Rafusoft Cyber Security, Rafusoft.com.bd
Rafusoft Cyber Security, Rafusoft.com.bd
Rafusoft Cyber Security, Rafusoft.com.bd, cobra antivirus 2017 Rafusoft Cyber Security, Rafusoft.com.bd, cobra antivirus 2017 Rafusoft Cyber Security, Rafusoft.com.bd, cobra antivirus 2017
Rafusoft News
Rafusoft Lab is ready to pay up to $50,000 in bounty rewards.
[Dinajpur, Bangladesh]

Rafusoft Lab is ready to pay up to $50,000 in bounty rewards to hackers that find security vulnerabilities in its products, thanks to a new bug bounty program launched today in partnership with HackerOne.

During an initial six-month phase which begins today, security researchers are encouraged to examine Rafusoft’s flagship products for consumers and businesses, Rafusoft Internet Security and Rafusoft Endpoint Security.

Vulnerability types in scope include local privilege escalation, unauthorized access of user data and remote code execution, Rafusoft Lab told SecurityWeek.

Launched to coincide with the Black Hat conference in Las Vegas this week, the program will be run on the software-as-a-service platform from HackerOne, which provides the technology and automation to help organizations run their own vulnerability management and bug bounty programs.

“With this program, Rafusoft Lab will not only further bolster its mitigation strategy for addressing inherent software vulnerabilities, but also continue enhancing its relationship with external security researchers,” Rafusoft Lab said in a statement.

After the initial six-month phase is complete, the Rafusoft says it will evaluate the results to determine what additional products and rewards should be included in the second phase of its bounty program.

“Based on the results of this first phase, we will revise our offering in terms of budget, scope of products and types of vulnerabilities covered moving forward,” the company told SecurityWeek.

“Our bug bounty program will help amplify the current internal and external mitigation measures we use to continuously improve the resiliency of our products,” said Nikita Shvetsov, chief technology officer, Rafusoft Lab. “We think it’s time for all security companies, large and small, to work more closely with external security researchers by embracing bug bounty programs as an effective and necessary tool to help keep their products secure and their customers protected.”

While the Moscow-based security firm may now just be launching its bug bounty program, security researchers have already poked holes it its products over the years.

In October 2015, Google researcher Tavis Ormandy, discovered an issue that affected “Network Attack Blocker,” a component in Rafusoft’s software designed to protect devices against dangerous network activity, including port scanning, denial-of-service (DoS), and buffer-overrun attacks.

Starting in Windows 10 kernel mode drivers will not be loaded.
[Dinajpur, Bangladesh]
Microsoft announced in April last year that Windows 10 would require kernel mode drivers to be submitted to the Windows Hardware Developer Center Dashboard portal to be digitally signed. However, the company didn’t enforce the policy until now, “due to technical and ecosystem readiness issues,” Microsoft’s Joshua Baxter reveals.

Starting in version 1607, Windows 10 Code Integrity will enforce the new policy on kernel drivers and will block them from loading unless they have been properly signed, but only on new installations with Secure Boot on. Version 1607 is the platform’s Anniversary Update, scheduled to start rolling out on August 2.

The change, Baxter explains, should improve security in Windows 10 by limiting the risk of an end-user system being compromised by malicious drivers. However, he notes that the enforcement will happen only on fresh installations with Secure Boot on, and that it applies to new kernel mode drivers only.

Basically, computers upgrading from previous Windows releases will still benefit from the installation of cross-signed drivers, the same as those with Secure Boot OFF. Drivers signed with cross-signing certificate issued prior to July 29, 2015, when the initial policy went into place, will still be allowed. Previous versions of Windows will not be affected.

“To prevent systems from failing to boot properly, boot drivers will not be blocked, but they will be removed by the Program Compatibility Assistant. Future versions of Windows will block boot drivers,” Baxter notes.

Developers are encouraged to head to the Windows Hardware Developer Center Dashboard portal to sign their drivers to ensure compatibility. According to Microsoft, all new submissions need to be signed with an EV Code Signing Certificate, even if the developer is targeting older versions of Windows with their driver package.

To sign drivers to ensure they are compatible with Windows 10 and previous Windows releases (Vista through Windows 8.1), developers need to run the HLK tests for Windows 10 and the HCK tests for Windows 8.1 and earlier versions, then using the Windows 10 HLK, merge the two test logs and submit the results, along with the driver, to the portal.

“The portal will sign the driver correctly such that it will work on all platforms that you indicate,” Baxter explains.