Daily Archives: June 26, 2019

Klaytn Will Onboard Cloudbric Following Mainnet Launch

cloudbric klaytn blockchain mainnet launchThe internet giant KakaoTalk has just launched its blockchain platform on June 27, 2019. The mainnet launch was orchestrated by KakaoTalk’s blockchain arm, Ground X. 

This marks a big occasion for both Klaytn and Cloudbric, who is a technology ISP (Initial Service Partner).  

Klaytn has emphasized the importance of ISPs who provide substantial and tangible service use-cases for the blockchain ecosystem. Because the main focus of the company is on the Dapps (decentralized apps) that run on the blockchain, Cloudbric will launch a crypto security app for within Q3.

The app will focus on protecting users when they use crypto apps or exchanges to transfer cryptocurrency. 

After its initial release, Cloudbric has plans to add upgraded features and functions

Please look forward to more details soon as we disrupt the crypto security market!

—-

Cloudbric is already working to provide web security services to numerous cryptocurrency exchanges and blockchain projects. Known for our distinguished WAF, Cloudbric also recently released Threat DB, our free database of threat intelligence, this past May. The platform currently includes blacklisted, or malicious IPs, known hacker wallet addresses, and phishing URLs.

The data collected on the platform will be available via an API which allows businesses and developers to create their own security technologies. 

Crypto exchanges can also can leverage the hacker wallet addresses to prevent unauthorized transactions on their platform. 


Make sure to follow us on our social media platforms (LinkedInTwitter, and Facebook) and our recently opened Telegram Announcement Channel for the latest updates!

The post Klaytn Will Onboard Cloudbric Following Mainnet Launch appeared first on Cloudbric.

How to verify and claim your CLBK token bonuses

Hello Cloudbric CLB community,

The following guide is meant to help you claim your additional CLBK bonuses that you acquired during our Super Holders Event.

Klaytn’s wallet app is expected to be released in late August/early September following the launch of Klaytn’s main net (opened June 27) and will be available to all users. The Klaytn Wallet allows you to check the balance of KLAY and KLAY compatible tokens like CLBK.

Thus, prior to the wallet’s release, Cloudbric will distribute CLBK through Cloudbric Labs, our online hub of free web security resources and tools for the cybersecurity community but in time for our upcoming token swap with Klaytn. 


Step 1: Sign up for membership on Cloudbric Labs using the same email you used to participate in the Super Holder Event

Check for your email here.
     

Step 2: Go to your dashboard and check the quantity of your CLBK tokens. 

Those who participated in the event using multiple wallet addresses but used the same email will be able to see their accumulated CLBK. 

Dashboard

Step 3: Following the release of Klaytn’s wallet, you will be able to enter a Klaytn’s wallet address into Cloudbric Labs’s withdrawal feature to claim your CLBK. 

More details about the token swap will soon be announced!


Make sure to follow us on our social media platforms (LinkedInTwitter, and Facebook) and our recently opened Telegram Announcement Channel for the latest updates!

The post How to verify and claim your CLBK token bonuses appeared first on Cloudbric.

Three Network Security Questions with CEITEC’s CIO

Ireneo Demanarig is the Chief Information Officer at CEITEC S.A. located in Porto Alegre, Rio Grande do Sul, Brazil. CEITEC is a microelectronics manufacturer that specializes in solutions such as automatic identification (RFID and smartcards), application-specific integrated circuits (ASICs) aimed at identifying animals, and much more.

Recently, I jumped on the phone with Ireneo and asked him three questions about his deployment of Trend Micro Network Defense products. And here is what he had to say.

Can you briefly describe your network protection?

We are using a Palo Alto Networks Next Gen Firewall and an F5 DNS at the perimeter with a TippingPoint IPS sitting in-line behind both of them. Off our core switch we are running Deep Discovery Inspector to protect us from advanced threats.  Some people consider using a Next Gen Firewall along with an IPS is redundant but that is not the case. They both protect my network in different ways.  The firewall protects my applications while my IPS helps keep the threats at bay.  A great example was WannaCry.  My next gen firewall missed it but my IPS was able to block every attempt.  I also know that if threats get past both of them I can rely on Deep Discovery Inspector to detect the threat as it moves in, out or across my network.

Toward the end of 2018 Trend Micro released Deep Discovery Network Analytics add-on module, which will correlate Deep Discovery Inspector events and display the entire attack lifecycle graphically for quicker response to threats.  CEITEC was one of the first customers to do a proof of concept on the new module.   

When you did the proof of concept with Deep Discovery Network Analytics what were you able to see?

The proof of concept was a real eye opener for us.  Deep Discovery Inspector generates a lot of events and we have a limited staff.  So we can only focus on the highest level detections.  We don’t have time to look at all events, much less try to connect the dots between multiple events.  The Deep Discovery Network Analytics showed us a number of detected attacks that were buried in the events.  Specifically it found a coin miner that had been hiding in our network.  Network Analytics showed us all the users that were being used in this attack and where they were calling out to.  Correlating all this info would have taken my team 3-4 months.

After purchasing Deep Discovery Network Analytics how long did it take to start seeing the value?

It was immediate.  We looked at our correlated events in the management console and could see quickly that we had a major breach impacting a large number of our users and servers.  Network Analytics showed us on a single chart where the breach started, how it spread, and all the users impacted.  With one click of a mouse we were able to see hundreds of Deep Discovery Inspector events pulled into a single graph.  This helped us understand not only the threat, but also how to respond appropriately to the attack.

Find out why CEITEC relies on Trend Micro to not only protect his network but also provide visibility and automation.

See the customer use case.

For more information on Deep Discovery Network Analytics checkout the data sheet or watch the video.

The post Three Network Security Questions with CEITEC’s CIO appeared first on .

Google Public DNS over HTTPS (DoH) supports RFC 8484 standard



Ever since we launched Google Public DNS in 2009, our priority has been the security of DNS resolution. In 2016, we launched a unique and innovative experimental service -- DNS over HTTPS, now known as DoH. Today we are announcing general availability for our standard DoH service. Now our users can resolve DNS using DoH at the dns.google domain with the same anycast addresses (like 8.8.8.8) as regular DNS service, with lower latency from our edge PoPs throughout the world.

General availability of DoH includes full RFC 8484 support at a new URL path, and continued support for the JSON API launched in 2016. The new endpoints are:

  • https://dns.google/dns-query (RFC 8484 – GET and POST)
  • https://dns.google/resolve (JSON API – GET)
We are deprecating internet-draft DoH support on the /experimental URL path and DoH service from dns.google.com, and will turn down support for them in a few months.

With Google Public DNS, we’re committed to providing fast, private, and secure DNS resolution through both DoH and DNS over TLS (DoT). We plan to support the JSON API until there is a comparable standard for webapp-friendly DoH.


What the new DoH service means for developers

To use our DoH service, developers should configure their applications to use the new DoH endpoints and properly handle HTTP 4xx error and 3xx redirection status codes.
  • Applications should use dns.google instead of dns.google.com. Applications can query dns.google at well-known Google Public DNS addresses, without needing an extra DNS lookup.
  • Developers using the older /experimental internet-draft DoH API need to switch to the new /dns-query URL path and confirm full RFC 8484 compliance. The older API accepts queries using features from early drafts of the DoH standard that are rejected by the new API.
  • Developers using the JSON API can use two new GET parameters that can be used for DNS/DoH proxies or DNSSEC-aware applications.
Redirection of /experimental and dns.google.com

The /experimental API will be turned down in 30 days and HTTP requests for it will get an HTTP redirect to an equivalent https://dns.google/dns-query URI. Developers should make sure DoH applications handle HTTP redirects by retrying at the URI specified in the Location header.

Turning down the dns.google.com domain will take place in three stages.
  1. The first stage (in 45 days) will update the dns.google.com domain name to return 8.8.8.8 and other Google Public DNS anycast addresses, but continue to return DNS responses to queries sent to former addresses of dns.google.com. This will provide a transparent transition for most clients.
  2. The second stage (in 90 days) will return HTTP redirects to dns.google for queries sent to former addresses of dns.google.com.
  3. The final stage (in 12 months) will send HTTP redirects to dns.google for any queries sent to the anycast addresses using the dns.google.com domain.
We will post timelines for redirections on the public‑dns‑announce forum and on the DoH migration page. You can find further technical details in our DoH documentation, and if you have a question or problem with our DoH service, you can create an issue on our tracker or ask on our discussion group. As always, please provide as much information as possible to help us investigate the problem!

How McAfee’s Paternity Leave Helped My New Family

By: Guillaume, EMEA Retail Marketing Manager, Slough, U.K.

Becoming a parent is a daunting experience for anyone. The sheer amount of responsibilities can feel overwhelming and all consuming. For my husband and I, we spent an emotional and tiring 18 months working through the adoption process before becoming parents to two fully formed little humans seemingly overnight. Most parents get to know their children over a few years; we only had two weeks’ worth of introduction. In an instant, these two children and their care, happiness, security, dreams and hopes now rest firmly with us.

I feel incredibly grateful to work for a company that understands the value of family. Whether it was my colleagues checking in and celebrating our new arrivals, or the eight weeks of bonding leave that McAfee offers any new parent – including adoptive and same-sex couples. The paternity leave from McAfee really made a difference in getting to know our children and for them to get to know us. I can’t fathom how different the experience and early months would have been if I had to go back to work after two weeks. The extra time allowed us to get settled and establish good routines.

Overcoming Obstacles

That’s not to say the adoption process was easy. My husband and I knew we wanted to adopt in 2014 but didn’t officially start the process until 2017. After a grueling amount of paperwork came the emotional and time-consuming interview with the social worker. The questions challenged me and forced me to confront some of my own anxieties to ready myself for parenthood. We learned how important it is to be ready and open to re-shape who you are to bring forward the best version of yourself for your children.

 And as a natural worrier, you can imagine how after having children, my anxieties skyrocketed — in addition to the concerns of any new parent, we have to think about protecting our children from homophobic attacks and prejudices. Our boys already had a tough start; I don’t want to make it tougher.

As an LGBTQ+ family, we get unspoken scrutiny from the world that already puts more pressure on us than on conventional families. We know how society says an LGBTQ+ family should celebrate Mother’s Day or Father’s Day. We notice the side looks from other parents. We know how we must conduct ourselves in public to be safe. We know we can’t go on holiday in certain countries.

As a gay man, I’ve had to work hard to create the family I have today. Growing up, gay marriage and adoption weren’t allowed, so I had come to terms with possibly never having a family of my own. Now, I’m able to play football in the park with my kids, tuck them into bed, or help with their homework – just like any other parent. This makes me feel that together, we can make a difference. We can advance equality and make the impossible, possible.

Feeling Included and Supported

I’ve worked for a number of technology companies, but McAfee is the first one that I can say, hand on heart, delivers on its commitment to inclusion. Upon my return, my colleagues have been great at giving me advice and asking how I‘m doing. As an employee and a new father, I couldn’t feel more supported. It’s reassuring to have your company’s backing and I feel lucky to live in an era and country where I could get married and adopt children without discrimination or prejudice.

Allies Can Make a Difference

For me, it’s often the little things that make a big difference toward inclusion and acceptance. Three things I always encourage from allies to help us in our quest for equality, include:

  • Treat people with respect and as your equal (the golden rule – it’s simple and effective!)
  • Have an open mind and don’t be afraid of our differences – we have more in common than you think
  • Call out offensive or disrespectful talk – a simple “hey, that’s not cool” shows those ‘off the cuff’ comments aren’t tolerated

My family is no less different from any other. The worries and hopes for my children are the same as any parent. My struggles and questioning are the same as any father. And the love I feel for my children is the same as everybody else.

Interested in joining our team? We’re hiring! Apply now.

For more stories like this, follow @LifeAtMcAfee on Instagram and on Twitter @McAfee to see what working at McAfee is all about.

The post How McAfee’s Paternity Leave Helped My New Family appeared first on McAfee Blogs.

New Software Security Framework Programs: Timeline & Key Milestones



PCI SSC has announced the rollout of the Secure Software Lifecycle (Secure SLC) and Secure Software Programs. These new validation programs are intended for use by payment software vendors to demonstrate that both their development practices and their payment software products address overall software security resiliency to protect payment data.

Email technology and its security in nutshell

Estimated reading time: 5 minutes

Email has become a necessity of day-to-day communication. We can realize the importance of email with the fact that the down-time of organization email server directly affects the organization’s productivity. Email has become most prominent and integral part of network system, hence one must know how to manage it and keep it secure. Let’s understand the email technology and its basic flow in nutshell.

1.1 How email works

                                             1.1 Diagram to illustrate basic email flow

 

MUA, also referred to as an email client, is a computer application that allows you to compose and send emails or fetch and read emails intended for you. MUA can be a web-based client which means that you can send and receive  emails  via  browser   (i.e. Gmail, Yahoo on Firefox, Chrome etc.) or it can be application- based client (i.e. Thunderbird, Outlook etc.). In order to send an email, the sender needs to compose an email, add recipient name, and click on Send button.

 

Once sender has composed an email and sent it, an email server is ready to receive and process it. Email server is a computer application that is listening on port 25 (Non-encrypted), 465(SSL/TLS), 587(STARTTLS). The email server receives email from the sender and forwards it for delivery. All outgoing emails are placed in a mail queue and in parallel the SMTP server does a query with the DNS server for its MX record in order to find out where the receiver’s email server is located. Once it finds the IP address of recipient email server, it will send the composed message to that IP. E.g. MX record for xyz.com is like mail1.xyz.com.

In an email queue, SMTP server will lookout for MX record and recipient validation. If server is not able to process that email it will place that email in deferred queue which is not going to deliver immediately and re-tries after some time for a few attempts before sending the failed acknowledgment to client. If it is validated and intended for local delivery, it will handover that email to local delivery agent or if it is intended for remote delivery it contacts other mail servers for relaying.

 

If that email is intended for remote delivery, it will relay that email to MTA. MTA is a software application that relays email from one node to another node using SMTP protocol. MTA receives the email from another MTA or a MUA. After receiving that email, it will add the “received” tag at the top of message header file and relay it to another MTA for further delivery. It is also known as relaying agent of email. For each mail, MTA processes it and keeps track of each and every activity and analyzes the list of recipients for the routing actions. It sends responses of non-delivery when a message does not reach its intended destination. A few open source MTAs are Exim, Postfix etc.

 

MDA is a software application that takes mail from MTA and is responsible for delivery of that email to the receiver’s mailbox. Upon final delivery, the Return- Path field is added to the envelope to keep record of return path. Some popular open source MDAs are Dovecot, Fetchmail etc.

 

MUA is a software application that fetches the email from POP3 server or IMAP server and loads that email from the user’s mail box to email client (i.e. Thunderbird, Outlook).

POP3 server listens on following ports:

  • Port 110 – Post Office Protocol for non-encrypted mail.
  • Port 995 – Post Office Protocol over SSL/TLS.

IMAP server listens on following ports:

  • Port 143 – Internet Message Access Protocol for non-encrypted mail.
  • Port 993 – Internet Message Access Protocol over SSL/TLS.

In nutshell,  The Mail Transport Agent (MTA), such as Postfix, Exim is responsible for sending email to the correct destination and handing over the mail to MDA.

The Mail Delivery Agent (MDA) such as Dovecot, Fetchmail receives mail from MTA and sends it into user’s mailbox.(Dovecot supports POP3 and IMAP protocols along with MDA functionality.)

The Mail User Agent (MUA) such as Thunderbird, Outlook is the email client that fetches the email from the user’s mailboxes and presents it to the user.

 

1.2 Security/Protection of Email server:

1.2.1 Scanning from threats

Scanning of emails before they reach the organization’s email server makes organization secure from the malicious activity. Proper scanning for Viruses, Spam, Spy-ware, Trojan horses, Phishing, Worms, Ransomware must be carried out. Email security/protection devices provide the facility to scan email file from the above threats.

1.2.2 Blacklisting of domain/email address

Blacklisting of email domains/ email addresses helps organization prevent receiving email from these malicious addresses or domain names.

1.2.3 Data leak prevention (DLP)

DLP helps organization prevent the leakage of sensitive or confidential information. Security devices check as per administrator’s customized policies at the gateway and accept or reject mail accordingly. Notifying such an activity to administrators would be an added advantage.

1.2.4 Content based blocking

Sometimes inappropriate content may flow through emails. Applying policies for inbound and outbound mail for file types, extension matching, keyword matching, and expression matching in both email body and email attachments reduces the flow of such an information.

1.2.5 Encrypted communication over SSL/TLS

Transport layer security (TLS) for encrypting/decryption can be provided for an email. Sending email in plain text can be intercepted and read by interceptor.

1.2.6 Verification of sender

To maintain the integrity in email communication, the sender should be a verified/legitimate entity. Pretty good privacy (PGP) let you digitally sign an encrypted document. This ensures that email coming to mailbox is not compromised.

Last but not the least, employee training also helps to reduce threats coming to or from the organization. A few points can be included in training.

  •  Never open the links from unknown senders and report to your manager/admin.
  • Do not open attachment if it is from unknown sender and report to manager/admin. If mail is from a known sender but looking suspicious, it is good to confirm before opening the mail.
  • Avoid connecting and accessing your email from public non-secure Wi-Fi connections.

The post Email technology and its security in nutshell appeared first on Seqrite Blog.

Data security and the legal sector – ISO 27001 for law firms

With the legal sector reporting an increase in targeted attacks in 2018, information security management remains a serious issue for law firms. The confidential information and large volumes of client funds they hold are highly desirable to cyber criminals, so it’s not surprising that 60% of law firms reported that they suffered a security incident last year (PwC Law Firms’ Survey 2018).

With increased levels of cyber attacks, information security must be a priority. While a cyber criminal or terrorist organisation may be held off by firewalls and intrusion detection systems, these systems cannot manage the intricacies of business relationships or global trade. As such, a security regime focused solely on technology will fail.

Tackle cyber threats head on with ISO 27001

Leading law firms are implementing ISO/IEC 27001:2013 (ISO 27001), the international standard for information security, to tackle cyber threats head on. Management teams can safeguard their firm by employing a best-practice ISMS (information security management system) and certifying to ISO 27001.

ISO 27001 certification is increasingly demanded of law firms when tendering for major projects. Achieving accredited certification to ISO 27001 will put law firms in the running for these tenders and demonstrates that they are committed to protecting their clients’ confidential data, offering a powerful, visible assurance of their commitment to meeting obligations to clients and business partners.

In addition to severe fines, cyber security and data protection failures also risk seriously damaging a firm’s reputation. Having the correct measures in place will protect a firm’s credibility, minimise risk and maintain the level of trust that clients deserve.

Support with your ISO 27001 project

Whether you are just getting started, preparing a business case for ISO 27001, or your project is already underway, we encourage you to read our new green paper ISO 27001 for Law Firms. It outlines the benefits of ISO 27001 and stresses the importance of stringent data security in the legal sector.

For further support with your firm’s ISO 27001 project, complete an enquiry form to contact our experts or call our team on +44 (0)333 800 7000 to discuss your firm’s requirements.

The post Data security and the legal sector – ISO 27001 for law firms appeared first on IT Governance Blog.