Connect with us


Sepio Systems introduces an end-to-end solution that protects organizations against rogue hardware cyber-attacks



Sepio Systems, a leader in the Rogue Device Mitigation (RDM) market, introduces the next generation software solution that offers comprehensive mitigation of hardware-based cyber-attacks.

The advanced mitigation capabilities protect against manipulated peripherals, transparent network devices, and firmware vulnerabilities.

Sepio’s solution has been deployed in over 20 mid to large banks, insurance, and telecom companies in the U.S., Singapore, Brazil, and Israel. The current install base secures over 600,000 workstations and network ports.

Rogue device cyber-attacks are rapidly growing as demonstrated by recent reports of European banks losing tens of millions of dollars after hackers implanted hardware attack tools that compromised the secured infrastructure.

“These attacks are just the ‘tip of the iceberg’ as most remain undisclosed.”, said Yossi Appleboum, CEO of Sepio Systems Inc. “In many cases, hitting an organization is as simple as replacing a trusted peripheral with a manipulated one. For example, we discovered multiple Raspberry Pi computer modules, that include wireless connectivity, implanted in keyboards that were used for exfiltration attacks. The implant was emulating keyboard keystrokes to infect the workstation and steal data and was running undetected before Sepio’s RDM was deployed.”

In another incident, an off-the-shelf network router was used for infiltrating a Tier 1 bank. This tiny device was plugged in-line between a printer and the enterprise network, allowing covert remote access into the bank’s IT systems. Sepio’s software was able to trace this rogue device based on its physical fingerprint.

“Manipulated devices, intentionally used by insiders or socially engineered employees, are causing significant damages. We also witness an increasing number of penetrated uncontrolled supply chains that deliver infected equipment,” said Appleboum. “While companies were focused on their software cyber risks, they overlooked the threat coming from their hardware. Users can not install unregulated software on a corporate computer but can easily connect an uncontrolled hardware accessory.”

About Sepio Systems

Sepio is disrupting the cyber-security industry by uncovering hidden hardware attacks.

Sepio Prime provides security teams with full visibility into their hardware assets and their behavior in real time. A comprehensive policy enforcement module allows administrators to easily define granular device usage rules and continuously monitor and protect their infrastructure. Leveraging a combination of physical fingerprinting technology together with device behavior analytics, Sepio’s software-only solution offers instant detection and response to any threat or breach attempt that coming from a manipulated or infected element.

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *


AR & VR Will Continue To Exist In Cloud; A Point-to-Point Reasoning!




Augmented Reality (AR) and Virtual Reality (VR) technologies are coming right down to earth with countless advancements and effective upgradations to ease the individual’s life. Technology is nearly thought of as a brain within the current generation. It has conquered each sector within the overall trade, significantly for coaching functions construction. The analysis says maximum organizations are still running their businesses without referring any kind of technology and thus failing to succeed in the expectations of simple work done.

The immersive experience is often thought of the propulsion in customer experience. Once a customer tries to shop for a house they may enjoy a VR tour associated or an AR sight of various piece of furniture within the area. Fashion retailers are already giving customers AR projections of however garments can look on them. Merchandise can become a lot of real for customers, and also the idea of ‘try before you buy’ can wrestle a full new meaning.

However, a lot of widespread XR adoption faces a serious obstacle within the present; a scarcity of appropriate IT infrastructure. 5G networks, already being trialed by EE and Vodafone, are instrumental in delivering these immersive experiences to customers, however, the applications still have to be compelled to behold on somewhere.

While they disagree on the scale, XR experiences are digital worlds in themselves. Several AR even bedded on high of our own universe, emulating its complexness. These services need to associate a large quantity of knowledge to control one thing that ancient information centers can struggle to contain. The challenge is just increased if user interaction and contributions are inspired. As users increase this digital world, the number of knowledge hold on will increase exponentially. Brands can like environments that may scale with these growing mountains of knowledge.

XR experiences have to be compelled to grip low-latency as a user would hardly stay up for the knowledge to load. The effective magic of associate AR app like WallMe is immediacy; messages written by the WallaMe community and hidden within the world are delivered in close to period. If a user had to attend whereas the service accessed their geo-location info and afraid across many siloed databases for the content they wished to visualize, the novelty would quickly wear off.

To some extent, customers can stay up for the content they require if they need one thing to distract them, think about the last time you reached for your phone whereas looking forward to a webpage to load or throughout a broadband delay. However, once all the user will see could be a loading screen you can’t hope to carry their attention for long. XR has the potential to remodel client interaction, however, the expertise is compromised as long because it rests upon inheritance physical infrastructures.

The front-end, mass XR client experiences of the long run are underpinned by high-capacity cloud-native apps. These are applications developed specifically for the cloud, absolutely utilizing its flexibility and power. Applications, information, and memory will all behold on in cloud environments, able to be streamed to customer’s on-demand through tomorrow’s 5G networks.

The cloud permits businesses to scale infinitely with demand. As XR applications grow in quality, corporations can like a lot of cupboard space for each application and also valuable information – personal and activity info – that customers share with them. In an exceedingly physical setting, you’d have to be compelled to endlessly purchase a lot of physical infrastructures to stay pace, however within the cloud it’s as simple as getting another virtual instance. Once demand begins to dip once more this instance are often changed, making certain the corporate isn’t paying for the capability it not desires.

Cloud-native principally functions to supply corporations the power to deploy innovations and repair updates in associate undisturbed and constant flow cycle, and at a hyper-scale capability. For advanced immersive services, like VR games, this is often crucial. Significantly for associate economic engagement rate, corporations have to be compelled to systematically introduce new options all the time to make sure XR apps mirror their ever-changing businesses. Cloud-native apps deliver a perpetually contemporary, low-latency experiences for users, very important for XR applications.

Immersive XR can before long be incoming within the market. We are able to see a daily technological spicy update on ever-changing algorithms, upbringing advancements, or fixing bug errors. 2019 are the year, individuals can nearly sense the fact of technology in an exceedingly excellent manner which might profit them in each attainable actions. The on-going technology now could be to travel regarding commoditizing. 5G and cloud-native can create AR and VR client experiences actually viable. Cloud is taken into account because the key to form XR reasonable for businesses and plausible enough to satisfy the client.

Continue Reading


Cyber-security Innovation Highlights How Digital Transformation Is Minimizing The Data Risk



There have been spicy talks taking place in the industry about the ongoing security attacks, frauds and cyber threats in the big shot organization. Witnessing the data loses, most of the enterprises have been focusing on their developments and upbringing advancements in the digital transformation based on the adoption of leading-edge ICT technologies such as cloud computing, Big Data, and the Internet of Things (IoT). Earlier this year, Wannacry ransomware attack; considered as one of the most effective cyber-attack critically effecting cyber-security blown up the targeted computers running the Microsoft Windows operating system by encrypting data and demanding ransom payments in the Bitcoin cryptocurrency affected key organizations all across the globe such as UK-based National Health Service (NHS). Soon in a row, SWIFT international transactions system was also a victim which was trapped by the fraudulent cyber-attack in February 2016 and resulted with the loss of $81 million from the Bangladesh Central Bank.

The question arises how cyber-attacks are taking place. Discussing the situation of previous years, cyber security for SMMEs generally come along to the decision around which anti-virus software to be preferred. As far as anti-virus was reputable, and kept up-to-date, a business leader selected the cybersecurity box as it the most reliable and affordable in the costing.

As business began to transform with huge internet users, the cyber threat level began to escalate. By which social media platforms, personal email communications were easily accessible.

These ongoing cyber-attacks highlight the essentials of cybersecurity as an integral element of an organization’s digital transformation strategy. The time has arrived to understand the main drivers and bring advancements in the cyber security solutions to provide protection to the cybersecurity industry and keep our confidential data at a safer place.

Immediate Need for Trusted Anti-Virus Software

With the maximum count of internet connectivity in an organization, hackers and fraudsters can easily adapt the targets of soft internet users for online scams. However, creating an email marketing plan with the help of spreading advertising junk emails, this usual version of scams prompted businesses to install spam filters along with the trusted anti-virus software.

Resulting in these attacks, business leaders had to avoid using risky website which can harm the business and protect the data from to get it to leak. However, the conclusion lies to stay away from such advertising emails and infected sites.

As organizations are looking forward to bring up digital transformation and introduce new technologies security issues are promptly going to take place. According to the sources, it has been graphed that around 85 percent of CISOs confirmed that security issues during digital transformation had an immense business impact. Due to the increasing adoption of new technologies, IoT and multi-cloud environments have substantially escalated the attack surface and the number of entryways into a network. This can only be proved if organizations have no visibility into user, system and network behavior.

Following are the three key areas where organizations are witnessing threat management and illegal operations:

Lack of Visibility: This challenge is considered as the result of a legacy of non-integrated, siloed multi-vendor point defense products.  To secure complex, hybrid clouds, enterprise data centers, highly distributed environments spanning remote branches, security teams should maintain cohesive visibility to identify anomalous behavior and rapidly mitigate threats.

Polymorphic Attacks: This is a sophisticated attack who holds an ability to change and avoid detection by traditional security solutions. This style of attack has become common with 85 percent of respondents calling it an extremely huge challenge.

DevOps: Integrated DevOps teams and processes have efficiently allowed organizations to keep up with the continuous delivery flow and integration pipelines expected today.

Digital transformation is more likely creating a focus on privacy protections and greater compliance requirements. As cyber-attacks have become more sophisticated and damaging regulatory bodies have established more rigorous rules and guidelines to protect consumer data and personally identifiable information (PII). As a result, organizations must be mindful of compliance requirements and turn to best-in-class, processes, certified products, and people to ensure a reasonable level of risk management.

Successfully Securing Digital Transformation

The research prompts that in the past two years, the average organization has encouraged an attack that resulted in data loss or compliance issues. However, it’s worth noting that several organizations did not suffer any data loss, outages due to superior security preparedness, and compliance issues.

The several approaches stand out as leading practices, as it grabs more success in withstanding the attacks of the organizations.

  • Integrating systems to create a unified security architecture
  • Threat intelligence across the organization
  • Adding safeguards on every network
  • Automating maximum of their security practices

Coming on to the conclusion, the digital transformation will efficiently continue to impact how organizations approach business and technology. Organizations should adjust their approach to security confirming to protect the networks.

Continue Reading


CBSE to add Artificial Intelligence, Yoga in its curriculum from next session



New Delhi: The CBSE will introduce Artificial Intelligence (AI), Early Childhood Care Education and Yoga as new subjects in school curriculum from academic session 2019-2020, an official said. The board’s governing body has decided at a recent meeting to introduce these three subjects in upcoming session, he added.
“The CBSE is introducing artificial intelligence as an optional 6th subject at Class IX from the session 2019-2020 onwards. To enhance the multidisciplinary approach in teaching learning and also to sensitise the new generation, it was decided that schools may start AI “inspire module” of 12 hours at Class VIII itself,” the senior board official said.
According to his notification, the board has also decided to introduce yoga and early childhood education as elective subjects at senior secondary level from this session.
The official said, “The decision was taken considering the demand of schools supplemented by various reports that projected the huge requirement of yoga professionals and early childhood educators.”Additionally, as per norms, a skill subject, at the secondary level, may be offered as additional sixth subject along with the existing five compulsory subjects.
Furthermore, if a student fails in any one of the three elective subjects (science, mathematics and social science), then it will be replaced by the skill subject (offered as a 6th subject) and the result of Class X will be computed based on best five subjects.
But, if a student wants to reappear in the failed subject, he or she may appear along with the compartment examination. Also the secondary board has asked all schools to offer any one or more skill subjects as elective subject out of the 42 subjects for students of class IX and XI and start offering the same from the academic session 2019-20.
“The board will provide necessary support and guidance towards training and capacity building of teachers and other aspects for the successful implementation of skill subjects from time to time,” the official said.

Continue Reading