News
Panasonic Intros New PTZ Camera Line-Up in the MEA Region
Panasonic has announced five new models of its market-leading PTZ camera to address growing market demand in the region. The 4K integrated cameras AW-UE80W/K, AW-UE50W/K, AW-UE40W/K, AW-UE20W/K, and the HD integrated camera AW-HE20W/K have a new proprietary direct-drive system based on Panasonic’s own technology for quiet and smooth vertical and horizontal directions.
As regional organizations adapt to an accelerated digital environment, the quality of video transmission has become particularly critical to the education, corporate, live events, and broadcast industries. With clear images and dynamic image production that can only be obtained with Panasonic’s pan, tilt, and zoom movement, it is possible to improve the quality of online communication and enhance the sense of presence even when not face-to-face.
The AW-UE40, AW-UE50, and AW-UE80 will have a 24x optical zoom and up to a 36x intelligent zoom, as well as a 74.1-degree viewing angle to support usage in both indoor and outdoor environments. The latest generation of optical image stabilization (OIS) ensures excellent stability. All cameras will support PoE, enabling a single-cable solution whereby video and audio, control, and power can be provided to and from the camera via a single ethernet connection.
The new models support the latest IP-based video protocols, including NDI|HX version 2, while AW-UE80 supports full-bandwidth NDI. The PTZ cameras support SRT protocol will alongside RTMP and RTMPS. Furthermore, the AW-UE80 will also support the FreeD protocol to ensure integration with AR and VR systems alongside 4K/50p video capabilities.
The 4K-capable AW-UE20W/K and the HD integrated camera AW-HE20W/K are entry-level PTZ cameras produced specifically for the corporate and higher education markets. Both models will feature a wide-angle lens, the latest IP protocol certifications, and connectivity for SDI, HDMI, USB, and IP.
Panasonic offers an entire ecosystem of solutions to enable the new PTZ cameras to be smoothly introduced into existing camera systems. This includes use with its remote camera controllers, PTZ Control Center centralized control software, and its automatic tracking software for presentations and lectures, enabled by face recognition and human body detection.
“Our PTZ cameras are among the most used systems across the world and meet the needs of varied industries, serving customers from national governments to esports. Recently used at the Olympic and Paralympic Games Tokyo 2020, at venues including the Japan National Stadium and the Tokyo Aquatics Centre, they provide immersive experiences for the audience. A perfect solution for huge events like Expo 2020, the new models are true plug-and-play solutions, and offer the flexibility to easily pick the PTZ camera best suited for their needs,” said Hidetoshi Kaneko – Director System Solutions and Communications Division, Panasonic Marketing Middle East and Africa- FZE (PMMAF).
Cyber Security
Cloudflare Reports Q3 2024 DDoS Attack Trends
Cloudflare has announced its 2024 Q3 DDoS report. This report includes insights and trends about the DDoS threat landscape — as observed across the global Cloudflare network, which is one of the largest in the world. The number of DDoS attacks spiked in the third quarter of 2024. Cloudflare mitigated nearly 6 million DDoS attacks, representing a 49% increase in QoQ and a 55% increase YoY.
Out of those 6 million, Cloudflare’s autonomous DDoS defence systems detected and mitigated over 200 hyper-volumetric DDoS attacks exceeding rates of 3 terabits per second (Tbps) and 2 billion packets per second (Bpps). The largest attack peaked at 4.2 Tbps and lasted just a minute. The Banking & Financial Services industry was subjected to the most DDoS attacks. China was the country most targeted by DDoS attacks, and Indonesia was the largest source of DDoS attacks.
In Q3, Cloudflare’s systems mitigated nearly 6 million DDoS attacks bringing it to a total of 14.5 million DDoS attacks year-to-date (4.5 million in Q1 and 4 million in Q2). That’s an average of around 2,200 DDoS attacks every hour. Of those attacks, Cloudflare mitigated over 200 hyper-volumetric network-layer DDoS attacks that exceeded 1 Tbps or 1 Bpps. The largest attacks peaked at 3.8 Tbps and 2.2 Bpps. At the time of writing the Q3 report, on October 21, 2024, Cloudflare’s systems autonomously detected and mitigated a 4.2 Tbps DDoS attack that lasted around a minute.
Of the 6 million DDoS attacks, half were HTTP (application layer) DDoS attacks and half were network layer DDoS attacks. Network layer DDoS attacks increased by 51% QoQ and 45% YoY, and HTTP DDoS attacks increased by 61% QoQ and 68% YoY. 90% of DDoS attacks, including the largest of attacks, were very short-lived. The company did see, however, a slight increase (7%) in attacks lasting more than an hour. These longer attacks accounted for 3% of all attacks.
In Q3, Cloudflare saw an even distribution in the number of network-layer DDoS attacks compared to HTTP DDoS attacks. Of the network-layer DDoS attacks, SYN flood was the top attack vector followed by DNS flood attacks, UDP floods, SSDP reflection attacks, and ICMP reflection attacks. On the application layer, 72% of HTTP DDoS attacks were launched by known botnets and automatically mitigated by our proprietary heuristics.
In Q3, the company observed a 4,000% increase in SSDP amplification attacks compared to the previous quarter. Disabling UPnP on unnecessary devices and using DDoS mitigation strategies can help defend against this attack. In Q3, 80% of HTTP DDoS attack traffic impersonated the Google Chrome browser, which was the most common user agent observed in attacks. More specifically, Chrome 118, 119, 120, and 121 were the most common versions.
In second place, no user agent was seen for 9% of HTTP DDoS attack traffic. In third and fourth place, attacks were observed using the Go-http-client and fasthttp user agents. The former is the default HTTP client in Go’s standard library and the latter is a high-performance alternative. fasthttp is used to build fast web applications but is often used for DDoS attacks and web scraping too.
China was the most attacked location in the third quarter of 2024. The United Arab Emirates was ranked second, with Hong Kong in third place, followed closely by Singapore, Germany, and Brazil. In Q3, Banking & Financial Services was the most targeted by DDoS attacks. Information Technology & Services was ranked in second place, followed by the Telecommunications, Service Providers, and Carriers sector. Cryptocurrency, Internet, Gambling & Casinos, and Gaming followed closely behind as the next most targeted industries. Consumer Electronics, Construction & Civil Engineering, and the Retail industries rounded out the top ten most attacked industries.
Indonesia was the largest source of DDoS attacks in the third quarter of 2024. The Netherlands was the second-largest source, followed by Germany, Argentina, and Colombia. The next five largest sources included Singapore, Hong Kong, Russia, Finland, and Ukraine. The unprecedented surge in hyper-volumetric DDoS is capable of overwhelming Internet properties, particularly those relying on capacity-limited cloud services or on-premise solutions. The increasing use of powerful botnets, fuelled by geopolitical tensions and global events, is expanding the range of organizations at risk — many of which were not traditionally considered prime targets for DDoS attacks. Unfortunately, too many organizations reactively deploy DDoS protections after an attack has already caused significant damage.
Commenting on the report, Bashar Bashaireh, VP – Middle East and Türkiye at Cloudflare, says: “Our observations confirm that businesses with well-prepared, comprehensive security strategies are far more resilient against these cyber threats. At Cloudflare, we’re committed to safeguarding your Internet presence. Through significant investment in our automated defences and a robust portfolio of security products, we ensure proactive protection against both current and emerging threats — so you don’t have to.”
Cyber Security
Unsupervised Device Sharing Poses Security Risks for Kids
In the current security climate and with the complexities of a hybrid workforce, IT decision-makers still have a huge challenge when it comes to fully securing the workplace. A new Cisco study reveals that among parents who share their devices used for work with children in the UAE, 40 per cent allow unsupervised access with full knowledge of passcodes. Even among those without access to passcodes, 54 per cent remain unsupervised.
“In the UAE, the rise of remote work combined with the increasing prevalence of shared devices within families presents significant security challenges that cannot be overlooked,” says Fady Younes, Managing Director for Cybersecurity at Cisco Middle East, Africa, Türkiye, Romania and CIS. “As we navigate this landscape, it is crucial for organizations to not only implement robust security measures like multi-factor authentication and zero-trust frameworks but also to engage with employees in understanding their unique home environments. By fostering a culture of security awareness and adapting to the realities of family dynamics, we can better safeguard sensitive information while supporting working parents in our communities.”
With 91 per cent of working parents sharing a personal device used for work with a child in the past six months in the UAE, it is clear IT teams need to factor in more than just standard security risks. They need to consider more broadly the issues that arise in chaotic real-world environments, and how substituting security for convenience continues to be a threat. Among those sharing devices with children, the survey further shows low usage of effective security. Only 24 per cent use multi-factor authentication (MFA) for important work tasks, while 62 per cent simply rely on “strong” passwords.
In a time where over two-thirds of connected household devices are shared among family members (75 per cent vs 65 per cent two years ago), it’s time to sharpen up on best practices and monitor activity across devices – managed or unmanaged, fixed or mobile – to make sure nothing falls through the cracks.
Cisco’s Tips to Mitigate the Security Risk of Device Sharing:
- Work with rather than against users. Allow users to create guest user accounts on devices to allow family members restricted use without access to business systems but benefitting from corporate cyber protection. Permitting guest accounts is less than ideal, but it’s better than having unauthorised users with full access to a device.
- Implement multi-factor authentication *(MFA) or two actor authentication (2FA). When a user accesses a new application or system, verify that the user intended to act as an MFA/2FA ping or biometric recognition. A simple additional verification step will almost certainly prevent curious children from accessing sensitive systems.
- Keep sensitive business data protected. Not all data has equal security requirements, so guard sensitive data with additional elements such as zero trust network access (ZTNA), VPN, or multifactor authentication (MFA/2FA) so that it can only be accessed by the appropriate device user.
- Back-up, back-up and back-up again. The family home environment is hazardous for fragile electronic devices. Spilled coffee, lemonade or paint can easily disable a device, as can falls from height on to a tiled kitchen floor. Ensuring that important data isn’t lost and that replacement devices can be easily restored from backed-up data is vital to keeping hybrid workers operational.
- Educate users about cyber security. Devious users have a nasty habit of finding ways to subvert security protections if they find that these protections get in the way of their goals. Make sure users are aware of the importance of cyber security, the consequences of getting it wrong, as well as common threats and attacks. Simple policies reinforced with sanctions for transgressions help users understand what is acceptable and what is not.
Cyber Security
CrowdStrike to Acquire Adaptive Shield
CrowdStrike has announced it has agreed to acquire Adaptive Shield, a leading provider of SaaS security solutions. With this acquisition, CrowdStrike will be able to provide unified, end-to-end protection against identity-based attacks across the entire modern cloud ecosystem – from on-premises Active Directory to cloud-based identity providers and SaaS applications – delivered from a single, unified platform. Announced at Fal.Con Europe, CrowdStrike’s inaugural premier user conference in the region, this acquisition will position CrowdStrike as the leading provider of comprehensive protection across complex hybrid environments.
“CrowdStrike was built to tackle the toughest cybersecurity challenges, and we drive relentless innovation based on what our customers need to stay ahead of modern threats,” said George Kurtz, CEO and founder, CrowdStrike. “As SaaS and AI adoption grows, every new application brings additional complexity and the risk of misconfigurations across human and non-human accounts that create openings for sophisticated attacks. With the acquisition of Adaptive Shield, CrowdStrike will continue to set the standard for identity-based protection in the cloud, delivering best-in-class SaaS protection from the Falcon platform.”
Cloud exploitation cases grew by 110% last year, while identity-based attacks continue to rise – 75% of attacks to gain initial access are now malware-free. ‘Cross-domain’ adversaries, targeting identity and cloud, have numerous attack paths, from on-premises Active Directory to cloud-based identity providers and the growing landscape of SaaS applications. The complexity of modern hybrid cloud environments and disconnected security tools create protection gaps, making it difficult to prevent identity-based threats.
SaaS is projected to be the largest category of cloud computing in 2024, capturing more than 40% of all public cloud spending. Under the SaaS shared responsibility model, SaaS vendors provide security controls, while organizations manage configurations. In today’s complex environments, where hundreds of SaaS applications each come with unique access controls and identity configurations, security teams face significant challenges in maintaining visibility into who has access, what sensitive data is exposed, and active threats – even with purpose-built SaaS protection.
Adaptive Shield delivers the industry’s most complete security posture management and threat protection across SaaS identities, misconfigurations and data, stopping SaaS breaches. As an integrated component of the CrowdStrike Falcon cybersecurity platform, Adaptive Shield will equip CrowdStrike with the most advanced capabilities to stop identity-based attacks across all aspects of modern hybrid cloud environments. Customer benefits will include:
- Comprehensive SaaS Security Posture Management (SSPM): Organizations gain full visibility and governance over misconfigurations, the entitlements and activity levels of both human and non-human identities, and exposed data across 150+ SaaS applications. This new end-to-end visibility of identities across hybrid cloud environments gives operators a unique context for rapid cloud detection and response (CDR).
- GenAI Application Security Control: By continuously monitoring GenAI SaaS applications, Adaptive Shield empowers organizations to enforce consistent security standards by detecting configuration shifts, controlling AI settings to prevent data leakage, and identifying shadow AI applications to revoke access based on their risk profile. This approach ensures that AI-integrated applications remain aligned with security policies to protect sensitive data.
- Unified Hybrid Identity and Cloud Security: The powerful combination of Adaptive Shield and CrowdStrike Falcon Identity Protection will provide customers with comprehensive identity protection across SaaS, on-premises Active Directory and cloud-based environments (Okta and Microsoft Entra ID). CrowdStrike Falcon Cloud Security customers will also gain unified visibility and protection across the entire modern cloud estate – infrastructure, custom applications, data, AI models and SaaS applications – all from the same unified console and workflow.
- Existing Integration Accelerates Detection and Response: Adaptive Shield’s existing integration with CrowdStrike Falcon Next-Gen SIEM provides rapid first-party detection and response across multiple security domains – endpoints, identities, workloads and applications – automatically correlating detections inline with the latest threat intelligence and Falcon Fusion SOAR delivering near real-time response.
“Widespread adoption of SaaS applications has rapidly expanded the enterprise attack surface, as shared responsibility models and fragmented security controls make SaaS environments a prime target,” said Maor Bin, CEO and co-founder, Adaptive Shield. “Our mission perfectly complements CrowdStrike, stopping SaaS breaches while further accelerating consolidation on cybersecurity’s most comprehensive platform. I’m incredibly proud of our team for building the most advanced SaaS security solution, defining the market.”
-
Cyber Security1 week ago
Embargo Ransomware Group Targets Businesses with Advanced Tactics
-
Homeland Security1 week ago
Huawei Showcases Vision for a Safer, Smarter Future at Milipol Qatar 2024
-
Cyber Security1 day ago
Email Security Breach Rampant with 80% of Organisations Affected
-
Cyber Security1 day ago
Tackling Cyberbullying with Cybersecurity to Defend the Digital Playground
-
News1 day ago
Toshiba Collaborates with PROMISE Technology on Providing the Optimal Data Storage Technology for CERN’s Large Hadron Collider
-
Cyber Security1 day ago
CrowdStrike to Acquire Adaptive Shield
-
Cyber Security1 day ago
Positive Technologies Expands into ME and South Asia
-
Cyber Security9 hours ago
Unsupervised Device Sharing Poses Security Risks for Kids