1. Bitdefender Box: Protecting All Your Smart Devices

Bitdefender Box is an exceptional firewall hardware solution that provides comprehensive protection for all types of smart devices. Once installed, this device effectively blocks malware, prevents password theft, safeguards against identity theft, and fends off hacker attacks across all internet-connected devices. Bitdefender Box is compatible with various operating systems, including Windows, Mac, iOS, and Android. Additionally, it offers VPN (Virtual Private Network) capabilities, ensuring secure and private internet connections. This firewall hardware can also be utilized on a personal level, especially by parents seeking to protect their children from accessing inappropriate websites.

2. CUJO AI Smart Internet Security: Embracing the Power of AI and Machine Learning

While many security vendors still heavily rely on signature-based detection, CUJO AI stands out by utilizing cutting-edge technologies such as machine learning, data science, and AI. Their firewall, one of their flagship products, delivers unparalleled protection. The firewall’s machine learning classifier undergoes continuous training on diverse datasets, allowing it to identify malicious activities and anomalies within network traffic effectively. By analyzing behavioral patterns, CUJO AI’s firewall can predict potential dangers posed by websites or applications, providing advanced threat detection. With its multi-solution AI-driven software platform, CUJO AI offers network operators a powerful and intelligent firewall solution.

3. Firewalla: Simplified Firewall Protection for Everyone

Firewalla is a highly popular and user-friendly hardware firewall suitable for both homeowners and business owners with limited technical knowledge. This firewall solution combines multiple functionalities, including Firewall, IDS (Intrusion Detection System), IPS (Intrusion Prevention System), Behavior Engine, Network Management Station, and VPN server. Incorporating AI technology, Firewalla detects and alerts users about new devices connecting to the network, ensuring maximum security. It also promptly disables suspicious devices attempting to breach the network’s security, providing comprehensive protection against potential intrusions. Notably, Firewalla alerts users when they click on malicious links (such as phishing or malware) on their PC, tablet, or phone, and also detects instances where malware or infected files are being installed on connected devices.

4. FortiGate Next Generation: High-Performance Security for Your Network

The FortiGate Next Generation firewall, developed by Fortinet, offers high-performance network security, effectively preventing unauthorized access to your network. This firewall hardware provides advanced features such as application and user visibility, SSL inspection, and detection of unknown threats. With FortiGate, you have the ability to establish customized internet rules, enforce granular security policies, and gain visibility into users and devices for various applications. The firewall also offers real-time views of network activity through actionable application and risk dashboards and reports, empowering you to enhance your cybersecurity infrastructure significantly.

5. Protectli: Industry-Leading Firewall Devices

Protectli is a reputable provider of firewall devices known for offering some of the best options in the industry. Their products range from devices with 2 ports to those with 6 ports, catering to diverse network requirements. All Protectli firewall appliances feature a fanless and solid-state design, ensuring durability and longevity. An outstanding advantage of these appliances is their open-source nature, allowing users to have full control over the operating system that runs their network. With Intel-powered hardware, Protectli firewall devices deliver exceptional performance and reliability. To explore the available options, please visit their website.

6. SonicWall TZ400: Power-Packed Internet Drawbridge

SonicWall, headquartered in Silicon Valley, is renowned for its cybersecurity solutions. Among their top-tier products is the SonicWall TZ400 firewall hardware. This powerful firewall acts as an internet drawbridge, ensuring that intruders have no access to your network. The SonicWall TZ400 is equipped with SonicWall’s patented Reassembly-Free Deep Packet Inspection technology, providing enhanced security. Additionally, this firewall device offers lightning-fast transfer rates, supports multiple WAN (Wide Area Network) connections, and effectively protects against high-end attacks like Denial of Service (DoS). With its comprehensive features, the SonicWall TZ400 firewall is an excellent choice for taking your cybersecurity infrastructure to the next level.

7. SonicWall SOHO: Uncompromising Security for Small Offices

The SonicWall SOHO firewall device is designed to provide small offices with big-business protection and uncompromising security across both wired and wireless networks. By utilizing the TZ Series Unified Threat Management (UTM) firewalls, SonicWall ensures comprehensive network protection. The firewall covers multiple security aspects, including intrusion prevention, network-based anti-malware mitigation, content and URL filtering, and anti-spam services. SonicWall SOHO performs traffic inspection across all ports without compromising performance, offering a reliable and efficient firewall solution for businesses of all sizes.

8. Ubiquiti Unifi Security Gateway: Advanced Firewall and Router Combo

Ubiquiti Unifi Security Gateway is a versatile device that functions as both a router and a firewall. With its gigabit Ethernet speeds, this two-in-one solution effectively safeguards your network from intruders. By routing all incoming traffic through the firewall before reaching the router, Ubiquiti Unifi Security Gateway ensures thorough monitoring and protection of incoming data. Additionally, this advanced firewall device offers a range of network management features, enabling you to efficiently manage and secure your network infrastructure. Suitable for both home and business networks, Ubiquiti Unifi Security Gateway is a reliable choice for enhancing your cybersecurity defenses.

9. WatchGuard Firebox T15: Secure Protection for Remote Workers

WatchGuard Firebox T15 is a versatile firewall device that can be seamlessly deployed in various network environments. Particularly well-suited for small or home offices, the Firebox T15 provides full UTM protection for remote workers and smaller sites. With its Total Security Suite, this firewall hardware offers cost-effective security solutions, including ransomware prevention and data loss prevention. WatchGuard Firebox T15 ensures that your network remains secure and protected from a wide range of threats, making it an ideal choice for businesses seeking comprehensive cybersecurity measures.

10. Zyxel ZyWALL 110: Enhanced Protection with VPN Capabilities

Zyxel ZyWALL 110 is a VPN firewall designed to deliver robust protection against cyber-attacks without compromising network performance. This firewall hardware solution offers security for both local and remote networks, allowing users to establish secure VPN connections to their local networks even when accessing them remotely. With its faster processing capability, ZyWALL 110 prevents attackers from decrypting VPN tunnels, ensuring secure communication. Furthermore, this firewall device automatically switches to the backup connection in case of primary link failure and seamlessly switches back to the primary connection once it is back online. Another notable feature of ZyWALL 110 is its website content filter, a vital component of any firewall. With its comprehensive features and reliable performance, ZyWALL 110 has become a sought-after firewall solution in the industry.

In conclusion, protecting your organization’s data and network from cyber threats is of utmost importance in today’s digital landscape. A robust cybersecurity infrastructure begins with a reliable firewall. The top 10 firewall hardware options discussed in this article offer advanced features, exceptional performance, and comprehensive protection. Whether you’re a homeowner looking to secure your home network or a small business owner aiming to fortify your cybersecurity defenses, these firewall devices provide the necessary tools and functionalities to safeguard your valuable data. By implementing the right firewall hardware, you can ensure a secure online environment, mitigate potential risks, and stay one step ahead of cyber attackers.

The post Boost Your Cybersecurity Infrastructure with These Top 10 Firewall Hardware Solutions first appeared on AITechTrend.

The Origin of the Conspiracy Theory

The conspiracy theory about the death of the internet began to gain popularity in 2016 when several prominent online figures, including Julian Assange, founder of WikiLeaks, and Edward Snowden, a former National Security Agency contractor, warned about the growing surveillance and control of the internet by governments and corporations. The theory suggests that the internet, once a platform for free expression and the exchange of ideas, has been hijacked by a small group of people who control what we see, hear, and read.

The Evidence Supporting the Conspiracy Theory

There are several pieces of evidence that conspiracy theorists use to support their claims. One of the most significant is the increasing censorship of online content. Many social media platforms, including Facebook, Twitter, and YouTube, have been accused of censoring content that does not align with their political views. For example, YouTube has been criticized for removing videos that question the official narrative about COVID-19.

Another piece of evidence that conspiracy theorists cite is the growing power of tech giants like Google and Amazon. These companies have access to vast amounts of user data, which they use to manipulate and control the flow of information online. In addition, they have the power to influence search results and recommendations, which can have a significant impact on what people see and read.

The Role of Governments in Controlling the Internet

Governments also play a significant role in controlling the internet. Many countries have strict laws that regulate online content and monitor online activity. For example, China has a system of internet censorship known as the Great Firewall, which blocks access to websites and online services that the government deems inappropriate. Similarly, the United States government has been accused of spying on its citizens and collecting vast amounts of data through programs like PRISM.

Is the Internet Really Dead?

While there is some truth to the conspiracy theory, it is not entirely accurate. The internet is still a vast and diverse platform for information and communication. While there are concerns about censorship and control, there are also efforts to promote online freedom and protect user privacy. For example, many countries have laws that protect online privacy and freedom of speech.

Furthermore, advancements in technology are making it increasingly difficult for governments and corporations to control the flow of information online. Decentralized platforms like blockchain and peer-to-peer networks are providing new opportunities for online expression and the exchange of ideas.

Conclusion

The conspiracy theory about the death of the internet since 2016 is not entirely accurate. While there are concerns about censorship and control, the internet remains a powerful tool for information and communication. As technology continues to evolve, there will be new opportunities for online expression and the exchange of ideas. It is essential to remain vigilant about the threats to online freedom and work towards creating a more open and democratic internet.

The post Uncovering the Truth Behind the “Death” of the Internet in 2016 first appeared on AITechTrend.

Censys, the leading provider of continuous attack surface management, today announced it completed a $35 million Series B funding round led by Intel Capital. Previous investors including Google Ventures, Decibel and Greylock Partners also participated in the round. With this funding, Censys will continue to accelerate its R&D, engineering, product and sales operations. In addition, Brad Brooks, former CEO of OneLogin, has been appointed the company’s new chief executive officer to help accelerate the next phase of the company’s growth and product development.

Censys announced it completed a $35 million Series B funding round and appointed Brad Brooks as CEO.Tweet this

Organizations’ unmanaged internet assets continue to jeopardize their overall security posture with expansive attack surfaces for bad actors to exploit and introduce new risks and incidents. In 2020, internet-facing cloud assets were involved in 73% of reported cybersecurity incidents.¹ Censys’ mission is to provide intuitive attack surface management, enabling organizations to comprehensively manage their Internet-facing assets and risks regardless of host location, including discovering previously unknown internet assets. Censys’ attack surface management platform continuously discovers organizations’ internet assets and monitors them as part of a comprehensive inventory, identifies egregious security issues, and prevents oversights from becoming vulnerabilities by ensuring that assets are protected by integrating with existing security solutions.

“Censys provides a consolidated view into both internal and external attack surface and dependencies enabling security leaders to make informed risk decisions and provide swifter response to issues,” said Sunil Kurkure, Managing Director, Intel Capital. “As organizations continue to seek added protection against today’s advanced cyber threats, Censys has an opportunity to further build its attack surface management solution to help CISOs better manage the ever-expanding security perimeter. We’re thrilled to be a part of the exciting journey ahead.”

Brooks, a seasoned senior technology executive with over 25 years of experience working with management teams at DocuSign, Juniper Networks and Microsoft to innovate product lines and grow customer base, succeeds Lorne Groe, who served as interim CEO and will return to his role of CFO and COO. At Censys, Brooks will help lead the company into its next growth phase and accelerate its solutions roadmap that will provide more asset discovery and self-service capabilities for enterprises and government agencies.

“Censys has created a stellar attack surface management platform that organizations view as a security problem solver. This industry leadership is reflected in the significant triple-digit annual recurring revenue growth it has experienced year over year and the organizations it calls customers, including Google and the U.S. Department of Homeland Security,” said Brad Brooks, CEO, Censys. “I’m excited to join Censys as we begin this exciting new chapter and help bring more innovative capabilities to this rapidly growing attack surface management marketplace.”

The post Censys Completes $35 Million Series B Funding Round Led by Intel Capital first appeared on AITechTrend.

Its conclusion was “In a world where users will divulge their passwords in return for chocolate or in response to an enticing phishing email, the risk of quantum computers might not be our biggest threat.”

Let us assume, however, that quantum computing has suddenly made a quantum leap and becomes able to break today’s public key schemes. Would we have to despair?

We do not need to panic.  Bad guys, who have a quantum computer at hand, would still have to break the part of user authentication, that is NOT dependent on the public-key scheme, prior to accessing the target data, in the normal environment where secret credentials (= remembered passwords) play a big role.

What is remembered in human brain is outside the realm of computers.  Quite a few cryptography-obsessed security people are often indifferent to this simple and plain observation.

We could look to the power of identity assurance by our own volition and memory. It could help force quantum computing to work just for benefiting people, not for hurting people.

As such, whether quantum computing makes quick progress as anticipated or not, the solid digital identity with secret credentials will remain critical

What if the password is removed from digital identity?

A different observation could be extracted from the same report; “What does not exist will not get abused. We would achieve a more secure world by dumping the password altogether”. Some people seem to have jumped on this seemingly alluring perception. However, its consequence would only be catastrophic.

Assume that someone mentions “The army is so vulnerable to air attack. What is vulnerable to attack is detrimental to our defence. Therefore, we must remove the army so that we will have a stronger national defence.”

You might well suspect that they are making a bad joke because this proposition sounds too insane. It is not the case, however. The army-less defence should be viewed as valid where people believe in the merit of ‘password-less authentication.

“The password is so vulnerable to abuse. What is vulnerable to abuse is detrimental to security. Therefore, we need to remove the password so that we will have stronger identity security.” Here, the army is to national defence what the password is to identity security.

Practically, where our identity can be established while we are asleep, we would no longer have a restful sleep unless staying alone in a closed space locked from within or fenced by faithful bodyguards.

There is more to it. Where our identity is established without our volition/will confirmed, democracy is fatally eroded.

We do wish that no democratic governments will be misguided to get trapped in this kind of false reasoning.

By the way, many people consider biometrics as a key component for passwordless schemes. Our view of probabilistic biometrics is summarised in this article “What these 2 graphs tell us about biometrics”

Dual Causes of Password Predicament

Now we are going to examine the issues of secret credentials.

Our password headache may well be the consequence of these dual causes – ‘Use of Impracticable Password’ and ‘Non-Use of Practicable Password’; Everyone grumbles at the former, while few are well awake to the latter.

The practicable password we mean is the one that accepts ‘Non-text credentials’ in addition to ‘Textual credentials.

The secret credential (A) is made of the text credential (B) and the non-text credential (Non-B). The relationship between the three elements is illustrated above.

It is really a no-brainer question unless we are so reckless as to assume that a safe and orderly societal life can exist without a solid identity assurance that can only be made possible by the solid secret credential.

Episodic Image Memory

As the non-text credential, we propose to make use of our pleasant episodic image memory that had been acquired years or decades ago and solidly inscribed deep in our brain.

Images of toys, dolls, dogs, and cats, for example, that our children used to love for years would jump into our eye even when we are placed under heavy pressure and caught in severe panic, meeting any need of identity assurance in any demanding situations.

Use cases are quoted in this introductory 90-second video “Digital Identity for Global Citizens”

The aim of our enterprise is to make Expanded Password System solutions readily available to all the global citizens: rich and poor, young and old, healthy and disabled, literate and illiterate, in peace and in disaster – over many generations until humans invent something other than ‘digital identity’ for safe and orderly societal life.

Bring a healthy second life to legacy password systems

We do not have to replace or rebuild the existing text password systems for making use of episodic memory; images of our episodic memory can be turned into a high-entropy code with a simple tweak.

All that we need to do is ensure that existing password systems accept very long passwords, desirably hundreds of characters, for obtaining very high-entropy hashed values that can stand fierce brute force attacks.

The logic of ‘image-to-code’ conversion is demonstrated on our website along with relevant writings. Everyone can freely try and experience the flow of the process here – https://www.mnemonicidentitysolutions.com/

Password Manager powered by Expanded Password System

“Expanded Password System is no bad, but we do not need it. We can rely on password managers that are protected by a single strong password.  Password predicament is already sorted out by password managers”. This is what we often hear here and there.

Then, what if we come up with a password manager powered by an Expanded Password System?

It is ‘leak-proof’; the passwords, which are generated and regenerated on the fly by our image-to-code converter from users’ hard-to-forget episodic image memory, will be deleted from the software along with the intermediate data when it is shut down.

The merits of episodic image memory enable us to easily handle multiple password managing modules with multiple unique sets of images; it helps us avoid creating a single point of failure.

We expect the EPS-powered password manager to be a good tool to actually bring a healthy second life to ubiquitous legacy password systems.

Expanded Password systems will continue to contribute to safe cyberspace even when quantum computing has destroyed the part of identity authentication that depends on public-key schemes.

Please keep an eye on the progress.

The post Quantum Computing and Password Authentication first appeared on AITechTrend.

Many projects attempt to achieve scalability by sharding including Ethereum 2.0. Sharding requires partitioning of the network into multiple shards and each shard will achieve consensus on its own. By definition, sharding reduces the number of participating nodes and potentially increases the chances of a 51% attack.

A major reason that blockchain can not scale is transactions are received in a different order by different nodes. It is time-consuming for nodes to agree on the order. Bitcoin and Ethereum force mining nodes to use a lot of electricity to find solutions to a hard computational puzzle. Whoever solves the puzzle first gets to decide on the order of the transactions and create the next block in the blockchain.

Domino Blockchain uses the following approaches to solve the seemingly insolvable trilemma and create a blockchain that is scalable, secure, permissionless, and with unlimited participation and decentralization.

1. Domino creates a cryptographic hash order for all received transactions. Transaction ordering is no longer determined by the block producers. Instead it is determined by the cryptographic hash algorithm and persisted to the blockchain. We call this Proof of Time (PoT). This is conceptually similar to Solana’s Proof of History (PoH, Reference 1), but with important differences in architecture and implementation.
2. Domino uses a special Proof of Stake (PoS) algorithm called Fast Byzantine Agreement (FBA, Reference 2) as consensus for block production and validation to achieve transaction finality in 3.5 seconds.
3. Domino introduces a hybrid validation model to enhance security while maintaining unlimited participation and decentralization. We introduce a new decentralized firewall, composed of mobile devices and laptops around the world, used to endorse transactions and surveillance block production and validation. Any device can join the network to perform these functions and get rewarded. Endorsement of transactions is done by sampling random nodes and obtaining sufficient staking. This process can greatly reduce the number of erroneous transactions. An unlimited amount of nodes can be used to perform this function (we call it surveillance nodes or decentralized firewall). Block production and validation is performed by a set of high-bandwidth and high-performance commercial-grade servers (we call them core nodes). The core nodes are distributed all over the world. Surveillance nodes are only involved with surveillance of the blockchain and endorsement of transactions. They do not produce blocks. By separating blockchain surveillance from block production/validation we enable unlimited decentralization, extensive participation, and enhanced security through surveillance. Any mobile device and computer can join the network without permission and hardware restrictions.
4. Introduce a new consensus algorithm (Domino Consensus) that can quickly identify fraudulent nodes from a large number of surveillance nodes.
5. Introduce a decentralized storage as part of the blockchain to offload large data or old data. This is particularly useful to store NFT image data with high resolution.

Domino surveillance nodes use AI technology to detect error patterns such as:

• Double spending
• Over spending
• Dust attack or denial of service attack
• Long range attack
• Forged signature
• Misbehaving block producers and validators
• Parallel chains 

Any misbehavior will be marked and propagated to the whole network. Any producer or validator confirmed as the misbehaving node will be removed from the blockchain network and staked token will be slashed. Solana network was attacked by denial of service recently and the network was down for more than 12 hours. Domino blockchain leverages surveillance nodes and AI technology to detect such attacks and eliminate the attackers from the network at a very early stage to avoid significant damages or downtime to the network.

The world’s fastest blockchain deployed to date is the Solana network with a throughput of 50,000 TPS on 200 nodes with a block time of 400 ms. Domino blockchain prototype performs at 100,000 TPS on 360 nodes with a block time of 200 ms. Solana uses a variation of Practical Byzantine Fault Tolerance (PBFT) called Tower Consensus. Its throughput (TPS) may reduce when more nodes join the network, as in PBFT network traffic increases quadratically as the number of nodes increases. Domino utilizes a modified

FBA that can perform at the same TPS even when the number of nodes increases to 100,000. The scalability is achieved without relying on any layer 2 solutions or sharding. Domino will use the super-fast blockchain to build an ecosystem including a global peer-to-peer payment system, a decentralized exchange, Defi, NFT application or marketplace, games, and many other decentralized applications. For more information please email jack@dominochain.com.

References:

1. Anatoly Yakovenko, Solana whitepaper, https://solana.com/solana-whitepaper.pdf
2. Jing Chen, Sergey Gorbunov, Silvio Micali, Georgios Vlachos, Algorand Agreement, Super Fast and Partition Resilient Byzantine Agreement, https://eprint.iacr.org/2018/377.pdf

The post Domino – A Highly Scalable Blockchain Using AI for Mass Adoption first appeared on AITechTrend.

ActZero was founded in 2019 to bring a dramatic new approach to cybersecurity to small and mid-size businesses, and it has raised a $40 million Seed round led by Point72 Hyperscale. Last year, ActZero acquired IntelliGO Networks, a Toronto-based cybersecurity services firm. As part of the launch, IntelliGO has been rebranded as ActZero to reflect that the firm now offers a unified, AI-driven security platform.

“We custom-built ActZero to provide best-in-class cybersecurity efficiently for the businesses that need it most,” said Sameer Bhalotra, the CEO and cofounder of ActZero and former Senior Director for Cybersecurity in the Obama Administration. “To realize our vision, we’ve combined the power of artificial intelligence with the unique strengths of human threat hunters. We believe this combination represents the future of cybersecurity — as well as the key to unlocking the promise of artificial intelligence.”

Small and middle-market organizations often face similar threats as large enterprises, but without the resources to protect themselves. This leaves them vulnerable to threat actors who target smaller businesses due to the lack of appropriate security controls. According to a survey by the U.S. Small Business Administration, 88% of small business owners feel their business is vulnerable to cyber threats, but many cannot afford traditional managed security services and they have limited time to devote to cybersecurity.

This is a natural area for innovation using artificial intelligence. Machine learning makes it possible to identify more threats more quickly and with greater accuracy, by automating manual work, pattern-matching for threats, and benefitting from network effects. Yet game-changing technology has tended to be limited by an overreliance on (and over-marketing of) the belief that AI is a silver bullet in threat detection. In reality, AI and ML are enablers in threat hunting, and the success of those is highly dependent upon the strength of the threat hunters using the data. This is where ActZero’s focus on combining cutting-edge artificial intelligence with expert threat hunters is unmatched in improving the security posture of organizations.

It can take artificial intelligence startups years to acquire sufficient data to train their models. IntelliGO’s experience and learning in the market preceded the availability of AI technologies, and the combination accelerated ActZero’s ability to train its models. Our unified, AI-driven security platform is able to ingest high volumes of data from diverse sources, reducing the noise of detections, to build tailored risk profiles — resulting in better, more precise protection. Threat hunts enabled by artificial intelligence can manage and contain risks at a fraction of the cost of traditional approaches, and exponentially less than a customer trying to build out its own security operations center (SOC).

“ActZero has developed an elegant solution for addressing the most pressing security concerns of SMBs today with its unified, AI-powered platform,” said Dan Gwak, head of Point72 Hyperscale.  “ActZero is unique in its appreciation for and realization of a combined people and automation model. We believe that ActZero has the potential to transform how security solutions are delivered to help businesses achieve better security posture more affordably. We’re excited to partner with them on this critical journey.”

To learn more about ActZero, visit actzero.ai.

The post Cybersecurity startup ActZero announces its public launch with $40 million investment led by Point72 Hyperscale first appeared on AITechTrend.

Milton Security, a leading provider of Threat Hunting as a Service, XDR & MDR (MxDR) SOC Services, announced today the Milton Argos Platform (MAP) 2.0 is successful in locating potential Exchange Server attacks, including the four recent zero-day vulnerabilities that have been actively exploited on over 30,000 servers. The AI assisted threat hunting tool uses Artificial Intelligence and Machine Learning coupled with human expertise to detect, deter, and mitigate threats in real time.

The MAP 2.0 platform can analyze millions of security events every second which allows the highly-trained Threat Hunting Team at Milton Security to focus on the most relevant instances. The Exchange Server vulnerabilities allow cyberattackers to gain access to the admin controls in order to install additional malware or stealing data. These web shells are password protected remote interfaces with the purpose of allowing access from anywhere in the world.

The zero-day vulnerabilities impact on-premise Exchange Server 2013, Exchange Server 2016, and Exchange Server 2019, however, Exchange Online is not affected.

• CVE-2021-26855: CVSS 9.1: a Server Side Request Forgery (SSRF) vulnerability leading to crafted HTTP requests being sent by unauthenticated attackers. Servers need to be able to accept untrusted connections over port 443 for the bug to be triggered.
• CVE-2021-26857: CVSS 7.8: an insecure deserialization vulnerability in the Exchange Unified Messaging Service, allowing arbitrary code deployment under SYSTEM. However, this vulnerability needs to be combined with another or stolen credentials must be used.
• CVE-2021-26858: CVSS 7.8: a post-authentication arbitrary file write vulnerability to write to paths.
• CVE-2021-27065: CVSS 7.8: a post-authentication arbitrary file write vulnerability to write to paths.

“Our team at Milton Security has been working closely with industry partners, including Microsoft, to understand the nature of these vulnerabilities, how they are being used, and where the attacks are originating from,” said James McMurry, Milton Security CEO. “Our clients entrust us to be efficient and effective when it comes to retro hunting and mitigating risks, especially in instances like these where an attack can happen quickly with very little evidence that a nation-state had access, or worse, still has access to your Exchange Servers. Our Milton Argos Platform allows us to cover a lot of ground in a very short amount of time to detect.”

Milton Security operates a 24*7*365 unique Extended Detection & Response/Managed Detection & Response (MxDR) service that provides Threat Hunting As A Service using customers’ existing security infrastructure. For 14 years, Milton’s team of Threat Hunters have stopped thousands of threats and assisted organizations in protecting themselves around the clock. Milton focuses on the best combination of AI, ML, and Human Correlation, to scout for threats, assist with incident response activities and protect hundreds of customers around the clock.

The post Milton Argos Platform (MAP) 2.0 Helps Customers Locate Potential Exchange Attacks first appeared on AITechTrend.