Threats to virtual environments

| April 26, 2016

article image
Virtualization in enterprises has been a growing trend for years, offering attractive opportunities for scaling, efficiency, and flexibility. According to Forrester Research, over 70 percent of organizations are planning to use server virtualization by the end of 2015. companies delay implementing virtualization due to security concerns or adopt virtualization before deploying advanced security measures. However, virtual machines and their hosting servers are not immune to attack. Introducing virtualization technology to a business creates new attack vectors that need to be addressed, such as monitoring the virtual networks between virtual machines.

Spotlight

CoSoSys

CoSoSys is specialized in device control, data loss prevention (DLP) for Windows, Mac OS X, and Linux, Mobile Device Management (MDM) for iOS and Android and Mobile Application Management (MAM) for iOS and development of applications for portable storage device enhancement. The application portfolio includes functions from device control, mobile device security, file tracing and shadowing, password security, data synchronization and network security. CoSoSys flagship product, Endpoint Protector 4 was named Data Loss Prevention solution of the Year at Computing Security Awards 2014 and 2015 and it is certified with Common Criteria EAL2. CoSoSys distributes its products globally through Distributors, Resellers and directly to users online. CoSoSys enjoys a continuously growing installation base of users worldwide and was recognized in 2011 as one of the fastest growing technology companies being a winner of the 2011 Deloitte Technology FAST 50 ranking for Central Europe. The company has

OTHER ARTICLES

How Is Covid-19 Creating Data Breaches?

Article | March 30, 2020

Trevor is working from home for the first time. He loves the freedom and flexibility, but doesn’t read his company’s new BYOD policy. Sadly, he misses the fact that his home PC is not protected with updated security software nor the latest operating system patches. Kelcie’s home PC is faster than the old work laptop that she’s been issued to use during the pandemic. She decides to use a USB stick to transfer large files back and forth between her PCs to speed things up. After a few days, she does all her work on her home PC, using a “safe” virtual desktop app. But unbeknownst to her, there is a keylogger on her home PC.

Read More

Work From Home: Cyber Security During Covid-19

Article | April 14, 2020

COVID-19 has significantly affected individuals and organizations globally. Till this time more than 1.7 million people in 210 countries have bore the brunt of this mysterious virus. While this crisis is unparalleled to the past crises that have shaken the world and had lasting impacts on different businesses, economies and societies but the one domain that had remained resilient through all the past crises and is going solid in COVID-19 as well is Cyber security. While most of the sectors globally have been affected, Cybersecurity’s importance to organizations, consumers and home users have not only remained strong but have been increased drastically.

Read More

Noxious Zero-Click Attack: What Is It And How To Avoid It

Article | January 19, 2021

For years, we have been told that cyber-attacks happen due to human-errors. Almost every person has stressed about training to prevent cyber-attacks from taking place. We have always been on the alert to dodge errant clicks or online downloads that might infect devices with security threats. However, not all attacks need a user’s oversight to open the door. Although avoiding clicking on phishing emails is still significant but there is a cyber threat that does not need any human error and has been in the recent news. It is known as Zero-Click attack where some vulnerabilities can be misused by hackers to launch attacks even without interaction from the victim. Rather than depending on the hardware or software flaws to get access to the victim’s device, zero-click attacks eliminate the human error equation. There is nothing a victim can do once coming into the limelight of the hacker. Also, with the flourishing use of smartphones around the world that entails all the personal information and data, this thread has expanded enormously. How Zero-Click Attacks Occur? The core condition for successfully pulling off a zero-click is creating a specially designed piece of data which is then sent to the targeted device over a wireless network connection including mobile internet or wifi. This then hit a scarcely documented vulnerability on the software or hardware level. The vulnerability majorly affects the messaging or emailing apps. The attacks that have begun from Apple’s mail app on iPhone or iPad, have now moved ahead on Whatsapp and Samsung devices. In iOS 13, the vulnerability allowed zero-click when the mail runs in the background. It enables attackers to read, edit, delete, or leak the email inside the app. Later these attacks moved to Samsung’s android devices having version 4.4.4 or above. The successful attacks provide similar access to the hackers as an owner, entailing contacts, SMS, and call logs. In 2019, a breach on Whatsapp used the voice call functionality of the app to ring the victim’s phone. Even if the victim didn’t pick the call and later deleted it, the attacks still installed malicious data packets. These grants access to the hacker to take complete control of call logs, locations, data, camera, and even microphone of the device. Another similar attack had happened due to the frangibility in the chipset of WI-FI that is used in streaming, gaming, smart home devices, and laptops. The zero-click attack blooms on the increase of mobile devices as the number of smartphones have reached above 3 billion. How To Avoid Zero-Click Attacks? Most of the attacks of zero-click target certain victims including corporate executives, government officials, and journalists. But anyone using a smartphone is a possible target. These attacks cannot be spotted due to the lack of vulnerabilities. So the users have to keep the operating system along with the third-party software updated. Also, it is a must to give minimal permissions to apps that are being installed on the device. Moreover, if you own a business and are afraid of the zero-click attacks on your company’s app, you can always seek IT consultations from top-notch companies orhire developersthat will help in developing applications with hard-to-creep-into programming languages where detecting an attack is efficient.

Read More

Zyxel Helps Service Providers Deliver Solutions with Cyber Security

Article | April 1, 2020

The COVID-19 pandemic brings heightened awareness to the importance of a robust and stable communications network. Zyxel Communications is helping service providers across the globe ensure that their networks provide the necessary connectivity and cyber security for their communities to function during these difficult times. As more people are forced to work and study from home, the impact on the network is quite profound. OpenVault reports a 41% increase in bandwidth consumption during normal business hours. This health crisis points to the importance of good network connectivity wherever you live. COVID-19 brings the true nature of the digital divide into real context.

Read More

Spotlight

CoSoSys

CoSoSys is specialized in device control, data loss prevention (DLP) for Windows, Mac OS X, and Linux, Mobile Device Management (MDM) for iOS and Android and Mobile Application Management (MAM) for iOS and development of applications for portable storage device enhancement. The application portfolio includes functions from device control, mobile device security, file tracing and shadowing, password security, data synchronization and network security. CoSoSys flagship product, Endpoint Protector 4 was named Data Loss Prevention solution of the Year at Computing Security Awards 2014 and 2015 and it is certified with Common Criteria EAL2. CoSoSys distributes its products globally through Distributors, Resellers and directly to users online. CoSoSys enjoys a continuously growing installation base of users worldwide and was recognized in 2011 as one of the fastest growing technology companies being a winner of the 2011 Deloitte Technology FAST 50 ranking for Central Europe. The company has

Events