A recently added database of Indicators of Attack (IoAs), maintained and fed by Kaspersky’s expert threat hunters, helps to deliver additional context during investigation of cybercriminal activities.
In addition, IoAs are now mapped to the MITRE ATT&CK knowledge base for further analysis of adversaries’ tactics, techniques, and procedures. These key improvements help enterprises investigate complex incidents faster.
Cyber-incidents relating to complex threats can have a significant impact on business. The cost of response and process recovery, the need to invest in new systems or processes, the effect on availability, and the damage to reputation all add up. Today, organisations need to consider the growing number of widespread malicious programmes, and the increase in complex advanced threats that are targeting them. In 2018, 41% of enterprises1 admitted that they suffered a targeted attack. Clearly, companies need protection from the more sophisticated threats that would otherwise evade detection. Kaspersky helps to solve this issue with the next generation of Kaspersky EDR and Kaspersky Anti Targeted Attack platform.
Using Indicators of Attack to boost the investigation process
Kaspersky EDR and Kaspersky Anti Targeted Attack include functionality to check for Indicators of Compromise (IoCs), such as hash, file name, path, IP address, and URL, which show that an attacker has struck. In addition to search for IoC, new capabilities with IoAs provide an opportunity to identify the intruders’ tactics and techniques, regardless of the malware or legitimate software used in the attack. To simplify the investigation process when examining telemetry from multiple endpoints, events are correlated with a customised set of IoAs from Kaspersky. Matched IoAs show up in the user interface with detailed descriptions and recommendations on the best way to respond to the attack.
Customers can produce their own set of IoAs based on their internal experience, knowledge of the most significant threats, and their specific IT environment. All new events are automatically mapped in real time with the internal database of custom IoAs, enabling the immediate creation of informed response actions and long-term detection scenarios, according the specifics of the protected infrastructure.
Mapping to the MITRE ATT&CK knowledge base
Together, Kaspersky EDR, Kaspersky Anti Targeted Attack and MITRE ATT&CK – a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations – enable companies to validate and investigate incoming incidents more efficiently. Discovered threats are automatically mapped to the knowledge base, immediately contextualising the new events with external intelligence and attack technique data. Having a deeper understanding into an attack reduces future risks and helps security teams cut the time taken to analyse and respond to threats.
The enhanced functionality is also available for organisations that offer cybersecurity monitoring and management. The new multi-tenancy architecture allows Managed Security Services Providers (MSSPs) to protect the infrastructure of multiple clients at the same time.
Sergey Martsynkyan, Head of B2B Product Marketing at Kaspersky, said: “Professional cybercriminals can reside without detection on trusted objects, exploit zero-day vulnerabilities, use legitimate software, compromised accounts, unique software, or social engineering techniques or exploit insiders. That’s why it is essential not to rely exclusively on the evidence left by malefactors, but to search for potential traces of their activity. To help organisations solve this issue, we translated Kaspersky’s expertise into a set of IoAs and mapped them with MITRE ATT&CK. With more information and understanding of a malefactor’s intentions, companies will be able to react to complex threats faster.”
 ITSRS 2018 ITSRS8N21. Has your organization experienced any of the following incidents in the last 12 months? – Targeted attacks
HP launches first cartridge-free laser printer
No cartridge? No problem. HP has launched the Neverstop Laser, its first laser printer that doesn’t require a cartridge to print.
Click below to read more about the printer.
HP Neverstop Laser is a new, rapid-reload laser printer that helps small businesses save money on laser cartridge replacements. The first-of-its-kind toner supply system allows users to replace toner quickly, it helps small business owners stay in their business flow.
“A recent global study found that more than 8 in 10 small businesses around the world rely on printers, with half saying their business cannot operate without one, and many calling for printers to evolve into a technology partner ,” said Jane Geypen, category manager of HP’s Home Printing Solutions. “By eliminating common printing interruptions with breakthrough innovations and digital integration, HP Neverstop Laser gives entrepreneurs a competitive edge to turn their passion into a thriving business.”
Designed with sustainability in mind, HP Neverstop Laser is made with more than 25 percent recycled plastic while the toner reload kit is made of 75 percent recycled plastic by weight.
Key features, as provided by HP, include:
- 5,000 pages without interruptions: Print 5,000 pages right out of the box with virtually no interruptions-perfect for high-volume printing
- Reload mess-free toner in seconds: A revolutionary supply system lets you quickly and easily reload toner levels in 15-seconds without making a mess
- Original HP quality and unbelievable savings: Get original HP quality and reliability page after page with up to 80 percent cost savings on HP original toner
- Connected and mobile: Mobile scanning and printing with best-in-class mobile print app, HP Smart App
Pricing and Availability
HP Neverstop Laser will be available in South Africa from August 2019. No pricing has been announced.
Canon launches world’s lightest DSLR camera
Canon has announced the Canon EOS 250D, which it claims to be the world’s lightest DSLR camera.
Click below to read more about the camera.
For a family looking to step up from smartphone photography or upgrade from their existing camera, the EOS 250D is a DSLR to consider, packed with the latest technology that provides users with a formidable introduction to interchangeable lens photography in a small and lightweight body.
The successor to Canon’s award-winning EOS 200D, the EOS 250D has a guided user interface for simplified operation, a large 24.1 Megapixel Dual Pixel CMOS APS-C sensor, 4K movie capability, fast and responsive autofocus, and connectivity to smart devices. In addition, the camera features DIGIC 8, Canon’s latest image processor which powers many of its functions, including 4K movie recording, 4K time-lapse, and 4K frame grabs from 4K movies.
With straightforward handling in a lightweight and compact body, the EOS 250D includes a guided user interface that shows on-screen hints and tips. It is also possible for users to capture images in imaginative ways with Canon’s Creative Assist feature, a suite of effects, filters and colour adjustment tools to apply to photographs when composing an image or after it has been taken.
Canon’s DIGIC 8 image processor supports a variety of improvements in Live View autofocus precision and Eye Auto-Focus (AF), Auto Lighting Optimizer, Digital Lens Optimizer, and Highlight Tone Priority for sharp high-resolution images ready to share straight from the camera. The 24.1 Megapixel sensor performs well in low-light and facilitates a shallow depth of field, adding background bokeh to images.
The EOS 250D is a camera for many occasions. Its intuitive Vari-Angle touchscreen enables comfortable shooting from a variety of angles, making it possible to frame selfies or vlog videos. Canon’s Dual Pixel CMOS AF technology will also keep subjects in sharp focus when shooting stills and video via the touchscreen. Delivering a classic shooting experience, the EOS 250D features an optical viewfinder with a responsive 9-point AF, so moments can be framed clearly and as they were seen with the naked eye.
When images and videos are ready to be shared, the EOS 250D integrates with smart devices via Bluetooth and Wi-Fi using the Canon Camera Connect app for iOS and Android. From here, images and videos can be downloaded to a smart device, reviewed and posted on social media or shared.
The Canon Camera Connect app also facilitates shooting remotely from a smart device, great for capturing group shots or a hands-free selfie. Images can then be sent to a paired smart device as soon as they are taken via the Automatic Image Transfer function, delivering peace of mind that images are safely backed-up.
The EOS 250D is available in three sleek finishes: black, white and silver and is part of the Canon EOS ecosystem, comprising of over 80 world-class lenses, flashes and accessories, offering a level of choice as users look to expand the camera’s capabilities. The EOS 250D is available now in South Africa.
For more information about Canon, please visit www.canon.co.za or follow Canon on Facebook, Twitter, Instagram or LinkedIn.