Tenable Advises Enterprises to Patch RCE Windows Codecs and Visual Studio Code Vulnerabilities

October 20, 2020

On Friday, the US’ CISA issued an advisory for two Microsoft vulnerabilities not addressed in last week’s Patch Tuesday update.

Rody Quinlan, Security Response Manager at Tenable has offered the following perspective:

On Friday, October 16, the Cybersecurity & Infrastructure Security Agency (CISA) released an advisory in response to Microsoft’s out-of-band patches for CVE-2020-17022 and CVE-2020-17023, both with a CVSS of 7.8 and highlighted as “important” by Microsoft. The former is a remote code execution (RCE) vulnerability in the Microsoft Windows Codecs Library given how it handles objects in memory, specifically versions prior to 1.0.32762.0 or 1.0.32763.0 of the High-Efficiency Video Coding (HVEC) video codecs. The latter is an RCE vulnerability in Visual Studio Code that can be triggered by the opening of a malicious “package.json” file. This vulnerability stems from an unsuccessful patch for CVE-2020-16881 released as part of Microsoft’s regular Patch Tuesday updates in September.

While these are RCEs, both require a degree of social engineering to exploit. In the case of CVE-2020-17022, a threat actor would need to convince a victim to use a program to process a maliciously crafted image file. For CVE-2020-17023, a threat actor must convince a victim to clone a repository, with a malicious “package.json” and open it in Visual Studio Code. Exploitation of either vulnerability results in the execution of arbitrary code on the target system.

Microsoft does not commonly release out-of-band patches. However, in the case of CVE-2020-17022, Microsoft notes that, “These updates are for optional apps/components that are offered to customers as a download via the Microsoft Store,” hence the OOB patching approach. Microsoft also notes for CVE-2020-17022 that, “Affected customers will be automatically updated by Microsoft Store.” With CVE-2020-17023 requiring an update to be applied, coupled with an out-of-band advisory, we encourage administrators to patch quickly, despite this vulnerability requiring some level of user-interaction to exploit. While Microsoft highlights there has been no exploitation observed in the wild the follow up of the CISA advisory suggests that administrators should review the patches and apply the updates if necessary.


Light up the Battlefield with XPG SPECTRIX D60G DDR4 RGB Memory Module

October 19, 2020

With speeds of up to 4133MHz, the XPG SPECTRIX D60G, a unique dual RGB light strip design that gives it the largest RGB surface area of any memory module

 

NEW DELHI, India – October 19, 2020 – ADATA, a leading manufacturer of high-performance DRAM modules and NAND Flash storage application products and accessories, recently announced the launch of the XPG SPECTRIX D60G DDR4 RGB memory kits. Reaching performance of up to 4133 MHz and supports Intel® XMP 2.0 profiles for easy overclocking. The unique avant-garde styling of the D60G design makes it a unique design in the market. The XPG SPECTRIX D60G offers immense performance and minimalist styling gamers, overclockers, and PC enthusiasts. The SPECTRIX D60G DDR4 RGB delivers the high performance that custom PC enthusiasts demand for their cutting-edge systems.

We are pleased to launch our latest XPG SPECTRIX D60G in India. For PC building enthusiasts who demand both uncompromising performance and gorgeous visuals to complement the look of their system, XPG SPECTRIX D60G RGB is strictly in a class of its own said, Sachin Sharma, National Head – India at ADATA Technology (India) Pvt. Ltd.

Sachin further added “XPG is the gaming division of ADATA, and has a broad portfolio of DRAM catering to multiple areas in the market. The latest from XPG is the Spectrix D60G has a solid heatsink design with some interesting tweaks to make more aggressive than the other DRAM in the market“.

It helps the users to customize their gaming experiences with programmable lighting effects. One can set up patterns, pulse speed, lighting intensity, and more. Control is hassle-free with the XPG RGB Sync app. Moreover, user use an existing RGB light control software from a major motherboard maker. The D60G sports more RGB lighting per mm2 than any other memory module in the market, which equates to over 60% of the module’s surface area. The fully exposed light diffusers are extra-wide for maximum effect, and combined with a mesmerizing multi-colored flow effect. The D60G is built with high-quality chips and a metal heat sink for excellent signal integrity, reliability, and stability, which effectively extends the lifespan of the memory module. Intel® Extreme Memory Profiles (XMP) 2.0 make overclocking a snap and enhance system stability. Instead of adjusting individual parameters in BIOS, users can do it right through their PC’s operating system.

To know more about the product, please click here

Availability, Warranty and Pricing

XPG SPECTRIX D60G DDR4 RGB Memory comes with an MRP of Rs 8,400/- and is immediately available from Multi Distributor in India.

For up-to-date pricing of XPG SPECTRIX D60G DDR4 RGB, please contact our sales representative.

Ashwini: 8566950003 for North India

Hanuman: 9029997111 for East India

Ramesh: 9892544391 for West India

Shivraj: 9900508823 for South India

# # #

About ADATA

ADATA Technology, one of the world’s largest vendors of DRAM modules and USB flash drives, provides complete solutions, including memory cards, solid-state drives, and portable hard drives. ADATA products also include on the go power for mobile devices and the company is now a major provider of advanced LED lighting. ADATA products continue to garner international acclaim from organizations such as iF Design Awards (Germany), red dot Awards, CES Best of Innovations Awards, Good Design Awards (Japan), Best Choice of Computex Awards, and Taiwan Excellence Gold Awards. The company’s slogan of Love, Life, and Dreams embodies the ADATA brand and the role of innovative memory products in the human pursuit of universally cherished ideas. For more information, please visit www.adata.com


CADYCE Launches CA-KBDS: An Excellent Mix of Keyboard and Docking Station

October 19, 2020

 

  • The all-in-one CA-KBDS has a wide range of compatibility, users can plug in multiple peripherals to their computer without worrying about their platforms or hardware requirements
  • This festive season Cadyce is offering 15% discount on its Cables & Adapters line of products

 PUNE, India – October 19, 2020 – CADYCE, a leading brand in the computing and digital lifestyle marketplace, has recently announced the launch of USB-C Keyboard & Docking Station, CA-KBDS. The CA-KBDS is a plug and play USB Type-C keyboard cum docking station that is compatible with Thunderbolt 3 port. The keyboard dock can be connected to the computer or tablets like iPad Pro and Android and iOS smartphones as well with the help of a detachable USB-C cable. The device has an SD 3.0 (UHS-I) Card Reader that supports SDXC cards of up to 2 TB and data transfer rates up to 104Mb/s.

We are pleased to launch our latest USB-C Keyboard & Docking Station (CA-KBDS) in the Indian market. CA-KBDS is a multi-productivity solution. The extra Thunderbolt 3 compatible USB-C ports give users the high-performing connectivity solutions one needs to speed up their workflow.” said, Mr. Gautam Shah, President at CADYCE. The sleek and subtle gadget functions as a USB Type-C Keyboard for the computer and acts as a multi-function docking station for other devices. Given CA-KBDS’s wide range of compatibility, users can plug in multiple peripherals to their computer without worrying about their platforms or hardware requirements.

The all-in-one CA-KBDS is widely compatible with Mac OS X 10.X and Windows 8/10 (32/64 bit). The premium CA-KBDS is an elegant mix of sturdiness, compactness and good-looks. It is a stylish companion for devices that will serve satisfactorily for a long time. Slight angle at the bottom of the keyboard improves ergonomics, the grippy feet on the bottom of the dock provides the firm grip to the docking station. The LAN port in CA-KBDS supports transfer speeds of 1GB, unlike 10/100M ports, which supports a maximum transfer speed of 100Mbps. USB 3.0 ports allow to transfer movies, music and more in just seconds with 5 Gbps transfer speeds, 10 times faster than USB 2.0. Users can listen to music with their favorite headphones as the best travel companion CA-KBDS comes with a 3.5mm audio jack that supports stereo audio output and the audio jack also supports microphone input. Additionally, Measuring just 288 mm X 150mm, the compact and lightweight design fits easily into the bag for effortless portability.

To know more about the product, please click here

Cadyce is offering 15% discount this festive season. Click here to grab this festive offer.

Availability, Warranty and Pricing

USB-C Keyboard & Docking Station (CA-KBDS) comes with an MRP of Rs 14,900/- carrying a warranty of 1 year and is immediately available on Cadyce Website in India.

# # #

About CADYCE

Cadyce is a leading networking and lifestyle brand having a global presence. Cadyce seeks to be the most preferred brand in the computing and digital lifestyle marketplace. Cadyce offers a complete line of reliable end-to-end networking solutions for the most demanding business and mobile environments. Our diverse product line includes Cables & Adapters, Hubs & Docks, Presentation Devices, Security & Surveillance, Surveillance, Networking Products & Accessories. Cadyce lets you connect and communicate by the development and delivery of high value, innovative products for industries and companies of all sizes. To know more please visit to www.cadyce.com

 

_______________________________________________________________________________________________________

6 Trends to Boost Video Technology Adoption in the Coming Year

October 19, 2020

 

By

Ritesh Deokar

Country Manager

Milestone Systems India

 

The global video surveillance market size is expected to grow to USD 74.6 billion by 2025, at a CAGR of 10.4%, according to a Markets & Markets report. The ever-increasing requirement of safety, coupled with a boom in smart cities, has led to a rise of the security market in the country. Notwithstanding the current pandemic, here are six trends to boost video technology adoption in the coming year.

  1. Need for smarter, safer cities

 By 2030, India is expected to have 155 tier-I cities, 104 tier-II cities and 331 tier-III and IV cities, as per Anarock Research. This burgeoning urban sprawl is expected to further raise the demand for video technology solutions as one of the measures to ensure public safety.

In February 2019, the government of India teamed up with state governments for a pilot Safe City project to be run in eight metropolitan cities in India: Delhi, Mumbai, Bengaluru, Chennai, Kolkata, Hyderabad, Lucknow and Ahmedabad at a total cost of Rs. 2919.55 crore.

With funding from the central government’s Nirbhaya fund, there will be a high emphasis on women’s safety in this project.Cameras will be installed in public places, intersections, buses, and other critical areas. A centralized control room will be set-up in each city, security vehicles will be equipped with dashboards for live streaming, GPS tracking and other advanced features will be implemented.

While the zeal to use advanced video technology to ensure public safety is appreciable, the government must ensure that it is balanced with citizens’ right to privacy. There is a need for more transparency on how the visual data collected by these cameras will be used, and the opinions of digital rights groups and experts must be considered before implementation.

  1. Demand for industry-specific solutions will increase

The demand for customized video technology solutions is growing across industry verticals including Financial Services, Retail, Healthcare and Manufacturing. The availability of IP-based cameras and open platform VMS has enabled a lot of new functionalities which are being exploited for industry-specific uses across sectors. Retail outlets, for instance, use video technology for stock verification, crowd management, trend analysis, POS integration and personalized service to customers. In the Financial Services sector, video analytics is being used to identify suspicious activity in ATMs and get real-time alerts about the same to reduce the incidence of theft.

In the healthcare sector where theft of expensive surgical equipment and drugs remain a concern today, video technology is seen to be increasingly employed to tackle the problem. Likewise, in manufacturing, where fully automated plants are replacing manual activity, motion detection functionality in IP cameras immediately identifies any stoppage of crucial machines like conveyors, thus eliminating loss of time in problem identification.

Going forward, the ability to customize solutions for industry verticals will be key differentiators for video technology solution vendors and will benefit end users looking for better functionality from their video solutions.

  1. Open platform software adoption will soar

Thanks to the growing awareness of its capabilities and declining prices, the adoption of IP-based surveillance systems is expected to increase manifold in the coming years. IP cameras can leverage IoT and AI technologies to provide additional capabilities beyond mere security. They can enhance operational efficiency, aid in real-time responses and provide valuable business intelligence, which could prove instrumental in enhancing customer experience and in boosting the overall profitability. An important principle underpinning all these capabilities is the interconnectivity of systems, which is enabled by an open platform VMS. As IP cameras go mainstream, and users can look to take advantage of technologies such as IoT, AI and smart devices. Open platforms that support multiple technologies and avoid vendor lock-in will be in high demand. Open platform video management software (VMS) promises flexibility, choice and possibilities that future proof your solutions. We expect end-users to opt for resellers or solution providers who can support them with a flexible and customizable platform and communicate the right value and benefits of the open VMS.

  1. Cybersecurity

As video cameras become more connected to diverse systems because of increased IoT adoption, cybersecurity concerns are likely to increase. Hackers gaining access to cameras to record videos, selling camera access to third parties, or even using cameras to spy on shops or steal credit card information could become a common occurrence. Customers will need to be aware of and seek out sophisticated security protocols in video solutions, such as high-level encryption of web and mobile user access, authentication and authorization of third-party applications, physical separation of camera and client networks, and vulnerability scoring systems. Customers must increasingly evaluate video management solution vendors on these criteria to ensure that their advanced, feature-rich video solutions are secure and stable.

  1. Demand for Cloud-based video surveillance solutions will increase

Cloud-based video solutions are gaining in popularity due to their efficiency, flexibility, cost-effectiveness, and security. Small and medium-sized businesses are mainly enthusiastic about video as a Service (VSaaS). VSaaS enables hosting of hardware and software of security operations in the cloud so that users can access their IP cameras and IoT devices and check video footage or alarm linkage from anywhere. With no on-site server installation and system configuration required, it is often more convenient than traditional video solutions.

Cloud also enables metered use so users can distribute costs over a contract term and pay only for the services that are used. Popular cloud services providers like Amazon offer flexible and scalable VSaaS solutions with elastic compute, storage and networking capabilities. VMS solutions that integrate well with AWS VSaaS will witness increasing traction.

  1. Smart search will become increasingly popular in video solutions

Smart Search is an advanced feature based on motion detection that helps users review videos in sizable numbers or huge file sizes. Users can search for a specific activity based on pre-described smart search settings. Combined with metadata search and indexing, this feature can make searching and reviewing relevant video content much faster. With smart search, organizations can improve the speed and efficiency of their security reviews, strengthening their overall security infrastructure.

Video technology solution poised for growth

This growth can be expected to be exponential, alongside increased penetration in smaller cities. The advent of new technologies also means that we can expect increased sophistication of use and integration. Our future will hinge on not just new uses and applications, but also enhancing the security, operational efficiencies, and ROI of existing solutions.


Fiber to the Home Becoming a Basic Need

October 15, 2020

In its specialist magazine CONNECTIONS No. 59, R&M reports on demands now being made of broadband networks, partly because of remote working. In addition, the magazine also focuses on ‘Using synergies of FTTH and 5G infrastructures’.

BENGALURU, India/Wetzikon, Switzerland October 15, 2020 – R&M, When it comes to cabling, fiber optic connections are now standard. Fiber to the Home is becoming just as important as the energy and water supply. This is something R&M, the globally active developer and provider of cabling systems for high-quality network infrastructures, based in Wetzikon, Switzerland, quite clearly emphasizes in the latest issue of its specialist magazine CONNECTIONS.

Among other things, the magazine reports on the essential need for exhaustive fiber optic connectivity. And this need has certainly been confirmed in 2020. Millions of people suddenly had to start working from home as a result of the pandemic. They need stable, fast communication and Internet connections to their companies and clients. Telecommunication networks with conventional copper cabling and DSL Internet access have demonstrated their performance limits, even in large cities of international standing, as illustrated by R&M CMO Andreas Rüsseler.

The traditional architecture of the last mile to the subscriber has not yet been designed to cope with an era of mass teleworking,” says Andreas Rüsseler. While a reliable supply of energy and water has long been standard everywhere, the supply of broadband connectivity poses new challenges. There is a need for symmetric data transmission at minimum speeds of several hundred megabits per second. This can only be achieved with Fiber to the Home (FTTH).

In addition, the emerging 5G antenna network is also dependent on exhaustive fiber optic networks. In this context, R&M presents a possible solution in CONNECTIONS No. 59 involving the use of synergies of FTTH, Fiber to the Antenna (FTTA) and Fixed Wireless Access (FWA).

A further focal point in the magazine is network technology for the healthcare sector. R&M shows how antimicrobial cabling and network connections in hospitals can contribute to patients’ protection. The magazine also reports on a significant technological change in the Australian audiovisual market. And Matthias Gerber, R&M Market Manger LAN Cabling, introduces the recently established Single Pair Ethernet System Alliance. R&M features several reference projects in which exceptional cabling solutions are in use, including the new head office of watchmaker Swatch, the innovative laboratory and medical technology manufacturers Hamilton, and the visionary Chau Chak Wing Museum of Culture in Sydney.

The magazine is sent out to international business partners and is available for download here:

https://www.rdm.com/content/download/26363/2616135

About R&M

R&M (Reichle & De-Massari AG) is a leading global producer of future-proof products and systems for communication and data networks. The company’s close collaboration with certified partners results in pioneering work in the sectors LAN, Public and Telecom Networks as well as Data Centers. The Swiss family company stands for innovation, quality, and customer orientation. Thanks to the innovative strength of the company, R&M now covers the entire connectivity range. Additional information: www.rdm.com.


%d bloggers like this: