Skip to content

Are Network Problems Hard to Find? Not for you!

In our daily life we can face different difficulties. From spilling coffee on our clean shirt just before leaving home to not finding an emoji that satisfies us to answer that someone we like. Stupid little things compared to how difficult it is sometimes to identify network problems for an external IT provider.

Steps to identify network problems

As we pointed out, finding network problems is, due to its transient nature, a hassle. And IT vendors often have to stay on site to monitor firsthand for signs that often signal network problems. This is not cool at all. Being able to monitor network devices or cloud services from a remote location should be part of our rights, something fundamental in the life of someone who wants to be a good Managed Service Provider (MSP). For this reason, we wanted, from our blog, to help these poor people with a list of steps to identify network problems. We are that kind and philanthropic. Take note!

One: Supervise, supervise and supervise

Today we know that there are many tools that help MSPs to monitor servers and others, but today’s networks are something much more complex and difficult to deal with. In the past, you had to make do with simple routers or switches, but now you can monitor with the help of all kinds of IoT devices, cameras, VoIP phones/systems, etc. There is no reason to complain. Make use of all of them to carry out your supervision work. Manage with a good monitoring tool from routine ping tests to the most complicated SNMP queries. With the right weapons, professionals can do their job remotely, taking advantage of the information provided by network devices.

Two: Pay attention to the Cloud

We have mentioned it more than once in this blog, the Cloud has become of key importance for companies, whether they are small or large.  Adopting more services based on the cloud for the functions that are vital to your business. The bad thing? Sometimes the Internet speed is not the ideal one we would like, and there are even interruptions in our services. Usually the IT provider is advised to diagnose and bring the problem to light. However, without accurate historical data to verify what was happening at the time the outage occurred, it is very difficult for the technician to make a good diagnosis.

With Pandora FMS, for example, by constantly monitoring the connection between your clients’ devices and your services in the Cloud and creating, in turn, a collection of historical data that you could return to in the event of a failure, you wouldn’t have that problem.

And three:  Go for the unusual

You should investigate any unusual activity on your devices like a police sleuth, because it could mean a potential security risk, even when segmented into your own VLAN or physical network.

Network monitoring is an indispensable part of any IT provider tool. Troubleshooting, proactive monitoring, security… Efficiency and responsibility can help you earn money, or at least help you save it, thanks to this additional service.

It will never be “We have to keep an eye on this until it happens again”. With a good monitoring tool, you will have the data at hand to determine what happened, why it happened and what the steps should be now so that it does not happen again. Because as we’ve seen, network problems can be harder to find than a sober intern at a company dinner, but with the right tools, you can get enough help to get by on your feet.

Conclusions:

If there are any conclusions to be drawn from this article, they are:

  1. Change your shirt, quickly, by one that has not been stained with coffee before leaving the house.
  2. All emojis are good if she, or he, likes you too. Well, except for the one with the poo. That emoji is hideous!
  3. Incorporating Pandora FMS to your team can help you do your job more efficiently and for your clients’ networks to be always safe.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

How a PAM Solution Enables the Protection of Privileged Data

We cannot deny that using a Privileged Access Management (PAM) solution considerably increases a corporation’s information security. However, what many people do not know is that this type of solution has some basic functions so that a PAM solution can effectively guarantee information security. Let’s see more about that in today’s article.

PAM Solution: How Does it Apply to Privileged Data Security?

With the proliferation of the new coronavirus, certain areas were forced to create ways to continue operating, and for this, they ended up opting for home office services, but many companies found themselves lost with this new scenario.

Hackers take advantage of the lack of protection in accessing and transferring corporate data through home networks that fail to defend their devices and networks, carrying out attacks via phishing, ransomware, and other malware.

The PAM solution is one of the main ways to guarantee the protection of a company’s confidential information and that all activities are tracked and audited.

Privileged credentials are the targets of choice for cyberattackers. It is fundamental that your privileged access management solution has the privileged session recording feature in order to record, in video and text, the actions performed by the user within the system while using a privileged credential.

To ensure a quality privileged session recording, it is important to check with the PAM solution provider if the system provides the option of storing recording files and audit logs to prevent users from messing with their activity history and altering their entire tool. In this case, senhasegura is the right solution to help you.

It makes sense that privileged accounts are the most vulnerable, as once compromised, they can grant unrestricted access to your company’s IT infrastructure. This is why many high-profile breaches have resulted from exploiting unmanaged and unmonitored privileged accounts. Responsible attackers often gain administrative control and can do considerable damage in their wake.

Credential Management

To ensure information security, you need to develop prevention practices regularly, such as managing your company’s privileged accounts.

A solution that does not provide this function leaves the security of your information with many loopholes, which makes a cyberattack possible.

With this capability, your company is able to manage all active privileged credentials and confirm the privilege level of each one, verifying it is appropriate for such users to have access to certain environments, in addition to being able to revoke credentials that are no longer required, such as from former employees.

To avoid the risk of information being leaked, besides verifying access to privileged credentials, it is also important to properly manage it through the automatic change of passwords.

In this way, you can prevent users from having passwords or performing unauthorized access.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

Yuanta Life selects CyberLink FaceMe eKYC & Fintech solution to strengthen identity verification in remote insurance service

CyberLink (5203.TW), a pioneer of AI and facial recognition technologies, announced a collaboration with Yuanta Life to securely conduct remote insurance services. By integrating FaceMe eKYC & Fintech, an AI based plug and play eKYC solution inclusive of state-of-art facial recognition and proprietary video conference technologies, Yuanta Life is able to confidently verify customer identity when facilitating insurance contracts remotely.

The insurance industry responded to the Covid pandemic by accelerating digital transformation – providing new approaches to minimize the need for physical face to face contact between customers and insurers. In response to this trend of conducting insurance contracts remotely, CyberLink provided a plug and play solution, FaceMe eKYC & Fintech, containing proprietary video conferencing to enable insurers to initiate a secured and recorded video call. Top-ranked AI facial recognition technology is then utilized to verify that the customer’s appearance matches the photo on their provided identification document. CyberLink also provides an OCR and AI based mechanism to check the authenticity of the customer’s ID document.

As demonstrated by the recent partnership between CyberLink and Yuanta Life, FaceMe eKYC & Fintech is an ideal solution for eKYC applications in the financial and insurance industries. The integration of FaceMe eKYC & Fintech enhances Yuanta’s remote insurance service, by not only improving the customer’s experience when completing remote and paperless insurance contracts, but also in aiding insurance companies in complying with government regulations and minimizing the potential risks of significant financial fraud.

CyberLink aims to enhance and expand facial recognition applications in the financial industry. “As long as your customer base is people, and identity verification is a requirement in your business, you can use FaceMe.” said Jau Huang, Chairman and CEO of CyberLink. “FaceMe can greatly improve the customer experience without compromising security, and CyberLink is confident it will play a crucial role in building the future of fintech.” 

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

From the back office to the till: Cybersecurity challenges facing global retailers

It’s hardly surprising that the retail sector is one of the most frequently targeted globally, with retail sales in the US alone projected to top $5.2 trillion in 2022. Consumers’ money and data have for years been a big potential prize for cybercriminals to get their hands on, and the surge in digital investment and online shoppers prompted by the pandemic has only made retail a more attractive prospect for would-be hackers. Malicious insiders, negligent staff and misconfigured or vulnerable software across networks, endpoints and point of sale (POS) devices have all widened the corporate attack surface over the years.

In this context, cybersecurity plays a critical role in protecting customers’ personal and financial data, keeping ransomware at bay and preserving brand reputation. Ultimately it is a means of seizing opportunity – the opportunity to drive closer customer engagement and grow business.

As a new report from ESET makes abundantly clear, the pandemic has already had an outsize impact on the sector. How well retailers can manage the surge in online threats may define their long-term success in a post-pandemic world.

ESET industry report on retail: Evolving threats to data and payments
Read full report

What’s at stake?
COVID-19 has helped to transform retail organizations from the back office to the POS terminal. It’s also exposed them to new cyber-risks. Mass remote working made tools like Microsoft Exchange and Kaseya more popular for communication and IT management. They were duly exploited en masse for data theft and extortion.

More broadly, retailers are exposed at multiple points in their IT infrastructure, including customer databases, POS terminals, marketing automation, web search optimization tools, and payment processing platforms and services. We’ve seen everything from phishing to ransomware, man-in-the-middle attacks to SIM swapping and spoofed mobile apps. In fact, the tactics, techniques and procedures (TTPs) used more broadly in COVID-themed attacks are all present in targeted campaigns against retail customers and businesses.

From POS to e-commerce
POS was traditionally the number one target for data-hungry attackers – most notably in the high-profile breaches of tens of millions of accounts at Target and Home Depot several years back. There’s still a threat here today, as we saw with the discovery of the ModPipe POS malware and the impact of the Kaseya supply chain attacks on some retailers POS systems. However, the widespread adoption of EMV cards – which can’t be cloned as easily using stolen POS data – and new systems like Apple Pay are starting to force more malicious activity online.

That general trend was given a huge push with the advent of COVID-19, with online as a percentage of total retail sales increasing from 16-19% in 2020. Here’s a snapshot of some typical e-commerce threats today:

  • Magecart-style digital card skimming malware has become a major risk to online retailers. One gang compromised over 2,800 digital stores in just a few days. Another skimming campaign resulted in a £20 million fine for British Airways.
  • More sophisticated card-stealing malware has even been found lurking in CSS files, social media sharing icons, and favicon metadata in a bid to outwit security tools.
  • IIStealer malware, discovered by ESET researchers, is a particularly sophisticated way to steal customer credit cards. It compromises web servers, waiting for users to check out and pay for items. After saving the related credit card information without impacting the user experience, the malware exfiltrates the data to the attackers, hiding it in legitimate website traffic. In this instance, even the HTTPS padlock is no protection for users, as IIStealer waits for requests to be decrypted on the server side before logging information from them.
  • E-commerce plugin malware such as a 2020 campaign which exploited security bugs in WordPress plugin WooCommerce to provide access to the website’s database.

Protecting e-commerce servers
For retailers, these risks are heightened by the presence of rigorous data protection regulations like the GDPR and the Californian CCPA, alongside industry data security standard PCI DSS. Non-compliance could result in major fines and reputational damage, leading to customer churn – a serious risk in an industry where loyalty is hard won but easily lost.

There are no silver bullets for solving these challenges. And best-practice cybersecurity should have multiple layers to it, from the end user to the endpoint. But at a high level, retail IT security teams can help to mitigate some of these risks by better securing their back-end e-commerce servers. Consider the following:

  • Use dedicated accounts with strong, unique passwords for admins
  • Require multifactor authentication (MFA) on all administrative and more privileged accounts for extra protection
  • Regularly update the server’s operating system and applications, and carefully consider which services are exposed to the internet to reduce the risk of exploitation
  • Protect customer data at rest with encryption, which will render it useless to thieves
  • Consider using a web application firewall, as well as a reputable security solution on your server
  • Deploy robust, multi-layered endpoint defenses to prevent, detect, and respond to threats
  • Retailer IT environments span everything from back-end logistics and CRM to the front-end e-commerce store and POS terminals in brick-and-mortar stores. That’s a large target for the bad guys to aim at. As online business continues to grow and digitally transform, the key to competitive advantage will increasingly be defined by how well risk-based cybersecurity strategies stack up.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

CyberLink’s FaceMe® Receives FIDO Alliance UAF Level 1 Certification

As a UAF Level 1 Certified FIDO Alliance member, CyberLink’s FaceMe shows the world that it meets a variety of stringent identity verification standards that are required in today’s global financial and technology industries.

Taipei, Taiwan – December 14, 2022 – CyberLink Corp., a pioneer of AI and facial recognition technology, announced that its facial recognition engine FaceMe®, has received FIDO Alliance’s UAF Level 1 Certification. This certification means that FIDO Alliance has recognized a number of advanced FaceMe security and interoperability protocols that meet the financial services industry’s strict security requirements such as using multi-factor authentication over traditional password login. These requirements cover a broad range of online interactions that range from basic content access to transaction enablement, in areas such as banking, securities, insurance, electronic payments, and more.

 

The FIDO Alliance creates authentication standards to help reduce the world’s over-reliance on passwords. Its certifications have become increasingly popular and necessary, especially among global technology companies which deal with ever-increasingly complex electronic systems and data-sensitive transactions. The FIDO Alliance provides authentication protocols and the standards by the FIDO Alliance have been used by major network technology industries and cloud service providers already, and its use has been advocated by various governments.

 

CyberLink’s FaceMe is not only certified by the FIDO Alliance, but also holds several other certifications and security metrics. FaceMe recently passed the iBeta ISO PAD Level 2 liveness detection test with high scores and is top ranked globally by the National Institute of Standards and Technology’s (NIST) Facial Recognition Vendor Test (FRVT) with an accuracy rate of 99.81% and error rate (False Match Rate) as low as 1 in 1 million. These metrics are proof points confirming that FaceMe’s industry-leading accuracy and anti-spoofing capabilities can be trusted to effectively prevent misidentification or identity fraud.

 

Compared to a traditional password login, FaceMe’s facial recognition software is not only more convenient and seamless but is also a more secure form of user identification that’s essential when granting access to highly sensitive information and performing tasks for online banking, securities, insurance, electronic payments, and more. Yuanta Life, Meihao Securities, and the virtual currency exchange CoinTrust are among CyberLink’s customers who are leveraging FaceMe’s facial recognition technology to provide a more secure experience.

 

CyberLink’s FaceMe Fintech, a financial eKYC (electronic Know Your Client) solution, is also FIDO Certified. Improving the FaceMe experience and enhancing security and privacy protection are top, ongoing priorities at CyberLink. As such the company will continue to seek opportunities to improve its solutions and submit them to the leading certification programs.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

You can judge your monitoring by the tools you use

Whether you are a DIY ace or a master at roast beef, a decorated luthier or the best seamstress in the neighborhood, we all love to work with good tools, right? This includes, of course, good IT professionals. Because IT monitoring tools are fundamental when it comes to supervising a network infrastructure and applying the corresponding policies and security measures. Even so, not every monitoring tool is perfect, in fact some could even get to the point of harming us. Let’s take a look!

Better monitoring tools, better monitoring

It’s instinctively basic: you have to find the right monitoring tool for each job. Indeed, although it may seem unheard of, it is quite difficult for IT teams to find comprehensive and outstanding monitoring tools. Some of them are too specialized or do not support all applications because they might lack certain features. This dilemma can lead IT teams to use hundreds of disparate monitoring tools, due to the need to attend to all monitoring tasks. I know what you are thinking: “That must be expensive”. Yes, it is, plus it slows down the working pace due to the huge amount of reports, each with their own features, to be inspected and checked.

That is why we must avoid tool proliferation, as we avoid the proliferation of gremlins or herniated discs.  Preventing it through individual monitoring solutions, even if this requires significant changes, such as the implementation of integrated tools, conceived to support multiple applications, or special network configurations.

The most efficient thing would be to go for IT monitoring tools that include updates to support today’s most respected applications and provide IT administrators with a single management board.

Simplifying is the key

If you have to choose a monitoring platform, you should be aware beforehand that different IT sectors require different types of solutions. Try, with a single solution, to address as many sections as possible, thus adding further depth to monitoring activities. Such a single solution will give you a greater ability to automate responses and locate irregular events in any system you are monitoring.

For this reason, IT departments often look for a suite of fully integrated IT tools offered by centralized system management and monitoring companies. These companies often promise to reduce the license and maintenance costs of their software, as well as the use of their monitoring tool integrated in the corresponding environment to help manage the company.

The IT department will reduce costs thanks to these integrated tools, among other things because they already have a strong response to any problem that may arise. In fact, one of the direct benefits is the reduction of incidents that require the action of the support teams. Also general performance visibility and system availability, thus increasing the total productivity of the company.

But hold on there, before you go running to look for a monitoring tool that suits your company’s requirements and even your zodiac sign, it is TOTALLY NECESSARY to define what justifies monitoring in your company. Remember that each piece of your IT department will have something to say and contribute, there are different features regarding each function, information flow and security clauses. Once you have a full and clear idea of what you and your company need, you may start with a good monitoring strategy.

Application monitoring tools

Application monitoring is, broadly speaking, monitoring activity logs to see how applications are being used. You know, looking at the access roles of the users, the data that is accessed, how this data is used… If your monitoring tool is good, it even shows a window to the log data and an exhaustive view of all the data elements that make up a healthy application: response times, data traces…

Any self-respecting application monitoring tool has to offer these kinds of features, as well as being integrated with database and network monitoring. Thus, together, they will be able to improve application response times through active and immediate solutions to performance problems that arise.

Network monitoring tools

DNS host monitoring, IP address management, packet tracking… This is more or less what all network monitoring tools usually offer. They usually fall short, however, when it comes to supervising everything related to network traffic, whether internally or externally. What they should always provide, under oath, is full surveillance of all devices connected to the network.

Compliance control monitoring

Don’t worry, if you haven’t yet managed to justify implementing a full monitoring tool, compliance monitoring will make up your mind.

Compliance monitoring solutions will provide you with templates based on types of regulations, allowing you to conveniently design and implement a comprehensive compliance monitoring strategy, including the ability to monitor log data, in real time, from any type of device connected to your network, including routers and switches.

Thanks to compliance control monitoring tools you will be able to collect, correlate and export any necessary registration information for the IT team. Report templates will be able to align with formats common to regulatory agencies. In addition to providing exhaustive analysis in the case of internal audits.

Conclusions

If we have made something clear today, it is that the system management and monitoring solution you choose must meet a small series of requirements: be integrated into several systems, be accessible to the IT team through an intuitive interface based on a control panel, be scalable, and stay constantly evolving so that its ability to help you maintain your services can go forward and transcend when you need it.  

If doubt and anxiety overcome you, do not worry, what you are looking for is not far away. Pandora FMS is capable of monitoring all these IT areas that we talked about and much more. Thanks to its more than 16 features and more than 500 Enterprise plugins available. Also, if you are not very knowledgeable in this matter, do not worry, we manage it for you with our MaaS solution.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

What Can Lean IT Teams Do to Strengthen Network Security?

Even a decade ago, the operations, systems and digital footprints of most medium to large companies had become overwhelmingly complex. Over the last ten years, these digital corporate footprints have expanded to reach and capture growth from previously untapped corners of the world. More recently, the business imperatives of the COVID-19 pandemic spurred faster adoption of enterprise software solutions – particularly Software-as-a-Service (SaaS) – that pushed data beyond the organization’s physical perimeter. This has all added significant pressure to already lean IT teams.

The truth is that lean IT teams have to reassess and realign their priorities. This means leveraging technical security essentials in a way that eases the burden on them. In practice, the first step is to begin adopting network security solutions that accommodate today’s most common networking hardware; provide out-of-the-box integrations with critical security tools such as InTune, MFA, and popular SIEM solutions; and work in conjunction with firewalls and endpoint security solutions.

Securing Networks is Only Getting Harder

Events like the recently exploited Log4j vulnerability continue to keep IT security teams on their toes. Little can be done to plan for, let alone prevent, such wide-reaching software flaws – hundreds of Cisco, VMWare, IBM and Oracle products were affected in this instance, including more than 120 different configurations of Cisco Identity Services Engine (ISE). The unfortunate reality is that these events ultimately mean lost weekends patching systems, as well as assessing the damage done to the network and the devices. In many cases, it means bringing in more skilled professionals to investigate, diagnose, and implement – a costly endeavour you likely would not have budgeted for. Other on-going IT priorities are also inevitably pushed to the side with mitigation underway.

Such exploits and subsequent critical system fixes are particularly hard felt by the mid-market. This segment is often considered the backbone of the economy, yet they’re underserved when it comes to having purpose-built network security essentials, including network access control technologies. 

Lean IT Should Maximize Value

For resource-strapped IT teams, these unpredictable security incidents can seem insurmountable, especially when the onus is on the customer to patch their own software. Constant fire drills lead to stress, burnout and turnover – something many organizations simply can’t afford. Instead of helping alleviate stress on lean IT teams, traditional on-premise network security vendors make the problem worse. Their solutions require extensive, ongoing integration and maintenance. Complicating matters further, specialized point solutions don’t mesh easily to provide a holistic view of the network. 

This then brings us to the question of value. Wouldn’t it be more valuable to bring in IT security essentials that can reduce this stress and anxiety by eliminating the need for heavy systems maintenance? Wouldn’t it be valuable to free up that time spent putting out fires and use it to modernize your IT security stack? In practice, this means adopting and deploying network security solutions that deliver the essential functionality and capabilities we laid out earlier. It also means turning to SaaS for security. And for network security, it means choosing the right cloud-native NAC.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

What threatens SaaS security in the upcoming year

· Difficulties in controlling app security risks

Many companies use SaaS apps in their work more and more often, especially when their employees must work remotely. This is when they hit a problem: it is necessary to adjust security settings correctly for each app considering their configurations. As there are many such apps, security departments are forced to do major volumes of work and are not always maximally efficient.

· Low level of knowledge in cybersecurity rules by privileged users

Employees who do not follow cybersecurity rules and have expanded access put confidential information at the threat of being hacked and increase the risk of it being revealed. And because SaaS use continues to grow, there appears the necessity for control of employees’ access to apps.

· Phishing via SaaS

Criminals attack companies’ email via SaaS using the following scheme:

– Criminals send an email with OAuth app.

– An employee follows the link and logs in to their account.

– The app requests access to emails.

– The employee accepts the request.

– OAuth token is created, which is subsequently used by the cybercriminal to gain access to and control email or the whole disc.

– The criminal encodes the disc and the user can get access to it back only after they  have paid ransom.

This is how ransomware works. Other types of cyberattacks can be organized using OAuth app as well.

Having installed special apps for protection against cyberattacks or using cloud services companies can protect themselves from such cyberattacks and identify changes in cybersecurity settings and SaaS apps in timely manner.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

ESET Threat Report: Attempts to exploit MS Exchange and massive waves of password guessing were the most frequent intrusion vectors

  • The exclusive research included in the report provides previously unpublished information about APT group operations: ProxyShell exploitation; OilRig campaign and activities by the infamous cyberespionage group the Dukes (aka Cozy Bear).
  • ProxyLogon vulnerability was the second most frequent external attack vector in ESET’s 2021 statistics, right after password-guessing attacks.
  • Microsoft Exchange servers fell under siege again in August 2021 via ProxyLogon’s “younger sibling”, named ProxyShell, which has been exploited worldwide by several threat groups.
  • Attacks exploiting the Log4Shell vulnerability were the fifth most common external intrusion vector in 2021.
  • RDP attack numbers from the last weeks of T3 2021 broke all previous records, amounting to a staggering yearly growth of 897%.
  • Ransomware surpassed the worst expectations in 2021, with attacks against critical infrastructure, outrageous ransom demands and over USD 5 billion worth of potential bitcoin transactions in H1 2021 alone.
  • Android banking malware detections rose by 428% in 2021 compared to 2020.
  • Emotet botnet has been resurrected.


BRATISLAVA — February 9, 2022 —  ESET Research releases its T3 2021 Threat Report today, summarizing key statistics from ESET detection systems and highlighting notable examples of ESET cybersecurity research, including exclusive, previously unpublished updates on current threats. The latest issue of the ESET Threat Report (covering September to December 2021) sheds light on the most frequent external attack vectors, the reason behind the rise of email threats, and shifts in the prevalence of certain types of threats due to fluctuating exchange rates of cryptocurrencies.

Researchers reveal that the ProxyLogon vulnerability was the second most frequent external attack vector in ESET’s 2021 statistics, right after password-guessing attacks. Microsoft Exchange servers fell under siege again in August 2021, with ProxyLogon’s “younger sibling”, named ProxyShell, which has been exploited worldwide by several threat groups. As the final threat report of the year 2021, it also comes with commentary on the broader trends observed throughout the year as well as predictions for 2022 by ESET malware researchers and detection specialists.

Further research in the report revolves around the Log4Shell vulnerability, yet another critical flaw in the ubiquitous Log4j utility that surfaced in mid-December. IT teams everywhere were sent scrambling, again, to locate and patch the flaw in their systems. “This vulnerability, scoring a 10 on the Common Vulnerability Scoring System, put countless servers at risk of complete takeover – so it came as no surprise that cybercriminals instantly started exploiting it. Despite only being known for the last three weeks of the year, Log4j attacks were the fifth most common external intrusion vector in 2021 in our statistics, showing just how quickly threat actors are at taking advantage of newly emerging critical vulnerabilities,” explains Roman Kováč, chief research officer at ESET.

The exclusive research presented in the ESET Threat Report T3 2021 provides previously unpublished information about APT group operations. This time, researchers offer updates on the activity of cyberespionage group OilRig; latest information on in-the-wild ProxyShell exploitation; and new spearphishing campaigns by the infamous cyberespionage group the Dukes.

According to ESET telemetry, the end of the year was also turbulent for Remote Desktop Protocol (RDP) attacks, which escalated throughout all of 2020 and 2021. The numbers from the last weeks of T3 2021 broke all previous records, amounting to a staggering yearly growth of 897% in total attack attempts blocked – despite the fact that 2021 was no longer marked by the chaos of newly imposed lockdowns and hasty transitions to remote work.

Ransomware, previously described in the ESET Threat Report Q4 2020 as “more aggressive than ever” surpassed the worst expectations in 2021, with attacks against critical infrastructure, outrageous ransom demands and over USD 5 billion worth of bitcoin transactions tied to potential ransomware payments identified in the first half of 2021 alone. As the bitcoin exchange rate reached its highest point in November, ESET experts observed an influx of cryptocurrency-targeting threats, further boosted by the recent popularity of NFTs.

In the world of mobile, ESET noted an alarming upsurge in Android banking malware detections, which rose by 428% in 2021 compared to 2020, reaching the detection levels of adware – a common nuisance on the Android platform. Email threats, the door to a myriad of attacks, saw their yearly detection numbers more than double. This trend was mainly driven by a rise in phishing emails, which more than compensated for the rapid decline in Emotet’s signature malicious macros in email attachments. Emotet, an infamous trojan inactive for most of the year, as illustrated in the report, came back from the dead in T3.

The ESET T3 2021 Threat Report also reviews the most important research findings, with ESET Research uncovering: FontOnLake, a new malware family targeting Linux; a previously undocumented real-world UEFI bootkit named ESPecter; FamousSparrow, a cyberespionage group targeting hotels, governments, and private companies worldwide; and many others. T3 also saw ESET researchers publish a comprehensive analysis of all 17 malicious frameworks known to have been used to attack air-gapped networks, and conclude their extensive series of deep dives into Latin American banking trojans.

The report also contains an overview of the numerous talks given by ESET researchers in T3 2021, and introduces talks planned for the SeQCure conference in April 2022 and the RSA Conference in June 2022, with the latter showcasing the recent ESPecter discovery.

For more information, check out ESET Threat Report T3 2021 on WeLiveSecurity. Make sure to follow ESET Research on Twitter for the latest news from ESET Research.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

[Special Announcement] Registration Server will be regularly maintenance on 2022-02-10 (15:00-17:00)

In order to provide more stable service, registration server (https://version-2.com.sg/register/) will be regularly maintenance on 2022-02-10 (15:00-17:00).
Sorry for any inconveniences caused.

Support Hotline: (65) – 6296 4268
Or email to support@version-2.com.sg

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.