SEC looks to expand cyber coverage

https://fcw.com/security/2022/01/sec-looks-expand-cyber-coverage/361275/

Excerpt:

The Securities and Exchange Commission is taking a new look at how it asks publicly traded companies to disclose cybersecurity risks.

=================================================================
The biggest risk to public companies is not using Wave solutions for their cybersecurity/trusted computing!!

Better security at less than half the cost!

=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Cybersecurity: White House rolls out zero trust strategy for federal agencies

Federal agencies have until the end of the fiscal year 2024 to "achieve specific zero trust security goals."

https://www.zdnet.com/article/white-house-rolls-out-zero-trust-strategy-for-federal-agencies/
-----------------------------------------------------------------
What happens if other countries or organizations discover the better security in Wave solutions than what is present in zero trust?

As an example, right off the bat Wave eliminates potentially unsecure devices (with device health check) or by not having a TPM (unique identity in most enterprise PCs), and unauthorized (hackers) devices from even accessing the network. Only known and approved devices can access your network. This makes hunting the bad guys down already done upfront with Wave! No bad guys lingering on the network!

There are more great reasons to choose Wave. Please see the website and links below!
-----------------------------------------------------------------
http://www.wavesys.com/wave-alternative

Excerpt:

It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.

------------------------------------------------------------------
You need multi-factor authentication.

Fast.

You need Wave Virtual Smart Card.

-----------------------------------------------------------------
Better security at less than half the cost!

http://www.wavesys.com/products/wave-virtual-smart-card

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

White House attempts to strengthen federal cybersecurity after major hacks

https://www.cnn.com/2022/01/26/politics/white-house-cybersecurity-strategy/index.html

Excerpt:

One of the more demanding parts of the strategy is a requirement that agencies have a "complete inventory" of every electronic device on their networks.

==================================================================
Why not turn on all the TPM (verifiable, unique identity) based devices in the network and then only allow the approved devices on the network? It could keep unsecure devices from the network! It would also be easier to keep track of those known and approved devices on the network rather than also having to re-inventory those other potentially unsecure devices!! And there would be a safer network that has less demanding requirements!
================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

=================================================================
Better security at less than half the cost!



http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Canada’s foreign affairs department hit with cyberattack

https://abcnews.go.com/Politics/canadas-foreign-affairs-department-hit-cyberattack/story?id=82450324

It came days after the government issued a malware warning.
=================================================================
The bolded information below is some of the important reading from Wave to help organizations understand how they can better defend themselves in the cyber realm!



Only hardware-based security can beat malware!

http://www.wavesys.com/products/wave-endpoint-monitor

Excerpts:

Detect attacks before it’s too late

Malware can do its work for weeks or months before you ever know it’s there. But with Wave Endpoint Monitor, you can spot malware before it has a chance to cause damage.

Antivirus software can’t detect rootkits and other malware; it works at the level of the OS and isn’t very good at seeing deeper into the system. For example, it can’t tell whether the boot record is lying. The Wave alternative is to work with the Trusted Platform Modules (TPMs), or security chips, embedded in your devices. By using the TPM to attest to the security of the device each time that device boots, Wave looks below the operating system and can help detect threats lurking there. Every time a device boots up, Wave Endpoint Monitor makes a comparison against previous boot values, and if anything deviates from the norm, it alerts you immediately.

==================================================================
Choose data protection that actually works!

http://www.wavesys.com/wave-alternative

Excerpts:

You have to start with the device

Wave has an alternative: security that’s built into each and every device.

We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.

We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.

Security that’s confirmed, not assumed

With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.

A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.

Do we need to say that with Wave, compliance is no problem?



That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.

Questions? Read on, or contact our sales department.

=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

DHS warns of Russian cyberattack on US if it responds to Ukraine invasion

https://abcnews.go.com/Politics/dhs-warns-russian-cyberattack-us-responds-ukraine-invasion/story?id=82441727

As tensions rise in the standoff over Ukraine, the Department of Homeland Security has warned that the U.S. response to a possible Russian invasion could result in a cyberattack launched against the U.S. by the Russian government or its proxies.

"We assess that Russia would consider initiating a cyber attack against the Homeland if it perceived a US or NATO response to a possible Russian invasion of Ukraine threatened its long-term national security," a DHS Intelligence and Analysis bulletin sent to law enforcement agencies around the country and obtained by ABC News said.
=================================================================
If your organization has laptops, there probably is both a TPM and SED (hardware security) built-in to the laptops. This hardware security when turned on, and used with Wave software could protect your data to an unprecedented level! With what's happening in Russia, I'm not quite sure why the U.S. doesn't mandate the turn-on of TPMs and SEDs especially when an organization like the TCG backs the technology! It could protect A LOT of organizations' data (also, please see previous post #247097). SEE WAVE AND TURN-ON YOUR TPMs and SEDs!! IT COULD SAVE YOUR DATA, DEVICES AND NETWORK!!
=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Ukraine Attack: Hackers Had Access for Months Before Causing Damage

https://www.securityweek.com/ukraine-attack-hackers-had-access-months-causing-damage

Excerpt:

Talos, which has assisted Ukrainian authorities with their investigation into the latest attacks, believes the attackers leveraged stolen credentials and they “likely had access to the victim network for months before the attack, a typical characteristic of sophisticated advanced persistent threat (APT) operations.”

=================================================================
The scenario bolded above plays out across the world constantly, day after day, and Wave could prevent attackers from accessing the organization's network! It's time to use Wave solutions to protect organizations from attackers trying to steal data from the network by PREVENTING THEM FROM ACCESSING THE NETWORK!! Please read excerpt below.

=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Exposed records exceeded 40 billion in 2021

https://www.helpnetsecurity.com/2022/01/21/exposed-records-2021/

Excerpt:

According to a research by Tenable, at least 40,417,167,937 records were exposed worldwide in 2021, calculated by the analysis of 1,825 breach data incidents publicly disclosed between November 2020 and October 2021. This is a considerable increase on the same period in 2020, which saw 730 publicly disclosed events with just over 22 billion records exposed.
=================================================================
Using Wave solutions extensively would change these numbers so that there would not be a large amount of data exposed by unauthorized devices! This would make new Wave customers VERY HAPPY!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

=================================================================
http://www.wavesys.com/data-protection

Excerpts:

Wave’s solution: start with the device

The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.

We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.


==================================================================
Better security at less than half the cost!!



http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Crypto.com Hack Hits 483 Users, Drains $34 Million in Funds

https://www.pcmag.com/news/cryptocom-hack-hits-483-users-drains-34-million-in-funds

Excerpts:

The cryptocurrency exchange is reimbursing affected users. It also plans on phasing out two-factor authentication for a stronger multi-factor authentication system.

The statement from Crypto.com suggests the hackers found a way to bypass the system, enabling them to log in and hijack user accounts, perhaps only with a password.

“Crypto.com revoked all customer 2FA tokens, and added additional security hardening measures, which required all customers to re-login and set up their 2FA token to ensure only authorized activity would occur,” the company said.

=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpts:

Decrease expenses with virtual smart cards

You know what else happens when you take passwords out of the equation? A lot fewer calls to IT. Imagine if you took password resets out of the picture – that frees up a chunk of IT time, lowering your operating expenses significantly.

If your organization currently uses traditional tokens or smart cards, switching to virtual smart cards takes an even bigger burden off of IT – we use the hardware-protected credentials in the TPM to create a virtual smart card, which performs the same functionality as traditional smart cards. That means no need to purchase, deploy, replace or maintain external tokens, smart cards or smart card readers. Because virtual smart cards are already on your machines and can’t be forgotten, lost or stolen, you have lower capital expenses and lower operating expenses.
=================================================================
How many 2FA tokens are still out there in the marketplace 'protecting' accounts? Use a tokenless MFA in Wave VSC 2.0, and you and your organization would not have to worry about token bypass like in the article above!!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Merck Wins $1.4bn NotPetya Payout from Insurer

https://thecybersecurity.news/general-cyber-security-news/merck-wins-1-4bn-notpetya-payout-from-insurer-16081/?nowprocket=1

Excerpts:

Numerous firms, such as Merck and confectionary big Mondelez, identified their insurance company refusing to fork out mainly because of an exclusion in their coverage for “acts of war.”

Even so, a New Jersey top-quality court docket judge has now ruled that the language therein indicates armed conflict relatively than the cyber form.

Lloyds of London very last November released a new established of clauses that broadened act of war exclusions to “cyber-functions involving states which are not excluded by the definition of war, cyber-war or cyber-functions which have a major detrimental impression on a condition.”
=================================================================
If you and your organization are concerned about new insurance clauses such as Lloyds of London, and the potential impact on a payout in the event of a cyber attack, and that it may not get paid, buying better security with Wave solutions could prevent the cyber attack from happening in the first place! Choose data protection that actually works!
=================================================================
Choose data protection that actually works!

http://www.wavesys.com/wave-alternative

=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

‘Anomalous’ spyware stealing credentials in industrial firms

https://www.bleepingcomputer.com/news/security/anomalous-spyware-stealing-credentials-in-industrial-firms/

Excerpt:

The actors use stolen employee credentials that they acquire via spear-phishing to infiltrate deeper and move laterally in the company’s network.

=================================================================
Why you would want Wave VSC 2.0 (MFA-multi-factor authentication) protecting your network. It's better security! And it could easily prevent the problems in the article above! Please see excerpts below!

http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpts:

Token-free, password-free user authentication

We know you’ve dreamt about shredding your list of passwords. Go on and do it.

Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.

=================================================================
Secure device & user authentication

Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.

Here’s how it works:

Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication

Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.

Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Red Cross forced to shutter family reunion service following cyberattack and data leak

https://www.theregister.com/2022/01/20/red_cross_hit_by_cyberattack/

Excerpt:

Director-general pleads with cyber-scum: leave this data alone, because the people involved have suffered enough.

Humanitarian organization the International Red Cross disclosed this week that it has fallen foul of a cyberattack that saw the data of over 515,000 "highly vulnerable people" exposed to an unknown entity.

=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Thank you Methinks -

Thank you for reminding me of that Methinks. Maybe there is more going on behind the scenes that we are unaware of! Wave was involved with a lot of companies over the years. They could/should be rekindling those partnerships/relationships, and their benefits! Wave's solutions could be benefiting every organization around the world in BIG WAYS!

President Biden signs memo to help improve military cybersecurity

https://www.engadget.com/biden-memorandum-cybersecurity-defense-intelligence-195058392.html

Excerpt:

The President's move also sets timelines and guidance for implementing technologies required in the executive order, ranging from encryption to multi-factor authentication.

==================================================================
Using Wave VSC 2.0 (multi-factor authentication - MFA), and Wave SED (self-encrypting drives) management would be a wise move by the DOD and government! Hardware security activated and managed by the premier cybersecurity/trusted computing company (Wave) would make for better security.

Better security at less than half the cost!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card

http://www.wavesys.com/products/wave-self-encrypting-drive-management
==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Fashion giant Moncler confirms data breach after ransomware attack

https://www.bleepingcomputer.com/news/security/fashion-giant-moncler-confirms-data-breach-after-ransomware-attack/

Excerpt:

Italian luxury fashion giant Moncler confirmed that they suffered a data breach after files were stolen by the AlphV/BlackCat ransomware operation in December and published today on the dark web.

Today, the ALPHV ransomware gang published Moncler's data on their data leak and also indicated that they demanded $3 million not to publish the data.

=================================================================
With what Wave has for cybersecurity to secure devices, data and networks, and ransomware like in the article above still keeps happening?!?! Are you kidding me?? Sheeesh!! WAVE COULD BE PREVENTING THESE ATTACKS FROM HAPPENING! The data would have been protected, and the attackers wouldn't have had access to it to hold it for $3 million in ransom! Use better security, use Wave solutions!!!
=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Secure device & user authentication

Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.

Here’s how it works:

Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication

Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.

Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

Microsoft says 'destructive malware' being used against Ukrainian organizations

https://www.zdnet.com/article/microsoft-says-destructive-malware-being-used-against-ukrainian-organizations/

Excerpt:

Microsoft added that it was in the process of creating detections for the malware and provided a slate of security recommendations for organizations that may have been targeted.
==================================================================
Using activated SEDs could keep the MBR and drive from getting corrupted (wiping the drive in this situation). Also, while Microsoft is 'in the process of creating detections for the malware,' Wave Endpoint Monitor could already be detecting the malware if organizations were smartly using Wave Endpoint Monitor!! This may be even more important if there was a 'fight in the cyber realm' which escalates to include the U.S.?!
=================================================================
http://www.wavesys.com/products/wave-self-encrypting-drive-management

Only hardware-based security can beat malware!

http://www.wavesys.com/malware-protection

http://www.wavesys.com/products/wave-endpoint-monitor
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Microsoft Uncovers Destructive Malware Used in Ukraine Cyberattacks

https://www.securityweek.com/microsoft-uncovers-destructive-malware-used-ukraine-cyberattacks

Excerpt:

Gan reminded that overwriting MBR would render the machine unbootable, making recovery impossible especially when the malware also overwrites file contents before overwriting the MBR.
==================================================================
https://trustedcomputinggroup.org/wp-content/uploads/SED-Data-Protection-and-Security-Issues-Drive-Adoption.pdf

Excerpt:

In an SED, the entire drive including the master boot record (MBR) is encrypted. As a result the master boot record can't be corrupted.
=================================================================
Given what is happening in the Ukraine with the MBR (and the World potentially), SEDs being activated would be a great idea for organizations if you don't want your hard drives to be wiped! Also using better malware protection in the Wave Endpoint Monitor would be another great idea!
=================================================================
Only hardware-based security can beat malware!

http://www.wavesys.com/malware-protection

http://www.wavesys.com/products/wave-endpoint-monitor

http://www.wavesys.com/products/wave-self-encrypting-drive-management
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

‘We have to show strength’: Calls grow for U.S. to deter Russian hackers

https://www.politico.com/news/2022/01/16/biden-russia-cyber-ukraine-527183

Excerpt:

Kremlin saber-rattling on the Ukrainian border is increasing worries that a confrontation could fuel cyberattacks on the U.S.

The Biden administration has threatened to respond with sanctions that would cripple the Russian economy — a development that could in turn prompt Russia to retaliate with cyberattacks against the U.S.
=================================================================
Are U.S. organizations prepared for Russian cyberattacks? Hardware security (TPMs and SEDs activated) could get us prepared along with Wave software security! Organizations would be better protected! Otherwise, we are depending on software alone to protect us!
=================================================================
Choose data protection that actually works!

http://www.wavesys.com/wave-alternative

=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

DoD takes preventive measures to protect data, ward off cyber attacks

https://federalnewsnetwork.com/technology-main/2022/01/dod-takes-preventive-measures-to-protect-data-ward-off-cyber-attacks/

Excerpts:

To ensure DoD responds to the 1,000 or more cyber attacks it faces daily, the Defense Information Systems Agency has employed a task force that reaches the department’s wide-ranging apparatus — including cloud service providers, Cyber Command, JFHQ-DODIN and CISA at the Department of Homeland Security, for example.

Part of DoD’s playbook for effectively detecting ransomware includes having a knowledgeable workforce. DISA, for instance, hires cybersecurity professionals with nationally recognized certifications, and then trains those employees through rehearsals and simulations.
==================================================================
If the DOD is responding to 1000+ cyber attacks daily, it sounds like they could really benefit from using Wave solutions. With Wave, only known and approved devices would be having access to the network! This could eliminate many attackers from accessing the DOD's networks. Bill Solms would be ideal to show the government how this works, and how it could provide the DOD with better cybersecurity! It would also create more efficiency within the DOD!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.


=================================================================
Better security at less than half the cost!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Windows security in ’22 — you need more than just antivirus software

https://www.computerworld.com/article/3646552/windows-security-in-22-you-need-more-than-just-antivirus-software.html

Excerpt:

Do you need antivirus in 2022 — especially when some options now come with a cryptominer built in?
=================================================================
After reading (recommended) the above article, using Wave Endpoint Monitor makes even more sense for organizations really interested in stopping/detecting malware!
==================================================================
http://www.wavesys.com/malware-protection

http://www.wavesys.com/products/wave-endpoint-monitor

==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

MFA market to reach $21.3 billion by 2027



https://www.helpnetsecurity.com/2022/01/14/mfa-market-2027/

Excerpt:

Amid the COVID-19 crisis, the global market for multi-factor authentication (MFA) estimated at $8.6 billion in the year 2020, is projected to reach a revised size of $21.3 billion by 2027, growing at a CAGR of 13.9% over the analysis period 2020-2027, according to ResearchAndMarkets.

=================================================================
Given the capabilities of Wave VSC 2.0 (MFA), and its better security at less than half the cost, Wave should be.....!
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

19-year-old claims he hacked into over 25 Teslas in 13 countries

https://nypost.com/2022/01/12/teen-claims-he-hacked-into-over-25-teslas-in-13-countries/

Excerpt:

Last fall, Tesla CEO Elon Musk pledged that he would work with regulators on ensuring that electric car drivers’ personal data is protected from the threat of hackers.

==================================================================
Shouldn't regulators be mandating hardware security like Volkswagen (ie. TPMs and SEDs)!

One would think that with the connections/experience Peter Sprague had or has with 'Austin Martin' he could help Tesla and Wave by providing Tesla with Wave software to go along with hardware security that is more secure than software alone!! Wave can work with all of the TPMs!

And Steven Sprague and Michael Sprague saw the potential of electric cars before they even took off. If the three Spragues, Peter, Steven and Michael and Lexi (four) were a team again for Wave, I wouldn't bet against them.
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

A Teenager Says He Has Hacked Tesla Vehicles

https://www.barrons.com/articles/tesla-vehicles-hack-51641992560?tesla=y

==================================================================
Volkswagen Deploys Infineon TPM 2.0 For Vehicle Communication Security

https://eepower.com/news/volkswagen-deploys-infineon-tpm-2-0-for-vehicle-communication-security/#

==================================================================
One has to wonder whether Tesla is going to up its security, and use hardware security (TPM) like Volkswagen has!

If one of the larger automakers is using the TPM for security, one would think that this would also give more organizations the push to activate, and have their TPMs managed by Wave software.

Better security at less than half the cost!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Wave Systems Announces First U.S. Federal Government Customer for Wave Virtual Smart Card 2.0

http://www.wavesys.com/buzz/pr/wave-systems-announces-first-us-federal-government-customer-wave-virtual-smart-card-2.0

Lee, MA -

October 2, 2014 -

Wave Systems Corp. (NASDAQ: WAVX) marked an important sales milestone by announcing the first U.S. federal government customer for its Virtual Smart Card 2.0.

Since the Virtual Smart Card 2.0 became commercially available in late July 2014, Wave has entered into dozens of pilot deployments in multiple sectors, including healthcare, financial services, automotive, energy and utilities. However, today’s announcement marks the product’s first sale in the government sector.

“This is an important milestone for Wave,” said Bill Solms, CEO of Wave. “Wave Virtual Smart Card 2.0 has been purchased by a government agency with significant security requirements and one that requires redundant means of system authentication due to national security interests. This initial sale is modest compared to the addressable market within the Federal Government sector, but it is important to our strategy for marketing the Virtual Smart Card to address critical government infrastructure defense.”

“We believe that this sale, which was completed on a shorter sales cycle than we had anticipated, supports our view that customers are interested in the type of cyber security solution that Wave’s Virtual Smart Card 2.0 provides,” Solms added.

Wave Virtual Smart Card 2.0 is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7. It also supports Windows 8 and 8.1. Wave’s new solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, lower total cost of ownership, and a reduced risk of unauthorized use.

Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure PIN and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with TPM 1.2 or TPM 2.0

Trusted Computing

There is one thing about Jimmie Joe's comments that I find interesting, and that is about Trusted Computing. The Trusted Computing Group has been around for 20+ years, and the companies in it back the TPM and SED standards, yet they are not required to use the technology (that I'm aware). Shouldn't they be shining examples of how using Trusted Computing could protect them from threats or cyberattacks!! Especially when you see a tweet on Jan. 6 about Thomas Hardjono, TCG technologies and the government. Wave could be helping them to activate and manage their TPMs and SEDs with Wave security software!!

Breach Respone Shift: More Lawyers, Less Cyber-Insurance Coverage

https://www.darkreading.com/attacks-breaches/changes-to-breach-response-more-lawyers-less-cyber-coverage

=================================================================
How about not having to deal with the insurance companies or the lawyers?! Then, use better security, use Wave solutions!!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Cyber-Spike: Orgs Suffer 925 Attacks per Week, an All-Time High

https://threatpost.com/cyber-spike-attacks-high-log4j/177481/

Excerpt:

2021 dragged itself to a close under a Log4Shell-induced blitzkrieg. With millions of Log4j-targeted attacks clocking in per hour since the flaw’s discovery last month, there’s been a record-breaking peak of 925 cyberattacks a week per organization, globally.
==================================================================
Use the Wave solution below to dramatically lower the number of attacks per week on your organization:

http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

It's a brilliant solution that could save your organization millions!
==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Over Half of SMEs Have Experienced a Cybersecurity Breach

https://thecybersecurity.news/general-cyber-security-news/over-half-of-smes-have-experienced-a-cybersecurity-breach-15753/?nowprocket=1

Excerpts:

The examine also analyzed the extent of cybersecurity steps that are in area for SMEs and the self-utilized. Practically 9 in 10 (88%) respondents explained they had at least one particular form of cybersecurity, such as antivirus program, firewalls or multifactor authentication, and 70% said they were being pretty confident or exceptionally self-confident in their cybersecurity preparations.

Of these companies and folks, 53% experienced antivirus/malware application in put, and 48% had invested in firewalls and protected networks.

=================================================================
http://www.wavesys.com/wave-alternative

Excerpt:

It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.

==================================================================
And as far as multi factor authentication goes, use a better solution in Wave VSC 2.0!

http://www.wavesys.com/products/wave-virtual-smart-card
==================================================================
Use better security, use Wave solutions!
==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE


























=================================================================

RIPTA data breach linked to file wrongly stored on employee's hard drive: union call

https://www.providencejournal.com/story/news/local/2022/01/09/ripta-breach-linked-file-clerks-hard-drive-unions-told/9142764002/

Excerpts:

Hackers were able to access the personal information of thousands of state workers because a Rhode Island Public Transit Authority employee failed to delete a file from their hard drive, union representatives were told this week.

That file was "left on the [employee's] hard drive, which is not normal, and that hard drive was hacked," it goes on to state.
=================================================================
If RIPTA employee were using Wave VSC 2.0, and the hard drive was an SED this wouldn't have been the problem that it was. Using Wave solutions, and the sensitive data wouldn't have been hacked or stolen! It's surprising that TPMs and SEDs aren't mandatory for MANY organizations, and that Wave's solutions aren't flying off the shelves like there is no tomorrow!!

Please read about Wave's flagship solutions below if your have not. This information could be very helpful to you and your organization! There is more information below by contacting Wave and using Wave's website!
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card

http://www.wavesys.com/products/wave-self-encrypting-drive-management
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

What’s Ahead for AI and Cybersecurity in 2022

https://securityboulevard.com/2022/01/whats-ahead-for-ai-and-cybersecurity-in-2022/

==================================================================
http://www.wavesys.com/wave-alternative

The IT perimeter is gone

With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.

It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.

You have to start with the device

Wave has an alternative: security that’s built into each and every device.

We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.

We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.

Security that’s confirmed, not assumed

With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.

A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.

Do we need to say that with Wave, compliance is no problem?

Start closing your security gaps today, with what you’ve got

You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.

It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.

Questions? Read on, or contact our sales department.

=================================================================
http://www.wavesys.com/malware-protection

Excerpt:

Software can’t always detect malware

The big problem with malware is that antivirus software doesn’t always detect it. Anti-malware software is based on signatures of known bad software. However, there always needs to be a patient 0 that discovers he is infected, for the rest of the world to benefit from it. In the case of APTs (Advanced Persistent Threats), your organization may be the only target for the specific strand of malware. In that case, the signature detection process will not protect you. Modern anti-malware and other software packages that promise cyber security or protection from APTs would use various heuristics and "AI" (Artificial Intelligence) to detect malware based on a predefined set of behavioral parameters. A sophisticated attacker is able to fine tune the behavior of the malware he is writing against various known anti-malware software solutions, so that it can evade detection for long periods of time.

=================================================================
Invest in better security! Invest in Wave solutions!

http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE







==================================================================

Thousands of Schools Impacted After IT Provider Hit by Ransomware

https://thecybersecurity.news/general-cyber-security-news/thousands-of-schools-impacted-after-it-provider-hit-by-ransomware-15713/?nowprocket=1

=================================================================
Be proactive and get Wave solutions so your organization doesn't have to deal with ransomware like in this article for this provider and many other companies! Wave can protect your network(s), data, and devices! Lets keep the unauthorized off your network, really protect against malware and do it with Wave!!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Recycling computers, electronics helps save planet

https://finance.yahoo.com/news/recycling-computers-electronics-helps-save-031700946.html

Jan. 4—Unwanted electronics and computer parts mean a little extra money for Shawn McCaig.

McCaig, a postal worker, spends his spare time recycling such items as servers, LCD monitors, cell phones, flat screen TVs and other electronic equipment.

"I don't make a lot, but I do make enough to buy groceries," he said. "It's a hobby that helps me make a little more grocery money."

He said he picks up equipment in bulk from businesses then breaks down the components in his barn north of Fort Gibson.

"I basically work a triangle from Tahlequah, Wagoner and Muskogee," he said.

McCaig said he doesn't charge to pick up the items. Nor does he buy the items.

"A normal guy that does what I do is going to charge $150 to 200," he said. "They're going to take this stuff and chuck it in the dumpsters."

He separates the circuit boards from the base metals.

"When I get enough to fill a trailer with the base metals, I take it to a scrap yard," he said.

He said he ships the circuit boards to places that buy them for further recycling. McCaig said he has buyers in Ohio and Florida.

"They're going to strip all the individual components off this board," he said. "They're going to refine it down for the precious metals that are inside."

The work also means a cleaner environment.

"A piece of electronic equipment today contains one of literally hundreds of toxic chemicals or elements that are dangerous to our environment," he said. "They go to a landfill, they get buried up. Over time, they break down, they get into the water stream. That pollutes the water. They pollute plant life. Obviously, the chemicals are bad for human beings and animals."

For example, magnetrons, which heat food in microwave ovens, contain beryllium, which could cause cancer if the dust is ingested, McCaig said.

"Electronics are full of this stuff," he said. "Being environmentally conscious, rather than throw this stuff in a dump and pollute the environment, this stuff can be repurposed. If it is reusable, it can be reused in a new life. If it is not reusable, it can be sent to a company that can break it down and repurpose it for a second product."
==================================================================
I think Methinks post #247018 is very important, and relevant to this post!

Securing computers with Wave, and activating built-in hardware security could delay 'recycling' or no recycling, and save on that cost, be more friendly to the environment, and have better security! And Wave could prevent the average cost of a data breach being $4 million! Using Wave makes security sense, cost sense, and environmental sense for its current and future customers. Using Wave solutions can protect your devices, data, and networks!

Invest in better security, invest in Wave solutions!
==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Defense Contractors Must do More to Conceal Their Attack Surface

https://www.securityweek.com/defense-contractors-must-do-more-conceal-their-attack-surface

Excerpts:

In November of last year, a phishing attack against Electronic Warfare Associates confirmed that defense contractors are actively being targeted by adversaries.

Margins are always tight in the defense business, but that is never an excuse not to invest in appropriate cyber defense measures.
=================================================================
The excerpt below would keep the unauthorized from the attack surface!

http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
The Wave alternative for organizations is much more advantageous for their protection than what is in the cybersecurity market. It's simpler, more secure and cheaper!

Wave should be a multi-billion dollar company especially when TPMs and SEDs are ubiquitous, and Wave can activate and manage that much needed hardware security! The TCG (Trusted Computing Group - 100+ companies) supports the SED and TPM standards. Wave should be helping MANY organizations with their built-in hardware security and Wave software!

Wave should be a Tsunami of Success!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Purple Fox rootkit discovered in malicious Telegram installers

https://www.zdnet.com/article/purple-fox-rootkit-discovered-in-malicious-telegram-installers/

Excerpt:

and most of the files "had very low detection rates by AV engines, with the final stage leading to Purple Fox rootkit infection."

"The beauty of this attack is that every stage is separated to a different file which are useless without the entire file set," the team noted. "This helps the attacker protect his files from AV detection."

=================================================================
http://www.wavesys.com/products/wave-endpoint-monitor

Excerpt:

Antivirus software can’t detect rootkits and other malware; it works at the level of the OS and isn’t very good at seeing deeper into the system. For example, it can’t tell whether the boot record is lying. The Wave alternative is to work with the Trusted Platform Modules (TPMs), or security chips, embedded in your devices. By using the TPM to attest to the security of the device each time that device boots, Wave looks below the operating system and can help detect threats lurking there. Every time a device boots up, Wave Endpoint Monitor makes a comparison against previous boot values, and if anything deviates from the norm, it alerts you immediately.

==================================================================
http://www.wavesys.com/malware-protection

Excerpt:

Wave’s solution: start with the device

If antivirus software doesn’t work, what does? The Wave alternative relies not on superficial layers of software but on standards-based hardware: self-encrypting drives (SEDs) and Trusted Platform Modules (TPMs), or security chips, that are already embedded in many of your computers and mobile devices. This hardware provides you with secure storage. When you turn the SED and TPM on and manage them with Wave, you suddenly have a broad, deep view into your network. Among other things, you’ll know immediately whether any one of your devices—computers, laptops, tablets, smartphones—has been tampered with. But Wave is proactive too: you can block the kinds of behaviors that invite malware in. Wave's Endpoint Monitor provides early detection for these low-lying sneaky attacks.

=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

UScellular discloses data breach after billing system hack

https://www.bleepingcomputer.com/news/security/uscellular-discloses-data-breach-after-billing-system-hack/

=================================================================
Another day, another breach! There would be a LOT of happy Wave customers if organizations were using Wave solutions extensively across the world! The results of using Wave solutions would reveal MANY organizations would beat their cybersecurity goals for 2022, and beyond at less than half the cost!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Firmware attack can drop persistent malware in hidden SSD area

https://www.bleepingcomputer.com/news/security/firmware-attack-can-drop-persistent-malware-in-hidden-ssd-area/

Excerpts:

Korean researchers have developed a set of attacks against some solid-state drives (SSDs) that could allow planting malware in a location that's beyond the reach of the user and security solutions.

The over-provisioning area is invisible to the operating system and any applications running on it, including security solutions and anti-virus tools.

As such, a threat actor leveraging this weakness could gain access to potentially sensitive information.

=================================================================
http://www.wavesys.com/products/wave-endpoint-monitor

Excerpt:

By using the TPM to attest to the security of the device each time that device boots, Wave looks below the operating system and can help detect threats lurking there. Every time a device boots up, Wave Endpoint Monitor makes a comparison against previous boot values, and if anything deviates from the norm, it alerts you immediately.
==================================================================
If only there was a malware detection system that helps detect malware below the operating system. Wait, yes, Wave Endpoint Monitor provides that (see above Wave website excerpt), and could solve the problem in this article unlike anti-virus software!

Use better security, use Wave solutions!
==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Storage Devices of Major Vendors Impacted by Encryption Software Flaws

https://www.securityweek.com/storage-devices-major-vendors-impacted-encryption-software-flaws

Storage devices from several major vendors are affected by vulnerabilities discovered by a researcher in third-party encryption software they all use.

Earlier this month, SecurityWeek reported that Western Digital had updated its SanDisk SecureAccess product to address vulnerabilities that can be exploited to gain access to user data through brute force and dictionary attacks.

SanDisk SecureAccess, recently rebranded SanDisk PrivateAccess, is a piece of software that allows users to encrypt files and folders stored in a protected vault on SanDisk USB flash drives.

Researcher Sylvain Pelissier has discovered that the software is affected by a couple of key derivation function issues that can allow an attacker to obtain user passwords.

Pelissier detailed his findings this week at the Chaos Computer Club’s Remote Chaos Experience (rC3) virtual conference, where he revealed that the vulnerabilities were actually discovered in the DataVault encryption software made by ENC Security.

DataVault is advertised as a solution that provides “military grade data protection and security features” to various types of systems, including USB drives, hard drives, NAS devices, CDs and DVDs, computers, and various cloud services.

Pelissier discovered that DataVault is used by vendors such as WD (which owns SanDisk), Sony and Lexar, and the issues he identified impact the products of each company.

Pelissier used reverse engineering and various other techniques and tools to find the weaknesses that could allow brute force attacks. The CVE identifiers CVE-2021-36750 and CVE-2021-36751 have been assigned.

“It turned out that the key derivation function was PBKDF2 using 1000 iteration of MD5 to derive the encryption key,” the researcher explained. “The salt used to derive the keys is constant and hardcoded in all the solutions and all the vendors. This makes it easier for an attacker to guess the user password of a vault using time/memory tradeoff attack techniques such as rainbow tables and to re-use the tables to retrieve passwords for all users using the software. The implementation itself was incorrect and even with a randomly generated unique salt, it would be effortless to recover the password of a user.”

Pelissier presented his findings at rC3 alongside Boi Sletterink, who has helped ENC address the vulnerabilities.

In its own advisory, ENC explained, “DataVault and its derivatives were using a one-way cryptographic hash with a predictable salt making it vulnerable to dictionary attacks by a malicious user. The software also made use of a password hash with insufficient computational effort that would allow an attacker to brute force user passwords leading to unauthorized access to user data.”

ENC was initially informed about the flaws in May and it made available fixes in early December with the release of DataVault 7.2. Sony and WD published their own advisories shortly after. The researchers said Lexar did not respond to disclosure attempts.
==================================================================
Self Encrypting Drives (SEDs) should be looking even more attractive for users wanting better security. SEDs (Hardware) should be mandated in at least critical industries! These SEDs are built-in to computers that have SSDs and just need to be turned on!
==================================================================
http://www.wavesys.com/products/wave-self-encrypting-drive-management

Excerpt:

SEDs are the most secure, best-performing and most transparent encryption option for protecting data on laptops. These drives automatically encrypt all data written to the drive, so you don’t have to decide what’s important enough to encrypt. They also perform this encryption in the hardware of the drive, so you don’t end up with the performance issues software full-disk encryption is infamous for. SEDs are available as HDD or SSD, and are sold by most major drive manufacturers.
==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

The biggest data breaches, hacks of 2021

https://www.zdnet.com/article/the-biggest-data-breaches-of-2021/

Excerpt:

According to IBM, the average cost of a data breach has now reached over $4 million, while Mimecast estimates that the average ransomware demand levied against US companies is well over $6 million. The world record for the largest payout, made by an insurance company this year, now stands at $40 million.

==================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

United States Has the Most Data Breach Victims in the World

https://www.pcmag.com/how-to/united-states-has-the-most-data-breach-victims-in-the-world

No one is safe on the internet these days. But US accounts were particularly affected by data breaches this year.

Between phishing attacks and data base breaches, your personal data is exposed to a constant barrage of unauthorized access. But American internet users have it particularly bad.

According to Surfshark, the US ranked first (or last?) in the world, with a total of 214.4 million data base breaches in 2021 alone. That's a 22% increase in affected accounts from 174.4 million in 2020 amid the outbreak of the COVID-19 outbreak. That's over 50 million more accounts over the next highest country, Iran.
=================================================================
If one of your New Year's resolutions is to not get hacked or not have your organization get hacked, you are in luck! A company that makes software that when used with hardware that is already built-in to computers can prevent these hacks, and data breaches from happening! That company is Wave Systems! Better security for the U.S., and better security for the world!
=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

External attackers can penetrate most local company networks



https://www.helpnetsecurity.com/2021/12/28/external-attackers-local-company-networks/

Excerpt:

In 93% of cases, external attackers can breach the organization’s network perimeter and gain access to local network resources, and it takes an average of two days to penetrate the company’s internal network.
==================================================================
After reading this article, using Wave solutions would be the wise choice for protecting the network, data, and devices!

==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management

Excerpt:

With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.

==================================================================
To keep data safe, arm your devices!

http://www.wavesys.com/data-protection

Excerpts:

Wave’s solution: start with the device

The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.

We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.

=================================================================
http://www.wavesys.com/

http://www.wavesys.com/contact-information

Contact Wave

Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com

Gold Customer Support:

goldsupport@wavesys.com

1-800-928-3638

Support:

support@wavesys.com

1-844-250-7077

Sales:

1-877-228-WAVE

Happy New Year!

Wave could make the world a much brighter/nicer place to live in with its technology! Hoping for better security in 2022 and beyond!