News & Notice more +
National Univ. Hospital Introduced Anti-APT Solution by NPCore
Photo by rawpixel on UnsplashOn the other hand, APT attack and Ransomware solution 'ZombieZERO Inspector' delivered by NPCore to university hospital can cope with new and variant malware which is difficult to cope with vaccine and prevent damage due to intelligent attack. ZombieZERO Inspector configures the same sandbox environment as user PC environment to provide detection results after malicious behavior monitoring and analysis. It collects packets on the network and performs analysis of four stages of signature and behavior based analysis. It supports analysis of various document formats such as PE file (DLL, EXE), compressed file, MS-Office, HWP and PDF. It also analyzes the outbound and inbound URLs and IP access patterns to double detect and block C&C server and malware access. The malware detection rate can be further improved by additionally introducing ZombieZERO EDR(Endpoint Detection & Response), an endpoint APT attack defense solution. ZombieZERO products link and analyze network information with agent analysis information of endpoint. Last year, the National Hospital introduced 'ZombieZERO EDR for Server' to protect the server. It holds the execution of malware and detects it through a behavior-based engine in the sandbox, preventing infection in advance, and responding to encryption and latent malware attacks that bypass the network security system. Interworking with new Ministry of Education Cyber Security Center (ECSC) is one of the main reasons why NPCore's APT solution has been adopted. ZombieZERO Inspector is an integrated hardware that passes the ECSC "MTM / ETM Standard Interoperability Specification" test. "Through this project, we have blocked the influx of new malware into the university hospital system and established an active defense system that can detect and block zero-day attacks and existing security system bypass attacks in real time," said CEO of NPCore.
NPCore Joined Vietnam·Malaysia Cyber Security Partnership Meeting
NPCore Joined Vietnam·Malaysia Cyber Security Partnership Meeting
NPCore met with Vietnamese and Malaysian companies in the information security business meeting held in Ho Chi Minh City, Vietnam and Kuala Lumpur, Malaysia from 19th to 23rd.
In recent years, Vietnam and Malaysia have been attracting a great deal of attention to information security issues both politically and socially.
In June, Vietnam established Law on cybersecurity which is the first domestic law in the cybersecurity field and is expected to be implemented from January 1, 2019. Malaysia is also experiencing a major social upheaval recently with the Ransomware accident of the media group. Media Prima, who was attacked in Ransomware in mid-November, was reportedly asked by an attacker for a bit coin of US $ 6.2 million.
Meanwhile, NPCore said that it was able to receive a good response from local companies because it already has a proven records of providing its solution "Zombie ZERO" to Malaysian and Vietnamese government agencies.
Zombie ZERO is an APT(Advanced Persistent Threat) and Ransomware solution that can proactively respond to new and variant malware that cannot be prevented by Anti-virus. By combining artificial intelligence(AI) technology, it determines threat level and responds to cyber threats based on 4 steps analysis - signature analysis, static analysis, dynamic analysis, reputation analysis. It also automates the process of detection and blocking by learning whitelist and blacklist pattern.
CEO Seung-Chul Han, "We have participated in the Southeast Asia Information Security Business Conference hosted by KISIA and KISA every year, and I feel that the interest in APT and Ransomware solution is getting higher as the awareness level of Southeast Asia information security is improved. We will link our partnership with local companies to export results in the first half of next year."
NPCore Provides Cybersecurity Solution for Cryptocurrency
[Image = www.comparitech.com ]While the cryptocurrency market is suffering from recent hacking incidents, NPCore has delivered a network APT security product for the cryptocurrency security of a block chain company. According to CipherTrace, a cryptocurrency research institute, cryptocurrency damage by hacking on an exchange or trading platform from January to September 2018 is valued at $ 927 million. The figure is 250% increase from $ 255 million in 2017. Experts analyze the growing interest in cryptocurrency and the increasing variety of currencies led to hacking crimes. "The demand for solutions that can respond to intelligent cybercriminals targeting cryptocurrency has skyrocketed," said sales representative of NPCore, the cybersecurity company specializes in APT defense. He announced they will establish APT attack defense system at a block chain platform that issues cryptocurrency in late October. 'ZombieZERO Network Inspector' delivered by NPCore collects packets on the network and detects APT attacks. Mirroring configuration can block malicious IPs and URLs without affecting the network. In addition, it detects unknown new and variant malicious codes through signature and behavior based analysis in total three stages, and intelligently blocks hacking attacks aiming at cryptocurrency in advance.
Stay Safe from Cyber Criminals with ZombieZero
Stay Safe from Cyber Criminals with ZombieZero
The Advanced Persistent Threat attack or APT attack, which is a hacking method utilised by cyber criminals, is definitely a new reality of our online life.It has been now a known fact that cyber criminals have hacked in to target victim’s computer system through various methods like email, web, etc. and achieved to destroy or remove confidential information. The most famous and recent case has been in 2015 named Deep Panda, where the US government’s office of Personnel Management had been attacked. The hacking of the system has believed to have compromised information of over four million personnel records. The APT attack was attributed as an outcome of a cyberwar between China and the US. The Deep Panda was an extreme case of APT, where information about secret services had been destroyed. But the threat is not just limited to government organisations or bigger institutions.
The APT attack can happen to anyone having a computer system.ZombieZero is a security solution developed to detect and protect against Ransomware and APT attacks. Developed by South Korean company NPCore, the Zombie Zero provides strong information security to prevent data-elimination and other network disruptions. A computer connected to the internet that has been attacked by a malware program, by a hacker or a virus or Trojan horse program, which allows to perform malicious tasks through remote direction then it is called Zombie infected. ZombieZero series is the exact answer to protect the computer system from becoming Zombie infected. How can ZombieZero defend the system from APT attack The ZombieZero technology blocks abnormal traffic generated by a process that causes an attack traffic by detecting it and blocks transmission of normal traffic and traffic control using the same Device. Simply put the users infected by zombies can block and treat only zombie traffic without using Internet Explorer. The 2-level defence system of the ZombieZero Series interworks between an endpoint-based behavioural defence system and a network-based behavioural detection system.
ZombieZero can defend the intruding malware that evades a network quickly and accurately.In recent years, thousands of computers have been infected by bots, or web robots that infect PC room computer with malicious code, analyse usage and causing serious disruption to services. The number of attacks caused by botnets are increasing and are bigger threat to companies. ZombieZero can detect, block and treat the activity of a Bot. The existing cyber security solutions are signature-based anti-virus engines, which can only detect known malware and cannot respond to serious attacks like APT or Ransomware, a type of malicious software which threatens the victim’s data being published or blocked forever unless a ransom is paid. But a behaviour based engines like ZombieZero can detect unknown malware as well through its endpoint Security. Thus ZombieZero can be assessed as an excellent technology to beat the Zombie infection in cyber world and save confidential data from being destroyed or compromised upon. NPCore, the company behind the ZombieZero, was established in 2008. It specialises in developing malware detection and response solutions in the Anti-virus centric security market. NPCore has provides the two-level defence mechanism “Zombie ZERO” to governments, financials, universities, enterprises. NPCore has established branch offices in US and Vietnam since 2014. The company has a wide distributor network in Japan, Indonesia, Taiwan, Malaysia, Thailand, Dubai and US. NPCore has been exporting ‘Zombie Zero’ to Japan, US and Vietnam since 2015. The global presence of NPCore and Zombie Zero series sure represents Korea’s best in the world’s cyber security market.
i-Web was infected by Ransomware damaging thousands of web sites
The following is an English version of the " 아이웹 랜섬웨어 감염 사태로 수천여개 웹사이트 피해 (i-Web was infected by Ransomware damaging thousands of web sites)" written by Boaanews reporter Kyoung-Ae Kim. *Original article link: https://www.boannews.com/media/view.asp?idx=73260&kind=0 [Boannews Reporter Kyoung-Ae Kim] i-Web, a website maker that provides a free website builder, was attacked by Ransomware during the Chuseok holiday. The i-Web builder database (DB) server was encrypted and more than a thousand websites have been damaged by Ransomware.
▲i-Web customer service board [image=-boannews] According to boannews, it is known that the damage caused by Ransomware attack is 2,000 ~ 3,000 websites using the i-Web, and many of the Internet shopping malls including summer beach event site are occupied. Until now, the server has been restored and operated normally, but the important data revealed on the i-Web has not been restored to the database so far. Also, in the explanation that the DB area revealed on the i-Web side is encrypted with the latest technology, the result of the report is confirmed that the encryption method is not the latest technology. Ransomware attackers were reportedly threatening to pay 100 million won worth of coins for their money on the i-Web. It is believed that the purpose of the attacker was to crack the money by inducing the conflict with the i-Web side by attacking most of the small business people by encrypting the small web site, DB etc. stored in the server with the target of the i-Web Builder server. It is likely to be a strategy to lead negotiations by drawing customer protest, such as the case of the Internet hosting service provider Nayana. It is reported that Cyber Security Bureau of the National Police Agency and the Korea Internet Development Agency (KISA) are currently under investigation for details such as whether Ransomware has been infected.