Endpoint Security and Network Monitoring News for the Week of July 14; SlashNext, ManageEngine, Armis, and More
The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of July 14. This curated list features endpoint security and network monitoring vendors such as SlashNext, ManageEngine, Armis, and more.
Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.
Endpoint Security and Network Monitoring News for the Week of July 14
SlashNext Report: “WormGPT, The Generative AI Tool Used to Launch Business Email Attacks”
In this blog post, SlashNext delves into the emerging use of generative AI, including OpenAI’s ChatGPT, and the cybercrime tool WormGPT, in Business Email Compromise (BEC) attacks. Highlighting real cases from cybercrime forums, the post dives into the mechanics of these attacks, the inherent risks posed by AI-driven phishing emails, and the unique advantages of generative AI in facilitating such attacks. WormGPT is an AI module based on the GPTJ language model, which was developed in 2021. It boasts a range of features, including unlimited character support, chat memory retention, and code formatting capabilities.
Auvik Launches Auvik SaaS Management Platform
Auvik, a provider of cloud-based network management software, this week announced a new solution to provide deep visibility into an organization’s growing SaaS environment. Auvik SaaS Management (ASM) is designed to provide IT professionals with greater security, operational efficiency, and cost management capabilities as organizations become more dependent on SaaS. ASM delivers an accelerated time to value with its Quickscan feature, which enables customers to see historic data and quickly discover online SaaS applications adopted within the past 30 days. Auvik SaaS Management is licensed per user on a monthly basis, and is available today.
ManageEngine Site24x7 Unveils OpenAI Observability Integration
ManageEngine, the enterprise IT management division of Zoho Corporation, this week announced that it has added OpenAI observability as a native capability to Site24x7, its comprehensive cloud-based observability platform. The offering enables application owners to monitor the utilization of different OpenAI models seamlessly while tracking real-time performance and cost metrics — all within a unified view. This powerful capability allows businesses to leverage the potential of emerging AI technologies, such as OpenAI’s ChatGPT, to achieve their strategic objectives while being cost-conscious.
China-Based Hackers Breach Email Accounts at State Department
Hackers based in China recently broke into email accounts of at least two major U.S. government agencies, Microsoft and U.S. officials said. Spokespeople for the State Department and Commerce Department each confirmed Wednesday that email accounts of people in their agencies had been breached. Microsoft said approximately 25 organization were part of the hack. The other organizations that were breached have not been identified. Neither agency said how many individuals were affected.
DirectDefense, Inc. and SCADAfence Announce Partnership
DirectDefense, Inc., an information security services company, this week announced its partnership with SCADAfence, the global technology leader in OT & IoT cybersecurity. The SCADAfence Platform enables critical infrastructure and manufacturing organizations with complex Operational Technology (OT) networks to embrace the benefits of the Industrial Internet of Things (IIoT) by reducing cyber risks and mitigating operational threats.
Aqua Security Report: “TeamTNT Reemerged with New Aggressive Cloud Campaign”
In part one of this two-part blog series, titled “The Anatomy of Silentbob’s Cloud Attack,” Aqua Security provided an overview of the preliminary stages of an aggressive botnet campaign that aimed at cloud native environments. The botnet run by TeamTNT has set its sights on Docker and Kubernetes environments, Redis servers, Postgres databases, Hadoop clusters, Tomcat and Nginx servers, Weave Scope, SSH, and Jupyter applications. During their research, Aqua Nautilus managed to access TeamTNT’s Command and Control (C2) server, a move that enabled them to collect invaluable intelligence about the victims, the targeted environments, the arsenal at the attacker’s disposal, and the tactics employed in this campaign. Based on the research, Aqa has discerned that this botnet perpetually scans the entirety of the internet. Consequently, every IP address undergoes a scan at least once every hour. They discovered that the rate of infection is fairly rapid, with a minimum of two new victims emerging every hour.
Armis and Honeywell Disclose Crit.IX Vulnerabilities
This week, Armis and Honeywell have jointly disclosed “Crit.IX”, 9 new vulnerabilities that Armis researchers found in the Honeywell Experion DCS platforms that could allow for unauthorized remote code execution on both legacy versions of the Honeywell server and controllers. If exploited this would allow an attacker to take over the devices and alter the operation of the DCS controller, whilst also hiding the alterations from the engineering workstation that manages the DCS controller. Exploitation of these vulnerabilities does not require authentication, only network access to the targeted devices. Potentially any compromised IT, IoT, and OT assets on the same network as the DCS devices could be leveraged for an attack. In May 2022 Armis confirmed with Honeywell the discovery of 13 code issues found within the Experion C300 controller and server. These roll into 9 new vulnerabilities, 7 of them deemed critical. Due to the severity of these vulnerabilities and the impact, Honeywell and Armis have been working together to investigate these findings, understand the underlying issues, and work towards a patch. Honeywell has made available security patches and strongly advises all affected customers to patch immediately.
Expert Insights Section
Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.
What to Expect at Solutions Review’s Spotlight with Rubrik on July 20
With the next Solutions Spotlight event, the team at Solutions Review has partnered with leading zero trust data security vendor Rubrik. The resource webinar will showcase how the immeasurable volumes of data in your Microsoft 365 environment are at risk. And now that Rubrik is partnered with Microsoft, its Microsoft 365 protection is even stronger.
Solutions Review Celebrates 1,000 Premium Content Submissions This Year
It’s been a year of celebrations for Solutions Review. After commemorating 50 vendors served through its growing selection of virtual event programs earlier this summer, Solutions Review editors are proud to announce a milestone of more than 1,000 pieces of Premium Content published in the last calendar year. Since Solutions Review first institutionalized the Premium Content Series in June 2022, and in conjunction with its popular Insight Jam events, its editors have been overwhelmed by the response. In fact, the response has helped begin shaping Solutions Review as a premier enterprise technology publishing platform.
How to Update Aging Network Infrastructure Without Breaking Everything
Steve Petryschuk of Auvik maps out how to update your aging network infrastructure– without breaking everything.
In every organization, there will come a time when the network needs to be upgraded. When that time comes, the IT team must carefully plan out the upgrade to avoid unexpected network outages. After all, when the network is down, employees can’t be productive, sales aren’t being made, and the company loses revenue fast. According to Information Technology Intelligence Consulting, one hour of server downtime costs most small and mid-sized companies $300,000, and can cost larger organizations more than $5 million. However, with the appropriate planning and teamwork, network managers and administrators can limit the chances of unexpected outages and are more likely to experience a smooth transition to the new network.