VIRTUALARMOUR FURTHER STRENGTHENS BUSINESS DEVELOPMENT & CLIENT RELATIONS EXPERTISE

VirtualArmour was taken private in Q3 2021. These legacy press releases are kept online for informational purposes. VirtualArmour is a proud member of the Evergreen Services Group family of companies.

Vancouver, B.C. – (March 28, 2017) Premier Managed Services Provider, VirtualArmour International Inc. (the “Company”) (CSE:VAI), is pleased to announce the appointment of Kyle Duffy as Director of Client Engagement.
Mr. Duffy comes to the role with over a decade of solution development and customer implementation experience across numerous industries including, mining, manufacturing, energy, transportation, finance and healthcare.
During his extensive career, Mr. Duffy has developed strategic SaaS solutions for multiple Fortune 500 companies and secured, designed and executed multi-million dollar hardware and software implementations for companies in a variety of different verticals.
In his role at VirtualArmour, he will be responsible for expanding the Company’s services and solutions to existing clients as well as developing and implementing action plans to further strengthen customer retention and encourage advocacy of its premier customer experience.
Mr. Duffy said “VirtualArmour is a rising star within the fast growing Managed Services and Cybersecurity space and I’m incredibly excited to be a part of a company that is scaling their operations rapidly as a direct result of the exceptional service experience it delivers to every one of its clients.”
“We believe Kyle’s appointment will deliver significant value to our Company and its clients. His passion for problem-solving and ability to offer smart and pragmatic strategies is highly impressive and will increase value to our existing customers as well as allowing us to further drive growth through both new and existing clients,” said Russ Armbrust, Vice-President of Sales at VirtualArmour.
About VirtualArmour
VirtualArmour is a premier Managed Services Provider (MSP) delivering customizable management of advanced network and security services to global businesses across numerous industry sectors. It is a trusted partner of several Fortune 500 organizations and uses only best-in-breed technology to protect and secure its clients.
VirtualArmour’s services operate around the clock through its Security Operations Centers (“SOC”) located in Middlesbrough, U.K. and Salt Lake City, Utah. Further information about the Company is available under its profile on the SEDAR website, www.sedar.com, on the CSE website, www.thecse.com, and on its website www.virtualarmour.com.
Company Contact:
Nick Dinsmoor
Vice President Marketing and Business Development
Office: 720-644-0913
[email protected]
Investor Relations Contact:
Babak Pedram
Office:  416-644-5081
[email protected]
Forward-Looking Information:
This press release may include forward-looking information within the meaning of Canadian securities legislation. The forward-looking information is based on certain key expectations and assumptions made by the management of VirtualArmour.  Although VirtualArmour believes that the expectations and assumptions on which such forward-looking information is based are reasonable, undue reliance should not be placed on the forward-looking information as VirtualArmour cannot provide any assurance that it will prove to be correct. These forward-looking statements are made as of the date of this press release and VirtualArmour disclaims any intent or obligation to update publicly any forward-looking information, whether as a result of new information, future events or results or otherwise, other than as required by applicable securities laws.

VIRTUALARMOUR AWARDED PARTNER OF THE YEAR BY JUNIPER NETWORKS

VirtualArmour was taken private in Q3 2021. These legacy press releases are kept online for informational purposes. VirtualArmour is a proud member of the Evergreen Services Group family of companies.

Vancouver, B.C. – (March 22, 2017) Premier Managed Services Provider (MSP), VirtualArmour International Inc. (the “Company”) (CSE:VAI), is pleased to announce that it has been recognized as a ‘Partner of the Year’ by Juniper Networks, an industry leader in automated, scalable and secure networks. VirtualArmour was specifically recognized in the category of Innovation for its development of a new cloud-based solution – CloudCastr
which expertly integrates Juniper Networks technologies with VirtualArmour services.
Jon Belcher, Vice President of Americas Partners and Inside Sales at Juniper Networks, said of the award, “Juniper is pleased to honor our Elite partner VirtualArmour, a company that combines a high level of ingenuity and business acumen in order to help solve the growing security issues faced by international businesses. VirtualArmour is one of our world-class global partners and we look forward to continuing to strengthen our relationship with them.”
“We pride ourselves on working with only the best technology providers in the market,” said Nick Dinsmoor, Vice President of Marketing at VirtualArmour. “We are delighted to call Juniper Networks our partner and look forward to continuing our work with them to provide our clients with the very best network and security solutions that are available.”
About VirtualArmour
VirtualArmour is a premier Managed Services Provider (MSP) delivering customizable management of advanced network and security services to global businesses across numerous industry sectors. It is a trusted partner of several Fortune 500 organizations and uses only best-in-breed technology to protect and secure its clients.
VirtualArmour’s services operate around the clock through its Security Operations Centers (“SOC”) located in Middlesbrough, U.K. and Salt Lake City, Utah. Further information about the Company is available under its profile on the SEDAR website, www.sedar.com, on the CSE website, www.thecse.com, and on its website www.virtualarmour.com.
Company Contact:
Nick Dinsmoor
Vice President Marketing and Business Development
Office: 720-644-0913
[email protected]

Investor Relations Contact:
Babak Pedram
Office:  416-644-5081
[email protected]

Forward-Looking Information:
This press release may include forward-looking information within the meaning of Canadian securities legislation. The forward-looking information is based on certain key expectations and assumptions made by the management of VirtualArmour.  Although VirtualArmour believes that the expectations and assumptions on which such forward-looking information is based are reasonable, undue reliance should not be placed on the forward-looking information as VirtualArmour cannot provide any assurance that it will prove to be correct. These forward-looking statements are made as of the date of this press release and VirtualArmour disclaims any intent or obligation to update publicly any forward-looking information, whether as a result of new information, future events or results or otherwise, other than as required by applicable securities laws.

Dark Web – The Internet's Dark Side

Dark Web – The Internet's Dark Side

The dark web is a growing concern in the cyber-security space and has been the subject of numerous, recent, crime-related headlines.

For users who access it, the dark web is a part of an anonymous network known as the ‘deep web’. It’s made up of a large assembly of data and domains not accessible through typical search directories such as Google on the ‘surface net’. The dark web and deep web are often confused as being the same thing, though, in reality, the dark web represents just a small portion of the deep web, but one where the majority of cyber-crime-related activities take place.

Gaining Access

The dark web is most commonly accessed through ‘Tor’, a web browser that allows users to access websites anonymously, retaining communications between users and web servers on an encrypted network and ‘defending’ them from the various forms of network surveillance that impede true privacy.

This anonymous nature of the dark web has made it an obvious hot spot for a host of malicious and illegal content. Drugs, weapons, illegal pornography and hacking services are among the nefarious bounty on offer. The majority of goods and services are sold on store-like sites, such as the now infamous ‘Silk Road’, and transactions are done using cryptocurrencies such as bitcoin in order to retain 100% anonymity. With no overriding authority and nothing traceable, criminals and cyber-criminals have found room to stretch within the dark web and are able to put their anonymity to the test.

Staying secure

Accessing the deep/dark web through Tor via an organization’s network can come with severe risk. Though Tor is used as an anonymous and secure service, it can undoubtedly cause damaging exposure to a network and the sensitive information held on it.

Vulnerabilities can be detected in Tor’s ‘exit nodes’ – this is the gateway that will decrypt traffic sent through Tor. Because the dark web is a free-for-all in most cases, an exit node can be used by anyone, and that certain person can access bits of data that is passed through the exit node such as usernames and passwords used in sessions.

Other security risks include the bypassing of network/company security measures which can be illegal and rule-breaking, the risk of malware/botnets attached to files from exit nodes, information theft, and even blackmail – these are all not uncommon.

Prevention the key to safety

As is the case with all cyber security related issues, maintaining prevention is far better than being forced to search for a cure. The keys to successful prevention are as follows;

  • Employee Training – Make it known to all network users that use of Tor use is not permitted. The majority of network security issues within organizations stem from a simple lack of knowledge and understanding relating to risk. In many cases, providing network users with an understanding of Tor and the risks and implications relating to its use will be enough to significantly reduce potential exposure.
  • Ensure endpoint blocks – Administrators/security analysts are able to block certain .exe files or hashes belonging to Tor from being downloaded or installed. Reducing administrator privileges and the use of personal USBs can also help reduce risk.
  • Implement IP Blacklisting – Although primarily a small preventative measure, compiling a blacklist of known Tor entry node IP addresses can help prevent deep web access from the network-side. Ensuring this blacklist is consistently updated with Tor-related IP’s as they become known is also a key component to guarding against exposure.

Due to its anonymity and network-switching capabilities, it can be extremely difficult to ensure users are unable to access the dark web via Tor using an organization’s network. However, if the proper measures are put into place, Tor access can be greatly reduced and this preventative action could save networks from, what can be, highly disruptive and damaging exposure.

CloudBleed – The Issue You Didn't Know About That Can Impact Your Business

CloudBleed – The Issue You Didn't Know About That Can Impact Your Business

Another day, another high profile “bleed” incident has hit the headlines. Following shortly behind recently discovered F5 bug “Ticketbleed” (CVE-2016-9244), Cloudflare, a popular internet services company best known for their CDN (content delivery network), announced last week (on 2/19) a bug that leaked memory contents all over the internet. Cloudflare quickly rectified the issue hours after it was discovered, and then posted a detailed technical explanation on their blog about the root cause

https://blog.cloudflare.com/incident-report-on-memory-leak-caused-by-cloudflare-parser-bug/).
Never heard of Cloudflare? They’re the front-end for popular websites such as OKCupid, Uber, FitBit, and many others. Over 2 million websites use its platform and it handles 10% of the world’s web traffic.

Even though traffic to the major websites affected encrypted via HTTPS theoretically making it secure and safe from eavesdropping, any “bleed” incident allows attackers to extract contents from memory, which is not encrypted. Therefore, passwords, private messages, photos, credit card and social security numbers, anything and everything can be scraped and recovered. Website cookie data was also exposed and leaked. This is particularly concerning due to many websites significantly lowering security barriers when cookie data is detected. A cookie identifies you to the website as a person who has previously authenticated and therefore, is more likely to be legitimate, thereby bypassing security questions or even skipping login pages altogether.

In the case of a bleed incident, it is ironic that the “bad actors” were the search engines themselves – Google, Yahoo, and Bing – as they automatically and continuously scan and cache websites, inadvertently storing compromised memory contents and allowing anyone to access them. This was the precise mechanism by which this bug was discovered; a security researcher at Google discovered Cloudflare’s RAM contents cached by Google. Fortunately, since the website leak, Google and most major US-based search engine are now cleaning caches containing leaked data. However, users are still advised to change passwords on websites hosted by Cloudflare because private data may have been captured by third parties that have weaker ethics than the likes of Google.

As a user, what should you do as a response? Incidents like this stress the importance of using unique, randomly generated passwords for every site (stored by password managers). Therefore, if an attacker were to acquire your Uber credentials, they can’t use the same password to login to your back account. Secondly, adopt MFA (multi-factor authentication) wherever possible. Even if your password is compromised, unless attackers physically steal your phone (or whatever secondary authentication device is required), sensitive data remains secure.

As a society, breaches like this highlight several interesting facts. Firstly, it brings to light just how few people understand the underpinnings of the internet. Most people have no idea what a memory leak is (and how dangerous they are), or have even heard of firms such as Cloudflare, which just happens to be an internet behemoth.

Secondly, it demonstrates the fragility of an Internet reliant on a very small number of major companies to maintain its smooth operation. Humans aren’t infallible, and when coding under strict project deadlines, mistakes are bound to happen. It’s unfortunate if there’s a bug in your code and your website is compromised; it’s a major ordeal when a single bug causes over two million websites to be exploited.

Lastly, how many compromises or outages like this need to happen for businesses to realize that they should heavily consider the potential ramifications of hyper-centralization of vital online infrastructure?

Ironically, there is really no incentive for anyone to do anything about this, because it provides a kind of perverted safety in numbers: “It’s not just our website that had this issue, it’s everyone’s shared problem.” The same principle applies to large scale IaaS providers such as AWS and Azure. Two recent examples of this include the large Amazon S3 issue which affected a significant portion of websites and web-based applications on Tuesday and the Dyn DDoS attacks a few months prior. So, what do you do you might ask.

One step is to better understand the risks of using a specific provider, have a contingency plan when service interruptions, data breaches, bugs do occur, and have the resources and partners that you trust to have your back. To protect yourself in today’s environment knowledge and prevention is the first step to truly living with confidence in your business.