Skip to content

How to find Windows Remote Desktop Licensing Services on your network

Latest vulnerability: CVE-2024-38077 

Microsoft has disclosed multiple vulnerabilities in their Windows Remote Desktop Licensing Service product.

CVE-2024-38077 is rated critical with CVSS score of 9.8 and allows an attacker to remotely execute code which could lead to complete system compromise.

What is the impact?

A heap overflow flaw could allow an attacker to send a message that would trigger this vulnerability and allow remote code execution. With the right code execution this could lead to a complete system compromise giving the attacker complete control.

Are updates or workarounds available?

Microsoft has released patches to address this vulnerability. Instances should be updated immediately to the latest patched version. Additionally, if this service is not needed, it is advisable to disable it or, at the very least, ensure it is securely firewalled within business networks.

How to find potentially vulnerable systems with runZero

From the Service Inventory, use the following query to locate systems running potentially vulnerable software:

port:135 AND protocol:epm AND _service.epm.uuids:"3d267954-eeb7-11d1-b94e-00c04fa3080d"

You may also search for associated named pipes:

port:135 AND protocol:epm AND _service.epm.pipes:"HydraLsPipe"

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

Keepit platform named winner at the 2024 SaaS Awards

Keepit named winner in the 2024 Cloud SaaS Awards program in “Best Use of SaaS in a Cloud Ecosystem” category.

COPENHAGEN, DENMARK. August 13, 2024 – Keepit, a global provider of a comprehensive cloud backup and recovery platform, announced today its success in the 2024 Cloud SaaS Awards program by being named a winner in the “Best Use of SaaS in a Cloud Ecosystem” category. Keepit was also a finalist in the “Best Security Innovation in a SaaS Product (SME)” and “Best Security Innovation in a SaaS Product (Enterprise)” category.

A long-established awards program spanning 56 categories, The SaaS Awards recognizes the leading innovations and applications of software-as-a-service solutions across a wide range of use cases and sectors. The program received entries from organizations worldwide, including North America, across Europe, and APAC.

 

“The Keepit platform is a must for companies looking to ensure cyber resiliency. We are honored to have been named as a winner at the 2024 SaaS Awards. This, alongside the slew of other recent accolades, underscores our cloud native roots and commitment to providing our customers with best-in-class data protection”, says Michele Hayes, CMO at Keepit.

 

CEO of The Cloud Awards, James Williams, said: “We’re thrilled to reveal the winners of the 2024 SaaS Awards after three intense rounds of judging. It’s been an outstanding edition of the awards this year, and the team and I would like to thank all those organizations that entered.

 

“Keepit has demonstrated an unwavering commitment to innovation and excellence and is a more than deserving winner of Best Use of SaaS in a Cloud Ecosystem. The caliber of the finalists this year was particularly high, which is a testament to this wonderful achievement.

 

“A huge congratulations to Keepit, and to all of 2024’s winners. We are extremely excited to see how they continue to drive the industry forwards in the coming years.”

Secure by design, the Keepit cloud is owned and run by Keepit. Customer data is kept in a separate, dedicated infrastructure, with the backed-up data stored fully isolated from the SaaS vendor’s cloud. With a user-friendly interface, robust data security, and the ability to adapt to your cloud environment, Keepit ensures your data is always accessible and protected.
Recognition for the Keepit platform

 

The Keepit platform has also been named “Best Cybersecurity Backup Service” by the Business Awards UK, 2024 Cybersecurity and Resilience Awards and “Best Security Solution for Data Management / Data Protection” by the Cloud Security Awards 2024. Keepit was recognized in four categories at the Global Infosec Awards 2024 (at RSA), including “Most Innovative Compliance”, “Publisher’s Choice Cyber Resilience”, “Best Product Data Recovery”, and “Hot Company Ransomware Recovery”.

 

 

About the Cloud Awards

The Cloud Awards is an international program which has been recognizing and honoring industry leaders, innovators and organizational transformation in cloud computing since 2011. The Cloud Awards comprises five awards programs, each uniquely celebrating success across cloud computing, software-as-a-service (SaaS), cloud security, artificial intelligence (AI), and financial technologies (FinTech).

Winners are selected by a judging panel of international industry experts. For more information about the Cloud Awards, please visit https://www.cloud-awards.com/.

About The Cloud Awards Program

The Cloud Awards identifies and celebrates the most innovative organizations, technologies, individuals and teams in the world of cloud computing. The program spans 36 categories, including ‘Best Cloud Infrastructure’ and ‘Best Cloud Automation Solution’.

 

About The SaaS Awards

The SaaS Awards focuses on recognizing excellence and innovation in software solutions. Categories range from Best Enterprise-Level SaaS to Best UX or UI Design in a SaaS Product.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Keepit
At Keepit, we believe in a digital future where all software is delivered as a service. Keepit’s mission is to protect data in the cloud Keepit is a software company specializing in Cloud-to-Cloud data backup and recovery. Deriving from +20 year experience in building best-in-class data protection and hosting services, Keepit is pioneering the way to secure and protect cloud data at scale.

ESET PROTECT has been rocking the reviews on G2, 27 Leader Badges in the Summer 2024 Reports prove it

BRATISLAVAAugust 09, 2024ESET, a global leader in cybersecurity solutions, proudly announces its recognition as a Leader in an impressive 27 categories in G2’s Summer 2024 Reports. Only fewer than 4% of all products on G2 earned a coveted “Leader” badge, which places ESET PROTECT among the elite group. Additionally, ESET´s Leader position in the Small-Business Grid for Endpoint Protection Suites secures the company a place among the top three vendors.

“This distinction highlights the overwhelming trust and satisfaction expressed by our users, and reinforces our commitment to delivering superior business value through our security solutions,” said Mária Trnková, Chief Marketing Officer at ESET. “We are grateful to our customers for their positive reviews and ongoing support, which drive us to continue innovating and improving our offerings.”

ESET has achieved a LEADER position in the Small-Business Grid for Endpoint Protection Suites | Summer 2024.

The ESET PROTECT Platform combines effective breach prevention, detection, and response capabilities, enhanced by ESET’s managed and professional services, along with threat intelligence. It is designed to be simple, modular, adaptable, and is continuously updated to prioritize the needs of the customers. Organizations of all sizes have expressed their confidence in ESET PROTECT, as evidenced by the consistently positive reviews on the G2 platform. ESET’s solutions continue to earn high praise, with 98% of users awarding the cybersecurity company a 4 or 5-star rating and 94% of users stating they would recommend ESET PROTECT to their peers.

ESET PROTECT is celebrated on the G2 platform for its comprehensive security ecosystem and multilayered technology, providing unparalleled protection across a wide range of categories including Endpoint Protection Platforms, Malware Analysis Tools, Network Sandboxing, Endpoint Management, Antivirus, Encryption, Mobile Data Security, and more. ESET’s recent business offering updates have been well-received by both analysts and customers, solidifying its market presence and leadership position.

G2, a leading peer-review platform for business solutions, empowers organizations to make informed decisions based on authentic customer feedback. Here is what they are saying about ESET PROTECT, adding a stamp of trust to ESET and proving that ESET solutions bring real value:

“ESET PROTECT is one of the best security solutions for your business.”

“Our protection is way better now, thanks to the thing that sets ESET apart: their multilayered technology.”

“One of the Best Endpoint Security Products. It gives us peace of mind that the endpoint security from ESET is simple to use and user friendly.”

“Costs have gone down and protection is at a high level.”

“Seems to catch any issue and resolve it before it becomes a larger problem. Has not failed us yet. Very easy to deploy. Good customer support whenever we have needed it.”

Read all current reviews about ESET PROTECT here. Find more information about ESET and its range of security solutions here.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

SharpRhino Ransomware: A New Threat to Small Businesses and MSPs

Key Takeaways:

– Small Businesses at Risk: SharpRhino targets IT professionals, creating significant vulnerabilities for small businesses relying on MSPs for cybersecurity.

– MSP Challenges: Sophisticated attack methods like typosquatting and legitimate-looking software installers make it increasingly difficult for MSPs to protect their clients.

– Guardz Ransomware Protection: Guardz offers comprehensive ransomware protection, including real-time monitoring, automated threat detection, and incident response tools designed to safeguard small businesses and their MSPs.

The SharpRhino Ransomware Attack: What You Need to Know

The Hunters International ransomware group has unleashed a new threat in the form of SharpRhino, a sophisticated Remote Access Trojan (RAT) that specifically targets IT professionals. This attack methodically compromises networks by using fake versions of legitimate tools, such as Angry IP Scanner, distributed through deceptive websites—a technique known as typosquatting.

How the Attack Operates:

1. Distribution via Typosquatting:

   – Attackers set up fake websites mimicking legitimate software download sites. IT professionals, seeking to download tools they use regularly, may inadvertently download SharpRhino, which appears as a legitimate 32-bit installer (`ipscan-3.9.1-setup.exe`).

2. Initial Compromise and Persistence:

   – Once installed, SharpRhino modifies the Windows registry to ensure it persists on the infected system. It uses PowerShell scripts to execute C# code in memory, making detection difficult.

3. Command and Control (C2) Communication:

   – The malware communicates with its command and control server, allowing attackers to issue remote commands, which can include deploying additional malware or ransomware.

4. Privilege Escalation and Ransomware Deployment:

   – After securing elevated privileges, attackers can deploy ransomware, encrypting critical data and demanding a ransom for its release.

The Impact on Small Businesses and MSPs

For small businesses, the consequences of a successful ransomware attack can be devastating. Without the resources to quickly respond and recover, a ransomware attack can lead to significant operational downtime, financial loss, and even permanent closure. Small businesses often rely on MSPs to manage their IT and cybersecurity needs, but the sophistication of attacks like SharpRhino poses a severe challenge even for experienced MSPs.

MSPs are under increasing pressure to protect their clients from these evolving threats. The use of seemingly legitimate tools by attackers makes it difficult to detect and prevent these attacks before they cause harm. When an MSP is compromised, all of its clients are at risk, which could result in a catastrophic ripple effect across multiple businesses.

Practical Tips for MSPs and Small Businesses to Protect Against Ransomware

1. Regular Software Audits and Updates:

   – Ensure that all software used by your business or clients is up-to-date. Regularly audit software to confirm that only authorized applications are installed and running. Pay close attention to the sources from which software is downloaded, and avoid downloading from unverified websites.

2. Implement Network Segmentation:

   – Divide your network into segments to limit the spread of ransomware. This means that even if one part of your network is compromised, the ransomware cannot easily spread to other parts.

3. Backup and Disaster Recovery Plans:

   – Regularly back up your data and ensure that backups are stored securely and separately from your main network. In the event of a ransomware attack, having a reliable backup can mean the difference between a minor inconvenience and a major catastrophe.

4. Continuous Monitoring and Threat Detection:

   – Utilize real-time monitoring tools that can detect suspicious activity before it leads to a full-blown attack. Automated threat detection systems that leverage AI can identify new and emerging threats like SharpRhino and take action before they cause damage.

5. Educate and Train Staff:

   – Human error is often the weakest link in cybersecurity. Regularly train your staff on the latest threats and best practices for avoiding phishing attempts and other social engineering attacks. For MSPs, ensuring that your clients are also educated about these risks is crucial.

6. Incident Response Planning:

   – Have a detailed incident response plan in place so that your team knows exactly what to do in the event of a ransomware attack. This should include steps for isolating infected systems, notifying affected parties, and restoring data from backups.

7. Use Advanced Security Solutions:

   – Consider implementing comprehensive security platforms like Guardz, which offer a range of tools designed to protect against ransomware. Guardz provides real-time monitoring, automated threat detection, and incident response capabilities that are essential for defending against sophisticated threats like SharpRhino.

Guardz Ransomware Protection Solutions

Guardz understands the unique challenges faced by small businesses and MSPs in the current cybersecurity landscape. Our platform offers a suite of ransomware protection tools tailored to provide comprehensive defense against threats like SharpRhino. Key features include:

– Real-Time Monitoring: Stay ahead of potential threats with continuous monitoring of your systems.

– Automated Threat Detection: Leverage AI to detect and neutralize emerging threats before they can cause harm.

– Incident Response: Equip your team with the tools needed to quickly isolate infected systems, restore data, and minimize the impact of an attack.

In an era where ransomware attacks are becoming increasingly sophisticated, it’s essential to take proactive steps to protect your business. With Guardz, you can fortify your defenses and ensure that your business or your clients’ businesses remain resilient in the face of evolving cyber threats.

Start Free Trial

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Guardz
Guardz is on a mission to create a safer digital world by empowering Managed Service Providers (MSPs). Their goal is to proactively secure and insure Small and Medium Enterprises (SMEs) against ever-evolving threats while simultaneously creating new revenue streams, all on one unified platform.

Start Free Trial

24.6.8 Voyager released

Changes compared to 24.6.7

Enhancements

  • Disabled selecting Hyper-V ‘All VM Snapshots’ mode on operating systems where it is not supported

Bug Fixes

  • Fixed an issue preventing individual files to be selected during the granular restore process on the Comet Backup desktop app
  • Fixed a cosmetic issue with translations not applying for some detailed error messages

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×