Loading...

Follow Seqrite Blog on Feedspot

Continue with Google
Continue with Facebook
or

Valid
Estimated reading time: 3 minutes

For all the high-tech security that is employed, an organization’s biggest chink in its defense, when it comes to cybersecurity, can be its own employees. That is not to say that these employees are deliberately doing what they are, it’s that they are being tricked by malicious forces. This is called social engineering and it’s one of the key ways criminals use to attack their targets.

Social engineering is completely psychological and takes advantage of human fallibility. Those who employ these tactics try to human beings into revealing personal data. This can be an extremely effective tactic as it means the criminals can completely bypass the security framework, often painstakingly installed at much cost by an organization, to hit their target. Some common social engineering tactics:

Phishing

Probably the most common social engineering tactic available, phishing has become unfortunately extremely common mainly because it is so effective. The basic tactic of phishing is to misguide unsuspecting employees into either revealing personal information or clicking on suspicious links which are disguised.

Familiarity Exploit

Through this technique, criminals pretend to be someone who is familiar to the target. They can create a fake account of a known co-worker using his/her name and photos and send emails to the target, who may reveal confidential information unless they spot the imposter. In a physical setting, they may even strike up conversations with people in the organization to ensure they become known and familiar.

Tailgating

A common social engineering tactic, tailgating refers to the unauthorized entry of an individual within a premise. Organizations actively try to prevent tailgating but criminals can use social engineering tactics to go beyond. They may request individuals to allow them inside an area, taking advantage of a human being’s innate tendency to not antagonize a stranger.

Criminals have been taking advantage of human behavior from time immemorial. Hence social engineering is not a new tactic. What has changes is that those same tactics have been tweaked to fit into this age of information where data is king. To prevent against social engineering attacks, the following advice may be useful:

Awareness of social engineering – Unless employees of an organization know exactly what they are against, it’s pointless to try and make them defend it. For example, many employees may not even know what the term “social engineering” means. Hence awareness of it is always the first step. Security teams should conduct regular awareness sessions about social engineering so that employees are aware of what it is and how to safeguard against it.

Keep strict infosecurity policies – These should apply to both physical and digital security. For example, companies must have strict policies on access control to prevent tailgating as well as how systems are used. From a digital perspective, organizations should come up with and strictly enforce policies which regulate how employees are supposed to deal with requests for information. There should also be monitoring to ensure compliance.

Anti-phishing – Since phishing is the most common form of social engineering attack, it is important that organizations employ anti-phishing measures in their cybersecurity solutions. In that respect, Seqrite’s Endpoint Security and Unified Threat Management solutions offer protection against phishing attacks which are thwarted before they can enter the network.

Run regular audits – It is important to run regular audits to test your cyber durability. Organizations should consider running specialized audits to check responsive for social engineering attacks. The results should be regularly audited to gauged the preparedness of the organization for the same.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post What is social engineering? How criminals take advantage of human behavior appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 3 minutes

Traditionally, any discussion about network security is focused on a specific model that organizations have largely internalized. This model is boundary or parameter-based model and assumes of a perimeter or a boundary outside a network. By this model, cybersecurity basically aims to strengthen this parameter with the thinking going that all entities outside this invisible perimeter are hostile and all those inside are trusted.

However, this traditional security model has increasingly looked outdated in an era of severe data breaches which have cost a number of big-name companies significant pain and loss of money. The reason for this is that today’s world is more connected than ever before which means the concept of silos is slowly fading. Servers and networks are interconnected with other third-parties which means it’s often difficult to maintain this invisible perimeter and keep an organizational network safe.

Trust no one

That is why the “zero trust” model has becomingly increasingly popular. Introduced by American market research giant, Forrester Research, the zero trust network model eliminates the concept of a perimeter and calls for enterprises to inspect all network traffic without any classifications of “inside” and “outside”. Basically, no user or traffic is considered “authorized” and all access to a specific network is governed by the same set of rules. Basically, there is “zero trust” in this model – all traffic to the network is untrusted and must be validated before allowed entry.

A zero trust network automatically assumes that all users and data traffic are operating from an unsecured network and hence all network traffic is encrypted. That means the cybersecurity architecture is significantly tougher – users have to validate their credentials every single time they want to access the network and there is often multi-factor authentication. While this may seem a little too difficult for organizations who still use a traditional perimeter defense, the zero trust model is rapidly carrying on and becoming more and more important.

Here are some steps that can be taken to build a zero trust network for an organization:

  • Identification of Sensitive Data – The first and most critical step is the identification of sensitive data within the enterprise. The key information that is required is how this data is stored, how it is used and by whom, how sensitive it is. Then this data needs to be classified.
  • Data Flow Across The Network – By understanding data flow across the network, enterprises can understand which stakeholders require what kind of data and are a good preparation before employing a zero trust model.
  • Design for a Zero Trust Network – It is important that a zero trust network is designed based on its requirements. This would mean identifying where microperimeters are placed, depending on the flow of the data. That is why a zero trust network will require structural change right at the beginning and is difficult to be incorporate in the middle of an existing model.
  • Access Control – Access control becomes the most component of a zero trust network. Since access is provided on a restrictive and limited need-to-know basis, which means policies must be formulated about what kind of user gets what kind of access and its limitations.
  • Continuous Monitoring – A zero trust network requires constant monitoring and reviewing of the network situation, because in this type of system, all traffic is important, not just external traffic. Hence, monitoring is important to find the source behind all traffic with the means to flag anything unusual, whether internal or external.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post How to build a zero trust network appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Estimated reading time: 1 minute

The recent zero-day vulnerability CVE-2018-8440 in Windows Task Scheduler enables attackers to perform a privilege elevation on targeted machines. Microsoft has released a security advisory CVE-2018-8440 on September 11, 2018 to address this issue. According to Microsoft, successful exploitation of this vulnerability could run arbitrary code in the security context of the local system.

About the vulnerability
CVE-2018-8440 is a local privilege escalation vulnerability in the Windows Task Scheduler’s Advanced Local Procedure Call (ALPC) interface. The ALPC endpoint in Windows task scheduler exports the SchRpcSetSecurity function, which allows us to set an arbitrary DACL without checking permissions. Exploiting the vulnerability ultimately allows a local unprivileged user to change the permissions of any file on the system.

The exploit code release was announced on twitter, on 27th August 2018, by a security researcher who goes with the handle “SandboxEscaper”.  Within days, PowerPool malware was found using the exploit to infect users.

Vulnerable versions

  • Windows 7
  • Windows 8.1
  • Windows 10
  • Windows Server 2008, 2012 and 2016

Quick Heal detection
Quick Heal has released the following detection for the vulnerability CVE-2018-8440:

  • Trojan.Win64
  • Trojan.IGeneric

Quick Heal Security Labs is actively looking for new in-the-wild exploits for this vulnerability and ensuring coverage for them.

References

  • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8440

Subject Matter Experts

Sameer Patil | Quick Heal Security Labs

The post CVE-2018-8440 – Task Scheduler ALPC Zero-Day Exploit in the Wild appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 3 minutes

Seqrite’s range of world-class cybersecurity solutions are defined by innovation and simplicity. The solutions provided are a combination of intelligence, analysis of applications and state-of-the-art technology, and are designed to provide better protection for our customers. Backed by Quick Heal’s cutting-edge expertise and over two decade history of research and development, Seqrite is committed to its global vision: to be the trusted global leader in securing the digital world.

Customers choose Seqrite because they are pioneers in creating a cyber secure world for businesses and consumers. Thanks to state-of-the-art products, a robust customer support system, a fast response system and a global presence, Seqrite is trusted by some major clients all over the world in every industry. Here are some stories of how Seqrite has helped customers:

Emami Cement Ltd., Kolkata

An industry leader in cement manufacturing, Emami Cement needed to focus on securing their network infrastructure by deploying an integrated security solution that could manage the endpoints across the IT environment. The IT team also wanted to shape their security policies by evaluating their effectiveness. Data backup was also among the major concerns of the IT administrators and hence they decided to deploy Seqrite Endpoint Security (EPS).

Seqrite’s EPS solution’s advanced features helped Emami Cement’s IT team have better visibility across all endpoints, restricting unauthorized access and blocking malicious threats through web or app access.  With data back-up being a major concern and Seqrite’s Data Loss Prevention (DLP) feature helped the security team monitor confidential and user-defined data shared across the endpoints. Emami Cement were very satisfied with the post-sales support offered by the Seqrite team and it is now successfully running on 600 endpoints at ECL.

One of the key reasons why we chose Seqrite Endpoint Security was because it’s a completely integrated security solution offering robust security features that helps us in securing our network and endpoints against advanced cyber threats.” – Atul Pandharpurkar, VP (IT), Emami Cement Limited.

Bharat Vikas Group India Ltd, Pune

One of India’s largest integrated services organization, Bharat Vikas Group India (BVG India) required protection from malware and ransomware attacks, through phishing mails and unauthorized browsing. Seqrite’s EPS solution provided protection from these attacks thanks to releasing regular updates (signatures) and enhancing heuristic solution – BDS (Behavior Detection System). Seqrite’s Anti-Ransomware feature and Advanced DNA scan technology also helped BVC India enforce complete control over its network and systems.

We operate in an extremely agile and scalable environment. With the help of Seqrite EPS, we are now able to increase the resilience of our network infrastructure and secure our endpoints.” – Rajesh Pandey, Manager-IT, BVG India Ltd.

BITS Pilani KK Birla, Goa Campus

One of India’s top educational institutes, the KK Birla campus is the second campus of BITS Pilani in Goa. The IT administrators of the campus were facing issues like uncontrolled Internet usage, ransomware attacks, access to harmful websites, unsecured and unknown devices being connected to the computers, heavy and long software updates which resulted in system slowdown. Unauthorized access through personal USB drives were also thought to be the reason behind malware attacks and network outages or shutdowns.

Seqrite EPS was the preferred solution for the IT managers of the campus as it offered an integrated security solution for restricting unauthorized access to the network. Thanks to attractive features such as Asset Management, Advanced Device Control, Application Control, Anti-Ransomware, the admins got complete visibility of all hardware and software running on endpoints.

In terms of manageability, scalability, and usability, Seqrite EPS has catered to all our security requirements. From easy deployment to handling critical applications, Seqrite EPS is helping us in securing our endpoints and network infrastructure.” – Ravindra Jangir, System Admin, BITS Pilani K.K. Birla Goa Campus

Azizi Bank, Kabul, Afghanistan

One of Afghanistan’s largest commercial banks, Azizi Bank required a security solution that could secure their systems even at low internet bandwidth. They also needed a firewall solution to monitor and control traffic on the bank’s official website.

Seqrite EPS significantly improved the security infrastructure of the bank and made it easier for the organization to offer world-class services to the customers without any security risks. It is now successfully running in more than 100 endpoints of the bank.

With Seqrite Endpoint Security (EPS), we have managed to overcome security risks due to the Internet bandwidth issue. Multi-layered endpoint protection, firewall protection, vulnerability scan, has brought some major improvements to the security of our network and systems”- Ghulam Ali, Network Security Officer, Azizi Bank

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post Why trust Seqrite? Don’t take our word for it. Hear it from our customers appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 4 minutes

From the last one year, Quick Heal Security Labs has been observing a boost in the number of mining malware. Nowadays malware authors are using mining as a replacement for Ransomware to make money.

Recently Quick Heal Security Labs came across a malware which mines Monero(XMR). This miner has many different components in it. The infection vector of this mining malware is still unconfirmed, but based on attribution this miner arrives on the system via spear phishing, malvertising etc.

 Technical Analysis:

Analyzed Miner is a self-extracting executable (SFX). It extracts components at “C:\Program Files\Windriverhost” as listed below:

  1. vbs (VBScript)
  2. exe (Extraction utility)
  3. rar (Password Protected Archive)
  4. bat (Batch File)
Fig 1 : Extracted components of the malware

After extraction of components, it starts VBScript(jsnel.vbs) as shown in Fig 2.

Fig 2 : Starting jsnel.vbs

jsnel.vbs contains a simple piece of code to launch chax.bat.

Fig 3 : Content of jsnel.vbs

rar.exe is command line utility to unpack archives. Here it is used to unpack password protected db.rar.

chax.bat file contains commands to delete old version components of Password Protected Archive and malware as shown in Fig 4.

Fig 4 : Content of chax.bat

Important task of chax.bat is to extract below mentioned components of db.rar at the current location and launch ouyk.vbs.

  1. vbs(VBScript)
  2. bat(Batch file)
  3. json(Configuration file)
  4. driverhost.exe (Mining tool)
Fig 5 : Extracted components of db.rar

Similar to previous VBScript(jsnel.vbs), this script(ouyk.vbs) too just launches batch file(xvvq.bat).

Fig 6 : Content of ouyk.vbs

xvvq.bat has two main purposes:

  1. To keep the system always ON using PowerCFG command, so that mining is not interrupted.

          “powercfg -change -standby-timeout-ac 0 

  1. To hide driverhost.exe from analysis tools:

          It enumerates processes using tasklist command to check if any of below-listed process is running, and if it finds any of these processes are running, it kills driverhost.exe.

     “taskmgr.exe

     “perfmon.exe

    “ProcessHacker.exe

    “procexp.exe

    “procexp64.exe

    “dumpcap.exe

    “Wireshark.exe

    “anvir.exe

But there is a bug in xvvq.bat, it checks only for taskmgr.exe and kills dirverhost.exe as shown in Fig 7. And if any other process like procexp.exe is running it does not kill driverhost.exe.

Fig 7 : Content of xvvq.bat

And if none of the above mentioned processes are running, then it starts driverhost.exe which is a core mining tool. It keeps on checking for all these processes continuously using an infinite loop in xvvq.bat and act accordingly.

config.json is a configuration file, which stores data such as username, password, max CPU usage, etc. as shown in Fig 8.

Fig 8 : Content of config.json

On execution, driverhost.exe reads miner configurations from config.json and connects to “xmr[.]pool[.]minergate[.]com”, and sends username and password from config.json to server and starts mining with port 45560 (port used for mining). as shown in Fig 9 and Fig 10.

Fig 9 : Network Analysis Fig 10 : Sends username and password to the server

It limits CPU usage to 35% for mining as shown in Fig 11.

Fig 11 : CPU Usage by driverhost.exe

For persistence, malware adds a shortcut in the startup folder for ouyk.vbs with name driverhost.lnk.

Fig 12 : Creating a shortcut for ouyk.vbs Fig 13 : Shortcut to ouyk.vbs in the startup folder

Execution Flow of miner:

IOC:

SHA256: b4ea81958403f717c1a20f18731ef05b648465c7e20cbc6f45bd2f5166c7c940

URL: hxxp://xmr[.]pool[.]minergate[.]com:45560

Quick Heal detects this Miner as “Trojan.Occamy”.

Conclusion:

As the price and appreciation of digital currencies has grown exponentially, mining malware too have increased over the last year. In fact, miners are so common that thousands of computers are already infected. The number of mining malware has increased and they have also become complex as discussed in the above blog post.

Subject Matter Expert

Ravi Gidwani,  Pratik Pachpor | Quick Heal Security Labs

The post I am invisible – Monero (XMR) Miner appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Estimated reading time: 2 minutes

As cyber-attacks continue to affect businesses, it is banks that are the most lucrative target for cybercriminals. Beyond having their reputation at stake, banks also risk customer’s money and data, amplified regulatory attention and even litigation. The stakes are clearly too high.

The recent cyber-attack on a large bank headquartered in Pune is one of the many cases where hackers successfully managed to siphon off huge sums of money, in this case over Rs. 90 Crore.  Many past attacks have targeted small-to-medium size financial institutions, likely because of poor implementation of cybersecurity solutions, budgets, or awareness. The FBI in a global warning has alarmed banks that the frequency of such attacks is likely to continue or possibly increase in the near future. So what is that banks can do to assess the state of their cybersecurity? The answer is: conduct a Red Team Assessment.

What is Red Team Assessment?

Red Team Assessment is basically a mock trial of how well your people, processes, and technology are prepared to handle real-world cyber-attacks. In a red team exercise, highly trained security consultants attempt to breach the security of the organization to expose potential physical, hardware, software and human vulnerabilities.

A comprehensive Red Team exercise will expose vulnerabilities and risks regarding

  • Networks, applications, switches, mobile devices
  • Social engineering (onsite, telephone, email/text, chat)
  • Physical attacks (pen-drive bypass, camera evasion, alarm bypass, Wi-Fi attack etc.)

The purpose of red team assessment is to identify how real-world attackers can exploit major or even seemingly minor loopholes to breach your IT security.  It is an effective way to showcase that deploying the most robust firewall would mean nothing if an attacker can tailgate his way to your data center and walk away with an unencrypted hard drive with critical business information.

You’re only as strong as your weakest link and thus adopting a multi-layered defense in depth approach is the best way to strengthen your cybersecurity.

Who needs Red Team Assessment?

Every organization, big or small can benefit from this assessment. This exercise will provide a list of security-related findings and observations which, once implemented, will help organizations strengthen their security. Red team assessments will provide you with a very good understanding of your cyber defense and how they would perform in a real cyber-attack against your organization.

How do I get a Red Team Assessment done?

Seqrite utilizes a variety of techniques including OSINT, DarkNet Monitoring, Cyber Threat Intelligence, Internal and External Network Penetration Testing, Web & Mobile Application Testing, Social Engineering Attacks and Physical Breach to measure how well networks, applications, physical security controls and employees can withstand a real-time attack.

To conduct a Red Team Assessment, talk to our experts at 1800-212-7377. 

The post Is your bank really safe from cyber threats? Conduct Red Team Assessment to know. appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 3 minutes

Seqrite Endpoint Security (EPS) is a comprehensive, powerful platform for enterprises to secure their endpoint security. With innovative technologies like Anti Ransomware, Advanced DNA Scan and Behavioral Detection System to protect networks from the advanced threats of the present, it is a powerful solution.

Some of Seqrite EPS’s key features include Advanced Device Control, Web Filtering, Ransomware Protection, Application Control, Asset Management and many others. To make the best use of this powerful tool, here are a few tips:

  1. Understanding how it works

Seqrite Endpoint Security (EPS) works on the Client/Server architecture where the console manages all the client agents deployed on the network. The console and client agents can be installed on almost all flavors of Microsoft Windows operating systems. The client agents can also be installed on the machines with Linux and Mac operating systems.

Seqrite EPS helps the administrators deploy Seqrite Antivirus remotely on the specified computers, groups or domains, which are part of the same domain. Whenever the server copy of Seqrite Antivirus is updated, all computers configured to update from the server will be automatically updated without user intervention. Seqrite EPS monitors these processes so that an administrator can view the computers that have Seqrite Antivirus installed, the virus database date of Seqrite, whether Virus Protection is enabled, and if viruses are active in the memory of workstations. If any virus is found active in the memory of a workstation, that workstation gets disconnected from the network. If it detects that Seqrite is uninstalled from any workstation(s), it reinstalls Seqrite remotely without user intervention. This keeps the computers and the network safe from virus threats.

  1. Registering EPS after installation

It is important that Seqrite Endpoint Security is registered immediately after installation. Unless it is activated, endpoint deployment will not happen. With an Internet connection, EPS can be registered through the registration wizard by typing the Product Key along with relevant information like purchased from, register for and name text boxes.

  1. Get comfortable with the Seqrite Endpoint Security Dashboard

EPS provides a handy Web-based graphical console that displays the current status of the health of endpoints and highlights critical security situations that need immediate attention. It is a good idea to get acclimatized with the dashboard and its many different features to get the best use out of the product.

The dashboard provides different areas like Admin Settings to configure settings related to features, Support for finding support, Help file for information on the product and the Logout button. The Clients button allows configuration of settings related to Endpoint Status and Endpoint Action, Settings for setting related to these, Reports for generating reports and Alerts with a bell icon.

There is a ribbon also on the Web console with useful sections like Dashboard, Consolidated Dashboard and Manage Secondary Servers.

  1. Acquainting yourself with the different types of scans

EPS comes with a variety of different scans to provide additional protection to your endpoints. It is important to get acquainted with these scans and understand their purpose.

  • Application Control Scan allows users to check whether security compliance policies framed by the organization are being followed on each endpoint. It also helps in verifying whether endpoints have any unauthorized applications other than the authorized ones running on them. It is only available for clients with Windows operating systems
  • Vulnerability Scan scans the known vulnerabilities in the installed applications of various vendors such as Adobe, Apple, Mozilla, Oracle etc. and the operating systems on the endpoints in the network while assessing their security status. The endpoints can be probed for applications and operating system patches for possible vulnerabilities.
  • Data-At-Rest Scan scans and detect any confidential data present in endpoints and removable devices
  • Patch Scan scans the missing patches in the network 
  1. The Manage Groups and Asset features

For best usage of the EPS solution, it is vital to explore powerful features such as Manage Groups and Assets. The Manage Groups feature helps in the creation of groups and subgroups, and applies a policy to a group (or a subgroup). A group includes a number of endpoints and all the endpoints within a group share the same policy.

Assets feature helps to keep a watch on system information, hardware information, and software installed.  The list of hardware changes, if any, can also be viewed along with the changes that are made to the configuration of the systems in the network.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post How to make the most of your Seqrite EPS appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 3 minutes

For enterprises, sysadmins or system administrators are vital resources who play a critical role in overall productivity. By ensuring upkeep and optimal functioning of all computer systems and networks within an enterprise, a sysadmin provides a very important link in the functioning of a company. This also means sysadmins are also connected to the maintenance of cybersecurity procedures within the enterprise.

Thanks to their detailed knowledge about their own systems including vulnerabilities or patches, sysadmins often have to deal with various cybersecurity problems. Seqrite’s wide range of services however provides handy solutions to these problems.

Patch management

For sysadmins, ensuring their systems have the latest patches is critical. The world of cyber threats is a rapidly evolving and dynamic one. Hackers are hard at work at every hour and at every minute trying furiously to find vulnerabilities into the systems used by millions of organizations all over the world. The minute one vulnerability is found, it is exploited mercilessly.

Seqrite’s Endpoint Security (EPS) solution offers a simple and comprehensive security solution for workstations, laptops and servers. It integrates innovative technologies like Anti Ransomware, Advanced DNA Scan and Behavior Detection Systems to protect networks. Among the wide range of advanced features like Advanced Device Control, DLP, Vulnerability Scan, Web Filtering, Asset Management it offers, the Patch Management feature offers a way for organizations to manage patches in mixed OS environments.

Data backups

More than anyone else, sysadmins understand the importance of data and why it is so important that it is backed up regularly. After all, data loss has severe financial consequences. In 2014, a report from EMC Corporation found that data loss and downtime cost Indian business a whopping $54 billion annually. If those numbers sound massive, consider the fact that the report is four years old and the number of cybersecurity threats has only increased in the ensuing period, meaning that it is likely that the figure has gone up. After all, the causes behind data loss can be surprisingly simple.

Sysadmins can choose services like Seqrite Services for customized backup solutions for their business.

Monitoring data

Cyber attacks usually start from small changes made to enterprise systems which often go overlooked. It’s a symptom which sysadmins are aware of. The solution to this is constant monitoring of all the granular details within an enterprise system so even the smallest of changes can be detected.

In this regard, Seqrite’s Data Loss Prevention (DLP) tool can be very useful. It is an electronic data supervision solution designed to help enterprises establish control over their data by preventing confidential data from being leaked out of an organization’s network. With Seqrite DLP, IT admins can enforce compliance measures and define security policies to establish control over the data transferred via physical devices or web applications.

Policy Management

Sysadmins know that a good policy lies at the heart of not just cybersecurity but the overall functioning of an organization. Enterprises with strong IT and information security policies can keep their data secure and safe and less at risk from cyber attacks.

Seqrite’s Endpoint Security (EPS) solution has a Group Policy Management feature allowing administrators to define user groups based on the hierarchy within an organization with flexible policies to be set as per situational requirements.

Seqrite’s range of services provide sysadmins with the right tools and solutions to solve all their solutions and keep their enterprises safe and secure from the recurring threats of cyber attacks.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post Top 5 IT Problems for Sysadmins: Seqrite has the solution! appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 3 minutes

The importance of cybersecurity has slowly seeped into the consciousness of enterprises. A cybercrime can undo years of work in an instant and enterprises are recognizing this and trying to find ways to stay safe. Hence, investment in security products has increased with more and more providers looking to deliver the kind of cybersecurity experience, customized as per an enterprise’s expectations.

This means organizations can get a little confused about the kind of security product they are seeking with the amount of choice in the market. While one of the key drivers for the choice of a security product would be the kind of requirement considering enterprise will have different cybersecurity needs. However, enterprises can also get an overall idea about a security product they are considering from the overall industry certifications.

Industry certifications are a great benchmark for security products as they deliver a symbol of quality. These certifications showcase that the concerned product has been tested up to a high standard and passed these tests, a conclusion which makes it reliable. Enterprises want dependability and reliability when they choose a security product – it is, after all, a product which they need to work at 100% most of the time and even a small mistake could prove catastrophic.  That is where the relevant industry certifications could give security products a significant heads-up over their competitors.

Seqrite’s security solutions have been acknowledged year after year by associations, the media, and industry organizations. Some of the most noteworthy of them have been:

  • BEST+++ Certification from AVLab in Fileless Malware Protection Test – AVLab is an independent organization that conducts tests on security software for corporate networks and individual user devices. These tests are conducted by using malicious software, tools, and bypassing security techniques that are used in real cyberattacks.

In October 2017, AVLab conducted a Fileless Malware Protection Test. In this test, AVLab experts tested various security software products against fileless malware (described below). The experts used the techniques and tools that are applied by cybercriminals to launch such attacks. Seqrite Endpoint Security Enterprise Suite was one of the tested security software products.

Seqrite Endpoint Security Enterprise Suite was awarded the BEST+++ Certificate which implies that Seqrite Endpoint Security Enterprise Suite was able to stop all sorts of fileless malware attacks that were carried out in AVLab’s Fileless Malware Protection Test.

  • BEST+++ Certification from AVLab in Protection Test against Drive-By-Download Attacks – In April 2017, AVLab conducted a ‘Protection test against drive-by download attacks’. Seqrite Endpoint Security v7.2, that provides protection against threats such as drive-by downloads, was tested by AVLab.  And in the test results, the software was awarded a BEST+++Certification which signifies that that the software stopped all attacks of drive-by download carried out in the test.
  • OPSWAT Gold Certified Partner – Seqrite Endpoint Security(v.15 and v.16) was categorized an OPSWAT Gold Certified Partner for its anti-malware and anti-phishing features. Seqrite Endpoint Security’s firewall feature was also categorized as an OPSWAT Silver Certified Partner.

These reputed industry certifications are an indicator that Seqrite has been tested and certified as among the leading cybersecurity solutions with features to help enterprises secure their cybersecurity defenses.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post Importance of industry certifications for security products and what do they mean appeared first on Seqrite Blog.

Read Full Article
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 
Estimated reading time: 3 minutes

Cybersecurity threats are lurking everywhere.

In 2015, a vulnerability was detected in WiFi routers in hotel allowing attackers to distribute malware and monitor and record data sent over the network. A laptop is stolen every 53 seconds in the United States. USB keyloggers can be found in systems stored in a PC.

Honestly put, it’s a scary world. And this threat is further accentuated by the fact that this is a millennium of remote work. Almost all organizations nowadays have had to accept employees who work remotely. Whether these are employees who are deputed on the field, employees who work a couple of days from home or employees who log in from home every day, remote and mobile teams are a daily reality and they bring their own challenges for the relevant IT teams.

Here are the top 5 IT tips for remote and mobile teams to ensure they stay secure:

  1. Password Security

This tip continues to be ever-present in every cybersecurity dialogue but the reason is because of its important. Especially when it comes to remote teams working outside the enterprise network, a strong password is the best defense against any threat. Remote teams must ensure they keep strong, difficult to crack passwords with ideally different characters and two-step authentication. They must also not share these passwords with anyone else, not write them down anywhere and change them frequently.

  1. Keep devices updated

In a normal office setup, the IT security team will put in policies to ensure that their systems are updated with the latest patches and updates to the browser, operating system, etc. However, for teams which are working remotely and maybe on their own devices, this is also a non-negotiable item. If any official work is done on a device, whether it is private or personal, the company policy must be that it is updated with the latest patches. Devices which have not been updated are a recipe for disaster and can be easily exploited by cybercriminals to steal official data.

  1. Using public systems and WiFi

Sometimes, remote employees will work out of cafes or restaurants. Employees may even use the airport WiFi when they are transiting on official work. While this can be convenient, it can be extremely dangerous. Public WiFis may often not have the correct security compliances making them very vulnerable to be hacked. Criminals can record and steal data from them.

The same advice should be followed for public systems as well. They may have the most rudimentary of security systems, not even having an anti-virus solution, and should never be used for doing official work. In fact, they also pose a physical risk with people around easily capable of seeing and even photographing important information.

  1. Encryption

It’s always a good idea for employees who are working remotely to encrypt all information sent to the main enterprise network. This adds an additional layer of protection and ensures that even if hackers manage to access the data through a vulnerability or a black hole, they are unable to use it without the decryption key. Seqrite Encryption Manager protects corporate data residing on endpoints with strong encryption algorithms.

  1. Manage & Enforce a Remote Cybersecurity Policy

If an enterprise has a number of teams who are working remotely, they cannot afford to be reactive. A proper cybesecurity policy for these teams, which cover exact dos-and-don’ts along with important instructions must be devised and communicated to all in the company. Even more importantly, it must be strictly enforced so that all employees are aware of what they are expected.

As the world grows more even more connected, the proliferation of remote workers will only increase, leading to more headaches. But enterprises which can keep the basics in mind and ensure that everyone is on the same page will go a long way in remaining safe from cyber attacks.

As an IT security partner for your business, Seqrite provides comprehensive security from advanced cyber threats. To know more

The post Top 5 IT tips for remote and mobile teams appeared first on Seqrite Blog.

Read Full Article

Read for later

Articles marked as Favorite are saved for later viewing.
close
  • Show original
  • .
  • Share
  • .
  • Favorite
  • .
  • Email
  • .
  • Add Tags 

Separate tags by commas
To access this feature, please upgrade your account.
Start your free month
Free Preview