Tag: Latin America
The project, launched worldwide this month and involving a total investment of €45 million, is the confirmation of... Source: RealWire
Built with Geo localisation capabilities for added security, the Naka Mobile IoT SIM is currently live in 25,000 point of sale (PoS) terminals in... Source: RealWire
Collaboration between the two security innovators will arm organisations with powerful anti-phishing security services,... Source: RealWire
There's no misdemeanor.
I didn’t plea to nothing."
IT Management Software Company Ipswitch Expands EMEA Operations to Provide Sales, Channel and Operations Support
November 14, 2016 – Galway.
IT and network management software company Ipswitch today announced it has opened a permanent EMEA (Europe, Middle East and Africa) centre of excellence at Citypoint, Galway, Ireland.
The permanent office location signifies a substantial investment for the company and supports its EMEA growth strategy.
Twelve research and development, sales and technical support team members will initially move in with a plan to increase headcount up to 60 in line with the positions announced in March 2016.
The expanded EMEA core team, based in Galway, will provide local language and local time zone technical and sales support to their in-country partners and customers across Europe.
They will also provide central support for the company’s in-country teams across Germany, UK, France, Italy and the Middle East.
The centre will host a dedicated partner and customer demonstration suite for sales, which will facilitate events and training.
Ipswitch plans to hire skilled employees from within the local community to facilitate its growth.
The company is partnering closely with both the National University of Ireland Galway and Galway Mayo Institute of Technology Business & Computer Science faculties for graduate opportunities.
Michael Hack, SVP of EMEA Operations commented: “In October 2015 we set an aggressive target to double our EMEA business by 2018. We’re on track and seeing double digit growth.
Then in March 2016, when we first set up a support and operations centre in Ireland in shared offices where we planned to hire nine people by the end of 2016. Under John McArdle’s leadership, Ipswitch EMEA Channel Director, we’re already well ahead of plan with 12 employees within several functions including R&D, technical support, sales and technical writing roles. We have a further two additional positions approved to hire this year, which will bring the office to 14 employees or 55% higher that our original plan.
This fast track growth now means that Ipswitch needs a permanent office space that we can expand into. We plan to create the announced 60 jobs that will be based in the new Galway office over the next five years.
“The opening of our state of the art office in a prime city centre location will allow us to scale to grow the needs of our large client base and attract the talent we need for our business. Having a dedicated senior and technical team in the heart of Europe will have a big impact on the level of support and business development we can offer our partner network and customers across the region, ultimately driving growth.”
The development is supported by the Department of Jobs, Enterprise & Innovation through IDA Ireland.
The privately owned company which has its headquarters in Lexington, Massachusetts, employs over 300 people in the US, Europe, Asia and Latin America.
Ipswitch software has been installed on more than 150,000 networks in 168 countries, with customers including Hamleys, NHS Wales, Cambridgeshire County Council and Community Integrated Care.
Ipswitch already has research and development centres in Germany, Atlanta and Augusta, Georgia, and Madison, Wisconsin.
Ipswitch IT and network management software provides secure control over business transactions, applications and infrastructure.
The vendor’s unified infrastructure and applications monitoring software provides end-to-end insight, is staggeringly flexible and simple to deploy.
Its information security and managed file transfer solutions enable secure, automated and compliant business transactions and file transfers for millions of users.
Performing the official opening at the company’s new offices this afternoon, the Mayor of Galway, Councillor Noel Larkin, said: “This move by the company to these larger, permanent premises represents a substantial investment and commitment by the company to Galway city and region.
I am pleased that the region’s talented local workforce and supportive business environment has helped Ipswitch get off to a strong start here and I wish them every success in the future.”
IDA’s Regional Business Development Manager for the West, Catherina Blewitt, said: “IDA is delighted to see Ipswitch confirm its commitment to Galway with this move to permanent offices, allowing the company to grow its staff up to the full complement of 60 jobs announced in March and allowing scope for further growth.
The arrival of this global IT management software company has added considerably to the region’s reputation as a major technology hub. We look forward to supporting the company in its future growth and wish them continued success here.”
Today’s hard-working IT teams are relied upon to manage increasing complexity and deliver near-zero downtime.
Ipswitch IT and network management software helps them succeed by enabling secure control of business transactions, applications and infrastructure.
Ipswitch software is powerful, flexible and easy to try, buy and use.
The company’s software helps teams shine by delivering 24/7 performance and security across cloud, virtual and network environments.
Ipswitch Unified Infrastructure and Applications Monitoring software provides end-to-end insight, is extremely flexible and simple to deploy.
The company’s Information Security and Managed File Transfer solutions enable secure, automated and compliant business transactions and file transfers for millions of users.
Ipswitch powers more than 150,000 networks spanning 168 countries, and is based in Lexington, Mass., with offices throughout the U.S., Europe, Asia and Latin America.
For more information, please visit http://www.ipswitch.com/, or connect with us on LinkedIn and Twitter.
For more information:
Rebecca Orr or Charlotte Hanson
Office: +44 (0) 1252 717 040
Ellen Lynch, Regional Communications, Press & PR Executive +353 874112084 firstname.lastname@example.org
That is not correct, however.
Time Warner programmers such as HBO, CNN, and Turner Broadcasting System also have dozens of FCC licenses that let them upload video to satellites used by pay-TV companies. These licenses are crucial for distributing video to cable TV providers.
It isn't only satellite TV companies like Dish or the AT&T-owned DirecTV that use satellites to send programmers' video to consumers' homes—even cable companies like Comcast use what's called a "headend in the sky" to receive and distribute video. The FCC's list of active satellite Earth station licenses shows that CNN America has 36 such licenses covering operations at specific locations. HBO and HBO Latin America have a combined seven licenses, and Turner Broadcasting System has 14 licenses.
That's 57 licenses that could trigger an FCC review. Licenses for some of the same locations were part of the FCC's review of Time Warner's merger with AOL in 2001. AT&T would love to avoid an FCC review, which in the past has killed deals such as AT&T/T-Mobile and Comcast/Time Warner Cable. (Note that Time Warner and Time Warner Cable are completely separate entities and that Time Warner Cable is not involved in the AT&T deal.) AT&T's announcement of its Time Warner deal said that the companies are still "determining which FCC licenses, if any, will be transferred to AT&T in connection with the transaction," suggesting that it may not need to seek FCC approval of license transfers at all. While the Department of Justice could sue to block the AT&T/Time Warner merger on antitrust grounds, the FCC reviews deals based on a "public interest" standard that forces the merging companies to prove that the deal is good for consumers. Application is required but hasn’t been filed yet The FCC hasn't commented specifically on AT&T/Time Warner, but an FCC spokesperson told Ars today that transfer of the satellite Earth station licenses would require the companies to file an application for transfer.
The FCC would perform a public interest review that includes giving the public plenty of time to comment on the proposed transaction, just as the FCC has done with other major mergers. While Time Warner could sell off the properties with the licenses, that also would require an application to the FCC and trigger a public interest review.
Such a move might not make sense in either a business or regulatory sense. "If we're talking about licenses integral to their businesses, trying to divest them to avoid FCC approval smacks of evasions, and I think the FCC would look askance at such an effort," one industry lawyer who spoke with Ars earlier this week said. While most license transfer reviews are simple, unopposed, and processed quickly, significant transactions are reviewed thoroughly. The FCC has not yet received an application for license transfers from Time Warner to AT&T, but it isn't unusual for there to be some time between the announcement of a merger and the application filing, a commission spokesperson said. AT&T has said it expects the FCC to have "a seat at that table" when the Department of Justice does an antitrust review.
But AT&T still hasn't publicly committed to seeking FCC approval for license transfers, and the company has not answered our questions this week. (UPDATE: AT&T responded to us after this story published.
The company repeated its earlier statement that it is still determining whether any Time Warner licenses will be transferred to AT&T, adding, "We take a very simple approach here: we follow the law and so whatever the law requires, that's always what we'll do.") An FCC review wouldn't necessarily sink AT&T's $85.4 billion purchase of Time Warner.
AT&T knows the process well, having used it to gain approval of last year's acquisition of DirecTV. The AT&T/Time Warner merger is being criticized by various consumer advocacy groups and could raise concerns at the FCC.
As we've previously written, owning Time Warner would give AT&T incentive to raise the prices that its rivals (such as Comcast, Charter, and Verizon) pay to distribute Time Warner programming on their cable TV systems, which could indirectly raise consumers' TV bills. AT&T could also harm online video services that compete against DirecTV by charging them higher prices for content or refusing to license videos. AT&T could favor Time Warner video on its mobile network by letting it stream without counting against the data caps applied to video services like Netflix. The FCC has recently used merger reviews to limit the harm Internet service providers can do to online video services.
In the AT&T/DirecTV merger, the FCC barred AT&T from exempting its own online video services from home Internet data caps that are applied to competitors (though this condition was not applied to mobile networks). When Comcast tried to purchase Time Warner Cable, the FCC refused to approve the deal largely because a bigger Comcast would have posed an "unacceptable risk" to online video.
AT&T claims that there won't be any negative consumer effects of its purchase of Time Warner because they don't compete directly against each other, but that's for the Justice Department—and likely the FCC—to decide.
This time the infection vector is not a targeted remote desktop intrusion, but a more massively propagated malicious campaign relying on traditional spam email. Since the infection is not done manually by the bad guys, their malware has a higher chance of being detected and we believe that is one of the reasons for them to have added one more level of protection to the code, resorting to a binary dropper to launch the malicious payload. Given that this particular ransomware is fairly well known by now, instead of opting for the usual branding and marketing efforts in which most ransomware authors invest time, this group has decided to choose an unnamed campaign, showing only an email address for technical support and a bitcoin address for making the payment.
It has become a kind of urban legend that if you can’t find something on Google, then it doesn’t exist. Not very long ago, we saw the birth of truly autochthonous Brazilian ransomware, without much technical sophistication and mainly based on an open-source project. While there’s a long road ahead for local bad guys to achieve the level of the key players on the ransomware scene, this particular family is interesting to study since there have been versions in English, Italian, and now Brazilian Portuguese.
Is this ransomware being sold as a commodity in underground forums with Brazilian crews just standing on the shoulders of giants? Or is this a regional operation just starting out? As one of the very few ransomware variants that prepend a custom ‘Lock.’ extension to the encrypted files instead of appending it, the task of recognizing this malware is not particularly difficult. However, understanding its true origins could still be considered an ongoing debate. The drop If we trust that the first transaction corresponds to the very first victim, the campaign has probably been active since 2016-04-04 17:29:26 (April 4th, 2016).
In reality, this is not exactly accurate.
The timestamp of the original dropper shows that the sample was actually compiled at the beginning of October: That would mean that the criminal behind the campaign might have had different ransomware campaigns running in the past, or is just using the same BTC wallet for more than his criminal deeds. The dropper is protected by the popular .NET obfuscator SmartAssembly, as can be seen by the string “Powered by SmartAssembly 184.108.40.206”. Once executed, it tries to mask itself in the Alternate Data Stream of the NTFS file system in Windows: “%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup\Sims.exe:Zone.Identifier It’s capable of disabling Windows LUA protection: “HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\POLICIES\SYSTEM”; Key: “ENABLELUA”; Value: “00000000”(cmd.exe /c %WINDIR%\System32\reg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /fReg.exe ADD HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System /v EnableLUA /t REG_DWORD /d 0 /f) The mechanism used to write new information to the registry is quite unusual: it uses the official windows application ‘migwiz.exe’ in order to bypass the UAC screen, not requiring any action from the user to execute with elevated privileges. The malware is able to do that by writing a library ‘cryptbase.dll’ to the same folder as the ‘migwiz.exe’ file.
Then, as soon as it’s launched, the process will load this library, which has a WinExec call that will launch the command line provided by the parameter. The reason why they are using MigWiz is because this process is one that is in Microsoft’s auto-elevate list, meaning it can be elevated without asking for explicit permission. As a simple mean of information gathering, the dropper will read the name of the infected computer: HKLM\SYSTEM\CONTROLSET001\CONTROL\COMPUTERNAME\ACTIVECOMPUTERNAME”; Key: “COMPUTERNAME Moreover, it includes data stealer techniques, such as retrieving information from the clipboard, or while it’s being typed on the keyboard.
Additionally it has the capability to reboot the user’s machine. @4333be: push ebp@4333bf: mov ebp, esp@4333c1: sub esp, 14h@4333c4: push ebx@4333c5: mov ebx, dword ptr [ebp+08h]@4333c8: lea eax, dword ptr [ebp-04h]@4333cb: push eax@4333cc: push 00000028h@4333ce: call dword ptr [00482310h] ;GetCurrentProcess@KERNEL32.DLL@4333d4: push eax@4333d5: call dword ptr [0048202Ch] ;OpenProcessToken@ADVAPI32.DLL@4333db: test eax, eax@4333dd: je 0043341Eh@4333df: lea ecx, dword ptr [ebp-10h]@4333e2: push ecx@4333e3: push 00487D68h ;SeShutdownPrivilege Finally, it drops and executes the file tmp.exe (corresponding hash B4FDC93E0C089F6B885FFC13024E4B9). Hello sir, hello madam, your fines have been locked After the infection has been completed, as is usual in all ransomware families, the ransom note is shown.
This time, it is written in Brazilian Portuguese and demanding 2000 BRL, which equates to around 627 USD or 1 BTC at the time of writing. The bitcoin address provided (1LaHiL3vTGdbXnzyQ9omsYt8nFkUafXzK4) for payment shows total deposits for 1.89 BTC although many transactions have been made since the creation of this wallet.
This is leading us to believe that either the criminal has been using the wallet for other purposes or they have bargaining with the victims and offering them a lower price, as depicted by the amount in each transaction. The ransom note is very succinct, without giving any special payment URL or any other type of information.
The victim will have to learn about bitcoin payments the hard way, and should they need support they can reach the criminals through a single email point of contact. AVISOOla Sr(a),TODOS os seus arquivos foram BLOQUEADOS e esse bloqueio somente serão DESBLOQUEADOScaso pague um valor em R$ 2000,00 (dois Mil reais) em BitcoinsApós o pagamento desse valor, basta me enviar um print para o email@example.com estarei lhe enviando o programa com a senha para descriptografar/desbloquear o seus arquivos.Caso o pagamento não seja efetuado, todos os seus dados serão bloqueadospermanentemente e o seu computador sera totalmente formatado(Perdendo assim, todas as informações contidas nele, incluindo senhas de email, bancárias…)O pagamento deverá ser efetuado nesse endereço de Bitcoin:1LaHiL3vTGdbXnzyQ9omsYt8nFkUafXzK4Para converter seu saldo em bitcoins acesse o site:https://www.mercadobitcoin.com.br/conta/register/ Growth of ransomware in Brazil The growth of ransomware in Brazil has been nothing short of impressive, taking into consideration that during October 2016 alone the popular ransomware family Trojan-Ransom.NSIS.MyxaHaTpyne.gen family grew by 287.96%, and another of the usual suspects Trojan-Ransom.Win32.CryptXXX.gen grew by 56.96%, (when compared to the previous month in each case.) In 2016, the 3 most important families of ransomware have been Trojan-Ransom.Win32.Blocker, accounting for 49.63% of the total infections, Trojan-Ransom.NSIS.Onion, 29.09%, and Trojan-Ransom.Win32.Locky, 3.99%. Currently, Brazil is the eighth most affected country worldwide as far as ransomware infections go for this year, and ranked first in Latin America. Indicators of compromise File: 04.exeSize: 1049600MD5: 86C85BD08DFAC63DF65EAEAE82ED14F7Compiled: Saturday, October 8 2016, 11:22:30 – 32 Bit .NET File: tmp.exeSize: 842220MD5: BB4FDC93E0C089F6B885FFC13024E4B9Compiled: Sunday, January 29 2012, 21:32:28 – 32 Bit
Deployed together, this next-generation secure wireless solution delivers a sophisticated Wireless Intrusion Prevention System (WIPS), while turning Wi-Fi hot spots into powerful consumer research, analytics and push marketing tools. WatchGuard WiFi logo Architected from the ground up to focus on ease of deployment and administration, the WatchGuard Wi-Fi Cloud simplifies even the most complex aspects of Wi-Fi management, making fast, secure and intelligent Wi-Fi accessible to organisations of all types and sizes. WatchGuard Wi-Fi Cloud delivers high-quality wireless performance, while ensuring consistent security policies across all connected devices, even at remote locations.
The patented WIPS technology built into WatchGuard’s new cloud-ready AP120 and AP320 access points automatically classifies wireless devices as Authorized, Rogue, or External, resulting in a very low false positive rate.
This advanced rogue detection process can safely and automatically shut down unauthorised access points and clients, while nearly eliminating the risk of illegally interfering with neighbouring wireless networks. “Today’s savvy businesses realise that safe and reliable Wi-Fi is a basic requirement, but many SMBs and distributed enterprise organisations struggle to deliver it. We’ve developed a comprehensive solution that dramatically simplifies how businesses deploy and manage wireless, while at the same time elevating Wi-Fi security standards,” said Ryan Orsi, director of wireless products at WatchGuard. “In addition to security, the WatchGuard Wi-Fi Cloud makes it easier for organisations to turn Wi-Fi into an extension of their brand, an interactive experience for their customers and a powerful analytics tool.” WIRELESS SECURITYMost traditional wireless network management solutions fail to stop rogue devices from connecting to their networks or block threats like wireless denial-of-service attacks.
Current WIPS technology delivers a high rate of false positives, incorrectly categorising neighbouring hotspots and innocuously connected devices as malicious, which creates unnecessary frustration and end-user complaints. In addition to automatically detecting and disabling rogue wireless devices and attacks, WatchGuard’s industry-leading WIPS also provides customers with: Secure Bring Your Own Device (BYOD) Policy Enforcement – automatically identifies on-network smart devices and blocks unapproved connections. Accurate Location Tracking – pinpoints the location of connected wireless devices or sources of interference, enabling administrators to quickly take action. Flexible Deployment – deployable in configurations to meet any security need.
It can be installed as an overlay on top of an existing WLAN infrastructure or as a stand-alone enforcement system for Wi-Fi prohibited zones. Customers can easily and cost effectively run all of their wireless network traffic through one of WatchGuard's leading network security appliances, thereby providing the same AV, IPS, web filtering, spam blocking, application control, APT blocking, data loss prevention and reputation lookup techniques to wireless traffic.
This protects them against malware planting, eavesdropping and data theft and prevents inappropriate or illegal use of their network. INTERACTIVE ENGAGEMENT AND ANALYTICSThe Wi-Fi Cloud provides visibility into marketing data, including insights into footfall and customer demographics visualised on customisable dashboards. Organisations can easily monetise these insights by tapping into the mobile engagement features, which allow direct and customised communication with individual customers in the form of SMS, MMS and their social network of choice. WatchGuard Wi-Fi Cloud management features also include: Custom Splash Pages and Social Wi-Fi Engagement – captive portals allow businesses to personalise customer Wi-Fi experiences by offering promotional opportunities, surveys and strong authentication through Facebook, Twitter, LinkedIn, Instagram and other social applications. Mobile Engagement – delivers custom messages to customers via SMS, MMS, and social networks, based on predefined triggers including user interaction and length of time on-network. Wi-Fi Analytics - data is collected via passive scans, active scans and user connections in and around your Wi-Fi networks.
Analyses and conceptualises this data to provide insight into traffic patterns, behaviour and demographics of your Wi-Fi users, in addition to generating a visual map of foot traffic patterns on a floor plan. “There is a strong demand among our customers for widely deployable, cloud-enabled solutions and we are excited to add WatchGuard Wi-Fi Cloud to our portfolio,” said Ian Kilpatrick, director at Wick Hill. “This new Wi-Fi cloud functionality expands our ability to sell more to existing customers and to reach brand new customers.
Additionally, Firebox and Wi-Fi Cloud installations will increase partners’ service revenues.
This represents a big win for everyone.” ADDITIONAL RESOURCES: AVAILABILITY:WatchGuard Wi-Fi Cloud subscriptions, along with the AP120 and AP320 are available now.
Customers can purchase them as a stand-alone solution, or as part of a holistic configuration that routes traffic through a Firebox or XTM appliance, to extend best-in-class security services like APT Blocker, WebBlocker, and Gateway AntiVirus into their wireless environments.
For more information, visit https://www.watchguard.com/wifi. About WatchGuard Technologies, Inc.WatchGuard® Technologies, Inc. is a global leader in network security, providing best-in-class Unified Threat Management, Next Generation Firewall, secure Wi-Fi, and network intelligence products and services to more than 75,000 customers worldwide.
The company’s mission is to make enterprise-grade security accessible to companies of all types and sizes through simplicity, making WatchGuard an ideal solution for Distributed Enterprises and SMBs. WatchGuard is headquartered in Seattle, Washington, with offices throughout North America, Europe, Asia Pacific, and Latin America.
To learn more, visit WatchGuard.com. For additional information, promotions and updates, follow WatchGuard on Twitter, @WatchGuard on Facebook, or on the LinkedIn Company page.
Also, visit our InfoSec blog, Secplicity, for real-time information about the latest threats and how to cope with them at www.secplicity.org. Contacts:Rowena Case, WatchGuard Technologies0203 608 9070, firstname.lastname@example.org Peter Rennison, PRPR01442 245030, email@example.com