Global IT services and solutions provider DXC Technology announced over the weekend a ransomware attack on systems from its Xchanging subsidiary.
Xchanging is known as a managed service provider for businesses in the insurance industry but its list of customers includes companies from other fields: financial services, aerospace and defense, automotive, education, consumer packaged goods, healthcare, manufacturing.
Several customers affected
DXC Technology notified its investors in an 8-K form filed with the U.S. Securities and Exchange Commission that Xchanging has detected a ransomware attack on some of its systems.
The company reported the incident on July 5, expressing confidence that it did not spread outside the Xchanging network. For the moment, the investigation did not reveal any indication of data being affected. It is unclear when the company detected the attack.
An undisclosed number of customers was impacted by the cyberattack, denying access to their operating environment, reads the notification from the company. Containment and remediation measures were deployed to resolve the situation.
In a statement to BleepingComputer, a company spokesperson said that the problem is isolated to a subset of the Xchanging business and that customer data was not compromised or lost.
Efforts to restore services to customers are ongoing and at the moment remediation work is being done for just a few of them.
“While the revenue from those impacted customers is not material to DXC financial position, we nevertheless take this situation very seriously and have already restored services as nearly all of them” – DXC Technology spokesperson
As is typically the case with such incidents, the company is working with law enforcement and authorities on the investigation. This is also why there are few details available at this time.
There is no information about the family of the file-encrypting malware used in the attack and BleepingComputer does not know of a ransomware gang claiming the attack.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Bullwall BullWall is a fast-growing international cybersecurity solution provider with a dedicated focus on protecting critical data during active ransomware attacks. We are the only security solution able to contain both known and unknown ransomware variants in seconds, preventing encryption and exfiltration across all data storage types.
For a long time in Pandora FMS blog we have devoted ourselves to defining and shelling with elegance that extensive and convoluted glossary offered by technology terminology.
You know our saying: The key is to make an impression in technical talks with your boss!
Therefore, today we are going to choose a very trendy word in the meetings of executives in The City of London and in those among the new school of developers in Silicon Valley:
Big-boss-campaign!
Didn’t you know it? Seriously?
Well… yes, calm down, we’re kidding. As it says in the title and in the keyword, today we will delve into the explanation of the term “Hardening”. One of the most preppy words that our head of support Mario Pulido will help us dissect, also known over here as “The quiet man”.
Do you already know what hardening is and how it can help you?
Very good afternoon, Mario. We are sorry to unexpectedly enter your quarters here, but a doubt has suddenly come to us and our dear readers:
What is hardening?
Very good afternoon, Dimas! Don’t worry, you just caught me at my Zen tea break. So, no problem, I’ll fill you in!
In computing, hardening is a set of activities carried out by system administrators to shield systems as much as possible against the possible attacks they may receive.
I understand, but what kind of “activities” do you mean?
Ufff, there are many, I’ll improvise a list if you want me to.
Yes, sure, go ahead!
Take a look at this:
Service deletion. Delete all services that won’t be used in the system. That way you avoid having some open door for attackers with default configurations that are always the most vulnerable.
Updated software. It is very important for all applications being used in the system to be updated, as well as the security patches of the operating system itself. That way we’ll rule out the possibility of having a known and fixed vulnerability in our system and we will close that door to attackers.
Protection against possible physical attacks. Disk Encryption, safe BIOS Configuration, Firmware update, disable auto logon, disable USB usage… Any blockage that you may activate in the face of the possibility of a physical attack is necessary.
Active and updated security applications. Use of antivirus, anti-spam, firewall… Having a policy for the usage of this type of software and an automatic update system. Through the firewall it is necessary to keep all unnecessary accesses and ports closed.
Use of encrypted data and disk encryption. It is important that whenever there is confidential information, there is encryption or an encryption policy of the means by which this information is sent or stored.
Do not open mails from unreliable senders. It is essential to have an email server with spam blocking options and avoid opening attachments or mails from unknown senders to avoid possible attacks.
Periodic system audits. All systems must be audited periodically to check for possible attacks, or attempted attacks, that may have taken place in our systems to, that way, take measures of higher securitization levels in environments that may suffer a higher number of attacks.
Correct backup management and monitoring. It is essential to have full backup creation and management of all the most critical services in the organization, as well as their reliable monitoring so that, in the event of an attack or system degradation, you may recover a new instance as soon as possible with the backups saved.
Monitoring important metrics for safety. Logs, accesses, number of connections, service load (CPU, Memory), disk growth. All these metrics and many more are important to find out if you are suffering an attack. Having them monitored and knowing them in real time can get you rid of many attacks or service degradations.
The use of inventory modules to monitor installed software, installed patches, users… gives us a detailed report of how our server park is, as well as through the inventory alerts themselves you may find out whether any user installed any software not allowed in the organization.
Yes, sir, there is work to be done. And what does Pandora FMS have to do with hardening?
In these last two points I mentioned to you is where Pandora FMS comes in. By monitoring all these metrics and the subsequent report generation you will have an overview of your systems and may identify, at a glance, systems with security issues.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About PandoraFMS Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes. Of course, one of the things that Pandora FMS can control is the hard disks of your computers.
Popular hypervisor ESXi has been in the news recently due to fresh targeting by a new strain of ransomware. Known as ESXiArgs, this ransomware leverages a 2-year old heap overflow issue in the OpenSLP service that can be leveraged to gain remote code execution on exploitable targets (CVE-2021-21974). Many vulnerable public-facing ESXi servers have already been affected by this malware (currently over 1,900 via Censys search results).
What is the impact?
Targets of this new ransomware campaign are older ESXi servers running certain versions of 6.5, 6.7, or 7 releases and also have the OpenSLP service enabled (it has not been enabled by default in ESXi releases since 2021). Upon successful exploitation of CVE-2021-21974, the ESXiArgs ransomware will encrypt a number of file types on the target system, including VM-related files with extensions .vmxf, .vmx, .vmdk, .vmsd, and .nvram. Ransom notes are saved as HTML files on compromised systems for admins and users to subsequently discover. While some of these ransom notes claim to have stolen data from vulnerable targets, no data exfiltration has been observed at this time.
Are updates available?
VMware made patches available when the OpenSLP heap-overflow vulnerability was initially reported in 2021. The following ESXi releases have been patched against this attack vector currently being exploited by the ESXiArgs campaign:
ESXi version 7+ (ESXi70U1c-17325551 and later)
ESXi version 6.7+ (ESXi670-202102401-SG and later)
ESXi version 6.5+ (ESXi650-202102101-SG and later)
VMware also offers patched releases for Cloud Foundation (ESXi), which includes an ESXi component:
Cloud Foundation (ESXi) version 4.2+
Patching instructions for Cloud Foundation (ESXi) version 3.x can be found here
Patching (and also ensuring that your ESXi servers are running a supported, not end-of-life/end-of-support version) is the best course of action. If patching is not a near-term option, VMware has a recommended mitigation via disabling the OpenSLP service.
How do I find potentially vulnerable VMware ESXi assets with runZero?
os.product:"ESX" and (os.version:="1.%" or os.version:="2.%" or os.version:="3.%" or os.version:="4.%" or os.version:="5.%" or os.version:="6.0%" or os.version:="6.5.0 build-4564106" or os.version:="6.5.0 build-4887370" or os.version:="6.5.0 build-5146843" or os.version:="6.5.0 build-5146846" or os.version:="6.5.0 build-5224529" or os.version:="6.5.0 build-5310538" or os.version:="6.5.0 build-5969300" or os.version:="6.5.0 build-5969303" or os.version:="6.5.0 build-6765664" or os.version:="6.5.0 build-7273056" or os.version:="6.5.0 build-7388607" or os.version:="6.5.0 build-7967591" or os.version:="6.5.0 build-8285314" or os.version:="6.5.0 build-8294253" or os.version:="6.5.0 build-8935087" or os.version:="6.5.0 build-9298722" or os.version:="6.5.0 build-10175896" or os.version:="6.5.0 build-10390116" or os.version:="6.5.0 build-10719125" or os.version:="6.5.0 build-10868328" or os.version:="6.5.0 build-10884925" or os.version:="6.5.0 build-11925212" or os.version:="6.5.0 build-13004031" or os.version:="6.5.0 build-13635690" or os.version:="6.5.0 build-13873656" or os.version:="6.5.0 build-13932383" or os.version:="6.5.0 build-14320405" or os.version:="6.5.0 build-14874964" or os.version:="6.5.0 build-14990892" or os.version:="6.5.0 build-15256468" or os.version:="6.5.0 build-15177306" or os.version:="6.5.0 build-15256549" or os.version:="6.5.0 build-16207673" or os.version:="6.5.0 build-16389870" or os.version:="6.5.0 build-16576879" or os.version:="6.5.0 build-16576891" or os.version:="6.5.0 build-16901156" or os.version:="6.5.0 build-17097218" or os.version:="6.5.0 build-17167537" or os.version:="6.7.0 build-8169922" or os.version:="6.7.0 build-8941472" or os.version:="6.7.0 build-9214924" or os.version:="6.7.0 build-9484548" or os.version:="6.7.0 build-10176752" or os.version:="6.7.0 build-10176879" or os.version:="6.7.0 build-10302608" or os.version:="6.7.0 build-10764712" or os.version:="6.7.0 build-11675023" or os.version:="6.7.0 build-13004448" or os.version:="6.7.0 build-12986307" or os.version:="6.7.0 build-13006603" or os.version:="6.7.0 build-13473784" or os.version:="6.7.0 build-13644319" or os.version:="6.7.0 build-13981272" or os.version:="6.7.0 build-14141615" or os.version:="6.7.0 build-14320388" or os.version:="6.7.0 build-15018017" or os.version:="6.7.0 build-15160134" or os.version:="6.7.0 build-15160138" or os.version:="6.7.0 build-15999342" or os.version:="6.7.0 build-15820472" or os.version:="6.7.0 build-16075168" or os.version:="6.7.0 build-16316930" or os.version:="6.7.0 build-16701467" or os.version:="6.7.0 build-16713306" or os.version:="6.7.0 build-16773714" or os.version:="6.7.0 build-17167699" or os.version:="6.7.0 build-17098360" or os.version:="6.7.0 build-17167734" or os.version:="7.0.0%" or os.version:="7.0.1 build-16850804" or os.version:="7.0.1 build-17119627" or os.version:="7.0.1 build-17168206" or os.version:="7.0.1 build-17325020")
Each ESXi asset returned in the query results should be checked if the OpenSLP service is enabled. If OpenSLP is enabled, then the asset is vulnerable to exploitation.
As always, any prebuilt queries are available from our Queries Library. Check out the library for other useful inventory queries.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About runZero runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
Happy New Year, NordPassers. We’re starting the year with a few important updates. Here’s what to expect in this release:
B2B TOTP. It might sound like random letters pieced together, but this means that NordPass Business users can now use TOTP functionality on Android devices. How exciting is that?
AUTOFILL ISSUE REPORTING BETA. Is autofill not working as expected on your favorite browser? You can now tell us what’s wrong. Look for the Feedback (Beta) when filling in passwords.
NordPass 3.50
This time we worked on nitty gritty details to make your password management experience even smoother. Here’s what to expect with this release:
MORE BROWSERS WITH BETTER AUTOFILL. We added native autofill support to Tor, Via, Phoenix, Maxthon; meaning that if you use any of these browsers it will now be easier for NordPass to recognize input fields and fill your passwords.
MINOR DESIGN CHANGES TO AUTOFILL SETTINGS.
BUG FIXES.
NordPass 3.49
We’re happy to present you with a new release. Here’s what we’ve got this time:
UI IMPROVEMENTS. New users will see an updated onboarding design, while the veterans will notice slight changes to the new password history feature.
BUG FIXES.
NordPass 3.48
No big announcements from us this time. However, we hope you’ll still enjoy an updated NordPass version with fewer bugs.
NordPass 3.47
We’re happy to present you with a new release. Here’s what we’ve got this time:
RATE NORDPASS IN-APP. Are you enjoying NordPass so far? Look for a pop-up to rate NordPass and help others choose their password manager.
AUTOFILL IN VIVALDI BROWSER. You will now fill your passwords and other information easier when using the Vivaldi browser.
IMPROVED AUTOFILL FOR OTHER LANGUAGES. If your browser is set to your local language, autofill will now pick it up quicker and help you save your passwords.
NordPass 3.46
No major updates this time, just a new and improved app release with fewer bugs for you to bump into – enjoy!
NordPass 3.45
Building good things takes time. So since the last release, we have focused on catching and eliminating pesky bugs.
NordPass 3.44
It’s a big day today. Premium users, get ready. From now on, you’ll be able to monitor breaches.
Your Breach Scanner can now scan breaches while you sleep. Set up an email you’d like us to monitor and will check breaches for you. If we find your email, we’ll notify you so you can take immediate action and protect your data. Look for this new functionality by going to the Breach Scanner.
P.S. We also fixed some bugs to improve your overall experience.
NordPass 3.43
No big announcements from us this time. However, we hope you’ll still enjoy an updated NordPass version with fewer bugs.
NordPass 3.42
This time we’ve waved bye-bye to some pesky bugs and have also spruced up the place a touch – enjoy!
NordPass 3.41
We’re happy to present you with a new release. Here’s what we’ve got this time:
PROFILE PHOTO. You can now add your favorite photo instead as your profile icon. With a customized profile icon, it’s easier to recognize your profile when sharing items or switching accounts.
NATIVE AUTOFILL ON BRAVE. This means your autofill and autosave experience has just leveled up. It will now be easier for us to recognize password fields and fill in your information.
BUG FIXES.
NordPass 3.40
Building good things takes time. So since the last release, we focused on catching and eliminating pesky bugs.
NordPass 3.39
No big announcements from us this time. However, we hope you’ll still enjoy an updated NordPass version with fewer bugs.
NordPass 3.38
This time we’ve waved bye-bye to some pesky bugs and have also spruced up the place a touch – enjoy!
NordPass 3.37
Building good things takes time. So since the last release, we have mainly focused on catching and eliminating pesky bugs.
NordPass 3.36
A new week and a new NordPass release. Here’s what we’ve got:
NEW SETTING: CLEAR COPY ITEM DATA. When you copy your password or other item data, it’s typically saved in the clipboard. To avoid pasting it somewhere you didn’t intend; you can now choose the clipboard to clear after a set time.
LITHUANIAN LANGUAGE. For our Lithuanian friends out there, you can now use NordPass in your mother tongue. Simply head to Settings to change the language.
BUG FIXES.
NordPass 3.35
We’re happy to present you with a new release. Here’s what we’ve got:
SWITCH ACCOUNT. A long-awaited feature is here! If you have a few NordPass accounts, like personal and business, switching between them will now be a breeze. Just click on your profile account and look for a “Switch Account” button.
CARD PIN. From now on, you can also add your PIN when saving your card details. Don’t worry; it won’t be autofilled. It’s for your reference only.
BUG FIXES.
NordPass 3.34
Happy pancake day, people! Though if it were up to NordPass, every day would be a pancake day. In the meantime, while you are enjoying your pancakes, donuts, or pastries, we are presenting you with a new NordPass release with fewer bugs.
NordPass 3.33
Our bug busters have been working hard since the last time you heard from us. That’s why today we can proudly present another NordPass release with even fewer bugs. We hope you’ll like it.
NordPass 3.32
Did you know that January has one of the most depressing days? It’s called Blue Monday, they say. Good that it’s over. But if you are still feeling a little bit blue, here’s what you can do to survive this winter:
Enjoy the outdoors, go for a walk or take up a new sport;
Connect with a long-lost friend or family member;
Run the Data Breach Scanner and update your vulnerable passwords. Once you do, select “Resolved” for the updated passwords and they won’t appear next time you run the scan.
NordPass 3.31
Like last year, in 2022, we’ll strive to become a better, smoother-running, and more user-friendly app. So why not start with this week? We present you with a new NordPass version with fewer bugs and Autofill issues.
NordPass 3.30
We hope you are not sick and tired of Christmas songs, even if you’ve heard them a million times before. And we hope that you are not stressed buying last-minute presents or thinking about a Christmas menu. But if you’re, it will all be ok.
After all, ‘It’s the most beautiful time of the year.’ Merry Christmas!
P.S. And here’s a new NordPass release to bring you a little cheer.
NordPass 3.29
Did you know that if your password is ‘ginger,’ it would take a hacker less than 1s to guess it? If you use NordPass, we know you can do better than that. Create strong and unique passwords with your NordPass mobile app, and don’t let any Grinch steal your Christmas (or your accounts) this year.
NordPass 3.28
It’s 5 weeks until Christmas! Yes, it’s time to buy presents for your loved ones. But do you sometimes slip and buy gifts for yourself instead? Because we do. Don’t tell this to anyone.
So if you slip this year, don’t worry too much about it. You can save up to 75% of NordPass Premium plans and give the so-needed peace of mind for you and your family guilt-free.
We’re making the NordPass app for Android better, smoother, slicker – one release at a time. How exactly? Read all the highlights in our release notes and make sure to never miss a new version – we want you to get all the best stuff.
NordPass 3.27
–Beep beep– app update incoming:
Native autofill on Chrome. Simply put, Nordpass is now better at recognizing login fields. It means smoother and faster autofill!
Data Breach Scanner update. If you use a leaked password for several accounts, the app will notify you about accounts put at risk. Remember to update them!
Title suggestions. Running out of ideas for naming items in your vault? No worries – NordPass will suggest using the website name for the title.
Usual bug-fixing business.
NordPass 3.26
Trick or treat? Who are we kidding? It’s always just treated here at NordPass. So here’s our Halloween treat to you – a brand new NordPass release. Don’t worry, nothing to be scared of—just a smoother running version of your password manager.
NordPass 3.25
Getting your data stolen isn’t nice. But if that happens to you, it’s important to identify the stolen information and act quickly. That’s why from this release, you can use the Breach Scanner to find out the type of data that was leaked and see it in plain text.
We also wanted to improve our communication with you. So from now, if you open the app and see a red dot next to a bell icon, just know that it’s some important information from us to you.
NordPass 3.24
Seasons change. Leaves turn yellow and brown. It might be sad, but don’t feel too down. Just remember, your passwords are safe and sound.
And if you don’t like amateur rhymes, that’s fine. With this release, you’ll have less bugs in your life.
NordPass 3.22
Good things are meant to be shared, right? That’s why now, when you invite a friend to try NordPass, we’ll award both of you with a free month of Premium (max 3 months). You can invite as many friends as you wish. Just head to the app, select “Invite a friend,” and send the invite.
NordPass 3.21
What do you have in the box this time NordPass? Well, let me see…
Email or username suggestion. That’s right, now when creating a new item, you only need to enter a few letters in the username field, and NordPass will suggest filling it with one of your already used ones.
Autofill fixes.
Bug fixes, bug fixes, and more bug fixes.
NordPass 3.20
It’s the end of the summer, eh? You must be sad. Or happy? Maybe because you’ve just got NordPass at the end of summer sale. Or perhaps you live down under, and it’s actually not the end of the summer but the end of winter. Either way, we hope you’ll enjoy a new NordPass version with fewer bugs and more love.
NordPass 3.19
Random fact of the day: Did you know that there’s a bunch of ladies working at NordPass? Yes, we don’t follow any stereotypes here. So in this release, we want to thank all the women who tirelessly and continuously work to make NordPass a better password manager.
NordPass 3.18
Hola! Last week we presented you NordPass in Italian. Can you guess what we have in store this week? Yes, that’s right. NordPass is now available in Spanish! Head to Settings to update your language preferences.
And, of course, we continue to work on any pesky bugs you or we identify. Bye, bugs!
NordPass 3.17
Buongiorno! What a year this was for Italy. First the Eurovision, then Euro Cup, and now, coincidence or not, NordPass. Yes, you are right, you can now use NordPass in Italian, and it doesn’t matter if you are enjoying the sun in Rome or simply practicing your Italian skills. You can change your language preference in Settings.
And of course, what release is without bug fixes? We crushed them too.
NordPass 3.16
Hey NordPass user, do you like scrolling? Not when I’m looking for a password, you will say. Yeah, we thought so. That’s why we introduced a quick scroller. Now when scrolling through your items, you’ll see that they are grouped. Go on, find your passwords with ease.
P.S We have also resolved those pesky bugs. Bye-bye, bugs.
NordPass 3.15
Searching for bugs… Loading… Loading… Bugs found… BUGS FIXED!
*Works only if you install the update first to put those BUG FIXES in place. Stay safe and happy!
NordPass 3.14
Sharing is caring, right? Well, now you can select multiple items and share them all at once. Easy peasy. Just always make sure you trust the people you share your credentials with.
NordPass 3.13
You know that moment when you create a super-strong password with NordPass Generator and forget to save it? Yeah, we’ve been there too. That’s why you’ll now see a little clock icon in your Generator. Tap on it to see previously generated passwords.
And, of course, we won’t release a new NordPass version without getting rid of as many bugs as possible.
NordPass 3.12
You want strong and unique passwords, simple – you generate them with the Password Generator. But what if you want a strong password you need to remember? Yes, we thought about this too.
So in this release, you’ll see some changes to your Password Generator. Now you can generate passwords made out of words, spaces, hyphens, and much more. How cool is that?
NordPass 3.11
We’re coming back with a bunch of updates to help you make your accounts even more secure.
PASSWORD HEALTH INTEGRATION. You can now see how healthy your password is by opening the item — no need to go to Password Health. If your password could be stronger, you’ll see “weak, old, or reused” next to it.
P.S. There’s more. We’ve fixed a ton of autofill bugs for a smoother login experience.
NordPass 3.10
Are your passwords healthy or vulnerable? If you haven’t checked it yet, now is a good time. We’ve just revamped the Password Health tool, and it’s looking better than ever. It’s so much easier to use too. Check it out.
Anything else? Of course! Our team is continuously working on improving the Autofill feature so that you’d have a smooth one-click-to-login experience.
NordPass 3.9
If you haven’t tried the Breach Scanner yet, now you have a reason. We completely revamped the design. Oh boy, it looks even more pleasing to the eye.
What are you waiting for? Go and make sure your accounts are secure.
NordPass 3.8
Bonjour. Comment ça va? Yes, our French-speaking friends, this release is for you! NordPass is now available in French. Head to Settings and change the language.
In other news:
LIMITED RIGHTS CHANGES. From now on, once you receive an item with Limited Rights, it’s for you only. No further shares allowed.
B2B GROUPS. NordPass Business users say hello to Groups. Now it will be easier to share passwords with a group of people all at once. Think, your Marketing or Finance department.
NordPass 3.7
Sometimes what we do is either too difficult to explain or too difficult to see. Yes, you guessed it. This week we put all our effort into finding and getting rid of bugs. We hope we’ll have something more exciting for you next week.
NordPass 3.6
Sprichst du Deutsch? Then we have good news for you. You can now enjoy NordPass in German. Just go to your settings and change the language.
But that’s not it. We have some exciting news for anyone who speaks french too. Stay tuned. 😉
NordPass 3.5
This release theme? Fixes, fixes, and more fixes. Quality over quantity. So what did we actually do?
Found and got rid of your beloved dark theme bugs.
Improved Autofill by killing nasty bugs.
Other teeny-tiny bug fixes.
NordPass 3.4
No breaking news this time. We know. We’ll do better! Just business as usual and a ton of bug fixes for a smoother app experience.
NordPass 3.3
Guten Tag, – says NordPass. Yes, that’s correct. If your phone’s default language is German, you can now enjoy NordPass in your preferred language. Anything else? Of course! More bug fixes.
NordPass 3.2
Well, hello there. It’s NordPass calling with a shiny brand new release. Here’s what we’ve got:
CHANGES IN 2FA SETUP. Now two-factor authentication will be set up for your Nord Account and applied to all Nord products you might use.
AUTOFILL AND AUTOSAVE ISSUES FIXED, so you could continue saving and filling passwords quicker than you can blink.
DARK MODE BUGS FIXED. Minor bugs were found since we released the dark mode. Nothing to worry about; they are now gone.
NordPass 3.1
Still recovering from the last release? If you haven’t heard (or seen it yet), you can now enjoy NordPass dark mode!
Unfortunately, we are not superheroes, so we can’t drop any big news today. Plus, it wouldn’t be fun this way. So this time, we worked on some maintenance tasks to keep your app running smoothly:
COPY CHANGES to help you navigate through the app.
AUTOSAVE ISSUES FIXED to help you save those passwords in a click.
BUG FIXES. Because no release is complete without them, right?
NordPass 3.0
Where’s the drumroll, please? You ready? You’d better sit down for this one. I’m serious; sit down. OK, you’re finally sitting.
I’m just scared you’ll fall and hurt yourself once you hear this, that’s all. Oh, I know. It’s so annoying when someone is creating tension but not telling you what this is all about, right?
Ready, set, new release! What can you expect to see in the new and shiny NordPass 2.17?
AUTOFILL FIXES. Slowly but surely, we are conquering the net and one website at a time, making signing in easier than ever. Magic x2!
ADD CREDIT CARD WITH NFC. Yes, you heard it. You can now scan your credit cards and keep them in NordPass by simply touching your card against your phone. Magic!
NordPass 2.16
8 letters, 2 words, one meaning.
9 letters, 3 words, one feeling.
We felt kind of nervous to say it out loud… But again, they say – don’t talk, just act. So we’re bringing you yet another collection of chocolate-flavoured, hand-picked BUG FIXES to express how much WE LOVE YOU. Please update to enjoy even smoother app experience.
NordPass 2.15
Once upon a time, a password manager named NordPass lived. They wanted to become the best password manager there ever was, and did it one release at a time.
AUTOFILL ISSUES FIXED. Salvador Dali said not to fear perfection as we’ll never reach it, but we’ll still give it a good go.
QUICK ACTIONS ADDED. Just click on the app and quickly access Password Generator, search your items, or add a new password.
TOOLS AND MENU REWORK. Now you can enjoy a much cleaner and Menu, Settings, and Tools tab.
NordPass 2.14
AbraCadabra boom! No, it’s not magic. It’s just your passwords and credit cards information filling in quicker and smoother than ever before. Bye-bye, annoying bugs who tried to stop you.
What else can you expect in this release? Some copy changes to make the app easier to navigate, and we are super excited to share with you some news – Dark theme is coming soon.
NordPass 2.13
New Year, new NordPass release. Here’s what you’ll see in the latest version:
AUTOFILL IMPROVEMENTS. The sky’s the limit for this one.
BETTER LOOKING ITEMS. Items with no accounts have just become more stylish, or in other words, more colorful.
AUTOSAVE IMPROVEMENTS, so you could save your passwords in a blink of an eye.
EASY-TO-UNDERSTAND PASSWORD FORMATTING. We hear you; telling apart 0 from O when creating passwords isn’t easy, but it will be from now on.
NordPass 2.12
Yeah, Christmas will be different this year. But we’ve still got something to spread a little cheer.
In this release, you will see:
ITEM ACTION FIXES, which we noticed when scrolling through an item’s action list.
COPY CHANGES to make your app easier to navigate.
AUTOFILL FIXES, so you could smoothly log in to even more websites and apps.
MULTISELECT AND SORTING. You can now select multiple items and move them to a specified folder or Trash and sort them by Title or Date Last Used.
NordPass 2.11
NordPass has turned 1 year old, can you believe it? We can honestly say that this year, we are the most grateful for YOU, our dear NordPass user. You, who believed in us and drove us to release one update after another.
So here’s one more. Full of even more design edits, bug fixes, and love:
MINOR DESIGN AND COPY CHANGES because who doesn’t like a good-looking app. AUTOFILL BUG FIXES, so you could log in to your favorite websites and apps quicker than you can count to three.
NordPass 2.10
ADD/EDIT ITEM FIXES. Next time you add a new item, or edit an existing one, pay attention to the new design. Sleek, isn’t it?
IN-APP SHARED ITEM NOTIFICATION. Someone shared an item with you? You’ll get a notification in your app instantaneously. Forget emails.
BUG FIXES. No bugs allowed in our app.
NordPass 2.9
NORDPASS BUSINESS AVAILABLE ON ANDROID. Business people beware, it’s your time to shine. Fill in passwords on mobile browsers and apps (like a boss!), sign in to your accounts with a fingerprint (like a boss!), and never ever have those dreadful phone calls with Brian from IT because you forgot your computer password after a long long holiday (Ouch!).
NordPass 2.8
SECURE NOTES FORMATING – FIXED. It looks like we’ve accidentally deleted text formating options on a previous app update. Sorry about that! Formating is back and now ready for your bold, italic or quoted notes more than ever before.
DESIGN IMPROVEMENTS. A little treat for eagle-eye users – please welcome those charming menu icons and precise text formatting.
AUTOFILL IMPROVEMENTS. No app update was or will be released without this one.
BREACH REPORT. Now this one may feel like a fun lottery, except the fact that it’s probably better not to ‘win’ anything. By clicking a ‘Scan’ button, you can find out if any of your accounts were ever caught in data breaches. Fingers crossed, they’re not.
AUTOFILL IMPROVEMENTS. Even more websites are ready to autofill your passwords.
DESIGN IMPROVEMENTS only eagle eyes will spot. We all know who lies in the details, right?
NordPass 2.6
PASSWORD HEALTH CHECKER. If you hear someone coughing and no one is at home – that might be a password in your vault. Take a chance to use this new fancy tool for making your precious passwords stronger and happier (and accounts safer) without leaving the house.
AUTOFILL IMPROVEMENTS. You probably might start thinking that we are making up this one each time, just to add something to the release notes. The truth is that with each update, we are getting closer to perfection.
NordPass 2.5
NORDVPN. Nobody likes snoopers – especially online ones. Luckily, VPN helps. Look for getting NordVPN in Menu – surf the Internet privately, no matter where your path may lead you.
AUTOFILL IMPROVEMENTS. Every time you tap NordPass icon to autofill, there’s an actual person who copies and pastes your login details. Wait, do they see your passwords?! No, of course not – they are trained to work wearing blindfolds. We hired more people to this department, so “auto”fill is now way better.
NordPass 2.4
They say – small changes make a big difference. Behold – the update with a bunch of app upgrades is here. Let’s see what we’ve got here:
VISUAL IMPROVEMENTS. Mirror mirror on the wall, who is prettiest of them all? Well, our designer’s brush made some magic tweaks, so the answer is clear now – it’s those tiny cute little app icons. Lookin’ good!
APP LOADING FASTER. Need for speed? You’re welcome! Fasten your seatbelt and put the pedal to the metal – the project “Make the app faster” was completed successfully.”
BUG FIXES. Dear sneaky bugs, thanks for visiting, farewell, let’s never meet again.”
NordPass 2.3
AUTOSAVE. We’ve invited web browsers and mobile apps to the summer password-training camp. Result: those who attended will now suggest saving your credentials to the vault. Whenever you type them manually.”
OTHER IMPROVEMENTS. We also did some tinkering under the hood to make your password-managing experience even smoother.”
NordPass 2.2
PERSONAL INFO. Ready to fill online forms even quicker? Keep your name, email, phone number and address in the vault to fill delivery info or other online forms. Faster than ever.
AUTOFILL IMPROVEMENTS. Brought to life by popular demand, the project “Make autofill better” was completed successfully. The result: the app automatically fills your credentials on even more apps and websites.
NordPass 2.1
ADD ITEM TO FOLDERS. Instantly – when creating or editing an item. Just select a folder, and you’re good to go.
VISUAL IMPROVEMENTS. Mirror mirror on the wall, who is the prettiest of them all? FYI, our designer’s brush made some small visual improvements in the vault. Lookin’ good!
AUTOFILL IMPROVEMENTS. You report – we improve. Win-win!
NordPass 2.0
APP DESIGN IMPROVEMENTS. Here you go. A piece of nicely, freshly baked update – straight from the oven. Enjoy these deliciously sweet visual improvements and improved password-managing experience. Bon Appéti
NordPass 1.9
NORD ACCOUNT. Meet new and simplified way to sign up and log into NordPass.
STRONGER MASTER PASSWORDS. Added some guidance for leveling-up your Master Password. For even better vault protection.
UPDATED SHARED ITEM VIEW. An easier way to find out who has access to shared items.
AUTOFILL IMPROVEMENTS. More websites will be pleased to autofill your credit card details. Faster online checkouts FTW.
NordPass 1.8
SWIPE DOWN TO SYNC ITEMS. The best thing since sliced bread – refresh the vault by swiping down to sync your items across devices.
INTERFACE CHANGES. No more going ‘home’ to find the item you need. Browse vault categories to browse items.
You say ‘AUTOFILL’, we say ‘IMPROVEMENTS’. Nothing else to add but even smoother app experience.
ADD LOGIN – AT FLOATING BUTTON. All you need is milk and cookie – for adding new logins. One more addition for native browser lovers!
NordPass 1.7
SETTINGS – SAVED. The app was sometimes forgetful about your settings. It went through some memory training, and things are now much better – no more forgotten preferences.
PASSWORD GENERATOR IMPROVEMENTS. Strong passwords everywhere – generate some while creating new logins.
TEXT FORMATTING. Jazz up your notes – make them bold, make them italic – make them FUN.
AUTOFILL IMPROVEMENTS. Autofill is now multilingual – fill in credentials to even more websites and apps.
Also, fewer app crashes.
NordPass 1.6
This update is oddly satisfying. Meet and greet:
FOLDERS. All that sorting, managing, organizing, arranging, categorizing, and many more synonyms to describe one thing – that pleasure putting your items in order. Or in folders – just as you like it.
COPY SELECTED TEXT. You can now select only a part of the text in your note. Finally! Smoother copying – faster pasting.
TEXT UPDATES. The magic of great copy in the app is invisible – you might not notice it, but it helps to do the job.
NordPass 1.5
Let’s run the password-managing world with this update:
AUTOFILL improvements. More supported browsers, more flawless autofilling and saved time.
PASSWORD GENERATOR. We’ve heard you, and now we proudly announce: password generator is ready at your command. Let’s begin the new ge-ne-ra-tion for stronger passwords.
Our designers and copywriters felt inspired by their muses, so they added some nice brush flicks at the app. Hopefully, we’re getting closer to becoming a piece of art someday.
NordPass 1.4
Are you ready? Here’s what’s new with NordPass:
NATIVE AUTOFILL feels like heaven. Those cosmic odysseys of saving new passwords to the vault are so intuitive, fast, and smooth like never before. Relax and enjoy the journey.
Look, mom, no hands! Meet FACE UNLOCK – an amazing addition to accessing your vault with biometrics. Put that p-p-p-poker face on and unlock NordPass on the go.
Some minor bugs were caught and added to our trophy collection.
NordPass 1.3
Hey you! What’s new with NordPass:
Vault SCREENSHOTS. You may now screenshot not only your crush’s stories on social media but also your vault. Of course, you can also disable them for even better protection of your vault. Handy, right?
ITEM IMPORT from mobile browsers. No fancy words needed – it’s simply an awesome feature itself.
Some minor catches at the bug-hunting department. Bang!
NordPass 1.2
We woke up like this. What’s new with NordPass:
Tap tap tap. All flawless, shiny and new interface for tablet fanboys and cheer girls. Enjoy scrolling your vault miles away on a bigger screen.
Scan scan scan. Texts, books, magazines, credit cards, road signs, billboards – whatever your heart desires. It’s a kind of magic.
Fix fix fix. Minor fixes under the hood – nothing too fancy, just making sure to be the coolest guy on the block.
NordPass 1.1
NordPass has leveled up!
IN:
ITEM SHARING. Sharing is always about caring. From now on you will be able to share your items in the vault via phone. Safe and easy, of course.
IN-APP PURCHASES. Forget password stress without getting off the couch – you can now upgrade to NordPass Premium with a few taps on your screen.
OUT: various small bugs. Goodbye fellows, it was nice to meet you but we doubt we ever miss you.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About NordPass NordPass is developed by Nord Security, a company leading the global market of cybersecurity products.
The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.
Imagine: there’s a new security threat. How do you find out if your organization is affected? You might research the CVE to gauge the severity and impact of the vulnerability. You might perform a vuln scan — if there’s a vuln check available. At some point, you’ll eventually end up with a list of devices that you need to update.
What are your next steps?
The cost of not tracking asset ownership
In an ideal world, your asset inventory would be the first place you would look for information. However, the reality is: most organizations have their asset inventory data distributed across multiple solutions and maintained by different teams. So instead of being able to focus on mitigating issues, your security team spends an inordinate amount of time doing detective work. And for security practitioners, time is of the essence.
Asset inventory is the first step to getting context around a device: the hardware, OS, software, etc. But what about who owns it? More and more, knowing who is responsible for an asset is as important as knowing what an asset is. Without clear asset ownership tracking, you waste a lot of time going from team to team, person to person, trying to find out who is responsible for an asset.
Let’s take a look at three reasons why a lack of asset ownership can adversely impact your business.
Reason #1: Forgotten assets can be costly
One of the biggest obstacles to tracking asset ownership is humans. Humans are dynamic, often upgrading to new equipment, changing roles, or even leaving organizations entirely. As a result, assets are often left abandoned, unmanaged, and unowned. Documenting asset ownership manually, like in a spreadsheet, means that the data becomes outdated very quickly. Effective asset ownership tracking requires regular updates and attention. Without a major investment of time and resources to maintain asset ownership tracking, stale data will continue to plague your organization. For example, consider infrastructure that no longer has an owner, but is still racking up recurring expenses. These forgotten assets can be costly over time.
Reason #2: Lack of asset ownership can lead to service outages
Your business relies on having systems that are working efficiently. Systems need to be updated, upgraded, and maintained regularly to ensure that everything runs smoothly and outages do not occur. However, what would happen if a specific system needed a configuration update to continue to operate? How would you know who to go to?
Oftentimes, it’s a goose chase. You start with one person (or team) and hope they can point you in the right direction. While you’re chasing down the appropriate person to help you, access to the systems you need may be shuttered or months may have passed by. These consequences can be detrimental to business – especially if these systems directly impact revenue.
Nearly a decade has come and gone between these major vulnerabilities, and yet, building comprehensive asset inventory and tracking asset ownership continues to be a challenge. One of the biggest challenges faced by security teams is that they often need to rely on asset owners to take action to update and secure their devices. However, tracking down the right asset owner can be a bit of a journey through a myriad of data sources – from CMDBs to VMs to EDRs to device logs to spreadsheets. The amount of time that security teams spend hunting for information is a hindrance to fast response and remediation times.
Tracking asset ownership with runZero
runZero 3.5 introduces the ability to track asset owners in your inventory. Asset owners can be anyone in your organization who can help you remediate issues. For most organizations, assets will likely have multiple owners, such as an individual, team, and business unit. For example, a laptop might have an assigned device user, business owner, IT owner, and security owner. Each of these assignments will help you zero in on the right person who can take action on the device, based on the situation. Let’s take a look at how runZero can help you track different types of owners within your organization.
What are ownership types?
In runZero, ownership types help you classify and assign ownership to assets. There is a default ownership type, called Asset Owner, which automatically pulls owner data from integrations you have configured. Otherwise, you can add up to nine custom ownership types based on what your organization needs. For example, you might want to have ownership types for the security owner, IT owner, and business owner.
Name – The name of the asset ownership type, such as IT owner.
Reference – You can set the reference to user, group, or none. If set, you will be able to easily search within the user or group inventories for owners that match the display name.
Visibility – You can set the visibility to hidden or visible. This setting controls the ability to view the asset owner from the asset inventory and asset details page.
After you have created your ownership types, you’re ready to start assigning owners within your asset inventory. Let’s take a look at how you can do this in runZero.
How to assign ownership to assets in runZero
There are a couple of ways to assign asset owners: manually or automatically through rules and the API. However, the most efficient way to apply ownership is through rules, which allows you to set up specific conditions and automate the assignment of asset ownership after each scan. For example, let’s say you want to assign an IT owner for all firewalls. Here’s how you can do it with rules:
From the Rules page, create a rule using the asset-query-results event type. Based on this event type, the query will run against the asset inventory after a scan completes.
Give the rule a descriptive name, like Automate IT ownership for firewalls.
Configure the rule with the following conditions:
Run the following query after a scan completes: type:firewall and the number of matches is greater than 0.
If there is a match on the query, take the following action: modify the asset and set the ownership of the matching assets. This value for the owner can be any name. For our example, we will assign the IT owner to someone on the team named Tim.
Make sure the rule is enabled. If it is not, it will not run.
Save the rule.
Each time a scan completes, this rule will check for matching conditions and perform the configured actions.
Viewing ownership data for an asset
Now that you’ve set up ownership types and automated ownership assignment, let’s take a look at how you can view this data in runZero. You can view ownership information from two areas of the console: the asset inventory and the asset details page.
There’s a new column in the asset inventory called Owners, which will list the owners for the asset. If there are multiple owners, there will be a plus (+) sign to indicate that there are more for you to view. The owner name that gets displayed in the inventory table depends on the order you have them ranked on the ownership types page. The highest ranked ownership type will take precedence. In our example, we have our IT owner ranked first, so we will see our IT owners displayed in the inventory table. Other owners will be viewable by hovering over the plus (+) sign. From the asset inventory page, you can select some assets then use the Manage asset ownership button to manually update the owner for those devices.
From the asset details page, there is a new ownership section that lists all the visible owners assigned to that asset. If the ownership type has a reference set (to user or group), you’ll be able to click on the magnifying glass next to the owner name to search within those inventories for matching results. From the asset details page, you can go to Manage > Asset ownership to manually update the owner for that specific device.
Searching the inventory for assets based on owners
Now that you have asset ownership data in your inventory, you can search for assets that match specific ownership criteria. To enable searching based on ownership attributes, the following new keyword terms have been added:
owner – Filter by asset owner name, such as Tim.
has_owner – Filter assets by whether or not they have an owner. Use t or f as your input.
owner_count – Use a comparison operator (>, >=, <, <=, =)to filter assets by count.
ownership_type – Filter by ownership type, such as IT owner.
Here are a few useful queries (based on some common use cases):
has_owner:f – Searches for assets that don’t have an owner assigned.
ownership_type:"IT owner" – Searches for assets by ownership type.
owner_count:>1 – Searches for assets that have more than one owner.
For example, if you need to gauge the number of unowned (and likely unmanaged) assets in your inventory, the query has_owner:f would help identify assets that don’t have an owner. Inversely, you can use has_owner:t to see all the ones that do have an owner. Between these two results, you can discern how well you’ve got your asset ownership data covered. To see how well your organization is tracking asset owners, you can also check out the asset ownership goal from the dashboard.
Zero in on unowned assets on your network
Imagine: there’s a new security threat. Thankfully, you have an asset inventory that includes asset ownership data. With a solid program and solution in place to track asset owners, you’ve eliminated unnecessary time spent chasing down people. You can focus on remediation.
If you’re a runZero Enterprise customer, you can check out the ownership capabilities by going to the new Ownership page in your console. You’ll notice a new menu item for it under Global Settings. Otherwise, if you’re new to runZero, sign up for a free trial to test out this new feature for 21 days.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About runZero runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
New ransomware variant: Try2Cry! It tries to worm onto other computers by infecting any USB drive connected to the device, hoping it will be used on another computer at some point. Is uses the LNK files to disguise the malware.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Bullwall BullWall is a fast-growing international cybersecurity solution provider with a dedicated focus on protecting critical data during active ransomware attacks. We are the only security solution able to contain both known and unknown ransomware variants in seconds, preventing encryption and exfiltration across all data storage types.
Madrid, September 27, 2022.-The IT firm Pandora FMS is now an officially certified software vendor to be used in Red Hat Enterprise Linux 8 and continues with its international recognition. After obtaining the verification of the American giant Red Hat, the company ratifies the quality of its monitoring systems by considering that it has satisfactory interoperability, higher security and compatibility with the most efficient and innovative practices on the market.
Red Hat’s Global ISV Program uses modern delivery methods to support a hybrid Cloud strategy that helps partners build and run applications on any Cloud. This Cloud-native strategic development builds on technologies such as Red Hat Enterprise Linux® and Red Hat Openshift and embodies best practices for steady integration and deployment (CI/CD) to help your customers succeed in the Cloud.
“The RHEL8 certification is a recognition of the work we are doing at Pandora FMS to adapt to the business situation both nationally and globally,” says Sancho Lerena, CEO of Pandora FMS. “Monitoring systems are the present and the future, even more so taking into account the massive amount of data that must be managed in every company today,” acknowledges the director of the company.
The confirmation of the RHEL8 system for Pandora FMS allows validating the knowledge of the Spanish organization in cutting-edge technology and provides greater exposure among hundreds of companies worldwide, since the certification implies standing out as a quality monitoring and guaranteed service provider within the Red Hat portfolio.
Red Hat is the world’s leading American multinational in providing open source systems for business. In fact, 90% of the companies on the prestigious Fortune 500 list, which analyzes American open-end companies, rely on Red Hat technology. Through their technology, different companies incorporate integration services, Cloud services or process and decision automation platforms that multiply the efficiency of each IT structure.
“RHEL8 certification opens up a wide range of opportunities for companies that need state-of-the-art monitoring systems. Pandora FMS compatibility with other Red Hat-backed data management systems is assured and companies can reduce costs by up to 30% depending on the industry,” Lerena confirms.
The magnitude of Red Hat is such that its partners include Google, Amazon or Alibaba Cloud. Also great technology such as Cisco, Dell, Microsoft Intel or DXC, the company in charge of developing the software that manages BMW Group data. Even IT companies like Lenovo or Samsung are on the list of companies that lean on Red Hat.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About PandoraFMS Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes. Of course, one of the things that Pandora FMS can control is the hard disks of your computers.
The deadline for CISA BOD 23-01 compliance is coming up on April 3, 2023. In less than two months, federal civilian executive branch (FCEB) departments and agencies must have implemented solutions to fully meet the requirements outlined in the directive, including the ability to automate asset discovery every 7 days and initiate on-demand discovery within 72 hours of receiving a request from CISA.
One of the key takeaways from the directive is the importance of identifying unmanaged assets on the network because of the risks they introduce. A fully comprehensive asset inventory is the only way to fully address the directive.
When CISA first issued this directive, we’d hear agencies say, “We already have an asset inventory through our CAASM. We’re in good shape!” While Cyber Asset Attack Surface Management (CAASM) solutions can definitely help with building asset inventory and reducing cyber risk, they may not be enough to meet the requirements in the directive–especially if they are leveraging an API-only approach.
Challenges with API integrations-only approach
Most CAASMs leverage an API-only (or a very API-dominant) approach to bring asset data from hundreds (or even thousands) of security and management tools into the solution. Theoretically, with a shared data set, security and IT teams can focus on improving their cyber asset hygiene and security posture, and not spending time tracking down information. However, the truth is: the information in the CAASM is often incomplete, and data quality may be unreliable.
Let’s dig into some of the key challenges of relying on CAASMs that only offer an API-based approach and what you can do instead.
Challenge #1: Finding unmanaged assets
Over and over again, we hear security teams say, “We can’t protect or manage what we don’t know.” Exacerbated by common issues like shadow IT, rogue access, and oversight, unmanaged devices continue to fly under the radar, creating potential entry points for attackers. Unmanaged devices are usually the first foothold for attackers because they tend to miss security controls and don’t have an owner maintaining them.
Many CAASM vendors claim that unmanaged devices can be solved by leveraging integrations with existing tooling. This approach ignores the fact that security teams have tried to use data from vulnerability scanners and EDR agents for asset inventory without success. These approaches cannot find unmanaged assets because they typically require credentials to scan or deploy, which are not available for rogue, IoT, and OT devices. As a result, these teams will continue to miss unmanaged devices if they rely on their vuln scanners or EDR agents for asset inventory.
Ultimately, the completeness and accuracy of the data in a CAASM will depend on the quality of the sources you use. While an integration-based approach is a good way to discover managed assets, it’s not the most effective one for unmanaged ones. The best way to discover unmanaged assets is through unauthenticated scanning.
Challenge #2: Getting accurate data
Most CAASMs build asset inventories from API imports with third-party solutions, like vuln scanners and EDRs; they don’t discover assets independently. Instead, they rely on their security and IT stack for asset inventory, so the data is only as good as the source itself. You can generally get a lot of depth about managed devices through integrations, but the quality may be inconsistent and/or inaccurate. Many solutions, like your vuln scanner and EDRs, are not purpose-built for asset inventory, so fingerprinting falls below expectations. Instead, you may get some basic information about the device, like the IP address, MAC address, and vendor, which isn’t significantly helpful for asset inventory. And on top of that, you’re completely in the dark about unmanaged devices.
According to Gartner, data quality affects labor productivity by about 20%. The lack of access to high-quality, accurate data impacts the ability for security teams to make decisions quickly, especially in the face of critical events. To deliver on its full promise, CAASMs need to complement these data sources with active discovery to accurately fingerprint assets.
Complement your integrations-based approach with active scanning for full asset inventory
CAASMs can help with comprehensive asset inventory–if complemented with unauthenticated active discovery. This approach ensures that you’re able to cover all your bases for the CISA BOD 23-01 directive. With a scanner that leverages a security-research based approach to accurately fingerprint devices with high-fidelity, you can feel confident that you have a comprehensive asset inventory of managed and unmanaged assets.
By combining active scanning with an integrations-based approach, managed assets get the benefit of being enriched with additional attributes, while unmanaged assets are identified and fingerprinted.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About runZero runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.
The more we advance and become smarter and more efficient through new technology, the greater the opportunity for IT to inadvertently fall out of alignment with business goals. By this I mean, technology simplifies things, so users have the opportunity to bypass IT involvement and set up new processes which start driving part of the business. The downside is if you don’t have systems in place to protect these new processes, they become adopted without the benefit of protection around it.
Contributed Article: Time for a New Conversation On Cloud Data Backup
Niels Van Ingen, Keepit’s Chief Customer Officer, has contributed a blog post on how cloud backup is essential for protecting business data and ensuring continuity.
This conversation revolves around how cloud data protection is a must-have for any organization: protection that is secure, reliable, and accessible from anywhere. Van Ingen, a veteran of the data protection and management space, provides insight on this imperative.
What he refers to as a “wild west” mentality, he sees there is a lack of holistic data security planning which can lead to profound consequences for enterprises. Van Ingen shares how businesses should frame the discourse around cloud applications to safely manage the ever-growing dependence on them and the data they produce to minimize (or in some cases eliminate) business disruption.
Read the full article “The Business Case for Data Backup and Recovery” from Disaster Recovery Journal here.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Keepit At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.
On November 10, 2022 (published on 27 December 2022), the EU Parliament adopted new legislation (the NIS2 Directive) to strengthen EU-wide cybersecurity resilience which includes, among other requirements, a crystal-clear requirement for backup and disaster recovery.
The Network and Information Security Directive (NIS2) is a response to the increased exposure of Europe to cyberthreats and the fact that the more interconnected we are, the more we are vulnerable to malicious cyber activity. The regulators hereby set consistent rules for companies and ensure that law enforcement and judicial authorities can work effectively and raise the awareness of EU citizens on cybersecurity.
Keepit supports the EU initiative on protecting our digital infrastructure, our sensitive business data, as well as our personal data.
What Is the Purpose of the NIS Directive?
In comparison to the first NIS directive, the purpose of the NIS2 Directive is to expand the requirements and sanctioning of cybersecurity to harmonize and streamline the level of security across member states—and with tougher requirements for several sectors.
The European Parliamentary Research Service (EPRS), in a briefing on the NIS2 Directive, tells that due to the fact that cyberattacks are quickly growing in number worldwide, as well as increasing in scale, cost and sophistication, “the Commission has submitted this proposal to replace the original NIS Directive and thereby strengthen the security requirements, address the security of supply chains, streamline reporting obligations, and introduce more stringent supervisory measures and stricter enforcement requirements.”
So what has lead to the need for more requirements? According to the WEF Global Risks Report 2023, it is because:
The ever-increasing intertwining of technologies with the critical functioning of societies is exposing populations to direct domestic threats, including those that seek to shatter societal functioning.
Who Does NIS2 Apply To? Which Sectors and entities?
The directive applies particularly to two categories, with those two being “essential” entities and “important” entities.
The following are classified as essential sectors:
Energy (electricity, district heating, oil, gas, and hydrogen)
Transport (air, rail, water, and road)
Banking (credit institutions)
Financial market infrastructures (marketplaces)
The health sector (healthcare providers and manufacturers of pharmaceuticals, etc.)
Drinking and wastewater
Digital infrastructure (including providers of cloud services, data centers, domain name systems (DNS), top-level domain registries (TLD) and public communication networks)
Information and communication service providers (ICT services)
Providers of managed services and managed security services
Public administration
Space
The ‘important entities’ includes public and private entities within:
Postal and courier services
Waste management
Manufacture, production, and distribution of chemicals
Manufacture, processing, and distribution of food
Production of i.a., electronics, machinery, and motor vehicles
Providers of certain digital services (online marketplaces and search engines and social networking services)
Research (higher education institutions and research institutions).
If you are an entity that provides a service that is essential for the maintenance of critical societal and/or economic activities—for example, a transport company—you are, in the eyes of the law, classified as an “operator of essential services.”
This classification will entail a lot of pressure on your technical and organizational structure and capabilities due to the extensive risk management security you are required by law to implement and maintain.
NIS2 Requirements, Risk Management, and Security Measures
The current NIS Directive requires the covered entities to take appropriate and proportionate technical and organizational measures to manage security risks and limit the damage in the event of a security incident.
The NIS2 Directive continues this requirement and sets out additional requirements for appropriate security measures, which must now include as a minimum:
Policies for risk analysis and information security
Incident handling
Business continuity, such as backup management and disaster recovery and crisis management
Supply chain security, including supplier management/security
Security in connection with the acquisition, development, and maintenance of network and information systems
Policies and procedures for assessing the effectiveness of measures to manage cyber security risks
Guidelines for basic ‘computer hygiene’ and cyber security training
Policies for Use of Cryptography and Encryption
Employee security, access control, and asset management
Securing internal communication systems.
Negotiating and Navigating the NIS2 Directive
A dedicated backup and data management solution can help your organization implement resilient data protection and management services for your SaaS workloads, such as Microsoft 365 and Salesforce.
Keepit offers a suite of services for your SaaS data which can help you comply with the legal requirements of the NIS2 Directive with the overall goal of protecting your business continuity.
However, you need to decide which functions are essential and determine how ready you are to maintain those critical functions after an emergency or a disruption—and finally allocate the available budget accordingly. Read our article: Data Compliance Makes Third-Party Security a Must.
Governance
With the NIS2 Directive, the governance provisions are tightened as the responsibility for violation of the NIS2 Directive is not only imposed on the legal entity but on the management itself.
Thus, management must approve the risk management measures taken by the entity regarding cybersecurity and oversee implementation and maintenance. What’s key to a backup strategy? Read our blog post on the 3-2-1 backup rule here.
To ensure sufficient competencies, management members must regularly follow specific courses to obtain the necessary knowledge, insight, and skills to understand and assess cybersecurity risks and management practices and their impact on the entity’s operations.
Supervision, Enforcement, and Sanctions
According to the NIS2 Directive, the competent national authorities must oversee compliance with the directive’s security and notification requirements based on specific incidents—and the competent authorities are empowered to issue certain orders.
What Are the Costs of Non-compliance?
The competent authority can, among other things, issue warnings and orders and (particularly materially) temporarily suspend or request that a person with management responsibility (CEO or another senior member of management) be temporarily suspended from exercising management functions in the entity.
The NIS2 Directive also tightens the sanction options. In addition to having to ensure that violations are punished with sanctions that are effective, proportionate to the violation, and have a dissuasive effect, the competent authority in the Member States now has the concrete possibility to impose administrative fines if the entity does not comply with the directive’s requirements for risk management measures or reporting obligations.
The administrative fines are as follow:
Essential entities – as a minimum – can be fined up to a maximum of 10 million EUR or 2% of the company’s total global annual revenue.
Important entities – as a minimum – can be fined up to a maximum of 7 million EUR or 1.4% of the company’s total global annual revenue.
When Does It Begin? Timeline and Important Dates
The EU member states will now have 20 months to transpose the new directive into national law. Want to know more about the important dates and the timeline surrounding NIS2 entering into force? Go to https://www.nis-2-directive.com/ to learn more about the important dates.
What Are the Next Steps? Educate with Further Reading
We recommend starting to educate yourself and your organization on the legal requirements and to start mapping for compliance gaps with the requirement for risk management and risk measures. You can read the EU Parliament briefing of the legislation here.
For those wanting an in-depth look into the matter, the European Parliament has shared the full texts adopted regarding this proposal, which can be read in PDF format here.
Beyond the NIS2 Directive, Keepit delivers a solid return on investment beyond the critical compliance requirements. Check out our post entitled “What’s the Return on Investment (ROI) of a cloud backup solution” here.
About Version 2 Limited Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Keepit At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.
