Orange Cyberdefense, Check Point collaborate to deliver managed mobile security service

Orange Cyberdefense, the Orange Group’s entity that specializes in cybersecurity, and Check Point Software Technologies have teamed up to deliver a new Orange service called Mobile Threat Protection to help multinational enterprises safeguard their mobile device fleets against current and emerging threats.

The frequency of mobile attacks is growing – and no-one is immune. Business is carried out more and more on mobile devices, dramatically increasing the likelihood of a network attack or infection. A recent report by Dimensional Research found that two out of 10 enterprises have already experienced a mobile cyberattack, with an even larger number totally unaware they have been breached.

Mobile Threat Protection

Based on Check Point Sandblast Mobile technology, Mobile Threat Protection is an Orange managed service. It embeds an easy-to-deploy app that runs in the background of the user’s device. It protects the device with accurate threat detection and alerts to attacks, without impacting device performance or battery life. The service runs on both iOS and Android platforms and is not tied to any specific carrier. An admin dashboard gives a global outlook of the fleet security and provides detailed threat analysis.

Mobile Threat Protection can detect next-generation malware together with vulnerabilities in networks, operating systems and apps, as well as SMS phishing. It defends mobile devices from a wide range of attacks, including malware infected apps, man-in-the-middle attacks on compromised public Wi-Fi and Bluetooth networks, operating system exploits and the fast- expanding trend for sending malicious links through SMS.

Orange Mobile Threat Protection can be used as a standalone managed service to highlight threat visibility, letting companies adapt security policies accordingly, or integrated directly into mobile device management solutions to automate threat remediation and shorten risk exposure. This includes Orange Device Management Premium, an EMM managed service which enables enterprises to manage mobile deployments and enforce corporate data security policies using a granular compliance engine. Both services are supported by Orange mobile experts who provide 24/7 support and ongoing training to improve end-users awareness in securely managing sensitive data.

“As attacks become more frequent and sophisticated our customers are looking to shore up their mobile security. Our Mobile Threat Protection managed service provides a comprehensive and easy-to deploy solution to help secure mobile devices from advanced cyber threats now – and in the future,” said Michel Van Den Berghe, CEO of Orange Cyberdefense.

“We are excited to collaborate with Orange Business Services to deliver this level of cyber protection to mobile users,” said Nathan Shuchami, Vice President of Emerging Products at Check Point Software Technologies. “As a direct result of the close relationship between our companies, we are empowering enterprises to adopt mobile technology without the worry of data loss or breach.”

Orange Cyberdefense is the Orange Group’s entity dedicated to developing and delivering end-to- end cybersecurity solutions for global enterprises. It assembles over 1,000 experts across 7 SOCs (Security Operation Centers), 2 CyberSOCs (Cyber Security Operation Center) and 3 CERT (Computer Emergency Response Teams) in locations in France and around the globe.

Gajshield DLP Firewall

GAJSHIELD Next Generation Firewall Unique Context Sensitive Network based Data Leak Prevention System with Cloud Security

GAJSHIELD Next Generation DLP Firewall
Unique Context Sensitive Network based Data Leak Prevention System with Cloud Security

GAJSHIELD DLP Firewall

Next Generation DLP Firewall

Unique Context Sensitive Network based Data Leak Prevention System with Cloud Security

GajShield’s layered security platforms are designed to provide in depth protection against various attacks by tightly integrating key security functions and to securely connect remote offices and partners. GajShield Network Security Appliances combines ICSA Certified Firewall, IPS, VPN, URL Filtering, Virus screening and Bandwidth Management in a single appliance to provide in depth protection at the network edge.

ICSA Certified

  • User Sense UTM – Policy combination of User, Source, IP
  • address and Service
  • Policy based control for Firewall, IPS, URL Filtering,
  • Anti-virus, Anti-spam, DLP and Bandwidth Management
  • Access Scheduling
  • Policy based Source & Destination NAT
  • H.323 NAT Traversal, 802.1q VLAN Support
  • DoS, DDoS, Syn Flood Attack prevention

For SOHO specification

GS 15nu GS20nu
Firewall
– Concurrent Sessions 190000 3300000
– New Sessions/Second 5100 28000
– Firewall Throughput 230 Mbps 3.2 Gbps
– VPN Throughput 100 Mbps 325 Mbps
– UTM Throughput 170 Mbps 280 Mbps
– Antivirus Throughput 140 Mbps 450 Mbps
– IPS Throughput 160 Mbps 720 Mbps
– VPN Tunnels 25 550
– Configurable WAN / DMZ / LAN ports Yes Yes
– 10/100 Interfaces 4 4
– 10/100/1000 Interface

For SME

GS 80nu

GajShield ‘GS 40dc’ provides content aware data context, which helps you to secure your enterprise beyond next generation firewalls. The GajShield 40dc appliance is targeted at high speed Internet security device for SOHO/SMB. The 40dc appliance manages gigabit traffic with content aware data context platform providing enterprise grade security even to the smallest enterprise.

GS 40d c FEATURES SPEC IF ICAT IONS
10/100
10/100/1000 4
Concurrent Sessions 320000
New Sessions Per Second 8000
Firewall Throughput 2.5 Gbps
VPN Throughput 400 Mbps
UTM Throughput 350 Mbps
AntiVirus Throughput 425 Mbps
IPS Throughput 475 Mbps
VPN Tunnels 150
Configurable WAN/LAN/DMZ ports cx Yes

For Enterprise

GS 130d c FEATURES GajShield 260d Features GS 320dc-f  Features GajShield 330d Features GajShield 930d Features GajShield 1030d Features
10/100 6 10 20/16 20/16
10/100/1000 8 2 4 4/8 4/8
Concurrent Sessions 850000 850000 900000 1100000 3000000
New Sessions Per Second 26000 26000 30000 60000 150000
Firewall Throughput 5.5 Gbps 5.5 Gbps 7 Gbps 20 Gbps 25 Gbps
VPN Throughput 1.9 Gbps 1.9 Gbps 2.5 Gbps 12 Gbps 15 Gbps
UTM Throughput 1 Gbps 1 Gbps 2100 Mbps 3.5 Gbps 5 Gbps
AntiVirus Throughput 1200 Mbps 1200 Mbps 2200 Mbps 5.7 Gbps 7.2 Gbps
IPS Throughput 1500 Mbps 1500 Mbps 2400 Mbps 9.5 Gbps 11.5 Gbps
VPN Tunnels 4000 4000 6000 20000 25000
Configurable WAN/LAN/DMZ ports yes Yes Yes Yes Yes

Gajshield Firewall Price

Gajshield DLP Firewall Price

For more details just call or email us on
Phone:+91 120 649 8887
Email: sales@itmonteur.net

Why is Cyber Threat Intelligence Sharing Important?

The ever-accelerating flood of software vulnerabilities and innovative attack techniques leaves increasingly few organizations capable of defending themselves and safeguarding sensitive data in their care.

Information-sharing is a critical tool for network defenders because it allows them to avoid the missteps of their peers within the infosecurity community and to deploy proven defensive measures. Proactive information-sharing about attacks and defensive mitigations builds resilience across organizations participating within a given trust community, evolving herd immunity against attacks that others have seen within their own networks.

How we got here
Data breaches on the current scale are an emergent menace which organizations are still figuring out how to cope with. Breached organizations are constantly enhancing their cybersecurity posture, and alongside that, their Cyber Threat Intelligence (CTI) capabilities. Within this context, information-sharing forms one of the main pillars that will allow those organizations to better respond to the general cyber threat.

Over the last ten years, information-sharing has changed in a number of ways. For years, an incident response team, having detected an attack from, for example, a particular IP address, would share that information with other teams, allowing them to take the necessary actions to limit their own exposure. This sharing was done in an ad-hoc fashion, involving significant manual human intervention.

Over time it became obvious that such manual, error-prone processes were unsustainable. This awareness lead to the development of new tools for consuming CTI in the form of open standards such as STIX/TAXII 2 and automating threat mitigation workflows to facilitate greater resilience.

Current challenges for the community
In spite of the significant benefits of information-sharing, challenges remain. Legally, for instance, information-sharing is a problematic topic. Lawyers balk at the notion of their organization actively communicating that they have witnessed an attack or (even more problematic to general counsel) that they have been successfully breached.

The primary debates at present pertain to what is being shared, how, and with whom. The “what” question arises out of concerns around striking the right balance between effective network defense (including facilitating law enforcement actions against attackers), and respecting the confidentiality of dual-use PII that might be abused in certain contexts, but which is invaluable when used benevolently for the purpose of thwarting network attackers.

The “how” question reflects a diverse spectrum of expert opinion. Some in the community argue for a looser approach to defining de facto information exchange formats based on specific software tools. Others contend that more formalized interchange formats based on open standards will result in wider adoption, as well as more interoperability between various commercial and open-source network defense tools.

Finally, the “with whom” question centers on the ephemeral question of human trust. As information-sharing communities grow, we are transitioning from an older trust model based on direct personal relationships to one that is somewhat looser. When it’s no longer possible to have personal relationships with everyone in a sharing community, a certain amount of trust must be devolved to a central authority (for example, an ISAC that performs strong vetting of all new entrants), or to cryptographic trust chains which function similarly to how letters of introduction have traditionally served as a trust proxy.

The path forward
Current practice largely consists of sharing indicators of compromise (IOCs). As we mature as a community, next steps are sharing more context to inform better decision-making along with guidance on defensive courses of action. The end-game is automation of cybersecurity processes wherever feasible, freeing up the limited pool of human infosecurity talent for more creative tasks than, for example, setting firewall blocking rules.

Achieving this goal will require that products and tools be adapted to define standardized interfaces for triggering automated defensive measures based on incoming CTI.

A core part of FIRST’s mission as the global Forum of Incident Response and Security Teams is to provide a trusted community platform for sharing information. Toward this end, we are engaged in numerous standards-development efforts such as the Information Exchange Policy Framework (IEPF), Traffic Light Protocol (TLP), and the ongoing evolution of STIX/TAXII 2 (through our partnership with OASIS). These technical efforts, while necessary, are by themselves insufficient to advance the state of the art in information-sharing.

In order to achieve the promise of CTI, organizations must confront and overcome their hesitancy to share information by expanding and maturing their trust circles. We at FIRST are convinced that through these community efforts we can fundamentally alter the balance of power vis-à-vis malicious attackers and significantly reduce both the frequency and impact of data breaches.

How do you set up a successful firewall migration?

This may outright stun a few security professionals, but it is (yes, affirmative) possible for migrations to be relatively fast, totally secure and overall mostly painless.

Not what you’ve experienced? Also not surprising.

Migration projects tend to drag on – and paradoxically, they become the cause of security problems they were only initiated to fix up.

This happens for any number of reasons, including:

  • Staffing concerns: Cybersecurity needs more people. There’s 2x more job postings for cybersecurity roles than other IT roles at present, but the talent marketplace hasn’t fully caught up yet.
  • Infrastructure issues: Infrastructure is the plumbing/umpire of the network. It’s essential to the function, but completely ignored until there’s an actual problem. Migrations tend to bring some of those infrastructure concerns to the fore and quickly.
  • Cost overruns: This happens for dozens of reasons including staffing concerns, budgeting mistakes and competing priorities.
  • Disruption of network services: Migrations become a hassle in part because they take down other aspects of the network that customers (and internal employees) may need access to.

That’s a partial list of why migrations are often such a hassle for companies.

Is there a better way, though?

The Four Essentials of a Successful Migration

This might sound almost too logical, so brace yourself.

The four steps you need to move through (in order) are:

  1. Remove Technical Mistakes
  2. Remove Unused Access
  3. Refine and Organize
  4. Continually Monitor

Let’s take this one-by-one quickly.

Remove Technical Mistakes

Most firewall rulebases are going to have some combination of hidden rules, shadowed rules, redundant rules and overlapping rules. All these can cause network problems, security breaches and overly long migration processes. The first step, simply, is to rid the rulebase of these issues.

Take a look at this, for example:
Open Ended Up to 1024 Px Wide - FM-table.png

The source and service columns are different. They’re different rules, right? Well, not necessarily. Look closer and you can see Rule 14 is using the source network of 192.168.20.0/24, which embraces the source for Rule 19 (192.168.20.95). The services of Rule

That’s an example of a hidden rule. That’s akin to the dark matter of network security; you can’t see it directly. This is a big problem for many security professionals and their bosses, and that fogginess gets extrapolated in cloud settings. But the way this hidden rule was ultimately found was through Traffic Flow Analysis (TFA), which is a tool you can deploy to show how packets move through your network. TFA helps you clean up some of the technical mistakes.

Remove Unused Access

This is about policy analysis – looking at network rules, system policy rules and firewall rules – followed by rule and object usage analysis.

If the primary goal of network security policy is to determine what’s allowed and what isn’t (and that should always be the goal), these three steps are designed to help you understand the present effectiveness of your ruleset.

Consider object usage, which is primarily about firewalls. With object analysis, we can see the amount of traffic across the full inventory of firewall devices. This is essential in a migration, because it gives you the opportunity to objectify your next set of firewalls to mirror or change your current object usage.

Traffic Flow Analysis comes back into the picture here too, isolating out the routing rules that keep the network safe and working effectively.

Refine and Organize

Now that you have a better picture of your rules and access points, it’s time to move forward and refine for new business goals.

This is about vulnerability analysis and compliance checks. Good vulnerability analysis is going to contain some possibility of attack simulation – so that you can visualize what your future attackers might try to do.

No resource is ever compromised without first being accessed through a series of events – events that are governed by the rulebase. But when you combine vulnerabilities with the rulebase, you have a clear picture of how an exposure can be exploited. Or, you may find that you’re ready to implement the new rule with no ill-intended effects.

The final piece of the puzzle – how you tie everything together and make sure it’s running smoothly – is called orchestration. Easiest analogy or parallel here is legitimately, well, an orchestra. If each instrument is off doing their own thing and playing their own chords, it’s going to sound horrible. But if everything is in sync and working together, that’s a lot better.

In the same way, end-to-end orchestration is the final piece of the refining and organizing process. By automating the rule lifecycle – intent, design, review, implementation and decommissioning – our migration can have the same consistency we enjoyed when clearing the rulebase of undesirables.

Continuous Compliance

Compliance drift happens over time. Because of how busy security teams get, it’s often goes under the radar as it’s happening.

There are any number of platforms out there proposing or offering “continuous compliance,” but the fine print matters more here. For something to truly deploy “continuous compliance,” you need it to be:

  1. Real-time
  2. Global in scale
  3. Work with user and machine behavior
  4. Retain data forever
  5. Be customizable

Consider the need to retain data forever (which is incredibly important and not offered by many security solutions). If we only have data that extends back 30, 60 or 90 days, that does not give us the full picture of an object’s or a rule’s activity. We make a change out of a conviction that we have an unused rule, then calamity strikes. We could have spared ourselves this set back if we had data that could give more insight to the decision.

Dimension Data adopts Cisco Umbrella in its cybersecurity strategy

Dimension Data has extended the company’s protection from ransomware, phishing attacks, bot networks, and all types of malicious software, with Cisco Umbrella, a Secure Internet Gateway (SIG) in the cloud.  The decision to incorporate Cisco Umbrella follows the company’s firsthand experience protecting its own 28,000 employees and addresses its clients’ requirement to support an increasingly mobile workforce.

Cisco Umbrella is a cloud security platform that provides the first line of defense against threats on the internet.

“In today’s expanding threat landscape, it is critical to have powerful security tools that effectively support mobility and cloud. With Cisco Umbrella, we are able to proactively stop threats on any mobile device before they happen with a secure solution that is easily integrated with existing infrastructure.” said Chris Panzeca, Senior Director, Global Strategic Partner Sales, Cisco.

“Today, the average user utilises four devices per day, and this is predicted to increase to five connected devices in the next four years,” said Darren O’Loughlin, Dimension Data’s Group Chief Security Officer.  “As more enterprises look to harness the benefits of a mobile workforce that leverages cloud platforms, there’s a greater need to implement appropriate measures to secure data, infrastructures, applications and users, regardless of where they connect to the internet, and even if they’re off the VPN.  That’s why we adopted Cisco Umbrella into our own cybersecurity strategy.”

According to the NTT 2017 Global Threat Intelligence Report, attacks targeting end users is one of the top cybersecurity threats on the rise.  In line with this trend, security has become the top focus at the highest level.  Now, more than ever, security leaders are being forced to demonstrate a return on investment of their security investments. This includes the business value realised through continuous cyber protection, detection, and response measures.

In 2016, Dimension Data published its Securing Workspaces for Tomorrow white paper which explored the topic of how employees across the globe are already demanding a more mobile workplace with the flexibility to work from anywhere, any time, on any device to become more productive and achieve a better work-life balance.

“However,” said Matthew Gyde, Group Executive – Security, Dimension Data, “While the mobile Endpoint is a potential game changer for businesses, it exposes mobile workers to security risks and vulnerabilities. Mobile users may not have the same level of security as within the office perimeter, and are more vulnerable to cyberattacks. With Cisco Umbrella, threats beyond the network perimeter can be blocked.”

Check Point says its new security appliances prevent ‘Gen V’ attacks

Check Point Software Technologies Ltd. has announced three new Smart-1 security management appliances. This follows on the heels of the company’s announcement of Check Point Infinity Total Protection, a new security model to prevent ‘Gen V’ threats and attacks.

The new appliances enable centralized, unified policy management, and advanced log and threat analysis for real-time, enterprise-wide security monitoring and control, for Gen V (5th Generation) cyber-protection.

All business sectors are now experiencing Gen V cyber-attacks, defined as large-scale and fast moving attacks across mobile, cloud and on-premise networks.  These sophisticated attacks easily bypass the conventional, static detection-based defenses being used by most organizations today.

The new Smart-1 appliances, deliver management storage capacity of up to 48TB, logging rates of up to 100,000 logs/sec and a performance boost of up to 8x compared to previous models. This enables  unprecedented security management performance across network, cloud and mobile environments for efficient Gen V cyber protection.

The three new appliances, Smart-1 525, Smart-1 5050 and Smart-1 5150 provide enterprise IT teams with holistic, single-console security management and the ability to correlate, store and analyse huge amounts of new and historic data from thousands of network devices.  This streamlines and accelerates security management processes, and strengthens organizations’ security postures in response to the current Gen V cyber-attack landscape.

“The Smart-1 Appliance family gives customers an agile, high-capacity security management solution that delivers in-depth visibility into their security posture,” said Gabi Reish, VP product management and product marketing at Check Point.  “This makes it even easier for organizations to keep themselves fully protected against Gen V cyber-threats, by deploying and managing security with unrivalled performance, all on a single device.”

Smart-1 appliances are part of the Check Point Infinity architecture, which combines real-time threat prevention, shared intelligence and the most advanced security across networks, cloud and mobile.

The appliances were announced at CPX 360 Barcelona, Check Point’s annual cyber-security summit and expo for customers and partners.

What is microsegmentation? How getting granular improves network security

Microsegmentation is a way to create secure zones in data centers and cloud deployments that allow you to isolate workloads and protect them individually.

Microsegmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually. It’s aimed at making network security more granular.

Microsegmentation vs. VLANs, firewalls and ACLs

Network segmentation isn’t new. Companies have relied on firewalls, virtual local area networks (VLAN) and access control lists (ACL) for network segmentation for years. With microsegmentation, policies are applied to individual workloads for greater attack resistance.

“Where VLANs let you do very coarse-grained segmentation, microsegmentation lets you do more fine-grained segmentation. So anywhere you need to get down to granular partitioning of traffic, that’s where you’ll find it,” says analyst Zeus Kerravala, founder of ZK Research and a contributor to Network World.

The rise of software-defined networks and network virtualisation has paved the way for microsegmentation. “We can do things in software, in a layer that’s decoupled from the underlying hardware,” Kerravala says. “That makes segmentation much easier to deploy.”

How microsegmentation manages data centre traffic

Traditional firewalls, intrusion prevention systems (IPS) and other security systems are designed to inspect and secure traffic coming into the data center in a north-south direction. Microsegmentation gives companies greater control over the growing amount of east-west or lateral communication that occurs between servers, bypassing perimeter-focused security tools. If breaches occur, microsegmentation limits potential lateral exploration of networks by hackers.

“Most companies put all their high value security tools in the core of the data center: firewalls, IPSes. And so the traffic moving north-south has to pass through those firewalls. If it’s moving east-west, it’s bypassing those security tools,” Kerravala says. “You could put firewalls up at every interconnection point, but that would be prohibitively expensive. It’s also not very agile.”

Do network or security pros drive microsegmentation? 

Microsegmentation is gaining momentum, but there are still questions about who should own it. In a large enterprise, a network security engineer might lead the effort. In smaller companies, a team involving security and network operations might spearhead microsegmentation deployments.

“I don’t know if there’s really one group that’s in charge of it. I think it depends what you’re using it for,” Kerravala says. He sees interest from security and network pros.

“I think because it operates as a network overlay, in most cases, it’s easy for security operations to deploy and then run it over the top of the network. And I see network operations people doing it too, as a way to secure IoT devices, for example. Those are really the two primary audiences.”

Microsegmentation benefits and security challenges

With microsegmentation, IT pros can tailor security settings to different types of traffic, creating policies that limit network and application flows between workloads to those that are explicitly permitted. In this zero-trust security model, a company could set up a policy, for example, that states medical devices can only talk to other medical devices. And if a device or workload moves, the security policies and attributes move with it.

The goal is to decrease the network attack surface: By applying segmentation rules down to the workload or application, IT can reduce the risk of an attacker moving from one compromised workload or application to another.

Another driver is operational efficiency. Access control lists, routing rules and firewall policies can get unwieldy and introduce a lot of management overhead, making policies difficult to scale in rapidly changing environments.

Microsegmentation is typically done in software, which makes it easier to define fine-grained segments. And with microsegmentation, IT can work to centralize network segmentation policy and reduce the number of firewall rules needed.

Granted, that’s no small task – it won’t be easy to consolidate years of firewall rules and access control lists and translate them into policies that can be enforced across today’s complex, distributed enterprise environments.

For starters, mapping the connections between workloads, applications, and environments requires visibility that many enterprises lack.

“One of the big challenges with segmentation is you have to know what to segment. My research shows that 50% of companies have little or no confidence that they know what IT devices are on the network. If you don’t even know what devices are on the network, how do you know what kind of segments to create? There’s a lack of visibility into data center flows,” Kerravala says.

Risking security for an easy life: people’s password dilemmas revealed

 

Today we log into online accounts all the time – from transferring money between bank accounts, to simply ordering some shopping, checking the weather, or booking a taxi on a night out. But what if suddenly you can’t log into the account you need, when you need it? What if you get the dreaded ‘password error’ message? Do you end up not being able to get home in time, or going out without a coat in the rain? With the reality sometimes being much more serious than that, Kaspersky Lab research has revealed the dilemma people face when protecting their online accounts.

With our increasing dependency on online accounts to get us through our day-to-day lives, Kaspersky Lab has found that people are increasingly facing a dilemma – how to choose their passwords. Some end up using strong and different passwords for every single account so that nothing can be hacked or exploited, but risk forgetting their passwords in the process. Others choose memorable passwords that make their lives easier, but also play right into cybercriminal hands.

Answering the dilemma option one – strong passwords that are hard to remember

According to research from the cybersecurity company, many consumers understand the need for strong passwords on their accounts. When asked which three of their online accounts required the strongest passwords, 63% of consumers selected online banking accounts, 42% selected payment applications including e-wallets, and 41% online shopping.

However, the difficulty of remembering all these strong passwords means people are likely to forget them and still get locked out of their accounts. Two-in-five (38%) people cannot quickly restore passwords to their personal online accounts after losing them. This may lead to feelings of frustration or stress if they can’t carry on their normal activities as a result.

When it comes to password storage, half (51%) store passwords insecurely, with a quarter (23%) writing them in a notepad so that they don’t have to remember them, which also puts their security at risk.

Answering the dilemma option two – weak passwords that are easy to crack

As an alternative answer to the password dilemma, and to avoid the frustration of having to remember long passwords, some people are developing other insecure password habits instead. For example, 10% use just one password for all accounts, allowing them to live their online lives seamlessly, without ever struggling to remember how to login to anything. That’s until a cybercriminal gets hold of that one key password and unlocks everything for themselves, of course.

Indeed, 17% of the consumers surveyed by Kaspersky Lab have faced the threat of, or have successfully had, an online account hacked in the past 12 months. Emails are the most targeted accounts (41%), closely followed by social media (37%), banking accounts (18%) and shopping accounts (18%).

Answering the dilemma – there is a third option after all

According to Kaspersky Lab, consumers don’t have to be limited to just two options in answering their password dilemmas. There is in fact no need for them to compromise, as Andrei Mochola, Head of Consumer Business at Kaspersky Lab explains, “If people have strong passwords that they can remember, they will not only be able to access everything they need, whenever they need it, but the information held in their accounts will also be secure from hackers. This is important to consumers that just want to get on with their day-to-day lives in safety – allowing them to, for example, find someone’s contact information, recall a specific meeting place, win the war in their favorite game, check their emails, or order something they need when they want, without revealing their information to any hackers or criminals.

“But remembering secure passwords is difficult, meaning users face a password dilemma every day – and often either forget strong passwords or end up creating passwords that are easy to remember but also easy to hack. However, there is a third option which can bring consumers peace of mind – using a password manager solution allows people to have strong passwords, without having to write them down in notepads or remember complicated strings of words with special characters”.

Ransomware’ Joins the Hallowed Pages of the OED

We all know that the last year has been just the bees-knees for ransomware operators; it’s just the tops, really, between the world-dominating success of WannaCry and NotPetya, the pioneering of ransomware-as-a-service offerings and the development of truly horrific strains of the stuff, like BrickerBot (tagline: The permanent ransomware!).

So bad actors already have much to celebrate as they count the Bitcoin in their coffers, but there’s yet another feather in the cap for these jerks: The word ‘ransomware’ has been codified into the latest edition of the Oxford English Dictionary (OED).

Yep, those behind that venerable tome have deemed ransomware to be a big enough deal to give it its own dictionary entry. The OED is not just the end authority on what’s a word and what isn’t (and, ergo, what Microsoft Office should and should not be adding a red line underneath). The OED is an important cultural barometer.

The powers that be monitor how English usage changes over time, ever-ready to either accept a neologism or ignore it. Our language is among the most elastic in the world, allowing for an immense amount of creativity in word construction, and the result is that someone needs to police that business, because everyone, especially in this age of social media, tends to be out there making up new words willy-nilly (‘nothingburger’, I’m looking at you).

Every year the OED decides what has crossed the chasm from cute meme, convenient abbreviation or fun witticism to the real deal. Some words may have initial viral success but ultimately are considered limited when it comes to permeating the culture at large – others signify cultural movements, or have been so widely adopted so as to be pervasive and impossible to ignore (that happened with the term ‘Google’ used as a verb back in 2006). In ransomware’s case, it’s just such a phenomenon that the OED can’t rightly ignore it.

Ransomware joins other indicators of culture – pointing to conversations that are happening in the culture at large. These include ‘mansplaining’, ‘tomgirl’ (a feminist replacement for the conventional ‘tomboy’) and even ‘snowflake’, used to describe someone who is “overly sensitive or as feeling entitled to special treatment or consideration.”

Also included are a few things that are decidedly regional, and not too applicable to we native English speakers outside of the UK. These include initialisms used on the UK online parenting forum Mumsnet, such as ‘TTC’ (trying to conceive), ‘BFN/BFP’ (big fat negative/big fat positive related to the results of a pregnancy test) and ‘CIO’ (cry it out). On that one, OED senior editor Fi Mooring told the BBC that the words will resonate “even with [native English speakers] who are not parents.” Could that be true?

Another regional add is ‘Geg’, which is Liverpudlian slang for intruding or joining in uninvited.

There’s also ‘masstige’, a snarky combination of the words ‘masses’ and ‘prestige’, referring to cheap products that are marketed as luxury items; and the absolutely delightful ‘hazzle’, which apparently means “to dry in open air” (who knew? Apparently enough people do).

In any event, the dictionary has 829,000 words and counting, and is updated on a quarterly basis (the next update is due in April 2018). What could be next? I’m not sure how much cyber-lingo is already included, but the way things are going, ransomware is unlikely to be the last from our arena to make it in.

Cybercriminals exploiting traditional trust measures for compromises, study

Cyber-criminals are exploiting traditional measures of trust to gain a foothold on users systems by compromising trusted sites via background initiated requests, using phishing sites, and typo-squatting.

While many companies have used categories such as  Business and Economy, Shopping, News and Media, and Malware, to help set security policy researchers are warning it’s no longer advisable to consider any category as inherently safe, according to the Menlo Security State of the Web 2017 report released Feb. 5, 2018.

“Many companies have used these categories to help set security policy,” researchers said in the report.  “Unfortunately, it’s no longer advisable to consider any category as inherently “safe. According to our research, more than a third of all sites in categories including News and Media, Entertainment and Arts, Shopping, and Travel were risky.”

The problem stems from third party vulnerabilities with the average website connecting to 25 background sites for content, such as video clips and online ads and that enterprise security administrators don’t have tools to monitor these connections. Any one of these leaving them vulnerable to backdoor attacks.

The report found 49 percent of news and media sites, 45 percent of entertainment and arts sites, 41 percent of travel sites, 40 percent of personal sites and blogs, 39 percent of society sites, and 39 percent business and economy, were at risk or not being as safe as they appear, being a phishing site, or a typo-squatting site.

Vulnerable software used on trusted site also pose a significant risk. The report found that 42 percent of the top 100,000 sites on the web, as ranked by Alexa, are either using software that leaves them vulnerable to attack or have already been compromised in some way.

Some of the most popular software putting these sites at risk with 32,669 sites putting users at risk with Microsoft IIS 7.5, 26,796 sites putting users at risk with php/5.45.15, and 18,379 sites putting users at risk with apache/2.2.15.

The top sites categories relying on vulnerable software included business and economy with 51,045 sites, society with 25,977 sites, personal and blogs with 20,675 sites, news and media with 17,083 sites, and adult and pornography sites with 16,929 sites.

Researchers said business and economy sites experienced the most security incidents and that they contained more sites running vulnerable software, such as PHP 5.3.3, than any other category.

In order to avoid and defend against potential threats, researchers recommend website owners  make sure their servers run the latest software updates and investigate technologies such as  Content-Security-Policy. Consumers should download software updates religiously, avoid vulnerable technologies such as Adobe Flash, and use the Chrome browser when possible, researchers added.

Chris Olson, chief executive officer at The Media Trust said enterprises should be concerned about the increasing frequency of website breaches attributed to compromised third-party code.

“Clearly, app sec, antivirus and other traditional website security solutions can’t keep pace with the thousands of malicious domains generated every month,” Olson said. “The onus is on enterprise IT to continuously monitor all executing code – both first and third-party code – on websites and mobile apps to discover what and who is executing in the digital environment.”

He added that unauthorised or anomalous code should be immediately re-mediated and that today’s dynamic internet environment requires a continuous security approach to detect real-time security and performance failures before they have detrimental effects on both the enterprise network and its website users.