OPSWAT Update

January kicked off an exciting start to 2021 at OPSWAT and we are thrilled to update you on the newest critical infrastructure protection highlights and OPSWAT products. A few highlights are summarized below:

OPSWAT News Highlights

Detect and Prevent the VMware WorkSpace ONE Access exploit [CVE-2020-4006]

In November, VMware disclosed a flaw in VMWare WorkSpace ONE Access (formerly known as VMware Identity Manager). The vulnerability can be used to nefariously access the system’s web-based management interface and execute arbitrary commands with elevated privileges at the operating system level.

Based on the information provided by VMware in their advisory, OPSWAT has added the ability to detect the CVE on a device and report it in MetaAccess. When detected, it is reported both in the MetaAccess management portal and to a user of the infected computer from the OPSWAT Client running on that device.

Protecting Critical Infrastructure from Advanced Cyberattacks

The frequency and severity of targeted cyberattacks from organizations around the world continue to increase. The latest example is the SolarWinds hack which targeted multiple government and private organizations. While experts are still analyzing the root cause and remediation solutions, one thing is clear – organizations need to further strengthen their critical infrastructure protection to avoid becoming the next victim. In the latest Advanced Threat Prevention blog, we summarize how a few of our products and technologies can help protect against and mitigate the damage from advanced cyberattacks.

OPSWAT Product Spotlight

New URL Classification in MetaDefender Cloud

MetaDefender Cloud Reputation API allows users to search for Hashes, IPs, Domains and URLs. The IP, Domain, and URL data is provided by multiple vendors specializing in detecting malicious internet servers and/or whitelisting trustworthy domains.

OPSWAT recently released an update to our IP-Domain reputation service to include URL Classification information. The classification is done by the engineers performing the IP-Domain analysis. To test the new URL classification feature, register for an OPSWAT account and visit the MetaDefender Cloud website or read more about URL classification in our documentation page.

Deep CDR prevents Advanced Maldoc Techniques – VBA Stomping

Macros remain the most popular vector for malware and payload delivery. In fact, malware authors are switching to attack methodologies that leverage MS Office and script-based threats. Using the VBA stomping technique, the original macro script is altered to show a simple message. This prevents anti-malware programs from detecting the suspicious active content in the file. However, the macro is still executable (via the p-code) and requests to execute the command line.

To learn about how OPSWAT Deep CDR protects you from all malicious content hidden in files and removes both macro source code and p-code within documents, and understand how Deep CDR is effective in the VBA Stomping scenario, watch our demo video.

Detect and Remove Sensitive Data in Cropped Images Embedded in Word Files with Proactive DLP (Data Loss Prevention)

Cropping pictures inserted in an Office file (such as a Word document, PowerPoint presentation, or Excel workbook) is a widely used feature in Microsoft Office apps but can be a threat vector for data breaches. OPSWAT Proactive DLP can help organizations prevent sensitive and regulated data from leaving or entering the organization’s systems by content-checking all files and emails for sensitive content before they are transferred. MetaDefender can search over 30 widely-used productivity file types, including Microsoft Office, PDF, CSV, HTML and image files.

Learn More

New MetaDefender Performance Testing Tool

To provide a consistent set of criteria and obtain reliable results, OPSWAT developed a performance testing tool to evaluate the speed, responsiveness and stability of MetaDefender under load. Our tool is based on Gatling, an open-source performance testing framework commonly used by many developers and quality assurance (QA) engineers all over the world. Our performance testing tool is now available to download.

Learn More

Other Product News

Read about more product announcements for OESIS, Drive, and Vault in the OPSWAT Blog.

Critical Infrastructure Resources

Data Diode Comparison Guide

Data diodes, or one-way data transfer devices, secure the transfer of data between low and high-security networks. The research needed to make a purchase decision can be daunting, especially on a deadline. To make this process easier, we did the research for you and put it in one place. This guide contains information on the features of 30+ industry-leading data diodes.

Download the Guide

To access other resources, visit OPSWAT CIP Resources.

Additional Information

Subscribe to the OPSWAT blog or Newsletter to receive access to regular tips and best practices on cybersecurity along with updates on OPSWAT technology and products.

If you would like additional information about any topics listed here, or have other questions, please contact your OPSWAT account manager or request a consultation.

Best Regards,

Team OPSWAT

Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.