Visit our other websites:    Consumer IT    On CE    Mobile Channels    ECI news    rAVe Europe    Digital Signage News    

 

eSP - IT Solution Providers in Europe

  • Full Screen
  • Wide Screen
  • Narrow Screen
  • Increase font size
  • Default font size
  • Decrease font size

Security

Intego Reports on Mac Malware!

E-mail Print PDF
Intego Reports on Mac Malware!

Researchers at security firm Intego discover a piece of Mac malware-- OSX/Linker, an attempt at taking over a recently disclosed zero-day flaw in the macOS Gatekeeper security functionality.

The security firm also points out another potential Mac vulnerability in OSX/CrescentCore, a next-generation fake Flash Player malware redesigned to evade antivirus detection.

Publicly disclosed by Filippo Cavallarin back in May 2019, the "Mac OS X Gatekeeper Bypass" is a vulnerability affecting Gatekeeper, the technology designed to check apps downloaded from the internet for either a revoked developer signature or specific malware. According to Cavallarin, macOS treats apps loaded from a network share differently than apps downloaded from the internet. Thus, an attacker can create a symbolic link (aka "symlink") to an app hosted on a Network File System (NFS) server, before creating a .zip archive containing the symlink and getting the victim to download it. The Apple XProtect bad-download blocker fails to check such an app, Cavallarin says, making it easier for malware to infect the Mac in question.

Read more...

The 5 Champions in the Canalys Security Matrix

E-mail Print PDF
The 5 Champions in the Canalys Security Matrix

Canalys combines channel partner feedback and quarterly shipment estimates to declare Cisco, Sophos, Palo Alto Networks, Fortinet and ESET as Champions in the 2019 Cybersecurity Leadership Matrix.

The Leadership Matrix assesses the channel performance of 15 security vendors over the past 12 months. The Champions have the highest scores in the Canalys vendor benchmark, and show characteristics such as positive partner sentiment, ongoing improvements in channel processes, a willingness to boost growth opportunities for partners and a commitment to growing revenue share generated through the channel.

Read more...

StarLink Enters DACH Region

E-mail Print PDF
StarLink Enters DACH Region

Dubai-based security VAD StarLink sets a "logical extension" to the existing European Hub with plans to extend coverage across the DACH region for "next generation security solutions."

The security company is still to actually define the expansion into DACH, beyond the existing Netherlands and UK offices, but says it targets next-generation technologies to improve governance and combat evolving threats. It is also in line with a long-term vision to become the "largest global True VAD," by developing new markets and replicating a unique business model.

Read more...

LogRhythm Puts NextGen SIEM Platform on the Cloud

E-mail Print PDF
LogRhythm Puts NextGen SIEM Platform on the Cloud

The LogRhythm NextGen security information and event management (SIEM) platform takes to the cloud with the promise of full security monitoring, management and automation functionality only in SaaS form.

According to the company, LogRhythm Cloud is the full-fat SIEM platform, with the full breadth of log management, security analytics and out-of-the-box support for compliance automation and advanced threat detection. It also includes full security orchestration, automation and response (SOAR) capabilities, and a critical component in enabling security operations teams to reduce enterprise mean time to detect (MTTD) and mean time to respond (MTTR).

Read more...

The Next Intel Chip Vulnerability: ZombieLoad!

E-mail Print PDF
The Next Intel Chip Vulnerability: ZombieLoad!

Researchers warn the undead are making their way towards your customers' PCs-- or rather a set of critical vulnerabilities lurking within Intel processors allowing for the colourfully dubbed "ZombieLoad" attack.

Discovered by security researchers from Graz University of Technology, the ZombieLoad vulnerabilities affect all Intel chips dating back to 2011. The attack is similar to the Meltdown and Spectre flaws. Also known as Microarchitectural Data Sampling (MDS), ZombieLoad allows for the leaking of sensitive data, such as passwords, secret keys, account tokens and private messages, stored in a processor. It is a side-channel attack, since it allows hackers to exploit design flaws without need to inject malicious code, and consists of 4 bugs first reported to Intel just a month ago.

Read more...

Page 8 of 67