Latest news with #CriticalInfrastructure
Tahawul Tech
10 hours ago
- Tahawul Tech
OPSWAT report shows traditional detection methods are now being outpaced
OPSWAT has released its first-ever Threat Landscape report, which shows that traditional detection methods are now being firmly outplaced, whilst malware complexity has risen by a whopping 127% over the last 6 months. OPSWAT, has established itself as a global leader in critical infrastructure protection, and its report revealed key insights from over 890,000 sandbox scans in the last 12 months. This report offers a unique lens into the evolving nature of cyberthreats – and a staggering 1 in 14 files—initially deemed 'safe' by legacy systems—were proven to be malicious. This report is a call to action for industries relying on outdated defenses and the importance of multi-layered solutions. Key Findings: 127% Increase in Malware Complexity Behavioral telemetry revealed a 127% rise in multi-stage malware complexity over the past year. OPSWAT's sandbox uncovered layered threats designed to evade analysis, including obfuscated loaders such as NetReactor and evasive behaviors missed by traditional tools. These results show that modern malware intends to confuse, not flood, which is why OPSWAT's pipeline is purpose-built to unpack that complexity. Proactive Threat Detection OPSWAT analysis reclassified 7.3% of files that were silent across open-source intelligence (OSINT) feeds as malicious, on average 24 hours earlier than public data sources. These were confirmed executions, not speculative flags, highlighting how adaptive analysis can close dangerous gaps left by static and reputation-based systems. Campaign-Level Threat Correlation With 890,000+ sandbox scans, OPSWAT connects the dots across threats. It identifies shared TTPs, reused C2 infrastructure, and behavioral patterns across campaigns. This provides defenders with context-rich, actionable intelligence instead of noisy indicators. 99.97% Detection Accuracy OPSWAT's behavioral and machine learning pipeline delivers results. Aided by a newly enhanced PE emulator, the platform identified sophisticated threats such as: Clipboard hijacking via ClickFix Steganography-wrapped loaders C2 channels embedded in Google services .NET Bitmap malware loaders delivering Snake Keylogger payloads 'Our strength lies in precision, behavioral depth, and early visibility into emerging attacks,' said Jan Miller, Chief Technology Officer of Threat Analysis at OPSWAT. 'That's what sets OPSWAT apart in delivering high-fidelity, context-aware threat intelligence.' Why It Matters As critical infrastructure, government systems, and enterprise networks face growing targeting from increasingly modular and evasive malware, the findings of this report spotlight the evolving adversary playbook and the need for integrated, multilayered solutions. Cybersecurity leaders must now prioritize adaptability, shared intelligence, reassessing technology, and fast behavioral detection pipelines to protect systems from known threats, but also to keep pace with a rapidly evolving threat landscape and whatever is on the horizon. part of the OPSWAT MetaDefender Platform, powers advanced threat detection and file analysis across critical environments. Download the full report and learn more about OPSWAT's integrated pipeline at
Malay Mail
29-07-2025
- Business
- Malay Mail
Singapore to tighten cybersecurity law amid surge in state-linked hacking threats
SINGAPORE, July 29 — Critical infrastructure operators in Singapore will soon be required to report suspected advanced persistent threat (APT) attacks under new measures introduced in an amended Cybersecurity Act. The move, reported by The Straits Times, was announced by Minister for Digital Development and Information Josephine Teo at a cybersecurity forum on Monday. She said the requirement — part of broader changes to the law — is expected to take effect later in 2025 and will mandate reporting to the Cyber Security Agency of Singapore (CSA). The amendment follows the recent July 18 disclosure of state-linked cyber-espionage activity by group UNC3886, believed by experts to be China-linked. It's among several APT actors whose targeting of Singapore's critical systems has surged more than four-fold between 2021 and 2024. 'If organisations suspect they've been targeted, they cannot and should not confront the attackers on their own,' said Teo during the fifth Operational Technology Cybersecurity Expert Panel forum. 'These requirements will support the early detection of APT activities, and enable CSA to take more timely actions, together with other government agencies, to defend CII owners against the attacks.' APT actors are often state-sponsored and operate with significant resources, using stealthy tools to infiltrate high-value networks, steal data, or disrupt essential services. Singapore's 11 critical information infrastructure (CII) sectors include energy, water, land transport, healthcare, and government systems. Other sectors are aviation, maritime, security and emergency services, banking and finance, maritime, as well as infocomm. The Act was previously amended in 2024 to expand CSA's oversight to cloud and supply chain risks. CII operators are now required to report not only direct attacks but also any disruption stemming from service providers or third parties. With the latest revision, temporary systems supporting major events — such as vaccine distribution or international summits — will also fall under CSA's purview. This marks the first time Singapore has publicly acknowledged specific APT threats. 'We want the public to know these threats are real,' said Teo, citing recent global incidents including a Ukrainian malware attack that cut heating to 600 homes, and a breach in Norway that caused a dam to release seven billion litres of water. 'The threats you face are no longer simple ransomware attacks. APTs have you in their sights,' she warned CII operators. In response to the heightened threat level, CSA has convened a closed-door briefing with CII leaders and is ramping up collaboration across sectors. On July 29, the agency also signed a memorandum of collaboration with ST Engineering to jointly develop cybersecurity tools tailored to operational technology systems. CSA chief executive David Koh said the agency will continue partnering with global and local entities to share actionable threat intelligence. He also welcomed the formation of a new operational tech-focused special interest group by IT governance body ISACA, calling it crucial to improving information-sharing in the sector. 'A partnership approach will help to ensure a safe and resilient digital future for Singapore,' said Teo.
Globe and Mail
02-07-2025
- Business
- Globe and Mail
Orange Strengthens Sovereignty With New Defense & Security Division
Orange S.A. ORANY recently launched a new Defense & Security Division under Orange Business. The initiative aligns with Orange's long-term 'Lead the Future' roadmap with an emphasis on sovereign-critical verticals — particularly defense and homeland security in France and across Europe. As security threats evolve and the complexity of modern defense ecosystems intensifies, Orange is well-positioned to lead the critical transformation, delivering resilient, secure and sovereign digital infrastructure. Defense ministries, national security agencies and critical infrastructure providers demand digital tools that are not only innovative but also highly resilient, compliant and sovereign. With geopolitical tensions and cyber threats on the rise, governments and defense players are looking for trusted technology partners capable of operating at scale with regulatory integrity and mission-critical performance. The newly formed Defense & Security Division is designed to consolidate Orange's strengths into a single powerhouse. It brings together experts focused on accelerating the digital transformation of defense ministries, homeland security operators and the broader security industry ecosystem. The multifaceted goals of this specialized unit are to develop and scale resilient connectivity solutions for critical operations, hybridize military and civilian networks to ensure seamless, secure interoperability, host sensitive and classified data in compliance with stringent regulations, provide emergency communications infrastructure and deploy advanced cybersecurity tools and AI solutions to detect, protect and respond to emerging threats. Technological Backbone of ORANY's Infrastructure This new division is supported by the technological strength of Orange Business — the Group's enterprise-focused arm. Orange Business is known for delivering top-tier digital infrastructure and services, with the new division fully leveraging this core capability. Key assets include 45,000 km of terrestrial fiber optics, 2,500+ satellite antennas for extended coverage and remote operations, 450,000 km of submarine cables for global connectivity, along with the best service quality 5G network in France and Europe. This effort is further backed by Orange Cyberdefense, which has a robust footprint in cybersecurity across France and Europe. It brings cutting-edge cyber threat intelligence, detection and response capabilities, including Cyber Threat Intelligence tailored for critical infrastructure and defense clients. In the B2B segment, Orange Cyberdefense maintained steady growth of 8%, largely fueled by strong results in France. By creating a specialized division focused exclusively on defense and security, Orange is not only expanding its business but also aiding France and Europe to assert technological sovereignty in a world increasingly defined by digital structures. ORANY's Zacks Rank & Stock Price Performance Orange currently carries a Zacks Rank #4 (Sell). Shares of the company have soared 14.2% in the past three months compared with the Zacks Wireless Non-US industry 's growth of 16.9%. Stocks to Consider Some better-ranked stocks from the broader technology space are Juniper Networks, Inc. JNPR, Arista Networks, Inc. ANET and Ubiquiti Inc. UI. JNPR, ANET and UI carry a Zacks Rank #2 (Buy). You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Juniper is leveraging the 400-gig cycle to capture hyperscale switching opportunities inside the data center. The company is set to capitalize on the increasing demand for data center virtualization, cloud computing and mobile traffic packet/optical convergence. Juniper also introduced new features within the AI-driven enterprise portfolio that enable customers to simplify the rollout of their campus wired and wireless networks while bringing greater insight to network operators. In the last reported quarter, it delivered an earnings surprise of 4.88%. Arista delivered a trailing four-quarter average earnings surprise of 11.82% and has a long-term growth expectation of 14.81%. Arista currently serves five verticals, namely cloud titans (customers that deploy more than 1 million servers, cloud specialty providers, service providers, financial services and the rest of the enterprise. It supplies products to a prestigious set of customers, including Fortune 500 global companies in markets such as cloud titans, enterprises, financials and specialty cloud service providers. Ubiquiti's effective management of its strong global network of more than 100 distributors and master resellers improved its visibility for future demand and inventory management techniques. In the last reported quarter, Ubiquiti delivered an earnings surprise of 33.3%. Its highly flexible global business model remains well-suited to adapt to the changing market dynamics to overcome challenges while maximizing growth. Zacks' Research Chief Names "Stock Most Likely to Double" Our team of experts has just released the 5 stocks with the greatest probability of gaining +100% or more in the coming months. Of those 5, Director of Research Sheraz Mian highlights the one stock set to climb highest. This top pick is a little-known satellite-based communications firm. Space is projected to become a trillion dollar industry, and this company's customer base is growing fast. Analysts have forecasted a major revenue breakout in 2025. Of course, all our elite picks aren't winners but this one could far surpass earlier Zacks' Stocks Set to Double like Hims & Hers Health, which shot up +209%. Free: See Our Top Stock And 4 Runners Up Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Juniper Networks, Inc. (JNPR): Free Stock Analysis Report Arista Networks, Inc. (ANET): Free Stock Analysis Report Ubiquiti Inc. (UI): Free Stock Analysis Report Orange (ORANY): Free Stock Analysis Report
Yahoo
05-03-2025
- Business
- Yahoo
Dorchester County first critical infrastructure summit tackles security threats
DORCHESTER COUNTY, S.C. (WCBD) – Leaders in Dorchester County are holding their first Critical Infrastructure Summit to strengthen partnerships and enhance security in the county. Officials say in an era of evolving threats, proactive collaboration is the key to protecting Dorchester County's essential services. The summit will bring together key public and private sector stakeholders to strengthen partnerships, security, and resilience of critical infrastructure in the county. Officials say they will discuss the current threat landscape, mitigation strategies, and available resources with business leaders, infrastructure operators, emergency managers, and public safety professionals. 'A successful Critical Infrastructure Protection program relies on strong partnerships with private-sector stakeholders, who own and operate the majority of these essential assets,' said Dorchester County officials. County officials added those partners include SC Ports Authority, SC State Law Enforcement Division, Dominion Energy, FBI Columbia, and CISA. The meeting is scheduled on Thursday, March 6, beginning at noon at the Dorchester Emergency Operations Center. Copyright 2025 Nexstar Media, Inc. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.
