Internet Society’s Online Trust Alliance Reports Cyber Incidents Cost $45B in 2018
Versa Networks Achieves NSS Labs Recommended Rating in the 2019SD-WAN Group Test with its Security-Enabled SD-WAN
QNAP Announces Limited-Time Special Offer of McAfee Antivirus for QNAP NAS at Computex 2019
InfiNet Wireless partners with Maicrotel SAS to complete major security overhaul at South American port
HID Global Teams with The World’s Top Turnstile Manufacturers to Bring Mobile Access to Lobby Security
‘Ransomware’ and ‘Cryptojacking’ Mining Cryptocurrency Declined, While ‘Formjacking’ Stealing Credit Card Information Increased
telent and Innaxys launch first UK-centric digital evidence management solution to cut police costs and increase conviction rates
Ziften Announces Rapid Adoption of its Cloud-Delivered Endpoint Protection Plus Visibility and Hardening Platform (EPP+)
JASK Enhances Multi-Cloud Monitoring Capabilities in ASOC Platform
QNAP Releases QVR Pro Unlimited Playback for Playing Recordings Older than 14 Days
SK Infosec EQST Regular Media Day : IoT Hacking and Privacy Invasion
On the morning of January 30th, SK Infosec held EQST regular media day at Ferrum Tower in Jung-gu, Seoul. The media day was held by SK Infosec to show the hacking demonstration and presentation on the theme of IoT (Internet of Things) hacking and privacy invasion. The officials including Jae-woo Lee EQST group leader, Tae-hyung Kim EQST Lab chief and Hyung-wook Jang EQST group and Lab expert member attended the event. EQST is a security expert group of SK Infosec, which is involved in cyber threat analysis and research as well as responding to security incidents at the actual hacking incidents. In addition, the announcement of this day cited the results of domestic and overseas institutions' investigation and warned of the explosion of IoT devices and the risk of hacking on home IoT devices. ▲ SK Infosec’s EQST regular media day was held. ▲ Tae-hyung Kim EQST Lab chief got the presentation. According to the announcement, the number of devices connected to the Internet worldwide exceeds 17 billion in 2018. Among the 17 billion devices activated, the number of IoT-related devices reached 7 billion, and in 2025, it is expected to exceed 20 billion. As a result, the number of new vulnerability reports and rewards in Korea is on a year-on-year increase. Specifically, in 2018, 80% of IoT attacks were Satori and Mirai botnet. Mirai botnet operates in the way of scanning and accessing IoT devices with malicious administrator accounts, spreading malignant codes, and generating a DDoS (Distributed Denial of Service) attack with a massive botnet consisting of IoT devices. According to Mirai botnet’s analysis of the degree of infection by country, Korea was ranked as 8th place with 4%, but it is never safe since Japan, which has larger area than Korea, showed lower percentage. Mirai botnet is not a new method but an existing method, but IoT devices are vulnerable and can be easily attacked by Mirai botnet. Moreover, the survey on information protection in 2017 said that the most popular products for domestic IoT users are smart home devices and the key concerns were the increase in management vulnerabilities, threat of personal information infringement, and the strength and possibility of cyber-attack. The IoT devices with insufficient security can be used as a tool for hacker’s attack by being accessed through the system with account information that can be acquired from the Internet. In fact, it was introduced that it is easy to acquire IoT device administrator account information simply by searching 'default password' on a portal site. Next, the cases of privacy invasion through IoT hacking were introduced. First, the cases of stealing private video files through the unauthorized remote access to IP cameras with the acquired information from web server hacking were mentioned. For example, there was a case of hacking home IoT devices for companion animals, which had a lot of problems last year, or hacking baby monitors installed for babies in the United States. There was also a case of hacking a smart toy with a microphone or speaker to remotely control the device and steal personal information stored in the server. Furthermore, at the beginning of this year, there was another case that the door was opened by a hacker through hacking the signal occurred when the digital door lock is opened. ▲ Domestic new vulnerability reports/awards are on a year-on-year increase, and 80% of IoT attacks in 2018 were found to be Satori and Mirai botnets. ▲ The privacy invasions through IoT hacking were presented. The cases of webcam hacking were announced. As hacking cases of webcams such as laptop cameras and CCTVs increased, the Ministry of Science and ICT conducted a monitoring service, resulting in a sharp decrease in the number of cases from 3,568 in the first quarter of 2018 to 256 in the third quarter. The continuous monitoring by government has reduced the number of webcam hackings, but many images are still being exposed in real time. The first example is the Russian ‘Incecam’ site. Incecam collects pages that do not change the default setting values such as administrator ID and password through GHDB&Shodan in the site, so that it can view CCTVs of the country in real time through the weak webcam list in the main homepage. In addition, it discloses information about CCTVs using the fact that there is no authentication procedure in the CCTV management mode. Moreover, IP Scanner, which scans the neighboring IPs for accessing and manipulating vulnerable webcams after logging in through the unchanged default settings, such as administrator ID and password, was introduced. Likewise, there was a case of stealing webcam recording files by accessing with ID, password, and telnet service through port scan after accessing unchanged open AP (webcam for server storage) and determining the IP that is currently using webcam. EQST recommended setting a different secure password for each webcam product and performing regular firmware updates for webcams and AP devices as security measures for these IoT devices. In addition, EQST introduced ‘IoT product security certification service’ from KISA, and proposed to follow ‘mandatory setting and change of initial password for IP camera and CCTV’, which will be implemented from February. Tae-hyung Kim EQST Lab chief said, “As Web services evolve, hackers enjoyed making money by hijacking personal information, and the growing number of IoT devices has become an interesting content for these hackers. So, the spread of 5G is expected to lead to more intrusive privacy violations in our lives. Although there are many types of webcam hacking, it is important to remember that simply changing the password greatly reduces the risk of hacking, since most hackers target at the devices with default administrator and password setting.” What’s more, the case of Dark Web was introduced – it is accessible only with certain software such as Tor (The Onion Routing) and it cannot be accessed through a normal browser or domain. As a result, contract murders, drugs, illegal video distribution, and illegal transactions take place, and the invasion problems including personal information and video of famous foreign celebrities, IP camera hacking video, and webcam arise. Lastly, Jae-woo Lee EQST group leader announced that EQST will progress security for expanding IoT diagnosis area and systematizing. Through security consulting on IoT devices, EQST will analyze IoT environment, identify threats according to information protection areas, analyze and evaluate risks, and demonstrate security solutions through simulation hacking. Moreover, a guide to security consulting and mock hacking will also be provided. As for DSaaS service, industrial safety services and power/energy/building facility management services will be offered. ▲ According to the monitoring service by the Ministry of Science and ICT, the number of webcam hacking has dramatically decreased. ▲ Jae-woo Lee, EQST Group Leader ▲ EQST announced that it will carry out security for expansion of IoT diagnosis area and systematization.
HID Global and Phunware Collaborate to Improve Wayfinding for Patients and Visitors within Hospitals
HID Global®, a worldwide leader in trusted identity solutions, and Phunware, Inc. (NASDAQ: PHUN), a fully integrated enterprise cloud platform for mobile that provides products, solutions, data and services for brands worldwide, today announced their collaboration to improve the experience for hospital patients and visitors to find their way within medical facilities, using wayfinding on their mobile phones. Wayfinding is indoor navigation to guide a person step-by-step on the way to a desired destination. “The combination of Phunware’s market-leading wayfinding and mobile engagement capabilities with innovative HID Location Services will ultimately revolutionize wayfinding within healthcare institutions,” said Phunware co-founder and CEO Alan S. Knitowski. “It’s easy for visitors and patients to get lost in hospitals, and every time they do it puts appointment times and patient satisfaction at risk. With our location-aware app on a mobile device, we equip the visitor to get instant, turn-by-turn navigation that creates a better experience than that which is currently available on the market.” Phunware and HID are addressing the need of healthcare institutions to deploy standardized technology to provide a better wayfinding and visitor engagement experience inside the hospital, across campus and even in parking lots. “Wayfinding is one more application that we are integrating into HID’s unified healthcare IoT solution to make it easier for healthcare systems to manage a growing demand for automated and streamlined experiences,” said Rom Eizenberg, Vice President of Sales, Bluvision, part of HID Global. “With HID technologies, we have changed the location-aware landscape, delivering location as a service. Now, healthcare organizations can easily lay out the foundation for IoT applications, such as wayfinding.” HID’s healthcare IoT solution-enablement platform simplifies the delivery of real-time location of clinicians, patients and devices. The platform is enabled by Bluvision (part of HID Global). Phunware’s Multiscreen-as-a-Service (MaaS™) platform also provides enterprise-level mobile wayfinding, engagement, data and more for other vertical markets, including retail, residential, hospitality, media and entertainment and more.
The international reference guidelines for assessing information security controls have just been updated to help
For any organization, information is one of its most valuable assets and data breaches can cost heavily in terms of lost business and cleaning up the damage. Thus, controls in place need to be rigorous enough to protect it, and monitored regularly to keep up with changing risks. Developed by ISO and the International Electrotechnical Commission (IEC), ISO/IEC TS 27008, Information technology – Security techniques – Guidelines for the assessment of information security controls, provides guidance on assessing the controls in place to ensure they are fit for purpose, effective and efficient, and in line with company objectives. The technical specification (TS) has recently been updated to align with new editions of other complementary standards on information security management, namely ISO/IEC 27000 (overview and vocabulary), ISO/IEC 27001 (requirements) and ISO/IEC 27002 (code of practice for information security controls), all of which are referenced within. Prof. Edward Humphreys, leader of the working group that developed the standard, said ISO/IEC TS 27008 will help organizations to assess and review their current controls that are being managed through the implementation of ISO/IEC 27001. “In a world where cyber-attacks are not only more frequent but increasingly harder to detect and prevent, assessing and reviewing the security controls in place needs to be undertaken on a regular basis and be an essential aspect of the organization’s business processes,” he said. “ISO/IEC TS 27008 can help give organizations confidence that their controls are effective, adequate and appropriate to mitigate the information risks the organization faces.” ISO/IEC TS 27008 is of benefit to organizations of all types and sizes, be they public, private or not-for-profit, and complements the information security management system defined in ISO/IEC 27001. It was developed by ISO technical committee ISO/IEC JTC 1, Information security, subcommittee SC 27, IT security techniques, the secretariat of which is held by DIN, ISO’s member for Germany. It can be purchased from your national ISO member or through the ISO Store.
HID Global Launches Cloud Platform To Help Create a Worldwide Innovation Ecosystem for the Connected Workplace
HID Global, today announced the availability of its HID Origo™ cloud platform that opens a brand-new world of opportunities for partners to create more seamless and intuitive workplace experiences that are built on HID’s proven access control infrastructure. The platform combines HID’s technologies for mobile IDs (and location services in the future) with its expansive access control architecture to bring together physical security and a wide range of building applications, services and IoT use cases via a unified cloud experience. “HID Origo lays the foundation for a broad ecosystem of cloud-based access control technologies, products, services and business models that will accelerate workplace innovation; it dramatically increases our partners’ capabilities to create more connected and seamless building experiences for end users,” said Hilding Arrehed, Vice President of Cloud Services, Physical Access Control, with HID Global. “The platform will remove integration barriers between access control systems and smart building applications, and we will continue to expand its value with capabilities that further improve how people securely move through a facility and interact with its services.” The new platform provides an app-based innovation model that delivers a comprehensive suite of integration, enablement, developer tools and services geared towards simplifying how partners and a growing community of new developers and resellers bring access control solutions to market. Rather than requiring that entire solutions be developed and enabled one customer or site at a time, HID Origo will make it possible to develop new applications and integrated solutions for HID’s complete installed base of millions of access control devices and system—all at once. - How HID Origo Works The HID Origo platform embeds cloud connections and IoT functionality as app extensions into mobile devices, HID readers and controllers, and gives developers direct access to this hardware via HID Origo application programming interfaces (APIs) and software developer kits (SDK) already proven through HID’s mobile access solution. The platform also enables data analytics to be used for new capabilities, including remote reader configuration, predictive access control system maintenance and intent detection for more seamless and personalized workplace experiences. - Enabling New Business Models for Ordering and Managing Mobile IDs Today, the platform enables subscription-based services, with customers already taking advantage of the model’s simplicity. Examples include a deployment by a world-leading biotechnology company who has been an early adopter of HID Origo subscription services for ordering and managing mobile ID replenishment over the air when employees lose or must replace their smartphones. The company has replaced its traditional access control readers with 2,300 Bluetooth-enabled iCLASS SE® readers to support their mixed environment of 12,000 mobile IDs and 40,000 Seos ID cards. The subscription billing model offered through HID Origo makes it easier for the company to order and manage mobile IDs while improving forecasting, budgeting and reporting. It also streamlines transferring mobile ID subscription licenses across employees and registering multiple mobile IDs across multiple devices without any additional cost.
HP Labs Boris Balacheff Vice President had Media Group Interview in Korea
On January 14, 2019, at Millennium Seoul Hilton Hotel in Seoul, HP (HP Inc.) held a media group interview with Boris Balacheff, Chief Technologist for System Security Research and Innovation at HP Labs. At the interview, he introduced HP's view of security, countermeasures, and technologies. Currently, Boris Balacheff is coordinating security research on cyber physical system as well as personal device architectures in HP Labs. In addition to setting up technology strategies for the HP portfolio as a whole, he is also committed to academic collaboration and standard establishment in industry. On behalf of HP, Boris is participating in Trusted Computing Group (TCG) and Certification Program Committee, and is the founder of the first concepts. He has also been successful in smart card research and HP Trusted Computing research and has conducted cloud client security research to support the IT needs of cloud-based mobile customers. At the interview, he said that the starting point for the security of enterprise IT environments starts with 'devices', and the process by which companies select IT devices to use in addition to their network over the next few years is also a decision process in aspect of security. Furthermore, he emphasized that the ‘devices’ refers to all devices connected to the networks as well as the PC. And HP well understands the importance of this hardware-level security, continues to apply it to the product with ongoing research, and continues to work hard to keep the industry moving along with ongoing technology development. ▲ Boris Balacheff, Chief Technologist for System Security Research and Innovation at HP Labs Boris Balacheff stated that he has been committed to improving security at the interfaces of hardware and network, inventing key elements of early stage of trust computing technology, and designing the first version of the Trusted Computing Module (TPM). In addition to making these industry standards, Boris has taken a step further to study firmware security. Through this, he is striving to cope with the increasingly sophisticated attacks and to jointly design and respond to firmware and hardware security based on this. In hardware security, two primary vulnerable sources were mentioned. The first is that the number of devices is increasing, more and more users are using more devices, the interface between physical and mechanical world such as IoT is increasing, and new applications are emerging. Endpoint devices are used to create information, access information, and output information for users, and while there has been much effort in orchestration related to infrastructure security and cloud management security in an enterprise environment, the device environment has become more and more complex and more security-related solutions have been added. This also means that the attack surface and opportunities have increased for attackers. The second point is that devices are connected to more diverse networks in the IT environment. The workspace is changing to open space, and devices are connected to various types of wired and wireless connections anytime and anywhere, thereby weakening the security of the connection. In response to this situation, HP has been working on the overall situation of threat, and designing and developing products by analyzing where the attacks are taking place and where the attackers with what capabilities are active. Over the past several years, both the attackers and the security industry have been in a relationship of ‘cat and mouse’. Now, however, Boris explained that attackers are no longer willing to play hide-and-seek, and their attacks are showing attempts to attack at different levels, not software levels. There are two major types of attacks at ‘different levels’. The first is an attempt to penetrate deep into the system below the OS layer. In this case, if the intrusion works successfully up to the firmware level, there will be no software for detection or defense. Of course, this is not easy, but the reward will be great. It is expected that these attacks will not be done only on PCs. Another way to avoid detection of anti-malware solutions is to move to other devices on the network. And Boris introduced that HP has been working on a study of this possibility, since some of HP's businesses, such as printers and IoT devices, are connected to the network and are likely to be used in such attacks. Especially in recent years, printers are connected to almost all devices, and malware could be hidden in the network by sneaking into the devices such as printers that are less manageable or protected than PCs. In this case, it will be difficult to cope with traditional security solutions. In addition, expertise to attack firmware embedded in PCs and printers can be applied to IoT, etc., and various security-related conferences have been actively announced about attacks on printers. Whereupon, HP stressed that manufacturers are the only vendors that can respond to hardware and firmware security, and that solutions for software and network are not enough. In addition, security enhancements in terms of devices and firmware are becoming more important, so ‘HP SureStart’ technology for it continuously check whether firmware is falsified and prevent firmware tampered by malware attacks from running. Boris introduced that HP is securing resilience against attacks by applying protection, detection and recovery technologies from the hardware level in the design of enterprise-class appliances. On top of that, not only at the individual device level but also over the situation connected by network, management tools to ensure the integrity of devices are provided. Also, he emphasized that the starting point for corporates’ cyber security starts with 'devices', and the process of selecting IT devices that companies will use in addition to the network over the next few years is a process of decision in aspect of security. ▲ Boris Balacheff stated that technology-leading companies are responsible for proving and disseminating the technology. Q) (Acrofan) Recently, the area to consider regarding security is becoming wider. It seems that the movement to utilize ‘standard technology’ is becoming more prominent in the industry as a whole, focusing on cooperation among companies rather than the movement by a single corporation. For example, TPM is now used by a variety of manufacturers like the standard technology of the PC platform. In this case, it is unlikely to be differentiated from an individual corporation’s position. In this situation, what do you think about how can companies solve differentiation and verification of this differentiated technology? A) (Boris Balacheff) In terms of the quality of the security features we provide, verifying and demonstrating that the security features are working well is also a challenge in security. As a matter of fact, in the cases of TPM and TCG Group, we have tried to make various related programs. And not all TPMs are certified. However, HP only ships certified products. The review committee is also reviewing whether our assertions about security are well supported. In addition to the standard, it is not easy to prove the security features that we have differentiated, but we know that security is important at the hardware level. For instance, in the case of the 'HP SureStart' function, it is being certified by an external certification authority for microcontrollers and endpoint security controllers that are used to the function. In fact, in the position of an innovative company or leader in the industry, there are difficulties such as the burden of representing cutting-edge technology on behalf of the industry. It is also important to showcase new features and help industry follow. Although the process of the authentication is slow, it is slow and costly. But I think there may be other options besides the certification. HP also has internal processes for security technology, testing, and evaluation. Testing through external agencies is also important. In addition, HP announced the industry's first 'Bug Bounty' program for printers a few months ago. Because we have put a lot of effort into internal security technology, investment and development, we now think it is important to include outside experts. HP is testing more robust platforms internally. Nonetheless, HP believes certification is also very significant.
Imperva Korea Network Connectivity Hub Opening Press Conference
Imperva held a press conference at Oakwood Premier Coex Center Seoul Hotel in Gangnam-gu, Seoul on March 21, 2018. The event was organized to show how to protect a company's core business from the DDoS attack and the benefits of using a domestic DDoS Protection PoP, with the attendance of officials including Yong-hun Shin, Country manager of Imperva Korea, and Andrew Draper, Asia-Pacific area vice president for Imperva. “The goal of expanding the infrastructure in the Asia-Pacific region was realized with the establishment of Korea DDoS scrubbing center. Imperva will continue to invest in the expansion of the worldwide DDoS scrubbing center to strengthen the protection of DDoS threats and will focus on meeting customer expectations and providing differentiated services.” – says Yong-hun Shin, Country manager of Imperva Korea ▲ Imperva’s press conference on opening a network connectivity hub was held. According to the announcement, Imperva is continuously expanding its network capacity in line with the exponential growth of the online traffic. It has established 40 DDoS scrubbing centers in North America, South America, Europe, Asia, Africa and Oceania including Korea, and it is rapidly analyzing and responding to the dramatically growing network traffic. INCAPSULA, a DDoS protection service of Imperva, can detect DDoS attacks and defend them within a few seconds, regardless of the attack mode. So, it can control web traffics by a large amount of DDoS and Bot, which are continuous threats targeting enterprises’ web services. In order to respond effectively to security threats to corporate web services, security services such as DDoS protection, web security, global load balancing, and 24-hour security services are handled as one-stop. Through global level of virtual DDoS scrubbing center, ‘Incapsula’ blocks attacks at the center near the users and provides various solutions such as website protection, bot blocking, enhancement of the speed that users feel, server and data center load distribution, DNS caching and protection, and infrastructure protection. ▲ There are many security challenges. ▲ Imperva has set Korea as one of the major markets. 'Incapsula' provides 99.999% availability and SLA of Time to Mitigation within 10 seconds to protect customer's mission critical application and personal information. The logs containing personal information is 100% masked and stored to safeguard against the leakage. On the other hand, Imperva is constantly expanding its network capacity to accommodate the exponential growth of online traffic. Imperva has recently established 40 DDoS scrubbing centers in six continents such as America, Europe, Asia, South America, Africa and Oceania, including Korea, for the long-term goal of Imperva's stable support for customer service in major countries around the world. Hence, Imperva has strengthened DDoS protection service, ‘Incapsula’, by analyzing and rapidly responding to dramatically growing network traffic.
InfiNet Wireless delivers fast and reliable CCTV connectivity in Guaymas port, improving Mexico’s national security
InfiNet Wireless, the global leader in fixed broadband wireless connectivity, today announced the successful deployment of a video surveillance system solution in Guaymas, a port in north-western Mexico. In recent years, the previous network infrastructure had been severely affected by environmental factors such as hurricanes and corrosion due to the presence of sea salt in the air. Also, the cameras were connected by standard UTP cabling meaning a viewing range of only 100m for security officials was possible. The legacy system was simply not adequate enough to monitor the entire port area and needed a major overhaul. "Since a strong and reliable CCTV infrastructure is critical for the management of any port, a robust system was needed to allow it to constantly monitor the perimeter areas in order to avoid theft of materials, and drugs and weapon trafficking. At the same time the safety and well-being of all employees of the port authority is paramount," said Carlos de la Madrid, Regional Business Development Manager for LATAM at InfiNet Wireless. After originally considering a fibre optic solution, Guaymas port management eventually settled on a wireless solution as it was deemed more cost-effective, operating reliably even in adverse weather conditions. The project was implemented jointly with Global VoIP, a regional InfiNet partner in Mexico, and a system integrator which deployed the InfiMAN 2×2 point-to-multipoint (PtMP) solution. The experts installed a number of high-capacity base station sectors feeding data and video streams to a central control room. The InfiMAN 2×2 is a field-proven family of wireless solutions designed for various applications and has been used in all types of environments, from remote mining locations in Russia to the Olympic sailing security network in Dorset, UK, where during the 2012 Summer Olympics, InfiNet launched a video surveillance network to provide security for the competition. “Thanks to the new solution, a very important goal has been achieved – the operations team of the port is able to remotely and dynamically monitor all activities in and around the port area, to keep people safe and to prevent trafficking of all types. This has allowed our security staff to have wider visibility of the port and enabled them to pre-empt criminal activities and even to apprehend potential criminals much quicker than ever before,” said Axel Humberto Perez Flores, IT expert at API Guaymas.
DECENT’s Feature-Packed Wallet Stores Custom Tokens
DECENT is reaching yet another milestone towards decentralization with the release of its newly designed, feature-packed web wallet, going simply by the name ‘DECENT Wallet’. The company has a proven track record of accomplishing its targets when it comes to the most recent projects in its roadmap. The new web wallet was initially released as a beta version for DECENT’s community to test and explore. Now, with their feedback taken into consideration, the global blockchain company officially releases its new web wallet. DECENT’s Senior Product Manager, Miroslav Majtaz, states: “Our official wallet has not only been thoroughly tested by our own team but also by our miners to ensure a fluid experience for the users. The wallet packs a brand new UI design and numerous incredible features, like storing custom tokens, instant transfers and an effortless account creation. We are happy to see users already reaching out to us and enjoying the wallet.” As one would expect, the new wallet will store DECENT’s own token, DCT, but also brings many new features to the table. The list of features includes: A new responsive, modern and user-friendly UI design Storing DCT and custom tokens (UIAs) Instant sending and receiving of tokens (running on DCore, with 2,000+ TPS) A simplified and secure wallet account creation process Creating a custom wallet account name or generating one automatically Paper wallet print-out option (with user account name, brain key, private and public key, and also a QR code) Wallet file export for an easy login Account keys regeneration Real-time conversion rates to USD, EUR and GBP The wallet, released on October 2, is fully functional and freely accessible to any user who creates a DECENT Wallet account on wallet.decent.ch The team has prepared easy, step-by-step guidance to give wallet users the best experience. The DECENT team plans on continually updating the wallet and encourages their wallet users to send feedback so they can continue to make improvements. In the world of crypto, blockchain wallets are a crucial element for users to store their assets. With DECENT’s new web wallet, users can expect security, reliability, quick transactions, an easy-to-use interface and much more.
InfiNet Wireless LATAM conference drives wireless development forward following Colombian crime crackdown
Delivering affordable technology to grow wireless architecture and improve public safety in Latin America was top of the agenda last week when InfiNet Wireless, the global leader in fixed broadband wireless connectivity, addressed its regional partners at its annual exclusive LATAM conference. Held in Punta Cana, the conference enabled InfiNet Wireless to present brand-new solution lines planned for 2018 and beyond, including the recently launched Quanta 5. Affordable, rapidly deployable and with a processing power of up to 800,000 packets per second, the Quanta 5 boasts the highest spectral efficiency available in today’s wireless marketplace. In his keynote speech to attendees, Carlos de la Madrid, Regional Business Development Manager for LATAM at InfiNet Wireless, said: “Offering affordable wireless technology such as the Quanta 5 is core to the backbone of InfiNet Wireless. As operators across Latin America realise the importance of fast, wireless solutions to increase economy and improve safety, InfiNet Wireless pricing trends, coupled with its industry-acclaimed technology for zero interference, solidifies its position to tackle interruptions in connectivity head-on.” The conference follows success in the region for InfiNet Wireless, after it successfully reduced crime in Bojacá, a popular tourist destination in Colombia, by improving the CCTV network. Its wireless Point-to-Point and Point-to-Multipoint solutions were installed to combat crime and resulted in a 45% decrease in violent injury crime as well as a 22% decrease in theft since the deployment. “There is a clear link between a country’s national security and its wireless network architecture, which, when selected carefully and correctly, can cause huge benefits to areas and businesses lacking coverage in Latin America,” he continued. A significant year for InfiNet, it also supported its valued partner Avantec as it tapped into the Colombian market, as part of an expansion drive to target growth in Latin America. InfiNet Wireless has its own commercial and support offices in Mexico, Colombia and Brazil. The conference, held from 4-5 September 2018, also saw the annual award gala for partners in recognition for their efforts and contribution in deploying InfiNet solutions in the region. Awards are classified on various achievements, such as Best InfiNet partner in Latin America for 2018, Best Project of the Year and Best Individual Contribution. La Madrid added: “There are thousands of InfiNet Wireless links deployed across Latin America, covering all sectors of the industry. This exclusive conference is an important forum for our growing LATAM community as ultimately, both parties can benefit. We add value to their business and vice-versa, not just by sharing information about products or services, but also through conversation on market intelligence and industry trends. Holding this conference right in their back garden shows our partners we are committed to building lasting relationships. We look forward to holding our fifth event next year!”
QNAP Extends Surveillance Integration Scale with Dahua Technology Network Cameras
QNAP® Systems, Inc. today announced that QVR Pro, the next-generation surveillance solution featuring the QVR Center central management software and QVR Guard failover protection, is now compatible with an additional 88 models of Dahua Technology’s Eco-savvy 3.0, WiFi 265 and H.265 PTZ series network cameras. QNAP has worked with Dahua Technology to provide users with greater choice and compatibility in deploying a comprehensive surveillance solution. Dahua's Eco-savvy 3.0 network camera series can deliver real-time 4K video streams at 15 fps, providing security applications with impressive range of smart detection features. Dahua's WiFi 265 series supports H.265 compression. Dahua's H.265 PTZ camera provides a large monitoring range with clear details, while the latest H.265 compression cuts bandwidth in half to ensure video recording with greater efficiency and lower cost. QVR Pro, the professional surveillance solution on QNAP NAS, includes 8 monitoring channels, allowing users to quickly build a home surveillance environment hosted on the QNAP NAS without any extra software required. Businesses can easily expand the number of monitoring channels up to 128 by purchasing QVR Pro licenses to deploy a large-scale surveillance project. QVR Pro uses an independent operating environment on the QNAP NAS, and by leveraging the storage expandability of the NAS, surveillance videos are safely stored for on-demand playback. The enhanced QVR Pro Client cross-platform software allows for rapid multi-channel playback and can support simultaneous play multiple 4K network cameras. Synchronous playback can focus on moving objects, while the diversified event notification setting ensures all urgent events are delivered. QVR Pro Client is available for mainstream operating systems on desktop and mobile, making surveillance management more convenient.
NordVPN provides easy and effective online security tips
Researchers of analytics software firm FICO found that majority of Internet users are annoyed with web and phone security measures. Out of 2,000 polled adults, 81% don’t see the need for what they call unnecessary security procedures. 64% of the respondents are not happy about the need for elaborate passwords featuring a mix of numbers, symbols and capital letters, and 71% would rather not deal with captcha codes, as they often have illegible words. Overall, more than two-thirds of people (71%) think there are too many security measures nowadays, and 58% are irritated about having to remember email addresses to recover passwords. 78% said they struggle to keep track of all their passwords. “It’s important to provide consumers with smooth, easy customer experience, but at the same time, people need to be educated that security measures are necessary,” said Marty P. Kamden, CMO of NordVPN, a VPN service provider. “Hacking, ransomware and phishing are on a historical rise all over the world. People need to use strong passwords and take precautions when going online. However, there are ways to make this easier - for example, by using a password manager." More than half of the respondents (55%) said they had been victims of banking fraud. NordVPN offers easy online security tips to make it easier for consumers to deal with all the security measures while keeping them safe online. 1. Use a password manager. Perhaps the most basic requirement for any online account setup is using strong passwords and choosing different passwords for different accounts. Weak passwords make it simple for hackers to break into an account. A strong password has a minimum of 12 characters and includes a strong mix of letters, numbers and characters. In order to easily track all your passwords, it’s recommended to use a password manager, such as truekey.com, LastPass and 1Password. 2. Don’t forget to install the latest security updates. Security updates often contain patches for recent vulnerabilities, which hackers are looking to exploit. It takes just a few minutes, and the update lasts more than a month. 3. Don’t open anything suspicious you get through email. Delete dubious emails from your bank, ISP, credit card company, etc. Never click on any links or attachments in emails you’re not expecting. Never give your personal details if asked via email. 4. Back up all data. Back up your data on an alternate device and keep it unplugged and stored away. Backing up data regularly is the best way to protect yourself from ransomware because only unique information is valuable. It’s an easy and fast process with a long term impact. 5. Use a VPN for additional safety. Using a VPN when browsing can protect you against malware that targets online access points. That’s especially relevant when using a public hotspot. However, keep in mind that a VPN cannot protect you from downloading malware. While a VPN encrypts your activity online, you should be careful when downloading and opening certain files or links. 5. Close pop-up windows safely. Ransomware developers often use pop-up windows that warn you of some kind of malware. Don’t click on the window - instead, close it with a keyboard command or by clicking on your taskbar. 7. Use anti-virus programs. Make sure you have installed one of the latest reputable anti-virus programs to make sure you are fully protected.
Palo Alto Networks Korea Held Media Conference on Prospect of 2018 Cybersecurity
On the morning of January 18th, 2018, Palo Alto Networks Korea held a media conference on prospect of cybersecurity in 2018 at the ASEM Tower in Gangnam-gu, Seoul. The conference was organized to anticipate cybersecurity trends in 2018 and to share Palo Alto Networks Korea's business strategy for the year, with CEO Choi Won-sik and General Manager Jo Hyun-seok of Palo Alto Networks Korea attending. CEO Choi Won-sik of Palo Alto said, “Today's event is designed to showcase security-related issues in 2018 and how Palo Alto Networks is preparing for it. Palo Alto Networks has been doing well in a rapidly changing market environment and I think we can show a better picture in this year. I look forward to your continued interest.” ▲ Palo Alto Networks held media conference on prospect of 2018 cybersecurity. ▲ CEO Choi Won-sik said, “Palo Also Networks will be able to show a better picture in this year.” According to the announcement, Palo Alto Networks' 2018 security prospect is as follows. The first topic was ‘the need to protect data on cloud systems.’ As the use of third-party cloud storage continues to increase, the scope of security provided by cloud service providers includes network, storage, and computing resources. Therefore, since users are responsible for security of data stored in the cloud, it is forecasted that the importance of the response to this will increase. Simple Storage Service (S3) of AWS, a leading cloud service, uses 'bucket' as containers for online data storage in the cloud. Whenever a user error occurs in the configuration of the bucket, anyone can freely access the data via the Internet. In fact, over the past several months, there have been accidents in which sensitive files, passwords, home addresses, customer databases and information of about 180 million US voters have been exposed. In particular, care must be taken in the case of data that can be overwritten when configuring buckets. If any attacker finds a fixable bucket, he can upload malware to the bucket and overwrite the files. Also, if the user stored code in these storages, this can also change. The second topic was ‘the importance of data integrity management.’ As the damage of data loss and theft to businesses and governments is getting bigger, it is forecasted that the demand for securing data integrity will also increase. If data integrity is violated, not only it can be critical to the financial market, but also it becomes possible to inflate the stock price of a company by manipulating sales results. In the case of public institutions promoting Smart City, if the data of the IoT system ranging from the traffic lights to the waterworks are altered, it may cause serious trouble. To ensure data integrity, you need to know what data is retained, how to collect and create it, and where the most sensitive part of the data is located. In addition, if a user name or a password fails to provide security functions using the multifactor authentication (MFA) technique, an additional layer of security should be provided. In addition, you must protect sensitive data through encryption. As the effectiveness of encryption depends on which key management strategy you choose, it is significant to choose the most appropriate strategy to the company. The third topic was ‘continuous heat of ransomware.’ It is predicted that ransomware attackers, who have gained successful experience of revenue generation last year, will continue to create damage in 2018 with more sophisticated techniques and increased scale. This is because the ransomware attack, which has evolved into a highly profitable business model, can be executed only with limited technology; thereby attacks became easier through the appearance of ransomware as a service. Moreover, it is predicted that there will be more ransomware for political issues than pecuniary gain in 2018. As a typical example, the ransomware 'RanRan' in the Middle East in 2017 required politicians to send messages by creating a website instead of demanding money. The presenter, General manager Jo Hyun-seok, introduced by saying, “In a situation where legacy security solutions are inevitably becoming more vulnerable to ransomware, the most effective countermeasure is to secure a platform that share threat intelligences regardless of the location of attacks in real time by automatic communication between firewalls and endpoints based on proactive counter policies.” The fourth topic was ‘the need to manage security against potential security threats to Internet (IoT) devices’. Although the positive impact of IoT technology on daily life is increasing, security threats are also increasing behind the convenience, and it is becoming possible for attackers to cross the network through personal devices. Therefore, he emphasized that even if personal devices are not the company's assets, each company's CISOs should include management of these devices within their corporate security strategy, and regular employee training on application settings and device security settings. ▲ The heat of ransomware is likely to continue. ▲ Security management of potential Internet security threats is needed. The fifth topic was 'coming of the era of attack through software supply chain'. Over the past two years, there have been cases of cyberattacking through a software supply chain that provides reliable software and updates. They attacked software developers by using ‘credibility’ that users allowed to their developers so that it becomes easier to access different networks instead of directly attacking the target by using phishing and vulnerabilities. Palo Alto Networks predicted that by 2018, such attacks will be more frequent in terms of frequency and severity, so it needs to be prepared. Attacks through the software supply chain represent a need to build a network that can have the visibility of every point in the attack's life cycle and detect and block out-of-the-box behaviors. In order to prepare for a new era of attack, the company will need to have technologies and processes that can prevent trusted software from suddenly turning into malware through automatic updates. The sixth topic was 'the need for automatic threat handling for operational technology environments'. Recently, there is a growing demand for Automated Threat Response (ATR) technology because recent malicious actions are taking predefined actions to check for new technologies such as behavioral analysis and artificial intelligence. ATR is a technology designed to automate the process of detecting threats and automate the process of closed defenses, which reduces the burden on SecOps and shortens response times. As the frequency and size of intelligent attacks continue to evolve, it is necessary to acquire ATR technology based on behavior analysis and intelligent security threat analysis environment. As Palo Alto Network is expected to begin mass deployment of ICS (industrial control system) security in major infrastructure and manufacturing environments, 2018 will be the year in which the effects of ATR adoption in the area of operational technology (OT) will become visible. In fact, major companies in related fields have completed the PoC, started segmentation work, and added behavior analysis and anomaly detection technologies to enhance the security of the OT environment. These solutions include dedicated sensors and modules to supplement Security Information and Event Management (SIEM). Initially built with independent discovery tools, these ICS network monitoring solutions are predicted to be configured to effectively respond to the threats by being integrated into devices such as next-generation firewalls. Finally, the seventh topic was 'development of machine learning technology to enhance cybersecurity'. In the past, many companies have responded to cyber-attacks by using signature-based security products on endpoints, networks, or in the cloud, but signature-based malware detection is becoming ineffective as cyber-attackers automate malware generation. It is hard to say that machine learning technology is a breakthrough in cybersecurity, but its impact on the defense approach to cyber-attacks continues to increase. In addition, Palo Alto Networks introduced some of their products are using machine learning technology to predict user and device behaviors and detect irregular acts presenting the sign of an attack such as ‘Traps’, an intelligent endpoint security product, and ‘LightCyber’, a behavioral analysis solution for network security. General Manager Jo Hyun-seok said, "In 2018, more CISOs are expected to include machine learning technology in cybersecurity strategies. In the healthcare field, where massive amounts of data are actually being generated, there are already more instances of using machine learning for intelligent malware detection. Applications for machine learning are likely to continue to increase.” ▲ Automated threat response for operating technology environment is needed. ▲ It is expected that machine learning technology will be developed to enhance cybersecurity.
USPTO Awards CellTrust Secure SMS and MMS Patent
CellTrust Corporation, a global leader in enterprise mobile communications compliance enforcement, traceability and security, today announced it has been awarded its “Systems and methods for managing short messaging service (SMS) messages and multimedia messaging service (MMS) messages in an encrypted and secure manner” patent US 9,680,803 by the United States Patent and Trademark Office (USPTO) for its secure messaging technology. US Patent 9,680,803 is another addition to CellTrust’s existing US and international portfolio of 37 patents and 63 licensed patent rights. CellTrust patented Secure SMS and MMS technology relates to the systems and methods configured for managing (i.e., creating, editing, viewing, compressing, decompressing, disassembling, reassembling, queuing, routing, encrypting, decrypting, sending, receiving, replying, forwarding, storing, and/or the like) communications (for example, short messaging service messages, multimedia messaging service messages, and other information transmission, and/or the like) in a secure manner (e.g., in an encrypted or otherwise secured manner). Further, CellTrust patented technology comprises a software module configured for use on a device, such as a mobile device, as well as a gateway which is secured and configured to manage information in a secure manner through a mix of server registration, multi-factor authentication and encryption, featuring unique dynamic keys and full key lifecycle management. “CellTrust patented Secure SMS and MMS technology helps to protect text messages containing confidential and sensitive client information,” said Sean Moshir, Chairman and CEO. “CellTrust’s Secure Mobile Information Management (SMIM) platform utilizes Secure SMS and MMS technology for secure communication of highly sensitive information often exchanged across the financial services, healthcare and government industries.”
Wedge Networks Increases Functionality and Performance of Industry Leading Malware Prevention Platform
Wedge Networks, the leader in orchestrated, real-time threat prevention, today announced general availability of Release 2.0 software of the Wedge Advanced Malware Blocker™ (WedgeAMB™). The addition of Avira, one of the industry’s leading anti-malware providers, further elevates WedgeAMB’s industry leading network level detection and real-time blocking of malware, including Zero-Day and Advanced Persistent Threats. This new feature combines with the added ability to scan East-West traffic, in addition to North-South traffic, to maximize efficacy and the scope of use for enterprises globally. WedgeAMB is the flagship product of Wedge’s Absolute Real-time Protection Series. It orchestrates industry leading threat detection and blocking technologies developed by Wedge Networks and partners such as Kaspersky Labs, Cylance, and now Avira. WedgeAMB’s orchestration of multiple advanced scanning technologies, running in concert with Wedge’s patented Deep Content Inspection (DCI), and Intrusion Detection and Prevention (IDS/IPS) technologies, yields the industry’s highest performing detection of previously known, and new unknown malware, Zero-Day and Advanced Persistent Threats (APTs). The execution of those security scans by Wedge’s patented SubSonic Engine™ provides advanced threat prevention with imperceptible latency; available as virtual machines or appliances operating at sustained line rates of up to 100 Mbps, 1 Gbps, and 10 Gbps. “The addition of Avira to WedgeAMB gives our customers the option to use one AV technology, or the other, or to run them all concurrently,” said Dr. Hongwen Zhang, President and CTO of Wedge Networks, Inc. “This freedom to choose which AV technologies to license and activate is very important to certain customers, such as government agencies that may have standardized on one vendor or another. WedgeAMB’s locally orchestrated approach to security scanning is unique and enables this depth of security functionality, without the traditional trade-off of increased latency. This allows our customers to maximize threat prevention and network performance concurrently.” “Avira is excited to partner with Wedge Networks to further enhance WedgeAMB™ and the broader portfolio of Wedge Networks products,” said Travis Witteveen, CEO of Avira Networks. “Our SAVAPI anti-malware technology is a perfect complement to WedgeAMB’s focus of detecting and blocking malware before it’s delivered to endpoints.” The Release 2.0 feature supporting hair pinned traffic inspection now enables WedgeAMB to inspect traffic flowing laterally through the enterprise network as well as the traffic entering and leaving the enterprise. This increased functionality adds protection to detect and block locally introduced threats, such as from a USB drive, before malware is broadly distributed, minimizing risk and response efforts of quarantining and removing threats from infected devices. Wedge has already deployed Release 2.0 of WedgeAMB in customers’ proof of concept trials, yielding great results and new customer purchase orders. Release 2.0 is available as a software upgrade to existing deployments and is generally available for purchase with all future WedgeAMB orders.
JASK Expands Platform Beyond SIEM to Transform How SOC Operators Visualize Cyber Attacks
JASK, the provider of the industry’s first Autonomous Security Operations Center (ASOC) platform, is capturing industry demand with new features centered around enterprise-wide alert linkages and analyst workflow efficiency. Major enhancements include the JASK Navigator, a visually-driven, contextually-rich investigation console that provides SOC analysts a one-click path to situational attack awareness, multi-asset data ingestion; query flexibility and analyst team workflow support. “Through our discussions with both partners and customers one thing has become crystal clear, the SOC of the future will not rely heavily on legacy SIEM technologies,” said V.Jay LaRosa, VP Global Security Architecture, Chief Security Architect at ADP. “There are a lot of cybersecurity solutions and technologies promising ways to get more out of technology investments, and JASK is maniacally focused on truly addressing enterprise-wide alert prioritization, context and visibility by focusing on analyst workflows.” - JASK ASOC Built to Streamline Analyst Jobs Since launching the platform in July 2017, JASK’s vision is delivering an asset-independent, open platform that enables an autonomous workflow of what, where, why and how analysts should take action. Using artificial intelligence (AI) and machine learning as its base engine, the platform is built for broad and smarter data ingestion to reduce costs and bandwidth without losing context. With its latest enhancements, the JASK ASOC platform improves visibility through unique mapping of data to records linked across devices, users, networks, applications and almost any third-party data source. “JASK understands the urgency CISOs have placed on consolidating and integrating security operations technologies,” said Jon Oltsik, Distinguished Analyst and Fellow at Enterprise Strategy Group. “By seamlessly fitting into existing environments, offering an intuitive user interface and reducing the overwhelming volume of alerts, JASK is addressing the top concerns SOC teams report.” - JASK Navigator Console and Enhanced Team Workflow JASK Navigator is an elegantly simple, visually-driven investigation console that equips analysts with an actionable view of JASK Insights, prioritized notifications of data that indicate a combination of events or activities that should be investigated, with all the associated signals and alert information that led to its delivery. Investigations are streamlined and logical, offering SOC teams one-click access to better prioritized insights and faster paths to resolution. To further support enterprise analyst workflows, JASK is also developing team support via customizable workflow queues within the ASOC platform. This allows customers to represent user groups or teams in order to assign the triage of JASK Insights. The enhanced workflows allow teams to easily adjust the Insights stage, providing improved visibility into the overall status of all assigned tasks. JASK also allows analysts to assign and visualize alerts from existing security solutions by user, team and status. “The attacker is winning in today’s constantly changing threat landscape. The SOC is no longer human-scalable,” said J.J Guy, CTO of Jask. “A flexible platform that focuses on analyst workflows to improve efficiency is a critical step forward in offering SOC teams immediate visibility and context. We must stop building our teams to support technology, and build technology to support our teams.” Off to a strong start in 2018, JASK doubled its customer base in the first quarter of 2018, adding enterprises spanning higher education, financial services, healthcare and retail. Additionally, the company continues to support existing security operations workflows through partnerships and specific integrations with leading solutions in cybersecurity, including Cylance, Demisto, Carbon Black, Microsoft Active Directory, Splunk, ArcSight, among many more. For more information on the JASK ASOC platform, please visit https://jask.ai/solutions/product/
gumi Secures $30M for New Global Blockchain and Crypto Investment Fund
gumi Inc., a leading global mobile game publisher and developer, today launched a dedicated fund to invest in promising cryptocurrency and blockchain technology companies, called gumi Cryptos. The fund offers its portfolio companies a strategic venture capital investment partner with unique access to the Japan cryptocurrency market through its network of investors and management board. The first projects funded by gumi Cryptos include Basis, Origin Protocol, Robot Cache and Pryze. With an initial investment of $30 million, gumi Cryptos is led by proven operators Hironao Kunimitsu, Founder and CEO of gumi Inc., and Miko Matsumura, founder of US-based virtual currency exchange Evercoin. Matsumura is a Venture Partner at BitBull Capital and an advisor at Arrington XRP Capital. He is an investor in Lyft, FileCoin, Brave, CIVIC, Basecoin, Propy, Polymath and more. Matsumura has also served as an advisor to over a dozen ICOs and startups, having raised over $250 million to date for companies such as Bee Token (Decentralized AirBnB) and Celsius Network (Crypto Lending Platform). The full list is available at http://miko.com. gumi Cryptos fills a specific void in the investment spectrum of the blockchain and cryptocurrency industry. In many cases, even the top cryptocurrency organizations in the world struggle to understand and access markets in Japan, including investment and industrial networks, customers, exchanges and regulators. Kunimitsu said, “We decided to create a fund that enables us to engage more directly with early-stage blockchain and cryptocurrency startups, in order to be more effective partners and have a real impact in the market. Our team brings tremendous expertise in emerging technology, and with gumi Cryptos, we can truly partner with these companies as they achieve amazing results for all stakeholders.” Matsumura said, “Having advised top global cryptocurrency startups alongside some of the best investors in the world, I’ve come to realize that all of them struggle to break into Japan, the largest cryptocurrency market in the world. I’m excited to join gumi and their well-respected network in Japan.” White & Case LLP, a global law firm, acted for gumi Inc. in establishing gumi Cryptos LLC and negotiated the joint venture arrangements between the partners. The Tokyo-led legal team included Nels Hansen, Ayako Kawano, Fumika Cho and Kei Horiguchi. Voyage Group Co., Ltd., an entertainment company, and YJM Games Co., Ltd., a Korean game company, and other major domestic financial institutions are invested in this fund. Some facts about the Japan market: Japan is the third largest economy in the world Japan was the first country to legalize Bitcoin As of January 15, 2018, Japanese Yen accounts for 56.2 percent of Bitcoin (BTC) volume, according to coinhills.com. Yen is followed by U.S. dollars at 28.4 percent, while all others account for 15.4 percent.
Response to Claims of VPNFilter Malware Infections: Security Concerns Were Addressed in 2017
QNAP Systems, Inc. (QNAP) today issued a statement in response to recent claims that QNAP NAS is prone to malware infections by a program called “VPNFilter”. QNAP has been aware of the presence of VPNFilter since 2017 - and has addressed the issue with updates to the QTS operating system and the QNAP NAS Malware Remover application. This solution has been in place since mid-2017. The QNAP Security Response Team continuously investigates all security threats and releases updates as necessary to safeguard QNAP NAS users from the impact of malware and attacks. If you are concerned that malware has infected your QNAP NAS, install Malware Remover from the QTS App Center to scan your NAS. QNAP strongly recommends that all NAS users follow best practices for IT security by using the latest version of QTS and by periodically changing the password of the NAS administrator account. For more information, and to view instructions for using Malware Remover, updating QTS, and changing the administrator account password, please refer to QNAP Security Advisory No. NAS-201805-24.