WiJungle

WiJungle NextGen Firewall & Hotspot Gateway

WiJungle NextGen Firewall & Hotspot Gateway

WiJungle is a unified (NextGen Firewall & Hotspot Gateway) appliance that manages network, internet and security of business verticals like Corporates, Education Institutes, Hospitality, Healthcare, Retail, Transportation, Smart City, Residential Estates, Events etc. across the globe. It has been recognized by Government of India for product, process & service innovation and is listed among the Most Promising Enterprise Information Security Product by CIO Review.

The appliances range from user 20 to any higher number and offer features like Access/Interface Management, Network Management, User/Guest Management, Content Filtering, Data Leakage Prevention, Bandwidth Management Load Balancing, Gateway Anti-Virus, Anti-Spam, IPS, Virtual Private Network, Vulnerability Assessment, Intuitive Captive Portals, SMS Gateway Integration, Social Media Engagement/Advertisement option, Feedback Management, User Logging, Reporting and Analytics, Prepaid/Postpaid Billing, Voucher Management, PMS/HIS Integration, Alert Management, Access Point/Device Management etc.

Product has 24/7 Free Call/Email/WhatsApp support with Advance Hardware Replacement warranty.

Key Features –

✓ Offers features of both UTM & Hotspot Gateway in a single appliance.

✓ Most affordable product with lowest renewal cost.

✓ Only updates and support are halted on license expiry. Product features continue to work as it is.

✓ Unlimited Free Transaction Messages along with Appliance (India Only).

✓ Inbuilt Storage Capacity to store surfing logs for a period of 1 year.

✓ PMS/HIS/Third Party Integration & personalized development provision available.

✓ Intuitive Captive portals with social media engagements and advertisement options.

✓ Highly User-Friendly UI to configure.

✓ Auto Feature update via cloud.

WiJungle NextGen Firewall & Hotspot Gateway Price

Model Users Around (Both UTM + Hotspot) Price (With 1 Year License)
WiJungle U20
32 30400
WiJungle U35

50 41800
WiJungle U50

70 57740
WiJungle U75

100 72980
WiJungle U100

160 94320
WiJungle U150

210 132200
WiJungle U250

300 194700

GST Tax Extra

For More details, Please call us on

Sales :+91 958 290 7788 | Support : 0120 2631048

Register & Request Quote | Submit Support Ticket

Critical Flaw Found in Streaming Library Used by VLC and Other Media Players

Security researchers have discovered a serious code execution vulnerability in the LIVE555 Streaming Media library—which is being used by popular media players including VLC and MPlayer, along with a number of embedded devices capable of streaming media.

LIVE555 streaming media, developed and maintained by Live Networks, is a set of C++ libraries companies and application developers use to stream multimedia over open standard protocols like RTP/RTCP, RTSP or SIP.

The LIVE555 streaming media libraries support streaming, receiving, and processing of various video formats such as MPEG, H.265, H.264, H.263+, VP8, DV, and JPEG video, and several audio codecs such as MPEG, AAC, AMR, AC-3, and Vorbis.

The vulnerable library is internally being used by many well-known media software such as VLC and MPlayer, exposing their millions of users to cyber attacks.

The code execution vulnerability, tracked as CVE-2018-4013 and discovered by researcher Lilith Wyatt of Cisco Talos Intelligence Group, resides in the HTTP packet-parsing functionality of the LIVE555 RTSP, which parses HTTP headers for tunneling RTSP over HTTP.

To exploit this vulnerability, all an attacker needs to do is create and send “a packet containing multiple ‘Accept:’ or ‘x-sessioncookie’ strings” to the vulnerable application, which will trigger a stack buffer overflow in the ‘lookForHeader’ function, leading to arbitrary code execution.

Cisco Talos team confirmed the vulnerability in Live Networks LIVE555 Media Server version 0.92, but the team believes the security issue may also be present in the earlier version of the product.

Cisco Talos responsibly reported the vulnerability to Live Networks on October 10 and publicly disclosed the security issue on October 18 after the vendor released security patches on October 17.

 

Chrome, Firefox, Edge and Safari Plans to Disable TLS 1.0 and 1.1 in 2020

All major web browsers, including Google Chrome, Apple Safari, Microsoft Edge, Internet Explorer, and Mozilla Firefox, altogether today announced to soon remove support for TLS 1.0 (20-year-old) and TLS 1.1 (12-year-old) communication encryption protocols.

Developed initially as Secure Sockets Layer (SSL) protocol, Transport Layer Security (TLS) is an updated cryptographic protocol used to establish a secure and encrypted communications channel between clients and servers.

There are currently four versions of the TLS protocol—TLS 1.0, 1.1, 1.2 and 1.3 (latest)—but older versions, TLS 1.0 and 1.1, are known to be vulnerable to a number of critical attacks, such as POODLE and BEAST.

Since TLS implementation in all major web browsers and applications supports downgrade negotiation process, it leaves an opportunity for attackers to exploit weaker protocols even if a server supports the latest version.

All Major Web Browsers Will Remove TLS 1.0 and TLS 1.1 Support in 2020

According to the press releases published by four major companies, Google, Microsoft, Apple and Mozilla, their web browsers will completely drop TLS 1.0 and 1.1support by default in the first half of 2020.

TLS 1.2, which was released ten years ago to address weaknesses in TLS 1.0 and 1.1, has enjoyed wide adoption since then, and will thus be the default TLS version unless the availability of TLS 1.3, which is currently in the development stage.

According to Microsoft, as TLS 1.0 continues to age, many websites have already moved to newer versions of the protocol. Today 94 percent of sites already support TLS 1.2, while only less than one percent of daily connections in Microsoft Edge are using TLS 1.0 or 1.1.

Apple also says TLS 1.2 is the standard on its platforms and represents 99.6 percent of TLS connections made from Safari, while TLS 1.0 and 1.1 account for less than 0.36 percent of all connections.

Google could not agree more and says that today only 0.5 percent of HTTPS connections made by Chrome use TLS 1.0 or 1.1.

All the tech companies recommended websites that do not support TLS 1.2 or newer to move off of the old versions of the protocol as soon as possible and is practical.

Furthermore, the PCI Data Security Standard (PCI DSS) compliance also requires websites to disable SSL/TLS 1.0 implementation by June 30, 2018.

Besides these tech giants, Gitlab today also announced to deprecate support for TLS 1.0 and TLS 1.1 on its website and API infrastructure by the end of 2018.

You can also manually disable older TLS versions on Google Chrome by opening Settings → Advanced Settings → Open Proxy Settings → Click ‘Advanced’ Tab → Under ‘Security’ section uncheck TLS 1.0 and 1.1 and then save.

Google to Encrypt Android Cloud Backups With Your Lock Screen Password

In an effort to secure users’ data while maintaining privacy, Google has announced a new security measure for Android Backup Service that now encrypts all your backup data stored on its cloud servers in a way that even the company can’t read it.

Google allows Android users to automatically backup their essential app data and settings to their Google account, allowing them to simply restore it when required, instead of re-configuring all the apps after formatting or switching to a new phone.

However, until now your backup data was not encrypted and visible to Google, and now the company is going to change its storage procedure.

Starting with Android Pie, Google is going to encrypt your Android device backup data in the following way:

Step 1: Your Android device will generate a random secret key (not known to Google),

Step 2: The secret key will then get encrypted using your lockscreen PIN/pattern/passcode (not known to Google),

Step 3: This passcode-protected secret key will then securely sent to a Titan security chip on Google’s servers,

So, your Android back data will get encrypted or decrypted only if the lockscreen passcode get authorized through the Titan security chip.

In other words, the Titan security key will not decrypt any of your backup data unless it detects the lockscreen passcode you have used to request for decryption.

To prevent brute force attacks, Google’s Titan chip will permanently block access to the backup data if someone inputs incorrect passcode combinations several times in an attempt to guess it.

Google also hired cybersecurity and risk mitigation firm NCC Group to perform a full security audit of the new Android Cloud Backup/Restore feature. NCC discovered a few issues, which were quickly fixed by the company.

Google has not yet confirmed that which Android smartphones will be able to use this additional layer of security, but it is clear that the device must be running the latest Android 9 Pie operating system.

Microsoft October Patch Tuesday Fixes 12 Critical Vulnerabilities

Microsoft has just released its latest monthly Patch Tuesday updates for October 2018, fixing a total of 49 security vulnerabilities in its products.

This month’s security updates address security vulnerabilities in Microsoft Windows, Edge Browser, Internet Explorer, MS Office, MS Office Services and Web Apps, ChakraCore, SQL Server Management Studio, and Exchange Server.

Out of 49 flaws patched this month, 12 are rated as critical, 35 are rated as important, one moderate, and one is low in severity.

Three of these vulnerabilities patched by the tech giant are listed as “publicly known” at the time of release, and one flaw is reported as being actively exploited in the wild.

Windows Update Patches An Important Flaw Under Active Attack

According to the Microsoft advisory, an undisclosed group of attackers is actively exploiting an important elevation of privilege vulnerability (CVE-2018-8453) in Microsoft Windows operating system to take full control over the targeted systems.

This flaw exists when the Win32K (kernel-mode drivers) component fails to properly handle objects in memory, allowing an attacker to execute arbitrary code in the kernel mode using a specially crafted application.

This month’s updates also patches a critical remote code execution vulnerability in Microsoft Windows and affects all supported versions of Windows, including Windows 10, 8.1, 7, and Server 2019, 2016, 2012, and 2008.

The vulnerability (CVE-2018-8494) resides in the parser component of the Microsoft XML Core Services (MSXML), which can be exploited by passing malicious XML content via user input.

An attacker can remotely execute malicious code on a targeted computer and take full control of the system just by convincing users to view a specially crafted website designed to invoke MSXML through a web browser.

Microsoft Patches Three Publicly Disclosed Flaws

The details of one of the three publicly disclosed vulnerabilities was revealed late last month by a security researcher after the company failed to patch the bug within the 120-days deadline.

The vulnerability, marked as important and assigned CVE-2018-8423, resides in Microsoft Jet Database Engine that could allow an attacker to remotely execute malicious code on any vulnerable Windows computer.

For proof-of-concept exploit code and more details about this vulnerability you can read our article.

Rest two publicly disclosed vulnerabilities are also marked as important and reside in Windows Kernel (CVE-2018-8497) and Azure IoT Hub Device Client SDK (CVE-2018-8531), which lead to privilege escalation and remote code execution respectively.

The security updates also include patches for 9 critical memory corruption vulnerabilities—2 in Internet Explorer, 2 in Microsoft Edge, 4 in Chakra Scripting Engine, and 1 in Scripting Engine—all leads to remotely execution of code on the targeted system.

Besides this, Microsoft has also released an update for Microsoft Office that provides enhanced security as a defense in depth measure.

Users and system administrators are strongly advised to apply these security patches as soon as possible to keep hackers and cybercriminals away from taking control of their systems.

For installing security patch updates, directly head on to Settings → Update & security → Windows Update → Check for updates, or you can install the updates manually.

Just Answering A Video Call Could Compromise Your WhatsApp Account

What if just receiving a video call on WhatsApp could hack your smartphone?

This sounds filmy, but Google Project Zero security researcher Natalie Silvanovich found a critical vulnerability in WhatsApp messenger that could have allowed hackers to remotely take full control of your WhatsApp just by video calling you over the messaging app.

The vulnerability is a memory heap overflow issue which is triggered when a user receives a specially crafted malformed RTP packet via a video call request, which results in the corruption error and crashing the WhatsApp mobile app.

Since the vulnerability affect RTP (Real-time Transport Protocol) implementation of Whatsapp, the flaw affects Android and iOS apps, but not WhatsApp Web that relies on WebRTC for video calls.

Silvanovich also published a proof-of-concept exploit, along with the instructions for reproducing the WhatsApp attack.

Although the proof-of-concept published by Silvanovich only triggers memory corruption, another Google Project Zero researcher, Tavis Ormandy, claims that “This is a big deal. Just answering a call from an attacker could completely compromise WhatsApp.”

In other words, hackers only need your phone number to completely hijack your WhatsApp account and spy on your secret conversations.

Silvanovich discovered and reported the vulnerability to the WhatsApp team in August this year. WhatsApp acknowledged and patched the issue on September 28 in its Android client and on October 3 in its iPhone client.

So if you have not yet updated your WhatsApp for Android or WhatsApp for iOS, You should consider upgrading now.

Google+ is Shutting Down After a Vulnerability Exposed 500,000 Users’ Data

Google is going to shut down its social media network Google+ after the company suffered a massive data breach that exposed the private data of hundreds of thousands of Google Plus users to third-party developers.

According to the tech giant, a security vulnerability in one of Google+’s People APIs allowed third-party developers to access data for more than 500,000 users, including their usernames, email addresses, occupation, date of birth, profile photos, and gender-related information.

Since Google+ servers do not keep API logs for more than two weeks, the company cannot confirm the number of users impacted by the vulnerability.

However, Google assured its users that the company found no evidence that any developer was aware of this bug, or that the profile data was misused by any of the 438 developers that could have had access.

The vulnerability was open since 2015 and fixed after Google discovered it in March 2018, but the company chose not to disclose the breach to the public—at the time when Facebook was being roasted for Cambridge Analytica scandal.

Though Google has not revealed the technical details of the security vulnerability, the nature of the flaw seems to be something very similar to Facebook API flaw that recently allowed unauthorized developers to access private data from Facebook users.

Besides admitting the security breach, Google also announced that the company is shutting down its social media network, acknowledging that Google+ failed to gain broad adoption or significant traction with consumers.

In response, the company has decided to shut down Google+ for consumers by the end of August 2019. However, Google+ will continue as a product for Enterprise users.

Google Introduces New Privacy Controls Over Third-Party App Permissions

As part of its “Project Strobe,” Google engineers also reviewed third-party developer access to Google account and Android device data; and has accordingly now introduced some new privacy controls.

When a third-party app prompts users for access to their Google account data, clicking “Allow” button approves all requested permissions at once, leaving an opportunity for malicious apps to trick users into giving away powerful permissions.

But now Google has updated its Account Permissions system that asks for each requested permission individually rather than all at once, giving users more control over what type of account data they choose to share with each app.

Since APIs can also allow developers to access users’ extremely sensitive data, like that of Gmail account, Google has limited access to Gmail API only for apps that directly enhance email functionality—such as email clients, email backup services and productivity services.

 

Best Enterprise Firewall 2018

Best Enterprise Firewall 2018

Best Enterprise Firewall 2018
Fortinet FortiGate
Cisco ASA
Sophos UTM
pfSense
Meraki MX Firewalls
Sophos Cyberoam UTM
WatchGuard XTM
Juniper SRX
SonicWall TZ
SonicWall NSA
Barracuda NextGen Firewall
Sophos XG
FortiGate-VM
Cisco Firepower NGFW
Zscaler Web Security
Cisco Sourcefire Firewalls
Check Point UTM-1
Check Point VSX
Kerio Control
Untangle NG Firewall
Palo Alto Networks VM-Series
Cisco ASAv
Check Point Next Generation Firewall
Cisco IOS Security
Palo Alto Networks Next-Generation Firewall
Stormshield Network Security
OPNsense
Check Point VPN-1
McAfee StoneGate
Check Point Power-1
Trustwave Firewalls
McAfee Firewall Enterprise MFE
3Com H3C Firewall
A10 Networks Thunder CFW
Hillstone E-Series
NetFortris Hosted Firewall
NetFortris Threat Analyzer
WatchGuard Firebox
Hillstone T-Series
Fortinet FortiOS
Hillstone X-Series Data Center Firewalls
Hillstone CloudEdge
Sonatype Nexus Firewall
Comodo Dome Firewall
Sangfor NGAF

Bank Servers Hacked to Trick ATMs into Spitting Out Millions in Cash

The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra.

Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks against a number of media organizations, aerospace, financial and critical infrastructure sectors across the world.

The group had also reportedly been associated with the WannaCry ransomware menace that last year shut down hospitals and big businesses worldwide, the SWIFT Banking attack in 2016, as well as the Sony Pictures hack in 2014.

Now, the FBI, the Department of Homeland Security (DHS), and the Department of the Treasury have released details about a new cyber attack, dubbed “FASTCash,” that Hidden Cobra has been using since at least 2016 to cash out ATMs by compromising the bank server.

FASTCash Hack Fools ATMs into Spitting Out Cash

The investigators analyzed 10 malware samples associated with FASTCash cyber attacks and found that attackers remotely compromise payment “switch application servers” within the targeted banks to facilitate fraudulent transactions.

Switch application server is an essential component of ATMs and Point-of-Sale infrastructures that communicates with the core banking system to validate user’s bank account details for a requested transaction.

Whenever you use your payment card in an ATM or a PoS machine in a retailer shop, the software asks (in ISO 8583 messages formats) the bank’s switch application server to validate the transaction—accept or decline, depending upon the available amount in your bank account.

However, Hidden Cobra attackers managed to compromise the switch application servers at different banks, where they had accounts (and their payment cards) with minimal activity or zero balances.

The malware installed on the compromised switch application servers then intercepts transaction request associated with the attackers’ payment cards and responds with fake but legitimate-looking affirmative response without actually validating their available balance with the core banking systems, eventually fooling ATMs to spit out a large number of cash without even notifying the bank.

Hidden Cobra threat actors are using the FASTCash scheme to target banks in Africa and Asia, though the U.S. authorities are still investigating the FASTCash incidents to confirm whether the attack targets banks in the United States.

How Attackers Managed to Compromise Banks’ Switch Application Servers

Though the initial infection vector used to compromise Bank networks is unknown, the U.S. authorities believe that the APT threat actors used spear-phishing emails, containing malicious Windows executable, against employees in different banks.

Once opened, the executable infected bank employees’ computers with Windows-based malware, allowing hackers to move laterally through a bank’s network using legitimate credentials and deploy malware onto the payment switch application server.

Though most compromised switch application servers were found running unsupported IBM Advanced Interactive eXecutive (AIX) operating system versions, investigators found no evidence that attackers exploited any vulnerability in AIX operating system.

US-CERT recommended banks to make two-factor authentication mandatory before any user can access the switch application server, and use best practices to protect their networks.

US-CERT has also provided a downloadable copy of IOCs (indicators of compromise), to help you block them and enable network defenses to reduce exposure to any malicious cyber activity by the Hidden Cobra hacking group.

In May 2018, the US-CERT also published an advisory alerting users of two different malware—Remote Access Trojan (RAT) known as Joanap and Server Message Block (SMB) worm called Brambul—linked to Hidden Cobra.

Last year, the DHS and the FBI also issued an alert describing Hidden Cobra malware Delta Charlie—a DDoS tool that they believed North Korea uses to launch distributed denial-of-service attacks against its targets.

Other malware linked to Hidden Cobra in the past includes Destover, Wild Positron or Duuzer, and Hangman with sophisticated capabilities, like DDoS botnets, keyloggers, remote access tools (RATs), and wiper malware.

 

Sophos

Firewall Company in India

Firewall Company in India

Sophos Hardware Firewall

Sophos Hardware Firewall Company in India

Sophos Hardware Firewall Company in India

Buy Best Price Hardware Appliance UTM Sophos Firewall from authorized Dealer, Partner, Reseller with remote, on-site installation support in India at best price.

We are Providing our Antivirus, Antispam solutions all over India like Mumbai, Thane, Navi Mumbai, Vasai. Virar, Panvel, Kharghar, Bhiwandi, Kalyan Gujrat, Kolkata, Dehli, Chennai, Tamil Nadu etc. To buy our Firewall Service.

SOHO / ROBO Appliances
SMB Appliances
For Enterprise
Sophos 15i NG

Hardware UTM Appliances for Small & Branch Offices

Sophos UTM appliances enables small offices to shift from plain firewall to comprehensive UTM protection with cost effective, which gives powerful security to protect your network from malware, spam, trojan, DoS, DDoS, Phishing, pharming and intrusions. Large organizations can implement uniform security and gain high visibility into remote and branch offices with centralized management and Layer 8 Identity-based security.

Key Features
  • Stateful Inspection Firewall
  • VPN (SSL VPN & IPSec)
  • Intrusion Prevention System
  • Anti-Virus & Anti-Spyware
  • Anti-Spam
  • Outbound Spam Protection
  • Web Filtering
  • Bandwidth Management
  • Application Visibility & Control
  • Web Application Firewall
  • 3G / 4G / WiMAX Connectivity
  •  IM Archiving & Controls
  • Multiple Link Management
  • On-Appliance Reporting
  • IPv6 Ready
  •  Wi-Fi Appliances
Key Features
Layer 8 Identity-based policies
  • Role-based access at remote locations Visibility into who is doing what
Comprehensive UTM Security
  • Stateful Inspection Firewall
  • Intrusion Prevention System
  • Anti-Virus & Anti-Spyware
  • Anti-Spam
  • Web Filtering
  • Application Visibility & Control
  • On-appliance Reporting
  • Web Application Firewall
  • Outbound Spam Protection
Secure Remote Access
  • IPSec VPN
  • L2TP
  • PPTP
  • SSL VPN
WAN Connectivity & Availability            
  • Bandwidth Management
  • Multiple Link Management
  • 3G / 4G / WiMAX Support
Advanced Networking
  • Multi-core Processing
  • Extensible Security Architecture
  • Active-Active High Availability
  • IPv6 Ready Gold Certified
Wi-Fi Security  
  • Wireless Standards IEEE 802.11a/b/g/n (WEP, WPA, WPA2,802.11i, TKIP, AES, PSK)
  • Up to 8 bssid Access Points
Centralized Security Management         
  • CCC Appliances
  • Sophos iView Open Source Solution – Logging & Reporting
  • Sophos iView Appliances – Logging & Reporting
  • We deales with all range of Sophos firewall for your Home and Office use. To know more about Sophos Next Generation series and Sophos ia Series you can contact us.

Sophos Firewall Price

Sophos Firewall Price
Sophos XG 85 with Full Guard 1 year license
( For 20 User )
Rs. 28,078
Sophos XG 105 with Full Guard 1 year license
( For 30 User )
Rs. 42,237.65
Sophos XG 115 with Full Guard 1 year license
( For 50 User )
Rs. 68,914.30
Sophos XG 125 with Full Guard 1 year license
( For 70 User )
Rs. 98,508.00
Sophos XG 135 with Full Guard 1 year license
( For 100 User )
Rs. 159,432.00

For Any type of Firewall Security and Support, Please call us on

Sales :+91 958 290 7788
Support : 0120 2631048

Register & Request Quote
Submit Support Ticket