with it the annual observance of Cybersecurity Awareness Month, a crucial time dedicated to highlighting the importance of cybersecurity and empowering individuals and organizations to protect themselves from the ever-evolving landscape of cyber threats. In a world where digital interactions are more frequent than ever, understanding how to stay safe from scams and cyber attacks has become imperative.”
5. Data Breach costs: According to a recent article published by SMART, South Africa is among the top 15 in data breach costs, ranking at 14th globally.
Be sure to consider some of the cyber threats out there and consider these tips for protecting yourself and your devices. Until our next mailer, you can check out all the great resources we have available on our website.
