Expert(s):
Founder and CTOfeature_status*/ ?>
Hysolate

Comments Dotted : 14
August 12, 2020

Experts Insight On Researchers Discovered Multiple Security Vulnerabilities In Zoom
Zoom is one of the most popular non-browser apps these days, and its vulnerabilities should be among enterprises’ primary concerns.
Zoom is one of the most popular non-browser apps these days, and its vulnerabilities should be among enterprises’ primary concerns. Unfortunately, we'll see additional such vulnerabilities and subsequent attacks with collaboration tools such as Zoom, Teams, and Slack, as they all have a wide attack surface. To really protect against endpoint threats in a comprehensive way, enterprises should adopt OS isolation techniques that move sensitive enterprise apps, data, and credentials into a.....Read More
Zoom is one of the most popular non-browser apps these days, and its vulnerabilities should be among enterprises’ primary concerns. Unfortunately, we'll see additional such vulnerabilities and subsequent attacks with collaboration tools such as Zoom, Teams, and Slack, as they all have a wide attack surface. To really protect against endpoint threats in a comprehensive way, enterprises should adopt OS isolation techniques that move sensitive enterprise apps, data, and credentials into a separate OS that is isolated from riskier external-facing apps.  Read Less
April 02, 2020

Comment: Zoom Client Leaks Windows Login Credentials To Attackers
Zoom is one of the most popular non-browser apps these days.
Especially in the current situation, enterprises must keep in mind that user devices use a variety of apps that go beyond just email and internet. Zoom is one of the most popular non-browser apps these days, and has new vulnerabilities enterprises should care about. This includes the recently discovered Zoom Client vulnerability that allows a remote attacker on a Zoom call to receive a user's Windows credentials. Unfortunately, we'll see an increase of such attacks on collaboration tools such.....Read More
Especially in the current situation, enterprises must keep in mind that user devices use a variety of apps that go beyond just email and internet. Zoom is one of the most popular non-browser apps these days, and has new vulnerabilities enterprises should care about. This includes the recently discovered Zoom Client vulnerability that allows a remote attacker on a Zoom call to receive a user's Windows credentials. Unfortunately, we'll see an increase of such attacks on collaboration tools such as Zoom, Teams, and Slack, as they all have a wide attack surface. To really protect against endpoint threats in a comprehensive way, enterprises should adopt OS isolation techniques that move sensitive enterprise apps, data, and credentials into a separate OS that is isolated from riskier external-facing apps.  Read Less
March 25, 2020

Hysolate Comments On Microsoft Vulnerabilities In Adobe Type Manager Library
The vulnerability is still unpatched to date.
The latest Windows 7 vulnerability gives enterprises yet another reason to migrate away from Windows 7. If a user opens a malicious document on Windows 7, the machine can be immediately compromised. The vulnerability is still unpatched to date. As a workaround, enterprises are advised to apply one of the mitigations provided by Microsoft in the link below.* For enterprises that are stuck with Windows 7 because the need to support legacy applications, consider using OS/VM isolation solutions.....Read More
The latest Windows 7 vulnerability gives enterprises yet another reason to migrate away from Windows 7. If a user opens a malicious document on Windows 7, the machine can be immediately compromised. The vulnerability is still unpatched to date. As a workaround, enterprises are advised to apply one of the mitigations provided by Microsoft in the link below.* For enterprises that are stuck with Windows 7 because the need to support legacy applications, consider using OS/VM isolation solutions that allow you to run Windows 7 and Windows 10 simultaneously, side-by-side, so that the Windows 7 OS is isolated to a separate segment that isn't directly connected to the internet and to sensitive corporate assets.  Read Less
March 19, 2020

Skyrocketing VPN Usage – Experts Input
The more users are working from home, the greater the risk.
A Virtual Private Network (VPN) might give employees (and organizations) a false sense of security. A VPN only secures the communication channel between the employee's workstation and the corporate network. However, as a massive amount of home workers now start to use their personal workstations to access corporate assets, it's only a matter of time until we see a soaring number of cyberattacks that originate from these personal devices that can be easily breached. If devices are infected with.....Read More
A Virtual Private Network (VPN) might give employees (and organizations) a false sense of security. A VPN only secures the communication channel between the employee's workstation and the corporate network. However, as a massive amount of home workers now start to use their personal workstations to access corporate assets, it's only a matter of time until we see a soaring number of cyberattacks that originate from these personal devices that can be easily breached. If devices are infected with malware, even workers who use a VPN client cannot evade attackers who can ride their VPN connection to raise havoc in enterprise networks. The more users are working from home, the greater the risk. Organizations should instruct employees to use trusted dedicated workstations to access sensitive corporate assets and avoid using their multi-purpose personal devices.  Read Less
March 05, 2020

Experts On Research: Privileged Access Incursions
Attackers continue to target privileged users as they are practically their highway into the heart of the enterprise.
Attackers continue to target privileged users as they are practically their highway into the heart of the enterprise. Instead of fighting firewalls, hardened cloud services and perimeter defenses, determined attackers can follow a simpler two-step process to own an organization: the first step would be to identify a privileged user (e.g. an IT admin) based on his social network profiles; the second step would be to infect his laptop and to collect all of his credentials. By doing so, the.....Read More
Attackers continue to target privileged users as they are practically their highway into the heart of the enterprise. Instead of fighting firewalls, hardened cloud services and perimeter defenses, determined attackers can follow a simpler two-step process to own an organization: the first step would be to identify a privileged user (e.g. an IT admin) based on his social network profiles; the second step would be to infect his laptop and to collect all of his credentials. By doing so, the attacker can get access to domain management systems, email accounts, databases, customer information, etc. This is a single hop attack that doesn't even require any lateral movement within the network and can go unnoticed by normal enterprise security mechanisms. This is why we're seeing such a surge in malicious privileged account usage as the report highlights. Organizations must isolate access to privileged resources in a way that makes an infection on the user's laptop irrelevant.  Read Less
March 04, 2020

Expert On Report: ‘Malware-free’ Attacks Now Most Popular Tactic Amongst Cybercriminals
Organizations should consider isolation solutions that take sensitive apps and systems and put them in a completely separate zone.
Using endpoint security agents or EDR engines can help detect known malicious behavior, but cannot really protect against advanced persistent threats that leverage fileless malware or malware-free techniques, such as using legitimate software and legitimate user actions to do harm. For example: a malicious actor that leverages legitimate video conferencing and remote control software (e.g. Webex/TeamViewer/Zoom) to spy on users and impersonate their actions would not use any malware and.....Read More
Using endpoint security agents or EDR engines can help detect known malicious behavior, but cannot really protect against advanced persistent threats that leverage fileless malware or malware-free techniques, such as using legitimate software and legitimate user actions to do harm. For example: a malicious actor that leverages legitimate video conferencing and remote control software (e.g. Webex/TeamViewer/Zoom) to spy on users and impersonate their actions would not use any malware and wouldn't do any malicious action that triggers an alert in such systems. To comprehensively protect against such threats organizations should consider isolation solutions that take sensitive apps and systems and put them in a completely separate zone out of reach of external or internal attack actors.  Read Less
February 24, 2020

Expert Analsysis Of US Defense Agency Says Personal Data ‘Compromised’ In 2019 Data Breach
But they're still using the same techniques to get their way in - though endpoints.
For years we had been seeing the number of days it takes to identify a breach reduce year over year, but just this year that number climbed again and it's because attackers are getting better and smarter at covering their tracks. But they're still using the same techniques to get their way in - though endpoints. Once an attacker has made their way onto an endpoint, it's far too easy for them to gain access to credentials and pivot their way to sensitive information. We recommend that.....Read More
For years we had been seeing the number of days it takes to identify a breach reduce year over year, but just this year that number climbed again and it's because attackers are getting better and smarter at covering their tracks. But they're still using the same techniques to get their way in - though endpoints. Once an attacker has made their way onto an endpoint, it's far too easy for them to gain access to credentials and pivot their way to sensitive information. We recommend that organizations isolate sensitive information - especially defense organizations that arguably hold some of the most valuable secrets and data. It's critical to keep this information locked-down and separate from the areas where workers conduct day-to-day activities which are more at risk.  Read Less
February 21, 2020

Personal Details Of 10.6M MGM Hotel Guests Posted On A Hacking Forum – Cybersecurity Experts React
The biggest gap relates to users and their devices.
This is yet another example of attackers having the upper hand. Defenders have to protect a huge attack surface with multiple points of failure. The biggest gap relates to users and their devices. With over 5.7 million source code files and 50+ million lines of code (estimate), it’s almost impossible to successfully defend the operating system (OS) running on a user’s device. For this very reason, Microsoft is now recommending that users leverage an isolated and dedicated OS to conduct.....Read More
This is yet another example of attackers having the upper hand. Defenders have to protect a huge attack surface with multiple points of failure. The biggest gap relates to users and their devices. With over 5.7 million source code files and 50+ million lines of code (estimate), it’s almost impossible to successfully defend the operating system (OS) running on a user’s device. For this very reason, Microsoft is now recommending that users leverage an isolated and dedicated OS to conduct sensitive or privileged tasks, and another isolated OS to conduct their daily corporate/personal tasks. There are two ways to accomplish this - physical air gaps via two physically separated devices, or, virtual air gaps which leverage virtualization to isolate two or more operating systems on one physical device.  Read Less
February 20, 2020

Experts Insight On Ransomware Attack Forces U.S. Gas Pipeline To Shut Down
Isolation can be achieved by a strong physical or virtual "air gap".
Organizations that handle critical infrastructure cannot trust OS-based security solutions as these had been proven to fail over and over again, similar to this recent example of ransomware successfully hitting US-based OT networks. Instead, these organizations must apply isolation/segregation approaches both at the network level and at the endpoint level. Isolation can be achieved by a strong physical or virtual "air gap", but must ensure that the IT or OT assets do not have direct network.....Read More
Organizations that handle critical infrastructure cannot trust OS-based security solutions as these had been proven to fail over and over again, similar to this recent example of ransomware successfully hitting US-based OT networks. Instead, these organizations must apply isolation/segregation approaches both at the network level and at the endpoint level. Isolation can be achieved by a strong physical or virtual "air gap", but must ensure that the IT or OT assets do not have direct network connectivity from one to the other.  Read Less
February 14, 2020

Hysolate Comments On Protecting Endpoints Against Ransomware
70% of breaches still start on the endpoint.
This echoes a number of recent industry reports, where, despite all of our collective R&D and Investment in continuing to protect the endpoint through a variety of means, the results have not improved as much as we'd hope, and if anything, in some cases they've become worse: 1. 70% of breaches still start on the endpoint. 2. From 2018 to 2019, Dwell Time (the number of days a threat remains undetected within a given environment) increased from 85 to 95 days.And possibly most interestingly,.....Read More
This echoes a number of recent industry reports, where, despite all of our collective R&D and Investment in continuing to protect the endpoint through a variety of means, the results have not improved as much as we'd hope, and if anything, in some cases they've become worse: 1. 70% of breaches still start on the endpoint. 2. From 2018 to 2019, Dwell Time (the number of days a threat remains undetected within a given environment) increased from 85 to 95 days.And possibly most interestingly, the most impactful attacks were focused on Business Disruption (Most often this was caused by ransomware, destructive malware or denial of service attacks.) This is not to imply that new technologies are completely ineffective, in fact quite the opposite, its arguable that if we didn't have these current solutions and services, our digital way of life as we know it today may not exist. That being said, vulnerabilities continually present themselves, while the adversary is always evolving and is still finding ways to be effective. In response, as of late 2018, Microsoft began recommending a new Cybersecurity Reference Architecture, where the OS for Privileged Access Workstations is isolated from the OS leveraged for daily corporate use. Through all of this, we're seeing many organizations come to the same realization - you cannot protect the OS from within the OS.  Read Less