Tag Archive for: introduces

Microsoft introduces Azure Sentinel updates, a mobile security app, new certifications, and much more

/in


Although the flagship launch at Microsoft Ignite, which wound up on Wednesday, was the flashy Microsoft Mesh, there were many security-focused product and feature announcements that should bring a smile to admins’ faces. Here’s a look at some of what’s here now and what’s coming.

Generally available

Passwordless authentication for cloud and hybrid environments. Azure AD lets users sign in with biometrics or a tap using Windows Hello for Business, the Microsoft Authenticator app, or a compatible FIDO2 security key from Microsoft Intelligent Security Association partners such as Yubico, Feitian, and AuthenTrend. With Temporary Access Pass, now in preview, you can generate a time-limited code to set up or recover a passwordless credential.

More than 30 new connectors for Azure Sentinel make it easier to collect data across all cloud environments, including Salesforce Service Cloud, VMware, and Cisco Umbrella. It also has new security orchestration response (SOAR) playbooks to create automation rules, block suspicious IP addresses in Azure Firewall, isolate endpoint devices with Microsoft Intune and update a user’s risk state with Azure Active Directory Identity Protection. There are also improvements in data ingestion and enhanced analytics.

Now in preview

Windows Server 2022, to be available this calendar year, will allow customers to run applications on Azure, on-premises, or at the edge. Along with its increased functionality, it will boast a couple of appealing security features. The key one is the Secured-core server, which uses hardware, firmware, and operating system capabilities. It includes Trusted Platform Module 2.0  (TPM 2.0) to provide hardware root-of-trust, firmware protection, and virtualization-based security. The Windows Admin Center security tool (also in preview) will report on the Secured-core features and enable them where applicable.

 

More Ignite coverage:

Microsoft Ignite 2021: More Teams updates and enhancements [Full story]

Microsoft announces three new industry-specific cloud offerings [Full story]

Microsoft launches Mesh mixed reality platform at Ignite [Full Story]

 

Edge Secured-core will apply Secured-core security to IoT devices.

A unified mobile…

Source…

Boost Mobile Introduces New “Privacy Premium” with Secure Wi-Fi by Mobolize

/in


Boost Mobile today introduced a new “Privacy Premium” offering that includes Secure Wi-Fi. This popular application incorporates Mobolize’s Data Management Engine with SmartVPN® technology. Secure Wi-Fi automatically protects users’ personal data when connected to Wi-Fi.

The Covid-19 pandemic has led to a rise in cyber criminality creating a greater need for privacy services, especially on mobile devices. There has been an almost 75% increase in ransomware and mobile vulnerabilities have grown 50%, according to many industry reports including Skybox Security. Boost Mobile, together with Mobolize, enables users to keep their data safe as they email and browse the web.

“Boost recognizes their customers’ growing need for a secure mobile experience and responded with a ‘Privacy Premium’ offering that includes Secure Wi-Fi by Mobolize,” said Colleen LeCount, Chief Revenue Officer, Mobolize. “We’ve seen an increased security threat for mobile users and are proud to partner with Boost Mobile to help customers avoid identity and data theft.”

Secure Wi-Fi uses Mobolize’s SmartVPN® to intelligently manage data, including encrypting only unencrypted data. This increases security efficiency and maximizes device performance, including minimal impact on battery life.

Boost’s “Privacy Premium” also includes Call Screener Premium, which identifies, reports and blocks unwanted spam calls; and Premium Visual Voicemail, which lets users manage and review their voicemail including transcribing them into text. This value-added service gives customers full digital protection on their Android phones in one convenient add-on for $5.99 per month.

About Mobolize

Mobolize enables mobile operators, service and technology providers to deliver security, connectivity and optimization solutions that enhance the mobile data experience. By using our patented Data Management Engine, which is deployed on the mobile device, providers can deliver value-added services and extend security solutions to meet the growing demand for smart security and connectivity on mobile endpoints. The result is enhanced protection and an improved mobile data experience for business and consumer users, while increasing…

Source…

Transmit Security Introduces Fully Passwordless Authentication Solution

/in


Transmit Security is looking to accelerate the end of passwords with the release of a completely passwordless security solution. BindID offers support for face and fingerprint recognition, taking advantage of the sensors and cameras that come embedded in modern IoT devices.

Transmit Security Introduces Fully Passwordless Authentication Solution

Unlike other solutions, BindID does not require the use of a dedicated app. Instead, organizations can integrate BindID into their existing infrastructure through the use of open standards and APIs, allowing customers to authenticate themselves and gain access to personal accounts and corporate materials with secure device biometrics.

The solution is compatible with virtually any connected device, and can also be used to protect channels and devices that do not have their own biometric scanners. In those cases, customers can use the biometric authentication features on their own mobile devices to verify their identities. As a result, BindID can be used to secure call centers and web channels in addition to individual devices and workstations.

Transmit is hoping that BindID will motivate companies to drop passwords as an authentication option, noting that most access control solutions still allow users to sign in with passwords should they choose to do so. BindID is intended as a full replacement, to the point that organizations would be able to delete all of the passwords in their database, and eliminate the security threat that they represent, once they decide to implement it.

Transmit went on to argue that businesses that adopt BindID will generate more revenue and garner more goodwill with a better customer experience. In that regard, the company cited a recent FIDO Alliance survey that found that roughly 60 percent of consumers have abandoned an online purchase as a direct result of the hassle associated with passwords.

“BindID marks the end of the password era,” explained Transmit Co-Founder and CEO Mickey Boodaei. “Users can authenticate through their mobile or any biometrics-enabled device without the need for an authentication app.”

BindID arrives several years after the 2017 debut of the Transmit Security Platform, which was Transmit’s previous mobile authentication offering. Trasmit is one of the…

Source…

Apple iOS 14 introduces BlastDoor Sandbox security system to iMessage

/in


Smart tech. For smart India.

Now with incredible offers on dell.co.in

Click here to know more

Advertisements

In the past, there have been various instances where security researchers revealed that a “string of texts” received over SMS could crash your phone or worse, send it into a boot-loop. These kinds of exploits have been reported at least once every year for both iOS and Android smartphones but turns out, iOS 14 has a way to thwarting these kinds of exploits for good, thanks to a system called BlastDoor.

Discovered by a Google Project Zero researched named Samuel Groß, BlastDoor works by parsing all the data contained in an iMessage in a secure sandbox, isolated from the rest of the operating system. By doing so, the contents of the iMessage, if nefarious, won’t have an impact on the OS. All apps installed on an iOS device exist in their own sandboxes, which governed by very tight policies. The BlastDoor sandbox for iMessage has been designed to thwart most exploits which either use brute force or exploit the shared cache on iOS.  Groß says he found the existence of BlastDoor when investigating a hacking campaign against Al Jazeera journalists. There were instances where the hacks did not work and the common thread appeared to be the fact that they were running iOS 14 on their iPhones.

While BlastDoor sandbox definitely makes iMessage more secure, it does not do much for the traditional SMS. Last year in April 2020, a text-based exploit was discovered which could be initiated via a normal SMS. A string of characters written in Sindhi when received as an SMS would freeze iOS completely, rendering the person’s iPhone/iPad completely useless till the OS would crash, and the device could be rebooted. This was due to a bug in iOS, one which Apple has since fixed, but it highlights how the short messaging service format is still a likely vector for delivering exploits.

Messaging apps have been a popular point of intrusion into smartphones for several years now. We’ve seen text message string crash phones, brick them permanently, lock them temporarily, and in one case, even serve as a means of gaining full access to the device. The now infamous Pegasus…

Source…