2024-05-04 - Version 2

Booth visitors try their hand at “PREVENT,” ESET’s custom VR game, while learning about AI-native prevention for tomorrow’s threats

San Diego, Bratislava – April 30, 2024 — ESET, a global leader in cybersecurity solutions, today announced its participation in the upcoming RSA Conference in San Francisco from May 6–9, 2024. At the event, which brings together IT experts from around the world, ESET Malware Researcher Martin Smolár will present on critical vulnerabilities and long-lasting problems in Unified Extensible Firmware Interface (UEFI) security, which resulted into the discovery of the BlackLotus UEFI bootkit. Details about the session, which takes place on May 7 at 1:15pm PT in Moscone West, Room 3002, are available here.

“Although UEFI firmware is widely deployed, and number of the real UEFI threats is increasing every year, most organizations overlook the security risks in this critical computing layer. UEFI bootkits are very powerful threats, having full control over the OS boot process and thus capable of operating stealthily and disabling various security mechanisms. Martin’s presentation discloses the latest tactics being used by adversaries and how organizations can ramp up their own security posture,” said Michal Jankech, Vice President of SMB and MSP segments at ESET.

Visitors to ESET’s Booth 1761 in the South Expo Hall will hear about AI-native prevention for tomorrow’s threats while getting the chance to play ESET’s immersive VR game “PREVENT,” developed for RSA attendees. Demos at the booth include:

Next-Gen Endpoint and XDR – Learn about ESET’s cloud-delivered XDR-enabling solution, ESET Inspect, and how it facilitates unparalleled threat and system visibility. Now integrated with the ESET AI Advisor, this solution leverages generative AI to enhance incident response and interactive risk analysis, thus answering the wish of many companies to be able to utilize the advantages of XDR solutions even with limited IT resources.
ESET Threat Intelligence – As organizations look to mitigate risk and extend their security intelligence, ESET Threat Intelligence feeds and premium APT reports leverage real-time, globally sourced curated data insights on cyber threats ranging from targeted attacks to zero-days and botnet activities. This global visibility enables businesses, governments, and channel companies to make critical decisions faster, giving them a strategic advantage and competitive edge in the fight against cybercrime.
Managed Detection and Response (MDR) – Attendees will learn how ESET MDR provides 24/7 threat monitoring, hunting, and remediation. ESET’s blend of AI technologies and human expertise delivers rapid responses within a 20-minute window. This rapid action minimizes damage and ensures the safety of organizations. With ESET MDR, businesses can focus on core objectives, knowing that their defenses are actively safeguarded.
Managed Service Provider (MSP) Program – ESET’s flexible and profitable model features tier-based volume pricing and real-time license usage tracking for efficiency in security management, optimizing resource allocation and elevating service quality. Whether MSPs serve a few clients or manage a large portfolio, ESET’s pricing structure adapts to their growth.
ESET Integrations – ESET has kickstarted its API integration program by partnering with industry leading security providers. Discover how we are supercharging our partners’ solutions with ESET telemetry thanks to globally sourced data from ESET Inspect and our collected research in the form of ESET Threat Intelligence feeds.

“This year’s theme at RSA is ‘The Art of Possible’ – showcasing the importance of creativity and innovation to battle dynamic cyber threats. Following significant investments, we look forward to meeting with ESET partners, business customers, and prospective users from around the world at RSA who are looking to battle tomorrow’s toughest adversaries with next-generation AI-native solutions,” added Michal Jankech.

In addition to the live demos, ESET is hosting expert talks at its booth as well as specialized briefings at the Press Club SF, a few steps away from the Moscone Center. Register online to meet ESET technology and research experts at the show or attend private briefings, including sessions on Threat Intelligence and Corporate Solutions. Separately, visitors to the booth can hear a range of presentations, including Robert Lipovský highlighting how the ESET Threat Intelligence portal is enhanced with AI for quick responses, James Rodewald on the proactive capabilities of ESET’s Managed Detection and Response service, and presentations from ESET partners.

For more information on ESET’s presence at RSA and how to register for special events, visit RSCA2024 I ESET.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

ESET 2024

Recently, we’ve witnessed some of the biggest cyber attacks in history, shaking the foundations of industries and institutions worldwide. From ransomware to malware, these attacks have left a trail of destruction in their wake. Let’s delve into the top 5 biggest cyber attacks of the past 12 months and explore the chaos they have unleashed.

1. Optus Data Breach

In September 2023, Optus, Australia’s second-largest telecommunications company, experienced a massive data breach affecting 9.8 million users. This breach exposed customer data including names, addresses, phone numbers, and for some records, passport numbers. The breach resulted from a security flaw in an API that attackers exploited. Optus has faced significant scrutiny regarding its cybersecurity practices, and the incident has sparked calls for stronger data protection laws in Australia.

2. Uber and Rockstar Games Data Breach

In mid-2023, Uber reported a major security breach that also extended to other companies like Rockstar Games. An 18-year-old hacker claimed responsibility, stating that they gained access through social engineering and compromised employee accounts. At Uber, the attacker accessed several internal systems, though Uber claimed that no sensitive user data was exposed. For Rockstar Games, early development footage from the upcoming Grand Theft Auto VI was leaked online, causing significant disruptions.

3. Los Angeles Unified School District Ransomware Attack

In September 2023, the Los Angeles Unified School District, one of the largest school districts in the U.S., was hit by a ransomware attack that disrupted its IT systems. This attack highlighted the vulnerability of educational institutions to cyber threats, which often lack the resources to fend off sophisticated attacks. The district refused to pay the ransom, and the incident led to increased federal support for cybersecurity in schools.

4. Royal Mail Ransomware Attack

In January 2024, the UK’s Royal Mail service suffered a ransomware attack that severely disrupted international shipments. The attack, attributed to a Russian cybercrime group, led to significant delays and operational challenges. This incident demonstrated the broader implications of cyber attacks on critical infrastructure and logistical chains.

5. Health Service Executive of Ireland Ransomware Attack

Recovery and fallout continued from the May 2021 ransomware attack on Ireland’s Health Service Executive (HSE), the largest healthcare provider in the country. This attack had long-lasting effects into the following year, with costs for recovery and system upgrades expected to exceed €100 million. The incident served as a critical lesson in the importance of proactive cybersecurity measures in protecting sensitive health data and ensuring the continuity of critical healthcare services.

What Can these Attacks Tell Us?

These recent cyber attacks underscore the necessity for ongoing vigilance and investment in cybersecurity across all sectors. Each incident provides key insights:

Telecommunications and tech companies must enhance their API security and employee training to prevent data breaches.
Educational institutions require more robust funding and strategic planning to improve their cyber defenses.
Logistics and essential services should prioritize cybersecurity to maintain operations and trust in times of crisis.
Healthcare organizations must focus on securing patient data and critical healthcare systems against potential cyber threats.

These events call for an integrated approach to cybersecurity, involving updated regulations, enhanced security protocols, and continuous monitoring to mitigate the risks of future attacks.

	Cloud Native	Faux Cloud
Infrastructure	Provided, paid, and managed by the vendor; mostly invisible to anyone utilizing the service	Provided, paid, and managed by you through your own AWS or Azure account
Implementation	Quick time to value; much of the work is invisible to you	Depends on the complexity of the app, but it is your responsibility to do the work or pay someone else to do it
Pricing	Subscription with lower up-front cost	Perpetual license with expensive up-front cost that are amortized over time. (Note: many vendors are moving away from perpetual licensing for on-prem or faux cloud products, but as they do, their customers are getting the worst of both worlds – paying more annually while still being responsible for on-going maintenance of the product)
Total Cost of Ownership	The price of the product reflects the genuine cost of ownership	The price of the product is only one (and sometimes only a small) part of the total cost that is reflected in the staff time and public cloud expenses; in many instances, you may not even know what it is going to cost you until it is too late
Vendor Lock-In	Easy to switch to another vendor should your business needs change	Expensive license, deployment and maintenance costs make switching prohibitive, often for years
Access	Access anywhere via browser with internet connection	On-premises model often requires access via VPN (Note: what happens when there is a problem with your solution and your VPN is configured to use your on-premises system? Sounds like someone is driving into the office!)
Scalability	Automatically scales with usage	Customer must increase capacity to keep up with usage
Updates	Vendor regularly updates the underlying components such as servers, databases, etc. This process will often be invisible to you.	You are responsible for ensuring that the entire tech stack – components, databases, servers, network – is updated with the latest patches
Upgrades	You seamlessly and transparently reap the benefit of new features, enhancements, and other improvements with zero effort	Any upgrade requires you to install, test, and then deploy the upgrade in production, often during nights and weekends in case something goes wrong
Accountability	The vendor takes ownership of the uptime and security, performance, and availability of the service	Apart from the infrastructure as a service, you are on the hook for the performance, health, security, and availability of the solution, lock stock and barrel

About Version 2 Digital

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

Language: English

About Version 2 Digital

1. Optus Data Breach

2. Uber and Rockstar Games Data Breach

3. Los Angeles Unified School District Ransomware Attack

4. Royal Mail Ransomware Attack

5. Health Service Executive of Ireland Ransomware Attack

What Can these Attacks Tell Us?

About Version 2 Digital

Hello!