**MOUNTAIN VIEW, Calif., April 11, 2023** – Menlo Security, a leader in browser security, today shared results from the CyberEdge Group’s 10th Annual Cyberthreat Defense Report (CDR). This year’s report, sponsored in part by Menlo Security, highlights the growing importance of browser isolation technologies to combat ransomware and other malicious threats. This continues to be critically important as the research revealed that 78% of ransomware attacks include threats beyond data encryption.

Threat actors know today’s employees spend most of their time working in their web browser, making it both a critical business asset and an attractive attack vector if not properly protected. More than half (51%) of respondents use some form of browser or Internet isolation to protect their organizations, with another 40% planning to deploy this type of technology in the next 12 months. Furthermore, 33% of respondents noted that browser isolation is a key element of their cybersecurity strategy for protecting against sophisticated attacks such as ransomware, phishing and zero-day attacks.

This growing focus on browser security is validated by CDR findings that four in five respondents said that when victimized by ransomware attacks, which are often delivered through the browser, they faced the consequences of multiple threats if they did not pay the ransom. These multi-level attacks included threats to publicly release exfiltrated data (40%), notify customers/media of a data breach (42%) or commit a DDoS attack against the organization (42%).

“Evasive web threats, including Highly Evasive Adaptive Threats (HEAT), often come through the web browser and easily bypass multiple layers of detection in prominent security technology, resulting in malware, compromised credentials, and, many times, ransomware,” said Mark Guntrip, senior director of cybersecurity strategy at Menlo Security. “The CDR shows that the risk of ransomware delivered via a HEAT attack is becoming even more serious, with multiple threats in one payload. Preventing it is critical and browser isolation technologies are a highly effective way to do so.”

This year’s CDR notes browser isolation as an up-and-coming technology that allows employees to perform activities such as accessing websites, opening emails and downloading documents in an isolated environment in the cloud. Because the browser session is isolated, any malware, ransomware or other threats are unable to reach corporate systems, negating the effectiveness of even sophisticated attacks.

“It’s exciting to see browser isolation technologies embraced by CDR respondents, in part because they’re designed to improve security without affecting the end user’s experience at all,” said Steve Piper, founder and CEO of CyberEdge Group. “We think that we’ll all be hearing more about the importance of this type of technology in the future.”

**About the CDR**

In November 2022, 1,200 IT security decision makers and practitioners completed a 27-question online survey. Each participant was employed by a commercial or government entity with a minimum of 500 employees. Participants came from six geographic regions: North America, Europe, Asia Pacific, the Middle East, Latin America, and Africa. The CDR gauges perceptions about cyberthreats and ascertains future plans for improving security and reducing risk. It empowers IT security professionals to benchmark their company’s security posture, operating budget, product investments, and best practices against peers in their industry and geographic region.

**About CyberEdge Group**

CyberEdge Group is an award-winning research and marketing consulting firm serving the diverse needs of information security vendors and service providers. Headquartered in Annapolis, Maryland, with 60+ consultants based across North America, CyberEdge works with approximately one in every six IT security vendors. The company’s annual Cyberthreat Defense Report provides information security decision makers and practitioners with practical, unbiased insight into how enterprises and government agencies defend their networks in today’s complex cyberthreat landscape. For more information, visit www.cyber-edge.com. The CyberEdge Group name and logo are trademarks of CyberEdge Group, LLC in the United States and other countries. All other trademarks and service marks are the property of their respective owners.

**About Menlo Security**

Menlo Security protects organizations from cyberattacks by eliminating the threat of malware from the web, documents, and email. Menlo Security’s patented Isolation-powered cloud security platform scales to provide comprehensive protection across enterprises of any size, without requiring endpoint software or impacting the end user-experience. Menlo Security is trusted by major global businesses, including Fortune 500 companies, eight of the ten largest global financial services institutions, and large governmental institutions. The company is backed by Vista Equity Partners, Neuberger Berman, General Catalyst, American Express Ventures, Ericsson Ventures, HSBC, and JP Morgan Chase. Menlo Security is headquartered in Mountain View, California. For more information, please visit www.menlosecurity.com.

Menlo Security Illustrates Importance of Browser Security as 4 in 5 Ransomware Attacks Include Threats Beyond Data Encryption

Amid isolating sanctions, a Russian tech giant plans to launch new Android phones and tablets. But experts are skeptical the company can pull it off.

The fresh wave of sanctions after the invasion of Ukraine has given new wind to the concept of technological self-sufficiency, with Russia’s government launching multiple initiatives to create domestic substitutes for foreign electronics, online platforms, and software, on which many Russian companies are dependent.

Over a thousand tech companies stopped or curtailed their operations in Russia after the invasion of Ukraine. In just a month, Cisco, SAP, Oracle, IBM, TSMC, Nokia, and Ericsson, as well as Samsung and Apple, left the market, affecting entire industries, including mobile operators, factories, startups, and large state-owned companies. According to IDC, a global market-analysis firm, the Russian IT market in 2022 shrank by $12.1 billion, or 39 percent.

Russian prime minister Mikhail Mishustin said in February that Russia wants to replace 85 percent of foreign software with Russian substitutes, opening dozens of so-called import substitution centers. Among them is a project to create a national operating system for devices. The plan, however, is at an early stage with no road map in sight, says the Internet Research Institute’s Kazaryan.

“Currently, a few big players are trying to woo the government for subsidies to create devices on ‘national mobile OS,’ whatever that might be,” he says.

One of the more promising alternatives to Android is Aurora OS, a Linux-based smartphone operating system made by the Russian state-owned telecommunications firm Rostelecom. But Aurora was primarily made for government use and does not support Android apps. In December, the Russian government refused to allocate any of the 22 billion rubles ($292.1 million) earmarked for the development of the Russian operating system.

Other Russian smartphone makers, such as BQ, have promised to adapt Huawei’s HarmonyOS for its handsets. But there's been no news of progress since BQ’s announcement in September. Huawei, which is based in China, developed its own operating system in 2019 after Google stopped providing its suite of mobile software services to the company because of US trade sanctions. The Chinese IT giant has said it has no plans to launch HarmonyOS-equipped mobile phones outside of China.

Huawei’s struggle to compete outside China shows that it’s hard for a smartphone brand to gain buyers without access to Google services. Huawei lost almost a third of its revenue in 2020, the year after sanctions cut its access to Google Maps, Gmail, and other common Google apps. The biggest hurdle NCC’s new smartphone may face, however, is cheap and readily available phones from China. 

Counterpoint’s data shows that phones from Xiaomi, Realme, and Honor, a budget brand previously owned by Huawei, have replaced once best-selling iPhones and Samsung Galaxy devices, accounting for 95 percent of the market last year.

“There's still a lot of competition,” says Counterpoint’s Stryjak. “I don't think there's a huge gap in the market for a new player.”

Other Russian phones, most famously Yotaphone, have tried to capture the domestic market, but they remained at a very small scale, says Stryjak. Russians prefer brands they already know. Thanks to parallel trading—importing goods without the permission of the manufacturer—even Samsungs and iPhones are still available in the country. NCC says it aims to price its smartphones between 10,000 and 30,000 rubles ($132 and $398). 

“We are considering various options. This could be production at Russian factories or contract manufacturing at Chinese enterprises,” NCC’s Kalinin told local media. NCC did not respond to WIRED’s request for comment.

Other Russian smartphone makers such as Smartekosistema, owned by state giant Rostec, have found that they were unable to procure the necessary chips from TSMC for the second iteration of their handset, the AYYA T2. All of this may make creating Russian challengers to Samsung or Apple very expensive.

“You probably can make a smartphone in Russia with Chinese parts, but it's not very efficient,” says Kazaryan. “And why would anyone buy a Russian phone that is more expensive than Xiaomi?”

The Sketchy Plan to Build a Russian Android Phone

ZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).

**ZKT Eco ADMS - Stored XSS**

 Hi All,

I was able to identify stored XSS in one online attendance system i.e. ZKT Eco ADMS (v 3.1-164 )(Automatic Data Master Server) is a powerful web-based time and attendance management software. which is used to configure the attendance devices and manage its users.

Cve ID assigned CVE-2022-44213: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-44213

Technical details

1.  Login to ZKT Eco ADMS (default admin/admin)
2.  Click on System and click on Employee
3.  Click on Append button to add new Employee
4.  In Emp Name field Add your XSS payload. For testing I have used a non malicious code **"/><img src=a onerror=alert('stored-XSS');>**
5.  Click on Submit button, it will redirect you to the employee list, and our payload will be executed.

_XSS payload embedded in EMP NAME field._

_our payload executed successfully._

XSS has been fixed in latest versions after 3.1-164.

**Popular posts from this blog**

**Ericsson BSCS iX R18 Billing & Rating (ADMX, MX) - Stored XSS**

Dear Reader, I was able to identify stored XSS in multiple web base modules of Ericsson BSCS iX R18 Billing & Rating platform  Below are its details: # Software description: Ericsson Billing is a convergent billing solution for telecoms that combines an unrivaled combination of out-of-the box features and high configurability. As an evolution of the widely-installed Ericsson BSCS iX, Ericsson Billing provides a low-risk but effective route to capture and secure revenue streams and take advantage of business opportunities from both traditional telecom services as well as digital services, 5G and IoT. # Technical Details & Impact: There are multiple web base modules in BSCS iX e.g. ADMX, MX (monitoring center), CX etc. It was observed that ADMX and MX are vulnerable to stored XSS, In most test cases session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admin's browsers using beef

**Autoconfiguration ipv4 address 196.254.x.x IP Problem**

Today when i connect my laptop to Lan it wasn't getting the ip from my DHCP server. Instead it gives me some weird IP like 196.254.x.x . while my Wifi was working fine, I searched Alot to get to know until i found a great piece of code on a blog. so going to share with you guys. Problem with my Ip. Steps to follow: If you are Using any Firewall disable it (like i use comodo so i disable it temporary) Click on start and click on RUN (or simple press windowsKey+R ) type CMD   Now type the below Codes  netsh interface ipv4 show inter It will show like this.  As we have problem in LAN so my LAN here is Local Area Connection  and Its Idx=11 (we will use this idx number in next code) Now type in this code and replace your Idx number, as mine is 11    netsh interface ipv4 set interface 11 dadtransmits=0 store=persistent   It will show like this.  If it says OK. Congratulations you have done the difficult part Now Click on Start and Run again and Type Servic

**CSV Injection in Acunetix version 13.0.201217092**

 Hi all,  I was using Acunetix version 13.0.201217092 for scanning purposes back in Jan 2021, and I was able to identify CSV Injection vulnerability in the web scanner. Any user who is not the administrator can perform these actions which can lead to admin system compromise. For testing I used the Admin account. Lets get to the technical details. CVE ID Assigned:  CVE-2022-29315  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29315 https://www.cve.org/CVERecord?id=CVE-2022-29315 Vulnerable Version: Before version 14 Fixed Version: 14 and 14+ # Software description: Acunetix by Invicti Security is an application security testing tool built to help small & mid-size organizations around the world take control of their web security. # Technical Details & Impact: It was observed that Target page is vulnerable to CSV Injection, using CSV injection; Maliciously crafted formulas can be used for three key attacks: Hijacking the user's computer by exploiting vulnerabilitie

CVE-2022-44213: ZKT Eco ADMS - Stored XSS

Red Hat Security Advisory 2022-8857-01 - Erlang is a general-purpose programming language and runtime environment. Erlang has built-in support for concurrency, distribution and fault tolerance. Erlang is used in several large telecommunication systems from Ericsson. Issues addressed include a bypass vulnerability.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

====================================================================                     
Red Hat Security Advisory

Synopsis:          Moderate: Red Hat OpenStack Platform 16.2.4 (erlang) security update  
Advisory ID:       RHSA-2022:8857-01  
Product:           Red Hat OpenStack Platform  
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:8857  
Issue date:        2022-12-07  
CVE Names:         CVE-2022-37026  
====================================================================  
1. Summary:

An update for erlang is now available for Red Hat OpenStack Platform 16.2.4  
(Train) on Red Hat Enterprise Linux (RHEL) 8.4.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat OpenStack Platform 16.2 - ppc64le, x86_64

3. Description:

Erlang is a general-purpose programming language and runtime environment.  
Erlang has built-in support for concurrency, distribution and fault  
tolerance. Erlang is used in several large telecommunication systems from  
Ericsson.

Security Fix(es):

* Client Authentication Bypass (CVE-2022-37026)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2141802 - CVE-2022-37026 erlang/otp: Client Authentication Bypass

6. Package List:

Red Hat OpenStack Platform 16.2:

Source:  
erlang-23.3.4.18-1.el8ost.src.rpm

ppc64le:  
erlang-asn1-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-asn1-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-compiler-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-crypto-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-crypto-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-debugsource-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-eldap-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-erl_interface-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-erts-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-erts-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-hipe-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-inets-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-kernel-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-mnesia-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-odbc-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-os_mon-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-os_mon-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-parsetools-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-public_key-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-runtime_tools-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-runtime_tools-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-sasl-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-snmp-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-ssl-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-stdlib-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-syntax_tools-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-tools-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-tools-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm  
erlang-xmerl-23.3.4.18-1.el8ost.ppc64le.rpm

x86_64:  
erlang-asn1-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-asn1-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-compiler-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-crypto-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-crypto-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-debugsource-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-eldap-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-erl_interface-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-erts-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-erts-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-hipe-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-inets-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-kernel-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-mnesia-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-odbc-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-os_mon-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-os_mon-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-parsetools-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-public_key-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-runtime_tools-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-runtime_tools-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-sasl-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-snmp-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-ssl-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-stdlib-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-syntax_tools-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-tools-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-tools-debuginfo-23.3.4.18-1.el8ost.x86_64.rpm  
erlang-xmerl-23.3.4.18-1.el8ost.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-37026  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIVAwUBY5FpldzjgjWX9erEAQiC5xAAgikz4PKc5MK3UvThDwTvFMhQnA7OKRWM  
6HyUCQVnvMXH8FOQBRQAkybQ0k7GHwLuVoltXfG6a+sQwUcWyFEMjn1QPxqJTdGH  
lvE4BPDxZt55qesI/r/Ed1dU6t5M0Yz5d40MTouOhTWtaoyyq0w9eRslOtc6sEUX  
jOp9AujRHtufUtqFZrJlgTMfSL7fwkRKYqOHUu0hnpFKLduK5fP1vQrVEaLBBR1e  
LcK7ozKFKK1r9xw/HwMQKUbooTwjwD7hW7GMGY/l9vYav39c91WxeN4QgYFW6Lwc  
uDBOZe0pQ71j/ujdgkPxJ/sItBvsxepqleyeYhyxpahfOgydP9Jn1DJ6nfsEkUFP  
+UirkDPUIGFxOFmelEGHlyzpBg5vDExE/iQ92lqbLseA5el3NT0MhEYQKF66ZiZm  
fN4cAC5k2GGi6M8dykQyhiWDPTCjIwy07OrGotleCE8XLATfYHG47wFwZi2lphyG  
AJkpki/WYwV7s5XYABXjKZYCcuZ/HtLP93vX1nHQnayxG2z4frO1/xl89FcxbGrs  
lIgnQmSHzySSaoyrzMx8NT+rUATG9DxKWrVQEHlFNJE1g0Vz5dW7ZKjegLViFg8Q  
Uk/8TgN+poNJHlVj4SaC50Iskyn7733l/EgGDPPEip7lup6vR4n2Vayb+HZflTfI  
k3ufCa6ZRqQ=2X4R  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2022-8857-01

An update for erlang is now available for Red Hat OpenStack Platform 16.2.4
(Train) on Red Hat Enterprise Linux (RHEL) 8.4.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:
* CVE-2022-37026: erlang/otp: Client Authentication Bypass


Issued:

2022-12-07

Updated:

2022-12-07

**RHSA-2022:8857 - Security Advisory**

*   Overview
*   Updated Packages

**Synopsis**

Moderate: Red Hat OpenStack Platform 16.2.4 (erlang) security update

**Type/Severity**

Security Advisory: Moderate

**Red Hat Insights patch analysis**

Identify and remediate systems affected by this advisory.

View affected systems

**Topic**

An update for erlang is now available for Red Hat OpenStack Platform 16.2.4  
(Train) on Red Hat Enterprise Linux (RHEL) 8.4.  

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

**Description**

Erlang is a general-purpose programming language and runtime environment.  
Erlang has built-in support for concurrency, distribution and fault  
tolerance. Erlang is used in several large telecommunication systems from  
Ericsson.  

Security Fix(es):  

*   Client Authentication Bypass (CVE-2022-37026)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page listed in the References section.

**Affected Products**

*   Red Hat OpenStack for IBM Power 16.2 ppc64le
*   Red Hat OpenStack 16.2 x86\_64

**Fixes**

*   BZ - 2141802 - CVE-2022-37026 erlang/otp: Client Authentication Bypass

**Red Hat OpenStack for IBM Power 16.2**

SRPM

erlang-23.3.4.18-1.el8ost.src.rpm

SHA-256: d62cffaa3a34a9c3b69473096d4db95462ac111773682b2d04ed04d641507d42

ppc64le

erlang-asn1-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 1f3506909b29ac268896d8df2d9b2e978de578bcdc967ac16634f6d2285bdb5d

erlang-asn1-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: b6707adec442e7a6aac6fe49f0da0860832c9fffd3856c2cd5a56ff210601dd3

erlang-compiler-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 76e6fbfeb2cc7656f4569342016a7c473fa5c15634e2ed37e91bb962f22ab3fd

erlang-crypto-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 6ffe6eb6a13e7198a544f2e258e26e5c606e6b0e4dc482972225906d9f8600c0

erlang-crypto-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 3f614367725fe02db0389057b011fa6b68406d8e280375cebc66c07106362fac

erlang-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 5c664098acd37d1c545b162be398ba3403a6c623926419e681d657a279058df5

erlang-debugsource-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 81ce5592ca448d8c3a57f631355eefc9410d7a178ff6019f5c8b5c5670f6d3ff

erlang-eldap-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 7a4dad3f5f096c2e74e094e000524f729776a1fe27222e3d1799e03120b67939

erlang-erl\_interface-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: f7943b221eae749bc574719d5d3cf9300cc6e029ab62a981e447eb87f5fe939d

erlang-erts-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: dbe99167d588b790b873d93080d3bdcebf00811c6878d8d3658291408738640b

erlang-erts-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 9e5572782e69a9862c95739f6ef2ca7ebdac1ebaeba7cdcca5c5fa0c713fd867

erlang-hipe-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: bfc0878953f0ef293ad04f1c7549953e3a5c87e92252e7a5388af42c8796c422

erlang-inets-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 8f9ab6f8419db19acc38bca9fef8031147e6836ae18fd8c293452fcf4c7d9a91

erlang-kernel-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 6ed44940e18c94b7748e913ceba7b1155513f99fc63462e91a3fc3e984a3980e

erlang-mnesia-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: a107375971814b49f6148a3d01559f986f1f064061e6f177a5bbb466681c379b

erlang-odbc-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: cf2d1d60616b74a6e2308c19a0a38136682d2dcc5b64ddc7836609fa7db4b7a3

erlang-os\_mon-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 54029b45c4c1de967e2607d2aed04de7392391e061455dc542ca4ae13409f924

erlang-os\_mon-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 9ee507a1a8d9d39c4f99df187121e75056622eaf9d241b646125e921e9e4009d

erlang-parsetools-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 3db8c1e3d039ffc027f3e42c8da5a64f83c10c49b061f419812e87dc5196ff56

erlang-public\_key-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 9ae39c629fe0ea46d0d1fd0fc04987957da30c75ca7540e0d5cfdbf306ffc7e1

erlang-runtime\_tools-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: fa852dce145ea205ad098361a636be0b2c9d858567b2ea07f68dae439249cad9

erlang-runtime\_tools-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 8de4c231fc32c79a4809e39409879045de8fef2ee210dbfd59fd439f6a31c325

erlang-sasl-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 99e5a7874683a1d0da00a356f295b372256ef6249cde5c76f7e9694c5e9cdf38

erlang-snmp-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 5dbb5e7a39bca1c4e21972a778155df7da5d6e486e7c91d8df6b6fa08e7d71e1

erlang-ssl-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: e8004e2bd823dba11ef0cb60b0938260361c1b0b9a05602c88b0637490bead90

erlang-stdlib-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: eecde07bb432dbcac5ec26a4f1c2c1961beb460a1f22d267c68fc4a337490e20

erlang-syntax\_tools-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 123609f73b015d7061fc1cdcf028b7c8a848c95ec09e2147b76d7f45045c35f0

erlang-tools-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: e2d29c0cd65c3165c70269a9642acdb879e9e88d416e8af4189e60d13b710a80

erlang-tools-debuginfo-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 9b34fa43767742d0cdcb5c522a739d0a45a3187b0cdd7420c55c5e82e20c107b

erlang-xmerl-23.3.4.18-1.el8ost.ppc64le.rpm

SHA-256: 1db7c8f3963ceea42e9aa646cc7bc9ef1ea6a043e20e0e121a3cd2861f5d409f

**Red Hat OpenStack 16.2**

SRPM

erlang-23.3.4.18-1.el8ost.src.rpm

SHA-256: d62cffaa3a34a9c3b69473096d4db95462ac111773682b2d04ed04d641507d42

x86\_64

erlang-asn1-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: dc1990fa477f9a0b4e735751a1c38e52d8e2aeb19f1bafcedd4bf9ac7c1dbee4

erlang-asn1-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 2a99ac6b96b7d64102ff6b072d17141b30d5368ae1b2dfa1b6a59475fc6aa75b

erlang-compiler-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: ba5ea77b6e2071d571c705dd851c3dcd2348f98d5bad92e3bb06fa27d2574a7f

erlang-crypto-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: b5d3dd5538bf0098b3683aa1acf395d58a97d40eb89d537bcffa89509eff2551

erlang-crypto-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 5e1ecb06641384ce61202e59fe550c3f8b6a038c97db1d15d2056d3b25bb8322

erlang-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: cce0b6045d8c76b184150a700004124414ead638f44251d60bc2403fd33c14af

erlang-debugsource-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 8a7fc3fa160d9bc3f8b4b1664918419b99c959d667aee4d303a4e3db86ed54da

erlang-eldap-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: b8f893a1f92881f0449df814e1f1ec015bf5fda691508ea714af794d12230566

erlang-erl\_interface-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: cc1cf4f57e8904527bd0036a02ea31798c0f815ca30598f86400832cb4f37927

erlang-erts-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: b95e856e87cb2cba8975714f34f00bce935656f38bc185db9fa5b37fc418a3a9

erlang-erts-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 9f983a964e3a646d8a748614c6091d3cc139198346c02b713e9bee9859cfd9c0

erlang-hipe-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: cc7100a0af0dd0572126eaa0e725ef739e818c7418c13ce466f0a6f10074e8de

erlang-inets-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 0c251d724be784038aada2172ad0944c04c45919cad4468623c69d3fa63d193c

erlang-kernel-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: ce6e890e2ab8d53a5bc11bb2db0c4707e64f8c127bd6485651aab1cfd9da79ac

erlang-mnesia-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 3dcedde5a4efd9b34ea52865f91cda05721c0829b6fa0035fac8d13760272bdf

erlang-odbc-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: c0df9c5c3b43753a67ebee5dd1ab3083920e796fcd5b7283c1ffd6a937f1e31c

erlang-os\_mon-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 9c9ad7b9d1d1da85ab22911ea9e6c27a62484e2648919740bd9d17f5aaa06e48

erlang-os\_mon-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: f4a0e7483d28af22e3b078b69389dadbf33247a82de066e3c2e82a5efff9627e

erlang-parsetools-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: e4dcd22bc4e4c476630c2d0b8e4671173a2fe53b1e4f4dfe1049ca275e7b86a5

erlang-public\_key-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 6a06b5b6c25742e66ac2a6d2a2a3a366844e8256c1b60cf765bf8b0248c20e5c

erlang-runtime\_tools-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 0ac5b18695cd44d9112106b5965935e561cfdeeb1cdb922c6f46d21071b0e3c5

erlang-runtime\_tools-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: ad5d1c9f66c57993ca62cab08a47aa2ed088e853455809d0443f60629f8d87c3

erlang-sasl-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 813d2a41279fa48096abf308255e99c6c6269e00780113f944a140388924c2a8

erlang-snmp-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 9d1130eb9759232cf670ff9a46904e454463b7a4ca535f3fcd43b8b655070705

erlang-ssl-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: abbb7c91a43b61bed47fb3c37ddc192c76476f0b8c826e7881bc816254826f7d

erlang-stdlib-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: ef5d8511a30f2981b2cd9b31beb0e88c45ea7fd88062de114a052ff5de9ae532

erlang-syntax\_tools-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 7e2c3a4aaaa8811657585d33eed8101fc750234e09134f04f8420aa27bfe7577

erlang-tools-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: acca2b55d5ee3bccb77ca93c7f7e75524acddacc06b9fb2b236e8f0a61559458

erlang-tools-debuginfo-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 2307e1b54cfbe24f8daf112c999c73ec0ea8e3288fb8e81cd6a00630c985ede3

erlang-xmerl-23.3.4.18-1.el8ost.x86\_64.rpm

SHA-256: 53d6d82ed3941298a568da9e8ce14c7f1e75013c1ff6a3783b63771325933530

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

RHSA-2022:8857: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2.4 (erlang) security update

ZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to contain a CSV injection vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the Content text field of the Add New Message module.

**ZKBio Time - CSV Injection**

 Hi all,

I am here with new post. Recently I have identified a csv injection vulnerability in one of the web-based time and attendance management software. Below are the details:

**Software Description:**

ZKBio Time is a powerful web-based time and attendance management software. With a powerful data handling capacity, the system can manage the attendance data of 10,000 employees. It can easily handle hundreds of devices and thousands of employees and their transactions. ZKBio Time comes with an intuitive user interface is able to manage timetable, shift and schedule and can easily generate attendance reports.

**Impacted Version: 8.0.7 (Build: 20220721.14829) and before.**

**Vulnerability details:**

1.  Login to ZKBio Time Application
2.  In the left Menu click on Messages -> Public
3.  Click on ADD new message button
4.  Write your Device Serial Number
5.  Mention any date/time and duration
6.  In Content Field Add your CSV injection payload.
7.  As shown below
    
      
    
8.  Any user who extract the report in CSV format and opens it
9.    
    
10.  The embedded payload will be executed

There is 90% chance that user will ignore the below warning box as the report is downloaded from trusted source. This will lead to payload execution.

**Thanks**

**Popular posts from this blog**

**Add Background Image on your USB/Flash Drive/Any System drive.**

How to set a Background Image on your Pendrive: 1.Select an image on your computer which you want to appear as background image. 2.Rename that image to "Image" without quotes. 3.Now copy and paste the image to your Pendrive. 4.Now create a new notepad file in ur Pendrive and paste the following code in it. \[ExtShellFolder Views\] {BE098140-A513-11D0-A3A4-00C04FD706EC}= {BE098140-A513-11D0-A3A4-00C04FD706EC} \[{BE098140-A513-11D0-A3A4-00C04FD706EC}\] IconArea\_Image= Image.jpg (check the file type of image. if its .jpg or .png or .bmp etc) 5.Save the file as desktop.ini in your pendrive and change the save as type to all files. 6.Remove your Pendrive and Enter Again and Open it. Note: This trick works best on Windows Xp and Vista . Wallpaper could also be set in any other directory like C:, D:, E: etc. Just copy and paste the files in the directory where you want the wallpaper to appear.

**Ericsson BSCS iX R18 Billing & Rating (ADMX, MX) - Stored XSS**

Dear Reader, I was able to identify stored XSS in multiple web base modules of Ericsson BSCS iX R18 Billing & Rating platform  Below are its details: # Software description: Ericsson Billing is a convergent billing solution for telecoms that combines an unrivaled combination of out-of-the box features and high configurability. As an evolution of the widely-installed Ericsson BSCS iX, Ericsson Billing provides a low-risk but effective route to capture and secure revenue streams and take advantage of business opportunities from both traditional telecom services as well as digital services, 5G and IoT. # Technical Details & Impact: There are multiple web base modules in BSCS iX e.g. ADMX, MX (monitoring center), CX etc. It was observed that ADMX and MX are vulnerable to stored XSS, In most test cases session hijacking was also possible by utilizing the XSS vulnerability. This potentially allows for full account takeover, or exploiting admin's browsers using beef

**Autoconfiguration ipv4 address 196.254.x.x IP Problem**

Today when i connect my laptop to Lan it wasn't getting the ip from my DHCP server. Instead it gives me some weird IP like 196.254.x.x . while my Wifi was working fine, I searched Alot to get to know until i found a great piece of code on a blog. so going to share with you guys. Problem with my Ip. Steps to follow: If you are Using any Firewall disable it (like i use comodo so i disable it temporary) Click on start and click on RUN (or simple press windowsKey+R ) type CMD   Now type the below Codes  netsh interface ipv4 show inter It will show like this.  As we have problem in LAN so my LAN here is Local Area Connection  and Its Idx=11 (we will use this idx number in next code) Now type in this code and replace your Idx number, as mine is 11    netsh interface ipv4 set interface 11 dadtransmits=0 store=persistent   It will show like this.  If it says OK. Congratulations you have done the difficult part Now Click on Start and Run again and Type Servic

CVE-2022-40472: ZKBio Time - CSV Injection

OpenSSF welcomes Capital One as a premier member affirming its commitment to strengthening the open source software supply chain.

**SAN FRANCISCO, Aug. 24, 2022** — Capital One joins the Open Source Security Foundation (OpenSSF) as a premier member, affirming its commitment to strengthening the open source software supply chain. OpenSSF is a cross-industry organization hosted at the Linux Foundation, designed to inspire and enable the community to secure the open source software we all depend on, including development, testing, fundraising, infrastructure, and support initiatives.

Capital One joins the OpenSSF Governing Board in charge of leading the organization and providing strategic direction. “We are happy to welcome Capital One to the Open Source Security Foundation,” says Brian Behlendorf, General Manager of OpenSSF. “As a highly regulated company that has invested in technology, Capital One has experience building the governance structure, modern architecture and collaborative culture that is critical for well-managed open source software delivery. By joining the OpenSSF, Capital One is demonstrating a serious commitment to secure open source software that benefits our entire ecosystem.”

As one of the nation’s leading digital banks, technology is central to Capital One’s business strategy and how value is delivered to more than 100 million customers. The company began a technology transformation over a decade ago, which included an open source-first declaration in 2015. A modern architecture in the cloud is allowing Capital One to take advantage of the world’s innovations and accelerate delivery by committing to a collaborative software-building approach among the open source community.

“Today some of the most ground-breaking digital experiences created for customers are based on open source software. As a company that widely adopts this technology, Capital One is incredibly proud to join the OpenSSF and the world’s technology leaders as we collaborate to strengthen the software security supply chain,” said Chris Nims, EVP of Cloud & Productivity Engineering at Capital One. “As a highly-regulated company, we are seasoned in managing compliance and governance and advocate for standardization, automation and collaboration. We look forward to working together to identify solutions that advance the OpenOSSF mission and give back to the open source community.”

Earlier this year, the OpenSSF unveiled a 10-point plan at the Open Source Security Summit hosted in conjunction with the White House in May. The plan feeds into 10 different workstreams, like finding ways to reduce patching response times for open source software, developing new metrics to track code and components, moving the industry away from non-memory safe programming languages that make it difficult to find and fix vulnerabilities, establishing a framework for incident response teams that can be deployed across the open source community and conducting annual third-party reviews of the top 200 most critical open source security components.

More recently, the OpenSSF hosted a Town Hall especially for open source software maintainers, contributors, software developers, and open source software users who know security is important, but haven’t made the leap to join an OpenSSF Working Group or Project yet. On Tuesday, Sept. 13, they will be hosting an OpenSSF Day EU at the Open Source Summit Europe in Dublin, Ireland, and online.

Capital One joins other OpenSSF premier members 1Password, AWS, Atlassian, Cisco, Citi, Coinbase, Dell Technologies, Ericsson, Fidelity, GitHub, Google, Huawei, Intel, IBM, JFrog, JPMorgan Chase, Meta, Microsoft, Morgan Stanley, Oracle, Red Hat, Snyk, Sonatype, VMware, and Wipro.

**About OpenSSF**

The Open Source Security Foundation (OpenSSF) is a cross-industry organization hosted by the Linux Foundation that brings together the industry’s most important open source security initiatives and the individuals and companies that support them. The OpenSSF is committed to collaboration and working both upstream and with existing communities to advance open source security for all. For more information, please visit us at: openssf.org.

**About the Linux Foundation**

Founded in 2000, the Linux Foundation and its projects are supported by more than 2,950 members. The Linux Foundation is the world’s leading home for collaboration on open source software, hardware, standards, and data. Linux Foundation projects are critical to the world’s infrastructure including Linux, Kubernetes, Node.js, ONAP, Hyperledger, RISC-V, and more. The Linux Foundation’s methodology focuses on leveraging best practices and addressing the needs of contributors, users, and solution providers to create sustainable models for open collaboration. For more information, please visit us at linuxfoundation.org.

Capital One Joins Open Source Security Foundation

Replacing passwords is not as easy as people think, but there is hope.

Although analysts have predicted the death of passwords for many years, passwords are still the predominant authentication credential used for many applications and IT systems. The reason for this is simple — everyone knows how passwords work, which makes them more convenient to use.

As a result, 80% of all company data breaches and hacking incidents result from stolen or compromised passwords. It's not hard to see why. The average user has more than 90 online accounts — almost all requiring a password that more than half of those same users reuse. And with a record 1,862 data breaches in 2021 at an average cost of $4.24 million per breach, it's no wonder that more than 555 million passwords are available on the Dark Web.

Passwords are proliferating across our digital world and getting stolen in record numbers every year, but it doesn't have to be this way.

**The Twin Dilemma of Security vs. Convenience**

Enterprises can address this problem today. In fact, many are already enhancing existing passwords with a second factor — for example, sending an out-of-band code via SMS or email. The technology exists for even stronger login credentials, but these often significantly impact the user experience, which hurts adoption with internal users (employees) or retention with external users (consumers).

Organizations are faced with a complex balancing act: They need to improve their authentication process so that login credentials provide the needed security while being easy to use. But those credentials also have to be difficult for hackers to steal or compromise. Oh, and let's not forget that this enhanced authentication mechanism must be cost effective, too.

Over the years, many types of login credentials emerged that were effective in one or two areas but fell short in the others. But, there is hope.

**Size and Scope**

The size and scope of the problem must also be taken into consideration. For large enterprises, these challenges are multiplied because of the sheer number of applications running across their hybrid environments, from the cloud to the mainframe. You hear a lot about the cloud, but how often do you hear someone mention the mainframe? Did you know that mainframes handle 90% of all credit card transactions, or that mainframes handle 68% of world's production IT workloads? For many of our strategic customers, the mainframe is more mission critical than anything running in the cloud.

A truly effective identity security solution needs to cover all aspects of an organization's infrastructure — everything from the mainframe to distributed servers, from virtualized to multicloud environments, managing access across business applications, privileged accounts, and everything in between.

**The Convergence of Technology and Standards**

The missing link in efforts to improve this identity security challenge is a failure to recognize that replacing the password is not as easy as people think. But there are several trends that may help accelerate the death of the password once and for all.

The first is the smartphone. According to Ericsson, the number of smartphone users in the world today is about 6.6 billion, which translates to almost 84% of the world's population. These devices are not only ubiquitous but are also responsible for teaching users how to use their fingerprint to unlock their devices and take a selfie. Biometrics is not an abstract concept anymore — it is becoming familiar even to people who struggle to use a computer.

The second trend is one of standardization, specifically the growing support for FIDO or Open ID Connect. These new security standards help facilitate the exchange of identity and authentication information between an identity provider and an application. These standards eliminate the need for passwords and replace them with passwordless techniques, such as biometrics (a single finger swipe on your phone). However, there are many mainframe and web applications that were never designed with support for these standards and therefore cannot leverage passwordless authentication — that is, not without major redesign or a little help.

For newer or smaller enterprises, it may be relatively easy to modify applications to be compatible with FIDO or OpenID Connect. However, for larger enterprises this problem is significant because the bulk of their mission-critical apps may need to be modified, and this may not be financially feasible. As a result, while newer applications are built with passwordless authentication mechanisms, they are addressing only a subset of enterprise applications, networks, and environments.

An effective security system needs to cover all an organization's digital assets. If not, the bad guys will always find the weakest link. Only through a holistic approach can enterprises solve the biggest pain points in identity security by replacing the need for passwords with a single passwordless sign-on procedure for everything in our digital world.

Identity Security Pain Points and What Can Be Done

DUBLIN, July 8, 2022 /PRNewswire/ -- The "Global Enterprise Endpoint Security Market - Forecasts from 2022 to 2027" report has been added to **ResearchAndMarkets.com's** offering.

Endpoint security is the technique of preventing harmful actors and campaigns from exploiting endpoints or entry points of end-user devices such as PCs, laptops, and mobile devices. Endpoint security solutions on a system or cloud protect against cybersecurity threats. Endpoint security has progressed beyond antivirus software to supply comprehensive security against sophisticated malware and new zero-day dangers.

Nation-states, hacktivists, organized crime, and purposeful and unintentional insider threats all pose a hazard to businesses of all sizes. Endpoint security is frequently referred to as cybersecurity's frontline, and it is one of the first places where businesses attempt to defend their networks. Due to several benefits, such as cost savings with cloud storage, compute scalability, and low maintenance requirements, enterprise use of SaaS-based or cloud-delivered endpoint security solutions continues to grow.

**The growing number of enterprise endpoints and mobile devices with access to sensitive data has created a tremendous need for endpoint security solutions, which is expected to drive the market.**

In today's environment, mobile gadgets such as smartphones and tablets have become necessary for both individuals and businesses. The number of employees using their phones for work is fast expanding, and mobile devices and applications have presented a slew of new attack vectors and data security challenges.

These cyber dangers range from Trojans and viruses to botnets and toolkits, and they can have a significant impact on the broader network, putting sensitive and private data at risk. For example, according to the Mobile Security Report 2021 by Check Point, 97 percent of businesses globally were hit by mobile attacks that used several attack vectors. At least one employee in 46 percent of those businesses downloaded a malicious app to their phone.

According to the same report, nearly every firm had at least one smartphone malware assault in 2020. The mobile network was responsible for 93 percent of the attacks. As previously stated, around 40% of all mobile devices are at risk of being targeted by cyber-attacks. As a result, businesses are increasingly implementing endpoint security solutions to secure their networks and give secure access to confidential data to their employees.

As a result, factors such as increased mobile and wireless device usage, advancements in connectivity infrastructure around the world, and dropping mobile device prices are all expected to have a significant impact on the endpoint security industry. For instance, according to Ericsson, there are already over six billion smartphone subscribers worldwide, with several hundred million more expected in the next years.

By 2026, the number of smartphone users is predicted to increase to 7516 million. Employees at firms are increasingly using their personal mobile devices to access corporate data owing to the growing BYOD trend. However, it poses security concerns, necessitating powerful endpoint security solutions to protect sensitive company data, resulting in significant demand.

However, the lack of awareness about endpoint security among the general public, as well as the fact that many enterprises are struggling to deal with security threats and data breaches as a result of a lack of understanding about endpoint security, is expected to limit the market expansion.

**By region, the Asia Pacific and North America are expected to hold a notable share in the global enterprise endpoint security market during the forecast period.**

North America and Asia-Pacific are predicted to have a significant share of the global enterprise endpoint security market. Applying technology to restrict threats on organizational endpoints and the rising penetration of mobile devices that are initially prone to endpoint attacks are two reasons supporting the market expansion in these regions.

For instance, in July 2021, SentinelOne and ConnectWise established a partnership to strengthen their security relationship. MSPs will be able to obtain SentinelOne Control and SentinelOne Complete as standalone products from ConnectWise rather than having to purchase them as part of the SOC-targeted Fortify Endpoint offering.

Similarly, in September 2020, Palo Alto Networks and OPSWAT expanded their partnership to add support for new endpoint platforms and IoT devices in GlobalProtect and Prisma Access for branch offices, retail locations, and mobile users. The integration detects and evaluates the state of the endpoint as well as any third-party security programs installed on it. The Host Information Profile (HIP) gathers data about the network's endpoints' security state, used to implement gateway policies.

**COVID-19 Insights**

The COVID-19 outbreak compelled enterprises all around the world to mobilize swiftly in order to secure large numbers of remote workers and expand their tooling beyond traditional security measures. With the growing number of cybercrimes in 2020, the market for global enterprise endpoint security has been positively impacted by the pandemic.

For instance, the US Department of Health and Human Services (HHS) systems were subjected to a large DDoS attack in March 2020. In the same month, a cyberattack hit databases at the University Hospital in Brno, one of the Czech Republic's main centers for COVID-19 blood testing. As a result, doctors could not complete coronavirus testing and had to postpone several surgical procedures.

**Key Topics Covered:**

**1\. INTRODUCTION**

**2\. RESEARCH METHODOLOGY**

**3\. EXECUTIVE SUMMARY**

**4\. MARKET DYNAMICS**  
4.1. Market Drivers  
4.2. Market Restraints  
4.3. Porter's Five Forces Analysis  
4.3.1. Bargaining Power of Suppliers  
4.3.2. Bargaining Powers of Buyers  
4.3.3. Threat of Substitutes  
4.3.4. Threat of New Entrants  
4.3.5. Competitive Rivalry in Industry  
4.4. Industry Value Chain Analysis

**5\. GLOBAL ENTERPRISE ENDPOINT SECURITY MARKET, BY SOLUTION**  
5.1. Anti-Virus  
5.2. Firewall  
5.3. Endpoint Device Control  
5.4. Anti-Spyware/Anti-Malware  
5.5. Others

**6\. GLOBAL ENTERPRISE ENDPOINT SECURITY MARKET, BY COMPONENT**  
6.1. Application Control  
6.2. Endpoint Encryption

**7\. GLOBAL ENTERPRISE ENDPOINT SECURITY MARKET, BY DEPLOYMENT**  
7.1. Cloud  
7.2. On-Premise

**8\. GLOBAL ENTERPRISE ENDPOINT SECURITY MARKET, BY ORGANIZATION SIZE**  
8.1. Small  
8.2. Medium  
8.3. Large

**9\. GLOBAL ENTERPRISE ENDPOINT SECURITY MARKET, BY INDUSTRY VERTICAL**  
9.1. BFSI  
9.2. Government  
9.3. Aerospace and Defense  
9.4. Healthcare  
9.5. Communication and Technology  
9.6. Others

**10\. GLOBAL ENTERPRISE ENDPOINT SECURITY MARKET, BY GEOGRAPHY**  
10.1. Introduction  
10.2. North America  
10.2.1. United States  
10.2.2. Canada  
10.2.3. Mexico  
10.3. South America  
10.3.1. Brazil  
10.3.2. Argentina  
10.3.3. Others  
10.4. Europe  
10.4.1. Germany  
10.4.2. France  
10.4.3. United Kingdom  
10.4.4. Spain  
10.4.5. Others  
10.5. Middle East and Africa  
10.5.1. Saudi Arabia  
10.5.2. Israel  
10.5.3. Others  
10.6. Asia Pacific  
10.6.1. China  
10.6.2. Japan  
10.6.3. South Korea  
10.6.4. India  
10.6.5. Thailand  
10.6.6. South Korea  
10.6.7. Taiwan  
10.6.8. Indonesia  
10.6.9. Others

**11\. COMPETITIVE ENVIRONMENT AND ANALYSIS**  
11.1. Major Players and Strategy Analysis  
11.2. Emerging Players and Market Lucrativeness  
11.3. Mergers, Acquisition, Agreements, and Collaborations  
11.4. Vendor Competitiveness Matrix

**12\. COMPANY PROFILES**  
12.1. Intel Corporation  
12.2. Broadcom Inc. (Symantec Corporation)  
12.3. Trend Micro Incorporated  
12.4. RSA Security LLC  
12.5. Kaspersky Lab  
12.6. Bitdefender  
12.7. WatchGuard Technologies  
12.8. ESET  
12.9. Sophos Ltd  
12.10. McAfee LLC

For more information about this report visit https://www.researchandmarkets.com/r/fyl26c

Worldwide Enterprise Endpoint Security Industry to 2027: Focus on Antivirus, Firewall, Endpoint Device Control, and Anti-Spyware/Anti-Malware

Maintainers of open source software (OSS) will gain additional security tools for their own projects, while the developers who use OSS — and about 97% of software does — will gain more data on security.

The maintainers of thousands of critical open source projects and the developers who build on the foundation of that code will both benefit from 10 security initiatives launched late last week by the Linux Foundation, the Open Source Security Foundation (OpenSSF), and 37 technology companies, the groups said — including tech bigwigs Amazon, Google, and Microsoft.

During a second summit of software industry professionals and government officials, the organizations committed to supporting a 10-step plan to shore up open source maintainers, provide tools to improve software security, and secure the software supply chain. 

The Open Source Software Security Mobilization Plan groups the 10 steps into three broad initiatives: securing open source software production, improving the discovery and remediation of vulnerabilities, and speeding the ecosystem's time to patch.

To show their commitment, a group of companies has pledged $30 million of the estimated $150 million needed to fund all 10 initiatives for the first two years, Brian Behlendorf, general manager of the OpenSSF, said during a press conference on Thursday. This initial $30 million comes from Amazon, Ericsson, Google, Intel, Microsoft, and VMWare.

"We realize that \[$150 million\] is a meaningful amount," he said. "It is an amount more than any one open source developer has, or even most open source projects. But when compared to the cost of remediating a major vulnerability out there, like we have seen in the last few years, it is a drop in the bucket — a very small ounce of prevention to spend for many, many pounds of cure."

The 10-step plan calls for educating and certifying developers in secure programming, creating and maintaining security metrics for the top 10,000 OSS components, promote digital signing of software releases, and replacing non-memory-safe languages, such as C and C++, with more modern alternatives, such as Go and Rust. The plan also calls for improving the discovery of vulnerabilities and their remediation by funding a team of experts to assist open source projects during incidents, provide advanced security tools, fund third-party reviews, and coordinate sharing of data to determine the most critical components.

The intent is to improve security without increasing workload, the open source foundations stated in the report.

"\[A\]ll forms of investment and intervention should be focused on delivering new value to OSS maintainers — from making it easier to adopt practices that enhance the security and integrity of their work, to funding activities like third party code reviews that most projects struggle to afford to perform on their own," the report stated. "Any investments or policies that place additional burdens on developers, increase their personal or professional liability for working on code, or issue unfunded mandates upon them, would struggle for adoption and potentially inhibit further advancements in open source software."  

**Developers & Maintainers to See More Tools  
**The main focus of the $150 million effort will be to produce tools, training. and services for developers and maintainers to create more secure software. Already, some tools have been released as part of the efforts of the OpenSSF and other supporters, such as Google. 

Google, for example, released a tool known as AllStars that automatically vets GitHub projects to flag any anomalies, which could indicate a security issue in the maintenance of the project. The company has also released a system, Scorecard, for rating projects in 18 different areas to give them a security rating. Google and the Linux Foundation, meanwhile, released a tool, sigstore, to help verify the integrity of software supply chains.

Such efforts are extremely important to reduce the impact of security efforts on developers' work, Stephen Chin, vice president of developer relations at software supply chain security firm JFrog, said in a statement.

"We believe open-source security will only be successful if we give OSS projects the same tools and services available to enterprises," he said. "Access to automated tools and high-quality security databases for open-source projects is essential and something that JFrog is committed to helping make happen."

Even more important than the tools are that the efforts create standards that allow interoperability between tool sets, Dan Lorenc — CEO and co-founder at Chainguard and a co-creator of sigstore — said in a statement.

"Interoperability is the linchpin in securing software throughout the supply chain," he said, adding: "These open source tools and projects are the core infrastructure for securing our digital world. But we know not every organization is in a position to go deep on learning each project, nor do they have dedicated staff to understand and integrate all of these tools."

**Gaining Momentum for Open Source Security Support  
**OpenSSF has already made a number of announcements of initiatives that will likely become components of the industry's approach to supporting the creation and maintenance of a more secure software supply chain. Earlier this year, for example, the group announced the Alpha-Omega Project, which aims to secure the most critical software by providing tools and support to maintainers. In March, the OpenSSF and the Laboratory for Innovation Science at Harvard announced four lists of 500 open source projects deemed most critical in two major ecosystems, the JavaScript-based Node Package Manager (NPM) and non-NPM frameworks.

In October, the OpenSSF announced that 16 premier members — including Amazon, Cisco, Facebook, Fidelity, Google, Microsoft, and Red Hat — along with 15 general members had  committed $10 million to expand and support the organization.

The broad base of support shows that open source security is a problem that affects every business using software, Brian Fox, CTO at Sonatype, said in a statement.

"It’s rare to see vendors, competitors, government, and diverse open source ecosystems all come together like they have today," he said. "It shows how massive a problem we have to solve in securing open source, and highlights that no one entity can solve it alone."

Tag

#ericsson