News
A10 Networks Extends Multi-Vector DDoS Protection
A10 Networks announced a collaboration with Verisign to enable hybrid DDoS mitigation strategies for customers. A10 Networks further announced enhancements to its market-leading multi-vector DDoS protection solution, Thunder TPS (Threat Protection System)—including the ability to send alerts to Verisign’s cloud-based DDoS Protection Service using the OpenHybrid API.
Thunder TPS 3.2 now enables more organizations to intelligently provide an always-on application experience. New features and customer benefits include:
- Smarter DDoS attack detection and dynamic mitigation with Thunder TPS 3.2. Traffic baselines leverage multi-protocol behavioral indicators to learn peacetime network conditions, enabling precise detection of anomalies. Dynamic mitigation policies escalate suspect traffic through progressively tougher countermeasures to minimize legitimate traffic drops. DevOps can leverage event-based scripting for increased operational agility.
- Automated signaling for volumetric attack protection through Verisign’s cloud DDoS protection service. The redirection option utilizes the Verisign OpenHybrid™ API to provide anomaly information and can trigger a swing of customer’s traffic to Verisign’s cloud-based services when volumetric DDoS protection is needed. This hybrid solution broadens the market reach of Thunder TPS to enterprises with limited internet bandwidth.
- Integration with existing DDoS solutions for investment protection. Leveraging open networking standards, Thunder TPS mitigation integrates easily with existing DDoS detection solutions. Open networking standards support enables tight integration with many other devices, including SDN controllers and security products.
- In addition to Thunder 3.2 and the Verisign DDoS Protection Service, organizations can further complement their DDoS protection with the recently announced:
- aGalaxy to streamline operations. Empowering administrators to centrally manage multiple Thunder TPS deployments to enable real-time troubleshooting, incident management and reporting.
- A10 Threat Intelligence Service to increase security efficacy. Providing a dynamic intelligence feed that prevents data theft, reduces the network load, and minimizes the attack surface.
“Devastating multi-vector DDoS attacks are on the rise and in everyday news. Organizations will inevitably become targets of these cyber-attacks, causing major disruptions to their business,” said Sanjay Kapoor, Vice President Global Marketing at A10 Networks. “With the expanded capabilities of Thunder TPS 3.2 and integration with Verisign’s OpenHybrid™, organizations can enable the always-on application experience that their customers demand from them.”
“In today’s growing DDoS threat landscape, organizations must protect and ensure the availability of their critical applications. A10’s Thunder TPS appliance’s ability to signal with Verisign cloud-based DDoS Protection Service enables customers to implement an effective hybrid DDoS protection strategy,” said Ramakant Pandrangi, Vice President of Product Management for Verisign’s Security Services.
“Customers trust C4L to protect them from the crippling effects of a vast array of escalating multi-vector DDoS attacks on a daily basis,” said Gary Barter, Head of Marketing at C4L. “Thunder TPS 3.2 greatly expands our effectiveness through the surgical nature of the countermeasures, the comprehensive baselining, anomaly detection capabilities, and detailed monitoring.”
“A10 has built a loyal base of service provider and enterprise customers that value the performance, the manageability, and the advanced features of the entire product line,” said Jeff Wilson, Research Director, Cybersecurity Technology at IHS Inc. “Thunder TPS 3.2 and the Verisign partnership enable A10 to broaden market reach of its DDoS detection and mitigation solutions to customers’ lower bandwidth requirements.”
News
The Malware That Must Not Be Named: Suspected Espionage Campaign Delivers “Voldemort”
In August 2024, Proofpoint researchers identified an unusual campaign using a novel attack chain to deliver custom malware. The threat actor named the malware “Voldemort” based on internal filenames and strings used in the malware.
The attack chain comprises multiple techniques currently popular within the threat landscape as well as uncommon methods for command and control (C2), like the use of Google Sheets. Its combination of tactics, techniques, and procedures (TTPs), lure themes impersonating government agencies of various countries, and odd file naming and passwords like “test” are notable. Researchers initially suspected the activity may be a red team. However, the large volume of messages and analysis of the malware very quickly indicated it was a threat actor.
Proofpoint assesses with moderate confidence this is likely an advanced persistent threat (APT) actor with the objective of intelligence gathering. However, Proofpoint does not have enough data to attribute with high confidence to a specific named threat actor (TA). Despite the widespread targeting and characteristics more typically aligned with cybercriminal activity, the nature of the activity and capabilities of the malware show more interest in espionage rather than financial gain at this time.
Voldemort is a custom backdoor written in C. It has capabilities for information gathering and to drop additional payloads. Proofpoint observed Cobalt Strike hosted on the actor’s infrastructure, and it is likely that is one of the payloads that would be delivered.
Beginning on 5 August 2024, the malicious activity included over 20,000 messages impacting over 70 organizations globally. The first wave of messages included a few hundred daily but then spiked on 17 August with nearly 6,000 total messages.
Messages purported to be from various tax authorities notifying recipients about changes to their tax filings. Throughout the campaign, the actor impersonated tax agencies in the U.S. (Internal Revenue Service), the UK (HM Revenue & Customs), France (Direction Générale des Finances Publiques), Germany (Bundeszentralamt für Steuern), Italy (Agenzia delle Entrate), and from August 19, also India (Income Tax Department), and Japan (National Tax Agency). Each lure was customized and written in the language of the authority being impersonated.
Proofpoint analysts correlated the language of the email with public information available on a select number of targets, finding that the threat actor targeted the intended victims with their country of residence rather than the country that the targeted organization operates in or country or language that could be extracted from the email address. For example, certain targets in a multi-national European organization received emails impersonating the IRS because their publicly available information linked them to the US. In some cases, it appears that the threat actor mixed up the country of residence for some victims when the target had the same (but uncommon) name as a more well-known person with a more public presence. Emails were sent from suspected compromised domains, with the actor including the agency’s real domain in the email address.
The threat actor targeted 18 different verticals, but nearly a quarter of the organizations targeted were insurance companies. Aerospace, transportation, and university entities made up the rest of the top 50% of organizations targeted by the threat actor.
Proofpoint does not attribute this activity to a tracked threat actor. Based on the functionality of the malware and collected data observed when examining the Sheet, information gathering was one objective of this campaign. While many of the campaign characteristics align with cybercriminal threat activity, we assess this is likely espionage activity conducted to support as yet unknown final objectives.
The Frankensteinian amalgamation of clever and sophisticated capabilities, paired with very basic techniques and functionality, makes it difficult to assess the level of the threat actor’s capability and determine with high confidence the ultimate goals of the campaign. It is possible that large numbers of emails could be used to obscure a smaller set of actual targets, but it’s equally possible the actors wanted to genuinely infect dozens of organizations. It is also possible that multiple threat actors with varying levels of experience in developing tooling and initial access worked on this activity. Overall, it stands out as an unusual campaign.
The behavior combines a variety of recently popular techniques observed in several disparate campaigns from multiple cybercriminal threat actors that have used similar techniques as part of ongoing experimentation across the initial access ecosystem. Many of the techniques used in the campaign are observed more frequently in the cybercriminal landscape, demonstrating that actors engaging in suspected espionage activity often use the same TTPs as financially motivated threat actors.
While the activity appears to align with espionage activity, it is possible that future activities associated with this threat cluster may change this assessment. In that case, it would indicate cybercriminal actors, while demonstrating some typical e-crime delivery characteristics, used customized malware with unusual features currently only available to the operators and not abused in widespread campaigns, as well as very specific targeting not normally seen in financially motivated campaigns.
Defense against observed behaviors includes restricting access to external file sharing services to only known, safelisted servers; blocking network connections to TryCloudflare if it is not required for business purposes; and monitoring and alerting on use of search-ms in scripts and suspicious follow-on activity such as LNK and PowerShell execution.
Proofpoint reached out to our industry colleagues about the activities in this report abusing their services, and their collaboration is appreciated.
Hospitality
FHS World brings together top UAE chefs for Middle East’s first Sustainable Cook-off
Top chefs from across the UAE will come under the spotlight at the region’s first Sustainable Cook-off contest, taking place at Future Hospitality Summit – FHS World at Madinat Jumeirah in Dubai, 30 September to 2 October.
Celebrating the unique flavours of the UAE and culinary excellence while championing sustainability in line with government net zero directives, the competition – in partnership with The Emirates Culinary Guild (ECG), UAE Restaurants Group (UAERG), Fresh On Table and the Hospitality Asset Managers Association (HAMA) – will see locally-sourced ingredients transformed into innovative, gastronomic masterpieces to be presented to a panel of esteemed judges and served to FHS delegates.
Jonathan Worsley, Chairman of FHS World organiser, The Bench, said: “We are absolutely thrilled to add the Sustainable Cook-off to our list of first-time event features and attractions at FHS World 2024. This unique competition – a natural fit with FHS World’s overarching theme of ‘Invest in our Future’ – is the perfect platform for chefs to grow, develop and foster young talent. And, with the spotlight on ESG like never before, it’s an ideal way to highlight and promote sustainable practices in terms of culinary, hotel, and event operations.
“It is also very fitting that our Sustainable Cook-off is taking place at Madinat Jumeirah – the original home of the Arabian Hotel Investment Conference (AHIC), now FHS. Jumeirah, our host sponsor, has proactively led the way on sustainable practices over the last decade and continues to explore ways to innovate and make major events like FHS more sustainable.”
The Sustainable Cook-off is themed ‘The Sustainable 7 Emirates’, with a focus on fresh produce from Abu Dhabi, Dubai, Fujairah, Ras Al Khaimah, Umm Al Quwain, Ajman and Sharjah. The ECG and UAERG is partnering with FreshOnTable to source and secure the local ingredients, which include Manchego cheese, honey, sea bream, exotic mushrooms and edible flowers.
“At FreshOnTable, we are excited to have envisioned the concept of showcasing 7 ingredients from 7 emirates for this innovative event. The Sustainable Cook-off is not just a competition; it’s a celebration of how local ingredients and creative techniques can unite to promote a more sustainable future in gastronomy. We look forward to seeing how the UAE’s top chefs will bring this idea to life, setting new benchmarks for environmental impact and culinary creativity,” commented Atul Chopra, Founder & CEO, FreshOnTable.
The contest kicks off with a virtual format, where the chefs’ chosen recipe and photograph of the dish are submitted to judges for assessment. The top 15 will then be invited to cook their dish live at FHS World, with five chefs recreating their culinary masterpiece each day of the event. And, to ensure that FHS World delegates get a taste of the action, each creation will be replicated by the Madinat Jumeirah Culinary Team and served to FHS World attendees.
Spearheading the work, creativity and forward-thinking approach of UAE chefs is Andy Cuthbert, President of the Emirates Culinary Guild, advisor to the UAE Restaurants Group and General Manager, Madinat Jumeirah Conferences and Events.
Commenting on the Sustainable Cook-off, he said: “The UAE is firmly established as a leading hub for culinary innovation and education, and a world-class destination for gastronomes. With that, comes a responsibility to help protect the environment in line with UAE government net zero objectives. As sustainability becomes more and more important, the hospitality fraternity must continually think about how their actions today affect our planet of tomorrow. The Sustainable Cook-off is a fantastic opportunity to showcase the talent, imagination and green-thinking approach among some of the country’s most renowned chefs.”
“I am confident that the Sustainable Cook-Off will inspire not only the participants but also the entire culinary community to embrace sustainability and innovation. It is through events like this that we can collectively elevate the standards of our industry and continue to celebrate the unique and diverse flavors that the Emirates have to offer,” added Abdulla AlMulla, Chairman, UAE Restaurants Group.
ESG and sustainability feature heavily on the FHS World agenda, with a host of presentations and panel debates under a key conference track: People, Planet, Profit.
News
RAKBANK partners with Bitpanda Technology Solutions to unlock digital assets in the UAE
The National Bank of Ras Al Khaimah has reached an agreement with Bitpanda Technology Solutions to provide a robust platform that will enable UAE residents to effortlessly manage digital assets.
When fully launched, RAKBANK customers will be able to pursue various digital assets use cases unlocking one of the most complete offerings available in the UAE market. This is however subject to CBUAE approval.
The partnership positions RAKBANK and Bitpanda at the forefront of the digital financial breakthrough in the UAE, while fostering growth in the digital assets sector. This allows banks to participate in the virtual asset economy without needing to develop their own in-house virtual asset capabilities.
Dongjun “DJ” Choi, Group Chief Customer Officer of RAKBANK commented: “We believe digital assets represent one of the future ways for customers to manage their finances more efficiently and securely. This partnership is poised to fill the gap in the market for a trustworthy and regulated banking platform to deal in digital assets. By merging our expertise, we aim to revolutionize the traditional financial landscape for the benefit of our customers, enabling them to explore a broader range of digital assets opportunities.”
Lukas Enzersdorfer-Konrad, CEO of Bitpanda Technology Solutions added: “RAKBANK has a long history of pioneering crypto innovation in the UAE, and we want to support their ambitions. Bitpanda Technology Solutions is fully modular, enabling us to tailor products to our partners’ needs. This partnership exemplifies the importance of that flexibility. Together, we will transform crypto access for millions in the UAE and lay the groundwork for future innovation.”
-
Tech News2 months ago
Denodo Bolsters Executive Team by Hiring Christophe Culine as its Chief Revenue Officer
-
Tech Interviews6 months ago
Navigating the Cybersecurity Landscape in Hybrid Work Environments
-
Features3 months ago
Security in the Cloud Age: Combating Risks with Hybrid Cloud Solutions
-
Tech News6 months ago
Brighton College Abu Dhabi and Brighton College Al Ain Donate 954 IT Devices in Support of ‘Donate Your Own Device’ Campaign
-
Tech Features3 months ago
The Middle East to Lead with Next-generation Mission Critical Communication Advancement
-
Automotive6 months ago
Al-Futtaim Automotive Builds On 23-Year Legacy of Trust & Leadership in UAE’s Pre-Owned Car Market to Sell Over 25,000 Used Vehicles in 2023
-
Tech News9 months ago
Senet enters MENA’s Competitive Gaming Scene with ‘skill-to-earn’ Platform
-
Tech Features7 months ago
How Telecommunications Providers Can Best Tackle DDoS Attacks