View Post

Creating the next-generation human firewall

In Blog post by Clavister Blog StaffLeave a Comment

There’s an old saying in the motor racing world which states the most critical – and dangerous – component in a car is the nut that holds the steering wheel.  It’s similar in IT security:  one of the biggest problems with protecting networks is the thing that works the mouse. Think about it.  Your corporate network can be protected with the most sophisticated, up-to-date tools and technologies, but ransomware and malware can completely bypass these protections if a user unwittingly invites the infection in.  The invitation is as simple as clicking a link on an infected website, or opening a legitimate-looking attachment that then reaches out to a compromised server …

View Post

Psst, wanna buy USD500 million worth of NSA cyber weapons?

In Blog post by Sam ColemanLeave a Comment

Though the agenda of hacker group Shadow Brokers is unclear, one thing is for sure: advanced, state developed cyber weapons falling into nefarious hands could be the equivalent of WMD being bought and deployed by ISIS. What could be in the NSA toolbox that could be so cataclysmic? Decrypted News finds out what could be lurking in this Pandora’s Box. Last week’s revelation of opaque Shadow Brokers’ claim to have hacked the equally hidden Equation Group’s NSA toolbox—and their subsequent offer to auction off the best cyber weapons from the raid for 1 million bitcoins—was initially met with nigh universal professional skepticism from security experts. Equation Group—the Blackwater type black …

View Post

Smartphones take a back seat to IoT proliferation

In Blog post by Sam ColemanLeave a Comment

As IoT devices get set to outpace smartphones and tablet devices, bandwidth demands and mobile security become critical for telecom operators. Once upon a time, the conventional wisdom spoke of smartphones and tablets demanding more and more data demands on mobile connectivity. As such, telecoms worked vigorously to get capacity and its 4G data pipe sufficiently widened to accommodate that projected demand; a sigh of relief could be heard by mobile operators as bandwidth a tidal wave was averted. Then came the realization that IoT devices would be more ubiquitous, be even more prolific than smartphones. And the race is on again. “IoT is now accelerating as device costs fall …

View Post

Census stopped: avoiding the DDoS disruption that hit the Australia census website

In Blog post by Clavister Blog StaffLeave a Comment

Australia’s first ever digital census suffered serious disruption on August 9th, after a series of distributed denial of service (DDoS) attacks took the system offline. Embarrassingly, this followed the boss of the Australian Bureau of Statistics (ABS) saying that:   “We have load tested it at 150 percent of the number of people we think are going to be on it on Tuesday for eight hours straight and it didn’t look like flinching.” The point is, of course, that while load testing is a crucial part of website planning, design and operation – and should certainly not be neglected – it is not the most useful mitigation technique in the face …

View Post

Security lessons from the $70 million Bitfinex bitcoin heist

In Blog post by Clavister Blog StaffLeave a Comment

Nearly 1% of all the Bitcoins in circulation are estimated to have been stolen in a hack of the Hong Kong-based Bitfinex exchange.  Nearly 120,000 Bitcoins were stolen in an attack that forced the platform to suspend trade – at that time, the value of the stolen cryptocurrency stood at $72.3 million. The loss caused the overall value of Bitcoin to drop 20%, and it has yet to fully recover.  Bitfinex also recently announced it is ‘sharing’ the losses across its users by reducing the value of their accounts by 36%, which has caused further controversy. Bitfinex has dismissed suggestions that the breach resulted from tampering with encryption or affecting …

View Post

Zero Days

In Blog post by Sam ColemanLeave a Comment

A hot new documentary brings the reality of cyber warfare to the world’s attention by telling the tale of the Stuxnet virus—the first such weapon developed by the US and Israelis to attack the Iranian nuclear program. Takeout? The cyber weapon may be more dangerous than the atom bomb. Film reviewers, security industry analysts and policy makers are hailing Alex Gibney’s new documentary, Zero Days, as a landmark movie that alerts the world to the growing threat of a full scale cyber war. “Easily the most important film anyone has released this year, it is a documentary that deserves to be seen by every sentient citizen of this country—and indeed …

View Post

Marbach Group secures its global network scalably with Clavister

In Blog post by Clavister Blog StaffLeave a Comment

The Marbach Group, a leading manufacturer of large packaging materials headquartered in Germany, has deployed Clavister next-generation firewalls to secure its global IT network. Working with its German IT consultancy and system integrator Stainczyk & Partners, Marbach has deployed Clavister firewalls in High Availability (HA) clusters, implementing two highly scalable appliances in a multistage installation at every Marbach site. Clavister was chosen as its solutions deliver high-performance, scalable security, enabling Marbach to respond to its changing requirements according to the company’s needs with centralized control by its IT team. “In addition to the good price-performance ratio and the easy management of the Clavister appliances we were impressed by the wide …

View Post

Seeing clearly: inspecting SSL encrypted traffic without compromising performance

In Blog post by Clavister Blog StaffLeave a Comment

The use of Secure Socket Layer (SSL) encryption is growing fast.  It is already estimated to make up somewhere between 15% and 25% of all website traffic, with some specific industry sectors recording even higher volumes.  It’s demanded as a matter of course in certain contexts by regulatory compliance frameworks like PCI DSS and HIPAA, and it’s used by a number of popular business applications such as Dropbox, Microsoft Exchange, and Salesforce.com. As a result, inspecting SSL traffic has become a key enterprise IT security priority. Just as your business data is protected by SSL encryption, to prevent it being read by prying eyes, malicious website traffic is also using …

View Post

Taking back control against DDoS attacks

In Blog post by Clavister Blog StaffLeave a Comment

Distributed denials of service (DDoS) attacks have returned to the headlines in recent weeks, with successful attacks launched against both international bank HSBC and the enormously popular smartphone app Pokémon GO. DDoS attacks are occasionally pushed to the background in cybersecurity discussions:  they’re not as sophisticated as advanced malware or ransomware attacks, and are sometimes viewed as a kind of brute-force digital vandalism – problematic, but an inconvenience rather than a critical issue. However, we believe this attitude is a mistake. DDoS attacks can be enormously dangerous.  A website or other online service that’s unavailable can cause direct revenue losses immediately, while the longer-term reputational damage from having a website …

View Post

Real security for virtualized mobile network infrastructures

In Blog post by Clavister Blog StaffLeave a Comment

Mobile network operators (MNOs) and carriers are embracing virtualization technologies, as part of an overall shift from inflexible hardware-based architectures to nimbler, faster, more scalable virtualized deployments.  As well as changing the way that networks are designed, built and managed, virtualized infrastructures make it easier, quicker and cheaper for carriers to adjust key performance characteristics, implement new connections and new routes – a topic covered in this article, published by Vanilla+  from our CTO, John Vestberg. MNOs also need greater flexibility to cope with the explosion in mobile data traffic, which has been driven by demand for streaming media services and a rapidly increasing amount of IoT devices.  According to …