회사소개

제품

안내

고객지원

Company

Product

Information

Support

Thông tin về công ty

Sản phẩm

Thông tin

Hỗ trợ chung

Notice

Title Date
Stay Safe from Cyber Criminals with ZombieZero

Stay Safe from Cyber Criminals with ZombieZero

The Advanced Persistent Threat attack or APT attack, which is a hacking method utilised by cyber criminals, is definitely a new reality of our online life.It has been now a known fact that cyber criminals have hacked in to target victim’s computer system through various methods like email, web, etc. and achieved to destroy or remove confidential information. The most famous and recent case has been in 2015 named Deep Panda, where the US government’s office of Personnel Management had been attacked. The hacking of the system has believed to have compromised information of over four million personnel records. The APT attack was attributed as an outcome of a cyberwar between China and the US. The Deep Panda was an extreme case of APT, where information about secret services had been destroyed. But the threat is not just limited to government organisations or bigger institutions.
The APT attack can happen to anyone having a computer system.
ZombieZero is a security solution developed to detect and protect against  Ransomware and APT attacks. Developed by South Korean company NPCore, the Zombie Zero provides strong information security to prevent data-elimination and other network disruptions. A computer connected to the internet that has been attacked by a malware program, by a hacker or a virus or Trojan horse program, which allows to perform malicious tasks through remote direction then it is called Zombie infected. ZombieZero series is the exact answer to protect the computer system from becoming Zombie infected. How can ZombieZero defend the system from APT attack The ZombieZero technology blocks abnormal traffic generated by a process that causes an attack traffic by detecting it and blocks transmission of normal traffic and traffic control using the same Device. Simply put the users infected by zombies can block and treat only zombie traffic without using Internet Explorer. The 2-level defence system of the ZombieZero Series interworks between an endpoint-based behavioural defence system and a network-based behavioural detection system.
ZombieZero can defend the intruding malware that evades a network quickly and accurately.
In recent years, thousands of computers have been infected by bots, or web robots that infect PC room computer with malicious code, analyse usage and causing serious disruption to services. The number of attacks caused by botnets are increasing and are bigger threat to companies. ZombieZero can detect, block and treat the activity of a Bot. The existing cyber security solutions are signature-based anti-virus engines, which can only detect known malware and cannot respond to serious attacks like APT or Ransomware, a type of malicious software which threatens the victim’s data being published or blocked forever unless a ransom is paid. But a behaviour based engines like ZombieZero can detect unknown malware as well through its endpoint Security. Thus ZombieZero can be assessed as an excellent technology to beat the Zombie infection in cyber world and save confidential data from being destroyed or compromised upon. NPCore, the company behind the ZombieZero, was established in 2008. It specialises in developing malware detection and response solutions in the Anti-virus centric security market. NPCore has provides the two-level defence mechanism “Zombie ZERO” to governments, financials, universities, enterprises. NPCore has established branch offices in US and Vietnam since 2014. The company has a wide distributor network in Japan, Indonesia, Taiwan, Malaysia, Thailand, Dubai and US. NPCore has been exporting ‘Zombie Zero’ to Japan, US and Vietnam since 2015. The global presence of NPCore and Zombie Zero series sure represents Korea’s best in the world’s cyber security market.
2018.10.10

NPCore participated in 'ISEC 2017' ... 'EDR for Server' was debuted and demonstrated

Author
admin
Date
2017-09-10 17:05
Views
764

[Picture : NPCore participated in 'ISEC 2017' held in COEX from Sep. 5th ~ 6th to show 'ZombieZERO EDR for Server', new product for server security. NPCore's sales manager Lee, Gun-Woong was watching the demo video and explaining new products to VIPs composed of gov. officials.]

Recently in Korea, there was the biggest security incident that the servers of Korean hosting company were attacked by the variant Ransomware.
So the sense of crisis for Ransomware has raised and security measures and security awareness of gov. agencies and enterprises have been further strengthened.
As a result, NPCore(CEO Han, S.C.) first introduced its new server security product, 'ZombieZERO EDR for Server' at the '11th International Security Conference (ISEC 2017)' held on Sep. 5 ~ 6.The 11th annual ISEC is the largest cyber security conference event in Korea.

In this event, NPCore showed and demonstrated 'ZombieZERO EDR for Server', which is the Whitelist-based APT / Ransomware response solution installed on the server and is aimed at the security manager of gov. agencies and enterprise along with Nicstech, Secucen and CoreInfra.

NPCore is specialized in defense solution against unknown APT and Ransomware and provides two-level defense on network and endpoint based on behavior.

Existing security solutions (signature-based Anti-virus) cannot respond against APT (targeting malware) and new / variant Ransomware such as WannaCry and Petya, and traditional Sandbox technology is vulnerable to malware bypassing virtual machine, new and variant Ransomware and attack through encryption section (SSL communication).
To overcome these limitations, the importance of EDR (End Point Detection & Response) technology has been highlighted.

In line with this, NPCore released 3 security products for endpoints (▲ ZombieZERO EDR for APT- Endpoint Security against APT, ▲ ZombieZERO EDR for Ransomware- Endpoint Security against Ransomware, ▲ ZombieZERO SECaaS (Security as a Service)- Cloud type Security)
And NPCore recently released 'ZombieZERO EDR for Server' due to the biggest recent server's security incident and built it up in the OO Broadcasting Station.

ZombieZERO EDR for Server is installed on the Windows server and blocks the execution of new/variant malwares in real time through the whitelist-based execution holding function. And it analyzes/detects known and unknown malwares through the central analyzer (ZombieZERO Inspector) to make the system execute only secure file.

[Operation sequence of 'Zombie Zero EDR for Server']

1) Server access → Blocking execution of processes not registered on the whitelist.
2) EXE file analysis :  Malicious file is blacklisted and isolated. / Normal file is added to Whitelist.
3) If the analysis result proved to be normal, the file is executed normally and you can check it. / If malicious file, the EXE file is blocked by EDR.



[Picture: NPCore's director Kim, Mu-Jeong was giving a speech on 'APT and Ransomware Defense System centered on endpoint utilizing advantage of Sandbox' at conference room A of COEX on Sep. 5.]

On the first day of the conference, NPCore's director Kim, Mu-Jeong gave a speech on 'APT and Ransomware Defense System centered on endpoint utilizing advantage of Sandbox'.
Mr. Kim proposed the direction of Ransomware blocking technology and proceeded real time Q & A via Facebook.
After the speech, many people came to the exhibition booth and asked many additional questions.
WannaCry Ransomware blocking demo video and demonstration were also conducted at the booth and led the response.

NPCore, CEO Han, Seung-chul said, "Many people from various companies including gov. agencies, military, media companies, and SI companies consulted and asked for a follow-up visit and proposal. So we were able to confirm positive responses to EDR products and achieve business results more than expected."