Tag Archive for: encrypted

Kingston’s New Encrypted SSD Unlocks Via Touch Screen

/in


Kingston’s latest encrypted external SSD is designed to be as friendly for consumers to use as it is devilish for hackers to try and crack.  The new Kingston IronKey Vault Privacy 80 External SSD VP80ES unlocks like a smartphone, with its intuitive touchscreen, and then enables simple drag-and-drop file transfers. Meanwhile, hackers face a FIPS 197 certified OS-independent device which safeguards against Brute Force attacks and BadUSB with digitally-signed firmware and XTS-AES 256-bit encryption.

Many storage devices you can buy nowadays come with some kind of encryption tools bundled, or if not you can use BitLocker (might be an extra to pay for depending on your version of Windows). However, some of the software is OS specific, or it will require you complete a number of preparatory tasks some users will be tempted to put off until ‘later’. Kingston reckons its IronKey Vault Privacy 80 External SSD VP80ES addresses all these weaknesses, and is a friction free alternative to secure data storage needs for any platform.

Source…

WatchGuard’s mid-range firewalls protect small and midsize businesses against encrypted malware

/in


WatchGuard Technologies released new Firebox M290, M390, M590, and M690 unified threat management appliances for small and midsize businesses. These new firewalls deliver increased security and the fastest performance of any mid-range Firebox appliance, with the processing power to handle encrypted and HTTPS traffic.

In addition, new expandable ports and integration with WatchGuard Cloud enable these firewalls to offer the flexibility needed to accommodate changing networking and security needs for customers and service provider partners.

As the threat landscape evolves, performance and flexibility are both critical for organizations looking to secure their network. Our recent Q2 2021 Internet Security Report found that more than 91% of malware attacking networks is encrypted,” said Corey Nachreiner, CSO at WatchGuard.

“It’s therefore essential for small and midsized organisations, or the partners servicing them, to have security solutions capable of processing encrypted traffic without negatively impacting overall performance. Our new mid-range M Series appliances deliver this capability and provide tools to simplify the deployment and ongoing management of these solutions as part of our WatchGuard Unified Security Platform.”

In another example of WatchGuard’s commitment to cross-platform integration, it’s easy to deploy, manage and create policies for these new Fireboxes from WatchGuard Cloud. Service providers can share configurations across multiple appliances and clients via templates and deploy appliances remotely from the Cloud.

A cohesive 30-day view of log data, fast log search and automated reporting greatly increases visibility. In addition, the new Firebox appliances integrate seamlessly with other solutions across the WatchGuard portfolio – including AuthPoint multi-factor authentication, WatchGuard Wi-Fi Access Points, and ThreatSync endpoint-network telemetry – to greatly simplify traditionally complex security management.

The new Firebox M290, M390, M590 and M690 appliances offer several enhancements and benefits including:

  • Faster and more powerful. Each appliance has been designed to optimise HTTPS content inspection throughput, which…

Source…

More Than 90% of Q2 Malware Was Hidden in Encrypted Traffic

/in


Organizations that have not implemented controls for detecting malware hidden in encrypted network traffic are at risk of having a vast majority of malicious tools being distributed in the wild, hitting their endpoint devices.

A study of threat activity conducted by WatchGuard Technologies using anonymized data gathered from customer networks showed 91.5% of malware detections in the second quarter of 2021 involved malware arriving over HTTPS-encrypted connections. Only 20% of organizations currently have mechanisms for decrypting and scanning HTTPS traffic for malware, meaning the remaining 80% are at risk of missing nine-tenths of the malware hitting their networks daily, WatchGuard said.

Corey Nachreiner, chief security officer at WatchGuard, says one reason why more organizations have not enabled network-based HTTPS decryption controls is because of both the perceived and somewhat real complexity of this setup. 

“[For] man-in-the-middle decryption to work without messing up the sanctity of the HTTPS certificates that secure that traffic, you have to set up an intermediate or root CA certificate that is part of the official certificate verification process,” he says.

There are multiple ways to do this, some of which are tricky and others not as complicated. 

“In short, it does take some work to do this the first time — and create exceptions so it starts working well — which is why some don’t make the effort,” Nachreiner says. “But we firmly believe it is worth the effort because otherwise your network security will miss a lot.”

The data point on encrypted malware is one among several in a report WatchGuard released this week that highlighted troubling trends for organizations on the malware front.

WatchGuard’s analysis, for instance, showed the number of script-based, or fileless, attacks in the first six months of this year alone had already reached 80% of the total for all of 2020. Data from last quarter suggested that fileless malware is on track to double in volume this year compared with 2020. 

Like encrypted malware, fileless attacks, such as those involving the use of JavaScript, PowerShell, and Visual Basic, are another threat not easily detected by some…

Source…

Free ‘REvil’ Decryption Software Will Be Available For People Whose Computers Are Encrypted Before July 13

/in


REvil ransomware affected many users around the world, especially when it struck Kaseya over the past months. The common modus of the gang behind the REvil attack is to make the victim pay the ransom before the group decrypts the system.

Now, BitDefender released a free decryption tool for the victims who were previously hit by the REvil malware.

Free Decryption Tool For REvil Ransomware

BitDefender Releases Free Decryption Tool For REvil Ransomware

(Photo : Sigmund from Unsplash)
For those users who were affected by the previous REvil ransomware attacks, you can use a free decryption tool made by Bitdefender.

Dealing with malware like in the case of REvil could be difficult for users who have little to no knowledge about dealing with it.

REvil ransomware gang is notorious for forcing its victims to pay corresponding money in exchange for a master decryptor tool for their computers.

Cybersecurity firm Bitdefender confirmed that it has released the latest decryption software for REvil.

The good news is the victims can get it for free.

Bitdefender made it possible through the help of an unknown agency concerned with law enforcement. When the Romania-headquartered firm was asked about the specific name of its collaborator, it declined to comment.

The company has been tight-lipped on how it arrived with a free master decryption key for all REvil victims. It only said that there was an ongoing investigation about the malware.

The REvil decryption software could be used by those people who were hit by the malware, but there’s a catch. Those who have their computers encrypted by the malware before July 13 should be able to use it.

Bitdefender Warns Users About Returning REVil Attacks

According to a report by SlashGear on Friday, Sept.17, Bitdefender shared that the Ransomware-as-a-Service (RaaS) operator of REvil could possibly come from a CIS nation.

Furthermore, the dangerous malware began in 2019 when it has become proxy ransomware of the GandCrab, which was now non-existent.

However, the attacks linked to this malware were reportedly happening once again.

Most importantly, REvil ransomware dwells on the depths of the dark web to infect many tech companies.

You can download the free decryption software…

Source…