Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Perception Point. Show all posts
Perception Point
Artificial Intelligence Cyber Security Digital Security Fortinet Perception Point

Fortinet Acquires Perception Point to Enhance AI-Driven Cybersecurity

 


Fortinet, a global leader in cybersecurity with a market valuation of approximately $75 billion, has acquired Israeli company Perception Point to bolster its email and collaboration security capabilities. While the financial terms of the deal remain undisclosed, this acquisition is set to expand Fortinet's AI-driven cybersecurity solutions.

Expanding Protections for Modern Workspaces

Perception Point's advanced technology secures vital business tools such as email platforms like Microsoft Outlook and Slack, as well as cloud storage services. It also extends protection to web browsers and social media platforms, recognizing their increasing vulnerability to cyberattacks.

With businesses shifting to hybrid and cloud-first strategies, the need for robust protection across these platforms has grown significantly. Fortinet has integrated Perception Point's technology into its Security Fabric platform, enhancing protection against sophisticated cyber threats while simplifying security management for organizations.

About Perception Point

Founded in 2015 by Michael Aminov and Shlomi Levin, alumni of Israel’s Intelligence Corps technology unit, Perception Point has become a recognized leader in cybersecurity innovation. The company is currently led by Yoram Salinger, a veteran tech executive and former CEO of RedBand. Over the years, Perception Point has secured $74 million in funding from major investors, including Nokia Growth Partners, Pitango, and SOMV.

The company's expertise extends to browser-based security, which was highlighted by its acquisition of Hysolate. This strategic move demonstrates Perception Point's commitment to innovation and growth in the cybersecurity landscape.

Fortinet's Continued Investment in Israeli Cybersecurity

Fortinet’s acquisition of Perception Point follows its 2019 purchase of Israeli company EnSilo, which specializes in threat detection. These investments underscore Fortinet’s recognition of Israel as a global hub for cutting-edge cybersecurity technologies and innovation.

Addressing the Rise in Cyberattacks

As cyber threats become increasingly sophisticated, companies like Fortinet are proactively strengthening digital security measures. Perception Point’s AI-powered solutions will enable Fortinet to address emerging risks targeting email systems and collaboration tools, ensuring that modern businesses can operate securely in today’s digital-first environment.

Conclusion

Fortinet’s acquisition of Perception Point represents a significant step in its mission to provide comprehensive cybersecurity solutions. By integrating advanced AI technologies, Fortinet is poised to deliver enhanced protection for modern workspaces, meeting the growing demand for secure, seamless operations across industries.

Read more »
phishing
Data Breach Microsoft visio Perception Point phishing

Phishing Scams use Microsoft Visio Files to Steal Information

 


The latest phishing attacks involve users being victimised in private information scams through the use of Microsoft Visio files. According to a security firm called Perception Point, the trick mainly involves using the .vsdx file extension, used for business diagrams and flowcharts. It has been found that cyber attackers can embed malicious links in Visio files to circumvent most of the traditional checks a secured system carries out on users.


Why Visio files are a hacker's best friend

In particular, Microsoft Visio files are less often encountered by users due to being not as well known as other attachment types, for instance, PDFs or Word documents. This means that the files of the type Visio would be less likely to be considered suspicious by a security system, making them a good target for hackers who send phishing links secretly. All of this aside, Visio files themselves are transmitted via email attachments, which most users trust because they are all Microsoft tools.


How the Visio Phishing Attack Work


This is how the particular phishing scheme unfolds, according to Perception Point:

1. Accessed Accounts: Scammers first gain access to a legitimate account so they can use it to send their phishing email. This gives them a head over basic security checks since it is coming from a trusted source.

2. Email Content : It has an attachment which is a Visio file (.vsdx) or an Outlook email (.eml), and from what it looks like, it's authentic: probably a proposal or order for some kind of purchase.

3. Opening the File: As soon as the recipient clicks on the attachment to open it, they are taken to a SharePoint page, serving the Visio file. Thieves brand some of the hacked organisation's logos to give the document the look of authenticity.

4. Link in Visio document: Attackers will go and add a link within the Visio document titled "View Document." Users are encouraged to click with the Ctrl key in order to click on the link. It is thought that this behaviour should bypass many forms of automated security scanning. Once they have clicked on it, the victims are taken to a mock Microsoft log-in page that forces them to input their passwords, which are then stolen.


Phishing by Trusted Platforms

As Perception Point reports, phishing attacks using trusted Microsoft tools-SharePoint and Visio-have been rising alarmingly. Using credible tools creates layers of trust, which diminishes the chances of detection for phishers. Thus, Microsoft has warned users to look out for the potential abuse of its tool in phishing scams.

According to Perception Point, this phishing method utilises trusted tools from Microsoft, such as Visio and SharePoint-meaning cybercrooks adapt to evade detection. As per the same sources, these methods are designed to gain user trust and evade traditional systems in email security.

 Recommended Security Best Practices

The best practices to mitigate such advanced phishing are as follows for both organizations and individual users:
There is verification of the sender's identity before opening attachments from unknown or unfamiliar contacts.

Enable multi-factor authentication: In addition to the extra security multi-factor authentication has in place, it will be much harder for hackers to access your accounts without any kind of authentication

Stay updated on phishing techniques: Educate the employees to become aware of recognizing and avoiding attempts from hackers.

Advanced Email Security Tools: Implement tools that are now specifically designed to monitor unusual file types, including Visio files, with the aim of detecting emerging phishing strategies.

In this day and age of phishing scams, staying abreast and refreshing security protocol can definitely go a long way.



Read more »
Social Media attacks
Cyber Security Linkedln Perception Point phishing Social Media attacks

LinkedIn Users Targeted in Complex Phishing Scheme

 

LinkedIn Users Targeted in Complex Phishing Scheme A concerning security threat has emerged for users of the professional networking platform LinkedIn. Known as the "Microsoft Two-Step Phishing Campaign," this attack involves hackers using compromised profiles to deceive users and steal their sensitive information. 

It Starts With Exploiting Trust 

The attack begins innocently enough, with hackers taking control of LinkedIn profiles that users trust within their professional networks. These profiles appear normal but are actually manipulated by the attackers, who exploit the trust between users and their connections. 

Let’s Understand The Attack Tactic: Two Steps to Success 

The heart of this attack involves two stages. First, hackers combine stolen user accounts with a tricky phishing attack. They use a sneaky program called Snake, which targets not only LinkedIn but also Facebook users. Snake pretends to send legitimate messages but actually tricks users into downloading harmful software. 

Once installed, Snake quietly steals users' browsing data, giving hackers access to their accounts and compromising their security. This method shows how social media platforms, like LinkedIn, can unwittingly help cybercriminals steal important information and breach corporate systems. 

Furthermore, Perception Point's Enterprise Browser Security extension quickly caught a sneaky attack pretending to be Microsoft. It used sophisticated textual and image recognition AI models and found these suspicious key indicators: 

Logo Similarity: It found an image that was almost identical to the real Microsoft logo. 

Favicon Impersonation: The attack tried to fool users by using a small icon that looked like the one Microsoft uses for Outlook. 

Phoney Login Page: The attackers set up a login page that pretended to be from Microsoft. It asked for email addresses and passwords. 

URL Analysis: The extension checked the website's reputation and details like when it was created. It also looked for any weird stuff in the code. 

What It Means for You 

This new campaign highlights the urgent need for better security measures, especially on platforms like LinkedIn. As more people and businesses rely on these sites for networking, they must stay alert to the risks posed by hackers. This incident also shows how cybercriminals are constantly changing their tactics. 

To stay safe, it is essential for users and companies to not only have strong security systems in place but also to educate themselves about potential threats. In response to this growing danger, social media companies and cybersecurity experts must work together to develop strategies to protect users from phishing attacks and other online threats. 
Read more »
Subscribe to: Posts (Atom)