Category Archives: Software

Can low code platforms solve legacy gridlock?

Half of IT leaders say legacy systems are holding them back on digital transformation. Traditional software is time-consuming and expensive to build, said Michael Douglas, Product Marketing Manager with OutSystems at a recent ITWC webinar. But there’s a way out of the gridlock, he said. “Low code is a cheap and effective way to build…

Enterprises reaching a security tool tipping point

A rapid increase in the number of security tools used by large companies is limiting their return on investment while increasing the risk of cyber threats, according to ReliaQuest. Security tool tipping point The survey of 400 security decision makers at companies with more than 1,000 employees found there is a security tool tipping point where the number of cybersecurity solutions becomes overwhelming and increases organizational risk levels. The result is underutilized technology, ineffective use … More

The post Enterprises reaching a security tool tipping point appeared first on Help Net Security.

SEC Xtractor – Experts released an open-source hardware analysis tool

Security and consulting company SEC Consult announced the release of an open-source hardware analysis tool dubbed SEC Xtractor

Security firm SEC Consult announced the release of an open-source hardware analysis tool dubbed SEC Xtractor. The tool was initially designed for internal use, and was then adopted for several research projects over the years.

The tool relies on an easy to use and configurable memory reading concept that supports multiple ways to read flash chips (e.g. NAND chips). Both, the firmware and hardware of the tools are completely open-source, this means that researchers can extend their functionalities according to their needs. 

The SEC Xtractor tool was initially used as a memory extraction and UART (Universal Asynchronous Receiver/Transmitter) interface project.

The experts decided to develop the tool for the test of embedded devices (hardware and firmware) because many other tools available on the market did not completely respond to their needs.

SEC Xtractor could be used to dump the content of NAND, NOR, SPI and I2C flash memory without the need for soldering chip.

“Most projects concluded without any solution since the chips couldn’t be inserted without soldering. This can be frustrating for those who do not want to solder SMD. Only commercial tools (that are expensive) can read memory in that way. The problem remains that they cannot read every chip. This means that different tools for different flash chips are needed and that every new part must be implemented.” reads the post published by the company.

SEC Xtractor was developed in C, the JTAG brute forcing component was based on the project JTAGenum and the Xmega Bootloader was used.

“Version 1.31 comes with improvements like a boot button and additional labels three years after the initial hardware version. An open-source bootloader was used to program the device via USB. No external programmer is needed to reflash the ATXmega microcontroller. The black color for the main PCB and the NAND/NOR adapters were chosen because the launch was made during Black Hat Europe 2019 Arsenal.” continues the post.

SEC Xtractor

SEC Consult plans to continue to maintain the tool, it published technical details to build the hardware analysis tool on GitHub.

Pierluigi Paganini

(SecurityAffairs – SEC Xtractor, hacking)

The post SEC Xtractor – Experts released an open-source hardware analysis tool appeared first on Security Affairs.

CrackQ: Efficient password cracking for pentesters and red teamers

CrackQ employs automation to make password cracking a faster and more efficient undertaking for pentesters and red teamers. CrackQ dashboard “Regular security testing is a practice all organizations should incorporate into their overall security programs. Password cracking is an essential phase of a pentest/red team engagement and helps asses organizational security best practices,” Dan Turner, Principal Security Consultant at Trustwave SpiderLabs and author of CrackQ, told Help Net Security. “But pentests and red teaming engagements … More

The post CrackQ: Efficient password cracking for pentesters and red teamers appeared first on Help Net Security.

AI and analytics dig deep into dermatology

2019 Ingenious Small Private Sector Award | MetaOptima’s DermEngine   One in seven Canadians are diagnosed with a form of skin cancer in their lifetime, and according to the Government of Canada, the early detection of this disease is essential to positive outcomes, increasing survival rates by as much as 82 per cent.  Unfortunately, many…

Microsoft granted license to sell to Huawei by U.S. government

Microsoft has been granted a license from the U.S. government to once again sell to Huawei, enabling the Chinese telecommunication giant to continue to install the Windows operating system and other Microsoft products into their devices.

Aside from phones and 5G equipment, Huawei also develops and sells laptops running Window’s operating system. Its flagship devices, such as the Huawei Matebook X has been prominently featured in the Microsoft Store. In addition, like many other parts of the world, the Microsoft Office suite is still widely used in China.

After Huawei was deemed as a security threat and banned it from doing business with U.S. technology companies, Microsoft pulled Huawei devices from its stores in May.

On Nov. 21, Reuters reported that over 300 companies have filed a business exemption application to the U.S. government that would allow them to reestablish business with Huawei. The article stated that about half the applications have been processed, with roughly half of them approved.

In an interview with Bloomberg, Microsoft president and chief legal officer Brad Smith said that the U.S. has treated Huawei unfairly.

“Oftentimes, what we get in response is, ‘Well, if you knew what we knew, you would agree with us,’” said Smith. “And our answer is, ‘Great, show us what you know so we can decide for ourselves. That’s the way this country works.’”

While the development breathes relief in Huawei’s predicament, the company is still waiting on Google, which owns the Android operating system.

Google stopped supplying its Android operating system to Huawei smartphones after the U.S. ban, which meant future Huawei phones would be less attractive to European and Canadian markets. In August, Huawei unveiled its own Harmony OS for its IoT devices. Although it has the potential to replace Android, Huawei CEO of its consumer business group Richard Yu said in August that Huawei’s plans to bring Harmony into smartphones are still unclear.

Android camera apps could be hijacked to spy on users

A vulnerability in the Google Camera app may have allowed attackers to surreptitiously take pictures and record videos even if the phone is locked or the screen is off, Checkmarx researchers have discovered. In addition to this, attackers would have also been able to eavesdrop on and record phone conversations, silence the camera shutter, transfer captured photos, video and data to their C&C server, and pull GPS location based on photo’s metadata. Android camera spy: … More

The post Android camera apps could be hijacked to spy on users appeared first on Help Net Security.

WhatsApp RCE flaw can be exploited by sending malicious MP4 files

Facebook has patched a critical vulnerability (CVE-2019-11931) affecting various versions of its popular WhatsApp Messenger app and is urging users to update as soon as possible. About the patched flaw (CVE-2019-11931) CVE-2019-11931 is a stack-based buffer overflow vulnerability that could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. “The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS … More

The post WhatsApp RCE flaw can be exploited by sending malicious MP4 files appeared first on Help Net Security.

Attack tools and techniques used by major ransomware families

Ransomware tries to slip unnoticed past security controls by abusing trusted and legitimate processes, and then harnesses internal systems to encrypt the maximum number of files and disable backup and recovery processes before an IT security team catches up, according to a new Sophos report. Main modes of distribution for the major ransomware families Ransomware is typically distributed in one of three ways: as a cryptoworm, which replicates itself rapidly to other computers for maximum … More

The post Attack tools and techniques used by major ransomware families appeared first on Help Net Security.

OpenText Enfuse 2019: The Carbonite acquisition, new apps, and updates

LAS VEGAS — The topic of endpoint security was front and centre on the first day of OpenText Enfuse 2019.

OpenText’s chief executive officer, Mark Barrenechea, said in his keynote that endpoint security becomes all the more vital as cloud computing continues to accelerate.

“We look at the momentum of moving into the cloud. You’re in a five to six-year window where everything will be centralized and operating in the cloud,” said Barrenechea. “As more gets centralized into the cloud, it just exposes how important that edge is.”

The topic of endpoint security was especially relevant yesterday after the Waterloo-based company announced its intent to acquire Carbonite for just under $1.5 billion, continuing its aggressive acquisition strategy over the last couple of years, which includes Liaison Technologies and Hightail.

Although the acquisition is not expected to officially finalize for about 90 days, Barrenechea expressed his excitement about what Carbonite will bring to OpenText’s endpoint security portfolio.

Barrenechea said the endpoint is strategic and this acquisition signals OpenText’s “commitment of winning at the endpoint”.

According to Barrenechea, OpenText already secures about 40 million endpoints, but once Carbonite is officially brought into the fold, that number will increase to about 100 million.

Most importantly in what Carbonite brings to the table, according to OpenText’s chief product officer, Muhi Majzoub, is the endpoint antivirus and the data backup for endpoint devices which allows users to simply wipe their devices and move on rather than be held hostage by ransomware.

Although what they bring from a solutions standpoint is important, Majzoub pointed out that he thinks this should be seen as a big move for OpenText into the SMB world; as Carbonite brings with it experience and customers in that space.

OpenText Enfuse 2019 kicked off on Tuesday in Las Vegas with a bevy of announcements. Credit: Buckley Smith

Updated security portfolio

Beyond the Carbonite announcement, OpenText also used its bi-annual solutions and updates release to announce a bevy of updates to its security portfolio.

Barrenechea continued to emphasize the importance of security in his keynote, saying that security needs to be “job #1”.

“It has to be all the way from the boardroom, to the CEO, to the company leadership team, the dev-ops team, in engineering, in the human behavior,” he said.

With this in mind, he noted that this same prioritization of security needs to be applied to software.

The updates to OpenText’s security platform include:

  • Threat Hunting Service is a new service which provides customers with a team of OpenText security experts using EnCase Endpoint Security and Magellan to aid in the quick identification, monitoring, and remediation of threats.
  • EnCase TM Endpoint Security improves endpoint detection and response capabilities to assist security teams in finding and removing threat actors from networks in quicker turnaround times.
  • EnCase TM Forensics delivers updates to indexing and search capabilities. The update also allows users to browse the Apple File System snapshot as well as access a collection of Microsoft OST artifacts.
  • Tableau Forensic Imager will now provide users the ability to pause and resume any forensic imaging jobs, even after a power cycle.

New solutions from OpenText

While the first day of OpenText Enfuse 2019 saw a number of updates to existing solutions and portfolios, the company did announce two new applications.

The first one was Core for Federated Compliance – available now for Documentum – which is a centralized application designed to provide oversight of the records policies across a multitude of content repositories.

The second new release was Core Experience Insights. This SaaS application is designed to provide marketing departments with visibility over the customer experience journey. This includes website interactions, social media content, email engagement, and call centre performance.

Old apps moving to the cloud

In his keynote, Barrenechea pointed out in the last year, venture capital funds invested zero dollars to on-premise software, while cloud software received 100 per cent of software investment.

And with that in mind, several of OpenText’s top existing solutions are getting the cloud-native treatment. This includes Content Services, Content Suite Platform, Documentum, Extended ECM Platform, and InfoArchive.

This will bring with it automatic updates and the ability to run the apps both on and off the cloud. The company said in its release that it is looking at this as a big step towards the launch of OpenText Cloud Editions in 2020.

It is likely that we will see much more of this in the future as Barrenechea explained that he believes everything (not just OpenText solutions) will be in the cloud in the next five to six years.

EIM solutions updates

It wouldn’t be an Enfuse event without some announcements about OpenText’s enterprise information management solutions. Updates to the portfolio include:

  • Automated machine-translations of documents in global investigations and automated sentiment analysis were added to Axcelerate – OpenText’s platform for eDiscovery and investigations – in partnership with Veritone.
  • eDocs – OpenText’s electronic document management solution – has been updated to include AI-powered search.
  • Web Content Management Solution now includes content suggestion generation and translation.
  • Updates to Extended ECM Platform will allow users to automate multiple simultaneous content-driven processes through asynchronous processing.
  • Vendor Invoice Management will now be able to automate content-related processes, powered by machine learning and optical character recognition.
  • New integrations between the Experience portfolio and Hightail, Google Translate, Brightcove’s video hosting platform, Salesforce, the Salesforce Marketing Cloud, and SAP.
  • New integrations for Documentum for Life Sciences with Microsoft SharePoint Online and OpenText’s Contract Center is now integrated with SAP.
  • New visualizations in Magellan Analytics Studio.
  • New authoring tools in Exstream – OpenText’s customer communications management platform.
  • A new mobile app for Documentum – OpenText’s ECM suite.

Legal solutions

OpenText’s legal industry solutions also received updates, including:

  • New AI features like sentiment analysis and entity extraction powered by Magellan – OpenText’s AI and analytics platform – for Axcelerate, allowing for the automatic detection of people and places referenced in sets of documents while organizing communications by tone and emotional language.
  • Axcelerate has added automated machine translations powered by Veritone’s aiWARE – an AI operating system – which will automatically translate over 29 languages to English.
  • eDOCS MindServer – OpenText’s AI-enhanced search engine that powers OpenText
    Axcelerate – is being added to the legal portfolio to securely crawl and index information to draw out relevant information without the need to know precise keywords.

OpenText acquires Carbonite for $1.42 billion

Waterloo-based OpenText, an information management software company, officially confirmed its acquisition of Carbonite, a cloud-based data protection and security software solution provider.

The total purchase price is US$1.42 billion. Currently, outstanding Carbonite shares are set to be purchased for US$23.00 per share in cash, although this offer has not yet commenced. The acquisition cost also includes all of Carbonite’s outstanding debt.

Carbonite marks another key acquisition made by OpenText to enhance its security services. Through the acquisition, OpenText is looking to strengthen its security offerings in data loss prevention, digital forensics, endpoint security portfolio.

OpenText’s other significant acquisitions include Guidance, the makers of the enCase forensics software.

“This acquisition will further strengthen OpenText as a leader in cloud platforms, complete end-point security and protection, and will open a new route to connect with customers, through Carbonite’s marquee SMB/prosumer channel and products,” said Mark J. Barrenechea, OpenText chief executive officer. “We are very excited about the opportunities that Carbonite will bring, and I look forward to welcoming our new customers, partners and employees to OpenText.”

In its press release, OpenText wrote that it expects a significant expansion of cloud revenues, cloud margins, and cash flows in fiscal 2021.

The transaction is expected to close within 90 days.

 

 

The Seqrite Arsenal: Understanding how our solutions protect every aspect of the enterprise

Estimated reading time: 3 minutes

Seqrite is the enterprise security brand from Quick Heal, a leading IT security solutions company with over 25 years of experience in computer and network security solutions. Backed by Quick Heal’s cutting-edge expertise of producing cybersecurity solutions for more than two decades, Seqrite provides enterprise security solutions which are defined by innovation and simplicity and are a combination of intelligence, analysis of applications and state-of-the-art technology.

Inspired by Seqrite’s vision to be the trusted global leader in securing the Digital World, Seqrite provides a range of solutions to protect against all types of internet attacks and intrusions.

  1. Endpoint Security (EPS)

Seqrite Endpoint Security (EPS) is a powerful solution offering endpoint protection for enterprises. EPS integrates innovative technologies like Anti Ransomware, Advanced DNA Scan and Behavioral Detection System to protect enterprise networks from today’s advanced threats.

Key features of EPS:

  • Advanced Device Control – Allows configuration of policies for various device types
  • Application Control – Allows control of unauthorized applications within the network
  • Web Filtering – Websites can be blocked individually or as per categories to limit web access for employees
  1. Seqrite Encryption Manager (SEM)

Seqrite Encryption Manager (SEM) is a one-stop solution for enterprises to reinforce their data security. It is an encryption tool which provides enhanced data privacy solutions, fostering to increase customer confidence. Compliant with international data protection laws, SEM’s comprehensive encryption suite offers robust data protection for desktops and servers, onsite as well as offsite.

Key features of SEM:

  • Full Disk Encryption – Entire hard disk inclusive of user files, system media and operating system files can be encrypted
  • Secure Data Access – Encrypted files can be easily accessed while travelling from removable storage on a system without an encryption agent
  • Fail-Safe Mode – In case of unauthorized access, the machine is blocked and network administrators are notified
  1. Seqrite Cloud

Seqrite Cloud is an advanced integrated solution for managing multiple endpoint security and unified threat management products deployed at different locations. Using the cloud, IT administrators can easily take actions like viewing latest security statuses, configuring policies and managing critical network events.

Key features of Seqrite Cloud:

  • Single management console – Offers a centralized console to manage the overall health of distributed enterprise network
  • Cloud Dashboard – Remote navigation through associated Seqrite UTM and EPS products is convenient through the dynamic, graphical dashboard
  • Policy-based Security – Seqrite Cloud allows administrators to maintain one consistent policy on a network by applying one product’s policy to another.
  1. Seqrite mSuite

Seqrite mSuite offers a powerful solution for an enterprise’s mobility management needs. Powered by GoDeep.AI, the most innovative AI-powered malware hunting engine, Seqrite mSuite revolutionizes the way malware is detected, enabling network managers to have total control over all apps installed on official devices and much more.

Key features of Seqrite mSuite:

  • Device Management – Single console management for all devices, enabling easy enrolment of devices and much more within minutes
  • Security Management – Seqrite mSuite combines comprehensive mobile security and anti-theft with built-in anti-virus and the ability to remotely wipe data on devices
  • App Management – Enterprise admins can manage and secure apps on all devices by blacklisting or whitelisting apps and pushing updates seamlessly
  1. Seqrite Unified Threat Management (UTM)

When it comes to gateway security, Seqrite Unified Threat Management (UTM) is a one-stop solution for all business network security needs. UTM acts as the first line of defence keeping networks secure and ensuring employees can focus purely on productivity and business performance.

Key features of UTM:

  • Firewall – Access for traffic between internal and external networks can be seamlessly blocked or granted based on enterprise compliance policies
  • Intrusion Prevention System – Network traffic is scrutinized in real-time and a wide range of Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks are blocked before they can reach the network
  • Gateway Antivirus – All incoming and outgoing network traffic is scanned at the network level
  1. Seqrite Secure Web Gateway (SWG)

Seqrite Secure Web Gateway (SWG) is an intuitive, policy-controlled solution for network security by enabling enterprises to filter unwanted software or malware from user-initiated Web/Internet traffic, helping to enforce corporate and regulatory Internet compliance.

Key features of SWG:

  • Data Loss Prevention (DLP) – Uploading of sensitive content like chat servers, banner servers, etc. is easily controlled through the DLP feature
  • URL Filtering – Malicious websites, URL domains or phishing websites are easily blocked through URL filtering
  • HTTPS Inspection – SSL security breaches are prevented through the detection of compromised HTTPS websites

Give your enterprise the Seqrite advantage by leveraging the array of powerful cybersecurity solutions which will protect every aspect of the enterprise, whether it’s data security, network protection or endpoint security.

The post The Seqrite Arsenal: Understanding how our solutions protect every aspect of the enterprise appeared first on Seqrite Blog.