Greetings, from Cloudbric.
Here’s the latest from Cloudbric: for May 8th to May 21st.
- Technology Developments
*Cloudbric on AWS/Azure WAF Development
→ Cloudbric Ruleset for AWS WAF: 70% complete (estimated time of completion: 2021 2Q)
- Web attack detection/block rules based on Cloudbric engine
- New Malicious IP Block feature based on blockchain technology
→ Feature integration for Cloudbric ruleset on AWS/Azure WAF: 35% complete (estimated time of completion: 2021 2Q)
- New plans for the Service package
*Blockchain service development
→ New product development re: CLBK Tokens : 40% complete (estimated time of completion: 2021 3Q)
- Technical review in progress
*ADDoS(Advanced DDoS Protection) CDN Purge
→ Development of CDN purge feature for ADDoS users: 30% complete (estimated time of completion: 2021 2Q)
- Technical review completed
- API development in progress
*Remote Access Solution
→ Supported protocols added: 40% complete (estimated time of completion: 2021 2Q)
→ Cloudbric now provides a stronger infrastructure security for the service. The updated dashboard and report presents users with usage and service status for a better user experience.
- Technical review completed
- New system components and coverage reviewed
- Frontend UI planning in progress
*Cloudbric Labs (cyber threat information data platform based on blockchain technology)
→ Support for Hacker Wallet Address and Phishing URL API: 40% complete (estimated time of completion: 2021 1Q)
- Updated the Hacker Wallet Address and Phishing URL list.
- API implementation methods analysis.
- Development of the APIs and related technical documents.
*Cryptobric v2.0
→ Mobile App for securing your digital assets with CLBK wallet support
→ Users can view and transfer funds (either CLBK, Cloudbric’s own cryptocurrency or KLAY, a Klyatn cryptocurrency) in ‘Klip’ wallet, integrated into Cryptobric(2020.12). Check our medium post below for a step-by-step guide for integrating Klip!
*Klip: a digital asset wallet for Klaytn-based cryptocurrencies from Kakao
> http://reurl.kr/4CEECD3DOL
*Cryptopbric — SWG
→ Encrypted personal information and secured internet connection: 45% complete(Hacker Wallet Address and Phishing URL API Blocking) (estimated time of completion: end of 2021 2Q)
- Reviewing the direction of cryptographic communication technology and seeking ways to implement it.
- Planning details on design and server deployment architecture.
*VISION (Deep Learning Security Engine) Commercialization
→ Source code analysis for VISION commercial structuring VISION: 30% Complete (estimated time of completion: end of 2021 2Q)
→ Commercial module development: 30% complete(estimated time of completion: end of 2021 2Q)
- Revisions for improvements regarding source code and engine.
- Review of additional lists to be included in the supervised learning of the Deep Learning Engine.
- Ongoing review of different learning strategies by domain.
2. Cloudbric News
Cloudbric is participating in the first-ever Japan IT Week Online. Japan IT Week, one of the largest tech events in Japan, will be hosted online for the first time in the wake of the COVID-19 pandemic. Despite the limitations of the online event, 300 IT enterprises and companies are expected to exhibit while 30,000 visitors from Japan as well as across the world are expected to attend the event online. Learn about the latest technology and industry trends in various verticals including information security, remote work solutions, IoT & 5G as well as partake in the webinar hosted by Cloudbric.
> Learn more 2021 Japan IT Week Online (LINK)
Have you heard about Ransom DDoS (aka RDDoS), a new cyber-terror that’s causing turmoil in the financial sector? RDDoS, similar to the infamous Ransomware attacks, is an attack motivated by monetary gain. Recently, financial service providers including banks, crypto-exchanges, credit card companies, and payment gateways have been targeted by known cyber-terrorist groups — who have used DDoS attacks to demand ‘ransom’ from these financial institutions.
Cloudbric, as a managed security service provider, has also protected our clients from RDDoS attacks. Specifically, a Cloudbric customer in Japan — a large enterprise with more than 4,000 employees no less — received a threatening letter from a hacker: “Ransom or be DDoS’ed.” Rather than giving in to the hacker’s demand, the Client adopted Cloudbric ADDoS, an Advanced DDoS Protection service that’s specifically designed to secure enterprise websites and web servers from DDoS attacks. More and more companies are recognizing the need for web security, especially because targeted and coordinated attacks like RDDoS require a cybersecurity specialist to respond. Maybe that’s why Cloudbric ADDoS seems to be the popular choice for companies without a dedicated security operations center.
> Security Magazine article: “DDoS extortions making its way back” (LINK)
> SecurityBrief reports, “DDoS ransom attacks flare up again after brief hiatus” (LINK)
> Learn more about Cloudbric ADDoS, an Advanced DDoS Protection solution (LINK)
3. Security News
- AUTOCRYPT partners with University of Windsor’s SHIELD Automotive Cybersecurity Centre of Excellence — PR Newswire
AUTOCRYPT announced that the company had officially partnered with the SHIELD Automotive Cybersecurity Centre of Excellence, hosted by the University of Windsor, to prioritize research and development in securing connected and autonomous vehicles. - Bizarro Banking Trojan Sports Sophisticated Backdoor — Threatpost
A never-before-documented Brazilian banking trojan, dubbed Bizarro, is targeting customers of 70 banks scattered throughout Europe and South America. Bizarro is a mobile malware, aimed at capturing online-banking credentials and hijacking Bitcoin wallets from Android users. - RevengeRAT and AysncRAT target aerospace and travel sectors — SC Media
A campaign of remote access trojans (RATs) has been targeting the aerospace and travel industries with spear-phishing emails that distribute an actively developed loader, which then delivers RevengeRAT or AysncRAT. Attackers use the RATs for data theft, follow-on activity and additional payloads, including Agent Tesla, which they use for data exfiltration.
