MS VULNERABILITIES EXPOSED BY GOOGLE

Google has disclosed the latest of several unpatched flaws in Microsoft software. GREYCORTEX MENDEL’s advanced machine learning and predictive analysis can identify these attacks.

Google’s “Project Zero” team recently disclosed a second unpatched Microsoft Windows security flaw, after Microsoft failed to fix the bug within Google’s set 90 day window. The vulnerability is identified as CVE-2017-0037, and is classed as a “type confusion flaw” in a module of Microsoft Edge and Internet Explorer. This flaw can lead to arbitrary code execution, and be used to crash IE or Edge, and allow hackers to execute code and gain administrator privileges on infected systems.

Advanced hackers may have either already exploited this flaw or they may soon exploit it. Network security solutions like GREYCORTEX that identify anomalous behaviour within your network are especially important in this situation. These solutions mean your IT team can identify malware by its anomalous movement within the network, and identify it as it replicates. GREYCORTEX MENDEL identifies such anomalous behavior, offers deep network visibility, and differentiates between human and machine behavior, meaning you can find infected devices within your network and secure your company’s data and reputation even without relying on Microsoft to fix vulnerabilities in its browsers.

You can read more about the vulnerability here: http://thehackernews.com/2017/02/google-microsoft-edge-bug.html

GREYCORTEX LOOKS FORWARD TO FUTURE COLLABORATION WITH KONICA MINOLTA

Following its inclusion in the Berlin-based global release of Konica Minolta’s new Workplace Hub, GREYCORTEX is looking forward to working with Konica Minolta, in the future, to provide its performance monitoring and advanced network traffic analysis, solutions as an extension of the Konica Minolta Workplace Hub.

Konica Minolta’s newest offering – Workplace Hub – is an innovative new enterprise IT solution, which unifies an organization’s technology into single centralized platform. Designed to future-proof workplaces of every size as they work towards digital transformation, Workplace Hub directly addresses growing IT complexity by providing more efficient and effective management of the disparate array of tools, services, and devices used by modern organizations.

Konica Minolta is one of the leading innovators in the technology sector. We are looking forward to working with them in the future, to offer network performance monitoring and advanced traffic analysis solutions as an additional extension of Workplace Hub. We believe the partnership will be a good fit because of our advanced artificial intelligence, machine learning, and data mining functionality which will help users identify threats to their emerging businesses.” Petr Chaloupka, CEO of GREYCORTEX.
GREYCORTEX MENDEL enables users to monitor their unified network for attacks and also events like poor performance and unauthorized access. MENDEL is based on 10 years of extensive academic research and is designed using the same technology which surpassed all competitors in four consecutive US-based NIST Challenges. Released in 2014, MENDEL is already an integral part of network security at companies like T-Systems, Kiwi.com, and the Czech National Security Authority.

About Konica Minolta Laboratory Europe:

KMLE is the hub where innovative solutions in the field of ICT come to life to transform the next generation of products and services from Konica Minolta. KMLE is the catalyst for development of business opportunities and innovative applications for Digital Workplace, Sensor Information and Automation, Digital Healthcare and Smart Data Systems. As a research organization, KMLE is eager to share innovative projects and ideas with its network of academic and industrial partners.


About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

GODMODE DDOS ATTACKS INCREASING

Indian network security researchers have noticed an increase in DDoS attacks from a Windows OS and Windows Explorer vulnerability. The attack allows hackers to deliver a malware payload which spreads across the network to infect other machines, and can be controlled by a Command and Control (CnC) server.
In this case, the malware installs via user access to a malicious website. After checking for compatibility, the malware, as part of its penetration into the system, disables restricted VBScript functionality within the browser. This process; which involves changing the safemode flag within the browser, is also known as the “GodMode” exploit. Once “GodMode” is exploited, the virus is downloaded, then the virus payload connects to a remote CnC server, downloads  additional malware executable files, copies itself into C:WINDOWS, and deletes itself to avoid detection. Once installed, the malware spreads throughout the network, and executes DDoS attacks specified by the CnC server. To avoid this infection, researchers suggest immediately installing the latest system and browser updates.
Would you be able to tell if your network was infected with this attack? Updating your browser and operating system might stop future infection, but what about if the infection has already happened, and the malware is lying in wait? GREYCORTEX MENDEL identifies threats like the one described here because its advanced artificial intelligence and machine learning identify communication between the malware and its CnC server. MENDEL is unique in the industry because it can distinguish malware communication with a CnC server from human communication. MENDEL can also identify the threat through flow analysis. Because it analyzes all network flow data (rather than just a specific profiled flow – like Netflow or IPFIX), its IDS engine can identify the malware’s signature, even though it is encrypted.
To learn more about how GREYCORTEX can help you identify attacks of this nature, contact your IT Security professional, or GREYCORTEX directly.
The original research on the attack can be found here: http://blogs.quickheal.com/ddos-attacks-spreading-godmode-exploit-cve-2014-6332/


About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.