More Notes and Takeaways from Gartner’s Security and Risk Management Summit This is the second post in a series about “things that I observed and learned at the Gartner Security and Risk Management Summit”. In this post I will focus on some “product” aspects of the conference. (Missed the first blog? See it here) Gartner […]
Last week Gartner held its annual Security and Risk Management Summit in National Harbor, MD, few miles away from Washington D.C. Much like the RSA Conference, this event is becoming a “must” for security and risk management leaders. While the presentations and discussions in San Francisco (RSA) focus on technology and implementation best practices, at […]
Overview The Samba team released a patch on May 24 for a critical remote code execution vulnerability in Samba, the most popular file sharing service for all Linux systems. Samba is commonly included as a basic system service on other Unix-based operating systems as well. This vulnerability, indexed CVE-2017-7494, enables a malicious attacker with valid […]
Attack overview WannaCry and its copycat attacks work by exploiting the Microsoft Windows SMB Server critical vulnerability (MS17-010). Patched Windows machines are safe while any unpatched Windows machine is at risk. The WannaCry campaign threatens internet facing as well as internal networks, since a compromised laptop/server in the network will try to propagate and infect […]
Everyone has something to write about ransomware. One can not open a mobile device or a news site without getting notification about some new ransomware-related content. There’s a good reason: The recent events, media attention and to a certain degree, the public’s panic around the WannaCry ransomware attack are driving a lot of interest and even increase the […]
Last week we announced the discovery of Bondnet, a new botnet that was uncovered by GuardiCore Labs. The originator of Bondnet had installed a cryptocurrency miner and backdoor in thousands of servers of varying power and conscripted them into a botnet – a group of computing devices that can be centrally controlled for malicious purposes.
GuardiCore Labs has recently picked up Bondnet, a botnet of thousands of compromised servers of varying power. Managed and controlled remotely, the Bondnet is currently used to mine different cryptocurrencies and is ready to be weaponized immediately for other purposes such as mounting DDoS attacks as shown by the Mirai Botnet. Among the botnet’s victims are […]
We are very proud to announce the immediate availability of Release 19 of the GuardiCore Centra Security Platform. This version contains many enhancements and new capabilities. Existing and new Centra security administrators will like the dashboard enhancements, workflow improvements and additional features. Our system integration partners and service providers will enjoy the new deployment tools which will enable them to deploy Centra in extremely large data centers within minutes.
On 25 May 2018, the long-awaited European General Data Protection Regulation (GDPR) will finally come into force. It represents nothing short of the biggest shake-up in privacy laws in a generation: a seismic event for organisations around the world which handle data on European citizens. Most importantly, it will place strict new requirements on these firms to protect customer data and notify quickly if they’ve been breached – or else risk huge fines.
With breaches the norm rather than the exception today, it will therefore become more important than ever to spot attacks on the datacentre as early on in the kill chain as possible. And have the right set of advanced, automated tools to support a speedy, effective response.