Learn How Balance and MAX Routers Team Up for Unbreakable VPNs

The Balance lineup uses Peplink SpeedFusion technology to integrate seamlessly with MAX cellular routers and deliver unstoppable VPNs in a wide variety of applications. To see how, visit our updated Balance and Unbreakable VPN pages. Filled with helpful deployment diagrams and technology highlights, they’re a great way to learn more about fast, reliable, and affordable Peplink solutions for retail, enterprise, public safety, and much more.

You can read more here.

As well as providing excellent daylight surveillance coverage, JCAM-IR also has infra-red capability to enable a comprehensive 24-hour surveillance operation to be implemented. 

JCAM-IR Image Quality

Crucial to the successful implementation of any security surveillance strategy is the image quality of the cameras being used. JCAM-IR is an HD 2MP fixed lens camera that can stream video with a resolution of up to HD1080p at up to 30fps. Facial recognition can be achieved in normal light conditions up to a distance of 10m. JCAM-IR has a darkness/low light range of 10m.

JCAM-IR Alerts

When motion is detected by JCAM-IR, videos can be recorded and snapshots (of before and during the event) sent by email. Videos can be saved to the camera’s on-board Micro SD card (user supplied) or, alternatively, to a networked PC. Camera recording and snapshots can also be activated manually or by an event triggered by an optional attached Jacarta Go-Probe sensor (water leak, door open, smoke, etc.).

You can download the brochure here.

We all believe (and hope) that ‘it won’t happen to us’ but how many horror stories of you heard where an unnoticed leak has turned into a flood, a briefly un-manned room has resulted in theft, or a faulty piece of equipment has led to ruined stock, lost data or hardware? SMS Alarm General is an extremely cost-effective way of helping to prevent these initially minor events becoming catastrophic for you or your business. 

Up to 2 x Go-Probe sensors and 1 x Temperature sensor can be monitored by the Alarm General and it is also possible to link the Alarm General to alarm panels such as fire, security, generator, UPS, fire suppression, air-conditioning, etc. SMS Alarm General can be used to help protect all types of premises: Offices, data centres, shops, warehouses, industrial units, homes, holiday villas – the list is endless!

How Does SMS Alarm General Work? 

The SMS Alarm General solution consists of a quad-band modem, integrated Jacarta configuration and alerting software module, and the capacity to connect up to 2 x Go-Probe sensors and 1 x Temperature sensor. Once a user-supplied SIM card is inserted and the sensors connected, configuration of alarm messages and contact telephone numbers can be carried out by sending text messages to the Alarm General. The Alarm General will reply to acknowledge each of the messages, confirming that the required instruction has been carried out.

Once configured, SMS Alarm General will continually monitor the condition of the sensors and alert the configured mobile phone numbers when an alarm condition is detected. Up to 5 numbers can be alerted. In addition to the alerts, Alarm General can send you a daily status text, and you can remotely check the status of your sensors at any time by sending a text message to the Alarm General.

You can download the brochure here.

This isn’t entirely surprising as the FBI had issued a warning on Christmas Eve to media organizations about a new wave of phishing attacks associated with the infamous SEA. Skype has more than three million followers on Twitter, which indicates that, had the attackers wanted to send out malicious links or other dangerous content, this could have been a whole lot worse.

What I would like to know is why on earth a company social media profile with over three million followers would not be using two-factor authentication. Earlier this year Twitter rolled out an improved two-factor solution seemingly in response to previous attacks by the SEA. WordPress offers two-factor authentication and Facebook has supported two-factor authentication for a couple of years now, all in an attempt to prevent this exact type of attack.

Microsoft, would you care to explain why you apparently are not using it? We believe it is the responsibility of organizations with a large number of followers to do whatever they can to secure their profiles. We suppose this can be a lesson to the rest of us. Take advantage of the safety net of two-factor authentication whenever possible. While it may be less than perfect, so are you.  

You can read the original article here.

The Federal Communications Commission reports that mobile phone theft constitutes 30-40% of all robberies across the United States, a crime that cost US citizens $30 billion in 2012. In the Senator’s own state of California such thefts are even more prevalent, accounting for over 50% of street robberies, Los Angeles alone has seen a 12% increase in smartphone thefts over the last year. If the kill switch legislation is passed, carriers will be able to remotely send a message to any device that has been reported as either lost or stolen. That message would trigger the device to ‘brick’ itself, effectively making it useless, and a far less appealing option for would-be thieves. With a few exceptions, most phones do not offer any form of remote deactivation at this time which makes them especially appealing to thieves who can snatch and sell them on in a very short period of time. 

One manufacturer that does offer deactivation is Apple, though Gascón would like to see such a feature become the default rather than an option: “Apple should be commended for leading the way and making efforts to safeguard their customers, but it is still too early to tell how effective their solution will be. Until Activation Lock is fully opt-out, it appears many iPhone owners will not have the solution enabled. This leaves iPhone users at risk as thieves cannot distinguish between those devices that have the feature enabled and those that do not”.

Gascón, along with New York Attorney General Eric Schneiderman, have asked mobile phone manufacturers to propose methods of curtailing the theft of smartphones. Having presented the tech companies with a June 2014 deadline, Gascón said: “I appreciate the efforts that many of the manufacturers are making, but the deadline we agreed upon is rapidly approaching and most do not have a technological solution in place. Californians continue to be victimized at an alarming rate, and this legislation will compel the industry to make the safety of their customers a priority”.

The bill will be formally introduced in January 2014.

The readers who wish to protect their Android devices in case of loss or theft can install Sophos’s free Antivirus and Security app which includes the following features:

• Supports remote commands for Wipe, Lock, Alarm, Locate, Reset passcode and Message to finder
• Reporting of the device location before the battery runs out
• Notification if the SIM card is replaced

You can read the original article here.

Service providers need higher level of encryption support

“If you look at one of our typical deployments, yes, they want security, they want SSL, but the numbers they support are in the thousands,” he said. “It’s nothing compared to a business model that is supporting millions of users. When we are talking to these SaaS providers, it’s a whole new level of value proposition” and a market segment that Array wants to target. 

With the new encryption standard requiring almost five times the computational power as 1,024-bit encryption, more robust ADCs are a necessity, he said. SaaS provider YourMembership.com is using Array’s 5600 platform to beef up its capacity and throughput, said Chief Technology Officer Hutch Craig. The St. Petersburg, Fla.-based SaaS provider serves more than 2,300 associations with its menu of back-office services, reaching more than 20 million users. A lot of the provider’s traffic requires secure processing, Craig said; everything from e-commerce to dues information and other sensitive data. 

YourMembership.com deployed a pair of ADCs for failover protection at a data center in Orlando, Fla. They replaced two older Array ADCs that were running at more than 50% utilization each because of the volume of transactions they had to process. “Things were getting really tough on them; the 5600s are unbelievable,” Craig said. “Everything is funneled through the ADC, from the API to the actual front-end offering. We have millions of [end users] and tens of thousands of administrators that go into the box.”

• Craig said the 5600’s SSL acceleration capabilities were a key attribute. In YourMembership.com’s case, the processor-intensive steps needed to handle public-key encryption algorithms are handed off to a hardware accelerator, although the ADC has the ability to process SSL transactions without the use of separate servers.

• More traffic headed in 2014

• YourMembership.com will increase the amount of traffic routed through the Array ADCs next year as part of a plan to consolidate all of its data center operations in Orlando, Craig said. Right now, the provider has a data center in Austin, Texas, that serves clients YourMembership.com inherited as part of its 2012 acquisition of rival Affiniscape.  

• Craig said YourMembership.com will phase out the Austin data center and route all traffic to Orlando and the 5600s by next spring. Andersen said SaaS providers are a logical target for his company’s ADCs, which are priced from 30% to 40% below competitors’ similarly equipped models. 

• “They have to support a lot more customers and they also have to be on a higher standard of SSL. At the same time, they can’t afford to pay through the nose for ADC hardware,” Andersen said.
  The 5600 is priced beginning at $28,995; models that support hardware SSL acceleration begin at $37,995.

• In addition to the 5600, Array beefed up two other models to handle the new encryption standards. The 2600 can process up to 5,000 SSL transactions per second, while the high-end 10650 can handle up to 70,000 transactions per second. All of the devices are engineered with 10 Gigabit Ethernet connectivity and multicore processing with throughput ranging from 10 Gbps to 120 Gbps, depending on the model.

You can read the original article here.

Quantum computing hinges, very broadly, on allowing individual bits (called qubits) to contain superimposed values of zero and one, vastly increasing computing power. Its implications for cryptography, medicine, and research have made it a major goal for public services and private industry alike: DARPA has devoted years of funding to quantum computing research, and Google launched its own “Quantum Artificial Intelligence Lab” last year.

But while qubits have been stored for a limited period of time under certain conditions, and specialized machines have been built using quantum technology, that’s not enough for practical code-breaking applications. Last year, for example,The Economist all but ruled out the possibility that the NSA had a crypto-ready quantum computer.

The NSA’s program, part of the larger intelligence community “Black Budget,” doesn’t actually task anybody with building a quantum computer. According to the memo, it asks researchers to “conduct basic research in quantum physics and architecture/engineering studies to determine if, and how, a cryptographically useful quantum computer can be built.” So while the grant fits with the NSA’s general mission — and quantum computing could one day pose a real threat to present-day encryption methods — it’s a lot more theoretical than the agency’s ability to, say, seed malware to computers from miles away.

You can read the original article here.

What’s a CSR?

If you have ordered an SSL Certificate before, you were most likely asked to provide a CSR. The CSR is used to deliver the public key that your server will use to identify itself. Generating a CSR can be a hurdle for non-technical staff that aren’t always familiar with the command lines that need to be created and today still remains a time-consuming process even for more experienced users.

CSR Creation Made Easy

Our new CSR creation tool makes it easy to generate the CSR for your server by simply inputting your certificate information (e.g. domain name, organization details, etc.) in the fields provided. The tool will automatically generate the command lines required to create the CSR on your webserver, so you don’t need to write them yourself.

The CSR tool provides command lines for most popular webservers, including OpenSSL, Exchange 2007, IIS and F5 Big-IP.

Bonus Features: Advice on Best Practices

To ensure your SSL Certificates are compliant with the latest security best practices, the CSR tool automatically defaults to the most secure algorithm (RSA) and only offers key length options in line with the latest CA/B Forum guidelines (2048 bit minimum).
Use The Tool

The CSR tool is available in multiple languages at https://csrhelp.globalsign.com and includes support information and FAQs for additional help with the CSR generation process. Secure you website today with SSL the easy way.

You can read the original article here.

The infected ads were served to visitors of the Yahoo homepage over a four-day period last week. Some of the malware that was served up could turn the infected computers into Bitcoin miners.  The malware that Yahoo unknowingly served up attacked flaws in Java on the victim machines. Yahoo says that the malware was served up from December 31 to January 3 on its European sites. 

Yahoo is being criticized for not doing anything to help the owners of computers infected with malware served from its site.

The web company has promised to monitor and block any ads being used for serving malware. Estimates are that around 27000 infections resulted every hour the ads containing the malware were served. Some malware installed by the rogue ads also installed ZeuS, which tries to steal banking information.

You can read the original article at SlashGear.

Syrian Eagle told Mashable that Microsoft deserves what it got because it’s hawking data to US snoops and multiple governments. The SEA will publish proof of the allegations, Syrian Eagle said: “Microsoft is monitoring emails accounts and selling the data for the American intelligence and other governments. And we will publish more details and documents that prove it. Microsoft is not our enemy but what they are doing affected the SEA.”

On Saturday, the pro-Assad group took over the @MSFTnews and @XboxSupport Twitter accounts and posted various messages hashtagged “SEA”, according to Mashable. One read: “Don’t use Microsoft emails (Hotmail, outlook), They are monitoring your accounts and selling the data to the governments.” The takeovers appear to have been brief: the messages are no longer live, and a Microsoft spokesperson sent this statement to The Register: “Microsoft is aware of targeted cyberattacks that temporarily affected the Xbox Support and Microsoft News Twitter accounts. The accounts were quickly reset and we can confirm that no customer information was compromised.”

The attackers also Tweeted a screenshot of what appears to be a takeover of The Official Microsoft Blog at blogs.technet.com. Microsoft didn’t put out a statement about the alleged attack, but Mashable says its reporters saw it in action and confirmed that it lasted about an hour. Mashable also posted a screenshot showing multiple “Syrian Army Was Here” messages on the defaced site.

Others reported that the blog was either forcing a redirect to the SEA’s site or displaying the defaced blog. At any rate, the blog is now under the company’s control. Microsoft responded to the SEA charges about monitoring email by sending this statement to Mashable: “We’re actively investigating issues and are focused on protecting our employees and corporate network. Microsoft is sometimes obligated to comply with legal orders from governments around the world and provides customer data only in response to specific, targeted, legal demands”.

You can read the original article here.

James Lyne, Global Head of Security Research, Sophos, said: “Sophos has partnered with Government to support Cyber Streetwise because we believe it’s imperative for both consumers and small businesses to take action to protect themselves online.”

“Consumers and SMEs alike are finding new ways to interact online, including via a greater range of devices, but with this enhanced technology comes risk. SophosLabs finds over 30,000 new infected websites distributing malware every day and, contrary to popular belief, the majority – around 80% – are legitimate small business websites that have been hacked. It’s therefore vital that small businesses in particular get the basics of security right – from installing antivirus to regularly updating and patching software, using complex passwords and protecting data.”

The Cyber Streetwise website – www.cyberstreetwise.com – offers a range of interactive resources for SMEs and consumers to gain impartial advice on how to protect themselves online. Sophos, which has provided security expertise and content for the Cyberstreetwise site, is also pushing visitors from its own dedicated web page – www.sophos.com/cyber-street – to the Cyber Streetwise website.

James Lyne continued: “Those who don’t put basic security measures in place are leaving themselves exposed to attackers capable of silently installing malicious code on their systems without permission. We are proud to have been asked to support and to provide content for Cyber Streetwise, which will play a vital role in encouraging businesses and consumers to adopt safer behaviours online and to take the fight to cyber criminals by improving their online security.”

Cyber Streetwise is urging people to take five actions in order to protect themselves and others from cyber crime:

1. use strong, memorable passwords
2. install anti-virus software on new devices
3. check privacy settings on social media
4. shop safely online – always ensuring to check online retail sites are secure
5. download software and application patches when prompted

You can read the original article at here.

Sophos President and CEO Kris Hagerman said, “Sophos is thrilled to join the many other technology leaders that call Silicon Valley home. A meaningful presence in Silicon Valley gives us a golden opportunity to capitalize on the technology trends and partnership opportunities that are so abundant in this area. Silicon Valley is a renowned global center for the disruptive innovation, top talent and strategic relationships that will help propel Sophos to the next level.”

Mike Valentine, senior vice president of worldwide sales and channel, said, “Sophos is a global company with global reach. Given our ‘Channel First’ sales strategy, it’s important that we have a strong physical presence in the areas that will drive the greatest opportunities. This is why we’ve expanded to the Bay Area, adding it to the other 40 offices we maintain around the world. Sophos is building a market-leading channel program, constantly recruiting and enabling top-notch partners to join our team. This new office provides more evidence of our growing investment in the North America IT security market.”

Meanwhile, the Sophos product development engine continues to hum. The company recently announced Sophos Cloud, an easy to deploy and simple to manage cloud-based service for endpoint protection. The latest version of Sophos Mobile Control delivers best-in-class mobile device management (MDM), enabling organizations of all sizes to use mobile devices such as iPhone, iPad, Android and Windows Phones, to get work done – simply, securely and reliably.

The company also continues to attract top industry talent, including John Keenan as vice president of North America Sales, Mary Winfield as senior vice president of Support, and Dan Schiappa as senior vice president and general manager of the Sophos End User Security Group.

You can read the original article here.

iMeter can monitor up to 496 of the following sensors from a single IP address:

• Current (Amps) using our unique intelliAmp® current sensor (pictured above)
• Voltage
• Temperature
• Humidity
• Airflow
• Water Leak
• Security (door contact or motion)
• Smoke

The unique combination of the sensors on offer means that IT and Facilities personnel can analyse the relationships between power usage, airflow and temperature to help assist data centre management decisions relating to cost control and reduction. The design of the Jacarta Go-Probe sensors enables the complete system to be implemented with zero downtime. The intelliAmp® current sensor can be clipped to the outside of 16 and 32 Amp power cables to monitor the True RMS current draw of single phase racks without any need to disrupt the power flowing into those racks.

interSeptor iMeter® can either be integrated into SNMP network management systems or, alternatively, Jacarta’s powerful iMS software can be used to monitor, log and report on iMeter sensor activity. The overall iMeter package offers a no-fuss, non-disruptive way of implementing an effective power monitoring solution that can influence and assist data centre efficiency decisions for years to come.

interSeptor iMeter Key Benefits:

• Modular system for easy implementation and budget-matching
• Zero downtime required for installation
• Quickly and easily compare power usage between data centre racks
• Track power efficiency improvements over time
• Use iMeter on-board logs or iMS software to identify where power savings can be made
• Monitor and assess the relationships between temperature, airflow and power usage to improve data centre efficiency
• Solution ensures that, in the unlikely event of sensor failure, there is no disruption to the power supply into your racks
• Integrated environmental and power monitoring ensures alerts can be received quickly to help prevent data centre catastrophe
• An array of additional features such as virtual sensor integration, modbus, SMS and voice alerts (with optional modem), etc. help to ensure that the iMeter can accommodate a broad variety of power and environmental monitoring requirements

You can read the original article here.

Embedded 4G model supporting 4G LTE for EU and worldwide GSM carriers and providing automatic fallback to 3G as needed. Technologies and frequency bands supported: 4G LTE (Band 1/3/7/8/20); WCDMA/HSDPA/HSUPA/HSPA+/DC-HSPA+ (900/2100 MHz).

 You can read the original article here.

Once Microsoft officially ends support for XP on Patch Tuesday in April (the last security update for XP), there will be no new security updates, non-security fixes, assisted support options, or online technical content updates from Microsoft.

That means that XP users, even those with anti-malware protection from Microsoft or security vendors, will face significantly higher security risks after the end of support. As Microsoft said in its announcement, “Our research shows that the effectiveness of anti-malware solutions on out-of-support operating systems is limited.”

To ease the burden of upgrading, Sophos will officially support Windows XP Service Packs 2 and 3 until at least September 30, 2015; and Windows Server 2003 until at least January 31, 2017. See our support knowledgebase for a complete platform support list.

Upgrading to newer Windows operating systems is causing plenty of problems for specialized systems, including for point-of-sale (POS) registers, medical devices, and even ATMs. For those using “embedded” versions of XP on specialized equipment, we recommend isolating these machines and restricting access to non-essential functions using application control available in next-gen firewalls.

In most cases, however, it’s time to upgrade. As Naked Security expert Paul Ducklin writes, Microsoft’s extended anti-malware support doesn’t really change much. “Windows XP will still officially fall off the edge of the world in April 2014 when Microsoft ends support,” Paul writes.

You can read the original article here.

As we explain below, next-generation firewalls are typically defined as firewalls enhanced with intrusion prevention and application intelligence. On the other hand, UTM systems include those features—plus additional technologies such as email security, URL filtering, wireless security, web application firewalls and virtual private networks (VPNs). In this view, UTM systems include NGFWs as components.

Manager’s guide to UTM and next-gen firewalls

UTM systems are among the most widely used tools in the information security arsenal. The concept of unified threat management is very appealing: multiple critical security technologies, integrated on a single platform, provided by a single vendor.
IT managers evaluating UTMs need clearly defined criteria to choose the right protection.

You may wonder: Is a UTM solution right for my organization? What security features are most important? What other issues need to be considered, such as ease of management and support for remote users?

Download our free guide to get the answers to these questions: A Manager’s Guide to Unified Threat Management and Next-Gen Firewalls. (Registration required).

You can read the original article here.

One of our SophosLabs researchers, Anna Szalay, made an interesting discovery recently: a new type of Android malware that slips in through a security hole in the USB debugging feature that allows developers to modify their Android devices. Naked Security expert Paul “Duck” Ducklin reports that this malware can intercept your SMS text messages to steal bank transaction details.

Duck explains in his post that intercepting SMSes from your Android phone allows the attackers to steal information they can use to access, for example, your email accounts or bank accounts:

The crooks want to infect you with malware that knows how to intercept incoming SMSes and redirect their content elsewhere. You can see where this is going: mobile malware that reads your SMSes before you do can steal important data such as the two-factor authentication (2FA) codes sent by your email provider or your bank, giving cybercriminals a way into your account despite the extra layer of protection in place.

SophosLabs detects this SMS-stealing malware as Andr/FakeKRB-H. As Duck explains, this malware gets onto your Android in a multi-step process that starts with your device getting infected by a crafty piece of Windows malware that sneaks in through the USB connection between your Android and a PC. This “helper” malware is a downloader detected by SophosLabs as Troj/DwnlAPK-A.

If you connect your Android to a PC infected by Troj/DwnlAPK-A, the malware sneaks in under the guise of files that “appear to be regular, clean files that enable full USB-to-phone connectivity on Samsung and LG devices,” Duck writes.

Then, once the downloader is installed, it loads the Android malware onto your device in what appears to be an app disguised as a Google-imitating “Google App Store” (the real Google store is simply called “Play Store”).

This is a good reminder that the bad guys continue to develop inventive ways of compromising our security to get at our most valuable data. Read the article at Naked Security to learn more about this malware and how to block it with security settings on your Android.

You can read the original article here and here.