What’s New With Centra 2.5 Release 19

We are very proud to announce the immediate availability of Release 19 of the GuardiCore Centra Security Platform. This version contains many enhancements and new capabilities. Existing and new Centra security administrators will like the dashboard enhancements, workflow improvements and additional features.  Our system integration partners and service providers will enjoy the new deployment tools which will enable them to deploy Centra in extremely large data centers within minutes.  

Read more

With Just a Year to Go, Here’s How to Prepare for Europe’s Sweeping New Data Protection Laws

On 25 May 2018, the long-awaited European General Data Protection Regulation (GDPR) will finally come into force. It represents nothing short of the biggest shake-up in privacy laws in a generation: a seismic event for organisations around the world which handle data on European citizens. Most importantly, it will place strict new requirements on these firms to protect customer data and notify quickly if they’ve been breached – or else risk huge fines.

With breaches the norm rather than the exception today, it will therefore become more important than ever to spot attacks on the datacentre as early on in the kill chain as possible. And have the right set of advanced, automated tools to support a speedy, effective response.

Read more

Using GuardiCore Reputation Services to Detect Dormant and Hidden Threats

Imagine this, you’ve been coming to the office for the past few months, contacting customers, updating and documenting important information, sending confidential corporate emails, connecting to critical databases in the network data center, and all this time someone, or more precisely something, is watching your every move. A malware is on the loose in your network, collecting information, harvesting credentials and abusing them to connect to those same databases that you cherish.
Read more

0.2 BTC Strikes Back, Now Attacking MySQL Databases

Last week we first tweeted that the GuardiCore Global Sensor Network (GGSN) has detected a wide ransomware attack targeting MySQL databases. The attacks look like an evolution of the MongoDB ransomware attacks first reported earlier this year by Victor Gevers. Similarly to the MongoDB attacks, owners are instructed to pay a 0.2 Bitcoin ransom (approx. $200) to regain access to their content. We saw two very similar variations of the attack using two bitcoin wallets. In this post we will describe in detail the attack flow and provide some recommendations on how to protect your databases from similar attacks along with attack IoCs. Read more

Who’s Afraid of ETW? GuardiCore Guide to Building a Robust Windows Agent

As true believers in collaboration in the cyber industry, we continue to open a window to our interesting projects. We hope it will benefit the community and encourage others to do the same.  Several months ago we published the source code for our Infection Monkey project and today we are revealing how we built our Windows Agent to support GuardiCore Reveal, the data center and cloud visibility and segmentation policy component of our flagship product, GuardiCore Centra.
Read more

Four Good Reasons to Visit GuardiCore at RSA Conference 2017

GuardiCore is changing the way organizations secure their internal data centers and clouds, with cutting edge technology that helps our customers rapidly detect and respond to active breaches. We would love the opportunity to show you how. Yes, we know everyone at RSA is busy. An overwhelming number of vendors. Too many meetings. Late night after-hour parties. But while you are there, we encourage you to take 15 minutes to visit us in booth #N4321. Here are four good reasons why.

Read more

As Yahoo Breach Sinks In, Here’s How to Secure Your Data Centre in 2017

It’s certainly not what Yahoo or its customers would have wanted. But news of the biggest data breach ever recorded serves as a timely reminder of the threats facing the modern data centre as we head into the new year. The internet pioneer may be an extreme example, having now allowed cyber thieves to steal data from 1.5 billion accounts. But organisations of all sizes should see it as a cautionary tale. They need to wake up to the threats facing their data centres or risk following in Yahoo’s footsteps.

Read more

GuardiCore ❤ IPv6

Earlier this month, Amazon announced a long awaited feature – IPv6 support for EC2 instances! Amazon is the first of the three big public cloud providers (together with Microsoft and Google) to offer direct, all-the-way-to-the-instance IPv6 connectivity.

IPv6 makes life easier for AWS deployments. Unlike IPv4 addresses, which are split to private and public ones with a NAT in between, each EC2 instance has only a single, internet routable IPv6 address. No NATs, no complex networking setups – One Address To Rule Them All. This greatly simplifies network deployments, while maintaining the ability to build more complex structures. Amazon also provides a simple way to turn IPv6 addresses to “private only” with an egress-only Internet gateway.

Needless to say, GuardiCore Reveal supports IPv6 out of the box.

Read more

Advanced Data Centre Security the Key for Under Fire Transport Sector

Cyber attacks against the transport sector are nothing new. Those of you with long memories will recall how the SoBig virus caused major disruption to the US rail network all the way back in 2003. But the sheer breadth and persistence of threats facing the industry today is largely unprecedented. Just recently San Francisco’s “Muni” transport agency was on the receiving end of a ransomware infection which  caused Muni to take its payment systems offline for two days, allowing Muni riders to travel for free, costing the transportation system a few days of lost revenue.

It’s yet another reminder that when it comes to transportation, attacks on the data centre must be detected and remediated as quickly as possible to minimise their impact.

Read more