Category: Uncategorized

The Five Pillars of Zero Trust and Great Wing

Dr. Jonathan Ben-Benjamin, AJ Comerford, Moshe Ben-Benjamin The Challenge “Only the paranoid survive.” ā€“ Andy Grove, former CEO, Intel The paradigm of traditional corporate firewalls and endpoint security is obsolete. The modern workforce has embraced more interconnected systems, such as remote access or third-party integrations, which continue to blur the lines between intranet, internet, IT, and IoT. Every organization now fights the battle against de-perimeterization ā€“ the process of removing the boundaries between an organization and the outside world while trying to keep their company secure. The zero trust security model is emerging as the architectural solution to address the…

Defending Against the XZ Utils Backdoor with DefenceDomeā„¢ Wormholeā„¢ Protocol

In the ever-evolving landscape of cybersecurity, the recent discovery of CVE-2024-3094, a critical vulnerability within the XZ Utils library, has sent ripples through the tech community. This backdoor, introduced by a rogue maintainer, allows remote code execution (RCE), making it possible for attackers to execute commands remotely on affected systems. Such vulnerabilities pose severe risks to any organization, emphasizing the need for robust, innovative security solutions. At Great Wing, we understand the necessity to stay ahead of potential threats. Our cutting-edge DefenceDomeā„¢ Wormholeā„¢ protocol, orchestrated by the Ghostā„¢ agent, is uniquely positioned to protect against sophisticated threats like the XZ…

TunnelVision Protection for Any VPN

Recently, researchers have identified a bug in VPNs, named TunnelVision, where bad actors can take advantage of built-in features of DHCP servers (the servers that assign IP addresses) to expose and snoop VPN traffic. The researchers believe that the bug has been around since 2002 and may have been exploited since then. The researchers suggest mitigations to secure the VPN tunnel, but most are non-starters for many organizationsāˆ’such as real-time packet inspection, changing operating systems, implementing a patch to the DHCP protocol on your infrastructure, or using VMs to contain the damageāˆ’because they are resource-intensive or very hard to implement.…

ā€œGhostingā€ Bad Actors to Prevent DoS Attacks

A denial of service (DoS) attack is a malicious attempt to bring down or disrupt a network, servers, or devices connected to the internet so legitimate users canā€™t use its services. Itā€™s accomplished by crashing the server or flooding the target network with more traffic than it can handle. Crashing the server is made possible by the ā€œreflexā€ actions of the TCP/IP protocol, where the server replies to communications that access it. For example, if a server receives a synchronization request (SYN flag) to open a communication, it will reply with an acknowledgement (ACK or SYN ACK flag) and prepares…

Preparing for Q-day: Why You Need Better Encryption Now

Think about how kings used to dispatch messages to their armies in the field. Theyā€™d send a messenger on horseback with a scroll written in code (often letter substitutions) that the army generals knew how to decipher. If the messenger were intercepted, the message wouldnā€™t arrive at its destination and the enemy could try to decipher it to extract vital information. Even worse, the enemy could write a fake message and send that one instead. Transmitting encrypted messages over the internet is not that different. Data transfer today is still between one source and one destination, only now defined by…

From New York to Miamiā€¦via Cambodia?

From New York to Miamiā€¦via Cambodia? When the airline frequent flyer programs started, many road warriors would go out of their way to collect the largest number of flight segments, hitting several airline hubs in the process. Who would think that today, over the internet, our data would take the circuitous route, racking up more miles than we did intentionally? One of the fundamental concepts of the internet is that packets travel to their destination using the fastest possible route, hopping through routing hubs of different networks. In theory, the path is dynamic, constantly changing according to network traffic. This…

Three Red (Chinese) Flags That Microsoft Should Have Noticed

Three Red (Chinese) Flags That Microsoft Should Have Noticed The recent, so called ā€œHAFNIUM breachā€ of Microsoft Exchange servers could have been avoided if only Microsoft had been better attuned to how sovereign hackers think, act and attack. Every indication is that this hack resulted from China, but it was only a matter of time that one of the worldā€™s dark corners would exploit these vulnerabilities. Compared to the financial and reputational damage to its clients and to Microsoft, these liabilities could have been reduced, maybe avoided altogether. Now Microsoft is scrambling (AGAIN) to contain the damage and explain how this will…