DATA SECURITY

EnGenius Harnesses Latest Cloud Security Technology to Protect Enterprise Networks from Rogue Devices and Data Threats

EnGenius Technologies Inc | November 12, 2021

EnGenius Harnesses Latest Cloud Security Technology to Protect Enterprise Networks from Rogue Devices and Data Threats
EnGenius Technologies Inc., a worldwide manufacturer of future-proof enterprise networking solutions, today introduced two brand new cloud-managed Wi-Fi 6 security access points, the ECW230S and ECW220S with the EnGenius AirGuard™ system.

As remote network access and a growing number of Bluetooth/IoT devices create more attack surfaces than ever before, enterprise networks are increasingly vulnerable to data breaches and cyber-attacks. In response, EnGenius has expanded its security features to include new Wi-Fi 6 cloud-managed security access points ideal for information-sensitive financial, medical, and distributed enterprise networks.

Unlike other Wi-Fi security solutions that scan outside peak times, the EnGenius Cloud security APs come equipped with EnGenius AirGuard™, an intelligent wireless security system that identifies and neutralizes threats 24/7. Using dedicated scanning radios, AirGuard™ security APs scan the environment non-stop for attacks—evil twins, rogue APs, flood detection, man-in-the-middle attacks, and radio frequency jammers—without degrading network performance at all. 

The new security APs also feature professional-grade RF spectrum analysis that visualizes radio frequencies at a glance to ensure all SSIDs are authorized, and the most efficient channels are utilized. Its zero-wait DFS avoids disruption from radar detection and provides an uninterrupted change of channels when needed. In addition to identifying unauthorized devices, the security APs also detect all Bluetooth devices nearby.

Keeping your network secure is challenging. According to recent statistics, phishing is responsible for 90% of enterprise data breaches that are costing billions of dollars in lost revenue and downtime. Rogue devices are often the gateway to such attacks. EnGenius is moving aggressively into the Wi-Fi network security space, offering end users a seamless all-in-one cloud-managed security solution without the need to purchase multiple off-the-shelf solutions to handle costly cyberattacks.

Key Features:
  • Wireless intrusion detection system (WIDS) - for threat detection
  • Wireless intrusion protection system (WIPS) - for attack remediation
  • Dedicated scanning radios - for 24/7 wireless security monitoring
  • RF spectrum analysis - for identifying clean channels and ensuring all SSIDs are legitimate
  • Wi-Fi 6 technology - for high-performance Wi-Fi in high-density, multi-device environments
  • Zero-wait DFS – to avoid client disruption when radar is detected on DFS channels
  • Bluetooth 5 low energy – for BLE device detection and location-based extended advertising.


"With over twenty years of delivering high-quality networking solutions, we are excited to continue leading the industry by strengthening our industry-acclaimed cloud management system with an integrated high-performance wireless security solution. The ECW230S and ECW220S will be able to identify and prevent Wi-Fi security threats in real time without any performance degradation,We are determined to provide our customers with even stronger security tools to counter the constant, increasingly sophisticated attacks on their networks and sensitive enterprise data."

Andy Chang, global vice president of marketing and sales at EnGenius Technologies

About EnGenius
EnGenius Technologies is a leading global manufacturer of pioneering wireless communications that empower mobility, enhance productivity, and embrace simplicity. For more than 20 years, EnGenius has shipped millions of radios that provide feature-rich, reliable, personalized voice and data solutions worldwide, making connected networks simple, smart, and secure. EnGenius Cloud solutions deliver reliable performance, easy installation, predictive analysis, and real-time insights to drive the success of your business. A leader in premise mobility communications, the EnGenius cordless business telephone systems and durable handsets provide reliable, long-range connectivity to handle the great outdoors, multi-story buildings, and the most challenging of environments.

Spotlight

"Synthetic identity fraud made major headlines as far back as 2007, when “The Borrower Who Never Was” ran on the front page of the Wall Street Journal. 1 The article detailed the criminal activity of two individuals who were managing as many as 500 fake personas in 200 apartments in 14 states. In 2013, 18 individuals were initially indicted for running a $200 million credit card scam that created 7,000 new identities. These stories are clear examples of how synthetic identity fraud is growing as an area of concern. "

Spotlight

"Synthetic identity fraud made major headlines as far back as 2007, when “The Borrower Who Never Was” ran on the front page of the Wall Street Journal. 1 The article detailed the criminal activity of two individuals who were managing as many as 500 fake personas in 200 apartments in 14 states. In 2013, 18 individuals were initially indicted for running a $200 million credit card scam that created 7,000 new identities. These stories are clear examples of how synthetic identity fraud is growing as an area of concern. "

Related News

DATA SECURITY

AppOmni Announces its SaaS Security Management Support for Leading Digital Workflow Company, ServiceNow

AppOmni | July 21, 2021

The leading provider of SaaS Security Management, AppOmni, has announced that it would provide SaaS Security Management support for the leading digital workflow company, ServiceNow. ServiceNow is a leading digital workflow company that does work, works better for people. It also delivers a practical solution that helps companies enhance managerial workflows from IT and HR services to customers and employee integrations. Security and IT teams of ServiceNow can identify and remediate configuration risks and security preferences with the addition of AppOmni AppOmni is empowering ServiceNow clients who have numerous SaaS vendors to accomplish their security pose and threat across all of their dangerous SaaS environments in one place. The Now Platform delivers extensive competencies for clienteles to monitor and accomplish the security features for the platform and the applications built on top of the ones they use most such as auditing tools, providing best practices, proactive security administrator notifications, and security events detection. Now with the cooperation of AppOmni Security and IT teams of ServiceNow, will have: • Access to ServiceNow safety best practice policies from an essential SaaS monitor service to support confirm maximum defenses are in place to reduce susceptibilities during custom distributions • Amplified discernibility and know-how to recognize configuration risks and safety inclinations across many SaaS salespersons such as the Now Platform • Accessibility of high-fidelity recognition alerts, which clients can configure to send to ServiceNow or other safety monitoring tools to rationalize response. Now with AppOmni, it would make it simple for enterprise security, CISOs, and IT teams to completely secure their rising SaaS environments by providing a complete suite of SaaS protection, security posture, and monitoring capabilities., AppOmni expands, with the addition of ServiceNow, it's SaaS Security Management solution to cover the most extensively used corporate critical applications, which now include GitHub, Box, Microsoft Teams, Microsoft Office 365, Slack, Salesforce, and Zoom. About AppOmni As the leading provider of SaaS Security Management, it provides unprecedented data management, access visibility, and security of SaaS solutions, allowing organizations to make safe, mission-critical, and sensitive data. The company customer base of AppOmni includes global leaders across healthcare, technology, banking, finance, and security. The company's leadership team brings know-how and invention from leading high tech companies, SaaS providers, and cybersecurity vendors.

Read More

Cisco's 6 Unpatched Internal Servers Compromised

Cisco | June 01, 2020

Cisco's six servers that were compromised are used to support Internet Routing Lab Personal Edition, or VIRL-PE, and Modeling Labs Corporate Edition . The exploitability of the vulnerabilities in the six servers depends upon how the products that the servers' support are enabled. We expect that any competent hacker will be able to create 100% reliable exploits for these issues in under 24 hours. Six internal servers that Cisco uses to support its virtual networking service were compromised earlier this month after the company failed to patch two SaltStack zero day vulnerabilities, according to a security advisory sent to customers this week. Cisco gave no details on exactly what, if any, damage was done as a result of the attacks, but said a "limited set of customers" was impacted. If exploited, these zero-day vulnerabilities potentially could have allowed an attacker to gain full remote code execution within the servers. In its Thursday advisory, Cisco states that on April 29, the Salt Open Core team informed those using the SaltStack open-source configuration management and orchestration tool about two critical-rated vulnerabilities, an authentication bypass flaw, CVE-2020-11651, and a directory traversal problem, CVE-2020-11652. Cisco applied the patch in May, and a limited set of customers were impacted by exploitation attempts of the vulnerability," a company spokesperson tells Information Security Media Group. Despite this warning, Cisco placed six servers in service on May 7 that were not patched against these vulnerabilities, and the servers were immediately attacked, the company acknowledges. The vulnerabilities in SaltStack were originally uncovered by security firm F-Secure, which describes them as allowing an attacker "to bypass all authentication and authorization controls and publish arbitrary control messages, read and write files anywhere on the 'master' server file system and steal the secret key used to authenticate to the master as root. The impact is full remote command execution as root on both the master and all minions that connect to it. Read more: COVID-19 PANDEMIC MOVES ORGANIZATIONS TO INCREASE CYBERSECURITY SPENDING A software component of the Cisco Virtual Internet Routing Lab service was affected by a third-party software vulnerability that was disclosed in late April. Cisco applied the patch in May, and a limited set of customers were impacted by exploitation attempts of the vulnerability. ~ Information Security Media Group. SaltStack published its own advisory on April 20 and patched the vulnerabilities the following week with the release of versions 2019.2.4 and 3000.2, Alex Peay, a senior vice president at SaltStack, tells ISMG. Cisco's six servers that were compromised are used to support Internet Routing Lab Personal Edition, or VIRL-PE, and Modeling Labs Corporate Edition, or CML, a platform that enables engineers to emulate various Cisco operating systems, including IOS, IOS XR, and NX-OS, Cisco says in the advisory. The exploitability of the vulnerabilities in the six servers depends upon how the products that the servers' support are enabled. Attackers will often review the code and look at what changes have been made in a patch or release update to determine how the fix was applied. The company advises those using Cisco CML and Cisco VIRL-PE software releases 1.5 and 1.6, which have the salt-master service reachable on TCP ports 4505 and 4506, to inspect the software for compromise, re-image it and then patch it with the latest update. We expect that any competent hacker will be able to create 100% reliable exploits for these issues in under 24 hours," F-Secure says. Peay of SaltStack added that exploits immediately began to show up after the patches were released and publicized as malicious actors attempted to take advantage of the zero-day vulnerabilities before companies were able to install patches. Scott Caveza, research engineering manager at the security firm Tenable, offers a quick rundown of how threat actors use patch information to crack a system. Then working backwards, they can use this information to develop a working exploit and begin scanning and probing for targets across the internet. SaltStack went to great lengths to communicate the problem to its users and offer tools so mitigation efforts were conducted properly, Peay says. This included direct assistance for those lacking skills handling SaltStack along with a service that would scan to validate that the patches were properly applied, he adds. Some security experts question why Cisco did not immediately patch its servers when it was notified of the zero day vulnerabilities. "There are management tools that can help with the automation of checking, but even that requires someone setting it up to check for a version of software on a set of servers, so in the end it's the IT person who has to do the work," says Jayant Shukla, CTO and co-founder of K2 Cyber Security. Caveza of Tenable notes identifying systems that need a patch involves IT staff checking the version of SaltStack and verifying that versions 2019.2.4, 3000.2 or later have been applied. He points out that plugins are available to assist with this task. Read more: AI IS CRITICAL FOR AUTOMATION OF CYBERSECURITY THREAT DETECTION AND PREVENTION

Read More

DATA SECURITY

ISTARI, the Cyber Risk Management Company, to Invest in Pioneer Prevalent AI (PAI)

ISTARI | July 05, 2021

A global cybersecurity platform, ISTARI, which is dedicated to helping clients managing digital risk and build cyber resilience, and the leaders in Security Data Science, Prevalent AI (PAI), has today announced that ISTARI has opted to become an important minority shareholder of PAI. Industry veterans Sir Iain Lobban, Paul Stokes, Arun Raj, and Andrew France OBE founded PAI in 2017. When founded, they had the aims such as enabling organisations to quickly ingest, convert and contextualise complex, large, and disparate data sources by using their Security Data Science Platform and connected services, increasing the capability to respond to cyber riss and attacks in time and prevent it. Rashmy Chatterjee, the Chief Executive Officer of ISTARI commented that they are thrilled to welcome PAI to the ISTARI Collective. In response, Sir Iain Lobban, PAI Founder and Chairman, added that this is a spectacular match to join together with the same aim and goal protecting organizations from cyber threats. About ISTARI ISTARI was established in 2020 and headquartered in Singapore. It is a an investment company, founded by Temasek. It is an advisory practice, investor and educator through its cyber Academy and has a global presence in the US, Europe and Singapore. About PREVALENT AI PREVALENT AI (PAI), the leaders in Security Data Science, provides successful cyber analytics solutions for both government and commercial. Founded by former UK government cyber officials and industry experts in 2017, the company has changed the way organisations use risk data. Its 75 professionals work out of two offices, which are located in London and Cochin, India.

Read More