View Post

Why is security the elephant in the room for smart cities?

In Blog post by Clavister Blog Staff0 Comments

A recent technology round-table discussion in The Guardian newspaper covered the ‘rise of the connected machines’ – the internet of things, in which billions of intelligent devices will interconnect to link to deliver greater efficiency and flexibility – and ultimately lead to smart cities.  So what?  I hear you say.  Here’s what – the round table did not once cover how these devices and their connections will be secured, and data they handle protected from interception or disruption. Is security really the elephant in the room when it comes to the internet of things?  If so, we need to stop ignoring it and start working out way to deal with …

View Post

Why segmenting networks is key to mitigating the impact of attacks

In Blog post by Clavister Blog Staff0 Comments

Over the past 18 months, we’ve seen a number of large-scale attacks that have compromised the point-of-sale (PoS) systems of major retailers, such as Target and Neiman Marcus.  This week uncovered another attack aimed at PoS systems, with the aim of stealing consumer card data.  The attack uses a new piece of malware, ‘NitlovePOS,’  which targets PoS terminals running Windows. In common with previous attacks against PoS systems, NitlovePOS starts with a phishing email with an infected document attachment.  If the user clicks to open the document, the infection is launched and will start trying to track down payment card data. This is why proper segmenting of networks, to separate …

View Post

Is hacking a video billboard a sign of the times?

In Blog post by Clavister Blog Staff0 Comments

Earlier this week, a group of hackers managed to get the access credentials to a video billboard in Atlanta, Georgia, and replaced the scheduled advertisements with a pornographic image that took passers-by somewhat by surprise. While no harm was done – apart from causing mild offence to a number of people – this incident does show just how vulnerable these public systems can be to tampering and external control.  With ‘smart cities’ being a current buzzword, just how well-protected are the interconnected systems that are the lifeblood of these new developments?  What impact could a hacker have on those systems – for example, influencing traffic control signals, or fire suppression …

View Post

Will data breaches and cyber attacks really cost $2 trillion per year soon?

In Blog post by Clavister Blog Staff0 Comments

A new report from Juniper Research has stated that the annual cost to businesses of data breaches will quadruple by 2019, to $2.1 trillion globally.  The report suggests that while many of these attacks will be directed at the networks and devices that are already in place and being used by businesses and consumers, they will be accelerated by the expanding use of smart devices on the Internet of Things. It’s easy to dismiss these figures as scaremongering, and lacking a solid foundation.  But when you look a little closer at recent high-profile breaches, it’s possible to see just how damaging and costly a breach can be. After the 2013 cyberattack …

View Post

WordPress PlugIn Flaw Could Allow Sites to be Hijacked

In Blog post by Clavister Blog Staff0 Comments

News has emerged of a new vulnerability in a popular, default WordPress plugin that could allow an attacker to hijack websites built using the platform.   Discovered by a researcher at consultancy Sucuri, the flaw is a cross-site scripting (XSS) vulnerability in the Twenty Fifteen plugin, which is installed on all WordPress sites.  Another widely-used plugin, JetPack, is also vulnerable.   Luckily, the vulnerability can be fixed by removing an html file from their sites, as detailed in the article here.   We’ve warned before about security vulnerabilities and flaws in popular platforms that create opportunities for attackers:  it’s thanks to the diligence of security researchers that these flaws are discovered and …

View Post

Reporting coming to Clavister InControl

In Blog post by Mattias Nordlund0 Comments

Reporting is a new feature that will be integrated and included in Clavister InControl version 1.50 which will be available later this summer. This new reporting feature will allow you to generate informative reports using our predefined reports, or fully customised reports to suit your specific needs. It will give you as an administrator a good view into what is happening in your networks and give you the ability to share this information with users and customers in an easy and powerful way. Highlights Multiple pre-defined reports Powerful report design tool where you can create your own reports and define and customise each report section with Section Title, Body Text, Graphs, Log Analyzer Query and Filters Possibility to …

View Post

IT and network security lessons from Game of Thrones

In Articles by Clavister Blog Staff0 Comments

The epic fantasy drama Game of Thrones chronicles the struggles of the family houses of Lannister, Stark, Baratheon and Targaryen to secure absolute leadership of the Seven Kingdoms. Underpinning the political plotting and military manouvers to win the Iron Throne are a series of security leaks, breaches and flaws which prove pivotal to families’ successes – and failures.  Despite the fact that communications in Westeros are done by messengers on horseback and ravens, rather than email, mobile and IM, there are still serious security lessons that can be learned. InformationAge has published an article by Clavister CEO, Jim Carlsson which looks at the key security issues highlighted in the TV series, …

View Post

itSoft delivers security-as-a-service with Clavister

In Articles by Clavister Blog Staff0 Comments

We have recently extended our partnership with itSoft, a leading ISP and cloud managed services provider in Croatia.  itSoft is using our next-generation firewalls to secure its own data centers, and deliver a suite of managed security services to customers in central Europe. itSoft is offering its customers a range of service options based on Clavister solutions, from firewall-only to firewall with IPS, bandwidth management, application control, and so on.  Customers can build their own security-as-a-service (SECaaS) package which can be updated and changed to meet current requirements, paying only for the services that they deploy. Vedran Vujasinović, itSoft’s Chief Information Security Officer, said: “As we deliver hosted solutions to our …

View Post

Clavister introduces its new blog

In Blog post by Nikolas Georgii0 Comments

Welcome to our brand new blog – Clavister is a network security vendor delivering a full range of network security solutions for both physical and virtualized environments. Our network security solutions are used by a wide range of organizations throughout the world, including mobile and network security solutions for large enterprises, cloud service providers and telecom operators. Our product portfolio demonstrates world-class performance, flexibility and robustness. We continue to innovate and pioneer new and exciting areas in network security. Our Clavister product line is available both as hardware appliances and virtual appliances. Each appliance series offers the same award-winning Clavister functionality and gives you the ultimate choice in selecting the right network …

View Post

Gemalto: An Uneasy Sense of Deja vu

In Articles, Blog post by Nikolas Georgii0 Comments

Following the recent revelation that NSA and the British GCHQ hacked into leading digital security company Gemalto, potentially stealing millions of SIM card encryption keys, the IT Security and comms industry could be forgiven for feeling a strong sense of déjà vu. Less than two years since the initial Snowden leaks, the news should perhaps should come as no surprise, but once again businesses globally were left asking just exactly who was targeting their data. While ‘lawful interception’, that is a well-documented, clearly traceable process with a legal basis and that offers no surprises, has always been accepted, the uncovering of widespread state sponsored hacks and surveillance has led to …