Webinar: How to Prevent WannaCry and Other Web Threats
Posted on by JudyCategories Events, Light Point Web, Security, Web SecurityLeave a comment on Webinar: How to Prevent WannaCry and Other Web Threats

Light Point Web prevents WannaCry and other ransomwareIn a matter of days, the WannaCry ransomware outbreak infected more than 230,000 computers in 150 countries. It impacted healthcare organizations, universities, government agencies, and many others, including FedEx. If you are concerned about the WannaCry ransomware and other similar attacks, join us for this informative webinar.

Light Point Security is hosting a joint webinar with partner, ELEVI Associates, today May 18 at 1pm EST. This educational webinar will explain the causes of ransomware and the devastating effects it can have on an organization. Learn about remote browser isolation technology and how it protects organizations from ransomware and other web-based threats.

Join us by signing up for the webinar here.

Register Now

Webinar: Full Browser Isolation with Threat-Free Downloads via Content Disarm and Reconstruction
Posted on by JudyCategories Events, Light Point Web, Press ReleaseLeave a comment on Webinar: Full Browser Isolation with Threat-Free Downloads via Content Disarm and Reconstruction

OPSWAT LogoAs our customers know, we are constantly increasing the value of Light Point Web by adding new features and functionality. In a joint effort with our partner OPSWAT, Light Point Web, which provides unmatched protection from web, document and email based malware, will enhance its current document-based malware protection capabilities by integrating OPSWAT’s Content Disarm and Reconstruction (CDR) technology into its platform.

Register Now

The new CDR (file sanitization) technology strips exploitable content from files for a complete threat-free browsing experience. By integrating OPSWAT’s CDR engines into Light Point Web all downloaded files will be thoroughly scanned and/or sanitized before the user’s local machine receives them. The integration will not impact the end users’ productivity, since all sanitized files will be reconstructed with all their functionality and usability intact. This joint solution provides users 100% malware prevention from malicious websites through Light Point Security’s Full Isolation technology and comprehensive malware protection from malicious file downloads through OPSWAT’s file sanitization and multi-scanning engines.

We are very excited about this new feature and will be hosting a joint webinar with OPSWAT to showcase the technology and discuss how this joint solution provides organizations complete end-to-end protection from malware without compromising user experience. The webinar is scheduled for Tuesday April 11, 2017 from 1:00 – 1:30pm EDT. We encourage all to attend, and you can sign up for the webinar here.

Visit the press release page for a full description of the joint integration.

Register Now

Light Point Security Partnership With Raven Data Technologies Provides MSPs With Additional Hosting Option
Posted on by Zuly GonzalezCategories Light Point Security Update, Light Point WebLeave a comment on Light Point Security Partnership With Raven Data Technologies Provides MSPs With Additional Hosting Option

Raven Data Technologies and Light Point Security Partner to deliver hosting for MSPsWe are excited to announce our partnership with Raven Data Technologies, an IT Solutions Company serving the MD, DC, VA, and PA region that specializes in providing security services to Managed Service Providers (MSPs). Raven Data Technologies combines decades of IT experience, risk management, and network security to deliver enterprise level IT solutions to businesses of any size, and we are thrilled that they have chosen to include Light Point Web Enterprise among their best-in-class managed security software offerings.

Light Point Web is a browser plugin that provides malware-free web browsing by transparently launching browsing sessions on a server-based virtual environment, thus preventing any website content (and possible malware) from ever reaching your computer.

Light Point Web offers flexible deployment options for every need: a cloud version for those that don’t want to deal with the hassle of maintaining their own servers, an on-premise version for enterprises that want more control, and now with our Raven Data Technologies partnership, a third-party hosted solution for Managed Service Providers that want to provide their clients with unmatched web security but don’t want to set up and maintain their own Light Point Web servers.

After vetting the Raven Data Technologies team we have selected them as our hosting partner for MSPs for their extensive security expertise and their vast knowledge of MSPs and their needs. Raven Data Technologies will now serve as our hosting partner for MSPs by hosting and maintaining the Light Point Web server infrastructure for them. Raven Data will also provide them with value added services, like technical support and client- and server-side upgrades.

To learn more about Raven Data Technologies and how they can help you secure your business, visit their website or follow them on Twitter.

Light Point Web Integrates With Metascan Online to Protect Against Malicious Downloads
Posted on by Beau AdkinsCategories Computer Security, Light Point Security Update, Light Point Web, Security, Web SecurityLeave a comment on Light Point Web Integrates With Metascan Online to Protect Against Malicious Downloads

OPSWAT LogoWe recently added a new feature to Light Point Web that warrants some extra recognition. We have added a server-side integration with OPSWAT’s Metascan Online service to provide yet another best-in-class layer of security for our users.

Metascan Online is a cloud service that can scan files with over 40 anti-virus engines, and do so in a matter of seconds. The fact that Metascan Online uses so many anti-virus engines is important. Just because one anti-virus engine claims that a file is safe, it doesn’t mean it is. It could be safe… or it could just be that this is a newer virus that has not been identified by that anti-virus vendor yet. It is actually common for new malware to only be identified by a small number of the anti-virus engines. With Metascan Online using so many anti-virus engines, we can get a much greater level of confidence that a safe file is indeed safe.

With our integration with Metascan Online, our users will get an extra level of assurance that every file they download is safe without having to wait around for the results. We offer this service for no extra charge for our cloud users.

How Does It Work?

When a user wants to download a file, Light Point Web will ask for their permission. If they say yes, that file will be downloaded to the Light Point Web server. Light Point Web will then ask Metascan Online to scan that file. If it is safe, the file is streamed to the user’s computer and the user is informed of the scan results.

LPS download no threats detected

If, on the other hand, the file is found to be malicious, the download is blocked and a message informs the user why.

LPS download threat detected

This all happens seamlessly to the user, so no extra work is required by the user to get this additional layer of protection.

Coming soon: If a file is found to be malicious, the dialog will also include a link to the scan results so that you can see further details on the threat detected and which engines detected it.

Enterprise Options

For our enterprise customers, we offer a couple of options: Metascan Online or Metascan on-premises. OPSWAT offers both a cloud version and an on-premise version of Metascan. This gives our enterprise customers the flexibility of choosing the option that works best for them.

If you are interested in learning more about how Light Point Web protects you while browsing the web, contact us, or sign up for a free trial to experience worry free web browsing for yourself.

Light Point Security CEO to Present at Columbia TechBreakfast
Posted on by Zuly GonzalezCategories Events, Light Point Security Update, Light Point WebLeave a comment on Light Point Security CEO to Present at Columbia TechBreakfast

Light Point Security to present at TechBreakfast eventWe’re excited to be presenting at the Columbia TechBreakfast tomorrow morning. TechBreakfast is a national organization with over 4,700 members in just the DC, Maryland, Virginia area, and over 7,000 members nationwide, with events in Silicon Valley, New York City, Austin, Philadelphia, and Boston, among others. TechBreakfast is a monthly demo-style event where entrepreneurs, techies, developers, designers, business people, and interested people see showcases on cool new technology in a demo format and interact with each other. The presenters have 7 minutes to demo and showcase their technology, followed by 3 minutes of Q&A from the audience.

We’re thrilled to have been selected to present at the TechBreakfast event in Columbia, MD tomorrow July 9 from 8:00am to 9:30am at the Loyola Columbia campus (8890 McGaw Rd #130, Columbia, MD). We demoed Light Point Security’s flagship product, Light Point Web, at last year’s Columbia TechBreakfast and had a lot of fun. We’re looking forward to giving the audience an update since last year and demonstrating Light Point Web’s new capabilities.

We hope you’ll join us. You can register to attend the free event here. Won’t be able to make it? Don’t despair. We’ll also be presenting at the Baltimore and Annapolis TechBreakfasts this fall.

Light Point Security to Present at TechBreakfast Event
Posted on by Zuly GonzalezCategories Events, Light Point Security Update, Light Point Web, StartupsLeave a comment on Light Point Security to Present at TechBreakfast Event

Light Point Security to present at TechBreakfast eventWe are excited to be presenting a short overview and demo of Light Point Web Enterprise at this month’s TechBreakfast event in Columbia, MD.

TechBreakfast is a monthly breakfast in Baltimore, Columbia, DC, and Northern Virginia where almost 2,000 (as of this writing the group is 3 people shy of hitting 2,000 members) entrepreneurs, techies, developers, designers and business people see showcases on cool new technology in a demo format and interact with each other. It’s “Show and Tell for Adults” where people show the innovative technology they are working on.

The format is limited to a 7 minute pitch/demo, followed by a 3 minute Q&A session. Our presentation will be similar to the one we gave at the RSA Conference 2013 Innovation Sandbox event, so those that missed RSA can catch it then. We’ll also give a live demo of Light Point Web Enterprise in action.

This month’s Columbia TechBreakfast is being held on March 12 from 8:00am to 10:00am at the Loyola Columbia campus (8890 McGaw Rd #130, Columbia, MD). Best of all it’s free to attend. Please stop by if you’re interested in connecting with us directly, or would like to learn more about Light Point Web Enterprise.

Light Point Web 2.1 Released
Posted on by Beau AdkinsCategories Light Point Security Update, Light Point WebLeave a comment on Light Point Web 2.1 Released

Light Point Web Malware ProtectionLight Point Security has just released Light Point Web 2.1. The 2.1 release contains lots of improvements, but the main goal was to lay the ground work for Light Point Web Enterprise.

Light Point Web Enterprise

Previously, if you wanted to use Light Point Web, you had to connect to the Light Point Web servers running in our cloud. There are positives and negatives to this approach.

Positives of Cloud Servers
  1. The user gets anonymous browsing.
  2. The user only has to install a plugin to their browser.
  3. All server-side maintenance is handled by us.
Negatives of Cloud Servers
  1. The user’s browsing session is occuring on a computer owned by someone else.
  2. The distance between a user and our servers introduces latency to page loading and a user’s interactions with a page.

Negative #1 may not be a problem for everyone. One great feature of Light Point Web is that you can bypass it whenever you want. You can use it for all your casual/risky browsing, but bypass it for sensitive/trusted tasks such as online banking.

However, this becomes a problem for an enterprise. An enterprise does not want to give employees the ability to bypass their security protections. At the same time, an enterprise does not want to rely on a third party to host employee browsing sessions. Light Point Web Enterprise solves this problem by allowing an enterprise to host a Light Point Web server inside their network, solely for the use of their employees. As a bonus, because the server is now inside their intranet, this eliminates negative #2 as well.

Enterprises can now get Non-persistent Desktop Browsing (known as NPDB) using our dual-layered virtualization, running on a server only they have access to.

Other Improvements

There were countless other improvements made that will enhance both the consumer and enterprise versions of Light Point Web. These include:

  • Numerous processor usage optimizations. This improvement consists of both client and server optimizations. First, algorithms in the client code were optimized to reduce processor usage and improve speed. Second, on the server we made changes to the processor scheduling to give quicker response times to user interactions.
  • Better font rendering. Previously we used the default fonts built into our Linux servers. However, most websites are designed with Windows fonts in mind. This caused words on sites to be rendered too wide, which sometimes lead to incorrect alignment of certain web page elements. We now use official Windows fonts, which results in sites being rendered the way they were designed to.
  • The ability for a user to select the best compression levels for their Internet connection speed. We now allow users to choose higher compression for slower links, and less compression for faster links. This results in the optimal performance for both cases.
  • The ability for a user to force a disconnection to the server. Previously, to end your connection with the Light Point Web server you had to either close all browser tabs using Light Point Web, or wait for the inactivity timer to disconnect you. We now added a menu item that allows a user to disconnect when they want while saving their state, so it can be resumed later.
  • Updated server-side browsing engine.
  • Updates to remain compatible with newer Firefox releases.

If you are interested in learning more about Light Point Web Enterprise or volunteering to perform a pilot deployment in your enterprise, please sign up here.

The Motivation Behind Malware
Posted on by Beau AdkinsCategories Light Point Web, Security, Web SecurityLeave a comment on The Motivation Behind Malware

Money from malwareLast night I came across a sobering article from Brian Krebs of KrebsOnSecurity. The article talked about a specific crimeware author that is advertising that he is in the market to buy fresh new browser exploits, but the article had much more information than just that.

The Value of an Exploit Kit

For some background, a crimeware gang has written an exploit kit named Blackhole. Its purpose is to exploit vulnerabilities in web browsers to install a malware payload on victims’ computers. The Blackhole kit itself doesn’t much care what the payload is. Instead, the author of Blackhole will lease his creation to others, and let them supply the malware.

Think about it like a delivery service. If I have a new piece of malware that I want installed on lots of computers around the world, I could pay to have Blackhole deliver it for me. Blackhole doesn’t need to know anything about what it is delivering, its job is only to get it delivered (yes, exactly like Jason Statham in The Transporter).

What is amazing about this is how much it costs to lease Blackhole. A three month license is $700, and a yearly license is $1,500. The creators will even provide hosting for you for $200/week or $500/month.

But that’s not all. The authors of Blackhole have built something even better, a second kit called the Cool Exploit Kit. From the article, it seems like the authors’ newest (and therefore most valuable) exploits are reserved for the Cool Exploit Kit. Only after an exploit becomes known is it moved to Blackhole. Access to the elite Cool Exploit Kit runs $10,000/month!

Additionally, the authors put out a statement that they want to buy more new exploits for browsers and browser plug-ins. They announced that they have set aside an initial budget of $100,000 to buy exploits and vulnerability proof-of-concepts. They stated that they are only interested in purchasing exploits that have not been published and that they will not release this information to the public either. Therefore, the targeted software will remain unpatched indefinitely.

The Motivation Behind Malware

There is only one reason why someone would spend that kind of money to get malware delivered – because it will pay for itself. The article showed that one specific cybergang’s income from just one flavor of ransomware was almost $400,000 a month.

This shows a very dangerous combination of facts. Getting malware onto a victim’s computer is worth a lot of money, so people will pay handsomely for new exploits to make that happen. This makes exploits worth a lot of money, so people will be motivated to continue creating them.

Our Mission

All of this reinforces our motivation here at Light Point Security. The web is now the most common way for malware authors to infect a victim’s computer. Unfortunately, in many cases, such as with the Cool Exploit Kit, cybercriminals use unpublished vulnerabilities in browsers and browser plugins to infect a victim’s computer with malware. By the time the vulnerability is discovered and fixed by the good guys, it is too late. The bad guys have infected tons of computers, and have moved on to the next vulnerability.

We are building Light Point Web to stop not some, not most, but all of these types of exploits – even the ones that have not been made public.

Light Point Security to Present at the CyberMaryland 2012 Conference
Posted on by Beau AdkinsCategories Events, Light Point Security Update, Light Point Web, SecurityLeave a comment on Light Point Security to Present at the CyberMaryland 2012 Conference

CyberMaryland 2012 conference

We are pleased to announce that we have been selected to present our technology at the CyberMaryland 2012 conference.

What Is CyberMaryland?

CyberMaryland is a cybersecurity conference held in Baltimore, MD for technology companies, business leaders, emerging professionals, policy makers, business innovators, entrepreneurs and federal, state, and local government personnel. The two-day conference features training sessions, an industry showcase, a live cyber challenge, and the Cyber Security Hall of Fame Induction Dinner. Not to mention networking!

The conference tracks are:

  • Cyber Innovation Track showcases future of cybersecurity products, new solutions, evolving technology, venture capital and rising stars.
  • Cyber Business Opportunities Track helps cybersecurity providers understand emerging growth opportunities, budgets, spending priorities, product requirements and specific government customer requirements.
  • Cyber Generation Track topics focus on preparing the next generation of cyber professionals, career preparedness and clearances, and talent development.

What Will Light Point Security Present?

We have been selected to demonstrate our product, Light Point Web, as part of their industry showcase session. We will have 45 minutes to give a presentation and demo of our technology to cybersecurity experts and enthusiasts. We will discuss some of Light Point Web’s newest features, and talk about how Light Point Web fits into a corporate environment. We will end the presentation with a five to ten minute live demo of Light Point Web.

We are pleased to have been selected for this honor, and we’re looking forward to the conference in general.

I hope some of you will join us at CyberMaryland!

Light Point Web Now Supports PDFs and Office Formats
Posted on by Beau AdkinsCategories Light Point Security Update, Light Point Web, Security, Web SecurityLeave a comment on Light Point Web Now Supports PDFs and Office Formats

Light Point Web Malware ProtectionRecently, we released an update to our servers that allow our users to view many popular document types through Light Point Web. To accomplish this, we are using the Google Docs Viewer. The Google Docs Viewer is a nifty little service from Google that can turn documents into normal webpages.

This addition will greatly enhance the security offered by Light Point Web. Previously, if a user of Light Point Web clicked on a link to a PDF file, the user would see our plugin screen. In order to view the document, the user would click the plugin screen, which would cause the user’s real browser to download and display the PDF file.

Light Point Web Plugin Screen
The Light Point Web Plugin Screen

While this functionality gave our users the ability to view PDFs and other files, it also exposed their computers to any malware that may have been hiding within that document since it required bypassing our security. PDF files can be very dangerous, as it is easy to embed malware within them. With this recent update, our users can now easily view documents without downloading them, which means these types of attacks will no longer be effective on our users.

How to Use the New Viewer

The new plugin viewer works automatically. Now, when you click a link to a supported file, such as a PDF, you will be sent to the Google Docs Viewer for that file. This gives you the ability to read the file without it ever touching your computer. At the top of each page there is a link under the “File” menu item to download the original file. Clicking that link takes you to the old plugin screen, which gives you the ability to open the file in your real browser, if you decide to.

Light Point Web Google Docs Viewer
Light Point Web with the Google Docs Viewer

What File Formats Are Supported?

There are quite a few file types supported by the Google Docs Viewer. Here is the full list. A quick rundown of the most common file types are:

  • Microsoft Word (.doc, .docx)
  • Microsoft Excel (.xls, .xlsx)
  • Microsoft PowerPoint (.ppt, .pptx)
  • Adobe PDF (.pdf)
  • PostScript (.eps, .ps)
  • Archives (.zip, .rar)
Categories
Archives