Today organisations are in constant demand of enhanced networking requirements owing to newer trends in technology including virtualization, converged networks, need for faster access to stored data, new breed of network-intensive applications, and more. But often most organizations are forced to design their networks around their existing security appliances due to the limited I/O interfaces, resulting in connectivity options becoming a bottleneck in network upgrades.
Cyberoam’s Flexi Ports are designed to offer easy and cost-effective option for future network/technology upgrades in organizational networks, making them future ready. The new appliances offer flexible network connectivity with I/O slots that allow additional Copper/Fiber 1G/10G ports on the same security appliance, allowing organizations to upgrade to new technologies easily and cost-effectively. Cyberoam has introduced this innovative feature with CR200iNG-XP and CR300iNG-XP UTM appliances for SMEs and will soon extend it for enterprises.
With Cyberoam FleXi Port (XP) appliances organisations can meet both the cost and performance needs of growing networks by easily migrating to newer technologies without worrying about their existing hardware and security investments.
For SMEs, this offering comes as great news especially for those who want to shift to Fiber 1GbE/10GbE connectivity, as Cyberoam FleXi Port appliances will give them freedom from forced purchase of higher end security appliances to get desired network interface modules. As far as enterprises are concerned, Cyberoam FleXi Port appliances will offer them the freedom to design their networks as per their requirements and not get bounded by the lack of I/O interface options in their security appliances.
Cyberoam’s FleXi Ports offer benefits of power efficiency, reduced network complexity and reduced operational costs by consolidating the number of devices in a network. So all-in-all Cyberoam FleXi Port appliances not only bring in flexibility in network connectivity but also offer freedom, reduced costs and higher efficiency.
For more information on Cyberoam FleXi Port in NG series appliances visit
The Blackhole exploit kit is currently the most prevalent web threat, says Wikipedia. Cyberoam’s Internet Threat Trend Report prepared in collaboration with Commtouch for the first quarter of 2013, also states the extensive usage of Blackhole exploit kit during the first quarter of 2013.
A detailed analysis of the trend discloses which categories of websites were most likely to be compromised with malware – such as the examples in the discussion of the Blackhole exploit. The analysis concluded that the first quarter of 2013 saw extensive use of the Blackhole exploit kit. The kit was installed on target websites allowing the installation of drive-by malware.
To begin with, let’s first understand what a ‘Pump & Dump’/’Penny Stock’ Scam is. By definition a ‘pump and dump scam’ is the illegal act of an investor or group of investors promoting a stock they hold and selling once the stock price has risen following the surge in interest as a result of the endorsement. Reports of such Pump and Dump scam had emerged 5 years ago, under the banner of International Online Brokerage “Hack, Pump and Dump” Scheme. According to the Department of Justice, at least 60 customers and nine brokerage firms had been identified as victims with losses of approximately $300,000, then.
It made headlines when Google – the high and mighty search engine company – was attacked a couple of years back. Google called a press conference to declare the theft of its Intellectual property and traced the attack routes to China. This was all Google declared. A lot of questions remained unanswered and analysts in security industry needed to find them. After all such a breach is no ordinary event and could offer insights into the shifting threat landscape that could prove vital to security response.
The Company did mention in the passing about a few human rights workers of China and their Gmail accounts being compromised. But experts in the security industry, who followed the event, knew that it was not about the e-mails of few human rights activists. The headlines died out even more quickly, than it appeared, from the public memory.
The ‘Internet of things’ is a term that describes a future where everyday physical objects are connected to the Internet and opens up unimagined possibilities ─ good and bad. A glimpse of the bad can be found in recent ATM heist wherein $45 million were robbed from 2000 ATM machines across more than two dozen countries in a day!!!!! This story is meant to give you an insight on 21st century cyber crime scenario and what the future holds. Apprehending the future of our connected life is one big step towards a secured online life.
The dust has hardly settled on the cyber attacks on Iranian nuclear program that brought out the infamous Stuxnet worm into the open, and Cyber warfare seems to be already leaping into a new era- an era of hacking drones. Drones are nothing but unmanned aerial vehicles (UAVs) and are of strategic importance to military and intelligence arms of nation states. Hacking into aerospace, defense, and telecommunications organizations was so far not too common but security experts of late have observed a series of such attacks and termed it operation Beebus. Operation Beebus seems to have stolen data from several companies regarding all aspects of unmanned vehicles (drones) from research to design to manufacturing of the vehicles and their various subsystems.
It has been barely a month after vulnerability researchers at Cyberoam Threat Research Labs revealed an extensive investigation on BitCoin mining malware. The CTRL team has yet again found a new malware sample [MD5: fac01db6348df89757c8c5172538bbed] with BitCoin mining attributes being propagated over Facebook this time. Latest findings from CTRL team reveal new attack methods being adopted by the cyber criminals behind BitCoin mining malware. Vulnerability researchers at CTRL believe the perpetrators behind this malware attack have become defter after a successful attempt in using Skype as a ‘threat vector’. It appears they are now targeting popular social media sites to maximize the impact of this threat and victimize more Internet users.
Although the modus operandi used by the attackers resembles to the previous attacks to an extent, but this time around they have employed changes like the malware link uses a padding (e.g.; photo-03760.bmp) in an attempt to look more legitimate to users. Also the attackers have used a technique in which the malware is injected into ‘explorer.exe’-a legitimate windows process, to avoid any suspicious activity in the log. The malware is also found using SSL protocol to communicate, which avoids its detection by traditional filtering devices. Although we have information of this malware, the modular approach used in its functioning makes it difficult to predict its future activities, making it even more dangerous. Currently the malware shows BitCoin mining activities, but CTRL researches predict its possibility of being used for other attacks.
It seems Cyber criminals have not got enough with the BitCoin mining malware. A new sample of malware [MD5: fac01db6348df89757c8c5172538bbed] has been found by Cyberoam Threat Research Lab (CTRL). As per the initial analysis, it has been found to be involved in BitCoin mining activities.
The new malware sample was found propagating through Facebook chat messages. The malware arrives as link and it actually uses a padding (e.g.; photo-03760.bmp) in an attempt to look more legitimate to users.
An electronics company in America was planning the mega release of its new mobile phone. But a rival company in Taiwan developed the phone and launched the exact version much before the American company could. Later it turned out that an employee of the American company uploaded a music file ─ Michael Jackson’s ‘Thriller’ ─ to an online file sharing site. Inside the music file was hidden the schematics of the new phone. The Taiwanese counterpart downloaded it within minutes of it being uploaded. Welcome to the phenomenon of data loss through Steganography!
Experts are still to arrive at the exact figure on data lost through Steganography. However, the incident is indicative of the growing use of Steganography in bypassing network security for data theft and minimizing chances of detection. Confidentiality of data for businesses has always been important but never before has it been at this level of high risk.
Vulnerabilities have always been among the hot topics of discussions in the security domain. With the increasing usage of browsers now a days, they are slowly becoming a major form of vulnerability. Browsers are highly sensitive components of computing, as they act as a door through which users interact with the Internet. They are used to reach and interpret Web content developed by all kinds of people including professionals and amateurs, offering everything from benign to malicious content.
For most people, their web browser is central to their interaction with the Internet. It not only helps them to connect to global web sites but also allows them to consume online services providing everything from booking flights, banking services to online shopping. This reality makes browsers a key tool when evaluating the security experience of users, as the browser interprets Web content and programs delivered from around the world. Considering the vulnerabilities seen in the past, we can categorize them into 4 categories, namely: