Skip to content

10 Strategies for Boosting Your Wireless Network Security

The ever-evolving landscape of cyber threats poses a significant challenge to network administrators. One area of focus that requires continuous monitoring and upgrades is wireless network security. Here are ten effective strategies that you can employ to fortify your organization’s wireless network against potential cyber threats.

1. Update Your Network Infrastructure

Here’s the thing, cybercriminals are opportunists. If they spot a weakness in your wireless network, they won’t hesitate to take advantage. So, let’s get ahead of them. The first order of business? Updating your network infrastructure. Yes, that means all the hardware – routers, switches, the works. But don’t stop there. It’s not just the physical gear that needs to be current; we also need to look at the software and firmware. By staying on top of updates, you’re patching up any potential security gaps that could give hackers an open invitation. Remember, in the game of cyber security, the offense is the best defense. So, don’t just play catch up. Keep your wireless network security in tip-top shape with frequent updates and you’ll be giving those pesky cyber invaders a run for their money.

2. Implement Strong Encryption

Alright, let’s talk about encryption. Think of it as the secret language of your network. Only the devices on your network can understand this language, making it nearly impossible for any eavesdroppers to make sense of your data. Now, you might be wondering, what’s the best secret language to use? Enter WPA3, one of the strongest encryption standards out there. It’s the code-cracking, cyber-secure ninja you need on your team. But remember, even the best encryption can be busted with a weak password. So, let’s not make it easy for the bad guys, okay? Avoid obvious passwords like ‘password123’ or your birth date. Go for something complex and unique. Maybe throw in some symbols, uppercase letters, or even a fun, random word. The point is, don’t be predictable. And one more thing, change these passwords regularly. It’s like changing the locks on your doors, keeping intruders on their toes. So, get cracking on that encryption and secure password and let’s keep those cybercriminals guessing.

3. Deploy Firewall and Anti-malware Protection

Ever heard of a medieval castle with no walls? Of course not. Those walls were the first line of defense against intruders, just like a firewall is for your network. This silent warrior stands between your network and the world of cyber threats, turning away suspicious traffic and giving a big fat “access denied” to malicious invaders. But we’re not stopping there. Let’s bring in some anti-malware protection. Think of it as your network’s personal bodyguard, scanning for any sketchy software that managed to slip past your firewall. Catching these bad guys before they can do any real damage is the name of the game. Of course, both your firewall and anti-malware software need to stay sharp to keep up with the latest threats. That means regular updates are a must. Consider them like training sessions, keeping your defenses ready for whatever comes their way. So, keep your guard up and your software up-to-date to make sure your network stays as impenetrable as a fortress.

4. Secure Your IoT Devices

Look around you, how many devices are connected to your network right now? Your office printer, the smart fridge in the break room, even the temperature control system – all these are IoT devices. The problem is, each of these devices is like a new door into your network, potentially inviting cyber baddies for a stroll through your data. Doesn’t sound too fun, does it? But don’t sweat, here’s what we can do. First, let’s ditch those default passwords. They’re like a welcome mat for hackers. Choose a strong, unique password for each device. And don’t forget to keep their software updated. It’s like giving these devices their own personal body armor against cyber attacks. Lastly, if there’s any device you’re not using, disconnect it. No point leaving an unused door open, right? With these steps, you’re not just connecting devices to your network, you’re making sure they’re secure. Let’s turn those potential entry points into dead ends for any would-be intruders.

5. Establish a Virtual Private Network (VPN)

Let’s talk about VPNs, or Virtual Private Networks. Picture this: You’re in a crowded coffee shop, and you’re trying to send a top-secret message to a colleague. You wouldn’t just shout it across the room, right? You’d want to pass a secure note. That’s basically what a VPN does. It creates a secure tunnel for your data to travel through, keeping it safe and confidential. This is super useful, especially if you have folks in your team who log in remotely. It’s like giving them a secret passageway into your network, away from prying eyes. So, start implementing a VPN, and let’s keep that data undercover, because in this coffee shop we call the internet, there are way too many eavesdroppers.

6. Implement Two-Factor Authentication (2FA)

Alright, next up on our security strategy hit list is two-factor authentication, or 2FA. Imagine your network is a high-tech vault. Would you secure it with just one lock? Probably not. You’d want a couple of layers of security in place. That’s what 2FA is all about. It’s a double-check, a second confirmation that it’s really you trying to access your network. Maybe it’s a code sent to your phone, or it could be your fingerprint. It’s like a secret handshake for your network. Not only does it make unauthorized access a whole lot harder, but it also alerts you if someone’s trying to break in. After all, if you get a text with a 2FA code and you’re not trying to log in, that’s a clear red flag that something’s fishy. So, roll out that 2FA. It’s a simple move that can make a big difference in keeping your network secure.

7. Regularly Monitor and Audit Your Network

Okay, let’s liken your network to a bustling city. You wouldn’t just rely on fences and locks to keep it safe, right? You’d need a dedicated team watching over it, spotting anything out of the ordinary. That’s where regular monitoring and auditing come in. It’s like your network’s own surveillance team, keeping a watchful eye on every byte and packet. Maybe there’s an unexpected surge in network traffic in the middle of the night, or a device that you don’t recognize tries to connect. These could be signs of an attempted break-in. Automated monitoring tools can raise the alarm, alerting you to these unusual activities. Just like a CCTV system can catch a prowler, regular network audits can pick up on any sneaky attempts to bypass your security measures. Remember, in this city we call your network, we don’t wait for the bad guys to strike. We stay vigilant, ready to spot any suspicious activities. So, get those network audits rolling, and let’s keep our city safe, secure, and bustling with legitimate activity.

8. Enact Network Access Control

Okay, let’s envision your network like an exclusive club. Now, not just anyone should be able to stroll in, right? You need a bouncer, someone to check IDs at the door. That’s where Network Access Control (NAC) comes into play. NAC is the no-nonsense bouncer of your network, deciding who gets the VIP pass and who gets the boot. By setting some ground rules, or policies as we like to call them, you get to decide who, what, and when someone or something can access your network. Maybe you want to limit access during certain hours, or maybe you only want certain devices on the guest list. Whatever your rules, NAC makes sure they’re enforced, giving you granular control over your network’s guest list. And the best part? No awkward confrontations at the door. So, start setting up those policies and let your NAC system do the heavy lifting. Because in this exclusive club we call your network, only the right guests get the invite.

9. Conduct Regular Security Training

Alright, picture this. You’ve got the most advanced, foolproof security system installed in your home. But, one day, you leave the front door wide open. All those high-tech gadgets are useless if we forget the basics, right? The same goes for your network security. We can have all the encryption, firewalls, and VPNs in the world, but if your team doesn’t understand why they’re important or how to use them, we’re basically leaving the front door open to cyber threats. That’s why regular security training for your staff is absolutely crucial. We’re talking about helping them spot phishing scams, showing them why ‘password123’ is a bad idea, and reminding them about the perils of unsecured WiFi networks. Let’s make them our allies in this cyber battle. And remember, the threats keep evolving, so our training needs to evolve too. Let’s make security training a regular feature on everyone’s calendar. This way, we’re not just building stronger defenses around our network, but also nurturing a security-first mindset in our team. Because in the war against cyber threats, every single one of us is on the frontline.

10. Keep Up-to-Date with the Latest Threats

So, we’ve got this cyber realm, right? It’s a bit like the Wild West – always changing, always throwing new challenges our way. Just when we think we’ve got it figured out, a new cyber villain rides into town. But here’s the good news: you’re not alone in this showdown. There’s a whole community of cyber sheriffs out there, always on the lookout for the latest threats and trends. These folks live and breathe cybersecurity, and they’re always sharing their knowledge. So, why not tap into that? Get on those industry newsletters, join some professional forums, maybe even sit down with a cybersecurity expert now and then. It’s like forming your own posse of security gurus, always ready to give you the latest intel. By staying informed, you’re always a step ahead, ready to adapt your defenses to whatever new challenge comes your way. Remember, in this cyber Wild West, knowledge is your most powerful weapon. So, keep learning, keep adapting, and let’s keep our wireless network as secure as Fort Knox.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

Creating a perfect storm using social engineering: a talk with Christopher Hadnagy

In the rapidly evolving landscape of cybersecurity, understanding the intricacies of social engineering is crucial.

Christopher Hadnagy, a renowned expert in the field, sheds light on the complexities and nuances of social engineering in an enlightening interview. His insights dive deep into the psychological roots of cyber-attacks, offering a unique perspective on how cybercriminals exploit emotions and trust.

This article breaks down key insights from the interview, giving valuable knowledge to professionals and the general public. It serves as a guide to comprehend the current state of cyber threats and prepares us for the emerging challenges in the digital world.

The interview’s highlights

  • Expert vulnerability to attacks. No one is immune, as Hadnagy’s personal encounter with a phishing scam proves the universal vulnerability to cyber-attacks.

  • Social engineering tactics. Primary social engineering methods evolve with the advent of new technologies and methods like QR code phishing and online chat scams.

  • Emotional exploitation in decision-making. ‘Amygdala hijacking,’ where intense emotions can overshadow logical thought, is a technique to elicit quick, emotion-driven decisions from victims.

  • Manipulating trust through oxytocin. It’s difficult to protect against the manipulation of trust, as oxytocin, a natural facilitator of human bonding, can be exploited by malicious actors.

  • Nonverbal cues and deception detection. To dispel nonverbal cues of deception, focus on the mismatch between words and body language and trust one’s intuition.

  • Industry-specific vulnerabilities. Heightened susceptibility of certain sectors like healthcare, banking, and utilities to social engineering, with specific challenges faced in effectively training staff in these areas.

  • Future trends and AI in cyber-attacks. AI in cyber-attacks will get more sophisticated, making it necessary for advanced defensive strategies.

Key insight #1: social engineering is getting at you at the right time and context, not an intelligence issue.

NordLayer: How can even experts in social engineering become victims of cyber-attacks?

Christopher Hadnagy: Despite being an expert, the story of falling victim to a phishing attack stresses the human element in cybersecurity.

Social engineering targets our emotional responses, not our intelligence or lack of it. If an attacker aligns their approach with something personal and emotionally significant—and times it perfectly—anyone can fall victim.

Quote 1My experience with the Amazon phishing attack is a classic example. I’ve placed an order on Amazon and was about to rush through the door for the airport with luggage in my hands. This was the time when the phishing email dropped into my inbox, saying something went wrong with the payment card.

The combination of being rushed, emotionally charged, and the contextually relevant pretext made me susceptible at that moment.

Key insight #2: phishing attacks are the most common reason behind breaches, and they evolve constantly.

NordLayer: What are the most common social engineering tricks used to gain access?

Christopher Hadnagy: The landscape of social engineering is diverse and continually evolving.

The primary categories include phishing emails. Everyone’s heard about them, but they are still the number one threat when it comes to breaches.

Then there’s voice phishing (vishing) and SMS phishing (smishing). Smishing became prolific after major telecommunications providers in the U.S. were breached, and all phone numbers were out there. Hence, I receive 10-12 weird text messages every day.

Impersonation is becoming a growing problem as there are two different attack types. One can be someone coming into your business as your employee or colleague. Another one is social media impersonation, also known as catphishing. We see many people making fake LinkedIn accounts and believing there’s someone they’re not.

Technological advancements have emerged in new methods like QR code phishing (wishing) and online chat phishing, especially prominent in the support chats category.

These attacks exploit the increasing amount of personal information available due to data breaches, creating more opportunities for targeted and convincing scams.

Key insight #3: a blackout of logical thinking for one minute can result in thousands of dollars lost.

NordLayer: Could you explain how threat actors use the science behind emotions like fear or urgency?

Christopher Hadnagy: Dr. Daniel Goldman coined the concept of ‘amygdala hijacking,’ where intense emotional responses overshadow our logical thinking, which is a critical tool in a social engineer’s arsenal.

Research subjects were shown something scary or sad and then asked to do math problems. They saw that the frontal cortex went completely dark, and the amygdala in the center of the limbic system was all lit up.

This neurological response diverts all processing power from the frontal cortex to the amygdala during high-stress situations, hindering critical thinking.

NordLayer: How do we make decisions that we normally wouldn’t make when these emotions are involved?

Christopher Hadnagy: Attackers exploit this by creating scenarios that evoke strong emotions like fear, anger, or urgency, leading to hasty decisions made without logical reasoning.

It only takes 30 to 60 seconds, and our brains return to normal once we’re done with the emotion. This is why scam emails never say, ‘click this link tomorrow’ because, between now and tomorrow, we will have time to think and be in the right state of emotion.

Instead, they create urgency. Giving you no time to think critically creates a perfect storm for a social engineering attack.

Key insight #4: as humans, we are trustful by nature, and safe words can save us from scams and paranoia.

NordLayer: Your TED talk mentioned oxytocin and its role in trust. How do social engineers exploit this aspect of human biology, and what can we do to protect against such manipulation?

Christopher Hadnagy: Oxytocin, known as the ‘moral molecule’, plays a vital role in building trust, a mechanism frequently exploited by social engineers. Without it, we would die off as a human race because this love hormone is a part of how we are as humans and not just a bunch of paranoid hermits.

It’s about striking a balance between being cautious and maintaining the natural human tendency to trust.

While it’s challenging to safeguard against this manipulation without becoming overly distrustful, awareness and simple protective measures like establishing a family password can be effective. Then they—your child or grandparents—don’t have to know anything about neuroscience or cybersecurity, but remember one code name and use it once necessary.

Key insight #5: a combination of nonverbal signs or simply trusting your gut can help you avoid becoming a cyber-attack victim.

NordLayer: In your book, ‘Unmasking the Social Engineer,’ you emphasize the importance of nonverbal communication in detecting social engineering attempts. What are some key indicators that someone might be attempting to manipulate or deceive us?

Christopher Hadnagy: Deception detection through nonverbal cues is complex.

There’s no definitive set of nonverbal indicators of deception Instead, we look for inconsistency between someone’s words and body language.

Your body and your brain are constantly looking for nonverbal signs. We do it all the time, unwillingly looking for little things like a head tilt or a nod—nonverbal signs to evaluate our trust in that person. Virtually via email or a phone call, it’s much harder to put someone to a nonverbal test, so look for the smallest signs and inconsistencies in speech.

Quote 5

Understanding nonverbal communication can alert us to discrepancies in a person’s intent versus their verbal communication. Moreover, trusting our intuition or ‘gut feeling’ when something feels off can be a reliable guide, especially in situations that make us feel uneasy or unsafe.

Key insight #6: the intense nature of some industries requires a full attention span to do their jobs well instead of being concerned about breaches.

NordLayer: From your experience, which industries are currently most vulnerable to social engineering attacks, and why are they particularly targeted?

Christopher Hadnagy: The medical field, banking, and utilities are particularly susceptible to social engineering attacks. The healthcare industry, for instance, struggles with cybersecurity training, often choosing inappropriate times or methods, leaving staff unprepared for social engineering tactics.

Quote 6

The integral nature of these industries, involving high-stress environments and sensitive information, makes them prime targets.

The medical field is probably one of the biggest threats out there. Doctors and nurses are doing a hard job attending to saving our lives or dealing with sicknesses—there’s no time to do cybersecurity training while a bunch of documentation and patients take all your attention.

Key insight #7: AI is to create sophisticated attacks and to be used to prevent them.

NordLayer: Looking ahead to 2024, what major trends do you foresee in the evolution of social engineering tactics, and how should organizations prepare?

Christopher Hadnagy: The future of social engineering is increasingly intertwined with advanced technologies like AI.

The use of AI in attacks is becoming more sophisticated, making them harder to detect and counteract. AI will likely be used in phishing emails, voice cloning for scams, and deepfakes.

The increasing brazenness and callousness of attackers, targeting even the most vulnerable, is a disturbing trend.

However, there’s hope for increased education on social engineering and the development of AI-based defensive tools. It’s crucial for organizations to invest in both technology and training to stay ahead in this evolving threat landscape.

Thank you.

Christopher Hadnagy, CEO & the founder and CEO of Social-Engineer. Chris has over 16 years of experience as a practitioner and researcher in the security field. His education and awareness efforts have helped expose social engineering as a top threat to security today. 

Chris established the world’s first social engineering penetration testing framework and the first hands-on social engineering training course and certification, Advanced Practical Social Engineering, attended by law enforcement, military, and private sector professionals.

Chris is also the best-selling author of three books: Social Engineering: The Art of Human Hacking, Unmasking the Social Engineer: The Human Element of Security, and Phishing Dark Waters: The Offensive and Defensive Sides of Malicious Emails.

How NordLayer can help

Awareness is the first step in preventing cyber-attacks. Training, education, and constant reminders significantly help organizations minimize the risks. However, being human is in our nature. Additional tools like NordLayer as a threat prevention measure can help automate some processes to save time, maintain our focus, and create additional barriers for malicious attackers to stumble upon.

Genetic data leak, 23andMe point to credential stuffing

Hackers are selling genetic data stolen from users of the company 23andMe. The company itself says they weren’t breached, although their users’ data was used by what seems to be a single threat actor stealing personal details and genetic data. This data was then published or advertised online. 23andMe suggested that the threat actor(s) gained unauthorized access with “recycled login credentials”, a technique known as credential stuffing.

The logic is simple: Keep trying stolen username/password combinations, and eventually, they’ll work on another site. An easy solution to credential stuffing attacks? You guessed it: Multi-factor authentication (MFA). While 23andMe has offered an MFA feature since 2019, it was not made mandatory for users. With genetic and personal data at stake and up to 7 million users affected by these recent breaches, it might be time for a change in policy.

The Bleach Breach: Clorox revenue and supply chain hit

Clorox, the household cleaning giant, predicts a more than 20% drop in quarterly sales due to a cyberattack (thought to be ransomware) that caused product shortages and operational disruptions. Manufacturing, often kept running by legacy systems and sprawling workforces, suffers more cyberattacks than any other industry.

The Clorox incident is being linked to the same group responsible for the MGM and Caesars Palace hacks, discussed in our previous episode, which occurred around the same time in August 2023. “Scattered Spider” is notorious for using social engineering methods to gain access to internal systems. The Clorox Company’s share price has dropped by over 7 percent in the last month.

Wearable AI: Trendy or just trending?

Tech companies are rushing to secure the lead in wearable AI products. Meta has collaborated with Ray-Ban on a pair of high-tech glasses, enabling wearers to live stream directly from the glasses to Facebook or Instagram and voice activate Meta AI, “an advanced conversational assistant”. Jony Ive, Apple’s legendary former design lead, and OpenAI are reportedly teaming up to design the “iPhone of AI”.

Rewind.ai unveiled a neck-worn pendant that records conversations to your smartphone and creates a searchable database of life moments. Humane, imagining “a world where you can take AI everywhere”, have developed a smart device that resembles a badge or lapel pin.

The common goal here seems to be for technology to rely less on screens, to fade from view, and become all but invisible.

Stay tuned for the next episode of Cyberview.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Nord Security
The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

23.11.3 ‘Saturn’ released

Changes compared to 23.11.2

Bug Fixes

  • Fixed an issue with listing Sharepoint sites that can occasionally overload a SharePoint server
  • Fixed an issue with the Comet Server web interface Server menu / navigation section being absent immediately following login when the Software Build Role is disabled
  • Fixed an issue with symlinks failing to restore correctly from Disk Image backups, causing the restore job to fail
  • Fixed an issue with relative symlinks being restored as links into the Comet Backup desktop app’s installation directory
  • Fixed an issue with VMware backup attempting to back up PSF files. PSF files for vSphere Replication will now be ignored
  • Fixed an issue with VMware backup where quiesce snapshots create two files instead of one
  • Fixed an issue with VMware backup when a virtual machine directory is located more than a level deep from the datastore root
  • Fixed an issue with an incorrect check of allocated areas during VMware vSphere backup
  • Fixed an issue with the policy option “Always require password to open the application interface” not working when enabled

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

23.12.3 ‘Voyager’ released

Changes compared to 23.12.2

Enhancements

  • Added a new log message when temporary files are in use during either Backup or Restore jobs

Bug Fixes

  • Fixed an issue causing search filters to incorrectly show as [object Object] instead of a searchable parameter in the Comet Server web interface
  • Fixed an issue preventing retention passes from finishing when deleting versioned objects from a S3 storage vault with Object Lock enabled
  • Fixed an issue with the policy option “Always require password to open the application interface” not being applied correctly
  • Fixed an issue causing restores to crash if the restore failed to enter a directory (e.g. due to a permissions error preventing it from being created)
  • Fixed an issue causing tenant admins to be logged out when viewing certain pages in the Comet Server web interface
  • Fixed an issue causing Microsoft Office 365 backups to fail when receiving an unexpected orientation response from the Graph API
  • Fixed an issue with certain system directories being incorrectly reported as 0-byte files when selecting files and folders for a granular restore from Hyper-V, Disk Image, and VMware Protected items

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

Richard Štefíček Is the New Chief Sales Officer of GREYCORTEX

January 10, 2024, Brno – GREYCORTEX, a leading Czech manufacturer of a cybersecurity network detection and response solution, strengthens its sales team. The new chief sales officer, Richard Štefíček, replaces Pavel Malíř Chmelař, who will continue to focus on the development of new markets.

Richard Štefíček (LinkedIn) started his career after graduating from Brno University of Technology as a sales manager at TR instruments. Subsequently, he gained business experience during more than 10 years at Flowmon Networks, where he worked his way up to the position of channel manager for Central and Eastern Europe.

Štefíček adds: I am thrilled to contribute to the further growth and development of GREYCORTEX as sales director. I believe that my experience and knowledge will bring new opportunities and help us to take GREYCORTEX even further. My main priority will always be the satisfaction of our customers and building strong partnerships.”

The previous CSO, Pavel Malíř Chmelař (LinkedIn), who has been with the company since its founding in 2016, will use his extensive product knowledge and experience in building the Czech and Polish channels to develop new markets and enable the company’s partner channel.

With the arrival of Richard Štefíček in the role of CSO, GREYCORTEX is clearly demonstrating its intention to grow and strengthen its position on the market. Together with all our colleagues, we look forward to the next era of business growth under his leadership,” concludes Petr Chaloupka, CEO of GREYCORTEX.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

Joop Solutions and SafeDNS at the Heart of 24 Endurance México

In the world of motorsports, every second counts. Similarly, when it comes to providing seamless and reliable connectivity at events like 24 Endurance México, which took place from December 11 to 13, 2023. The season-closing event witnessed an extraordinary display of not just racing prowess but also technological innovation, and Joop Solutions met the challenge by delivering a Wi-Fi connection at its best.

Joop Solutions took a leading role in ensuring that 24 Endurance México is not only a thrilling spectacle on the race track but also a perfect digital experience for visitors, sponsors, and participants. With a robust network infrastructure, Joop Solutions provided a total of 12 access points, serving 1,395 unique Wi-Fi and wired client devices.

With a response time of 23 milliseconds, users experienced high connection speed, which contributed to the overall success of the event. Total data usage reached 775.64 GB, demonstrating high demand for a reliable and high-performance network.

Safe and Secure Connection with SafeDNS

By implementing the SafeDNS web filtering solution, the connection not only remained robust but also provided a layer of protection against potential threats. The use of SafeDNS enhanced the security of the network and contributed to optimizing traffic, ensuring a consistently high connection speed.

For almost 6 years, SafeDNS has proudly partnered with Joop Solutions, offering unparalleled support and services. Together, we have successfully delivered secure and high-speed Wi-Fi connection to a multitude of large-scale events across Mexico, including fairs like BAZAR HOTBOOK and races such as 24 Endurance.If you are a Wi-Fi provider seeking to enhance your services, don’t hesitate to reach out. Let us empower you to provide the best possible experience for your clients!

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

Finding Ivanti Connect Secure and Policy Secure Gateways with runZero

Today, January 10th, 2024, Ivanti disclosed two serious vulnerabilities in the Ivanti Connect Secure and Ivanti Policy Secure products.

The first issue, CVE-2023-46805, allows attackers to bypass authentication controls to access restricted resources without authentication. This vulnerability has a CVSS score of 8.2 out of 10, indicating a high degree of impact.

The second issue, CVE-2024-21887, allows attackers to inject arbitrary commands to be executed on the affected device. Attackers must be authenticated to exploit this vulnerability, but attackers may be able to use the authentication bypass vulnerability above to achieve this. This vulnerability has a CVSS score of 9.1 out of 10, indicating a critical vulnerability.

The vendor reports that there are indications that these vulnerabilities have been exploited in the wild.

What is the impact? #

Upon successful exploitation of these vulnerabilities, attackers can execute arbitrary commands on the vulnerable system. This includes the creation of new users, installation of additional modules or code, and, in general, system compromise.

Are updates or workarounds available? #

Ivanti has released an update to mitigate this issue. Users are urged to update as quickly as possible.

How do I find potentially vulnerable Ivanti devices with runZero? #

From the Services Inventory, use the following query to locate assets running the vulnerable products in your network that expose a web interface and which may need remediation or mitigation:

_asset.protocol:http AND protocol:http AND http.body:"welcome.cgi?p=logo"

Additional fingerprinting research is ongoing, and additional queries will be published as soon as possible.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

The Zero Trust MSP advantage to unlock market potential

Managed Service Providers (MSPs) aim to boost their market share and client trust. When we compare specific elements of Zero-Trust solutions, like ZTNA vs VPN, we see that Zero Trust is generally more secure and effective. It’s becoming a key part of how MSPs work and serve their clients. Let’s examine the Zero-Trust framework and its impact on MSPs.

Key takeaways

  • Zero Trust (ZT) operates on the idea that no one is trusted without ongoing checks and approvals.

  • Introducing ZT, MSPs face issues like customer hesitation, managing costs, and adapting to change.

  • The upsides, however, are significant, such as better security and more efficient work. 

  • Before introducing ZT, ensure it fits your clients’ needs.

  • Trying out ZT with a few clients first can be a smart move.

Understanding Zero Trust

Zero Trust involves:

  • No assumed trust

  • Always denying access by default

  • Protecting data with tight controls

  • Specific, detailed access decisions

  • Constantly checking multiple cybersecurity factors

The Zero-Trust concept is a ‘never trust, always verify’ approach that checks all access requests, no matter where they come from.

Core components of the Zero Trust approach

Challenges for MSPs

Implementing Zero-Trust solutions can be tough. Challenges include:

  • Customers’ resistance to change. Moving from old tools to the Zero-Trust approach can be hard.

  • Cybersecurity knowledge gaps. Customers might not understand the benefits.

  • Overcoming misconceptions. It’s important to clear up any ZT myths.

  • Complexity of concepts. ZT should be made simple for users.

  • Proving effectiveness. MSPs need to show real benefits.

  • Cost concerns & ROI. Focus on long-term benefits, not just initial costs.

  • Change management. Adapting operations and training is key.

  • Compliance and regulatory issues. ZT must meet all standards.

  • Scaling solutions. Tailor Zero Trust for different organizations’ sizes and types.

  • Balancing security and user experience. Keep access strong but user-friendly.

Benefits of Zero Trust for MSPs

In this list, you’ll find advantages of Zero Trust as highlighted by the U.S. Cybersecurity & Infrastructure Security Agency, and we’ve also added a few of our own insights from NordLayer:

  • Increased productivity. Zero Trust makes MSPs more efficient, helping employees work better.

  • Enhanced user experience. Users get secure, easy access to resources.

  • Reduced IT costs. The Zero-Trust approach cuts down on the need for lots of hardware.

  • Flexible access. It allows secure access to resources from anywhere.

  • Suitable for many businesses. Zero Trust works for businesses of any size.

  • Building trust and growing market share. Zero Trust raises MSPs’ credibility and client base.

  • Compliance and regulatory benefits. Zero Trust helps meet data protection laws.

  • Standing out in the market. The Zero-Trust approach sets MSPs apart, attracting new customers.

  • Efficient operations. Zero Trust simplifies cybersecurity management.

How MSPs can implement Zero Trust

To decide whether to offer ZT, consider:

  1. Understand customers’ needs: Do they handle sensitive data or operate in regulated industries?

  2. Check market demand: Is there a growing interest in Zero-Trust solutions?

  3. Assess your capabilities: Can you manage ZT solutions?

  4. Complement existing services: Does ZT fit with your current offerings?

  5. Seek vendor partnerships: Look for reliable ZT solution providers.

  6. Weigh costs and benefits: Weigh the investment against potential returns.

  7. Educate clients: Be ready to explain ZT benefits to your customers.

  8. Try a pilot program: Test the ZT approach with a few customers first.

How NordLayer helps MSPs

NordLayer, with its standout features like network access management, internet security, compliance tools, and flexible solutions, is an ideal partner for MSPs adopting the Zero-Trust approach. Our partner program and zero-trust solutions are tailored to business needs.

With hybrid work and cloud use, ZT becomes vital. It boosts security, builds trust, and grows market share. With the right approach, MSPs can overcome ZT challenges and benefit greatly.

Starting with ZT for customers

  • Join the MSP partner program. It’s simple to get started.

  • Use the service management portal specifically crafted for MSPs. It’s a unified platform to manage client networks using a Zero-Trust strategy.

  • Generate revenue. Start earning more with your new tools.

Genetic data leak, 23andMe point to credential stuffing

Hackers are selling genetic data stolen from users of the company 23andMe. The company itself says they weren’t breached, although their users’ data was used by what seems to be a single threat actor stealing personal details and genetic data. This data was then published or advertised online. 23andMe suggested that the threat actor(s) gained unauthorized access with “recycled login credentials”, a technique known as credential stuffing.

The logic is simple: Keep trying stolen username/password combinations, and eventually, they’ll work on another site. An easy solution to credential stuffing attacks? You guessed it: Multi-factor authentication (MFA). While 23andMe has offered an MFA feature since 2019, it was not made mandatory for users. With genetic and personal data at stake and up to 7 million users affected by these recent breaches, it might be time for a change in policy.

The Bleach Breach: Clorox revenue and supply chain hit

Clorox, the household cleaning giant, predicts a more than 20% drop in quarterly sales due to a cyberattack (thought to be ransomware) that caused product shortages and operational disruptions. Manufacturing, often kept running by legacy systems and sprawling workforces, suffers more cyberattacks than any other industry.

The Clorox incident is being linked to the same group responsible for the MGM and Caesars Palace hacks, discussed in our previous episode, which occurred around the same time in August 2023. “Scattered Spider” is notorious for using social engineering methods to gain access to internal systems. The Clorox Company’s share price has dropped by over 7 percent in the last month.

Wearable AI: Trendy or just trending?

Tech companies are rushing to secure the lead in wearable AI products. Meta has collaborated with Ray-Ban on a pair of high-tech glasses, enabling wearers to live stream directly from the glasses to Facebook or Instagram and voice activate Meta AI, “an advanced conversational assistant”. Jony Ive, Apple’s legendary former design lead, and OpenAI are reportedly teaming up to design the “iPhone of AI”.

Rewind.ai unveiled a neck-worn pendant that records conversations to your smartphone and creates a searchable database of life moments. Humane, imagining “a world where you can take AI everywhere”, have developed a smart device that resembles a badge or lapel pin.

The common goal here seems to be for technology to rely less on screens, to fade from view, and become all but invisible.

Stay tuned for the next episode of Cyberview.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Nord Security
The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

About NordLayer
NordLayer is an adaptive network access security solution for modern businesses – from the world’s most trusted cybersecurity brand, Nord Security.

The web has become a chaotic space where safety and trust have been compromised by cybercrime and data protection issues. Therefore, our team has a global mission to shape a more trusted and peaceful online future for people everywhere.

Head of SafeDNS’s Machine Learning: “ML is not a magic wand”

In this interview, we sit down with Jurgen Lorenz, the Head of Machine Learning at SafeDNS, to gain insights into the key role that machine learning plays in the company’s web filtering solutions. Jurgen sheds light on how the department works on the identification of website categories, reveals the intricacies of training the ML models, shares the challenges encountered in adapting the models to different contexts, uncovers the secrets that differentiate SafeDNS from industry competitors, and shares SafeDNS’s plans.


Jurgen, could you briefly describe the role and responsibilities of the SafeDNS machine learning department?

Well, mainly our department is responsible for identifying website categories. The ML specialists focus on parsing and timely crawling these categories, processing third-party sources with thematic lists of domains, balancing and verifying records from all sources, and forming the final database assemblies. These assemblies serve as the foundation for our work and the solutions we provide to our clients.


Tell us about the way SafeDNS uses machine learning algorithms to Improve the efficiency of web filtering.

SafeDNS employs various models to classify texts, creating a training dataset from manually tagged websites on specific topics. Mathematical models, such as binary classifiers and neural networks for different languages, are prepared to determine if a site corresponds to a given topic. Predictions are made with a certain probability, utilizing over 100 models to consistently assess sites. The final verdict is reached by aggregating this data, taking into account the trust level assigned to each data source. We use text models as well as models for image processing (specifically for identifying explicit content) and heuristics-based models for alternative site classification.


What kinds of challenges do you face in adapting ML models to different languages and regional contexts?

The main challenge lies in the small number of sites in a particular language available for training samples. Additionally, complexities arise with hieroglyphs, rare dialects, and when working with regions in Asia and Southern countries. To address these challenges, we utilize synthetic data and, in some cases, translate language models from more popular languages. Working with English is advantageous, as over half of the world’s internet content is in this language.

To understand site popularity and facilitate additional categorization in new regions, we analyze user logs.

Here I should add that the job takes us to the most hidden, sometimes darkest corners of the Internet. It is quite an adventure, really. Thanks to this, our solution is able to identify and categorize resources even in the rarest languages, which is definitely our advantage.


What metrics are used to evaluate the effectiveness of ML algorithms?

There is no surprise there. Key metrics include accuracy and error rate.


Clear. What about customer feedback? Does it play a role in improving algorithms?

Sure, we do rely on customer feedback to initiate timely retraining of models in case of expected degradation. As I said earlier, we are able to categorize websites in quite rare languages. Actually, our clients and their feedback help us a lot in terms of recategorizing those types of resources.


The trickiest question is coming. What sets SafeDNS apart from industry competitors?

I am calling it. Just kidding. First of all, SafeDNS is a company with 13 years of solid experience, a diverse client base that ensures comprehensive error correction, and trusted partners that provide us with domain list improvement.

Secondly, I would like to underline that our text models (currently we have more than 1000 of them) are trained on a huge number of different and complex resources, which means that we do not just look through the Wikipedia pages and that is it. Our crawlers, just like search engines, go through websites once a month and do so at high speed.

What else makes us different? Well, I guess, it is our unique database: it contains 2 billion URL records and includes 20% more phishing sites than other companies’ databases. The ones within the industry must know that URL categorization is way more complex to accomplish, you just cannot afford to have a smaller database.

Seems like I could go on forever answering this question, right? I just want to add one more thing: the fact that we use Passive DNS technology makes us able to track connections between domains from a historical perspective. For example, say you approached a random domain. We can see that a while ago there was a phishing site pointed to the same IP. The SafeDNS filtering will check that domain more often than the others and pessimize it since its reputation is obviously questionable.

And finally, if we speak about machine learning particularly, I should say that despite recent hype around this phenomenon, it is not a magic wand and requires human involvement. Even a classification accuracy of 99% in a database of 100 million records results in 1 million errors, which is a huge number. That is why we pay serious attention to the human factor. There is manual tagging and 24/7 top-notch technical support to handle error-related issues.


And last but not least, what are the plans for the near future?

We are planning to move towards a list of new categories, introducing more segmented topics. While we currently have 60+ categories, we aim to expand to 120+, allowing for better segmentation of domains and increased accuracy.


Thank you for your detailed answers! Good luck to us!

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

The Rise of the Virtual CISO

The cybersecurity landscape is in a constant state of evolution, compelling organizations to seek innovative solutions to protect their digital assets. One such emerging trend is the Virtual Chief Information Security Officer (vCISO), a concept that marks a significant shift in the way companies address cybersecurity challenges. Today, we deep dive into the vCISO phenomenon, exploring its growing popularity, benefits, potential drawbacks, and what companies should consider before opting for this route.

What is a Virtual CISO? 

A Virtual CISO provides the expertise of a seasoned Chief Information Security Officer in a flexible and often remote arrangement. Unlike a traditional, full-time executive CISO, a vCISO can be a consultant or a part of a service from a specialized firm. This model is particularly beneficial for small to medium-sized businesses (SMBs), enabling access to top-tier security expertise without the financial burden of a full-time executive hire.

The Growing Popularity of Virtual CISOs

Several factors drive the increasing adoption of the vCISO model. The well-documented cybersecurity skill gap is a primary motivator, with the vCISO model serving as a bridge, connecting companies to experienced professionals. For SMBs, the cost-effectiveness of a vCISO is particularly appealing, as hiring a full-time CISO can be prohibitively expensive. Additionally, vCISOs offer scalability and flexibility, tailoring their services to the size and specific needs of an organization. They often bring diverse perspectives and innovative solutions, having worked with multiple clients across various industries.

Advantages of a Virtual CISO

The most notable advantage of a vCISO is the availability of expertise on demand. These professionals bring a wealth of knowledge and experience, focusing on strategic-level guidance, policy development, and compliance. This model allows for better cost control, as organizations pay for what they need when they need it. Moreover, the flexibility and adaptability of vCISOs mean they can quickly respond to changing needs and can be brought in for specific projects or periods.

Disadvantages of a Virtual CISO

However, there are challenges to consider. A vCISO might not always be available in crisis situations due to their limited availability. Being external, they may require time to fully understand the unique challenges and culture of the organization. There are also potential security risks associated with remote working arrangements if not properly managed. Additionally, building trust and rapport with internal teams can be more challenging for a non-full-time executive.

What Companies Need to Know Before Going Virtual

Before adopting a vCISO, companies should have a clear understanding of their needs. Whether it’s strategic guidance or compliance assistance, this clarity is crucial. It’s important to conduct thorough due diligence when selecting a vCISO, looking for experience, qualifications, and a successful track record. Ensuring effective integration with existing security teams and company culture is vital. Clear communication channels and regular reporting structures should be established. Moreover, any remote working arrangements must adhere to the company’s data protection and privacy policies. Lastly, the chosen vCISO service should be capable of scaling and adapting as the organization evolves.

Looking Ahead

The virtual CISO represents a transformative approach in managing cybersecurity. It combines expertise, flexibility, and cost-effectiveness, making it an attractive option for a wide range of organizations, especially those that cannot afford a full-time CISO. However, this approach is not without its challenges, such as potential limited availability and a period of adjustment to understand the organization’s unique environment. As with any significant business decision, careful consideration is key. Companies should ensure they choose a vCISO who aligns with their strategic objectives and corporate culture.

As cyber threats continue to evolve, the role of the CISO – virtual or otherwise – remains critical. The vCISO model offers an innovative solution to a complex problem, making top-tier cybersecurity leadership accessible to more organizations. Looking ahead, it’s likely that the adoption of this model will increase, reshaping the landscape of cybersecurity leadership in the digital age.

About Version 2 Limited
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。