Daly City, CA – Thursday, October 28, 2021 – Vicarius, Inc. announced today that it has achieved SOC 2 Type II compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for SOC for Service Organizations also known as SSAE 18. Achieving this standard with an unqualified opinion serves as third-party industry validation that Vicarius, Inc. provides enterprise-level security for customer’s data secured in the Vicarius, Inc. System.
In 2021, the increasing number of cyber security attacks on major critical infrastructure operators grabbed the headlines. The successful attacks targeted different industrial sectors such as oil pipelines, food manufacturers, and water and wastewater facilities. Up until these attacks occurred, the media and the industrial sectors paid little attention to the cybersecurity of critical infrastructure.
Now that organizations and analysts are increasing their awareness of the different risks and vulnerabilities with critical infrastructure and OT environments, it is becoming more visible and how impactful these risks have on our daily lives. The recent increase of attacks on the different industrial sectors is finally receiving attention including at the highest levels of several governments.
In May 2021, the President of the United States Joe Biden issued an Executive Order on improving the nation’s cybersecurity with a clear focus on critical infrastructure. As stated, “The scope of protection and security must include systems that process data (information technology (IT) and those that run the vital machinery that ensures our safety (operational technology (OT).”
While this is a great first step into advancing OT security, it is simply not enough. The different risks are due to three key factors. First, more critical infrastructure operators are digitalizing their equipment and environments which is resulting in their organizations becoming more vulnerable to cyber attacks. Second, the trend of converging IT and OT to be more interconnected has resulted in IT exploitation which is affecting OT environments. Last but not least, cyber criminals and nation-state attackers are attacking more aggressively by adopting more sophisticated tactics to exploit industrial control systems (ICS).
The Growing OT Attack Surface
As operational technology (OT) networks are becoming increasingly connected to an organization’s network infrastructure, older strategies such as ‘air gapping’ are no longer relevant or feasible.
Many organizations think IT security best practices are the answer and will search for IT security solutions that could possibly integrate with their OT environments. This is the wrong approach to gain visibility and threat detection into OT networks. OT networks need a specifically designed solution that can detect security risks to avoid the exploitation of critical infrastructure. By deploying the wrong kind of solution within an OT environment it can result in different problems occurring to the OT network such as downtime and false-positive alerts and more.
Instead, organizations should deploy OT security solutions that are designed and integrated with Zero Trust capabilities. This is the idea of limiting access to users, devices and equipment without the proper identification and permissions. So how does the Zero Trust model relate to OT networks?
Zero Trust For OT Networks
The Zero Trust motto is “never trust, always verify” and this is especially true when creating security controls in OT networks and devices.
Many OT devices and systems are still using un-encrypted and unauthenticated protocols. However, it’s not just the devices. Too often, OT teams are not open to the idea of connecting their once-isolated systems or PLCs to the Internet, despite those systems being implemented with encryption and authentication. As more IT and OT systems are opening their gates to connect to the Internet, the need to adopt the principle of less privilege is more aligned with the expanding threat landscape.
Organizations need to look at OT security solutions that can provide policy-based access for authorized users. This is the approach that only OT teams or other specific users should have access to OT environments. Simply put, only employees who need access to OT networks and devices to do their day-to-day job should have access.
Enforcing access controls early on, which is based on the principle that no one should be able to connect unless authorized, will allow security teams to provide access once authorized. Each user and device access request needs to be verified and then, only if verified, the access will be granted to the authorized users.
By implementing the Zero Trust security model with granular access authorization, it can guarantee organizations that the proper access is being granted in OT environments with an additional level of security. By restricting who has access to what network or device, the Zero Trust model will help minimize the attack surface of the increasing risks within an OT environment.
Additionally enforcing MFA (multi-factor authentication) is another essential Zero Trust model capability for OT leaders to implement with role-based access. With MFA, access is only granted after successfully presenting two or more pieces of evidence, or factors, to an authentication mechanism. These factors will provide an additional layer of security against unauthorized access for OT environments.
While the task to integrate the basic Zero Trust framework is not a simple task across complex environments like OT networks, rethinking a security approach with the Zero Trust framework is the right step in protecting critical infrastructure and OT environments.
SCADAfence Offers Zero Trust Capabilities for OT Environments
SCADAfence is the only OT security vendor offering an OT network security solution that integrates with the Zero Trust model for industrial environments. The SCADAfence Platform enables users to define access-group segmentation and to enforce Zero Trust capabilities in their OT networks. Users can gain full visibility of their production networks which are designed and supported by the Zero Trust security framework.
With the industry-leading Einstein baseline, the SCADAfence Platform learns an entire industrial network in less than 2 days. This includes learning all traffic patterns, asset behavior and network subnets. The Platform is able to immediately send alerts on any anomalies or deviations from the normal network behavior.
When the Zero-Trust model is enabled in the Einstein baseline period, the Platform not only displays and alerts users of all the activities and devices on the network, but all network behaviors are treated as potentially malicious until further verified.
As we continue to advance our leading OT security platform with more security features and capabilities, SCADAfence users continuously have more flexibility to manage their OT environments. Our latest integration of Zero Trust capabilities, will guide users with an additional level of security from the baseline stage to the ongoing security management stage and onward.
To learn more about SCADAfence’s Zero Trust capabilities for OT networks, schedule a demo with one of our experts here: https://l.scadafence.com/demo
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.
Despite being something old, from the 1990s, few people know how pass-the-hash attacks work.
Keep reading the article to find out!
Pass-the-hash attacks occur when an attacker steals a user’s credential with a hash function.
Without “breaking” this function, the attacker reuses it to trick an authentication system into creating a new authenticated session on the same network.
For those who are not aware of it, a hash function is any algorithm that maps large, variable-sized data to small, fixed-sized data.
Hash functions are widely used in order to verify the integrity of downloads, search for elements in databases, or transmit and store passwords.
Hence the “pass-the-hash” name, which literally means this—exactly what attackers do through this attack.
Pass-the-hash attacks are primarily a lateral movement technique.
This means hackers are using the hash to extract additional information and credentials after they have already compromised a device.
By moving “sideways” between devices and accounts, attackers can “pass the hash” to get all the correct credentials from someone else.
With this, they can eventually “scale up” their domain privileges and access more influential systems, like an administrator account on their personal computer, without even needing their password.
Another interesting fact is that most of the movement performed during a pass-the-hash attack uses a remote software program, such as malware.
Typically, pass-the-hash attacks target Windows systems.
However, they can also work against other operating systems, in some cases on any authentication protocol such as Kerberos.
Windows is especially vulnerable to these attacks because of its single sign-on function.
This function allows users who, by entering the password only once, can access all the features they want.
The single sign-on function also requires users’ credentials to be cached on the system, making it easier for attackers to access.
That is one of the reasons why it is so important to know the 7 Tips to Prevent Cyberattacks While Remote Working.
To perform a pass-the-hash attack, the attacker first obtains the hashes of the targeted system using any number of hash dump tools, such as fgdump and pwdump7.
The attacker then uses these tools to place the obtained hashes into a Local Security Authority Subsystem Service (LSASS).
Pass-the-hash attacks are often targeted at Windows machines due to the security vulnerability of NTLM (New Technology Local Area Network Manager) hashes once administrator privileges have been obtained.
These attacks often trick a Windows-based authentication system into “believing” that the attacker’s endpoint is the legitimate user’s endpoint.
Thus, the system automatically supplies the necessary credentials when the attacker tries to access the targeted system.
And all this can be done, as already said, without the need for the original password.
The key used by attackers to perform these types of attacks is the NTLM hash, which is nothing more than fixed-length mathematical codes derived from passwords.
NTLM hashes allow the attacker to use compromised domain accounts without extracting the password in plain text.
This is because computer operating systems such as Windows never actually send or save user passwords on their network.
Instead, these systems store passwords as encrypted NTLM hashes, which represent the password, but cannot be reverse-engineered.
NTLM hashes can still be used in place of a password to access various accounts and resources on the network.
For an attacker to be able to access LSASS, they must successfully compromise a computer to the point where the malware can run with local administrator rights.
Therefore, this is one of the biggest obstacles to pass-the-hash attacks. And knowing how to securely control your privileged accounts with PEDM is another big obstacle, too.
Once a Windows-based machine is compromised and the deployed malware is given access to local usernames and NTLM hashes, do you know what happens?
The attacker can even choose whether to get more credentials or try to access network resources using privileged user credentials.
By gathering more user credentials, an attacker can retrieve the credentials of users who have separate accounts on the Windows machine, such as a service account, or who still have remote access to the computer with an administrator login, for example.
Remote information technology (IT) administrators connecting to the compromised Windows machine will expose their NTLM username and hash to the now-integrated malware.
An attacker with IT administrator credentials can then move “sideways” across networked devices.
The “lateral movement” is an effective way to search for users with elevated privileges, such as administrative rights to protected resources.
Privilege escalation can be achieved by locating the credentials of an administrator with greater administrative access.
These elevated features can also include access to customer databases and email servers.
Because this type of attack exploits the features and capabilities of the NTLM protocol, the threat can never be completely eliminated.
Once an attacker compromises a computer, pass-the-hash becomes just one of the malicious activities that can be performed.
A 2019 study found that 95% of its 1,000 respondents experienced a direct business effect from pass-the-hash in their organizations.
About 40% of these attacks resulted in lost revenue and 70% incurred increased operational costs.
No wonder that many IT experts consider pass-the-hash attacks to be among the top cybersecurity vulnerabilities in Industry 4.0.
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.
BRATISLAVA — October 19, 2021 – Today, global cybersecurity leader ESET launched a new version of its consumer security lineup along with ESET HOME, a platform that allows users to manage the security of all their Windows and Android home devices from one seamless and convenient interface.
With the steady tide of cyberattacks, it is essential that home users remain protected. As smartphones are increasingly at the center of people’s digital lives, empowering users to manage their security via mobile devices is critical. To effectively address home users’ requirements and provide top-level protection ESET is introducing LiveGuard, integrated within ESET Smart Security® Premium. LiveGuard provides an additional proactive layer of protection against never-before-seen types of threats. Additionally, ESET NOD32 Antivirus, ESET Internet Security and ESET Smart Security® Premium offer improved protection and a host of new features for customers. Recognizing how our digital lives have changed over the past year, these upgrades focus on banking and payment protection, ransomware protection, parental control and password management. At the center of the new suite of ESET products is ESET HOME, a new and improved management platform that makes it easy to manage security at home whenever and wherever required. ESET HOME provides users with a complete overview of all their ESET solutions for Windows and Android devices in one place, giving users total visibility of the current protection status of the various devices connected to their accounts. Accessible via web portal and mobile app, the ESET HOME platform is designed with mobile users in mind and built for on-the-go security management. The application enables users to add, manage and share licenses with family and friends, and to manage Anti-Theft, Parental Control and Password Manager via the web portal. Other key updates in the new product suite include:Mária Trnková, consumer & IoT segment director at ESET, commented, “We are incredibly excited about this launch and to provide consumers with the very latest in cybersecurity protection. The updated product suite, including our new LiveGuard feature and the impressive ESET HOME platform puts users firmly in control of their home cybersecurity needs and instills them with the confidence needed to manage multiple devices on the go. After more than a year of being heavily reliant on technology, and with the threat landscape constantly evolving, it is vital to us that our consumer users are protected with cutting-edge solutions that are easily accessible and best in class in terms of user experience.”
To find out more about all the new features and improvements coming in the latest version of our consumer offering, head to https://www.eset.com/hk/.Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.
On the way to perfecting its services, Pandora FMS launches one of the most advanced and complete solutions in its history as monitoring software: Monitoring as a Service (MaaS).
As we all know by now, Pandora FMS is a software for network monitoring that, among many other possibilities, allows visually monitoring the status and performance of several parameters from different operating systems (servers, applications, hardware systems, firewalls, proxies, databases, web servers, routers…). It can also be deployed on almost any operating system and has remote monitoring (WMI, SNMP, TCP, UDP, ICMP, HTTP …), etc.
But what concerns us this time is to see how Pandora FMS once again surpasses itself with Monitoring as a Service. Because yes!, it is time for you to have Pandora FMS ready to use and ready to cover all of your needs. Avoid, from now on, wasting valuable resources on installation, maintenance and operation, MaaS is fully intended as a flexible and easy-to-understand subscription model.
In order not to roughly explain it in a rush, we better go into detail and list some of the most important advantages of Monitoring as a Service (MaaS).
Going straight to the point, Monitoring as a service (MaaS) provides unlimited scalability and instant access from anywhere and gets rid of worrying about maintaining storage, servers, backups, and software updates.
It is up to you to discover, right away, how the digital transformation of all business processes makes Monitoring as a Service (MaaS) an essential activity to boost the productivity of your company.
Of course, given such a technological scoop, you may have some doubts about the subject. Here we answer several of the most frequent questions that we were asked.
There is no agent limit, although the service starts from 100 agents. There is no limit on alerts or disk storage.
45 days maximum. However, you may optionally hire a history data retention system to store data for up to two years.
The service availability SLA is 99.726% in Basic service, 99.932% in Standard service and 99.954% in Advanced service. In short, we will make sure it is never down.
We have several locations, to comply with different legislations, such as GDPR (EU), GPA (UK), CBPR (APEC) and CPA (California).
In addition to an availability SLA guaranteed by contract, our servers are exclusive for each client, we have 24/7 monitoring, and our own system security. Of course, backup is included in the service.
You pay a fee per month, which is calculated on the number of agents you are using that month. So if you increase the number of agents in a certain month, you will pay more that month. However, if you decrease the number of agents, you will pay less. There are also some start-up costs for the service and also some optional packages, such as if you want our engineers to develop a custom integration or help you deploy monitoring in your internal systems.
Quarterly or semi-annually, with monthly cost calculations, so you can plan growth and costs without surprises.
From Pandora FMS Enterprise license to the operating system, database management, system optimization, maintenance, updates, emergency patches, integration with Telegram and SMS sending, backup and recovery, preventive maintenance, environment security and any other technical task that may take up operating time. You will only have to operate with Pandora FMS.
With the basic service, if you want to make a report or configure an alert, you can do it directly, without worrying about installing, configuring or parameterizing anything. In the Standard and Advanced service you can ask us to do it for you and we will be happy to do so, the same applies for building remote plugins, creating reports, users, policies, graphs or any other administrative Pandora FMS task. In the Standard and Advanced services you will have a number of hours of service each month for any request you may make, and our technical team will be at your disposal. Our technical team will be at your complete disposal.
Full office hours (from 9 AM to 6 PM) in America and Europe. From San Francisco to Moscow.
If you can no longer handle the intrigue and want to see how far the possibilities of Monitoring as a service go, you may now hire the solution through this link.
Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.
Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
About PandoraFMS
Pandora FMS is a flexible monitoring system, capable of monitoring devices, infrastructures, applications, services and business processes.
Of course, one of the things that Pandora FMS can control is the hard disks of your computers.
Click one of our contacts below to chat on WhatsApp
