Skip to content

Actiphy Inc. Unveils the Latest Version of ActiveImage Protector’s System and Data Protection Solution, a Proven Countermeasure that Safeguards Backup Files from Ransomware

Tokyo, Japan, Sep 7, 2023 – Actiphy Inc., a prominent provider of backup, disaster recovery, and virtualization software, proudly announces the release of their updated version of “ActiveImage Protector 2022”. This latest release introduces innovative features that substantially reduce backup times while improving backup data security. 

Background

Companies today are constantly threatened by the looming menace of ransomware attacks. This pervasive threat compels them to divert resources to bolster security measures and instills a sense of apprehension and uncertainty. In an actual attack, the consequences are much more severe and include data loss, financial damages, and disrupted business operations.

Implementing efficient disaster recovery and protective countermeasures is paramount, and with a strategic backup strategy (that includes StorageServer), another layer of security is added that protects the backup image files from being compromised by a ransomware attack.

This updated version with the StorageServer option is available in both Windows and Linux.

What’s New in ActiveImage Protector 2022 Update
StorageServer Option

“Actiphy StorageServer” , a newly developed product in the ActiveImage Protector Solution Suite, has adopted an advanced protocol that not only secures data transfer but also safeguards that data in storage.
Additionally, Actiphy’s StorageServer has been engineered to take advantage of cache devices to increase performance during data transfer thereby substantially reducing backup time.
StorageServer in effect, achieves increased data security and provides faster data transfers than the traditional Windows-shared folders or NAS based storage.

– New Tracking Driver with no Reboot Required

Our newly developed tracking driver eliminates the need for a reboot after installation or upgrading, enabling users to install or upgrade ActiveImage Protector with no service interruptions.

QuickRecovery

Use QuickRecovery, a pre-prepared recovery environment to undo recent changes that have caused system instability due to a software or OS update. Select a specific restore point from the backup that was created prior to the current state of the system for an immediate recovery.

Recovery Media Maker

Create bootable recovery media with the backup source machine’s image embedded for an ideal disaster recovery (DR) solution should the backup destination become inaccessible. This feature accommodates various media, including DVD/Blu-ray, USB HDD, and USB Memory. One button click from the booted media will initiate recovery from the embedded image file.

Support for VMware First Class Disk (FCD)

Direct backup and recovery of VMware’s FCD formatted disks.

ActiveImage Protector 2022 is a backup and recovery solution that protects physical and virtual Windows and Linux environments. ActiveImage Protector includes all the tools necessary for enterprise-level deployment and management of backup, recovery, virtualization, standby switch-over, and migration.

All other brands and product names mentioned in this news release are trademarks or registered trademarks of their respective holders.For more information about ActiveImage Protector.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Actiphy
Actiphy founded in 2007, focuses on developing and offering innovative backup and disaster recovery solutions for complete protection of all your systems and data. ActiveImage Protector backs up Windows, Linux machines on physical and virtual environments and restore systems and data fast for you to be up and running with minimal downtime and data loss. Today Actiphy hold 20% of the image backup market in Japan and are expanding our services in the Asia/Pacific and North American regions, as well as in Europe, the Middle East and Africa.

VEGAS Creative Software Launches VEGAS Pro 21 and Partners with Boris FX to Include Mocha Planar Tracking

Introducing AI-Supported Masking and Compositing, Advanced VFX Framework

Madison, Wisconsin – VEGAS Creative Software announced today a major new upgrade to their flagship cloud-enabled software for video/audio editing, compositing and effects. VEGAS Pro 21 provides an improved, streamlined and more accessible content creation experience for the global creator community. The new version introduces a number of advanced features and workflow enhancements that add significant improvements to the VEGAS Pro workflow and creative possibilities for users.

VEGAS Creative Software also announced, in partnership with Boris FX, the release of Mocha VEGAS, a version of the Emmy award-winning motion tracking product specifically designed for VEGAS Pro 21. Launched directly from the VEGAS Pro interface, Mocha VEGAS gives instant access to the same sophisticated planar tracking technology that has made Mocha an industry standard for content creators of all types, including Hollywood pros.

VEGAS Pro 21: Another Leap Forward for the Global Creator Community

VEGAS Pro 21 caters to the needs of today’s content creators with the introduction of a number of new features and capabilities that bring sophisticated video and audio editing tools to users of all skill levels, making them even more accessible with flexible new pricing models.

Key new features introduced in VEGAS Pro 21 include:

  • Mocha VEGAS Planar Tracker: Mocha VEGAS is a custom version of the Mocha planar tracking tool developed by Boris FX that integrates tightly into the VEGAS Pro workflow. Tracking data is readily available to be applied in various ways inside VEGAS Pro, allowing the built-in Motion Tracking or Stabilization tools to achieve truly impressive results.
  • Z-Depth OFX Plug-in and Compositor: The new Z-Depth tool in VEGAS Pro 21 enables artists to achieve advanced compositing results and flexible video effects handling. Powered by AI-based image analysis, it allows for instantly defining a foreground and a background layer, simply based on a variable threshold value -and then treating those layers differently. Creative options range from placing text between some foreground objects and the background of the same image, or giving the background independent effect treatment such as blur or color correction.
  • Smart Masking: Now out of beta, the new Smart Masking plug-in analyzes video frame by frame and, again powered by AI, precisely identifies and tracks moving objects. It automatically generates detailed input for the Bézier Masking plug-in, which can be added to the FX chain with a mask already in place, saving hours of work in advanced compositing tasks. The newly created masks are of course fully adjustable to manually correct for any inaccuracies.
  • Adjustment Events: This new feature enables adding effects to projects in very flexible and creative ways by extending the unique architecture of VEGAS Pro. Creators can add time-based adjustment events to a project and assign any combination of effects to them. Any video events in the timeline connected to the adjustment event will be subject to its effect processing, which can also be dialed in dynamically over time. This can be used to easily bring effects in and out, create sophisticated custom transitions, and much more.
  • Cloud-Based Text to Speech: VEGAS Pro Text to Speech functionality has been further optimized and is now powered by cloud computing and available to all VEGAS Pro subscribers across all of the product variants. Expanded functionality includes scores of additional languages, accents, tones and voices, and the ability to access new voices and features as soon as they are ready, without having to wait for a new update release of VEGAS Pro.
  • New Transitions and Effects: VEGAS Pro 21 comes with a number of impressive new effects for creative editing and compositing: The Offset and Wrap plug-in enables a variety of motion-based sliding, mirroring and wrapping effects, especially useful when paired with Adjustment Events to create exciting transitions. New GL Transition presets include Static Wipe, which adds an organic-looking static edge to the transition line between two clips, and Directional Scale, a very useful tool to transition between clips by moving and scaling them in conjunction with each other.
  • Quick Upload: The Quick Upload function enables uploading files from the computer or other devices to the VEGAS Hub File Drop collections. This allows for easy backups as well as working with your media files more easily across multiple devices, drastically reducing the time necessary to get them to the VEGAS Pro timeline.

The VEGAS Pro Lineup

VEGAS Creative Software caters to the diversity of content creators with a variety of products to meet their specific requirements and budget. The VEGAS Pro mission is to provide them with all the tools they need to realize their ideas from start to finish, without the need to launch third-party apps. VEGAS Pro 21 is available in three options:

VEGAS Pro Edit

Ideally suited for professional content creators, aspiring editors and even novices who want the pure VEGAS Pro editing experience, VEGAS Pro Edit includes:

  • VEGAS Pro 21
  • 20GB of cloud storage (available with subscription plan)
  • Cloud-based Text-to-Speech and Speech-to-Text (newly-available with subscription plan)
  • VEGAS Content: 20 royalty-free HD video / audio clips per month (with subscription plan)

 

VEGAS Pro Suite

Designed for aspiring and professional content creators like filmmakers, social media influencers, YouTubers, and others, VEGAS Pro Suite includes:

  • VEGAS Pro 21- full software
  • SOUND FORGE Audio Studio – complete audio editing solution
  • ACID Music Studio – loop-based music production
  • Mocha VEGAS – motion tracking software
  • Boris FX Primatte Studio – chroma keying software
  • 50GB of cloud storage (available with subscription plan)
  • Cloud-based Text-to-Speech and Speech-to-Text (newly-available with subscription plan)
  • VEGAS Content: 20 royalty-free HD video / audio clips per month (with subscription plan)

 

VEGAS Pro Post

Developed for content creators who require a complete video/audio editing and high-end compositing and RAW image compositing workflow experience, VEGAS Pro Post includes:

  • VEGAS Pro 21
  • VEGAS Effects for high-end compositing
  • VEGAS Image for RAW image compositing
  • SOUND FORGE Pro – professional audio editor
  • ACID Pro – creative loop-based DAW
  • Mocha VEGAS – motion tracking software
  • Boris FX Primatte Studio – chroma keying software
  • 100GB of cloud storage (available with subscription plan)
  • Cloud-based Text-to-Speech and Speech-to-Text (newly-available with subscription plan)
  • VEGAS Content: Unlimited access to royalty-free HD and 4K video and/or audio clip downloads (available with subscription plan)

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About VEGAS
Today, millions of VEGAS Pro and VEGAS Movie Studio users benefit from global industry-leading video editing technologies. Now, VEGAS launches into a new era. In May, 2016, MAGIX acquired the multiple award-winning VEGAS Pro and VEGAS Movie Studio product lines, along with other video and audio products. VEGAS Creative Software stands poised to take video editing to a new level. Our development teams in the US and Germany are working on innovative solutions to old problems, and building tools that push the boundaries of what’s currently possible. The VEGAS Creative Software mission: to make VEGAS software faster, more efficient, and even more intuitive. Our goal: to provide users at all levels–from video editing amateurs to creative professionals–tools that are perfectly suited to their needs and demands.

MAGIX Software GmbH Unveils New Strategy

MAGIX Software GmbH Unveils New Strategy to Democratize Audio and Video Creation, Announces Key Organizational Changes and Appoints Jeffrey Krebs as Chief Product Officer. 


05/10/23
MAGIX Software GmbH, a leading provider of audio and video software solutions, announces their new strategy and vision: Democratize audio and video creation by enabling content creators and knowledge workers with intuitive, assisted and collaborative workflows. The company aims to streamline the creative process as a whole, allowing users of any skill level to focus on creativity and produce better and faster results.Executing on this new strategy, MAGIX consolidates its product portfolio and reorganizes the company with immediate effect. Shifting from a product-based towards a capability-based organization enables a culture of efficiency, innovation and collaboration, with the goal of bringing cutting-edge solutions to the market faster. This will maximize cross-product synergies and focus investments on delivering maximum value to users of Vegas, Sequoia/Samplitude, Music Maker and MAGIX content.

Key Organizational Changes with Jeffrey Krebs as Chief Product Officer

To spearhead this shift in product strategy, MAGIX is pleased to announce the appointment of Jeffrey Krebs as Chief Product Officer (CPO) across all products, with the product leadership team reporting directly to him. Jeffrey brings a wealth of experience in the technology industry, having held leadership roles at several global tech companies, including Avid Technology, Eyeon Software, and Blackbird. Throughout his career, he has been instrumental in driving product innovation, growth, and customer success.

Jeffrey comments on his new role, “I am thrilled to be joining MAGIX and working with the development teams on its world-class video editing environment, Vegas Pro, and professional audio editing and mastering solution, Sequoia/Samplitude and the #1 downloaded DAW Music Maker. The company’s dedication to innovation and customer-centric approach aligns with my vision for the future of digital content. I am eager to contribute to the mission of democratizing audio and video creation, and I look forward to delivering cutting-edge solutions that empower creative minds around the world.”

“We are excited to welcome Jeffrey to the MAGIX family and are confident that his leadership and vision will help us deliver on our ambitious goals.” says Denis Burger, CEO of MAGIX Software GmbH.

“Our new strategy and vision will empower all users to unlock their full creative potential and to achieve high quality audio and video editing fast and easily. With Jeffrey’s guidance, we look forward to accelerating our product innovation and driving customer success across the globe.”

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About VEGAS
Today, millions of VEGAS Pro and VEGAS Movie Studio users benefit from global industry-leading video editing technologies. Now, VEGAS launches into a new era. In May, 2016, MAGIX acquired the multiple award-winning VEGAS Pro and VEGAS Movie Studio product lines, along with other video and audio products. VEGAS Creative Software stands poised to take video editing to a new level. Our development teams in the US and Germany are working on innovative solutions to old problems, and building tools that push the boundaries of what’s currently possible. The VEGAS Creative Software mission: to make VEGAS software faster, more efficient, and even more intuitive. Our goal: to provide users at all levels–from video editing amateurs to creative professionals–tools that are perfectly suited to their needs and demands.

Claude Morings Jr, Global Product Support Manager

It’s been an exciting month for us here at CloudM as we get set to officially launch our US subsidiary, CloudM Inc. With over 10 years of experience in the US market already, this natural evolution promises to deliver an even better customer experience for our amazing North American customers.

What better time to celebrate the staff that have supported our US market and made this next step possible. And, who better to speak to than US employee no.1 – Claude Morings Jr.

Hi Claude – Tell us a little bit about yourself?

Hey! I’m the Global Product Support Manager here at CloudM. I joined 4 years ago (this month to be exact) as CloudM’s very first US employee.

 

Wow! And now we have 13 US based employees and growing, with a US subsidiary being established. You must’ve seen some changes in the past 4 years

Absolutely. Personally, I’ve been able to grow the Support Team out from a solely UK based operation to a truly global department, with dedicated, knowledgeable staff located around the globe (including APAC), delivering true 24 / 7 support.

None of this was in place, and to have that set on my shoulders as a deliverable when accepting the role was a lot of pressure. But, it has created the amazing support team we have now, which I’m extremely proud of.

In the US, helping the business get the right people in place and seeing the business grow to generate the revenue to get here, establishing CloudM Inc., has been so rewarding. In the last year alone, the number of US based employees has skyrocketed and it’s only set to continue. That can only be good for our customers.

So, what do you enjoy about working at CloudM?

Firstly, my team. My favorite parts of the week are when someone within the team achieves a goal, receives good feedback, or puts a process in place that benefits them and their colleagues. I was given the opportunity to build the team and put people in those positions to showcase their talents so it feels like validation.

I really like how we make remote working work, even across multiple time zones and regions. It’s great to feel like one team with colleagues across APAC, Europe and North America (from sea to shining sea).

Saying that, getting the opportunity to meet up in person is amazing. I’m from a small town in North Carolina, and while I have traveled across the world during my 12 years in the Army, my family is amazed when I tell them I’m visiting the head office based in the UK or that I get to go to Spain for a company kickoff meeting.

What is your favorite CloudM value?

My favorite value is to appreciate others. I can crack on, try new things, and get involved, but showing others that they’re appreciated (and feeling appreciated) makes the other values easier to achieve.

Any advice for someone looking to join the CloudM team?

It will be challenging, but we will have fun and you will feel supported. At CloudM, you will only fail if you choose to. The team here is pretty good at circling the wagons around someone who needs extra assistance, sharing their own experiences and knowledge.

It’s a great time to get involved. The CloudM team, globally and in the US, is growing and there are so many opportunities for personal and career growth. If you are hard working, eager to learn and challenge yourself, CloudM is a great place to work.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About CloudM
CloudM is an award-winning SaaS company whose humble beginnings in Manchester have grown into a global business in just a few short years.

Our team of tech-driven innovators have designed a SaaS data management platform for you to get the most from your digital workspace. Whether it’s Microsoft 365, Google Workspace or other SaaS applications, CloudM drives your business through a simple, easy-to-use interface, helping you to work smarter, not harder.

By automating time-consuming tasks like IT admin, onboarding & offboarding, archiving and migrations, the CloudM platform takes care of the day-to-day, allowing you to focus on the big picture.

With over 35,000 customers including the likes of Spotify, Netflix and Uber, our all-in-one platform is putting office life on auto-pilot, saving you time, stress and money.

Utah Passes Law Requiring Parental Consent for Minors on Social Media: How DNS Filtering Can Help Protect Children Online

Utah has passed a new law that requires parental consent for minors to use social media. The law aims to protect children from potential harm and social media addiction, but critics argue it could be difficult to enforce and limit free speech. The law will take effect in March 2024 and could set a precedent for other states.

Under the new law, social media companies must obtain consent from parents or legal guardians of minors before collecting, storing, or using their personal information. The law also requires social media platforms to provide an option for parents to access and delete any information their children have shared on the platform.

Parental controls with DNS filtering are a type of internet filter that parents can use to limit their children’s access to certain websites and online content. This type of filter works by using a DNS (Domain Name System) server to redirect requests for specific websites or types of content to a block page or a filtered version of the website.

DNS filtering can be a useful tool for parents who want to protect their children from online threats such as inappropriate content, cyberbullying, and phishing attacks. It can also be helpful in managing screen time and limiting access to specific websites or online activities during certain times of the day.

Some parental control solutions that use DNS filtering also offer additional features such as content categorization, which can automatically block access to websites in certain categories such as gambling, drugs, or adult content. These solutions can also allow parents to create individual profiles for each child and set customized filtering rules based on their age and maturity level.

Overall, parental controls with DNS filtering can be an effective way for parents to protect their children from online dangers and promote safe and responsible internet use.

To ensure compliance with the new law and provide the first layer of protection for children online, start your free trial here.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

Important update for our clients

On February 19, 2023, we will be updating our blockpage certificate.
This certificate is not a necessary part of the filter and is used to display blockpage for HTTPS webpages. HTTP webpages are not affected.

Don’t worry, the filtering will continue to work without the new certificate.

You need to install a new version if:
1. You have manually installed the certificate before.
2. You are using SafeDNS Agent and want blockpage to be displayed on HTTPS webpages.

Here is a step-by-step guide on how to download and install the certificate.

Direct link to the certificate file.

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

ChatGPT Storms Onto the Cybersecurity Scene

Anyone perusing this site has probably also read more than a few articles about ChatGPT, the latest “AI writer” that can turn user prompts into text that faithfully mimics human writing. I would venture to guess many readers here have even tried the tool for themselves (it’s free to experiment with if you haven’t). Chat GPT has dominated the conversation in tech over the last few weeks. It has been hard to escape, frankly.

Among the countless think pieces written about whether ChatGPT will spell the death of the college essay or usher in the end of creativity and critical thinking as we know them have been plenty of articles focused on cybersecurity specifically. Now that AI can instantaneously produce endless amounts of writing for almost any purpose, there are serious implications, both good and bad, for the future of digital defense.

Of course, the bad would seem to seriously outweigh the good (more on that soon). But amidst all the doom and gloom thrown at ChatGPT, it’s important to also acknowledge how this technology could be an asset to developers, security teams, or end users. Let’s look at it from three angles.

The Good

Cybersecurity suffers from a serious information deficiency. New attacks, techniques, and targets appear all the time, requiring the broad security community to keep constantly updated. On the other hand, average users need better information about cyber safety best practices, especially considering that years of consistent training and warnings haven’t cured deep-seated problems like password recycling. In both of these cases and others, I can see ChatGPT or a similar tool being extremely helpful for quickly yet effectively encapsulating information.

Of course, documenting cybersecurity hasn’t exactly been its biggest problem, and I question how much an AI writer can actually do to prevent or lessen attacks. Nonetheless, knowledge is power in cybersecurity but the scale of the issue stands in the way, so I can see automated writers playing a role in a host of different security tools, defensive techniques, and training strategies. They can (and arguably must) be a force for good.

The Bad

Almost the minute ChatGPT went live, the naysayers and doomsday prognosticators started to come out of the woodwork. Which is neither surprising nor troubling. ChatGPT is just the latest example of how artificial intelligence will transform the world in ways that we can’t predict, will struggle to control, and in some cases would never want.

Cybersecurity is a prime example. ChatGPT can generate passable (if not perfect) code just as it can prose. This could be a boon for developers of all kinds – including those that develop malware and other attacks. What’s to stop a hacker from using ChatGPT to expedite development and iterate endlessly, flooding the landscape with new threats? Similarly, why write your own phishing emails when ChatGPT, trained on countless past phishing emails, can generate thousands of them in seconds?

Automated writers lower the barrier to entering cybercrime while helping established criminals and gangs scale their efforts. More alarming, new technology always has unexpected, often unintended consequences, meaning that ChatGPT is sure to surprise us with how it gets weaponized, which is to say that the worst is yet to come.

The Ugly

To emphasize my previous point, let me outline a scenario I haven’t yet seen addressed in the ChatGPT conversation. Business email compromise (BEC) attacks are where hackers personalize phishing emails, texts, or other communications with personal information to make them seem like they are coming from the recipient’s boss, close colleague, or another trusted source. They also contain careful social engineering to inspire the recipient to act without considering risk or applying good judgment. They are basically phishing attacks carefully calibrated to succeed. Back in June, Wired wrote that they were “poised to eclipse ransomware” because they have proven so lucrative and also so resistant to security measures.

The saving grace was that BEC messages took time. Someone had to first do research on the targets and then turn that into fine-tuned copy. Therefore, they were hard to scale and difficult to get just right (many of these attacks still failed). There was a difficult if not definitive upper limit.

From my perspective, ChatGPT obliterates that obstacle. Imagine if an attacker trained automation to comb LinkedIn for data about people’s professional relationships, then fed that data into ChatGPT to create convincing BEC emails customized for hundreds or thousands of different recipients. If we can automate both the research and the writing parts, and do both on not just a massive scale but with uncanny precision, hackers can scale BEC campaigns to any size.

And then what? Will every email seem suspect? The cloud of doubt hanging over the authenticity of any piece of information or string of communication (did this come from someone real?) may prove as much or more disruptive than the attacks themselves. I’m just speculating. These doomsday scenarios, like so many others, may never materialize…Or BEC attacks could prove to be the least of our concerns.

That puts it on us – probably most people reading this site – to somehow ensure the good outweighs the rest.

 

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About vRx
vRx is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.

Why OT Research Is Controversial – But Necessary

I want to discuss a subject that doesn’t get enough attention in the world of OT/ICS cyber security considering how fundamental it is, and also sparks a surprising amount of controversy. The topic is the importance of conducting ongoing research into OT endpoint device vulnerabilities, particularly for legacy devices.

It should be a unanimous opinion that this research is important. The more we know about vulnerabilities and the more CVEs we generate, the better for everyone involved. However, I frequently encounter industry analysts and self-styled experts that repeatedly question the need and validity of research in the OT sector. Their argument is that legacy equipment is guaranteed to have vulnerabilities, that it is flawed by design and therefore advanced endpoint research is unnecessary. I find this argument ironic because these same experts are often involved in creating products that help detect and manage the vulnerabilities found by researchers. They state publicly that there is no point in doing research and then in the same breath talk about how their product can help mitigate the problems.

Continue reading

Why do you need both IDS and IPS, or maybe the NGFW too?

I would like to straighten the defense of the web application by talking about Intrusion Detection and Prevention Systems (IDS and IPS) as the third member of this security trio defense: WAF, RASP, and IDPS. In the previous articles, I talked about security defense technology Runtime Application Self-Protection (RASP) and Web Application Firewall (WAF).

What are IDS and IPS?

Intrusion Detection Systems and Intrusion Prevention Systems are used to detect intrusions and, if the intrusion is detected, to protect from it.

First, I will focus on explaining the differences between the WAF, RASP, and IDPS.

What is the difference between WAF, RASP, and IDPS?

I have already explained in previous articles the difference between WAF and RASP. Still, I will introduce IDPS and show you exactly why a combination of this trio is the best security choice.

Summary: IDPS is used to detect intrusions and protect from them. WAF will detect and block attacks based on rules, patterns, algorithms, etc. RASP detects the application runtime behavior using algorithms.

Why is it best to use both IDS and IPS?

To better understand why it is important to use both systems, we need to know what each of them does and doesn’t do and how combining them gives more effective protection. Each of those systems has its own types, which will be explained below.

Location and Range

These two types of security systems operate in different locations and have different ranges.

Facts:

·   IDS works across the enterprise network in real-time by monitoring and analyzing network traffic.

·   IPS works in the same network location as a firewall by intercepting network traffic.

·   IPS can use IDS to expand the range of monitoring.

By knowing this and using both IDPS, you can cover more range.

Host-based IDS and IPS

There are a few types of IDS and IPS. I will mention them so you can know which one targets what, but there is plenty of online documentation for more information.

Host-based IDS (HIDS) is used for protecting individual devices. It is deployed at the endpoint level. It checks network traffic in and out of a device, and it can examine logs and running processes. HIDS protects only the host machine. It does not scan complete network data. Similar to this type, IPS has its own Host-based IPS (HIPS). HIPS is deployed on clients/servers, and it monitors the device level as well.

Network-based IDS and IPS

Network-based IDS (NIDS) works on monitoring the entire network. It looks out at every network device and analyzes all the traffic to and from those devices. On the other side, IPS has its own type, called Network-based IPS (NIPS), deployed within the network infrastructure. It monitors the complete network and, if needed, tries to protect it.

**NIDS and NIPS are very important to network forensics and incident response because they compare incoming traffic to malicious signatures and differentiate good traffic from suspicious traffic.

Wireless IPS

IPS also has Wireless IPS (WIPS) type that monitors radio waves (wireless LAN) for unauthorized access points, which you can use to automate wireless network scanning. Techtarget site provided ways of using WIPS in enterprise in this article. Check it out!

Protocol-based intrusion detection systems (PIDS) and Application protocol-based intrusion detection systems (APIDS)

Both protocol-based systems are the type of IDS. They both monitor traffic to and from devices. The only difference is that PIDS monitors one server and APIDS group of servers.

Network behavioral analysis (NBA)

Network behavioral analysis (NBA) is the type of IPS that looks for unexpected behavior within patterns of a network itself.

IDS and IPS modes

IDS is generally set to work in inline mode. As for IPS, it is set to work in the network behind the firewall. It can operate in both modes: as an end host or in inline mode.

Most used IDS/IPS tools in 2022

According to softwaretestinghelp.com, the list of most used IDS tools is this:

·   SolarWinds Security Event Manager

·   Bro

·   OSSEC

·   Snort

·   Suricata

·   Security Onion

·   Open WIPS-NG

·   Sagan

·   McAfee Network Security Platform

·   Palo Alto Networks

For more info regarding pricing, pros, cons and features of these tools checkout the softwaretestinghelp site.

Also, spiceworks.com provided the list of the most used IDPS tools:

·   AirMagnet Enterprise

·   Amazon Web Services (AWS) GuardDuty

·   Azure Firewall Premium IDPS

·   Blumira

·   Cisco Secure IPS (NGIPS)

·   Darktrace Enterprise Immune System

·   IBM Intrusion Detection and Prevention System (IDPS) Management

·   Meraki MX Advanced Security Edition

·   NSFocus Next-Generation Intrusion Prevention System

·   Snort

For more info regarding pricing, pros, cons and features of these tools check out the spiceworks site. This research will also help you choose the right IDPS solution based on these tools’ features.

What is Next-Generation Firewall (NGFW) or Unified Threat Management (UTM)?

There is a modern type of technology that combines IDS and IPS with firewalls called Next-Generation Firewall (NGFW) or Unified Threat Management (UTM).

NGFW includes:

·   Standard firewall features (packet filtering, stateful inspection, and VPN awareness)

·   Integrated Intrusion Prevention (IPS)

·   Application awareness of threats

·   Detect and block risky apps

·   Threat intelligence

·   Upgrading security features (such as future information feeds)

·   New techniques that help to address new security threats

Researchers for nomios site have gathered information and made a list of the top 5 vendors for NGFW in 2022. Also, they gave suggestions on what you should look for when choosing the right NGFW tool. Check it out!

Conclusion

You should combine IDS and IPS because of three things: response, protection, and impact. If you decide to use IDS, the testing will stop at the detection phase but using IPS based on settings and policy testing will also include the prevention. Because IPS reacts immediately, it gives a certain layer of protection aside from detecting malicious activity. However, there are false positives possible using IPS that will end up shutting your network.

Organizations often set up Integration Detection Systems to handle the logs and notifications/alerts, routers, firewalls, and servers to fight threats.

A better solution would be using a combination of IDPS and setting it up when planning security. In the future, when the organization grows and needs better protection, it will be possible to use IDS/IPS solutions for additional networks, servers, or devices.

Also, depending on the organization’s security needs and cost restrictions, NGFW can be a good choice too!

Cover photo by krakenimages

#IPS #IDS #IDPS #NGFW

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About vRx
vRx is a consolidated vulnerability management platform that protects assets in real time. Its rich, integrated features efficiently pinpoint and remediate the largest risks to your cyber infrastructure. Resolve the most pressing threats with efficient automation features and precise contextual analysis.

CISA BOD 23-01: Why vulnerability scanners miss the mark on asset inventory

On October 3, 2022, the Cybersecurity and Infrastructure Security Agency (CISA) issued Binding Operational Directive (BOD) 23-01: Improving Asset Visibility and Vulnerability Detection on Federal Networks. The directive requires that federal civilian executive branch (FCEB) departments and agencies perform automated discovery every 7 days and identify and report potential vulnerabilities every 14 days. Additionally, it requires the ability to initiate on-demand asset discovery to identify specific assets or subsets of vulnerabilities within 72 hours of receiving a request from CISA.

To meet these requirements, agencies will need to start with an accurate asset inventory. Most agencies will attempt to leverage existing solutions, like their vulnerability scanners, to build their asset inventories. It seems reasonable to do so, since most vulnerability scanners have built-in discovery capabilities and can build asset inventories. However, they will quickly learn that vulnerability scanners are not up for the task and cannot help them sufficiently and effectively meet the requirements laid out by CISA.

Let’s take a look at why agencies need a solution solely focused on asset inventory, in addition to their vulnerability scanner, if they want to tackle CISA BOD 23-01.

Asset inventory is a foundational building block

Every effective security and IT program starts with a solid asset inventory. CISA BOD 23-01 reinforces that imperative. Specifically, it states, “Asset discovery is a building block of operational visibility, and it is defined as an activity through which an organization identifies what network addressable IP-assets reside on their networks and identifies the associated IP addresses (hosts). Asset discovery is non-intrusive and usually does not require special logical access privileges.”

What does this mean? FCEB agencies looking to meet the requirements outlined by CISA BOD 23-01 must be able to discover managed and unmanaged devices connected to their networks. Internal and external internet-facing assets must be cataloged with full details and context. All within the timeframe outlined by CISA.

So now, the question is why vulnerability scanners can’t be used to meet the requirements laid out in the directive.

The challenges of asset inventory with vulnerability scanners

As the number of devices connecting to networks continues to grow exponentially, agencies need to stay on top of these devices; otherwise, they could provide potential footholds for attackers to exploit. However, common issues like shadow IT, rogue access, and oversight continue to make it difficult to keep up with unmanaged devices. BOD 23-01 highlights the importance of identifying unmanaged assets on the network. That’s why the need for a fully comprehensive asset inventory is the key to adequately addressing the directive.

So, why can’t vulnerability scanners deliver on asset inventory? Most vulnerability scanners combine discovery and assessment together, resulting in slower discovery times, delayed response to vulnerabilities, and limited asset details. As a result, most agencies are left wondering how they can do a better job building their asset inventories.

Combining discovery and assessment slows everything down

Vulnerability scanners typically combine asset discovery and assessment into one step. While on the surface, this appears to be efficient, it is actually quite the opposite. In regards to asset discovery, CISA BOD 23-01 specifically requires that FCEB agencies perform automated discovery every 7 days and identify and initiate on-demand discovery to identify specific assets or subsets of vulnerabilities within 72 hours of receiving a request from CISA.

Because vulnerability scanners leverage a lot of time-consuming checks, they’re not able to scan networks quickly enough. Add in the complexity of highly-segmented networks and maintenance windows, and it is nearly impossible to effectively utilize vulnerability scanners for discovery and meet the timing requirements outlined by CISA.

Under the new directive, assessing the potential impact of vulnerabilities becomes even more urgent. Agencies will need to perform on-demand discovery of assets that could be potentially impacted within 72 hours, if requested by CISA. When security news breaks, agencies need to respond as quickly as possible, but vulnerability scanners slow down the process. In a scenario like this, it would be more efficient to have a current asset inventory that agencies can search–without rescanning the network. This is particularly useful if agencies know there are specific assets they need to track down, they can query their existing asset inventory to identify them immediately.

For example, let’s say a new vulnerability is disclosed. Vendors will need some time to develop the vuln checks, and agencies will need to wait for the vuln checks to become available. Once they’ve been published, agencies can finally start rescanning their networks. Imagine waiting for the vuln check to be released, and then delaying the rescan due to scan windows. Without immediate insight into the potential impact of a vulnerability, agencies are playing the waiting game, instead of proactively being able to assess the risk.

How agencies can speed up discovery

So, what can agencies do? Let vulnerability scanners do what they do best: identify and report on vulnerabilities. Complement them with a dedicated solution that can automate and perform the discovery of assets within the timeframe set by the directive. In order to accomplish this, the asset inventory solution must be able to quickly and safely scan networks without a ton of overhead, be easy to deploy, and help security teams get ahead of new vulnerabilities.

Agencies need to have access to their full asset inventory, on-demand, so they can quickly zero in on any asset based on specific attributes. This information is invaluable for tracking down assets and investigating them, particularly when new zero-day vulnerabilities are uncovered. When the new zero-day is announced, agencies can find affected systems by searching across an existing asset inventory–without rescanning the network.

Meet CISA BOD 23-01 requirements with a dedicated asset inventory solution

It is increasingly evident that decoupling discovery and assessment is the most effective way to ensure that agencies have the data needed to accelerate vulnerability response and meet the requirements outlined in the directive. Because let’s face it: vulnerability scanners are really good at vulnerability enumeration–that’s what they’re designed to do. However, they really miss the mark when it comes to discovering assets and building comprehensive asset inventories. Because vulnerability scanners combine discovery and assessment, they aren’t able to scan entire networks quickly, and at times, they don’t fingerprint devices accurately.

As a result, many agencies are wondering how to meet the requirements outlined in CISA BOD 23-01 if they can’t depend on their vulnerability scanner for discovery. Agencies will need to start looking for a standalone asset inventory solution that is capable of performing unauthenticated, active discovery, while also enriching data from existing vulnerability management solutions.

How runZero can help agencies focus on asset discovery

runZero separates the discovery process from the vulnerability assessment stage, allowing agencies to perform discovery on-demand. Because runZero only performs discovery, it can deliver the data about assets and networks much faster than a vulnerability scanner. Customers have found that runZero performs scans about 10x faster than their vulnerability scanner, allowing them to:

  • Get a more immediate day one response to new vulnerabilities.
  • Gather as much information as possible about assets while waiting for vulnerability scan results.

That means, while waiting for vulnerability assessments to complete, agencies can already start digging into their asset inventory and identifying assets that may be impacted by a vulnerability. runZero regularly adds canned queries for assets impacted by newly disclosed vulnerabilities and highlights them via Rapid Response. Users can take advantage of these canned queries to instantly identify existing assets in the inventory that match specific identifiable attributes. For example, querying by hardware and device type can narrow down assets to a specific subset that may be affected by a vulnerability. All of the canned queries can be found in the Queries Library.

All in all, runZero is the only asset inventory solution that can truly help FCEB agencies stay on top of their ever-changing networks. By decoupling asset discovery from vulnerability assessment, agencies will gain visibility and efficiencies, while meeting the requirements set by CISA BOD 23-01.Learn more about runZero

About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.