A recently added database of Indicators of Attack (IoAs), maintained and fed by Kaspersky’s expert threat hunters, helps to deliver additional context during investigation of cybercriminal activities.
In addition, IoAs are now mapped to the MITRE ATT&CK knowledge base for further analysis of adversaries’ tactics, techniques, and procedures. These key improvements help enterprises investigate complex incidents faster.
Cyber-incidents relating to complex threats can have a significant impact on business. The cost of response and process recovery, the need to invest in new systems or processes, the effect on availability, and the damage to reputation all add up. Today, organisations need to consider the growing number of widespread malicious programmes, and the increase in complex advanced threats that are targeting them. In 2018, 41% of enterprises1 admitted that they suffered a targeted attack. Clearly, companies need protection from the more sophisticated threats that would otherwise evade detection. Kaspersky helps to solve this issue with the next generation of Kaspersky EDR and Kaspersky Anti Targeted Attack platform.
Using Indicators of Attack to boost the investigation process
Kaspersky EDR and Kaspersky Anti Targeted Attack include functionality to check for Indicators of Compromise (IoCs), such as hash, file name, path, IP address, and URL, which show that an attacker has struck. In addition to search for IoC, new capabilities with IoAs provide an opportunity to identify the intruders’ tactics and techniques, regardless of the malware or legitimate software used in the attack. To simplify the investigation process when examining telemetry from multiple endpoints, events are correlated with a customised set of IoAs from Kaspersky. Matched IoAs show up in the user interface with detailed descriptions and recommendations on the best way to respond to the attack.
Customers can produce their own set of IoAs based on their internal experience, knowledge of the most significant threats, and their specific IT environment. All new events are automatically mapped in real time with the internal database of custom IoAs, enabling the immediate creation of informed response actions and long-term detection scenarios, according the specifics of the protected infrastructure.
Mapping to the MITRE ATT&CK knowledge base
Together, Kaspersky EDR, Kaspersky Anti Targeted Attack and MITRE ATT&CK – a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations – enable companies to validate and investigate incoming incidents more efficiently. Discovered threats are automatically mapped to the knowledge base, immediately contextualising the new events with external intelligence and attack technique data. Having a deeper understanding into an attack reduces future risks and helps security teams cut the time taken to analyse and respond to threats.
The enhanced functionality is also available for organisations that offer cybersecurity monitoring and management. The new multi-tenancy architecture allows Managed Security Services Providers (MSSPs) to protect the infrastructure of multiple clients at the same time.
Sergey Martsynkyan, Head of B2B Product Marketing at Kaspersky, said: “Professional cybercriminals can reside without detection on trusted objects, exploit zero-day vulnerabilities, use legitimate software, compromised accounts, unique software, or social engineering techniques or exploit insiders. That’s why it is essential not to rely exclusively on the evidence left by malefactors, but to search for potential traces of their activity. To help organisations solve this issue, we translated Kaspersky’s expertise into a set of IoAs and mapped them with MITRE ATT&CK. With more information and understanding of a malefactor’s intentions, companies will be able to react to complex threats faster.”
 ITSRS 2018 ITSRS8N21. Has your organization experienced any of the following incidents in the last 12 months? – Targeted attacks
Eseye cuts IoT dev time by 75%
Eseye’s new HERA300 modular IoT hardware platform reduces device prototyping time from an average of 12 months down to three months or less.
The time it takes to develop, prototype and roll out new IoT devices has been dramatically reduced by the new HERA300 modular IoT hardware platform and rapid prototyping methodology from Eseye, the UK-based cellular IoT connectivity specialist.
On average, an IoT device currently takes around 12 months to bring to market. which is a barrier to the success of many IoT projects. The new platform fast-tracks the process from initial idea to a working prototype in a few weeks, maintaining the momentum of an IoT project.
When combined with Eseye’s rapid prototyping methodology, HERA300 allows IoT theories to be tested in their native environments, where real data can be gathered to support operational planning and investment business case requirements. Once the required data is captured, it can be delivered to hyperscale cloud providers, such as AWS, through preferred System Integrator partners, to maximise a wide range of additional IoT services and functionality.
Alongside HERA300, Eseye has developed an eight-step rapid prototyping methodology that enables the rapid build and deployment of IoT devices. From building the initial model, to carrying out iterative test and development stages, resulting in a prototype that can be confidently and successfully deployed immediately into the field. Using Eseye’s methodology removes a significant amount of financial and reputational risk throughout the exploration phase of the project and builds significantly on the likelihood of success for the final approved designs.
Jon Darley, director of Things at Eseye, says: “With the rapid growth of IoT ideas we recognised the need to create a solution that would embed a technically robust testing process, but also significantly reduce time to market and increase competitive advantage. The HERA300 modular IoT hardware platform and rapid prototyping methodology successfully fulfil this brief and reduce IoT device development time by at least three quarters. This will unlock significant opportunities for companies that wouldn’t otherwise have been able to invest in IoT development with its previously associated costs and time to market.”
The HERA300 platform carries essential functionality on a modular board, meaning the platform can be rapidly adapted to meet the testing requirements and ensure project success. It features multiple sockets allowing for up to five additional sensors or modules to be plugged in, a modem interface, core software architecture including over the air software updates, and built-in temperature, pressure and humidity sensing designed to monitor the board’s environment.
Click here to read more about the HERA300.
Nintendo Switch throws fitness into the Ring
Yesterday, Nintendo launched the Ring Fit Adventure, a fitness accessory for the Nintendo Switch. BRYAN TURNER tried it out
Following from the success of Wii Fit in getting people moving while gaming, Nintendo has launched Ring Fit Adventure for the Nintendo Switch. In a similar way to which the Wii Fit was coupled with the Wii Fit Board, the Ring Fit couples with a tension ring called a Ring-Con and a leg strap.
The game features various adventures and modes that are set in immersive maps. Each mode features its own daring challenges, powerful enemies, and even a villain that players must fight. The trick to winning in the game world is putting in the real world work. The exercises mimic common exercises like jogging in place, squats, and overhead shoulder presses. These actions are masked behind fun gameplay that makes it feel like one isn’t doing strenuous workouts.
Before starting the game, users need to remove the Joy-Con controllers from their Nintendo Switch console. The left Joy-Con fits into the leg strap, which must be fasted to the left leg, while the right Joy-Con is attached to the Ring-Con. The Ring-Con provides resistance when it is squeezed or pulled apart by the handgrips.
The big plus of the Ring-Fit is the varied experience levels. This means the fit and unfit alike can start their fitness journeys where they feel comfortable. Players can also change the exercise intensity at any time to suit their fitness level from day to day. It’s worth noting that this same approach is what made the Wii Fit so successful.
In the game’s Adventure mode, players run through stylised worlds, with the end goal of defeating an evil bodybuilding dragon called Dragaux. Each level along the way offers different challenges by focusing on different body parts like arms, legs and one’s core. As players progress through the game, they earn experience points and collect ingredients to craft in-game smoothies that help them on their virtual fitness journey. Nintendo says the fun aspect of the Ring Fit Adventure can help players remain on a fitness journey for longer.
Transportation is supported by players performing actions like doing a squat to use a launchpad, and using the Ring-Con against one’s abdomen to use paddleboards, among other actions that incorporate difficult exercises into in-game events.
If players are strapped for time and would like to fit in a quick workout, they can select the Quick Play mode. It offers similar adventures to Adventure mode, but in bite-sized mini-games, which range from breaking boxes with gusts of air triggered by squeezing the Ring-Con, to flying a parachute by pulling the Ring-Con overhead.
For those who prefer a more straightforward workout, there is a mode called Simple, which does away with flashy animations. This mode allows players to pick the part of the body they would like to work on, and lets them work it out. Along with Simple mode, Set mode offers the same functionality, but allows players to line up workouts in a playlist.
With the power of Nintendo Switch, the game can be taken anywhere, letting players work up a sweat away from a TV. For those who don’t have their Nintendo Switch with them, the Ring-Con can be taken around (with a Joy-Con attached) to track exercise while away from the console. When a player returns to their Nintendo Switch, the exercises will be synced to their profile to earn experience points and in-game items.
Ring Fit Adventure is available in retail stores and includes the game card, Ring-Con and leg strap accessories. For more information about the game, visit here.