Security Improvements

Dear Xcitium Community,

At Xcitium, our mission is to provide unparalleled cybersecurity to protect your environments, devices, and data. As part of our ongoing commitment to this mission, we continuously review and enhance our security measures to address emerging threats and potential vulnerabilities.

Recently, we have undertaken an internal review of certain third-party tools used for remote connections. While these tools serve legitimate purposes, they also pose potential risks if exploited by malicious actors. Specifically, in scenarios where privileged user credentials are compromised, these tools could be used to uninstall our security agents, thereby weakening your defenses.

To mitigate this risk and reduce the attack surface, we have made the decision to remove these tools from our safe lists. This change will enable us to detect these tools as malware or classify them as unknown, ensuring they are not executed without Xcitium’s patented Zero-Dwell Containment technology and thus preventing the removal of our security agents.

We understand that some customers have concerns regarding the removal of these tools. Therefore, we are providing a list of the affected tools below. We believe it is crucial to communicate this change clearly and provide a reference point for any future inquiries.

Removed Tools from Safe List

  • IObit.com
  • IObit CO., LTD
  • RealVNC
  • uvnc bvba
  • Remotesoft, Inc.
  • RealVNC Ltd
  • LogMeIn, Inc
  • LogMeIn Inc
  • LOGMEIN, INC.
  • LogMeIn, Inc.
  • LogMeIn Inc
  • AWERAY LIMITED
  • Sysgem AG
  • NetSarang Computer, Inc.
  • NetSarang Computer, Inc
  • EduIQ.com Damjan Kriznik s.p.
  • ZOHO Corporation
  • Zoho Corporation Pvt. Ltd.,
  • ZOHO Corporation private limited
  • ZOHO Corporation private Limited
  • Zoho Corporation Private Limited
  • ZOHO CORPORATION PRIVATE LIMITED
  • ZOHO Corporation Private Limited
  • ZOHO Corporation
  • BeyondTrust Software Inc
  • ConnectWise
  • ConnectWise, LLC
  • CONNECTWISE, LLC
  • Connectwise, LLC
  • ConnectWise, Inc.
  • Splashtop Inc.
  • AOMEI International Network Limited
  • Aomei Technology Co., Limited
  • ChengDu AoMei Tech Co., Ltd
  • CHENGDU AOMEI Tech Co., Ltd.
  • Chengdu AoMei Technology Co., Ltd
  • CHENGDU AOMEI TECHNOLOGY CO., LTD.
  • PURSLANE
  • German Gorodokuplya
  • HuoRongBoRui (Beijing) Technology Co.,Ltd
  • CRYSTAL RICH LTD.
  • Crystal Rich Ltd
  • Wen Jia Liu
  • 一普明为(北京)信息技术有限公司
  • Xi’an Expand Network Technology Co, Ltd.
  • Open Source Developer, Marcin Szeniak

While these tools are not inherently malicious, their misuse by unauthorized parties poses a significant risk. To ensure the continued security of your systems, we are committed to taking any necessary actions. Should you require the use of these tools for your operations, we offer several methods for whitelisting them on a per-customer basis. Portal administrators can utilize these whitelisting options to add the necessary tools to a safe list, ensuring that all other tools remain unknown or blocked.

We appreciate your understanding and continued trust in Xcitium. Our dedication to providing you with the highest level of cybersecurity remains unwavering.

Best regards,
Product Management Team

6 Likes

Hi @ilgaz

Isn’t Teamviewer also on the list?

Also, if you are likely to be blocking more vendors, please could you try to provide us with advance notice?

2 Likes