December 22, 2024

Silent Circle Unveils Enterprise Platform, New Devices

Posted on March 2, 2015 by in Security

Silent Circle Launches Enterprise Platform and New Devices Including Blackphone 2 and Blackphone+ Tablet

Silent Circle today unveiled two new devices as part of its Blackphone product line, along with a with new enterprise platform that combines devices, software and services into a privacy and security focused mobile architecture.

New hardware unveiled by the company includes the Blackphone 2 and the privacy focused tablet, Blackphone+.

Scheduled to be available in the second half of 2015, Blackphone 2 and offers hardware improvements over its predecessor, including a faster 8-core processor, three times more RAM, a longer lasting battery, the company said. The smartphone also integrates with existing Mobile Device Management systems and comes with a larger Full HD display.

Arriving later in 2015, the Blackphone+ tablet will offer privacy for mobile workers, the company said.

News of the enterprise platform and new hardware offerings comes just days after the company announced that it had agreed to buy out a joint venture with Geeksphone, giving Silent Circle a 100 percent ownership stake in SGP Technologies and full ownership of the privacy and security focused Blackphone product line. 

Offerings and enhancements coming as part of the new platform include:

PrivatOS 1.1 – The first major upgrade to the Android-based operating system created by Silent Circle introduces Spaces, an OS-level virtualization and management solution that enable devices to separate work from play. Geared specifically for the enterprise, PrivatOS allows users to keep enterprise and personal apps separate, while enabling IT administrators to lock and wipe enterprise managed ‘Spaces’ when necessary.

PrivatOS can also now integrate with several Mobile Device Management (MDM) platforms as a result of partnerships with Citrix, Soti and Good Technology.

Silent Suite, a set of core applications with peer-to-peer key negotiation and management, now includes Silent Meeting, a new, secure conference calling system that supports multiple participants. 

Aditional services offered as part of the enterprise platform include:

Silent Store – Installed on all Blackphone devices, the world’s first privacy-focused app store features apps from the developer community vetted by Silent Circle.

Silent World – An encrypted calling plan that lets users communicate privately with those who don’t have Silent Phone. Silent Worlds allows users to call anyone within the Silent Circle coverage areas privately, with no roaming charges or extra fees.

Silent Manager – Silent Manager gives enterprises a simple web based solution for managing plans, users and devices.

“Traditional security solutions have failed global enterprise in a mobile world and make data and privacy breaches feel inevitable to most enterprises,” said Mike Janke, Co-Founder and Chairman of the Silent Circle Board at a press conference held at Mobile World Congress 2015 this morning. “What’s more, these breaches have evolved and have much broader impact. They now put every customer, employee and partner at risk. They are eroding the trust people have in enterprises. They have moved privacy firmly to the top of the boardroom agenda.”

“Enterprises have been underserved when it comes to privacy,” said Bill Conner, President and CEO of Silent Circle. “Traditional approaches to security have failed them. We’re here to fix that. We have to understand that to achieve real privacy now requires security plus policy. That new equation is driving everything we do in building the world’s first enterprise privacy platform.”

In May 2014, Silent Circle announced that it had decided to move its global headquarters from the Caribbean island of Nevis to Switzerland, in order to take advantage of the country’s privacy laws. 

Last week, the company also announced that it had raised approximately $ 50 million in a private, common equity round to support accelerated growth.

Subscribe to the SecurityWeek Email Briefing

view counter

Managing Editor, SecurityWeek.

Previous Columns by Mike Lennon:


SecurityWeek RSS Feed

Numerous Vulnerabilities Found in Zenoss Core Management Platform

Posted on December 8, 2014 by in Security

Researchers have uncovered a total of 20 security holes in Zenoss Core, the free, open-source version of the application, server, and network management platform Zenoss.

According to an advisory published on Friday by the CERT Coordination Center at Carnegie Mellon University (CERT/CC), the vulnerabilities were identified and reported by Ryan Koppenhaver and Andy Schmitz of Matasano Security.

One of the most serious flaws is CVE-2014-6261, which can be exploited by a remote attacker to execute arbitrary code.

Code Vulnerabilities“An attacker who is able to get a victim to visit an attacker-controlled website while logged in to the Zenoss interface can execute arbitrary code on the Zenoss installation. Additionally, an attacker who is able to perform a man-in-the-middle attack between the Zenoss installation and Zenoss’ corporate ‘callhome’ server – or control the ‘callhome’ server – can execute arbitrary code on the Zenoss installation,” reads Zenoss’ description of the vulnerability.

Another serious vulnerability (CVE-2014-9246) is caused by the fact that sessions don’t expire. In order to exploit the bug, an attacker needs to obtain a targeted user’s session ID and copy it to his own computer. When the victim logs in, the attacker will be logged in as that user.

Researchers have also identified cross-site request forgery (CSRF), persistent cross-site scripting (XSS), information disclosure, open redirect, authorization bypass, and denial-of-service (DoS) vulnerabilities. In addition, the experts discovered multiple issues related to passwords, including the lack of password complexity requirements, a weak hashing algorithm, and the storing of passwords in plaintext in the session database.

These vulnerabilities have been assigned the following CVE identifiers: CVE-2014-6253, CVE-2014-6254, CVE-2014-9245, CVE-2014-6255, CVE-2014-6256, CVE-2014-9247, CVE-2014-9248, CVE-2014-6257, CVE-2014-9249, CVE-2014-6258, CVE-2014-6260, CVE-2014-9251, CVE-2014-6259, CVE-2014-6262 and CVE-2014-9252.

The vulnerabilities affect Zenoss Core 4.2.4. Two of the flaws, the session expiration bug and an open redirect in the login form (CVE-2014-6255 and CVE-2014-9246), have been addressed by Zenoss with the release of the latest Zenoss Core 4.2.5 service pack, CERT/CC said. The company is internally tracking the other bugs and plans of fixing them in a future maintenance release of Zenoss Core 5, which is currently in beta.

Zenoss does not plan on addressing CVE-2014-9250, which can be exploited by an attacker to obtain a user’s username and password by retrieving the authentication cookie. The company advises customers who want to use cookie-based authentication to ensure their installations operate over SSL/HTTPS.

 

Subscribe to the SecurityWeek Email Briefing

view counter

Previous Columns by Eduard Kovacs:


SecurityWeek RSS Feed

FireEye Unveils All-in-One Platform to Detect, Contain and Mitigate Threats

Posted on February 10, 2014 by in Security

FireEye, a provider of solutions that help companies block advanced cyber attacks, has expanded its FireEye Security Platform in an effort to offer customers a single solution that spans from threat detection and alerts to remediation.

The enhancements incorporate endpoint protection and managed security services from Mandiant, the company FireEye recently acquired for roughly $ 1 billion. Additionally, the updated platform includes new analytics and intrusion prevention capabilities, FireEye said. 

FireEye IPO

The FireEye Security Platform is powered by the company’s Multi-Vector Virtual Execution (MVX) engine that conducts signature-less analysis in a specialized sandbox to provide protection across the primary threat vectors—Web, email and files. FireEye’s Security Platform also has been updated to include FireEye Dynamic Threat Intelligence.

Overall, FireEye said that the new capabilities of its FireEye Security Platform include:

Intrusion Prevention System – A new intrusion prevention system applies FireEye’s MVX technology to validate attacks and minimize the time and resources security teams spend investigating false alerts. Users get actionable insight from validated alerts so they can focus on alerts that present the greatest risk and accelerate incident response.

Endpoint Threat Detection & Response – The platform now incorporates Mandiant’s endpoint threat detection and response products (formerly sold as Mandiant for Security Operations). FireEye customers can now confirm when network and email alerts result in compromise.

Threat Analytics – New threat analytics capabilities allow security teams to apply FireEye’s threat intelligence to security event data generated from their existing security infrastructure so they can find and scope attacks as they are unfolding. A cloud-based solution, the threat analytics can perform real-time correlation of event logs against FireEye’s threat intelligence to identify when attackers are active in an environment.

Managed Defense Subscription Services – New subscription services build on FireEye’s continuous monitoring subscription service by offering additional expertise from Mandiant’s Managed Defense service. Organizations will now be able to choose from an expanded menu of monitoring and protection services and draw on FireEye security analysts to actively hunt for adversaries to find and stop attacks as they begin to unfold.

“FireEye is enabling us to address new layers of security infrastructure with the advanced technology that made their core products so effective,” said Brandy Peterson, CTO, FishNet Security. “The new platform will allow us to approach our customers with the right mix of new technology, updates for outdated products and services to help protect them from today’s advanced attacks.”

The new products and services are expected to be available during the first half of 2014, the company said.

Managing Editor, SecurityWeek.

Previous Columns by Mike Lennon:


SecurityWeek RSS Feed

FireEye Extends Threat Prevention Platform to SMBs

Posted on December 10, 2013 by in Security

FireEye, the recently-gone-public provider of threat protection solutions, has made its flagship threat prevention platform available for small and midsize businesses (SMBs).

The platform, dubbed “Oculus” by FireEye, is a real time, continuous threat protection platform that helps organizations protect intellectual property and data. Oculus for SMB combines technology, services, and threat expertise in a solution specially tailored to small and midsized businesses, the company said.

FireEye for SMBs

According to Verizon’s 2013 Data Breach Investigations Report, of the 621 confirmed data breaches examined, nearly half occurred at companies with fewer than 1,000 employees, including 193 incidents at organizations with fewer than 100 workers. These stats clearly show that attackers are targeting smaller businesses that often lack advanced IT security protections that larger enterprises tend to have in place.

According to the U.S. Small Business Administration, SMBs represent 99 percent of U.S. businesses, and according to research firm IDC, SMB spending on security technology is predicted to top $ 5.6 billion in 2015.

Oculus for SMB leverages FireEye’s advanced threat prevention platforms for Web, email, and mobile, and includes:

Web threat protection: With the FireEye NX series platform, SMBs can stop Web-based attacks often missed by next-generation firewalls (NGFW), IPS, AV, and Web gateways. The NX series protects against zero-day Web exploits and multi-protocol callbacks to keep sensitive data and systems safe.

Email threat protection: SMBs can leverage cloud-based or the on-premise EX series platform to protect against today’s advanced email attacks.

Mobile threat protection: SMBs can leverage a cloud-based platform to address threats targeting mobile devices and help ensure that mobile apps are safe to use.

Oculus for SMB also provides Continuous Monitoring to help ensure that constrained security resources do not hinder an organization’s ability to counter targeted threats. Capabilities include:

Continuous Monitoring: FireEye threat intelligence augments customer IT teams to proactively recognize advanced persistent threat (APT) attacks.

Cybercon Reports: Vertical-specific threat information provides a view of the landscape so SMBs are better prepared to manage risk in their specific threat environment.

Health Check: Alerts notify customers when their deployments fail remote health checks to ensure uninterrupted protection against advanced threats.

“FireEye is putting virtual machine technology into the hands of SMBs,” said Manish Gupta, FireEye senior vice president of products. “With the FireEye solution, SMBs obtain a simple and scalable security solution for advanced threats to safeguard corporate assets and drive down business risks. SMBs will enjoy unmatched advanced threat protection solution with continuous monitoring to augment their limited resources.”

Earlier this year, the security firm claimed that in over 95% of its prospective customer evaluations, it found incidents of advanced threats that were conducting malicious activities and that successfully evaded the prospective customers’ existing security infrastructure

The company was founded in 2005 by Ashar Aziz who served Chief Executive Officer until November 2012, and was followed by David DeWalt who previously served as president and CEO at McAfee from April 2007 until February 2011, after Intel’s surprise $ 7.68 billion acquisition of McAfee.

Managing Editor, SecurityWeek.

Previous Columns by Mike Lennon:


SecurityWeek RSS Feed