Threat Intelligence

9/11/2018
05:50 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

ThreatConnect Now Integrates with Dragos Worldview Intelligence

Security teams can act efficiently to identify malicious actors targeting worldwide industrial networks

September 11, 2018 - Arlington, VA - ThreatConnect, Inc.®, provider of the industry's only extensible, intelligence-driven security platform, is proud to announce its integration with Dragos WorldView intelligence, which delivers critical insight about threat activity groups specifically targeting industry control networks (ICS) worldwide.

With this integration, ThreatConnect users have the ability to import Reports and Indicators, along with all of their context, from the Dragos WorldView API into ThreatConnect. Users gain the necessary information and relevance to identify malicious actors and activity targeting industrial control networks globally. This knowledge enables industrial control system (ICS) defenders to make tactical and strategic recommendations about their environments quickly and confidently.

ThreatConnect VP of Product Andy Pendergast said, "Malicious actors are increasingly targeting OT (operational technology) networks. With Dragos Worldview intelligence integrated into ThreatConnect, we can bridge the gap that these actors often exploit between the IT and OT networks. Security teams are able to keep situationally aware of threats relevant to them, alert on any related activity to these threats in their IT networks and act on them efficiently with any of our dozens of integrations into their standard security controls.”

For more information about ThreatConnect’s integration with Dragos WorldView, we invite you to join us for our upcoming webinar, The Diamond: An Analyst’s Best Friend on Tuesday, September 18th at 2:00pm EST. To register or for more information, please visit: https://go.threatconnect.com/diamond-model-webinar

 

About ThreatConnect

ThreatConnect Inc.®, the pioneer in threat intelligence platforms, arms organizations with a powerful defense against cyber threats and the confidence to make strategic business decisions. Built on the industry's only extensible security platform, ThreatConnect provides a suite of products designed to meet the threat intelligence aggregation, analysis, automation, and orchestration needs of security teams at any maturity level. More than 1,600 companies and agencies worldwide use the ThreatConnect platform to integrate their security technologies, teams, and processes with relevant threat intelligence resulting in reduced detection and response time for enhanced asset protection. To register for a free ThreatConnect account or learn more, visit: https://www.threatconnect.com/

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How the US Chooses Which Zero-Day Vulnerabilities to Stockpile
Ricardo Arroyo, Senior Technical Product Manager, Watchguard Technologies,  1/16/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security 2018
This Dark Reading Tech Digest explores the biggest news stories of 2018 that shaped the cybersecurity landscape.
Flash Poll
How Enterprises Are Attacking the Cybersecurity Problem
How Enterprises Are Attacking the Cybersecurity Problem
Data breach fears and the need to comply with regulations such as GDPR are two major drivers increased spending on security products and technologies. But other factors are contributing to the trend as well. Find out more about how enterprises are attacking the cybersecurity problem by reading our report today.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-3906
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 contains hardcoded credentials in the WCF service on port 9003. An authenticated remote attacker can use these credentials to access the badge system database and modify its contents.
CVE-2019-3907
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores user credentials and other sensitive information with a known weak encryption method (MD5 hash of a salt and password).
CVE-2019-3908
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 stores backup files as encrypted zip files. The password to the zip is hard-coded and unchangeable. An attacker with access to these backups can decrypt them and obtain sensitive data.
CVE-2019-3909
PUBLISHED: 2019-01-18
Premisys Identicard version 3.1.190 database uses default credentials. Users are unable to change the credentials without vendor intervention.
CVE-2019-3910
PUBLISHED: 2019-01-18
Crestron AM-100 before firmware version 1.6.0.2 contains an authentication bypass in the web interface's return.cgi script. Unauthenticated remote users can use the bypass to access some administrator functionality such as configuring update sources and rebooting the device.