Tag: Trend Micro

ECQ Success Stories: CT Link Managed Services Remotely Secures Client’s WFH setup

Arby News and Events , , , ,
ECQ Success Stories: CT Link Managed Services Remotely Secures Client’s WFH setup

With the suddenness of the declaration of the ECQ, most companies were unable to give their workforce the tools that they may have needed to work effectively at home. This left many employees to find their own ways to complete the tasks that they do on a daily basis at home. Many of which ended up using their own devices and installing the apps from work or apps and connecting to thru the company VPN.

Client Challenges: Unsecured Personal Devices connecting to Corporate VPN

One of our customers from the Public Sector encountered this dilemma during the start of the ECQ. They have about 500 employees who need to Work From Home (WFH). They were unable to give all employees resources in which to accomplish their tasks so opted to allow employees to use their personal devices. However, the Infosec Team is concerned that malwares from the personal devices could enter thru the VPN connections.

Solution: CT Link Managed Endpoint Security

As a CT Link managed service customer, we deployed Trend Micro’s Worry-Free Business Security Services (WFBSS), which is a cloud-based Endpoint Security Solution. We provided the link for installing of Trend Micro Agents to end users and assisted them in deploying this on their endpoint devices.

As a cloud-based solution, we were able to be with them every step of the way during this process and helped with problems that occurred during installation of some devices while also monitoring the threats found by WFBSS. This has proved as an effective measure for them as presently WFBSS has detected over 3,000 suspicious and malicious activities from the endpoints.

Security as a Service

Having Managed Services for security helped our client worry less about the security from personal devices connecting into their network and freed up their time to concentrate on other important tasks at hand during the ECQ. This meant that we handled the troubleshooting of the installations of the endpoint devices and monitoring of malicious activities reported by WFBSS. This service is also not reserved for only enterprise accounts as our services are actually very beneficial as well to small and medium businesses that do not have their own dedicated IT team.  Below are a few key features in which you can expect to get when subscribed to our managed services:

  • Keep outside threats like malware from getting in and sensitive data from going out
  • Filtering potentially dangerous or inappropriate websites
  • Preventing phishing and social engineered attacks from getting to your users
  • As a cloud-based solution, support is done remotely
  • Supports WFH setups to ensure your network is safe
  • Ease of deployment with little to no IT skills required
  • Centralized monitoring through one dashboard accessible through the cloud

If you are interested in learning more about our CT Link managed services or WFBSS, contact your CT Link AM or reply to this email and we will get back to you as soon as possible!

Images were provided by Vecteezy (1,2,3,4,5)

Cloud One: A Trend Micro Solution for Cloud Builders

Arby News and Events , ,
Cloud One: A Trend Micro Solution for Cloud Builders

With cloud technology advancements, more businesses are now connecting to the cloud to solve their IT needs.  This is why the cloud infrastructure services market is now filled with different vendors, this has also caused many stakeholders to become involved in these infrastructure decisions.  This has made cloud security even tougher.  To be able to maximize the benefits of the cloud, you need to be able to balance both your business objectives and cloud security to ensure the least amount of complexity.

Cloud One, a security services platform for cloud builders, delivers the broadest and deepest cloud security offering in one solution, enabling you to secure your cloud infrastructure with clarity and simplicity.

Cloud One will be able to help provide you by providing a powerful security which leaves you leverage to take the benefits and efficiencies that the cloud has to offer to your business.  Being designed with multiple services to make sure that specific cloud security needs are addressed, Cloud one gives you the leg room you need to solve your present challenges while still being able to help you with future cloud needs.

With support for all major cloud platforms, and solutions that integrate directly into your DevOps processes and toolchain, Cloud One is designed to provide the flexibility you need without slowing down your business or application delivery.

Benefits of Cloud One

Automated

Security as code lets your DevOps teams bake security into their build pipeline to release continuously and frequently. With built-in automation, including automated discovery and deployment, quick-start templates, and our Automation Center, secure your environment and meet compliance requirements quickly.

Flexible

Builder’s choice. Security for your hybrid cloud, multi-cloud, and multi-service environments, as well as protection for any vintage of application delivery—with broad platform support.

All-in-One Solution

One platform that has the breadth, depth, and innovation required to meet and manage your cloud security needs today, and in the future.

To learn more about Cloud One and other Trend Micro Solutions, you can contact us at 8893 9515 and we would be happy to answer your inquiries!

Cloud Security: The Shared Responsibility Model

Arby News and Events , ,
Cloud Security: The Shared Responsibility Model

Have you ever asked yourself what the biggest threats are in the cloud?  The answer may not be what you’d expect it to be.  Rather than big named malware or cyber attacks, the biggest risk in the cloud happens due to service misconfigurations.  Despite the cloud’s clear operating model, teams continue to make simple mistakes or overlook the simple task of properly configuring the services they use in the cloud.

Security in the Cloud is a shared responsibility as both customer and provider has their respective responsibility, these are usually based on the Shared Responsibility Model.  The model defines which segments each are responsible for.  At a glance, are you doing your part?  Or did you assume it was handled by your provider?

One common misconfiguration misstep comes from pre-configured deployment services.  Most misunderstandings arise from thinking that after being given the configurations that they too will handle update patching and even maintenance of said configuration.  It falls on you the user to do these responsibilities and make sure that your system is safe!

Another common cause of misconfiguration is from human error.  As per our nature, we are bound to make errors along the way when working even if we take as much precaution as we can.  This is where automation can help make sure that these errors don’t occur.  Let’s say the operating system your team uses for your systems has a new patch that needs to be deployed. Instead of someone patching each of the production virtual machines, that team member should patch the original template of the virtual machines and a build system should redeploy production.

For safety measures as well, it is always in best practice to verify that your providers are doing their part in keeping you secure.  This is not to say that your provider is not doing their job, usually the 3 big cloud providers have an overwhelming amount audit evidence you can browse, its always just better to keep the habit of counter checking when security is involved.

Interested in learning more about our Cloud Security Solutions?  Contact us at 8893-9515 and we would be happy to answer your inquiries!

Ransomware Hits Florida Town, Costs them $500,000 in Ransom

Arby News and Events , , ,
Ransomware Hits Florida Town, Costs them $500,000 in Ransom

No matter how big or small your organization is, security is always something that should be considered when it comes to securing your business data.  This is especially so if you are mostly handling confidential data such as data from customers.  Unfortunately, a town in Florida learned this lesson the hard way as they were recently hit by a ransomware attack.  As their operations was put to a standstill, they had no choice but to pay the asking price of cyber criminals, 42 bitcoins (equivalent to $500,000).

This wasn’t the only attack that happened in Florida as well, another municipality ended up paying cyber criminals $600,000 when the attack severed their connection to important data.  The mayor of the town even stated that he could not believe that in such a small town they would encounter such attacks.  They aren’t alone however, during the past years many other organizations such as major hospitals were hit by ransomware and were forced to pay to gain access to business-critical data.

“Ransomware is the canary in the coal mine,” said cyber-security expert Kevin Beaumont, who argued that the spate of attacks showed organizations needed to get better at basic IT security.

What can you do to prevent this?

As stated above, one preventive measure is to make sure that your employees are briefed on basic IT security as to make sure they don’t fall to attacks such as phising to prevent criminals from getting into the network.

Another would be to have data protection measures up, you may even start with a simple back up set up.  This is to ensure that during time of attacks or system failures, you will have a starting point to recover instead of trying to get whatever you can from your infected systems.

You may also consider advanced security protection from vendors such as Trend Micro which can help detect and quarantine suspicious files and activities from the Server level or even on your multiple endpoints.

To learn more about these solutions and how we can help you, you may contact us at 893-9515 and we would be happy to find the best solution for you company!

Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

Arby News and Events , , , , , , , , ,
Security Advisory: Microsoft Alerts Customers to Patch BlueKeep Vulnerability ASAP

In case you didn’t hear, another big vulnerability was reported by Microsoft on May 14, 2019 known as “BlueKeep” which takes advantage vulnerabilities of Remote Desktop Services (RDS), Remote Code Execution (RCE), and Remote Desktop Protocol (RDP).  However, BlueKeep only affects older version of Windows, so users of Windows 10 and 8 can rest easy.  The severity of the vulnerability though has forced the hand of Microsoft and they have actually made and released a security patch for its unsupported versions.  They have classified this vulnerability as a critical level threat.

This is why as of June 4, 2019, Microsoft once again urged its customers to apply the patch as soon as possible as more than 1 million devices are still vulnerable to the attack.  This is to avoid another widescale malware attacks like those of the WannaCry ransomware attack back in 2017.  Many companies were affected by the attack and caused many business operations to stop, more notably hospital operations.

What can you do to avoid being affected?

Microsoft has already provided the solution to BlueKeep, make sure you download the latest security patch for your corresponding OS (you can find the patches here).  You may need to reboot your servers to ensure the patch is running properly.

For those who are Trend Micro users, specifically those who use Deep Security, if you are unable to apply the patch due to other reasons, such as being unable to reboot your servers, please make sure that you apply the correct policy for the virtual patching of Deep Security to ensure the security of your servers.  Below is the Deep Packet Inspection (DPI) rule:

  • 1009749 – Microsoft Windows Remote Desktop Services Remote Code Execution Vulnerability

You can view the official Trend Micro article on it here.

For those who are looking into a longer-term solution, you can consider solutions such as Citrix Gateway and Virtual Apps to secure your remote connections to Windows servers.

To learn more about these solutions, you can contact us at 893-9515 and we will help introduce you to different options that you have to help prevent these kinds of vulnerabilities!

A Closer look at Processor Vulnerabilities

Arby News and Events , , , , , , ,
A Closer look at Processor Vulnerabilities

The past few years has been rough on processor security, this especially for Intel as one of the biggest processor vulnerabilities Meltdown and Spectre was for nearly all their modern CPUs.  Although patches came out almost immediately to solve these issues, this was just the start to the security vulnerabilities as other attacks such as MDS (Microarchitectural Data Sampling) have been popping up.  So why are these vulnerabilities and security flaws only now coming to light?  These issues actually are quite complex and would need a further understanding of the advances of CPU technology such as the following below:

  • L1/L2/L3 caches
  • Speculative execution
  • Pipelines and buffers
  • Hyper-Threading

If you are unfamiliar with the above technologies, they basically function as ways to help improve the speed of the CPU.  In theory, without these components, we could have a much more secure processor at the cost of performance.  Vendors are caught in a predicament of wanting to increase performance but also have to consider the security implications of newer technology.  This shows in the patches for recent vulnerability fixes which brought performance down of the CPU by 5-30%.  The latter number can be alarming but does not usually affect home users as the 30% is more frequent for servers.

Although vendors are still working on improving their security to prevent future vulnerabilities from happening, there are still ways to make sure that your data is protected like adding an additional layer of security.  With the help of 3rd party security vendors such as Trend Micro can help with products such as Deep Security through virtual patching.

To get a more in depth understanding of the processor vulnerabilities, you can refer to this article here.  To learn more about Trend Miro Deep Security, you can visit our page here or contact us directly at 893-9515 and we will be more than happy to answer your inquiries!

Security Vulnerabilities: A Closer look at a Cyber Criminal’s Window to your System

Arby News and Events , , , ,
Security Vulnerabilities: A Closer look at a Cyber Criminal’s Window to your System

You may be hearing more and more these days of new security vulnerabilities being discovered in the news and may be wondering what exactly it may imply?  Simply, a vulnerability represents the ideal opportunity for cyber criminals to infiltrate your system to compromise your data or to perform data theft.

According to current data now, we can see that these vulnerabilities will be popping up more often as 2017 had a record-breaking year for reported exploitable vulnerabilities, with almost 20,000 security flaws reported over the year.   For the year 2018, the data is still being tallied however, a report from RiskBased Security has already noted that more than 10,000 vulnerabilities have been reported in which 3,000 potential flaws which enterprises have failed to patch.

To better understand vulnerabilities, our friends from Trend Micro has segregated them into types in which to classify them:

Traditional vulnerability – is a programming error or other type of software issue that hackers can use to sidestep password protection or security measures and gain unauthorized access to legitimate systems. These are the most rampant types of security vulnerabilities.

Zero-days – are brand new software issues that have only just been identified and have not yet been patched by vendors.  As Trend Micro explained, “that’s because the vendor essentially has zero days to fix the issue or has chosen not to fix it.”

Undisclosed vulnerability – these are flaws that have been identified and reported, but are not yet disclosed to public users, giving vendors time to patch the issue.

So, what can you do to help address these vulnerabilities?

To help keep your enterprise safe from these vulnerabilities, Trend Micro suggests that you pay attention to current security research so that you can apply the necessary findings to help keep your business safe.  Another would be to make sure that you keep yourself up to date with updates and patches.  However, with the number of vendors and patches, it can sometimes be too much for your IT to patch immediately due to the volume.  Trend suggests the following patching prioritization scheme to help ease the load of your IT team:

  • The severity of the patched issue. Microsoft and other vendors will rate vulnerabilities according to how critical they are to overall risk. More critical patches should be applied as soon as possible, whereas less critical updates can represent a lower priority.
  • Vulnerabilities impacting your enterprise’s particular key software. Similarly, updates for software systems that are used on a daily basis within the enterprise and provide essential functionality should be prioritized over other updates. A patch for a software that is only intermittently used, or only impacts a small number of users in a single department of the company, for instance, can be put on the back burner.
  • Those currently being exploited. It’s important to prioritize patches for vulnerabilities that hackers are currently using to mount attacks.

To learn more, you may visit the original Trend Micro article here, visit our product page here, or you can also contact us directly at 893-9515 and we will be happy to answer your inquiries!

Trend Micro Awards CT Link as Partner of the Year for 2018!

Arby News and Events , , ,
Trend Micro Awards CT Link as Partner of the Year for 2018!

On February 26, 2019, Trend Micro hosted their annual Partners Appreciation Night, at the B1 Sports lounge New World Makati, to celebrate the achievements that each partner has contributed to help make 2018 a successful one.  Here they presented CT Link Systems, Inc. with four awards, which included the biggest award of the night, Partner of the Year!  This award is to acknowledge the partner with highest total of new and renewal revenues of all TM products for the year.

Below is the full list of awards CT Link received:

  • FY18 Partner of the Year – CT Link Systems, Inc.
  • FY18 User Protection Champion – CT Link Systems, Inc.
  • FY18 Sales Person of the Year – Malou Cruz
  • FY18 Sales Engineer of the Year – Bren Natal

Trend Micro awarded CT Link with the FY18 User Protection Champion award to acknowledge our efforts in providing endpoint security solutions to our customers.  These solutions include the following:

OfficeScan – provides advanced endpoint and ransomware protection for Windows, Mac and Virtual Desktop Infrastructure

Vulnerability Protection – prevents network-based exploits and zero-day ransomware threats via vulnerability shielding

Endpoint Encryption – secures data with full disk, folder, file and removable media encryption

Integrated Data Loss Prevention – guards private data and intellectual property with integrated modules

Keep your data secure. Contact CT Link Systems, Inc. via our contact form or through our landline 893-9515.

About Trend Micro

Trend Micro is a global leader in cybersecurity solutions, dedicated to making the world safer for exchanging digital information. Founded in 1988, Trend Micro has grown to become a trusted provider of cutting-edge security solutions for businesses and consumers alike.

Trend Micro’s comprehensive range of cybersecurity solutions includes endpoint security, network security, cloud security, and security management services. These solutions are designed to protect against a wide range of threats, including malware, ransomware, phishing attacks, and other forms of cybercrime.

One of Trend Micro’s core strengths is its ability to stay ahead of emerging threats. The company employs a team of experts who constantly monitor the latest cyber threats and develop innovative solutions to counter them. Trend Micro’s solutions are designed to provide proactive, real-time protection against both known and unknown threats.

Trend Micro’s commitment to cybersecurity extends beyond its products and services. The company is also dedicated to raising awareness about the importance of online safety and promoting best practices for cybersecurity. Trend Micro regularly publishes research and insights on the latest cybersecurity trends and hosts events to help educate businesses and individuals about the importance of cybersecurity.

Security Advisory: Vulnerabilities found on DHCP and Microsoft Exchange

Arby News and Events , , , , ,
Security Advisory: Vulnerabilities found on DHCP and Microsoft Exchange

Microsoft released patches for vulnerabilities that were actively being exploited via their regular security release on the last few months of 2018. They released 49 security patches and two advisories for 2019, seven were vulnerabilities rated as critical while 40 were important.

The highlight of these vulnerabilities is regarding to Windows DHCP Client (CVE-2019-0547), this allows a hacker to send commands on a machine by issuing DHCP responses. Alarmingly, most machines have DHCP client enabled across all windows operating systems, therefore applying this patch is a must. Another notable vulnerability is in the Microsoft Exchange software (CVE-2019-0586), this vulnerability could allow hackers to execute code as the system users and potentially can perform various tasks such as view, change, or delete data and even create new accounts.

Luckily for Trend Micro Customers specifically for Deep Security and Tipping point customers, Trend Micro has released virtual patch rules to protect you on those vulnerabilities immediately. While testing on the security patches released by Microsoft, Trend Micro customers can first apply virtual patch rules to eliminate exposure against possible attacks.  Please see below for the recommended virtual patches:

Trend Micro Deep Security and Vulnerability Protection recommended virtual patch rules are as follows:

  • 1009452-Microsoft Windows COM Elevation Of Privilege Vulnerability (CVE-2018-8550)
  • 1009462-Microsoft Edge Elevation Of Privilege Vulnerability (CVE-2019-0566)
  • 1009463-Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0539)
  • 1009464-Microsoft Internet Explorer Remote Code Execution Vulnerability (CVE-2019-0541)
  • 1009465-Microsoft Edge Memory Corruption Vulnerability (CVE-2019-0565)
  • 1009466-Microsoft Windows Multiple Security Vulnerabilities (Jan-2019) – 2
  • 1009468-Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0567)
  • 1009469-Microsoft Edge Chakra Scripting Engine Memory Corruption Vulnerability (CVE-2019-0568)

Trend Micro Tipping Point MainlineDV filters to be applied are as follows:

  • 33921: ZDI-CAN-7385: Zero Day Initiative Vulnerability (Microsoft Windows)
  • 33927: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 33928: HTTP: Microsoft Edge Session Boundary Memory Corruption Vulnerability
  • 33929: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 33930: HTTP: Microsoft Edge Use-After-Free Vulnerability
  • 33931: HTTP: Microsoft Windows Kernel Information Disclosure Vulnerability
  • 33948: HTTP: Microsoft Edge Type Confusion Vulnerability
  • 33949: HTTP: Microsoft Internet Explorer ProgId Code Execution Vulnerability

If you have any further inquiries with regards to these vulnerabilities with Trend Micro or as a non-Trend Micro user, contact us at 893-9515 and we would be happy to answer your inquiries!

Three Important Questions to keep in mind when securing your SAP environment

Arby News and Events , , , , ,
Three Important Questions to keep in mind when securing your SAP environment

Are you sure you are securing your SAP environment properly?

With the sensitive data stored in most SAP systems (HR, financials, and even more important, customer data), it would not be an exaggeration to say that it would be the main priority of attacks of cyber criminals.  This doesn’t mean that SAP does not prioritize security, this just means that security solutions have been continuously improving with the help of 3rd party enhancements.  In partnership with SAP, there are security solution partners such Trend Micro that ensure that enterprises are secure from attacks such as malware, denial-of-service attacks, cross-site scripting and other advance and targeted attacks.

So if you aren’t sure if you are properly securing your SAP environment, you can refer to this security question checklist below:

What are my security risks? Are you improving your ability to respond to customer feedback by moving customer applications to the cloud? Are you improving supply chain efficiency by opening an application to provide more visibility or communication with partners?

With how business-critical applications are now web accessible, cyber criminals now have more entry points in which they can exploit vulnerabilities in operating systems, web servers and even the business-critical application itself.  Although vendors release patches to fix these vulnerabilities, if they are not implemented on a timely basis, the system will still be at risk within those transition points.

Does my security integrate with my SAP environment?

You also need to consider whether your security can integrate well with your native SAP security.  SAP provides capabilities like the SAP Virus Scan Interface (VSI) as part of SAP NetWeaver ®  to allow certified third parties, like Trend Micro,  to augment native security capabilities.

What are the security requirements for my environment?

Cloud and virtual environments each introduce unique requirements for security. Understanding how your security solution is optimized for those environments is critical to make sure you can easily manage security and reap the expect cost, performance and agility benefits.

If you have any further inquiries on how you can better secure your SAP environment, you may call us at 893-9515 and we would be happy to help!