Intelligent CISO Issue 07 | Page 12

news Fortinet acquires cloud-based threat analytics company ZoneFox ortinet, a global leader in broad, integrated and automated cybersecurity solutions, has completed the acquisition of ZoneFox Limited, a privately-held cloud-based insider threat detection and response company headquartered in Edinburgh, Scotland. The acquisition further enhances the Fortinet Security Fabric and strengthens Fortinet’s existing endpoint and SIEM security business. F The integration of ZoneFox’s award- winning Machine Learning-based threat-hunting technology will complement FortiClient endpoint security to provide endpoint detection and response (EDR) capabilities and will extend FortiSIEM with additional user entity behaviour analytics (UEBA) features, both on-premises and in the cloud. Fortinet expects that the new endpoint security capabilities provided by ZoneFox will allow enterprise organisations to better leverage Machine Learning to detect anomalous behaviour and provide an even faster response to insider threats. “Enterprise organisations are experiencing a dramatic increase in the number of endpoints and users accessing data and cloud resources, which is also increasing the need to defend against insider threats,” said Ken Xie, Founder, Chairman of the Board and Chief Executive Officer, Fortinet. 12 NEW DECRYPTION TOOL LAUNCHED TO SUPPORT VICTIMS OF GANDCRAB RANSOMWARE new tool has been developed to enable victims of the GandCrab ransomware to recover their files without giving into the demands of the criminals. A data recovery kit, developed by the Romanian Police in collaboration with its counterparts from Bulgaria, France, Hungary, Italy, Poland, the Netherlands, United Kingdom and United States, together with the security company Bitdefender and Europol, is now available for free on nomoreransom.org. A It is the most comprehensive decryption tool available to date for this particular ransomware family. It works for all but two existing versions of the malware (v.1,4 and 5), regardless of the victim’s geographical location. This tool was released shortly after the criminal group behind GandCrab made public decryption keys allowing only a limited pool of victims located in Syria to recover their files. GandCrab in a nutshell GandCrab is one of the most aggressive malware attacks in recent months, infecting nearly half a million victims since it was first detected in January 2018. Once GandCrab takes over a victim’s computer and encrypts its files, it demands a ransom ranging from US$300 to US$6,000. The ransom must be paid through virtual currencies known to make online transactions less traceable, such as DASH and Bitcoin. Issue 07 | www.intelligentciso.com