Endpoint

9/24/2015
10:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Red Balloon Security Announces Advanced Host Based Security For Embedded Devices

HP first to deploy secured embedded devices technology on select LaserJet printers

September 22nd, 2015 (New York, NY) – Red Balloon Security, the leading company behind strong host-based embedded security, today announced commercially available defense technologies that significantly reduce the threat of embedded device malware attacks on end users and organizations. HP is deploying this host-based defense technology on three new HP LaserJet Enterprise printers and MFPs coming out this fall. HP will also deliver a firmware update enabling these capabilities on all Future Smart-enabled HP LaserJet Enterprise printers already operating in the field.

Red Balloon Security’s technology originated from a Columbia Engineering laboratory in response to increased and forecasted exploitation of embedded devices.  Columbia University exclusively transferred the technology to Red Balloon Security to make advanced anti-malware available to the commercial market. “Our technology is the culmination of almost a decade of work,” said Dr. Ang Cui, Chief Scientist and CEO of Red Balloon. “It was designed to install easily on any device without modifying the hardware or source code and works on any CPU and all operating systems.”

Red Balloon Security technology is a first-of-its-kind intrusion defense that provides persistent implant detection, in-device memory monitoring and situational awareness to protect against malicious attacks.  The technology is broadly compatible with printers, routers, automobiles, telephony, peripherals, point of sale, industrial control, aviation, medical equipment and more.  It can be installed on any embedded devices, a result of Red Balloon Security’s decade long relationship with Department of Homeland Security Science and Technology (S&T) Directorate and DARPA. Until now, hardening all types of embedded devices has proven intractable and prohibitively costly at scale.

Red Balloon Security is making a commitment to improving device security, and upgrades are planned to continue to fortify the security posture of the company’s technologies.

About Red Balloon Security

Red Balloon Security is the leading embedded device security company, delivering deep host-based defense for all devices. We build technologies that provide intrusion defense and situational awareness capable of defending against advanced zero-day exploitation of embedded devices. Red Balloon Security works with public sector, manufacturers and enterprises. Red Balloon Security is a privately held company based in New York City started by researchers from Columbia University.  It is a Columbia Portfolio Company and a Microsoft Ventures Accelerator company. More information can be found at https://www.redballoonsecurity.com.

 

# # #

 

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
New Mirai Version Targets Business IoT Devices
Dark Reading Staff 3/19/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Reading Schneier's Friday Squid Blog again?
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-6149
PUBLISHED: 2019-03-18
An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.
CVE-2018-15509
PUBLISHED: 2019-03-18
Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).
CVE-2018-20806
PUBLISHED: 2019-03-17
Phamm (aka PHP LDAP Virtual Hosting Manager) 0.6.8 allows XSS via the login page (the /public/main.php action parameter).
CVE-2019-5616
PUBLISHED: 2019-03-15
CircuitWerkes Sicon-8, a hardware device used for managing electrical devices, ships with a web-based front-end controller and implements an authentication mechanism in JavaScript that is run in the context of a user's web browser.
CVE-2018-17882
PUBLISHED: 2019-03-15
An Integer overflow vulnerability exists in the batchTransfer function of a smart contract implementation for CryptoBotsBattle (CBTB), an Ethereum token. This vulnerability could be used by an attacker to create an arbitrary amount of tokens for any user.