UM Labs

Sad SACK: Linux kernel vulnerability identified by Netflix

Wednesday, 19th June 2019 | Posted in: Blog

A new Linux kernel vulnerability capable of triggering a system crash has been identified by Netflix researchers. The vulnerability is linked to the way that selective acknowledgements (SACK) are processed on network connections. The attack can be initiated remotely. Most VoIP and some UC  traffic relies on connectionless network transports and is not affected by this vulnerability, however when a device uses encryption, the connections used do expose the vulnerability….

Read More

Don’t Boil The Ocean, but make sure you can see the tidal wave!

Tuesday, 11th June 2019 | Posted in: Blog

Microsoft is joining the Mutually Agreed Norms for Routing Security (MANRS) initiative, whose primary objective is to reduce the most common threats to the Internet’s routing system. This collaboration is a step in which CSP’s can try and sort out DDOS attacks at routing levels, it is a great start. However, Cyber Security is about levels of defence over multi-levels, which usually means network, applications and then the content access…

Read More

TECH UK May 8th Data in Transit compliance and Cyber Security show and tell.

Thursday, 25th April 2019 | Posted in: Blog

UM-Labs R&D will be explaining why Data in Transit under Data Protection compliance and laws is key to protect and how this works set against multiple hackings. TECH UK has asked UM-Labs R&D to lead the discussion on Data in Transit which is prevalent in GDPR, NIS, California Consumer Act 2018 and financial regulations such as MiFidII, 23NYCRR500. 8th May 2019.  

Read More

UM Labs at RSA San Fransisco

Wednesday, 20th February 2019 | Posted in: Blog

UM Labs has been chosen by the UK’s Department for International Trade (DIT) as one of a small number of companies to join the UK  Pavilion at RSA 2019. Come and see us to lean about state of the art cyber security for Real-Time Communications (RTC)  including defences against attacks specific to IP based Instant Messaging, voice and video communications, fraud control and cryptography. Unicus™ is the only available technology…

Read More

Cyber attack wipes out email provider

Wednesday, 13th February 2019 | Posted in: Blog

A cyber attack on the 11th February has wiped out the email service provided by VFEmail. According to the company, the attack formatted all disks on every server. Every VM is lost, every file server is lost, every backup server is lost. Two days later, the company’s web is still showing the same message.   !!!ALERT!!!! Update Feb 11 2019 www.vfemail.net and mail.vfemail.net are currently unavailable. We have suffered catastrophic…

Read More

To all the CISO’s out there today: –

Thursday, 7th February 2019 | Posted in: Blog

CISO Risk issues versus CIO budget issues. While the concept of reasonableness is somewhat subjective, the questions for CISOs to ponder are these: Does my security program constitute reasonable protections for a company in my industry and would the legal system agree? If my company is breached, and I have to explain my actions a year from now in front of a court, will those actions show that I did…

Read More

What makes organisations take so much risk with everyday communication cyber security?

Monday, 21st January 2019 | Posted in: Blog

Cybercriminals are now estimated to pocket $1.5 trillion annually, a staggering amount equal to Russia’s gross domestic product, and five times the cost of approximately $300 billion resulting from natural disasters in 2017. Some studies predict that the takedown of a single cloud provider could result in $50 billion to $120 billion in economic damage, similar to the financial carnage stemming from Hurricane Sandy and Hurricane Katrina. May 2018, a…

Read More

VoIP and UC Security Market size set to exceed Enterprise Firewall Market

Monday, 17th December 2018 | Posted in: Blog

Since their market debut in the early 1990s, enterprise firewalls have formed the backbone of the security defences of most enterprises. It is therefore no surprise that the global enterprise firewall market is predicted to hit $8.41 Billion by 2019 (MarketsandMarkets™). What may be more surprising is that the market for application specific cyber security products and services is more than twice the size of the enterprise firewall market. The…

Read More

Spectre and Meltdown – UM Labs R&D Status

Wednesday, 12th December 2018 | Posted in: Blog

2018 started badly with announcements of two chip level security issues, Spectre and Meltdown. These are serious issues; their potential impact has reached the level where each has its own logo.   Both problems arise from design flaws in Intel, AMD and ARM processors. The flaws potentially allow one application to read the memory used by another application, or in the case of Meltdown for a user level application to read…

Read More

Slow Loris: Furry Primate or DoS Threat?

Tuesday, 4th December 2018 | Posted in: Blog

Slow Loris, a primate native to South East Asia  is also the name given to a Denial of Service attack normally targetted at web servers. The attack gets its name because it works by sending request for a web page line by line, very slowly. By forcing the web server to hold a partial request in memory while waiting for the complete request and by sending multiple partial requests,  the…

Read More