GDPR is coming. Brace for impact

Do you remember the Data Protection Directive 95/46 EC ? Probably not, and for a good reason:  This 1995 European Union (EU) directive regulates the processing of personal data within the EU. Compliance throughout the years has been mandatory but its enforcement section was weak, keeping the risk of non-compliance for companies at low rates. […]

GuardiCore Wins Gold in Cloud Security, Bronze in Startup of the Year at the 12th Annual 2017 IT World Awards

GuardiCore’s Centra Security Platform recognized by the Information Technology Industry’s coveted Hot Companies and Best Products Award Winners

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in data center and cloud security, today announced that Network Products Guide, the industry’s leading technology research and advisory guide, has named GuardiCore as a Gold Cloud Security category winner for its GuardiCore Centra Security Platform and a Bronze winner in Startup of the Year – 2013 category in the 12th Annual 2017 IT World Awards®

Read more

Notes and Takeaways from Gartner’s Security and Risk Management Summit – Part 2

More Notes and Takeaways from Gartner’s Security and Risk Management Summit This is the second post in a  series about “things that I observed and learned at the Gartner Security and Risk Management Summit”. In this post I will focus on some “product” aspects of the conference. (Missed the first blog? See it here) Gartner […]

Santander Brasil Chooses GuardiCore Centra Security Platform to Protect Data Center

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center security and breach detection, today announced that Santander Brasil, the largest subsidiary of Santander Group, has selected GuardiCore’s Centra Security Platform to provide advanced data center security.

Read more

Key Takeaways from Gartner’s Security and Risk Management Summit

Last week Gartner held its annual Security and Risk Management Summit in National Harbor, MD, few miles away from Washington D.C. Much like the RSA Conference, this event is becoming a “must” for security and risk management leaders. While the presentations and discussions in San Francisco (RSA) focus on technology and implementation best practices, at […]

SambaCry, the Seven Year Old Samba Vulnerability, is the Next Big Threat (for now)

The Samba team released a patch on May 24 for a critical remote code execution vulnerability in Samba, the most popular file sharing service for all Linux systems. Samba is commonly included as a basic system service on other Unix-based operating systems as well.
This vulnerability, indexed CVE-2017-7494, enables a malicious attacker with valid write access to a file share to upload and execute an arbitrary binary file which will run with Samba permissions.

Detecting and Mitigating WannaCry and Its Copycats Using GuardiCore Centra Platform

Attack overview WannaCry and its copycat attacks work by exploiting the Microsoft Windows SMB Server critical vulnerability (MS17-010). Patched Windows machines are safe while any unpatched Windows machine is at risk. The WannaCry campaign threatens internet facing as well as internal networks, since a compromised laptop/server in the network will try to propagate and infect […]

Musing on Ransomware and Other Sophisticated Attacks

Everyone has something to write about ransomware. One can not open a mobile device or a news site without getting notification about some new ransomware-related content.  There’s a good reason: The recent events, media attention and to a certain degree, the public’s panic around the WannaCry ransomware attack are driving a lot of interest and even increase the […]

The Bondnet Army: Questions & Answers

Last week we announced the discovery of Bondnet, a new botnet that was uncovered by GuardiCore Labs. The originator of Bondnet had installed a cryptocurrency miner and backdoor in thousands of servers of varying power and conscripted them into a botnet – a group of computing devices that can be centrally controlled for malicious purposes.

The Bondnet Army

GuardiCore Labs has recently picked up Bondnet, a botnet of thousands of compromised servers of varying power. Managed and controlled remotely, the Bondnet is currently used to mine different cryptocurrencies and is ready to be weaponized immediately for other purposes such as mounting DDoS attacks as shown by the Mirai Botnet. Among the botnet’s victims are high profile global companies, universities, city councils and other public institutions.