News & Notice more +
NPCore invites you to 'ISEC 2017'!
This invitation letter is linked to the pre-registration page. If you print and bring only invitation letter without pre-registration, you have to pay the field registration fee of 55,000 won (about $ 50). If you have any other questions, please contact us at the below number. Thank you!^^
Jessy Kang Marketing team / Assistant manager NPCore, Inc. NPCore is specialized in APT and ransomware defense solution and provides two-level defense on network and endpoint with behavior-based technology. ISBiz Tower 1001, 26, Yangpyeongro 21gil, Yeongdeungpogu, Seoul (07207) Tel. +82-70-7834-8918 / Fax. +82-2-413-5317 Email. firstname.lastname@example.org http://www.npcore.com
NPCore participated in 'RSA APJ 2017' and introduced EDR products of 'ZombieZERO Series'
There was a high interest in EDR products due to worldwide Ransomware attacks such as WannaCry and Petya.
In the first half of 2017, Ransomware has been and continues to be an issue in cybersecurity worldwide. The Ransomware attack targeting the Asian region has increased by about 27% compared to 2016, and this time, in the "RSA APJ (Asia Pacific & Japan) 2017" held in Singapore from July 26 to 28, NPCore (CEO: Han Seung-chul) showed APT / Ransomware response solution, 'Zombie Zero Series' to make sure of entering Southeast Asia market.
RSA APJ Conference, the 5th annual event this year, is the Southeast Asia event of RSA, the world's largest information security conference.
In this event, NPCore introduced the strengths of the new product line of 'ZombieZERO Series' to security officials in Southeast Asia who are interested in cyber security such as Ransomware and APT, and demonstrated the products.
NPCore is specialized in APT and Ransomware defense solution and provides two-level defense on network and endpoint with behavior-based technology.
Existing security solutions (signature-based Anti-virus) cannot respond against APT (targeting malware) and new / variant Ransomware such as WannaCry and Petya, and traditional Sandbox technology is vulnerable to malware bypassing virtual machine, new and variant Ransomware and attack through encryption section (SSL communication). To overcome these limitations, the importance of EDR (End Point Detection & Response) technology has been highlighted.
In line with this, NPCore recently released 4 security products for endpoints (▲ EDR for APT, ▲ EDR for Ransomware, ▲ SECaaS (Security as a Service), ▲ Zombie Zero EDR for Server). NPCore provides network-based security solutions for APT and Ransomware attacks, as well as endpoint security solutions, cloud type security solution, and server security solution.
NPCore's EDR products are especially well- received through consultation with various countries and companies such as government agencies, public institutions, and telecom companies in Singapore, SI companies in Malaysia, telecom companies and electric power company in Vietnam and global bank, etc.
Han, S.C., NPCore's CEO said "We had participated for 4 consecutive years, but this time we were able to see the high level of interest and demand for endpoint security, through consultation with a number of companies, due to the global Ransomware incidents such as WannaCry and Petya."
Picture : NPCore participated in 'RSA APJ (Asia Pacific & Japan) 2017' held in Singapore from July 26th to 28th and showed APT / Ransomware response solution, 'ZombieZERO Series'. NPCore's CEO, Han, S.C. is introducing new product by watching the demo video.
4,540 Ransomware incidents in first-half in Korea ... Triple last year
KISA's trend report…58% of malware is Ransomware
The Nayana incident, which paid $ 1.2 million, will increase hackers demanding money in second-half.▲ The photo shows the Integrated Control Center of KISA on June 28 when PETYA Ransomware infection case was found. In the first half of this year, the number of Ransomware incidents reported to the Korea Internet & Security Agency (KISA) was 4, 540, which is more than triple that of last year. Ransomware is a malware that requires money for recovery after encrypting important files. According to the "Q2 Cyber Threat Trend Report" published by KISA on the 19th, Ransomware demage reports increased 3.6 times from 990 in 1Q to 3,550 in 2Q. The number of reported demages in first-half is 4,540, which is 3.2 times higher than last year's 1,438 cases. In 2015, there were 770 cases. Because the impact of powerful Ransomware such as WannaCry and Petya was huge. 255 of 436 malwares collected in 2Q were Ransomware. Ransomware's share is 58.5%, up 14.5% from 1Q(44%). And it was the second most common type of malware, accounting for 30% (130), which was 17.3% more than the previous quarter. The information extortion type malware is mainly used to collect prior information for targeting attack such as APT (Advanced Persistent Threat). ▲ Source from KISA In 1Q, the advanced fake way via spear phishing (targeting type) emails and shortcut icons was used to distribute malware. In 2Q, large-scale distribution using Windows vulnerability (SMB) was popular. Attackers used various infiltration ways such as spreading malware distributed itself using the latest vulnerabilities, and attacking the server directly. Meanwhile, hacker's command control (C&C) servers were the most in US in 2Q. It seems because hackers used the US commercial cloud as the C&C server. Russia and China followed US.. The number of high-risk vulnerabilities identified in Q2 reached 1,110, nearing double 671 in 1Q. The company that had the most vulnerabilities was Google accounting for 11% of the total. Among the 126 Google vulnerabilities, 119 vulnerabilities were related to mobile OS, Android. Microsoft (8%), Adobe (7%) and Apple (6%) followed Google. KISA predicted that APT attacks and malware distribution will be very popular in 3Q based on the information collected by information extortion type malware because of the surge of information extortion type malware in 2Q. Web hosting company Nanyana, demaged by Ransomware, paid $ 1.2 million to hackers, so KISA worried the cases that hackers demand money will increase. KISA said, "We should pay special attention to internal network security management to prevent malware such as Petya Ransomware spread to the internal network from infecting. Please keep security updates of the OS and software up to date and periodically back up." [ Source : Yonhapnews Go, Hyun Sil email@example.com | 2017.07.19 | http://www.yonhapnews.co.kr/bulletin/2017/07/19/0200000000AKR20170719176300017.HTML ]
'Jigsaw Ransomware', produced in Korea, was found...Can be spread by RaaS type
A variant Ransomeware of Jigsaw that displays a clown mask image of the horror movie 'Saw' and deletes the encrypted file over certain time and requires a Bitcoin for the user, has been found. As the Ransomware is estimated to be made by Korean developers, we should care about RaaS (service type of Ransomware) spread, which is specialized in Korean IT environment. This Ransomware, found by the EST Security Response Center (ESRC) on July 19, is similar to existing Jigsaw Ransomware in almost character excepting the display of the clown mask image. ▲ Notice written in Korean According to ESRC, if this Ransomware succeed to infect, it displays a message on the PC screen and shows notice in Korean and dialogue type line by line and threatens to pay Bitcoin for decryption, similar to the movie 'Saw's scene that the criminal threatened hostage showing the message on TV. In addition, this Ransomware displays the sentence "Hey, let's start the game." and threatens to delete a hundred files repeatedly every 48 hours. This feature is the same as the movie's contents. ▲ Korean(Hangul) included in source code The notice was made in perfect spoken Korean using interjection and emoticons, as the result of source code analysis, much Korean was found in annotation and folder path, etc., so it's estimated that Korean developer participated in development directly. However, until the time of the Ransomware analysis, the actual file encryption did not proceed, and various manufactural errors (bugs) were found, so this Ransomware seems to be a sample made for testing. Ransomware is becoming a new source of revenue for cyber attackers, and Ransomware attacks targeting S.Korea, the most wired country in the world, are increasing day by day. It is estimated that now Korean developer, familiar with the Korean circumstances, jumped on the Ransomware attack through this Ransomware, so a more advanced attack using Korean users' psychology and the characteristic can emerge in the future. [ Source : KINEWS Park, Geun Mo | firstname.lastname@example.org | 2017.07.19 | http://www.kinews.net/news/articleView.html?idxno=109293 ]
NPCore Signed Technical Distributor Agreement with COREINFRA
▲ Han, Seung Chul, NPCore's CEO (left) and Kim, Jung Hoon, COREINFRA's CEO are taking a picture after signing a technical distributor agreement. NPCore (CEO: Han, Seung Chul), an information security company, signed a technical distributor agreement with COREINFRA (CEO : Kim, Jung Hoon), a telecom equipment consulting and maintenance company on July 14. COREINFRA will provide consulting and technical support for Zombie ZERO, an unknown APT / Ransomware dual defense solution based on behavior developed by NPCore with this distributor agreement. NPCore, established in 2008, is specialized in APT and Ransomware defense solution and provides two-level defense against new/variant APT/Ransomware on network and endpoint. Existing security solutions (signature-based Anti-virus) cannot respond to APT (targeted attacking malware) and new / variant Ransomware such as WannaCry and Petya, and existing Sandbox technology is vulnerable to malware bypassing a virtual machine, new and variant Ransomware and attack through encryption section (SSL communication). To overcome these limitations, the importance of EDR (End Point Detection & Response) technology has been highlighted. In line with this, NPCore recently released 4 security products (▲ ZombieZERO EDR for APT, ▲ ZombieZERO EDR for Ransomware, ▲ ZombieZERO SECaaS (Security as a Service), ▲ ZombieZERO EDR for Server) for endpoints to provide network's security solutions against APT and Ransomware attacks as well as endpoint's security solutions, cloud type security solution and server's security solution. Kim, Jung Hoon, COREINFRA's CEO, said, "Through this agreement, Zombie ZERO will become a important part of the cyber security business that responds to the APT and Ransomware attacks. I hope that Zombie ZERO combines with COREINFRA's consulting and technical support services efficiently and has a good synergy effect."