Skip to content

23.9.11 ‘Voyager’ released

New Features

  • Support new “Latest VM State (Changed Block Tracking)” option for Hyper-V for improved backup performance.
  • Added support for VMware ESXi hosts running on a free license. Comet now supports both the free and paid versions of VMware for backups and restores.
  • Added the ability to enforce policies created by a top-level administrator onto tenant administrators and tenant users. This allows top-level administrator to enforce settings and preferences across an entire Comet Server.

Enhancements

  • Improved the admin accounts dialogue to have a separate Policies tab in the Comet Server web interface.

Bug Fixes

  • Fixed an issue with the Comet Backup desktop app not refreshing the Job History when a new backup job is started.
  • Fixed an issue with hourly scheduler where it failed to adjust correctly to the USA Daylight Savings Time (DST)
  • Fixed an issue with the Comet Backup desktop app jumping to a different Protected Item view when there is a Protected Item being edited. This usually occurred when a scheduled backup was run.
  • Fixed an issue where VMware snapshots created in CBT mode had incomplete chunks.
  • Fixed an issue with the My Devices chart on the Comet Server web interface failing to render.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Comet
We are a team of dedicated professionals committed to developing reliable and secure backup solutions for MSP’s, Businesses and IT professionals. With over 10 years of experience in the industry, we understand the importance of having a reliable backup solution in place to protect your valuable data. That’s why we’ve developed a comprehensive suite of backup solutions that are easy to use, scalable and highly secure.

Web Security Challenges in Hospitality Business: A Case for Cloud Web Filtering

In the fast-paced world of hospitality, where customer satisfaction is of utmost importance, the digital landscape presents both opportunities and risks. Nowadays, hotels and restaurants experience a huge amount of online challenges: they become targets for cybercriminals due to their handling of sensitive data and face reputational risks associated with guests’ online experiences.

Understanding the evolving digital problems landscape and taking preventative measures such as content filtering is paramount to protecting businesses from potentially catastrophic outcomes.

The Allure of Hospitality for Hackers

Hospitality organizations store a lot of valuable information, making them attractive targets for cybercriminals. Installing malware on POS systems allows hackers to steal customers’ credit card information, causing significant reputational and financial damage to businesses. Moreover, the growing trend of ransomware attacks, where hackers paralyze systems and demand large ransoms for restoration, can result in million-dollar losses and occupancy declines of 80–90%.

Alarming Statistics: A Wake-Up Call for the Hospitality Industry

Recent research emphasizes the severity of the issue, revealing that 67% of accommodation and food businesses have fallen victim to cyberattacks. This places the industry in third place, behind only the education and arts, entertainment, and recreation sectors. Despite this alarming statistic, many businesses focus their investments on only traditional security systems and practices, often overlooking the critical human factor.

The Human Element: A Vulnerability Exploited

Latest ransomware attacks on the HoReCa sector (е.g., MGM and Caesar cases) emphasize that people might be the weakest link in the cybersecurity chain. Hackers can identify, for instance, a random tech employee of the target company and here we are: within 10-15 minutes they get access to the systems. The simplicity of many attacks usually relies on such tactics as tricking people into clicking on suspicious links and inputting credentials. This is reason enough to reflect on the critical need for employee training and measures that can prevent users from accessing potentially malicious resources.

Battles Against Explicit Content

Apart from cyberattacks, the restaurant and hospitality industry frequently faces a distinct online challenge — the potential for reputational harm in case guests encounter explicit content during their stay. Given that hotels and restaurants are typically chosen as venues for family outings or holidays, the expectation is that their networks should remain free from inappropriate content.

SafeDNS: Elevating Cybersecurity for Hospitality

Discover SafeDNS, a security beacon in the ever-changing digital landscape. The cloud web filtering solution offered by SafeDNS provides a multifaceted approach to cybersecurity, addressing challenges faced by hotels and restaurants. Besides, our web filtering assists the HoReCa sector in creating a safe environment free of inappropriate content, so that neither guests nor their children encounter anything disturbing while browsing the Internet.

Key Features of SafeDNS


  1. Cloud-Based Advantage: SafeDNS eliminates the need for physicial security concerns and complex hardware infrastructure, making our solution perfect for industry giants and small businesses.
  2. User-Friendly Interface: The account interface is highly intuitive, ensuring that everyone, regardless of technical skills, can easily install and navigate through the system.
  3. Comprehensive Categories: With 66 categories of websites available, SafeDNS empowers businesses to customize their web access policies, from blocking explicit content to restricting access to timewasters to enhance employee productivity.
  4. Advanced Scheduling: Unlike many other web filtering services, SafeDNS introduces a unique scheduling feature, allowing users to set up schedules that can adapt web filtering to the dynamic nature of the hospitality industry.
  5. Detailed Reports: You can gain valuable insights into users’ web activities with a detailed report. The best part here is that the service cannot be deceived by clearing the browser history or surfing the internet in incognito mode.
  6. Unmatched Support: SafeDNS built an exceptional support team available 24/7 to ensure any issues that arise are quickly resolved.
  7. Free Cybersecurity Awareness Training: We offer a course on the basics of online security to help increase employee cybersecurity knowledge.

 

As the hospitality industry navigates the digital landscape, prioritizing cybersecurity is non-negotiable. Make the proactive choice to stay protected with SafeDNS and strengthen your reputation against the ever-present threat of cyberattacks.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SafeDNS
SafeDNS breathes to make the internet safer for people all over the world with solutions ranging from AI & ML-powered web filtering, cybersecurity to threat intelligence. Moreover, we strive to create the next generation of safer and more affordable web filtering products. Endlessly working to improve our users’ online protection, SafeDNS has also launched an innovative system powered by continuous machine learning and user behavior analytics to detect botnets and malicious websites.

How to find SysAid Help Desk instances

How to find SysAid Help Desk instances

On the evening of November 8th Microsoft Threat Intelligence announced that they had discovered attacks by a ransomware gang against the SysAid Help Desk software using a zero-day exploit (CVE-2023-47246). These attacks leveraged a directory traversal vulnerability to upload a web shell and deliver the ransomware payload. SysAid has since published an advisory, complete with indicators of compromise, and made a patch available to customers. The Rapid7 blog has additional information about this issue.

What is SysAid Help Desk?

SysAid provides IT help desk and ITSM software as both a cloud service and through an on-premise option.

Are updates available?

SysAid Help Desk has released version 23.3.36 to address this issue.

How do I find potentially vulnerable versions of ActiveMQ with runZero?

SysAid Help Desk services can be found by navigating to the Service Inventory and using the following query:

_asset.protocol:{http} AND protocol:{http} AND (_service.favicon.ico.image.md5:="5f30870725d650d7377a134c74f41cfd" OR last.html.title:"SysAid")

Results from the above query should be triaged to determine if they require patching or vendor intervention.

As always, any prebuilt queries are available from your runZero console. Check out the documentation for other useful inventory queries.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About runZero
runZero, a network discovery and asset inventory solution, was founded in 2018 by HD Moore, the creator of Metasploit. HD envisioned a modern active discovery solution that could find and identify everything on a network–without credentials. As a security researcher and penetration tester, he often employed benign ways to get information leaks and piece them together to build device profiles. Eventually, this work led him to leverage applied research and the discovery techniques developed for security and penetration testing to create runZero.

ESET Research dives into the onboarding and scamming processes of Telekopye online fraudsters

ESET researchers have analyzed how aspiring new attackers join Telekopye groups, thanks to ads in underground forums, and present a detailed view of the whole scamming operation from the attackers’ perspective.
The research contains analyses of the scam scenarios and what each Neanderthal has to do in order to be successful. (ESET Research refers to the scammers using Telekopye as Neanderthals.)
Telekopye’s capabilities include creating phishing websites, sending phishing SMS and emails, and creating fake screenshots.
According to ESET telemetry, this tool is still in use and in active development. The toolkit is implemented as a Telegram bot.

BRATISLAVA, PRAGUE — November 23, 2023 — ESET researchers have recently discovered and analyzed Telekopye, a toolkit that helps less tech-savvy people pull off online scams more easily, with the first part of the research being published in August. In this second part, ESET Research focuses on scammers’ internal onboarding process, a detailed view of the whole scamming operation, and analysis of the scam scenarios.

The capabilities of Telekopye include creating phishing websites, sending phishing SMS texts and emails, and creating fake screenshots. According to ESET telemetry, this tool is still in use and in active development,and is implemented as a Telegram bot. Victims of this scam operation are called Mammoths by the scammers. For the sake of clarity, and following the same logic, ESET refers in its findings to the scammers using Telekopye as Neanderthals.

Telekopye groups recruit new Neanderthals via advertisements across many different channels, including underground forums. These advertisements clearly state the purpose: to scam online marketplace users. Aspiring Neanderthals are required to fill out an application, answering basic questions like what experience they have in this line of “work.” If approved by existing group members with sufficiently high rank, the new Neanderthals can start using Telekopye to its full potential.

There are three main scam scenarios: seller, buyer, and refund. In the seller scam, attackers pose as sellers and try to lure unsuspecting victims into buying some nonexistent item. When the victim shows interest in the item, the “seller“ persuades him them to pay online rather than in person and provides a link to a phishing website posing as a legitimate payment site. Unlike the legitimate web page, though, this page asks for an online banking login, credit card details (sometimes including balance), or other sensitive information. The phishing website automatically steals it.

In the buyer scam, attackers pose as buyers, researching victims to target. They show interest in an item and claim they’ve already paid via the provided platform. Then they send the victim an email or SMS message (created via Telekopye) with a link to a carefully crafted phishing website, claiming that the victim needs to click this link in order to receive their money from the platform. The rest of the scenario is very similar to the “seller“ scam. In the refund scenario, attackers create a situation where the victim is expecting a refund and subsequently send them a phishing email with a link to the phishing website, once again serving the same purpose.

“In almost every group of Neanderthals, we can find references to manuals with online market research from which Neanderthals draw their strategies and conclusions,” says ESET researcher Radek Jizba, who investigated Telekopye. “For example, during the buyer scam scenario, Neanderthals choose their targets based on the type of items they are selling. For instance, some groups avoid electronics completely. The price of the item is also important. Manuals recommend that Neanderthals, in the buyer scam scenario, pick items with a price between €9.50 to €290,” he adds. Additionally, attackers using Telekopye utilize web scrapers to quickly go through many online marketplace listings and pick a “perfect victim” who will most likely fall for the scam.

Telekopye attackers believe that their groups are full of “rats” (for example, law enforcement or researchers). Thus, they religiously stick to the rules; mainly, no probing for information that could identify other members of the group. Breaking such rules may very well result in being banned. The golden rule is “Work more, talk less.”

Even though the main targets of scammers are online markets popular in Russia, such as OLX and YULA, ESET has also observed targets that are not native to Russia, such as BlaBlaCar and eBay, and even others that have nothing in common with Russia, like Jófogás and Sbazar. 

For more information about how Telekopye attackers operate, check out the blogpost “Telekopye: Chamber of Neanderthal’s Secrets.” Make sure to follow ESET Research on Twitter (now known as X) for the latest news from ESET Research.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×