Latest news with #ZeroTrustNetworkAccess
Yahoo
22-05-2025
- Business
- Yahoo
IIJ Launches Safous Privileged Remote Access to Strengthen Security Across IT, OT, and IoT
Consolidates Zero Trust, PAM, and IAM into a single platform to streamline secure remote access and privileged account management. Helps organizations meet cybersecurity regulations through application-level controls and microsegmentation, reducing lateral movement and simplifying compliance. TOKYO, May 22, 2025 /PRNewswire/ -- Internet Initiative Japan Inc. (IIJ, TSE Prime: 3774), a leading provider of Zero Trust security solutions, today announced the launch of Safous Privileged Remote Access, an integrated platform that combines Zero Trust Network Access (ZTNA), Privileged Access Management (PAM), and Identity and Access Management (IAM) in a single, streamlined solution. Designed to address two of the most common ransomware attack vectors – unsecured remote access and compromised privileged accounts – Safous Privileged Remote Access helps organizations reduce risk, eliminate complexity, and unify access control across IT, OT, and IoT environments. The platform builds on IIJ's proven Safous Zero Trust architecture and now incorporates robust PAM capabilities that align with Gartner's Remote Privileged Access Management (RPAM) criteria. By tightly monitoring and controlling privileged sessions, the solution delivers full visibility and control over sensitive systems and users. Key features include: Unified IT, OT, and IoT security:Supports secure remote access for operational technology, RPAM for corporate IT environments, and secure connectivity for IoT systems – providing holistic protection across industries such as manufacturing, healthcare, finance, and critical infrastructure. Integrated Zero Trust + PAM + IAM:Combines VPN-less Zero Trust connectivity with role-based privileged access and identity verification. This layered approach directly targets the core vulnerabilities exploited in modern ransomware and supply chain attacks. Microsegmentation for application-level control:Limits user access based on role and application, rather than broad network access, minimizing the risk of lateral movement and unauthorized entry across systems. Built-in compliance support:Simplifies adherence to global and regional cybersecurity regulations—including ISO/IEC 27001, NIST 800-171, and APAC-specific CIIO/NCII requirements—by consolidating critical controls into a single platform. "Integrating microsegmentation and privileged access controls into a unified Zero Trust framework, we empower enterprises to better protect their critical systems and data without adding unnecessary complexity," said Miki Tanaka, Global Business Director at IIJ. "Whether your infrastructure is air-gapped on-premises, operating in the cloud, reliant on legacy systems, or restricted to a single shared privileged account, Safous Privileged Remote Access delivers modern defenses and full operational traceability across every environment." Safous Privileged Remote Access is now available. For more information, visit About IIJ Founded in 1992, IIJ is one of Japan's leading Internet-access and comprehensive network solutions providers. IIJ and its group companies provide total network solutions that mainly cater to high-end corporate customers. IIJ's services include high-quality Internet connectivity services, systems integration, cloud computing services, security services and mobile services. Moreover, IIJ has built one of the largest Internet backbone networks in Japan that is connected to the United States, the United Kingdom and Asia. IIJ was listed on the Prime Market of the Tokyo Stock Exchange in 2022. For more information about IIJ, visit the official website: The statements within this release contain forward-looking statements about our future plans that involve risk and uncertainty. These statements may differ materially from actual future events or results. This press release contains forward-looking statements about plans that involve risks and uncertainties. Actual events or results may differ materially from those anticipated. For inquiries, contact: IIJ Global Solutions Singapore (Safous Team)Regional Head, Sales and MarketingRoy KikuchiEmail: info@ View original content: SOURCE Internet Initiative Japan Inc.
Yahoo
12-05-2025
- Yahoo
Your antivirus won't see this coming. Here's how blob-based phishing attacks are silently stealing passwords from right under your nose
When you buy through links on our articles, Future and its syndication partners may earn a commission. Bypasses email gateways and security tools by never hitting a real server Blob URIs mean phishing content isn't hosted online, so filters never see it coming No weird URLs, no dodgy domains, just silent theft from a fake Microsoft login page Security researchers have uncovered a series of phishing campaigns that use a rarely exploited technique to steal login credentials, even when those credentials are protected by encryption. New research from Cofense warns the method relies on blob URIs, a browser feature designed to display temporary local content, and cybercriminals are now abusing this feature to deliver phishing pages. Blob URIs are created and accessed entirely within a user's browser, meaning the phishing content never exists on a public-facing server. This makes it extremely difficult for even the most advanced endpoint protection systems to detect. In these campaigns, the phishing process begins with an email that easily bypasses Secure Email Gateways (SEGs). These emails typically contain a link to what appears to be a legitimate page, often hosted on trusted domains such as Microsoft's OneDrive. However, this initial page doesn't host the phishing content directly. Instead, it acts as an intermediary, silently loading a threat-actor-controlled HTML file that decodes into a blob URI. The result is a fake login page rendered within the victim's browser, designed to closely mimic Microsoft's sign-in portal. To the victim, nothing seems out of place - no strange URLs or obvious signs of fraud - just a prompt to log in to view a secure message or access a document. Once they click 'Sign in,' the page redirects to another attacker-controlled HTML file, which generates a local blob URI that displays the spoofed login page. Because blob URIs operate entirely within the browser's memory and are inaccessible from outside the session, traditional security tools are unable to scan or block the content. 'This method makes detection and analysis especially tricky,' said Jacob Malimban of the Cofense Intelligence Team. 'The phishing page is created and rendered locally using a blob URI. It's not hosted online, so it can't be scanned or blocked in the usual way.' Credentials entered on the spoofed page are silently exfiltrated to a remote threat actor endpoint, leaving the victim unaware. AI-based security filters also struggle to catch these attacks, as blob URIs are rarely used maliciously and may not be well-represented in training data. Researchers warn that unless detection methods evolve, this technique is likely to gain traction among attackers. To defend against such threats, organizations are urged to adopt advanced Firewall-as-a-Service (FWAAS) and Zero Trust Network Access (ZTNA) solutions that can help secure access and flag suspicious login activity. These are the best business laptops available to buy right now And you should take a look at the best office chairs we've tried Ransomware hackers target a new Windows security flaw to hit businesses
Business Wire
06-05-2025
- Business
- Business Wire
247connect Makes Remote Desktop Access Simple and Affordable!
LONDON--(BUSINESS WIRE)-- Businesses looking to remotely solve IT issues quickly and securely can now do so at an even lower cost with the latest version of this focused support solution. Simple. Secure. Affordable. Learn more about our remote desktop software and start a 2-week free trial! Share For businesses seeking a simple, powerful solution to support their devices remotely, 247connect's latest version makes this possible – all at an affordable price point. With 247connect, IT teams and support staff can rely on fast, reliable and secure connections every time, enabling them to deliver high-quality support while minimising downtime for customers and employees. The software's easy-to-use and intuitive features make it effortless to troubleshoot, manage and fix both on-demand and managed devices, regardless of location. Fast and effective for businesses Tom Murray, Product Manager at 247connect, explains the latest enhancements: 'We wanted to tackle the challenges that many companies face with complicated or unreliable remote support solutions. 247connect's latest improvements mean that companies can experience a straightforward installation process, alongside a clear and user-friendly interface that requires minimal training for staff. We focus on a core set of essential tools to ensure customers can do more with less and avoid being overwhelmed by a lengthy feature list. 'We also ensure a fixed, low-cost price without any additional charges to unlock the 'real' features. Customers simply install 247connect on all their devices and only pay to support the ones they need to at any time.' Security at its heart Designed with security as a priority and backed by a company with over 30 years of remote support development experience, 247connect includes robust, built-in safeguards such as Zero Trust Network Access (ZTNA), two-factor authentication (2FA) and 256-bit AES encryption that ensure every remote session is secure and protected. So, whether users are supporting a remote workforce or managing a distributed IT infrastructure, 247connect delivers a reliable connection they can trust. Learn more For more information about 247connect or to start your free trial, visit About 247connect 247connect is from NetSupport, an international based software developer that has pioneered remote support technology for over 30 years and is known for its excellence within the technology industry. Learn more at or contact: Katie Hall at
Malay Mail
06-05-2025
- Business
- Malay Mail
SonicWall Redefines Cybersecurity, Sets New Standard with Next Generation Network Security Solutions Built for MSPs
Delivering peace of mind with layered security, co-managed services and a unified management platform, SonicWall is helping partners grow services profitably through its continued innovation leveraging next generation firewalls Gen 8 Firewalls (NSa 2800/3800) : Mid-enterprise, high-performance NGFW built for more demanding SMB environments with advanced threat protection. : Mid-enterprise, high-performance NGFW built for more demanding SMB environments with advanced threat protection. Zero Trust Network Access (ZTNA) : Raising the bar relative to implementation and ease of use, with one-click ZTNA connector for secure, simple, policy-based access with dramatically improved network performance and security versus legacy VPN. : Raising the bar relative to implementation and ease of use, with one-click ZTNA connector for secure, simple, policy-based access with dramatically improved network performance and security versus legacy VPN. Managed Protection Security Services (MPSS): Backed by SonicSentry NOC team the new MPSS bundle extends our partner's bench with a team of network security professionals to ensure firewalls are configured, deployed and updated correctly to provide the best threat protection possible. MPSS is a must have service from SonicWall that will fast become the industry standard for firewall management. NSM 3.0: SaaS and on-premises platform offering unparalleled visibility and efficiency with harmonized cloud/on-box management. SonicPlatform: A unified, cloud-native platform for centralizing management of all SonicWall appliances, services, and third-party integrations. A unified, cloud-native platform for centralizing management of all SonicWall appliances, services, and third-party integrations. SonicWall AI for Monitoring & Insight (SAMI): Embedded AI/automation to streamline management, speed resolution, and reduce alert fatigue. Multi-Tenant Architecture : Manage multiple clients efficiently through one platform. : Manage multiple clients efficiently through one platform. Flexible Subscription Licensing : Monthly/annual options support the MSSP model. : Monthly/annual options support the MSSP model. Ecosystem Integration : Seamless third-party integrations for operational efficiency. : Seamless third-party integrations for operational efficiency. End-to-End Coverage: From endpoint to edge, SonicWall delivers centralized protection and compliance. SINGAPORE - Media OutReach Newswire - 6 May 2025 - SonicWall today unveiled a full suite of products and services purpose-built to empower and meet the evolving needs of Managed Service Providers (MSPs) and their customers with end-to-end cyber protection and profitable service expansion. At the core of this unveiling are new next-generation mid-range and high-end firewalls (NGFW) built for medium-sized businesses with embedded advanced threat new offerings include Managed Protection Security Services (MPSS) Firewall Management with 24/7 monitoring that allows MSPs of any size to offer managed firewall services backed by SonicWall's SonicSentry Network Operations Center (NOC) team. Delivered through the unified, cloud-native SonicPlatform , the service establishes a new industry standard by dramatically reducing cyber exposure, simplifying operations, and maximizing visibility, all backed by expert, always-on security teams and reinforced by a groundbreaking cyber warranty."SonicWall's new standard for cybersecurity marks a pivotal moment in our evolution as an innovator expanding into a platform-based cybersecurity leader," said SonicWall President and CEO Bob VanKirk. "As we continue to listen to our partners and evolve with their changing needs, we are consolidating fragmented tools into one secure, scalable, and smart platform. With this launch, we are bringing together industry-leading firewall threat performance, cloud-based ZTNA to replace legacy VPNs, co-managed NOC and SOC services and an industry-first cybersecurity warranty so MSPs have every tool they need to ensure the businesses they serve are safe, in a scalable and cost-effective way."Debasish Mukherjee, Vice President of Sales, APJ at SonicWall said, "Across APJ, MSPs and mid-sized businesses are under constant pressure to protect diverse IT environments while navigating resource constraints. SonicWall's unified platform and co-managed services are purpose-built to support this reality - empowering partners to scale with confidence, deliver 24/7 protection, and unlock new revenue opportunities through simplified, enterprise-grade cybersecurity."SonicWall is bringing together the tools MSPs need to deliver layered, AI-driven security, from next-generation firewalls and endpoint protection to secure remote access and advanced policy control, managed in one intuitive to eliminate fragmented tools and reduce operational complexity, SonicWall is making it easier than ever for MSPs to offer secure, scalable and smart solutions:"Over the past two years, we've focused on listening to our partners and addressing their challenges as cyberattacks accelerate, response times lag, and cybersecurity solutions grow increasingly complex," said SonicWall Chief Product Officer Peter Burke. "As a result, we have made dramatic improvements to the features and scalability of our firewall management platform and integrated them into a unified platform for account, security and network management that should simplify use and make partners more efficient. By consolidating end-to-end management and delivering key capabilities for scale and security, we're empowering partners to focus on growth, expanding their services, increasing profitability, and delivering greater value to their customers."The launch includes enhanced support through SonicSentry, SonicWall's global Managed Extended Detection and Response (MXDR) team, and MPSS. Built for MSPs, these co-managed services allow them to profitably deepen their bench and extend their service capabilities with 24x7 monitoring, health checks, patch management, and optimized firewall is no longer just about protection; it's about trust and resilience. When combined with SonicWall's partnership with Cysurance , SonicWall deployments can qualify for a tiered cyber warranty of up to $1 million, the industry's first offering of its kind. Managed deployments through MPSS double the coverage for participating customers."SonicWall's MPSS, will allow MSPs to deliver top-tier security to customers without the burden of constant firewall management," said Meriplex Channel Manager Greg Starr. "By offloading the complexities of firewall management, SonicWall partners will be able to deliver premium security services backed by 24/7 expert support and enhanced cyber warranty protection. This not only strengthens client trust but also opens new revenue opportunities for us as a partner, allowing us to scale and grow more efficiently."SonicWall's next-generation solutions are designed with the unique needs of MSPs in mind:With this comprehensive announcement, SonicWall continues its history of innovation providing products and services that support our channel partners need to scale securely, profitably, and with more information, visit: Hashtag: #SonicWall The issuer is solely responsible for the content of this announcement. About SonicWall SonicWall is a cybersecurity forerunner with more than 30 years of expertise and is recognized as the leading partner-first company. With the ability to build, scale and manage security across the cloud, hybrid and traditional environments in real-time, SonicWall provides seamless protection against the most evasive cyberattacks across endless exposure points for increasingly remote, mobile and cloud-enabled users. With its own threat research center, SonicWall can quickly and economically provide purpose-built security solutions to enable any organization—enterprise, government agencies and SMBs—around the world. For more information, visit or follow us on Twitter, LinkedIn, Facebook and Instagram.
Techday NZ
24-04-2025
- Business
- Techday NZ
Ericsson debuts clientless ZTNA for third-party access
Ericsson has announced the expansion of its NetCloud SASE product with a clientless Zero Trust Network Access (ZTNA) solution aimed at improving secure connections for third-party and BYOD users. The new clientless ZTNA functionality aims to provide organisations with a way to securely connect external users to authorised resources, offering added security while addressing the challenges of managing access to both managed and unmanaged devices, particularly in environments that prioritise wireless connectivity. This expanded solution builds on Ericsson's existing client-based ZTNA, introducing a flexible system designed to support IT teams that often need to accommodate a diverse range of devices and users. According to Ericsson, a significant advantage is its application isolation approach, which creates a virtual 'air gap' between corporate resources and devices that may not be secure, thereby reducing the risk of malware infiltration. Highlighting the prevalence of related security incidents, Ericsson pointed to data from KPMG, which indicates that 73% of organisations have experienced at least one significant disruption linked to third-party cyber incidents within the past three years. Ericsson's new clientless ZTNA solution utilises embedded isolation technology, differentiating itself from other solutions that depend solely on access controls by initiating application sessions within isolated cloud containers when accessed from unsecured devices. "5G uniquely introduces a surge of IoT and OT assets, which are frequently monitored and maintained by third-party suppliers and contractors. Unlike legacy VPNs that provide broad network access and are difficult to implement, NetCloud ZTNA offers a straightforward, policy-based solution that ensures users have isolated access to resources based on the principle of least privilege," Pankaj Malhotra, Head of WWAN & Security, Enterprise Wireless Solutions at Ericsson, said. The key features of the NetCloud SASE with clientless ZTNA include allowing contractors and BYOD users to access isolated applications via a secure URL without the use of VPNs, clients, or special browsers. The system also isolates interactions between unmanaged users and corporate systems in cloud containers, safeguarding against potential malware risks. Furthermore, access is governed by granular policies based on user roles and device types, following the principle of least privilege. The system conducts continuous risk assessments by leveraging real-time analytics and intrusion detection and prevention tools, with the capability to immediately revoke access in response to changes in user context or risk profile. The architecture eliminates the need for static public IP addresses. It hides internal IP information, operating under a default-deny model and micro-segmentation policies to block lateral movement within networks. All features are managed within the NetCloud Manager platform for simplified deployment and oversight, and the solution integrates with existing enterprise identity and access management systems to streamline authentication and reduce the issue of identity sprawl. "VPNs fail to address modern secure access needs due to their complexity, management overhead, security vulnerabilities, and performance issues, making ZTNA a must. But ZTNA solutions that rely on agents make it difficult for overburdened IT teams to deploy to third parties needing access to corporate resources. For organisations adopting a wireless-centric strategy, NetCloud SASE clientless ZTNA offers a unique, isolation-based approach which grants access to specified assets while providing effective protection against malicious activity and the threat of malware," John Grady, Principal Analyst at Enterprise Strategy Group, now part of Omdia, said. NetCloud SASE with clientless ZTNA is now included as part of the NetCloud ZTNA license. The addition allows enterprises to avoid reliance on VPNs, clients, or browser plug-ins, while providing what Ericsson describes as unified management for both security and connectivity solutions, including those related to 5G wireless WAN and SD-WAN.
