Complying with the SWIFT Security Controls Framework May Be Harder Than You Think

In my previous blog I briefly explained the new SWIFT regulations framework that will come into force on January 1st, 2018. In this blog I will focus on what is required to meet the first SWIFT requirement: “Restrict Internet Access & Protect Critical Systems from General IT Environment”. I will also explain how GuardiCore can help in complying with these requirements faster, simpler and in a more robust and maintainable way.

Read more

Beware of SWIFT Customer Security Controls Framework

In March 2017 SWIFT published its new Customer Security Controls Framework to the community. This is the first time SWIFT is publishing such security guidance and they announced that they will start auditing compliance with those requirements from January 2018, leaving SWIFT users (roughly any financial institution in the world) only a few months to take action. Organizations that are are found to be non-compliant will be published in a specific directory letting all other users of SWIFT to know that this counterpart maybe not safe to do business with. In practice this means that any respectable financial institution will have to do the effort to comply with the new regulations.

Read more

Your Business Is Evolving, Don’t Let Your Security Strategy Be Left Behind

The way businesses and IT teams are executing today has dramatically changed and will only continue to do so.   More and more organizations are embracing DevOps, Infrastructure as a Service (IaaS) and application-centric practices.  The goal of these changes is to enable IT teams to dramatically accelerate and more effectively adapt and respond to their organization’s business needs.

Read more

Highlights from Black Hat & DEFCON

I spent the last week at the “Hacker Summer Camp” of Black Hat and DEFCON. Besides meeting people and enjoying the dual craziness of the DEFCON crowd and the Black Hat business hall, we also gave a well received lecture – Escalating Insider Threats using VMWare’s API. Ofri Ziv, Head of GuardiCore labs, presented a […]

Escalating Insider Threats Using VMware’s API

Overview VMware vSphere is the most widely used virtualization platform for on-premises data centers. Similarly to other virtualization platforms, it basically relies on host servers running guest machines. These hosts and guest machines can be managed using administration interfaces such as vSphere API and VIX API. The GuardiCore Labs team has discovered a vulnerability in […]

Top 5 Things to See and Do During Black Hat 2017

From the horrors of ransomware, panic over election hacking, stolen emails to very interesting things like WannaCry andPetya/NotPetya/Nyetya/Goldeneye, it’s been a red-letter year in the world of cybersecurity. At Black Hat 2016 we introduced the Infection Monkey, free, open source pen test tool to educate the world on lateral movement.  Lateral movement is how hackers […]

GDPR is coming. Brace for impact

Do you remember the Data Protection Directive 95/46 EC ? Probably not, and for a good reason:  This 1995 European Union (EU) directive regulates the processing of personal data within the EU. Compliance throughout the years has been mandatory but its enforcement section was weak, keeping the risk of non-compliance for companies at low rates. […]

SambaCry, the Seven Year Old Samba Vulnerability, is the Next Big Threat (for now)

Overview The Samba team released a patch on May 24 for a critical remote code execution vulnerability in Samba, the most popular file sharing service for all Linux systems. Samba is commonly included as a basic system service on other Unix-based operating systems as well. This vulnerability, indexed CVE-2017-7494, enables a malicious attacker with valid […]