Monthly Archives: April 2019

Verint adds Anomaly Detection to its VoC solutions

Verint Systems, The Customer Engagement Company, announced the addition of Anomaly Detection as a powerful new capability to its expanding Voice of Customer (VoC) solutions.

Anomaly Detection is part of Verint’s analytics-rich solution that helps companies automate insights and prioritize improvements to customer experience (CX) that will drive the greatest business impact.

According to an August 2018 report from Forrester Research, AI technologies have the potential to make customer experience (CX) measurement programs more effective and efficient.

Powered by AI and machine learning algorithms, Verint’s new Anomaly Detection capability helps teams understand, in near real time, more about the key factors and causes contributing to a change in customer satisfaction, NPS, or other drivers.

Anomaly Detection acts as a ‘virtual CX analyst,’ enabling faster, smarter issue resolution and less risk of bias. Machine learning algorithms run in the background, and surface significant, sudden changes in CX scores and top possible causes by analyzing thousands of data combinations that would be impossible to do manually.

Key features include:

  • Constant monitoring of significant changes to NPS, CSAT or driver scores based on past and predicted performance
  • Rapid investigation of most likely causes behind sudden changes in CX
  • Real-time alerts via SMS or email to speed time to action and resolution

“Millions of customer interactions happen every day, creating more feedback and new ways to gain insights,” said Jaime Meritt, CTO and chief architect, Verint.

“Our advancements in automation and machine learning help companies run enterprise-strength VoC programs that capture and analyze feedback, monitor dips and surges to CX metrics in real time and connect that data to CX drivers and outcomes. Verint VoC gives companies what they need to automate and operationalize CX.”

from Help Net Security – News

Virtustream partners with Equinix Cloud Exchange and updates its platform

Virtustream, an enterprise-class cloud company and Dell Technologies business, announced a major expansion of its partnership with Equinix Cloud Exchange (ECX) and new platform updates to increase functionality, automation, speed-to-deployment and customer choice.

These enhancements cover all workloads, including mission-critical applications typically used for managing sensitive data like customer and financial details or patient information in the healthcare industry.

New connectivity options

Virtustream’s expanded partnership with ECX further extends network connectivity options to accelerate time-to-market for customers through simplified access to secure, reliable and high-performance direct connectivity for Virtustream Enterprise Cloud customers in North America and EMEA.

The expanded enhancements and support for the Equinix Cloud Exchange Fabric offers more customer control, minimizes security threats, and enables easier and faster connectivity access.

The expanded options include commercial Virtustream Enterprise Cloud nodes in North America and EMEA and a broader portfolio of private connectivity options building on existing IPSEC VPN, MPLS, and AT&T NetBond (selected markets) solutions, providing reduced complexity, simplified direct connectivity and vendor management enhancements.

While the portfolio provides secure, scalable and reliable connections to offer 99.999% availability-based QoS controls and low latency, the time-to-connect can be dramatically reduced from weeks to just hours in most cases. Furthermore, the Equinix Cloud Exchange Fabric provides streamlined private connectivity to all major hyperscale cloud providers for customers with multi-cloud requirements.

“We are delivering new innovations and capabilities at a rapid pace, so our customers can accelerate the value of their business,” said Deepak Patil, senior vice president, Cloud Platform and Services, Virtustream.

“Meeting our customers’ mission-critical needs to help them grow is at the core of our roadmap and we’ll continue to bring to market the kind of innovation and new offerings that unleash businesses and organizations to flourish in the clouds.”

Virtustream in the healthcare industry

Virtustream also announced the release of a major update to its enterprise-class Virtustream Healthcare Cloud. This update features new, advanced architecture components with improved flexibility and scale. Through improved automation, customers can greatly simplify the deployment and migration of EHR systems hosted in the Virtustream Healthcare Cloud.

Additionally, with this new release, Virtustream now supports the use of VMware Horizon for secure and flexible application access. With this update, Virtustream’s healthcare customers can improve their business agility, allowing for rapid access to a broad range of market-leading tools from Dell Technologies.

from Help Net Security – News

ZeroNorth raises $10M to accelerate its focus on software and infrastructure risk management

ZeroNorth, the security industry’s first provider of orchestrated risk management, launched with a $10 million Series A investment led by ClearSky Ventures with participation from Crosslink Capital, Rally Ventures and existing investor Petrillo Capital.

The funding will enable ZeroNorth, formerly known as CYBRIC, to accelerate its newly-extended focus on software and infrastructure risk management by strengthening research and development, and investing in sales, marketing and services to meet growing demand for its platform. This round brings the company’s total funding to $18.6 million.

Organizations including Rodan & Fields, the University of Massachusetts and Zerto rely on ZeroNorth to proactively manage software and infrastructure risks as the pace of digital transformation continues to accelerate.

“Today every organization is in the software business. Software and the infrastructure it runs on are critical assets and continuous deployment is essential – but not at the expense of security,” said Peter Kuper, managing director at ClearSky Ventures.

“ZeroNorth makes it possible for organizations to have both fast and secure production software – something that was considered incompatible before. Most importantly, ZeroNorth makes it possible for organizations to easily discover and remediate vulnerabilities without disrupting the software development process. Its orchestration platform will be critical to protecting this software-defined world and why we are so excited to be a supporter of this effort.”

ZeroNorth accelerates and scales proactive software and infrastructure risk management by continuously orchestrating the discovery and remediation of vulnerabilities. Its “mission-control” orchestration platform enables organizations to construct and manage an automated and consistent software security program.

As a result, the platform directly provides board-level visibility into business risk, the assurance of better security, continuous proof of compliance and a more cost-effective risk management program.

Traditionally, organizations rely on multiple scanning tools to identify vulnerabilities in different phases of development, deployment and operation. However, each tool classifies vulnerabilities differently, has its own console and requires a dedicated employee to manage it.

Among the many challenges to this approach, it does not allow for a single, full-stack view of the constantly changing risks inherent in continuous deployment. In addition, relying on disconnected tools becomes expensive and difficult to staff amid a widening talent gap in cybersecurity. ZeroNorth transforms these manual and siloed efforts into an orchestrated, comprehensive and real-time discovery and remediation process.

“ZeroNorth gives us the visibility and assurance that we’re lowering risks to the organization. And it does so while reducing the staffing requirements for implementing and managing existing scanning tools and increasing their collective value,” said Amit Bhardwaj, vice president, IT security and compliance at Rodan & Fields.

“ZeroNorth is an important partner that gives us confidence in our security posture.”

Expanded focus, expanded team

As a result of this funding round, Peter Kuper and Patrick Heim from ClearSky Ventures, and Art Coviello from Rally Ventures will join Enrico Petrillo and Ernesto DiGiambattista on ZeroNorth’s board of directors. In addition, the company welcomes John Steven as its new chief technology officer (CTO) and Alan Deane as vice president of worldwide sales.

With more than two decades of software security experience and specific expertise in threat modeling, security architecture, static analysis and security testing, John Steven will lead ZeroNorth’s technical direction in defining and delivering solutions that will enable organizations to improve security through their digital transformation journey.

Prior to joining ZeroNorth, John was senior director at Synopsys, served as co-CTO at Cigital and was co-founder and CTO of Codiscope. John will team with vice president of engineering Andrei Bezdedeanu to drive innovation in the ZeroNorth platform that enables organizations to stay ahead of the ever-evolving threat landscape.

Alan Deane has more than two decades of experience leading worldwide sales organizations for cybersecurity startups and established industry players. He was most recently vice president of worldwide sales at DFLabs and spent six years as vice president of worldwide sales and field operations at Qumas. He served similar stints as vice president of the sales-risk & compliance business unit at McAfee, and vice president of sales at Foundstone.

“Proactively managing security and risk is about more than application security testing orchestration. Application vulnerability correlation and threat vulnerability management are important pieces of the puzzle that we’re delivering for customers grappling with the realities of digital transformation and managing risk in new environments,” said Ernesto DiGiambattista, ZeroNorth’s CEO and founder.

“We now have a broader focus that called for an expanded team and a new brand to match. With these pieces in place and the support of world-class investors, we’re ready to make proactive security a reality for organizations worldwide.”

from Help Net Security – News

Data: E-Retail Hacks More Lucrative Than Ever

For many years and until quite recently, credit card data stolen from online merchants has been worth far less in the cybercrime underground than cards pilfered from hacked brick-and-mortar stores. But new data suggests that over the past year, the economics of supply-and-demand have helped to double the average price fetched by card-not-present data, meaning cybercrooks now have far more incentive than ever to target e-commerce stores.

Traditionally, the average price for card data nabbed from online retailers — referred to in the underground as “CVVs” — has ranged somewhere between $2 and $8 per account. CVVs are are almost exclusively purchased by criminals looking to make unauthorized purchases at online stores, a form of thievery known as “card not present” fraud.

In contrast, the value of “dumps” — hacker slang for card data swiped from compromised retail stores, hotels and restaurants with the help of malware installed on point-of-sale systems — has long hovered around $15-$20 per card. Dumps allow street thieves to create physical clones of debit and credit cards, which are then used to perpetrate so-called “card present” fraud at brick and mortar stores.

But according to Gemini Advisory, a New York-based company that works with financial institutions to monitor dozens of underground markets trafficking in both types of data, over the past year the demand for CVVs has far outstripped supply, bringing prices for both CVVs and dumps roughly in line with each other.

Median price of card not present (CNP) vs. card-present (CP) over the past year. Image: Gemini

Stas Alforov, director of research and development at Gemini, says his company is currently monitoring 55 underground stores that peddle stolen card data — including such heavy hitters as Joker’s Stash, Trump’s Dumps, and BriansDump.

Contrary to popular belief, when these shops sell a CVV or dump, that record is then removed from the inventory of items for sale, allowing companies that track such activity to determine roughly how many new cards are put up for sale and how many have sold. Underground markets that do otherwise quickly earn a reputation among criminals for selling unreliable card data and are soon forced out of business.

“We can see in pretty much real-time what’s being sold and which marketplaces are the most active or have the highest number of records and where the bad guys shop the most,” Alforov said. “The biggest trend we’ve seen recently is there appears to be a much greater demand than there is supply of card not present data being uploaded to these markets.”

Alforov said dumps are still way ahead in terms of the overall number of compromised records for sale. For example, over the past year Gemini has seen some 66 million new dumps show up on underground markets, and roughly half as many CVVs.

“The demand for card not present data remains strong while the supply is not as great as the bad guys need it to be, which means prices have been steadily going up,” Alforov said. “A lot of the bad guys who used to do card present fraud are now shifting to card-not-present fraud.”

One likely reason for that shift is the United States is the last of the G20 nations to make the transition to more secure chip-based payment cards, which is slowly making it more difficult and expensive for thieves to turn dumps into cold hard cash. This same increase in card-not-present fraud has occurred in virtually every other country that long ago made the chip card transition, including AustraliaCanadaFrance and the United Kingdom.

The increasing value of CVV data may help explain why we’ve seen such a huge uptick over the past year in e-commerce sites getting hacked. In a typical online retailer intrusion, the attackers will use vulnerabilities in content management systems, shopping cart software, or third-party hosted scripts to upload malicious code that snarfs customer payment details directly from the site before it can be encrypted and sent to card processors.

Research released last year by Thales eSecurity found that 50 percent of all medium and large online retailers it surveyed acknowledged they’d been hacked. That figure was more than two and a half times higher than a year earlier.


Much of the media’s attention has been focused on recent hacks against larger online retailers, such those at the Web sites of British Airways, Ticketmaster, and electronics giant NewEgg. But these incidents tend to overshadow a great number of “low-and-slow” compromises at much smaller online retailers — which often take far longer to realize they’ve been hacked.

For example, in March 2019 an analysis of Gemini’s data strongly suggested that criminals had compromised, an Oklahoma-based business that sells tickets to a range of sporting events and concerts. Going back many months through its data, Gemini determined that the site has likely been hacked for more than two years — allowing intruders to extract around 4,000 CVVs from the site’s customers each month, and approximately 35,000 accounts in total since February 2017. did not respond to requests for comment, but an individual at the company who answered a call from KrebsOnSecurity confirmed Ticketstorm had recently heard from Gemini and from card fraud investigators with the U.S. Secret Service.

“It’s not just large sites getting popped, it’s mostly small to mid-sized organizations that are being compromised for long periods of time,” Alforov said. “Ticketstorm is just one of ten or twenty different breaches we’ve seen where the fraudsters sell what they collected and then come back and collect more over several years.”

In some ways, CVVs are more versatile for fraudsters than dumps. That’s because about 90 percent of dumps for sale in the underground do not come with other consumer data points needed to complete a various online transactions — such as the cardholder’s name or billing address, Gemini found.

This is particularly true when CVV data is collected or amended by phishing sites, which often ask unwitting consumers to give up other personal information that can aid in identity theft and new account fraud — including Social Security number, date of birth and mother’s maiden name.

All of which means e-commerce retailers need to be stepping up their game when it comes to staving off card thieves. This in-depth report from payment security firm Trustwave contains a number of useful suggestions that sites can consider for a defense-in-depth approach to combating an increasingly crowded field of criminal groups turning more of their attention toward stealing CVV data.

“There is a lot more incentive now than ever before for thieves to compromise e-commerce sites,” Alforov said.

from Krebs on Security