View Post

Lessons from the Vault 7 breach

In Blog post by Clavister Blog Staff0 Comments

The recent Vault 7 leak  has been described as the biggest disclosure of classified information on backdoors, and espionage tools and techniques since the documents released by former CIA employee Edward Snowden appeared in 2013. Some believe the new leak may be bigger still. In any case, here are four important points to note from the leak, together with their implications for security. Zero-day flaws are a problem – but not your main challenge A large proportion of the leaked CIA exploits are focused on unknown vulnerabilities in products from major technology companies – so-called ‘zero-day flaws’. These are a major concern for IT security teams, precisely because they usually remain …

View Post

Free webinar: leveraging Deep Packet Inspection for cybersecurity, Tuesday 21 March

In Blog post by Clavister Blog Staff0 Comments

Deep Packet Inspection (DPI) is one of the cornerstones of an effective cybersecurity strategy.  Whereas basic firewalls and gateways use Stateful Packet Inspection (SPI) to determine if network traffic packets should be allowed or blocked by simply examining the packet header and footer, more advanced security appliances using DPI also scrutinize the packet’s contents before deciding whether to allow the packet through. Simply put, it’s the difference between examining only outside of a parcel before deciding it’s safe, and opening the parcel to see what’s inside to be truly certain it has no malicious contents.  So how does DPI play a fundamental role to strengthening cybersecurity solutions like next-gen firewalls, …

View Post

Pure jean-ius: Clavister’s next-generation firewalls deliver security for MUSTANG

In Blog post by Clavister Blog Staff0 Comments

MUSTANG is one of the largest jeans and casual clothing manufacturers in Europe. Founded in the 1930s in Germany as a denim and lifestyle brand, it was the first European provider of jeans. It has grown into a Europe-wide business, with around 80 shops and 15 showrooms and offices in Germany, Austria, Switzerland, Russia, Belgium, the Netherlands, Luxembourg, Poland and Hungary. Now, Clavister is delighted to announce that MUSTANG relies on our security appliances to secure connections and communications between its head office in Künzelsau, Germany, and almost 100 shops and branch office locations across Europe. To keep MUSTANG’s operations running smoothly, all of its disparate branches need to be …

View Post

Building security into the IoT

In Blog post by Clavister Blog Staff0 Comments

The rapidly expanding Internet of Things (IoT) has ushered in some major cybersecurity challenges over the past few years. Indeed, we’ve known for some time now that security in the IoT is often severely problematic or even non-existent. 2016 saw the emergence of the giant Mirai botnet, which specifically targeted smart devices such as Internet-enabled digital video recorders (DVR) and surveillance cameras (CCTV). It was used to launch DDoS attacks of unprecedented scale, brought down Brian Krebs’ website in September and has since been used to target a whole range of organizations.  We blogged in January about the enormous impact a Mirai attack had on Deutsche Telekom, for example. The …

View Post

Gone phishing? How to educate employees about the risks of phishing emails

In Blog post by Clavister Blog Staff0 Comments

A comprehensive cybersecurity strategy incorporates multiple elements. Technology is one part of the picture, sure – you need the right tools, appliances, software and hardware in place to protect against malicious network access and to identify problems as they occur. But people are an equally important component. Employees make mistakes, and can be tricked into handing over the keys to the castle, allowing cybercriminals direct access to confidential data and protected systems. The Chief Information Security Officer at the Department for Homeland Security (DHS) in the US recently stated that the biggest security threat they face is spear phishing – that is, employees being targeted with highly personalized emails that …

View Post

A more competitive edge: Clavister partners with Aptilo for edge computing

In Blog post by Clavister Blog Staff0 Comments

One of the major challenges of the ever-expanding Internet of Things (IoT) for businesses is the question of how to deal with the rapid growth of endpoint devices in a typical enterprise IT architecture. Latency and bandwidth limitations mean that applications with real-time requirements are increasingly likely to fail, because traditional architectures simply cannot cope with the increased demands. This is where ‘edge computing’ comes in. It’s a way of meeting these increased networking demands by providing data, applications and services locally or at the network edge using SDN/NFV technologies. From a security point of view, this means moving services like intelligent policy enforcement to the network edge. Now, Clavister …

View Post

Of BYOD, AI and you

In Blog post by Sam Coleman0 Comments

How do artificial intelligence and endpoint security equal the latest way to stop the nastiest threats out there – ransomware, identity theft and DDoS? It all started with our liberation… Oh, how our work lives have changed over the space of the last few decades. You came to work, you logged onto the company PC that was chained to your desk, one that was ported to the on-premises company network, overseen by the diligent and friendly company IT administrator. You went home, went on a trip and forgot to bring a document or a spreadsheet? Tough luck; you’re not connected to your office network probably and if you were, it …

View Post

A powerful vote for multifactor authentication

In Blog post by Clavister Blog Staff0 Comments

Now that the dust is settling after the U.S. Presidential election, it’s worth looking back at one of the most controversial issues that happened during the run-up to the election itself – and at how that issue might never have happened, if the parties involved had been using the appropriate cybersecurity measures. The issue started in March 2016 when the personal Gmail account of John Podesta, chairman of Hillary Clinton’s 2016 U.S. presidential campaign was hacked following a spear-phishing attack.  The hackers stole several thousand emails, many of which pertained to Clinton’s election campaign activities, and these were passed to Wikileaks, which published them in early October, ahead of the …

View Post

How virtualized security will transform telcos’ networks

In Blog post by Clavister Blog Staff0 Comments

As communications service providers (CSPs) transform their businesses to deliver next-generation connectivity and services, they are embracing virtualization, to take advantage of optimized network efficiency, greater agility and the opportunity to create new revenue streams – all of which can be done easier and quicker in virtualized environments. One of the key drivers is the transition to 5G, and enabling IoT environments that will require cost-effective and flexible solutions if they are to be commercially feasible.  5G is all about high performance and low latency, which will require more distributed environments, closer to the end user.  The same is true for IoT, with millions of connected devices to the network …

View Post

Securing critical infrastructure against … squirrels

In Blog post by Clavister Blog Staff0 Comments

Sophisticated cybercriminals and nation-state attackers.  Out-of-date hardware and software.  Weaponized malware.  Disgruntled ex-employees. Careless current employees.  We’re all familiar with some of the potential cyber-risks to critical infrastructure and networks.  But what about squirrels? Yes, squirrels. Recent research has shown that more than 1700 power cuts affecting nearly 5 million people since 2013 were directly attributable to animals damaging power lines, leading to outages.  Squirrels came top of the list, responsible for an impressive 879 of these ‘attacks’ by gnawing through electricity cabling around facilities.  The researcher behind the project said he started tracking these issues in an attempt to dispel some of the hype around cyberattacks made by individuals …