GuardiCore @ CPX 2017 Las Vegas

Last month we attended the Check Point Experience USA 2017 conference in Las Vegas. ‘What happens in Vegas stays in Vegas’ – True, but we still wanted to share some of our experiences and thoughts from the event.

GuardiCore Announces GuardiCore Labs

Global Research Team Focused on Critical Cyber Security Analysis and Investigation to Benefit the Community through Publications and Timely Disclosure of New Advanced Threats Targeting Data Centers and Clouds

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in internal data center and cloud security, today announced GuardiCore Labs, a global cyber security research team that conducts in-depth research and analysis, providing the security industry with actionable insights into the latest and most advanced threats facing data centers and clouds. GuardiCore Labs delivers cutting-edge breach detection and response methodologies to help GuardiCore customers continually enhance their security posture to protect critical business applications and infrastructure.

Read more

What’s New With Centra 2.5 Release 19

We are very proud to announce the immediate availability of Release 19 of the GuardiCore Centra Security Platform. This version contains many enhancements and new capabilities. Existing and new Centra security administrators will like the dashboard enhancements, workflow improvements and additional features.  Our system integration partners and service providers will enjoy the new deployment tools which will enable them to deploy Centra in extremely large data centers within minutes.  

Read more

With Just a Year to Go, Here’s How to Prepare for Europe’s Sweeping New Data Protection Laws

On 25 May 2018, the long-awaited European General Data Protection Regulation (GDPR) will finally come into force. It represents nothing short of the biggest shake-up in privacy laws in a generation: a seismic event for organisations around the world which handle data on European citizens. Most importantly, it will place strict new requirements on these firms to protect customer data and notify quickly if they’ve been breached – or else risk huge fines.

With breaches the norm rather than the exception today, it will therefore become more important than ever to spot attacks on the datacentre as early on in the kill chain as possible. And have the right set of advanced, automated tools to support a speedy, effective response.

Read more

Complete Security Deception Includes Detection and Incident Response

Deception is growing in popularity because it can help find attacks more accurately and faster than other, more traditional tools. However, finding the threat solves only part of the problem. A complete deception solution will also enable better incident response to combat the threat actors.

Using GuardiCore Reputation Services to Detect Dormant and Hidden Threats

Imagine this, you’ve been coming to the office for the past few months, contacting customers, updating and documenting important information, sending confidential corporate emails, connecting to critical databases in the network data center, and all this time someone, or more precisely something, is watching your every move. A malware is on the loose in your network, collecting information, harvesting credentials and abusing them to connect to those same databases that you cherish.
Read more

GuardiCore Named to the First Ever CNBC Upstart 25 List by CNBC

CNBC Names GuardiCore to List of Promising Young Startups on the Path to Becoming Tomorrow’s Household Names

San Francisco, CA and Tel Aviv, Israel – GuardiCore, a leader in data center and cloud security, today announced that it was named to the first ever CNBC Upstart 25 List. Emerging from Israel’s cybersecurity sector, GuardiCore provides its customers with more accurate and effective ways to stop advanced threats through granular visibility of network and application flows, coupled with real-time breach detection and response. CNBC Upstart 25 spotlights a diverse list of promising young startups that are building brands, breaking industry barriers, and scaling quickly on the path to becoming tomorrow’s household names..

Read more

Ransomware Attacks Targeted Hundreds of MySQL Databases

Hundreds of MySQL databases were hit in ransomware attacks, which were described as “an evolution of the MongoDB ransomware attacks” in January, there were tens of thousands of MongoDB installs erased and replaced with ransom demands. In the new attacks, targeted MySQL databases are erased and replaced with a ransom demand for 0.2 bitcoin, which is currently equal to about $234.

0.2 BTC Strikes Back, Now Attacking MySQL Databases

Last week we first tweeted that the GuardiCore Global Sensor Network (GGSN) has detected a wide ransomware attack targeting MySQL databases. The attacks look like an evolution of the MongoDB ransomware attacks first reported earlier this year by Victor Gevers. Similarly to the MongoDB attacks, owners are instructed to pay a 0.2 Bitcoin ransom (approx. $200) to regain access to their content. We saw two very similar variations of the attack using two bitcoin wallets. In this post we will describe in detail the attack flow and provide some recommendations on how to protect your databases from similar attacks along with attack IoCs. Read more

Who’s Afraid of ETW? GuardiCore Guide to Building a Robust Windows Agent

As true believers in collaboration in the cyber industry, we continue to open a window to our interesting projects. We hope it will benefit the community and encourage others to do the same.  Several months ago we published the source code for our Infection Monkey project and today we are revealing how we built our Windows Agent to support GuardiCore Reveal, the data center and cloud visibility and segmentation policy component of our flagship product, GuardiCore Centra.
Read more