Categories
News

NEC Server Software Enables Advanced and Secure Login to Websites in Compliance with FIDO2

NEC Corporation announced today the availability of its enhanced NC7000-3A server software, which will enable simple, secure and swift authentication of users for access to websites and mobile applications through biometric authentication.

In addition, NEC is also releasing SDK-based voice authentication that accurately identifies users by extracting the unique characteristics of their voices when they speak predetermined phrases. The FIDO2(1)-compliant server software and updated SDKs are scheduled to be available in July and August 2019 respectively.

NC7000-3A integrates with business/service provider user profiles and manages authentication activities for web services. This software is a FIDO-certified product that enables users to be authenticated without sending biometric information or any other personal information outside of a terminal, thereby reducing the risk of compromising biometric identities and passwords.

Following this update, NC7000-3A server software is now certified with the FIDO2 standards established by the FIDO Alliance(2), which promotes international standards for “password-less” online user verification.

Existing NC7000-3A server software is certified with FIDO UAF, which allows users to login with biometric authentication when using mobile applications, such as online banking. This latest update also supports FIDO2, which enables users of PCs and smartphones to use biometric authentication when logging in to websites as well. FIDO2 capability enables login using external authentication devices, such as security keys, through USB/NFC/Bluetooth communication standards.

In addition, SDK that support a variety of authentication options, including fingerprint, face and voice recognition, are available for Android OS and iOS, enabling customers to freely select and combine multimodal authentication.

This server software and SDK will improve the convenience of logging in and prevent spoofing, which will contribute to the security of web services that require identity authentication. Specifically, it will enable password-less authentication for e-commerce, digital banking, and web services provided by municipalities and government agencies.

Under NEC’s “Mid-term Management Plan 2020,” the company is actively promoting services in new fields that leverage network strengths. Through this software, NEC is flexibly leveraging its networks to accelerate the provision of NEC Smart Connectivity(3), which links data generated by people and industry to create new social value.

“The NC7000 series is at the core of the NEC Smart Connectivity program and has a solid record of installations for financial institutions and telecommunications carriers,” said Takashi Sato, General Manager, Digital Services Solution Division, NEC Corporation. “This enhancement strengthens the role of Bio-IDiom(4), NEC’s portfolio of biometric solutions, in the provision of highly secure and convenient user certification, which supports the realization of a society where people, goods and services are reliably linked.”

Andrew Shikiar, executive director and chief marketing officer, FIDO Alliance, added: “NEC’s consistent efforts as a FIDO Alliance sponsor member help to promote the evolution and globalization of simpler, stronger FIDO Authentication. We are pleased to see NEC introduce its FIDO2 Certified server today as part of the strong and continuously growing ecosystem aimed to reduce the world’s reliance on passwords.”

“I am very pleased to see NEC obtain FIDO2 certification and to reinforce its standing as a member of the FIDO Alliance, whose goal is to supplant reliance on passwords,” said Koichi Moriyama, a Member of the FIDO Alliance Executive Council, Chairman of the Japan Working Group, Senior Director of Product Innovation, Product Department, NTT DOCOMO, INC. “As one of Japan’s leading ICT companies, we look forward to working together to accelerate efforts to create a world without passwords through deployment of FIDO certified products.”

References:
(1) https://fidoalliance.org/fido2/
(2) https://www.fidoalliance.org
(3) This is a collective term for network services that leverage NEC’s expertise and track record in network technologies and related solutions. We will utilize 5G and LPWA to create new data distribution that connects previously untapped data in various fields, such as social infrastructures, manufacturing, and retail, and delivers it to the people and goods they need.
(4) “Bio-IDiom” is NEC’s portfolio of biometric identification solutions, including face, iris, fingerprint, palm print, finger vein, voice, and ear acoustic solutions.
https://www.nec.com/en/global/solutions/biometrics/index.html

READ NEXT: Defend your business from modern-day cyber attacks with these 3 tips

Categories
Articles

Defend your business from modern-day cyber attacks with these 3 tips

Unknowingly clicking on an email attachment containing malware has the power to corrupt your entire system and wipe out all of your highly sensitive data.

Now that’s frightening.

Cybercriminals are now finding more ways to steal money, highly sensitive data, and interrupt your business operations. That is why it’s crucial for you to protect your business and your customers from these types of threats.

Allow us to share with you three tips that you can use to defend your business from modern-day cyber attacks.

Let’s begin.

1. Perform Security Testing

One of the best defenses against cyber-attacks is to set up a defense mechanism that will detect threats before they even happen. You can do that by identifying vulnerabilities in your system.

Some vulnerabilities might only appear after a cyber-attack simulation or a test run, and this is why security testing is an essential factor in establishing the online security of your business.

For instance, one way of securing your website is by restricting access to specific pages through secure data access by catalog permissions.

Your web hosting and content management systems (CMS) should also be tested for possible security cracks that hackers can slip through.

You can work with third-party cybersecurity services like Bulletproof to help you with vulnerability assessment and penetration testing.

With cybersecurity features like hack simulations and a review of your firewall infrastructure, operating system, and server, this helps you identify system vulnerabilities that you need to fix and determine the level of risk to cyber-attacks.

Keep in mind that as your network changes and grows, so will the new and more sophisticated cyber-attacks. It’s because of this that you need to run vulnerability assessments as part of your first line of defense, and long-term cybersecurity game plan.

Suggested read: Acronis and ZNet Technologies join forces to equip partners with innovative cyber protection solutions

2. Guard Against Zero-Day Attacks

If you think that cybersecurity companies are the only ones fighting off cybercriminals, then think again. Even software developers are hard at work to protect their security solutions from cyber-attacks.

After all, the security and safety of their products can have a significant impact on retaining their customers, and this is why sellers include security patches in their solutions through regular software updates.

Security patches are intended to detect and fix vulnerabilities in your security system in the older software versions.

The first approach you should take should be to update your security software and applications regularly to keep yourself protected.

However, there is a kind of cyber-attack that even regular software updates have difficulty stopping, and that is zero-day attacks.

Zero-day attacks target and exploit security vulnerabilities as soon as they’re detected, not allowing software developers and security companies enough time to respond.

This type of attack is one of the most dangerous threats to your business and your customers.

The challenge, however, is remembering to regularly update your security software and apps as soon as they are available.

A sure-fire way to never miss your updates is to use apps to manage software patches automatically.modern-day cyber attacks

Here are some other tips to help you mitigate exposure to the risks that zero-day attacks pose:

  • Exercise safe browsing habits to minimize the dangers of cyber-attacks such as malware, spyware, virus, ransomware, etc. and protect your personal information.
  • Configure the security settings for your internet browser, security software, and operating system.
  • Always check for security patches and software updates by downloading the most recent versions. Doing so will fix bugs that older software versions might have missed.
  • Avoid downloading or opening files and attachments from unknown sources.

However, there might not be a fail-safe method to stop zero-day attacks, but a way to nullify its impact is by using Security Information and Event Management (SIEM) services.

SIEM services offer 24/7 incident response, real-time monitoring, and lets you see a full picture view of your network by collecting the security log data from host operating systems, many software elements and applications, and security controls.

SIEM can also analyze substantial security log data to detect potential attacks and security threats.

3. Protect from Man-in-the-Middle Attacks

A Man-in-the-Middle (MitM) attack is a term for a kind of cyber-attack wherein cybercriminals intercept the conversation between two parties, usually an application and a user, with the purpose of eavesdropping or impersonating either one of the parties.

This type of attack aims to make the exchange of information between the two parties appear normal and steal highly sensitive details such as credit card numbers and login credentials.

Stolen information from MitM attacks can be used for unauthorized fund transfers, illegal password changes, and identity theft (among other things), which is why common targets are users of ecommerce sites, financial applications or websites where a login is required.

So, the best course of action is to protect your information from being stolen during an MitM attack by using encryption.

Encryption keeps data theft from happening by turning readable data into a code, and a decryption key can only decode this.

Another way to protect your business using encryption is with SSL certificates, and you’ll know a website has one if it shows HTTPS instead of HTTP.modern-day cyber attacks

SSL certificates secure connections and encrypt the information (payment details, passwords, etc.) that are exchanged on your website.

For ecommerce sites, it can also build customers’ trust since savvy users know that transacting with websites that have SSL certificates will keep their personal information safe.

Here are additional tips to keep your business and personal information, devices, and connections protected from MitM attacks:

  • Wi-Fi networks. To keep your Wi-Fi network secure, make strong passwords using as many unique characters as possible for your router and update usernames and passwords, plus all the devices that are connected to the network.
  • Internet Security. MitB attacks are typically executed by releasing malware, so installing internet security solutions is a great way to detect and prevent this kind of threat.
  • Emails. Emails are also common modes of virus and malware delivery. Exercise caution when opening emails that ask you to reset or update your login credentials and avoid clicking on links and downloading attachments.modern-day cyber attacks

To be on the safe side, instead of opening the link within the email, manually type in the site address in the browser.

  • Public Networks. Never connect directly to public or unsecured networks.

Install a VPN or virtual private network to ensure that the connection between your server and browsers is secure.

It’s crucial to understand how man-in-the-middle attacks happen so you can take the necessary steps to prevent them from happening and protect your highly-sensitive information.

What’s Next?

As a business owner, one of your top priorities is to invest in the security of your business assets and customers from various cyber threats.

The tips discussed here are just three out of the many strategies you can equip yourself to bulletproof your business against modern-day cyber-attacks.

If you found this article useful, feel free to share it.

Categories
News Web Hosting

International hosting provider WorldStream achieves PCI DSS Certification

WorldStream, an international IaaS hosting provider experiencing more than 40% year-over-year growth for 5 years in a row now, today announces its achievement of compliance with the Payment Card Industry (PCI) Data Security Standard (DSS) version 3.2.

Designed to minimize the exposure of credit card data to the risk of fraud or compromise, the PCI DSS certification being achieved is important for WorldStream to have as their webshop hosting clients are asking for payment security level guarantees. The 3rd party audited PCI DSS certification was issued by IT audit company Noordbeek B.V.

With more than 15,000 dedicated servers installed in its company-owned data centers in Naaldwijk, the Netherlands, WorldStream serves customers globally with clients including cloud service providers (CSPs), broadcasters, systems integrators, independent software vendors (ISVs), Software-as-a-Service (SaaS) providers and e-commerce hosting clients.

The successful completion of the PCI DSS audits and obtaining the certificate is adding to the other certifications already achieved by WorldStream including ISO 9001:2015, and ISO/IEC 27001:2015 for information security management, as well as ISO 14001:2015 – specifying the requirements for WorldStream’s environmental management system and sustainable operations.

“The IT audit firm has checked and validated all relevant PCI DSS related processes within the WorldStream organization as well as the management and operating controls that are in place,” said Lennert Vollebregt, CEO and co-owner of WorldStream.

“Complying with the PCI DSS directives is important for us, as WorldStream is serving quite some merchants and also managed hosting providers with webshop operators among their clients. The fact that WorldStream fully meets the rigorous PCI DSS requirements gives our e-commerce customers peace of mind with regard to the secure handling and storing of credit card information and payment data.”

Global Network: 10Gbps

The PCI DSS certificate validates WorldStream’s physical security measures in their offices and two company-owned data centers in Naaldwijk, the Netherlands. Next to that it also validates WorldStream’s documentation of organizational processes and IT system management for example, as well as the way the company manages its suppliers and guaranteeing its business continuity. To learn more about all 12 primary requirements mandated by the PCI DSS standard, visit https://www.pcisecuritystandards.org/.

WorldStream’s global network backbone with ample bandwidth available, currently more than 10Gbps, is working like a magnet on e-commerce hosting customers and managed service providers (MSPs) dealing with e-commerce hosting clients, stated the WorldStream CEO.

“Online merchants normally have demanding requirements when it comes to their e-commerce hosting environments,” added Mr. Vollebregt. “Especially during the holiday season when webshops are experiencing traffic spikes it becomes obvious that the network speed, as well as the latency and availability can make or break online businesses. The main components for efficient and effective e-commerce hosting infrastructure include the scalability of available bandwidth, the speed of the network backbone, as well as the network’s security levels and ability to mitigate DDoS (Distributed Denial-of-Service) attacks. We have invested more than 3 million euros in this global network backbone recently, which is paying off for e-commerce hosting clients as it provides them with business continuity guarantees.”

Also read: WorldStream Announces Phase 2 Expansion at Its Flagship Data Center

20,000 Servers

The announcement follows the news of WorldStream revealing its plans to further build-out its flagship data center in Naaldwijk, the Netherlands. Within the course of a year, WorldStream will be doubling its facility capacity from 268 data center racks to 536 racks at this location.

To support e-commerce hosting customers and other demanding clients with maximum uptime guarantees, WorldStream has chosen a highly redundant and energy-efficient design for its data center with an N+2 setup. The expanded facility will also be equipped with a fully modular UPS system to facilitate hot-swappable maintenance and avoiding any downtime.

This 2nd phase expansion in WorldStream’s flagship data center allows the hosting company to further grow its dedicated server capacity in its data centers to 20,000 servers, but WorldStream is already eying another greenfield data center build nearby.

Categories
Newss

Building a safer world with Kaspersky: The company unveils new branding and visual identity

Kaspersky Lab has been providing the best security solutions to its customers for over two decades. With the world increasingly becoming digitized and globalized, the company has revamped its brand identity, to move beyond the anti-virus laboratory and become a technology leader with an advanced and extensive portfolio of cybersecurity solutions and services. These solutions include creative products and technologies, cloud services and world-class threat intelligence.

As a part of the re-brand, the company name (Kaspersky Lab) simply becomes ‘Kaspersky’, with a new mission: ‘building a safer world’, emphasizing the commitment to a transparent and trusted future where everyone has the endless opportunities technology brings.

Cybersecurity nowadays is not just about protecting devices but also developing an ecosystem where every connected thing is protected. Kaspersky’s new vision shows the company’s commitment to this evolution, supporting the development of secure connected systems. It also marks the development of higher industry standards for the future.

“Since we founded our company more than 22 years ago we’ve seen both the cyberthreat landscape and our industry evolve and change beyond recognition, while witnessing the growing role of technology in our lives both at work and at home. Today the world has new needs, and our rebranding reflects our vision to meet those needs – not just for today, but well into the future. Building upon our successful track record in protecting the world from cyberthreats, we’ll also help build a safer world that’s immune to cyberthreats. A world where everyone is able to freely enjoy the many benefits that technology has to offer,” commented Eugene Kaspersky, CEO of the company.

As Kaspersky, the organization will encourage customers to trust, embrace and use the latest additions that are protected by its technologies.

New visual identity

The company has also updated its visual identity. The re-branding reflects the essence of their business from ‘cybersecurity’ towards the broader concept of ‘cyber-immunity’.

The new logo of Kaspersky is designed from geometric and mathematically exact letterforms. It represents the top-class software engineering expertise that the company evolved from and to which it remains committed. In the name change line, Kaspersky has dropped the word ‘Lab’.

“The basis for our existing logo was developed in 1997 and many things have changed since then. Previously, we used letters from the Greek alphabet that are just not relevant anymore due to the changes in the breadth and depth of our communications – we need to look to the future and embrace the digital world. It seemed logical to remove the Lab from our name when we were developing the new visual identity – as we wanted to simplify our branding in a way that helps to deliver our newly inspired philosophy and mission, whilst still highlighting our company’s wide range of technologies,” said Andrew Winton, Vice President, Marketing at Kaspersky.

READ NEXT: Kaspersky Lab shares views on “Efficiently managing risks with Cyber Threat Intelligence”

Categories
Articles Event

7 biggest announcements at Interop 2019

Interop 2019, an unbiased IT conference, hosted all levels of IT and business pros at the Mirage, Las Vegas, on May 20-23. The three-day event provided attendees a complete objective view of the things happening across all the IT disciplines.

It featured speakers from industry leaders like Google, Microsoft, IBM, Juniper Networks, Cisco, Delta Dental, and Red Hat.

Interop 2019: Top announcements

Having said that, below are the main announcements made at Interop 2019:

1. Winners of 2019 Best of Interop Awards

Interop announced the winners of its 2019 Best of Interop Awards to recognize the companies that made significant technological advancements with their innovative products.

2019 Best of Interop Awards Winners:

  • CloudEdge Expander Cloud Module, Expanse
  • DevOpsDatadog Synthetics, Datadog
  • Infrastructure—Batfish Enterprise, Intentionet
  • Security— Edge Expander Cloud Module, Expanse
  • Emerging Vendor— 128 Technology
  • Honorable Mention— IBM Multicloud Manager, IBM and ThousandEyes Multi-Cloud Network Intelligence, ThousandEyes

“A huge congratulations to this year’s award winners as well as all those who submitted,” said Meghan Reilly, General Manager, Interop. “These awards are a staple for Interop and continue to honor companies who push the envelope to better not only their organizations, but the industry as whole. Thank you all for your dedication and hard work in an everchanging and growing space.”

2. Kissflow Digital Workplace

The workflow management leader Kissflow launched an industry-first unified digital workplace platform called Kissflow Digital Workplace. The new solution combines the power of project management, process automation and team collaboration to streamline business workflows and enterprise productivity.

“Over the last six years, our world-class business process and workflow automation platform has enabled thousands of companies’ productivity processes across the globe,” said Kissflow’s CEO, Suresh Sambandam.

“We’ve now embarked on a greater mission of providing an intuitive product that unifies the entire spectrum of work. Our new no-code platform is built on the consumer scale capabilities coupled with enterprise-level security of Google Kubernetes Engine, which is flexible enough to enable a perfect orchestration between various microservices of Kissflow.”

3. Arcules adds ACaaS to its portfolio

Arcules added access control-as-a-service (ACaaS) to its portfolio that already includes Video-Surveillance-as-a-Service (VSaaS). The new solution will allow customers centrally manage access control effectively across geographically dispersed business locations in a single user interface, the company said.

4. Datadog’s SaaS-based monitoring and analytics platform

Datadog showcased a new monitoring and analytics platform for infrastructure, applications, logs, etc. Based on software-as-a-service (SaaS), the new solution is a unified platform to provide visibility into the performance of modern apps.

5. Expander Cloud module

Expanse showcased the new Edge Expander Cloud module that will enable enterprises to monitor their internet traffic flows for risky and out-of-policy communications.

6. Forward Enterprise platform

Forward Networks launched a new network verification platform called Forward Enterprise that enables network operators to query their network like a database.

7. IBM multi-cloud management solutions

IBM showcased its multi-cloud management solutions that can provide greater operational agility and power to identify, analyze and respond quickly to change in the hybrid and multi-cloud environments.

Suggested reading: 15 e-commerce trends to watch out for in 2019

The event witnessed many more innovative announcements for enterprises, which can be found here.

It will return next year as Interop 2020 in Las Vegas on May 4-7.

Images source: Interop

Categories
Newss

Microsoft warns Windows users to “Update Now” to protect against new dangerous worm

Last month, Microsoft had released fixes for a critical Remote Code Execution vulnerability (CVE-2019-0708), called BlueKeep. This vulnerability was found in Remote Desktop Services, affecting some older versions of Windows. The tech giant has now warned that an exploit exists for this vulnerability.

According to an internet-scale port scanner, nearly one million devices on the public internet are vulnerable to BlueKeep.

“Future malware that exploits this vulnerability could propagate from vulnerable computer to vulnerable computer in a similar way as the WannaCry malware spread across the globe in 2017,” wrote Microsoft in a blog post.

Which versions of Windows are affected by BlueKeep vulnerability?

The following Windows systems are vulnerable to CVE-2019-0708 BlueKeep:

  • Windows 2003
  • Windows XP
  • Windows 7
  • Windows Server 2008 R2
  • Windows Server 2008

Users of Windows 8 and Windows 10 are not affected by this vulnerability.

How can BlueKeep vulnerability affect users?

If a vulnerable computer connected to the internet is compromised, it can provide a gateway to the corporate networks. This can allow attackers to spread advanced malware and infect all the computers across the enterprise.

It is a pre-authentication vulnerability and doesn’t need user interaction. Once the vulnerability is exploited, the attackers can execute arbitrary code on the target system. Then, the attacker can install programs, view/change or delete data, as well as create new accounts with full user rights.

“This scenario could be even worse for those who have not kept their internal systems updated with the latest fixes, as any future malware may also attempt further exploitation of vulnerabilities that have already been fixed,” added Microsoft.

Also read: Over 3 million malware detected on Android phones in 2018: Report

How to protect Windows against BlueKeep vulnerability?

Windows 2003 and Windows XP are out-of-support systems. Users of these systems can address the new vulnerability by upgrading to the latest Windows version.

Whereas, the users of in-support systems (Windows 7, Windows Server 2008, Windows Server 2008 R2) can download the security patch from the Microsoft Security Update Guide.

The customers who are using an in-support version of Windows and have enabled automatic updates by default are protected automatically.

Categories
Articles

Top 3 time-consuming IT tasks and how to automate them

In our hyper-connected digital age, there has never been more pressure on IT departments to ensure the smooth, cohesive and successful running of their organization’s internal infrastructure.

Regardless of your sector or industry, in many ways, your IT department is the backbone of your entire operation. If your IT department is inefficient, every element of your business will suffer.

As digital technologies evolve, opportunities to automate key aspects of your IT department’s daily initiatives continue to emerge.

IT automation has the power to make your organization more secure, more productive and more time efficient than ever before. Here we explore the three most time-consuming tasks facing today’s IT departments and how it’s possible to automate them to your advantage.

Distribution

Fundamentally, software distribution encompasses each of the aforementioned areas and more.

As contemporary IT systems become increasingly complex, not only do they consume colossal levels of bandwidth, but they take an incredibly large amount of time to manage. That said (you might be spotting a theme at this point), automating key elements of your software distribution strategy is the way forward.

How? Concerning the automation and general improvement of your internal software distribution processes, the route to success is stripping down your physical assets by basing the majority of your system’s key components in the cloud. In turn, this will eliminate the need to invest in expensive infrastructure or become hindered by time-consuming processes.

By examining your current infrastructure and identifying what you can trade for the cloud, you’ll foster efficiency while creating a clear-cut path for distribution-based automation.

Cloud-based IT software distribution solutions serve to automate these most intricate of processes while increasing operational efficiency and consuming far less bandwidth – the key ingredients to operational success.

 

“Every once in a while, a new technology, an old problem, and a big idea turn into an innovation.”  – Dean Kamen

Across the board, software deployment can drain a huge amount of time, money and resources. But, by automating your IT department’s most frequent or critical processes, you will save tons of time and free up your department’s schedule to take care of other tasks in the pipeline.

Maintenance

Regular IT maintenance is integral to the ongoing health and success of your organization.

Ensuring that every component of your infrastructure is operational, updated and working to its optimum capacity is incredibly time-consuming.

But, while performing system maintenance was once a primarily manual task, IT automation solutions have made it possible to deploy tailored maintenance plans at predetermined times and frequencies, making the whole process secure, controlled and fluid from start to finish. A time-saving innovation with an endless stream of organizational benefits.

How? On an individual basis, installing automated disk check or cleanup software and scheduling periodical updates on each computer within your company’s system will ensure the ongoing performance and health of each cog in the wheel, so to speak.

Moreover, using your operating software’s in-built system backup automation, programming it to operate on a regular basis, you will keep on top of your maintenance duties with minimal intervention.

On a wider scale, utilizing a cloud-based software solution powered by micro-agents will help you perform such tasks on larger, more complex systems while ensuring all of your files, assets and efforts are securely backed up in the cloud, thus ensuring security, while saving you energy to apply on other aspects of the business.

Security

In the age of information, cybersecurity is of paramount importance. On an average, there are over 130 large-scale, targeted breaches in the US alone every year, a number that is growing by 27% every 12 months.

Any form of a cyber breach can prove devastating to your business and it’s the responsibility of your IT department to fortify the organization against any potential attacks.

System troubleshooting, updates, security software installation and patch management activities are not only incredibly time-consuming but as a regular task, they present an ongoing challenge for over-stretched IT departments.

By automating all of these vital processes, you will ensure the ongoing protection of your business empire while empowering your IT operatives to focus on more strategic initiatives that further benefit the organization.

How? As cybersecurity is so integral to your company’s future, it’s important to note that while getting autonomous tech to do most of the heavy lifting will prove incredibly effective – you must work collaboratively with your IT department to ensure that your automated initiatives are working to the best of their abilities to avoid any unforeseen breaches.

When looking at autonomous security solutions, it’s important to consider your existing platforms as well as the size of your company and choose your tools accordingly. To really win in the battle against corporate targeting cyber criminals, you will need to look for the following qualities in potential protection-based automated solutions:

  • The ability to detect existing weaknesses in your infrastructure or system.
  • The ability to run regular routine security checks and software updates.
  • The ability to scale seamlessly with the growth of your organization.
  • The ability to record all of your patching activity for security data and auditing processes.

For more IT-enhancing insights for your business, read about the top five collaboration tools for DevOps teams.

Guest Author- Jeff Broth

Jeff Broth is a business writer, mentor, and cybersecurity advisor. He has been consulting both enterprises and SMBs for the past seven years.
Categories
Cloud News News Partnership

Acronis and ZNet Technologies join forces to equip partners with innovative cyber protection solutions

ZNet Technologies will make the wide range of Acronis cyber protection solutions available in the regional Indian markets via its local partners network 

ZNet Technologies, India’s leading cloud distributor offering cloud infrastructure and managed services, today announced that it has partnered with Acronis to offer cybersecurity solutions in India.

Acronis, a global leader in cyber protection, sets the standard with its innovative backup, security, disaster recovery, and enterprise file sync and share solutions for consumers, small-medium businesses, and enterprises.

ZNet Technologies will help enhance the reach of Acronis’ easy, efficient, and secure cyber protection technology to local businesses through its wide partners network. In today’s digital era when cyber protection solutions are of critical need, the artificial intelligence (AI) capabilities which are part of Acronis products, provide increased security and reliability, presenting an effective method to block off ransomware attacks.

“We are delighted to partner with Acronis, a global leader in cyber protection. With this partnership, we aim to deliver Acronis security solutions to enterprises, SMBs and individual users via our partner network. Our aim is to make Acronis security solutions easily available for partners with flexible billing options using our home-grown service delivery and business automation platform,” said Munesh Jadoun, CEO at ZNet Technologies. “We plan to work very closely with Acronis, so as to arm our partners with the right technical skills for taking the much-needed cyber protection solutions to the masses far and wide.”

Also read: Acronis rolls out major update to its enterprise backup solution

“ZNet Technologies is a trusted name across the region with a strong presence in India – we are excited to partner with a team that is well-equipped with technical skills in cloud backup and security. We believe this alliance will prove to be instrumental in delivering best backup and cybersecurity solutions to Indian customers, including our recently launched Cyber Platform,” said Neil Morarji, Acronis General Manager, Enterprise.

Categories
Newss

Sophisticated spyware attack on WhatsApp hacks mobile phones of users

Despite encrypting every conversation and following best security practices, the Facebook-owned WhatsApp has become vulnerable to a cyber attack.

The messaging service revealed that it found a vulnerability that could allow attackers to infect the WhatsApp users with spyware, just by making them a call.

The vulnerability, dubbed CVE-2019-3568, allowed attackers to infect the device even if the users didn’t answer the call. What the attackers did is exploited a buffer overflow weakness in the app that enabled them to hack the WhatsApp and then the device on which it is running.

Security team at WhatsApp called it an advanced cyber actor which is a rare but very dangerous type of cyberattack. The spyware is different from other malware attacks which are carried out via phishing approaches. Attackers can use spyware to exploit the devices even if the users don’t receive the call.

If a device is attacked, the cybercriminals could gain access to the personal data which is stored on the handset. They could modify things or lock the mobile to demand ransom from the users.

The following versions of WhatsApp were vulnerable to the spyware attack:

  • WhatsApp for Android prior to v2.19.134
  • WhatsApp Business for Android prior to v2.19.44
  • WhatsApp for iOS prior to v2.19.51
  • WhatsApp Business for iOS prior to v2.19.51
  • WhatsApp for Windows Phone prior to v2.18.348
  • WhatsApp for Tizen prior to v2.18.15

WhatsApp has responded to the attack and said that it became aware of the vulnerability earlier this month. Within 10 days, the social network released a server-side fix to mitigate the attack. However, dozens of WhatsApp users were already compromised before the fix was issued.

Also read: Cybersecurity threats can cost large organizations US$10.3 million and a mid-sized organization $11K annually, on an average

Further, WhatsApp has also released an update to the mobile app on Monday which will help in avoiding such cyber attacks in the future.

In a statement after releasing the patch, WhatsApp has asked all its users to update the app to the latest version and also keep their operating system updated.

Categories
Cloud Cloud News Newss

Acronis rolls out major update to its enterprise backup solution

Acronis is rolling out a major update to its enterprise backup solution—Acronis Backup, by extending its scalability, adding physical data shipping, improved user experience, support for more languages, etc.

Acronis Backup 12.5 Update 4, the latest update, brings several new features to the customers. First, they will be able to send encrypted backups of all the data to an Acronis data center on a hard drive.

Second, the number of devices that can be managed from a single management server has been increased. Customers can now manage up to 8,000 devices using an easy-to-use web interface and save on infrastructure resources.

Third, the company has improved the active protection in its backup solution. It can now detect crypto-mining malware and protect network folders mapped as local drives.

Fourth, customers can now convert backup files into VM files, which they can run on VMware Workstation and Microsoft Hyper-V.

Fifth, there is a new comment feature that can be used to organize devices by adding comments to protected machines, and then group or filter them using keywords.

Sixth, Acronis Backup now also has a new Performance and backup window for setting up backup window settings easily and reduce the impact on running systems.

Seventh, the latest release will add support for more operating systems and hypervisors. These include:

  • Microsoft Exchange Server 2019
  • Windows Server 2019 with Hyper-V
  • Microsoft Hyper-V Server 2019
  • VMware vSphere 6.7 update 1
  • Citrix XenServer 7.6
  • RHEL 7.6
  • Ubuntu 18.10
  • Fedora 25, 26, 27, 28, 29
  • Debian 9.5, 9.6
  • Windows XP SP1 (x64), SP2 (x64), (x86)

Lastly, the company has added seven new languages to the user interface (UI). These include Bulgarian, Norwegian, Swedish, Finnish, Serbian, Malay, and Indonesian.

Also read: 97% of enterprises perform data backup at least once a year: Acronis’ World Backup Day survey

“This is by far the largest Acronis Backup update to date. We listened to our users and brought the features that they requested. Acronis Backup is the most secure backup in the market, which is why it is trusted by more than 500,000 businesses worldwide,” said Patrick Hurley, Vice President & General Manager, Americas at Acronis.

Image source: Acronis

Page 1 of 6
1 2 3 6