Skip to content

Why Social Engineering Attacks are on the Rise & How to Prevent Them

You can build the tallest walls around your castle and equip it with the most advanced defense technology, but if an insider opens the gates to your enemies, all your efforts will go wasted.

This logic equally applies to cyber security: Even when a business uses state-of-the-art antivirus & malware protection software and implements robust technical security measures, one employee’s mistake of disclosing his login details to an intruder or downloading malware-infected attachments may lead to the compromise of valuable information assets, result in financial loss or disrupt business continuity. 

This is why social engineering attacks are on the rise: Instead of trying to find and exploit system-related vulnerabilities which may require significant resources, cybercriminals increasingly play into exploiting natural human tendencies such as greed, trust, fear, and feeling obliged to reciprocate so that they can easily exfiltrate data. 

In this article, we will talk about: 

  • How do social engineering attacks work? 
  • What are the main types of social engineering attacks? 
  • Rise of social engineering attacks 
  • Why are social engineering attacks on the rise? 
  • How to prevent social engineering attacks

I. How do social engineering attacks work?

Social engineering attacks refer to the use of deceptive techniques and arts by cybercriminals to persuade victims to take specific actions such as disclosure of sensitive information, downloading malware-infected attachments, allowing intruders entry into secure areas, or clicking on a link that directs them to a fake website, which is then used to steal sensitive data such as their login credentials. 

By deceiving employees into taking these actions, malicious parties can infiltrate corporate networks, gain access to valuable information assets, steal credentials of high-level management or even transfer funds to themselves. A successful social engineering attack requires both technical skills such as crafting a phishing email and soft skills such as building trust with the target. 

Overall, a social engineering attack consists of four phases: 

Phase 1: Gathering of information about the victim

In this step, the cybercriminals collect information about the victims from different sources such as publicly available data on social networking sites, online directories, or via special tools such as OSINT.  

Phase 2: Building a relationship with the victim

In this phase, cybercriminals earn the victim’s trust by using the information gathered previously and then applying principles of psychological manipulation to influence the victim into taking a particular action such as disclosing sensitive information like login credentials. 

For instance, people like to reciprocate a favor, they want to be useful to others and they act without diligence when there is an imminent threat. Understanding these basic principles of human instincts helps cybercriminals trick their victims with ease. 

Phase 3: Exploiting the relationship

In this stage, cybercriminals deploy their technical skills to attain results. This may include crafting a spear-phishing email, cloning a legitimate website, or persuading the victim into opening a malware attachment. 

Phase 4: Exit step

This step involves the removal of all evidence that may have been left after the attack so the cybercriminals cannot be identified. Furthermore, concealing that an attack occurred is of critical importance for cybercriminals because it allows them to freely infiltrate the systems without getting caught. 

II. What are the main types of social engineering attacks?

Phishing

Phishing attacks are the most prevalent type of social engineering attacks. In December 2021, APWG observed 316,747 phishing attacks, the highest number since its reporting program began back in 2004. Furthermore, according to Verizon’s Data Breach Investigations Report, phishing attacks were used in 36% of all data breaches surveyed. 

Phishing attacks entail the use of communication tools such as emails, phones, SMS, or social media to deceive users into divulging confidential information, clicking on malicious web links, or downloading malware-infected attachments. 

Spear phishing

Spear phishing is a sophisticated variant of phishing attacks. Unlike traditional phishing attacks where non-personalized bulk communications are sent to thousands, spear-phishing attacks are targeted at specific individuals within an organization. Worldwide, 36% of businesses have faced at least 10 spear-phishing attacks in 2020. 

Business email compromise (BEC)

BEC refers to a type of attack where cyber attackers impersonate trustworthy senior executives via stolen credentials and then convince subordinates to transfer funds to other accounts. According to IBM’s 2021 Cost of Data Breach Report, BEC attacks cost the most to businesses worldwide, 5 million $ on average per attack. 

III. The rise of social engineering attacks

As businesses implemented stronger technical security measures such as more effective anti-virus programs, network filtering, and cloud adoption, the cost of finding and exploiting system vulnerabilities required more resources and became more costly for cybercriminals. Given that the primary motivation for cybercrime is high-margin profits, it is no surprise that cybercriminals are increasingly using social engineering attacks to infiltrate IT networks more easily and in a more cost-effective way. 

In fact, the Human Hacking Report by SlashNext shows that social engineering attacks increased by 270% in 2021. What is more interesting is that 98% of all cyberattacks involve social engineering to some degree. Another interesting trend when it comes to social engineering attacks is the growing use of more sophisticated and manual methods instead of generic and automated communications.  

Traditionally, the use of automated means to send out generic phishing emails and SMS in bulk was the norm. However, cybercriminals now collect more information about their targets, identify the most vulnerable individuals within the target organization and personalize their tactics to deceive their targets more easily. 

This is evidenced by the growing prevalence of spear-phishing attacks: In 2021, 65% of all phishing attacks worldwide were spear-phishing attacks, which entails in-depth research into the target organization and the victims to send more personalized and believable emails, SMS, and calls,   thus maximizing  the success rate. 

IV. Why are social engineering attacks on the rise?

While there are many factors contributing to the rise in social engineering attacks, three factors stand out: 

Social networks

Professionals spend more time on social media networks and are often open to connecting with people they do not know to gain more prominence on social media platforms such as LinkedIn.  This makes most employees potential targets for social engineering attacks because cybercriminals can easily open an account on these networks without ID verification, connect with the targets, earn their trust and then execute the attack. In other words, social media provides another attack vector for cybercriminals to build relationships with victims and exploit their vulnerabilities. 

Access to more data

Social media sites where people share everything about their lives are a goldmine for social engineers: This enables them to profile their targets, identify individuals most likely to fall victim, and craft a more personalized message to them to boost their chances of success.  For example, cybercriminals can set up an unofficial assistance page for a particular bank’s customers on a social media site and then target people following this page. 

For instance, 1 billion LinkedIn users’ data were compromised as a result of two data breaches. This data was then on sale on the dark web. Access to this rich source of personal information has likely fuelled the rise in spearfishing attacks in 2021. 

Social engineering requires fewer resources and technical knowledge

Compared to the exploitation of system vulnerabilities which requires technical expertise and resources, social engineering is an easier way for cyber attackers because all they need is an employee negligent enough to fall prey.  

Social engineering attacks are less likely to get detected

When cybercriminals infiltrate corporate networks by using login credentials obtained via social engineering, this may go undetected for months, giving them the time to compromise troves of data without being detected.  

Another factor that makes it easy for cybercriminals to evade email detection gateways, firewalls, and other detection technologies is that they host malicious URLs on legitimate infrastructures such as AWS and outlook.com. For instance, according to a report by SlashNext, 2.5 out of 14 million malicious websites identified were hosted on reputable infrastructure services such as Azure. 

V. How can organizations prevent social engineering attacks?

Defending against social engineering attacks and minimizing their adverse effects on a business requires a combination of strong security culture, staff training, and implementation of appropriate cyber security measures: 

Provide training to your staff

All staff should be educated on how they can recognize social engineering attacks such as phishing attacks. For email phishing, for instance, employees can be provided with training on the red flags such as incorrect email domain or grammar mistakes they need to watch out for. 

Establish reporting mechanisms and encourage employees to report suspicious calls, emails, and other similar activities

There should be a reporting mechanism in place so that employees can report any suspicious activity to the security team, making it easier to detect and prevent social engineering attacks 

Penetration testing

Carrying out regular penetration testing is useful to discover the vulnerabilities in the human element of IT infrastructure so that weaknesses can be identified and remedied.  

Network access control (NAC)

Implementing network access control technology can provide two distinct benefits: 

  • Preventing unauthorized access to the Network by applying multi-factor authentication: NAC systems enable businesses to restrict access to certain employees with credentials to certain areas of the network. NAC systems usually include multi-factor authentication functionality that is useful to prevent intruders from gaining access to critical IT infrastructure. Gaining account login credentials is one of the primary ways attackers use to infiltrate corporate networks. Multi-factor authentication would enable the recovery of accounts easily and prevent unauthorized access.
  • Post-admission controls can mitigate risks by restricting lateral movement across the network: NAC systems can be used to restrict access to different parts of the network, minimizing the harm an unauthorized attacker can impose. This control can make it less likely that intruder obtains confidential data such as trade secrets and can reduce the number of individuals whose personal data are compromised. Therefore, financial loss because of a data breach would be less severe. 

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

SC Awards Europe Names Portnox to Best Authentication Technology Shortlist

Austin, TX – May 7, 2024Portnox, a leading provider of cloud-native, zero trust access control solutions, is proud to announce its selection as a finalist in the prestigious SC Awards Europe. The company has been recognized on the Best Authentication Technology category shortlist for its commitment to innovation and excellence in cybersecurity. The Portnox Cloud allows organizations to control who can authenticate to their enterprise network, and provides granular detail on every user’s access layer, location, device type, and more. Portnox’s cloud RADIUS service – part of the Portnox Cloud platform and its primary authentication solution – is provided through a cloud-based cluster of fully redundant RADIUS servers and is used for authentication of users accessing the enterprise network. The Portnox Cloud is fully cloud-native and requires no on-site hardware or maintenance whatsoever. No other network access control (NAC) product on the market delivers network authentication, access control, endpoint risk posture assessment and remediation in this manner. As a cloud service, the Portnox Cloud eliminates the need for the capacity planning of on-premises software or appliances. It also eliminates the need to complete on-going security updates, expand capacity, or upgrade appliances to meet future growth needs. With the Portnox Cloud, you never have to worry about software or hardware end-of-life, or costly, complex upgrades requiring hours and days of work and a never-ending checklist of to-dos. The Portnox Cloud is always running the most up-to-date version with the latest features and capabilities. “We are honored to be recognized as a finalist in the SC Awards Europe,” said Denny LeCompte, CEO at Portnox. “This acknowledgment reaffirms our relentless pursuit of excellence in delivering robust authentication and access control technology that strengthens data protection, improves endpoint and network security, streamlines user experiences, and achieves compliance with ease.” The SC Europe Awards are a celebration of the excellence, advancement, and of the incredible minds that are shaping the future of technology and cybersecurity within the UK and Europe. Being named a finalist underscores Portnox’s unwavering dedication to providing cutting-edge solutions that empower businesses to strengthen their security posture against evolving cyber threats. The winners of the SC Awards Europe will be announced during a ceremony on Tuesday, June 4 on the first evening of InfoSecurity Europe in London.
Cloud NativeFaux Cloud
InfrastructureProvided, paid, and managed by the vendor; mostly invisible to anyone utilizing the serviceProvided, paid, and managed by you through your own AWS or Azure account
ImplementationQuick time to value; much of the work is invisible to youDepends on the complexity of the app, but it is your responsibility to do the work or pay someone else to do it
PricingSubscription with lower up-front costPerpetual license with expensive up-front cost that are amortized over time.

(Note: many vendors are moving away from perpetual licensing for on-prem or faux cloud products, but as they do, their customers are getting the worst of both worlds – paying more annually while still being responsible for on-going maintenance of the product)
Total Cost of OwnershipThe price of the product reflects the genuine cost of ownershipThe price of the product is only one (and sometimes only a small) part of the total cost that is reflected in the staff time and public cloud expenses; in many instances, you may not even know what it is going to cost you until it is too late
Vendor Lock-InEasy to switch to another vendor should your business needs changeExpensive license, deployment and maintenance costs make switching prohibitive, often for years
AccessAccess anywhere via browser with internet connectionOn-premises model often requires access via VPN

(Note: what happens when there is a problem with your solution and your VPN is configured to use your on-premises system? Sounds like someone is driving into the office!)
ScalabilityAutomatically scales with usageCustomer must increase capacity to keep up with usage
UpdatesVendor regularly updates the underlying components such as servers, databases, etc. This process will often be invisible to you.You are responsible for ensuring that the entire tech stack – components, databases, servers, network – is updated with the latest patches
UpgradesYou seamlessly and transparently reap the benefit of new features, enhancements, and other improvements with zero effortAny upgrade requires you to install, test, and then deploy the upgrade in production, often during nights and weekends in case something goes wrong
AccountabilityThe vendor takes ownership of the uptime and security, performance, and availability of the serviceApart from the infrastructure as a service, you are on the hook for the performance, health, security, and availability of the solution, lock stock and barrel

Cloud Native

Infrastructure
Provided, paid, and managed by the vendor; mostly invisible to anyone utilizing the service

Implementation
Quick time to value; much of the work is invisible to you

Pricing
Subscription with lower up-front cost

Total Cost of Ownership
The price of the product reflects the genuine cost of ownership

Vendor Lock-In
Easy to switch to another vendor should your business needs change

Access
Access anywhere via browser with internet connection

Scalability
Automatically scales with usage

Updates
Vendor regularly updates the underlying components such as servers, databases, etc. This process will often be invisible to you.

Upgrades
You seamlessly and transparently reap the benefit of new features, enhancements, and other improvements with zero effort

Accountability
The vendor takes ownership of the uptime and security, performance, and availability of the service

Faux Cloud

Infrastructure
Provided, paid, and managed by you through your own AWS or Azure account

Implementation
Depends on the complexity of the app, but it is your responsibility to do the work or pay someone else to do it

Pricing
Perpetual license with expensive up-front cost that are amortized over time.

(Note: many vendors are moving away from perpetual licensing for on-prem or faux cloud products, but as they do, their customers are getting the worst of both worlds – paying more annually while still being responsible for on-going maintenance of the product)

Total Cost of Ownership
The price of the product is only one (and sometimes only a small) part of the total cost that is reflected in the staff time and public cloud expenses; in many instances, you may not even know what it is going to cost you until it is too late

Vendor Lock-In
Expensive license, deployment and maintenance costs make switching prohibitive, often for years

Access
On-premises model often requires access via VPN

(Note: what happens when there is a problem with your solution and your VPN is configured to use your on-premises system? Sounds like someone is driving into the office!)

Scalability
Customer must increase capacity to keep up with usage

Updates
You are responsible for ensuring that the entire tech stack – components, databases, servers, network – is updated with the latest patches

Upgrades
Any upgrade requires you to install, test, and then deploy the upgrade in production, often during nights and weekends in case something goes wrong

Accountability
Apart from the infrastructure as a service, you are on the hook for the performance, health, security, and availability of the solution, lock stock and barrel

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

Events in MS Windows and Pandora FMS, does anyone give more?

If the spreadsheet was the essential application for accounting and massification of personal computers, MS Windows® operating system was the graphical interface that turned work into something more pleasant and paved the way for web browsers for the Internet as we know it today.

Today, in Pandora FMS blog, we discuss:

Windows Event Monitoring and Pandora FMS

Decades ae gone by but there is always a joke, among us computer scientists, that prevails in time:

“This is the year of Linux on our desktops”.

I actually think that, in the end, it is a statement that comes with a flaw from the very beginning:

The kernel (Linux in this case) has little to do with the graphical interface, the actual thing is that the applications that go along with Linux, such as GNU/Linux, are the combinations that should take their place in hundreds of millions of computers in our homes and jobs.

The MS Windows® operating system (OS), despite losing ground with Android/Linux on our mobile phones, still has it still going on on desktop computers and in the field of video games it keeps its position, faring pretty well.

Many say that desktop personal computers will disappear. I personally think that we will connect the monitor, keyboard and mouse to our cell phones at home and at the office.

But today MS Windows has a stronghold in its market position and for Pandora FMS it has implied a series of very special considerations for its monitoring.

The  overview

Monitoring with Pandora FMS can be done both remotely and locally and the MS Windows® OS is no exception. Remote monitoring can be performed through SNMP and  through WMI.

*If you are new to monitoring, I recommend you to take a few minutes to learn about Pandora FMS Basics.

For local monitoring install a small program, which is called Pandora FMS Software Agent.

Once installed in MS Windows®, the modules to collect the most relevant information (disk usage, RAM consumption, etc.) will already be installed by default.

If what you need to monitor is the basics of MS Windows® the Open version of Pandora FMS is more than enough for the task.

Windows® event monitoring

The amount of applications for MS Windows® is humongous but in a way it is easy to monitor applications and even processes, since we have a special instruction for the Software Agent called module_Proc. 

This instruction is able to tell us, either immediately or every certain period of time whether a program or process is running.

*If you want to find out more about this Pandora FMS feature, visit our video tutorial Monitor processes or applications in Windows.

So far all this is the basics for monitoring MS Windows®.

And in the case of Pandora FMS Enterprise version you can “transfer” normal events to events in Pandora FMS, which can generate alerts and warnings for us to take the necessary actions, or let Pandora FMS restart the software vital to our work or business.

* The latter is known as Watchdog: if an application for any reason stops in MS Windows®, it is re-launched and executed.

Analyzing the causes

Simplifying as much as possible:
So far we can say that we are working on true and false, on ones and zeros.

But often it is called on to us to analyze under what conditions an application collapses or find out why it does not start.

If all that related information had to be seen on your screen you simply would not be able to work with so many interruptions. For that reason there are event registries and working with them implies more specialization on Pandora FMS behalf.

MS Windows® presents an advantage as a privative software for its monitoring and it is that its events and corresponding logs are centralized after a certain routine or standard way.

Monitoring an individual event

Pandora FMS offers the instruction module_logevent that uses Windows® API and offers better performance than data collection by means of WMI.

You will obtain data from the event logs from Windows itself.

Along with additional instructions, it offers the ability to monitor very specific events identified by the fields Log Name, Source, Event ID and Level.

Remember I told you they’re standardized?

Well, in Log name they are well defined by:

  • Application.
  • Security.
  • Installation.
  • System.
  • Forwarded events.

And you must use one of them for the instruction module_source, which is mandatory in the module to be created in Pandora FMS Software Agent.

Up to this point we have only discussed simple modules of Pandora FMS agents but, depending on your needs all the above can also be done as a complement or Pandora FMS plugin.

The difference is to place module_type async_string when it is a data module and module_type log when it is a plugin.

Plugins offer flexibility as they can return multiple data at the same time, unlike Pandora FMS modules that only return a specific, normalized data type in Pandora FMS.

This is important for what we will see below:
The instruction module_regexp which has as a parameter an event log file (.log) on which you will search for keywords with the instruction module_pattern.

This is necessary because there are old applications that keep their own separate event log, although in other regards they do not escape the Windows log. 

*We explained this in detail in our tutorial video « Windows modules logevent and regexp ».

Monitoring an event channel

En MS Windows® algunos log que no están en el registro de eventos del propio Windows, pueden ser recogidos mediante los canales de registros de eventos (Windows Event Log channel  o simplemente log channels) con una instrucción especial lla

In MS Windows®, some logs that are not in Windows event log can be collected using the Windows event log channels with a special instruction called module_logchannel that does not carry any parameters but then uses module_source<channel_name> together with module_eventtype (event type), module_eventcode (event code) and even module_pattern to search by keyword. 

*For more details, our video tutorial «Windows modules: Logchannel |Pandora FMS|» quickly explains this feature.

However, I said that we are looking for or investigating the cause of some problem or inconvenience in an application that runs on MS Windows®, but the examples I have given are specific and go directly to monitor a particular point.

Alright so…

How do we do it if we don’t know exactly what we’re looking for?

Elasticsearch and log mass collection

What I needed to explain is that if you use a plugin to collect logs you must install, together with Pandora FMS, a powerful tool called Elasticsearch.

Which uses a non-relational database capable of storing and classifying all this large amount of information.

*It is well explained, again, in another tutorial video called “ Log Collector in Pandora FMS “)

But don’t think Pandora FMS just delegates the work, no:

From Elasticsearch you may go back to Pandora FMS to generate alerts and reports that you scheme and then create in Pandora FMS to finally understand what the conditions and precise values are when an application fails (or has peak workload values, or is “doing nothing”, etc.).

Conclusions

He resI have summed it up as much as possible and I recommend that you watch the tutorials over and over again until you fully understand and are able to put it into practice installing both Pandora FMS and Elasticsearch. If you have any problems, check the official documentation, which is extensive on the topic “Log monitoring and collection.”

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.

MAGIX Software GmbH Unveils New Strategy

MAGIX Software GmbH Unveils New Strategy to Democratize Audio and Video Creation, Announces Key Organizational Changes and Appoints Jeffrey Krebs as Chief Product Officer. 


05/10/23
MAGIX Software GmbH, a leading provider of audio and video software solutions, announces their new strategy and vision: Democratize audio and video creation by enabling content creators and knowledge workers with intuitive, assisted and collaborative workflows. The company aims to streamline the creative process as a whole, allowing users of any skill level to focus on creativity and produce better and faster results.Executing on this new strategy, MAGIX consolidates its product portfolio and reorganizes the company with immediate effect. Shifting from a product-based towards a capability-based organization enables a culture of efficiency, innovation and collaboration, with the goal of bringing cutting-edge solutions to the market faster. This will maximize cross-product synergies and focus investments on delivering maximum value to users of Vegas, Sequoia/Samplitude, Music Maker and MAGIX content.

Key Organizational Changes with Jeffrey Krebs as Chief Product Officer

To spearhead this shift in product strategy, MAGIX is pleased to announce the appointment of Jeffrey Krebs as Chief Product Officer (CPO) across all products, with the product leadership team reporting directly to him. Jeffrey brings a wealth of experience in the technology industry, having held leadership roles at several global tech companies, including Avid Technology, Eyeon Software, and Blackbird. Throughout his career, he has been instrumental in driving product innovation, growth, and customer success.

Jeffrey comments on his new role, “I am thrilled to be joining MAGIX and working with the development teams on its world-class video editing environment, Vegas Pro, and professional audio editing and mastering solution, Sequoia/Samplitude and the #1 downloaded DAW Music Maker. The company’s dedication to innovation and customer-centric approach aligns with my vision for the future of digital content. I am eager to contribute to the mission of democratizing audio and video creation, and I look forward to delivering cutting-edge solutions that empower creative minds around the world.”

“We are excited to welcome Jeffrey to the MAGIX family and are confident that his leadership and vision will help us deliver on our ambitious goals.” says Denis Burger, CEO of MAGIX Software GmbH.

“Our new strategy and vision will empower all users to unlock their full creative potential and to achieve high quality audio and video editing fast and easily. With Jeffrey’s guidance, we look forward to accelerating our product innovation and driving customer success across the globe.”

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About VEGAS
Today, millions of VEGAS Pro and VEGAS Movie Studio users benefit from global industry-leading video editing technologies. Now, VEGAS launches into a new era. In May, 2016, MAGIX acquired the multiple award-winning VEGAS Pro and VEGAS Movie Studio product lines, along with other video and audio products. VEGAS Creative Software stands poised to take video editing to a new level. Our development teams in the US and Germany are working on innovative solutions to old problems, and building tools that push the boundaries of what’s currently possible. The VEGAS Creative Software mission: to make VEGAS software faster, more efficient, and even more intuitive. Our goal: to provide users at all levels–from video editing amateurs to creative professionals–tools that are perfectly suited to their needs and demands.

Weekly ICS / OT Security News Digest | SCADAfence – May 10

Our research team has put together all of the most relevant news topics in the Ransomware and IoT security fields, as well as their impacts and their expert recommendations:

Continue reading

CyberLink Launches PowerDVD 22, Putting User Experience at the Core of Blu-Ray, DVD, 4K HDR, and YouTube Playback

The world’s no.1 multimedia player delivers brand new cutting-edge playback options, an enhanced audiovisual experience, and the most intuitive user interface to date.

Taipei, Taiwan— May 12, 2022—CyberLink Corp. (5203.TW), announced today the release of PowerDVD 22, the latest version of its award-winning movie and media playback software which lets users enjoy an immersive experience for movies, music, and YouTube. The software plays movies in 8K, 4K HDR Blu-ray, and a wide range of media formats across any PC, laptop, TV, tablet or phone.

PowerDVD 22 builds on CyberLink’s pioneering media technology by offering exciting new features that offer users more control and customization options. Users can tailor their experience to match their preferences, for example, deeper colors, better lighting, and enhanced audio, such as high-fidelity 7.1 surround sound.

PowerDVD 22 includes a new keep pitch algorithm that maintains audio quality at the highest level during slow-speed playback, ideal for honing in on a video’s most intricate details without a distorted soundtrack. PowerDVD 22 optimizes playback between devices. New tools allow users to trim and extract any section of their media’s video or audio and convert them into smartphone-friendly formats. This includes MP4 for video and AAC or MP3 for audio. PowerDVD 22 also boasts faster transcode and uploading times, faster playback, and thumbnail generation on any part of the play bar for easy media skimming.

Enjoy YouTube like never before with PowerDVD 22. Next-generation TrueTheater® enhancements enrich YouTube videos with deeper colors, better lighting, and enhanced audio, no matter the original’s resolution – even 4K. Enjoy all-new matched playback speed controls, the ability to subscribe and unsubscribe within PowerDVD, and search capabilities by both channels and playlists.

“Recognized as the world’s number one movie and media player, PowerDVD has a long innovation history, pioneering multimedia features over and again, to the joy of our millions of users,” said Dr. Jau Huang, CEO of CyberLink. “In addition to new playback tuning options and an even friendlier user interface, we are happy to announce that PowerDVD 22 also adds exciting features to let users take complete control of their media, movies, and YouTube content experience.”

PowerDVD 22 provides an unparalleled playback experience. New additions include a specialized home function that lets users instantly access their currently played, recently played, and recently added media – all in one place. The program emphasizes precision controls, fast playback, and a lightning-quick response when streaming or watching YouTube. Users can enjoy convenient search functions and filters, including separated music, movie and photo playlists, the ability to access YouTube videos directly with an URL, and an integrated media manager which automatically organizes an entire library of photos, videos, music, and Blu-ray/DVD movies.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CyberLink
Founded in 1996, CyberLink Corp. (5203.TW) is the world leader in multimedia software and AI facial recognition technology. CyberLink addresses the demands of consumer, commercial and education markets through a wide range of solutions, covering digital content creation, multimedia playback, video conferencing, live casting, mobile applications and AI facial recognition.  CyberLink has shipped several hundred million copies of its multimedia software and apps, including the award-winning PowerDirector, PhotoDirector, and PowerDVD.  With years of research in the fields of artificial intelligence and facial recognition, CyberLink has developed the FaceMe® Facial Recognition Engine. Powered by deep learning algorithms, FaceMe® delivers the reliable, high-precision, and real-time facial recognition that is critical to AIoT applications such as smart retail, smart security, and surveillance, smart city and smart home. For more information about CyberLink, please visit the official website at www.cyberlink.com

Third Party Access: A Problem for Today’s Organizations

The extent of the use of third parties to carry out activities in companies today is really surprising. Companies are increasingly looking to outsource internal functions and operations and external services.

According to the study, a quarter of companies said they use more than 100 third-party vendors, mostly requiring access to internal assets, data and business applications to operate effectively and fulfill their contracts.

The study also found that 90% of respondents allow third parties to access not only internal resources, but critical internal resources as well. This should be an immediate cause for attention for any CISO.

Companies that rely on third-party vendors may have implemented excellent cybersecurity measures, but it all means nothing when the vendor’s access controls are insecure.

For many organizations, securing access from third-party providers is incredibly complex – often requiring solutions like multi-factor authentication, VPN support, corporate laptops shipped to companies, directory services, agents, and more.

Not only does this create confusion and overhead for security professionals, it also creates tangled and often unsafe routes for third parties to access the systems they need to do their jobs.

Continue reading the article and learn how third-party abuse is a major cybersecurity risk for businesses.

Third-party-related attacks are on the rise

Third parties may not take network security as seriously as you would like. Knowing this, cybercriminals can choose not to attack your business directly. Instead, they may look for an easier target among their third-party vendors.

A compromised subcontractor can easily be turned into an entry point for cybercriminals. This is how a supply chain attack works.

Meanwhile, the number of third-party organizations they work with, as well as the amount of sensitive data disclosed to them, increases every year. The same goes for data breaches caused by third parties.

Here are just a few examples of cybersecurity incidents involving third parties.

Magecart Attacks

Since 2015, a group of cyber criminals called Magecart has carried out several attacks on major retailers across the world.

The group is believed to be responsible for the recent attacks on Ticketmaster, British Airways, Newegg, Feedify and Magento stores. Magecart hackers often infect third-party web services used by their victims to steal valuable information, particularly credit card data.

Atrium Health Data Breach

 In 2018, Atrium Health suffered a data breach that resulted in the personal information of over 2.65 million patients being exposed. The breach was caused by a compromise of servers used by one of Atrium Health’s billing providers.

Amazon Data Leak

 In 2020, Amazon, eBay, Shopify, and PayPal fell victim to a massive data breach. A third-party database of approximately eight million UK online shopping transactions has been published online.

Notably, this is not the first time that Amazon has suffered from third-party incidents. In 2017, attackers broke into various third-party vendors working with Amazon and used their credentials to perform malicious actions in the environment.

General Electric (GE) Data Breach

 In 2020, GE reported a data breach caused by one of its service providers. A compromised email account led to the public exposure of personally identifiable information from current and former GE beneficiaries and employees.

 Depending on the nature of the outsourced supplier’s commitment, an organization may face different risks. Let’s look at the most common risk categories and the threats you need to be prepared to mitigate.

What are the risks involving third-party access?

 The financial and technical capabilities of small service providers and subcontractors do not always match the capabilities of their customers. So, while looking to succeed in their efforts, cybercriminals can start small and look for an easy target in their supply chain.

A compromised third-party vendor can lead to a number of risks that can be broken down into four main categories:

  • Cybersecurity Risks: Subcontractors often have legitimate access to different environments, systems and data of their customers. Attackers can use a third-party vendor as an entry point to try to get your valuable assets.
  • Operational Risks: Cybercriminals can target your internal systems and the services you use instead of just your data. This can lead to partial interruptions of your operations or even stop them completely.
  • Compliance Risks: International, local, and industry-specific standards and regulations define strict cybersecurity criteria that organizations must meet. In addition, third parties working with these organizations must also comply with these requirements. Non-compliance often leads to substantial fines and reputational damage.
  • Reputation Risks: Having your valuable data and systems compromised serves as a red flag for your partners and customers, current and future. Regaining your confidence will take a lot of time and effort. And unfortunately, there is no guarantee that you will be able to successfully restore your reputation after a serious cybersecurity incident.

The reason many organizations struggle so hard to secure their work with third parties is a lack of two things: visibility and control. Companies are often unaware of what their third-party vendors do with their critical data and systems.

 Management Management ManagementWhat are the specific threats involving third-party access?

To make your cooperation with subcontractors more secure, you need to understand what threats they may pose to your company’s cybersecurity.

Let’s focus on four common types of threats:

  • Misuse of Privileges: Third-party vendors may violate the access privileges you grant them in a variety of ways and for a variety of reasons. Your subcontractor’s employees may voluntarily pass their credentials on to others. Or, if access permissions on your network aren’t configured correctly, a third-party vendor could gain access to data that shouldn’t be shared with them.
  • Human Errors: Inadvertent errors by your subcontractor’s employees can cause as much damage as intentional attacks. Common mistakes include accidentally deleting or sharing files and information, entering incorrect data, and misconfiguring systems and solutions. While unintentional, these errors can still lead to data leaks, service interruptions, and significant revenue losses.
  • Data Theft: In addition to unintentional data damage, there is a high risk of data theft directed by third parties. Without a proper third-party vendor management policy, there is a risk that third-party employees will steal valuable business information and use it to their advantage.
  • Third-party risks from your third parties: Ensuring that your third-party vendors meet your cybersecurity requirements and follow cybersecurity best practices is not enough. You also need to understand how they manage their own supply chains.

 Fortunately, you can effectively manage all of these risks and threats by following a set of risk management best practices from third-party vendors that will significantly improve your company’s cybersecurity resilience.

What are the technical controls to mitigate third-party access?

Ensuring a high level of access control is especially important if your third parties have access to your company’s privileged accounts, critical assets and confidential information.

The organization has visibility into the reasons and metrics, allowing it to better manage risk. Technical controls can be implemented to help manage risk.

Technical controls include:

Multi-factor authentication (MFA)

 When accessing systems, there is no reason not to use MFA. It is vital as it is a difficult obstacle for attackers to overcome. This should be used as a first line of defense and mandatory third-party access control.

Centralized Access  Management

 Centrally managing access helps with technical and administrative actions that need to be performed. If access can be seen and controlled centrally, it is easier to manage.

In the absence of a central system, the organization should consider its implementation for simplified management. Simple and safe often go hand in hand.

Centralized Access Gateway

 A gateway used by a third party to access systems is useful. This helps with access management as it provides a central point of focus. It is equivalent to a castle gate where guards are stationed.

That’s not to say that with control in place, other areas don’t need to be monitored, however, having this central access point creates a security focal point.

Virtual Private Networks (VPN)

Ensuring that access to systems is secure from a network perspective is also essential. Using VPN or SSL/TLS level security for the central point is a safer way than not having this protection.

Third parties do not always have the equivalent or better level of security that an organization can have, and securing access through encrypted networks increases security.

It is not the only control required, a combination of controls must be implemented to effectively mitigate the risk. Some organizations tend to opt for one control or the other.

Recorded Access

Written access is a great control to implement in your environment. It protects both the organization and the third party. If the organization has a record of what happened, they can trace the steps and reverse the issue or at least resolve it.

Also, with recorded access, there should be no doubt about what happened. It’s all recorded in the digital record. At first, some people may reject the idea, but once used, the value of control is quickly demonstrated – it becomes a powerful tool.

The above technical controls are only effective if used correctly and actually used. Without the resources to implement, operate, monitor and manage the defenses, their benefits will not be realized.

If an organization presents an easy target, the likelihood of a breach increases. Therefore, it is vital to ensure that the controls in place are adequate to guide the organization’s staff and trusted third parties at the level necessary for them to operate in a manner that limits risk.

A powerful PAM solution can help

For today’s organizations, outsourcing has become a vital part of running an efficient and innovative business. As companies add new suppliers at an unprecedented rate, it is more important than ever to minimize the risks that third parties add to the business environment.

With a comprehensive third-party risk management strategy, companies can leverage the expertise and cost savings that third parties provide, while protecting themselves from the wide range of risks this modern work environment presents.

As you consider your third-party risk management strategy, a strong privileged access management (PAM) solution can help protect and control third-party access to your critical assets.

senhasegura integrates with leading systems and applications to automate workflows throughout the user lifecycle, enforce policy-based controls, and detect anomalies and unauthorized access attempts.

PAM also allows organizations to set automatic expiration dates to ensure temporary accounts are deactivated, while restricting resource access to vendors who need them.

Request a trial demo now and discover the benefits of senhasegura for your company.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

ESET launches a global search for ‘Heroes of Progress’, looking for the most progressive minds of the 21st century

BRATISLAVA — May 11, 2022 — ESET a global leader in digital security, today announces the launch of a new initiative, ‘Heroes of Progress’ – where it will be searching for visionary thinkers who have contributed to progress across a variety of industries, with technology at the core of the progress made.

Behind all forms of progress, sits a team of brilliant, often maverick, creators that ensure great things happen. ESET is on a mission to find these progressives and shine a light on the unsung heroes that keep the world turning.

Nominations will open on 11th May and close on 26th June 2022, through Heroes of Progress website. The entries, made through a 300-word executive summary, must outline examples of best-in-class work by the nominees that have made an impact through technology. This includes any technology invented, adopted, and improved, which advanced industries, society, or communities. To qualify for the award, nominees must work within at least one of the below fields, be actively involved in the work they are nominated for; and be over the age of 18.

The 15 different categories will include the following industries:

  1. Arts & Creative industries
  2. Business
  3. Digital security
  4. Education
  5. Energy & Sustainability
  6. Financial Services
  7. Food & Agriculture
  8. Healthcare & Life Sciences
  9. Logistics industry
  10. Manufacturing
  11. Research & Development
  12. Science
  13. Sport
  14. Smart Cities, IoT & IT industry
  15. Transport & Travel industries

An expert judging panel, headed up by ESET’s Chief Business Officer, Ignacio Sbampato will review all applications and the list of the unsung agents of change across the world will be launched in September 2022.

Ignacio Sbampato, CBO commented: “If we imagine for a moment what losing the contributions of history’s creative thinkers would mean to today’s technology, it becomes clear why their efforts need to be applauded. That is why ESET places immense importance on the development of science, and the technology, research, and corporate responsibility initiatives that our business pursues with our colleagues, customers, partners, and the communities in which we operate. We are excited to start our search for true Heroes of Progress, so we can celebrate all their amazing achievements across the world and shine a light on the progressive minds helping make our planet a better place.”

All nominations can be submitted on ESET Heroes of Progress website.

To find out more about ESET’s take on progress, please read here.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Keepit Receives Customer Top Rated Award from TrustRadius

Keepit’s continued focus on delivering premium SaaS data protection services results in top ratings from customers

Copenhagen, Denmark  – May 11, 2022 –  Keepit, the market leader in cloud backup and recovery, and the world’s only independent, vendor-neutral cloud dedicated to SaaS data protection with a blockchain-verified solution, today announced that the company has received a Top Rated award from research and review platform TrustRadius.  

The award is based on the rating scores Keepit’s customers give the Keepit product and services. In addition to the scores, customers are able to elaborate on their ratings in detailed comments. The most praised characteristics of Keepit’s services on TrustRadius are: ease of use; the speed and granularity of recovery times; the return on investment and value for money; customer support; and the retention policies.  

‘Buyers have many options when it comes to selecting SaaS Backup Software,’ said Megan Headley, VP of Research at TrustRadius. ‘Keepit earned a Top Rated award based directly on feedback from its customers. Reviewers on TrustRadius highlight Keepit’s easy implementation, worry-free operation, and breadth of functionality.” 

Keeping it simple pays off 

For Keepit, the award is a testament to the value of keeping a dedicated focus on the user experience – not just from a product interface perspective but also from all the services surrounding the product. Particularly, technical support and customer success management have been key areas of continuous improvement and refinement for the company, as well as transparency in the initial sales and onboarding processes. 

With a business strategy dedicated to the customer experience, the award is received with gratitude and pride:  

“For Keepit, this is one of the most valuable categories of awards we can receive,” says Keepit CEO Frederik Schouboe. “Our philosophy has always been to ‘keep it simple’ based on the understanding that a security solution will only work if it is properly implemented and incorporated in the day-to-day operations of an organization.  And that only happens if the solution is intuitive and efficient. An award based on customer praise which keeps repeating simplicity, ease of use, and ease of implementation as valued features is the ultimate stamp of approval for a company like Keepit.” 

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

Looking Into CISA’s Top 15 Routinely Exploited Vulnerabilities

On April 27, the Cybersecurity and Infrastructure Security Agency (CISA), published a joint advisory in collaboration with CSA/NSA/FBI/ACSC and other cybersecurity authorities, providing details on the top 15 vulnerabilities routinely exploited by threat actors in 2021,and other CVEs frequently exploited.

Continue reading