PLATFORM SECURITY

Anxinsec proposed a protection solution for advanced threats to defend against 0-day exploits and fileless attacks

Anxinsec | August 30, 2021

Anxinsec proposed a protection solution for advanced threats to defend against 0-day exploits and fileless attacks
In the Beijing Cyber Security Conference 2021 from August 26th to 28th, Anxinsec was invited to attend along with more than 200 top domestic and international cyber security experts. During the conference, Anxinsec, a pioneer and leader in memory protection, presented a novel solution to prevent advanced threats.

Recently, the world witnessed the rise of massive ransomware attacks, such as the SolarWinds attack or the Kaseya supply chain attack. These kinds of advanced threats are usually deliberate attempts by professional hacking organizations performing long-term infiltration strikes with the ultimate goal of destroying or stealing data in order to achieve a political or economic result. The rise of massive attacks have raised the alarm for the global cyber security defense system and proved that the current endpoint security isn't enough against today's advanced threats.

Today's advanced threat happened in memory and kernel space are increasingly common. In May 2020, Google engineers counted 912 security flaws with high and critical levels in Chrome since 2015 and found that 70% were memory-level vulnerabilities. Microsoft security engineer said at the 2019 Israel Cyber Security Conference, 70% of the vulnerabilities fixed in Microsoft's products in the past 12 years are memory security flaws.

With the growing trend of threat actors moving lower in the stack into hardware and firmware, 0-day vulnerability exploits and files attacks account for a large proportion of the prevailing attack methods today. These attacks are extremely destructive and less visible with the current EDR techniques. Chinese cyber security start-up Anxinsec provides a novel solution to this rising threat. Through implementing hardware virtualization technology, it lowers the line of defence from the application level to system and hardware level. The Anxinsec memory protection solution based on CPU instruction and memory set can effectively prevent the risk of data breaches and tampering at the memory level.

Meanwhile, Anxinsec has a strong expert service team, can provide industry-leading security consulting, penetration testing, security maintenance, security operations and emergency response services. One of the main services the company provides in UAE is security expert service. Other services include enterprise mobility management (EMM), which includes mobile device management, mobile application lifecycle management, building enterprise mobile security framework, and unified endpoint management.

Spotlight

With every new layer of cyber security you put in place, the attackers respond by evolving their own tools and techniques. To combat this constantly changing threat you, too, need a new approach: FireEye as a Service.

Related News

Arceo.ai Adds CJ Pruzinsky to Its Team of Cyber Insurance Experts, Strengthens Cyber Security Risk Capabilities

Arceo.ai | July 17, 2020

Arceo.ai, a cyber risk analytics company that empowers enterprises to better identify, respond to, and recover from cyber risks, continues to grow its team of senior cyber insurance experts to enhance the services and solutions it delivers to the cyber insurance industry. Charles J. "CJ" Pruzinsky, an experienced cyber underwriting executive, has joined Arceo as Executive Vice President and Chief Underwriting Officer for its U.S. operations.Before joining Arceo, Pruzinsky was responsible for managing the Northeastern operations at Beazley Group, based in New York. Prior to Beazley, he held senior underwriting positions at American International Group, where his responsibilities included building out AIG's Midwestern U.S. regional capabilities.

Read More

DATA SECURITY

Cynalytica Delivers New Solution to Help Combat Cyber Threats to Maritime Navigation and Communication Systems

Cynalytica | September 20, 2021

Cynalytica Inc. announces its SerialGuard AnalytICS Platform now offers monitoring, deep packet inspection (DPI) support, and intrusion detection for legacy NMEA protocols. Its latest extension provides enhanced situational awareness and security to vulnerable maritime Industrial Control Systems (ICS) through NMEA-specific packet evaluations, analysis, and intrusion detection capabilities. "In addition to the serious threats posed to their OT network, one of the maritime industry's biggest security challenges today is the protection of their navigation and communications systems from persistent cyber threats. Vessels are increasingly vulnerable to cyber attacks that can cause GPS interference and spoofing, AIS spoofing, bridge-to-bridge communications spoofing, and other communications jamming which can have catastrophic kinetic consequences," explains Richard Robinson, CEO of Cynalytica. "Distressingly, many of these navigation and communication instruments rely on NMEA 0183 serial protocols, which do not have authentication, encryption, or validation capabilities. They also lack a sufficient level of real-time visibility and data validation capabilities that would help detect such attacks. These security limitations make the NMEA-connected devices exceptionally susceptible to hackers, and the consequences could prove adverse." With the SerialGuard® AnalytICS Platform, the maritime industry can now help address critical vulnerabilities within their NMEA-connected instruments and other serial-connected control systems simultaneously. The extended capabilities will provide maritime operators with an unprecedented level of visibility into NMEA-connected devices while empowering them to baseline communications, accurately monitor behavioral patterns, and create alert rulesets to detect cyber attacks and misconfigurations quickly." Designed to protect serial-connected ICS, the SerialGuard® AnalytICS Platform is a fully-passive and fail-safe monitoring and intrusion detection system (IDS) that brings real-time visibility to high-risk assets. The platform consists of the SerialGuard® sensor that passively taps serial communications, combined with Cynalytica's AnalytICS Engine – a monitoring and intrusion detection system, and data validation tool that enables operators to baseline normal operations and create alert rulesets to detect anomalous behavior. The SerialGuard AnalytICS Platform is easily deployed across most maritime industries including naval vessels, passenger ships, container ships, tankers, bulk carriers, ports, and many more. About Cynalytica Cynalytica, Inc. combines a diverse set of industry expertise with decades of applied research and development experience to deliver pioneering cybersecurity and machine analytics technologies that help protect critical national infrastructure, securely enable Industry 4.0 and help industries accelerate their digital transformation objectives.

Read More

Keysight Technologies Earns Security New Certifications to strengthen Network Visibility and Security

Keysight Technologies | August 17, 2020

Keysight Technologies, Inc., a leading technology company that helps enterprises, service providers and governments accelerate innovation to connect and secure the world, announced that the company has earned new security certifications for its full Vision portfolio of network packet brokers (NPB) which enable Federal and Regulated industries to strengthen network visibility and security. Cybersecurity has become a critical component of government and industry systems as societies reliance on a digital infrastructure continues to escalate. These security certifications allow Keysight to provide government agencies with advanced network visibility for protecting systems, networks and programs from digital attacks. Cyberattacks are usually aimed at accessing, changing or destroying sensitive information; extorting money from users; or interrupting normal business processes.

Read More

Spotlight

With every new layer of cyber security you put in place, the attackers respond by evolving their own tools and techniques. To combat this constantly changing threat you, too, need a new approach: FireEye as a Service.