Latest news with #SecurityInformationandEventManagement
Business Standard
01-08-2025
- Business
- Business Standard
Aeroflot Cyberattack Exposes Dangerous Gaps in Detection and Response: TechensGlobal Urges Critical Infrastructure to Act Now
India PR Distribution Bangalore (Karnataka) [India], August 1: The recent cyberattack on Aeroflot, Russia's largest airline, has shocked the global cybersecurity community -- not just because of the breach itself, but because of how long the attackers remained undetected. TechensGlobal, a global Managed Security Services Provider (MSSP) and a trusted cybersecurity delivery partner of TATA Tele Business Services, has called this incident a "wake-up call" for critical infrastructure sectors. Reports confirm that attackers remained inside Aeroflot's network for nearly a year, destroying multiple servers without triggering alarms or response -- a chilling demonstration of the absence of adequate threat detection and monitoring. "This is not just a breach -- this is a breakdown of cybersecurity fundamentals. When attackers can remain undetected for months and destroy servers silently, it reveals an alarming lack of internal visibility and external threat response," said Shijas Mohidheen, CEO of TechensGlobal. Silent Attacks Are the Deadliest Aeroflot's situation reflects a broader and increasingly dangerous trend: long-term dwell time attacks, where threat actors quietly observe, manipulate, and eventually sabotage networks -- all while remaining invisible to internal teams. "Too many organizations rely on outdated detection models. Signature-based and perimeter-focused approaches are no longer sufficient. Today's threats require behavior-based, real-time visibility -- with 24x7 human and AI-driven monitoring," Mohidheen added. What Went Wrong - And What Needs to Change The Aeroflot breach is believed to have exploited several critical gaps: -Absence of Network Detection and Response (NDR) -No real-time Privileged Access Management (PAM) controls -Lack of internal threat hunting capabilities -Incomplete Security Information and Event Management (SIEM) correlation -Minimal forensic readiness TechensGlobal's Proven Approach to Closing These Gaps As a strategic MSSP, TechensGlobal secures over thousands of organizations globally, including those in regulated and high-risk sectors, through: -24x7 Managed SOC & Threat Intelligence -SIEM, NDR, PAM, XDR, and Forensics -Zero Trust Security Architecture -Resilience audits and recovery playbooks -Cybersecurity for SMBs, large enterprises, and mission-critical infrastructure Now Is the Time for Action TechensGlobal is urging aviation, transport, telecom, healthcare, and energy sectors to rethink their security posture, with a focus on: -Immediate threat surface review -Real-time detection through NDR and XDR platforms -Deploying privilege and access governance controls -Partnering with specialized MSSPs for 24x7 coverage "This is no longer about if -- it's about when. Organizations must shift from a compliance-driven mindset to a threat-informed defense strategy," said Mohidheen. About TechensGlobal TechensGlobal is a global cybersecurity MSSP based in India and the Middle East. As a trusted cybersecurity delivery partner of TATA Tele Business Services, TechensGlobal delivers scalable SOC, PAM, SIEM, SASE, XDR, and recovery services, securing digital transformation across enterprises and critical infrastructure.
Cision Canada
22-07-2025
- Business
- Cision Canada
DomainTools Announces Predictive Threat Feeds - Powering Preemptive Exposure Management
DomainTools' Real-Time Threat Feeds usher in a new way to mitigate risk, supported by seamless integrations and comprehensive DNS coverage. SEATTLE, July 22, 2025 /CNW/ -- DomainTools, the global leader in domain and DNS threat intelligence, today announced the release of Real-Time Feeds, which will transform users' security posture from reactive analysis to proactive detection and mitigation. Supported by coverage of 97% of the Internet and seamless integrations with leading security platforms, Real-Time Feeds grant visibility into potentially risky infrastructure faster than anyone. Security teams will discover new, high-risk domains and hostnames as they're created, enabling them to mitigate these threats before they can be weaponized. "Centripetal leads the industry in operationalizing global threat intelligence to proactively protect our CleanINTERNET customers from all known cyber threats. DomainTools has been a valued strategic partner for years, and in 2024, we leveraged over 99.9% of their feed data to prevent domain-related incidents—contributing to our exceptionally low false positive rate across 1.2 trillion indicators," said Dave Ahn, Chief Architect and VP at Centripetal. "Through close collaboration this year, we were among the first to adopt DomainTools' Real Time Feeds and API, reducing the time from threat discovery to active prevention to under one minute. This level of speed and accuracy effectively closes the window for domain-based attacks. DomainTools has set a new standard for real-time, high-fidelity intelligence—critical to any modern, proactive defense strategy." In addition to proactive defense through blocking, Real-Time Feeds also accelerate incident response and threat detection. Security Operations Center (SOC), Network Operations Centers, and Incident Response (IR) teams can leverage feeds to spot and respond to devices connecting to new or high-risk domains, all within the context of their Security Information and Event Management (SIEM), Threat Intelligence Platform (TIP), or Security Orchestration, Automation, and Response (SOAR) solution. And with the DomainTools Risk Score powering feeds such as Real-Time Domain Hotlist, teams can confidently prioritize threats based on their risk level, reducing alert fatigue. "We are confident that Real-Time Feeds will transform our customers' ability to achieve a proactive security posture," said Dan White, Principal Product Manager at DomainTools. "Any security team can benefit from the speed and coverage our feeds now provide, putting them in a position of proactive defense, and enabling them to get even more value out of their existing investments in security tooling like TIPs and SIEMs. Our new feeds and real-time delivery enable significantly faster visibility into emerging threats compared to traditional threat intelligence." Moreover, Real-Time Feeds offer powerful support for critical security operations, including fraud prevention and brand protection. With instant visibility into rapidly-changing online threats such as domains that mimic an organization, its supply chain, or partners, security teams can swiftly detect and respond to impersonation attempts, safeguarding brand integrity and reducing risk. General Availability for Real-Time Feeds in September: Domain Risk Domain Hotlist Domain Discovery Newly Observed Domains Newly Active Domains Newly Observed Hostnames Visit our product page to learn more about DomainTools Feeds and request a demo today. DomainTools is the global leader for Internet intelligence and the first place security practitioners go when they need to know. The world's most advanced security use our solutions to identify external risks, investigate threats, and proactively protect their organizations in a constantly evolving threat landscape. For more information, visit
Business Upturn
18-07-2025
- Business
- Business Upturn
Advanced Networks Transforms IT Support in LA to Improve Network Security and Safeguard Businesses
Los Angeles, July 17, 2025 (GLOBE NEWSWIRE) — Advanced Networks, a top provider of Managed IT Services and IT support in Southern California, is tackling the pressing need for better network security among businesses in Los Angeles. Strong security measures are vital in protecting sensitive information and ensuring that businesses can keep operating smoothly. The company sees IT Support Los Angeles as a crucial element in boosting network security for local businesses. The heart of Advanced Networks' security approach is proactive threat detection and monitoring. With round-the-clock network monitoring, businesses can spot threats in real time, which lowers the chances of data breaches. Tools like Security Information and Event Management (SIEM) are used for ongoing threat analysis and log monitoring, securing networks against potential cyber threats. A company representative emphasizes, 'Advanced Networks is committed to providing comprehensive IT Consulting Los Angeles services tailored to the unique needs of each business. Our flexibility in adjusting security protocols ensures businesses remain resilient as they grow or face new challenges.' Routine risk assessments and managing vulnerabilities are key parts of Advanced Networks' strategy. By regularly assessing vulnerabilities, the company finds weaknesses and possible threats within networks. They also conduct penetration testing to uncover security holes that could be exploited. This proactive approach helps businesses strengthen their defenses and stay one step ahead of cybercriminals. Proper firewall and network configuration management are vital in Advanced Networks' security solutions. Configuring firewalls, routers, and network devices correctly prevents unauthorized access. Network segmentation further limits access and reduces the potential impact of breaches. These strategies form a cohesive defense system, shielding businesses from various cyber threats. Protecting data through encryption and secure communication is a priority for Advanced Networks. Encrypting sensitive business data helps safeguard clients from data theft. Using secure communication protocols like SSL/TLS ensures that emails, transactions, and other data exchanges stay safe from interception. This two-pronged approach to data protection boosts the overall security of businesses. Training employees to stay alert to threats is a fundamental part of the company's security framework. IT support staff educate employees on recognizing and handling phishing, social engineering, and other threats. Continuous security awareness programs keep staff informed and alert to new threats, cultivating a culture of cybersecurity awareness within organizations. Advanced Networks highlights the importance of disaster recovery and business continuity planning. A robust disaster recovery plan is vital for restoring operations after an attack or data loss. IT support services focus on regularly backing up data and testing backup recovery methods to lessen downtime during cyberattacks. This thorough approach to disaster recovery helps minimize disruptions and enables businesses to quickly resume operations. Advanced Networks also excels in helping businesses meet compliance standards. The company's IT support assists with complying with important regulations like HIPAA, PCI-DSS, and GDPR. By ensuring networks and systems follow industry standards and best practices, Advanced Networks helps protect the security and privacy of data for businesses in various sectors. Securing devices and endpoints is a fundamental part of Advanced Networks' services. Endpoint protection tools protect all devices connected to a network, from desktops and laptops to mobile devices. Mobile Device Management (MDM) solutions secure company devices used by remote or traveling employees, enhancing overall security. Handling security incidents and remediation is central to the company's offerings. Advanced Networks can quickly respond to security events, limit damage, and look into breaches. Their remediation efforts restore affected systems, secure data, and implement measures to avoid future attacks. The company's dedication to crafting tailored security solutions means businesses get protection that suits their specific needs. The flexibility of Managed IT Services Los Angeles allows security strategies to evolve with growing demands in the industry. By focusing on custom solutions, Advanced Networks gives businesses a strategic edge in protecting their operations. IT Support Los Angeles Through a wide range of services, Advanced Networks delivers the tools and expertise needed to effectively secure business networks. By prioritizing proactive security measures, regulatory compliance, and personalized solutions, the company positions itself as a trusted partner in defending businesses against cyber threats. Visit the Advanced Networks website to learn more about how they can help secure one's business. ### For more information about Advanced Networks, contact the company here: Advanced NetworksAdvanced Networks(213) 873-7620 [email protected] L.A. Office10960 Wilshire Blvd. #1415 Los Angeles, CA 90024
&w=3840&q=100)
Business Standard
02-07-2025
- Business
- Business Standard
Railways building AI-based integrated security centre, analytics platform
The Ministry of Railways' information technology (IT) backbone — the Centre for Railway Information Systems (CRIS) — has undertaken two major initiatives to secure the digital infrastructure of Indian Railways and streamline its information and operations systems. These include an integrated Security Operations Centre for Indian Railways (IRSOC) and an enterprise-wide analytics framework, CRIS said in a report marking its 40th Foundation Day. 'The implementation of IRSOC will significantly enhance the cybersecurity monitoring capabilities of Indian Railways, leading to a substantial reduction in Mean Time to Detect and Mean Time to Respond through the deployment of advanced security solutions such as Security Information and Event Management (SIEM), Security Orchestration Automation and Response (SOAR), Endpoint Detection and Response (EDR), and Network Detection and Response (NDR),' the report stated. The analytics framework will function by unifying data from various applications into a single Artificial Intelligence/Machine Learning (AI/ML)-enabled decision support system. With a data-driven approach leveraging descriptive, diagnostic, predictive, prescriptive, and cognitive analytics, CRIS aims to significantly improve operational efficiency, safety, asset management, and passenger services. Some of the areas where Indian Railways is looking to implement this decision support system include the growth of freight and passenger revenue, increasing market share, and improving profitability. It will also be used to enhance passenger safety and monitor asset performance and inventory levels. Moreover, the ministry has sought the guidance of Vinod Dham — popularly known as the 'Father of the Pentium Chip' — who has advised the Railways to incorporate modern technologies such as blockchain-based management of contracts and freight movement to ensure tamper-proof cargo tracking. He also recommended the adoption of data-driven, dynamic passenger and freight pricing models similar to those used in the aviation sector. Such models would incentivise off-peak travel, optimise seat utilisation, and enable customised freight pricing, Dham said.
Hindustan Times
28-06-2025
- Business
- Hindustan Times
Navigating compliance challenges with integrated security platforms
Security and compliance may serve different purposes, but they're deeply interconnected. Treating them as separate often creates more problems than it solves. For many organisations, regulatory requirements feel like a moving target: Complex, time-consuming, and not always aligned with everyday security challenges. But the truth is, when compliance is built into the very fabric of security operations—how threats are detected, monitored, and responded to—it stops being a burden. With the right approach, compliance becomes a natural outcome of strong cybersecurity practices: Automated, intelligent, and seamlessly integrated into how an organisation protects itself in a fast-changing cyber threat landscape. Digital security(Representative image) Traditional compliance methods are tedious—massive log files, never-ending audits, and time-consuming investigations. That's where security analytics and automation come in. With the right tools, organisations can move from labour-intensive compliance processes to an integrated, data-driven approach. SIEM (Security Information and Event Management): Compliance starts with visibility. SIEM ingests, normalises, and correlates security data in real time, ensuring businesses meet logging and reporting requirements effortlessly. Compliance starts with visibility. SIEM ingests, normalises, and correlates security data in real time, ensuring businesses meet logging and reporting requirements effortlessly. SOAR (Security Orchestration, Automation, and Response): Compliance isn't just about collecting logs—it's about responding to incidents efficiently. With automated workflows, SOAR ensures threats are contained before they turn into compliance violations. Compliance isn't just about collecting logs—it's about responding to incidents efficiently. With automated workflows, SOAR ensures threats are contained before they turn into compliance violations. UEBA (User and Entity Behaviour Analytics): Regulations demand proof that organisations can detect and prevent insider threats and anomalies. UEBA continuously analyses user behaviour to flag anything suspicious before it becomes a full-blown incident. Instead of seeing compliance as a burden, organisations that leverage an integrated security platform experience it as a built-in advantage: an automated, intelligent process that strengthens security while reducing human error and operational fatigue. Every industry has its own regulatory maze. Whether it's financial services, health care, or retail, security teams constantly battle evolving laws and growing cyber risks. In banking and financial services, institutions must adhere to stringent regulations such as Know Your Customer (KYC), Anti-Money Laundering (AML) policies, and Reserve Bank of India (RBI) guidelines. These requirements demand constant vigilance, and SIEM solutions play a crucial role by continuously monitoring transactions and user activity, while UEBA detects anomalies indicative of fraud or insider threats. In health care, patient data protection is paramount under regulations like the Health Insurance Portability and Accountability Act (HIPAA) in the US and India's Digital Personal Data Protection (DPDP) Act. SOAR enables hospitals and health care institutions to automate incident response, reducing reaction times and minimising the risk of compliance breaches. Retail and e-commerce businesses, on the other hand, face the ongoing challenge of maintaining Payment Card Industry Data Security Standard (PCI DSS) compliance to protect customer transactions. With high transaction volumes and multiple access points, real-time monitoring is critical. Advanced security platforms ensure that every transaction and access request is scrutinised, minimising exposure to fraud and unauthorised activities. These aren't theoretical benefits—they're the realities businesses face every day. Organisations that embrace a compliance-first mindset, powered by security automation and intelligence, don't just mitigate risks—they create a safer, more predictable operational environment. Audits can be painful. A single misstep can lead to fines, reputational damage, and even legal consequences. But what if compliance wasn't just about avoiding penalties? What if it actually gave businesses a strategic advantage? By implementing an integrated security approach, organisations get automated compliance reporting (no more scrambling to gather logs or generate reports). Real-time risk detection resolves security breaches before they turn into compliance nightmares. There is enterprise-wide visibility—a single pane of glass for security and compliance—making governance smoother than ever. What starts as a compliance investment quickly becomes an organisation's strongest cybersecurity asset. This shift from reactive to proactive security strategies is essential in today's dynamic threat landscape. Cybersecurity and compliance are evolving in lockstep. As new threats emerge, regulations will continue to tighten, making it even more critical for organisations to embrace advanced security solutions. Here's what we can expect in the foreseeable future. With Artificial Intelligence (AI)-driven compliance, we can leverage machine learning for smart, fast regulatory monitoring. The zero-trust enforcement ensures security at every access point, and not just at the perimeter. With cloud-first security strategies, compliance models are able to adapt to hybrid and multi-cloud environments. Automated threat containment reduces dwell time and manual intervention through AI-driven responses. And the rise of global standardisation with cross-border regulations pushes businesses to adopt unified compliance strategies. The future isn't about choosing between compliance and security—it's about making them one and the same. Organisations that rely on manual processes will struggle to keep up with the pace of regulatory changes and cyber threats. An automated, intelligence-driven approach is no longer optional; it is a necessity. Cybersecurity isn't just a cost centre—it's a business enabler. Organisations that invest in integrated security platforms future-proof their operations against evolving threats. Compliance shouldn't be reactive; security shouldn't be an afterthought. By integrating SIEM, SOAR, and UEBA, businesses can build a resilient, future-ready security armour. As regulations continue to evolve and cyber threats grow in sophistication, the need for an automated, intelligence-driven security strategy has never been greater. Securonix's advanced approach to SIEM, SOAR, and UEBA empowers organisations to turn compliance from a burden into a business advantage. Because when security is done right, compliance follows naturally. This article is authored by Dipesh Kaura, country director, India & SAARC, Securonix.
