Skip to content

訊連科技推出全新威力導演365商業版及AdDirector行動版App 協助商業用戶快速打造吸睛廣告及社群影片

內建超過 60萬種Shutterstock素材庫及超過三百種廣告影片範本
協助行銷人員三分鐘輕鬆打造各種平台的廣告影片

【2020年9月17日,台北訊】多媒體創作軟體領導廠商訊連科技(5203.TW)今日發布為商業用戶量身打造的「威力導演365商業版」及「AdDirector」行動App。近年來影片內容行銷對各式品牌日益重要,無論是企業、公司行號、餐廳或個人工作室,打造吸睛的廣告及社群影片都是數位行銷重要環節。全新的「威力導演365商業版」及「AdDirector」行動App可協助商業用戶利用超過三百種內建範本、及超過60萬種豐富素材的Shutterstock素材庫,即使在沒有專職影片製作人員或外包預算下,也能在三分鐘內快速打造行銷影片,上傳至社群或進行數位廣告投放。

全球社群活躍用戶在2020年已達到39.6億[1],隨著社群平台和數位行銷蓬勃發展,影片也成為消費者與品牌的主要溝通方式。超過65%的消費者即指出,一周至少一次透過社群網紅的內容來了解新產品或品牌[2]。疫情影響時期尤為如此,多數企業主面臨的困境主

要為影音素材有限,無法整合並產出吸睛的社群行銷內容。訊連科技全新推出的創意導演365商業版及AdDirector行動App,內建美食、時尚、美妝、教學、旅遊、運動、健康與保健、房地產、季節等超過10種主題、超過三百組的高品質廣告影片範本,針對訂閱用戶,亦會每月更新擴充內容,提供更多設計範本。此外,威力導演365商業版及AdDirector行動App內建了超過60萬筆Shutterstock授權的影片、圖片及音樂等商用素材,讓用戶不再需要為找尋適合範本、素材傷透腦筋。

威力導演365商業版及AdDirector行動版App的功能簡單易用,僅需三個步驟:挑選範本、置換文字及logo、置換範本中的影音素材,可在三分鐘內快速打造廣告或社群影片。而針對各種不同平台對於影片比例的需求,用戶也可於各式範本中快速選擇、切換1:1、16:9及9:16等多種主流尺寸,供作Instagram、Facebook及YouTube等主流社群平台之行銷內容或廣告影片製作。

「數位行銷是企業數位轉型重要的一環,影片內容可廣泛應用在內容行銷、社群行銷及數位廣告等。然而,製作專業的影片對於大多數企業或是個人工作室都是重大難題,往往需要專職影片人員或是高昂的外包成本,更遑論曠日廢時的影片製作時間及流程。」訊連科技執行長黃肇雄表示:「威力導演365商業版及AdDirector行動App是專為各式企業設計的影片製作工具,協助企業簡單上手、內容豐富、快速生成及跨平台優化的影片製作工具,讓企業用戶不再需要為了製作行銷影片傷透腦筋。」

針對進階的影片製作需求,威力導演365商業版也提供了新版本的威力導演完整功能及編輯工具。除了於程式啟動時,使用廣告設計師透過範本快速製作影片外,對於有進階編輯影片需求之商業用戶,也可選擇完整編輯模式,使用威力導演的多樣功能編輯影片。

[1] Global social media research summary, July 2020

[2] Rakuten Marketing

  

威力導演365商業版及AdDirector 訂閱方案特色

  • 每月新增創意特效:無限使用創意導演家族的影音擴充內容,並每月增加更多套件與素材,提供源源不絕的創作靈感!
  • 每月最新背景音樂與音效:無限使用Shutterstock素材庫影片、背景音樂及酷炫音效,揮灑創意不再受限!
  • 優先客服禮遇。
  • 50GB容量訊連雲空間。

威力導演365商業版方案

  • 威力導演365商業版 (Windows)
  • AdDirector (Android) / (iOS) 

即日起威力導演365商業版已可於訊連科技線上商城及指定零售通路選購,並內建繁體中文、簡體中文、英文、法文、德文、義大利文、西班牙文、日文及韓文等九國語系,AdDirector可於AppStore Google Play商店下載。

2020創意導演家族新品線上發表會

活動回看連結:https://u.cyberlink.com/live/840385615882094748

關於Version 2

Version 2 Digital 是立足亞洲的增值代理商及IT開發者。公司在網絡安全、雲端、數據保護、終端設備、基礎設施、系統監控、存儲、網絡管理、商業生產力和通信產品等各個領域代理發展各種 IT 產品。透過公司龐大的網絡、通路、銷售點、分銷商及合作夥伴,Version 2 提供廣被市場讚賞的產品及服務。Version 2 的銷售網絡包括台灣、香港、澳門、中國大陸、新加坡、馬來西亞等各亞太地區,客戶來自各行各業,包括全球 1000 大跨國企業、上市公司、公用事業、醫療、金融、教育機構、政府部門、無數成功的中小企及來自亞洲各城市的消費市場客戶。

關於CyberLink
訊連科技創立於1996年,擁有頂尖視訊與音訊技術的影音軟體公司,專精於數位影音軟體及多媒體串流應用解決方案產品研發,並以「抓準技術板塊,擴大全球行銷布局」的策略,深根台灣、佈局全球,展現亮麗的成績。訊連科技以先進的技術提供完美的高解析影音播放效果、以尖端的科技提供完整的高解析度擷取、編輯、製片及燒錄功能且完整支援各種高解析度影片及音訊格式。產品包括:「威力導演」、「PowerDVD」、「威力製片」、「威力酷燒」等。

MARTIN HALLER EXCLUSIVELY IN AN INTERVIEW FOR GREYCORTEX

In the header of your blog there’s written “In the head of a Network Administrator: Thoughts, ideas, insights” – that brings up a question: what have you been dealing with in terms of security at your clients in the past few months?

That’s a pretty good question. I’ve been thinking about changing the header recently into something in the sense of “IT security lies in thorough and honest work”, which corresponds the most with what we come across during audits in companies.
IT departments often try to do “rocket science”. They consider advanced and expensive technologies, such as sandboxing and SIEM, skipping basic and simple concepts. For instance, they update servers twice a year, they use just a few passwords (as they haven’t adopted a password manager), they administer everything under the domain admin account and they haven’t performed a test disaster recovery from backup yet.
Don’t get me wrong. Sandboxing and SIEM are really useful technologies. It’s just that they belong to “add-on” technologies, and it’s necessary to get the network tidy first – get to know it inside out, be aware of all devices, setup the firewall and antivirus correctly. Basically, it’s important to focus first on activities that will contribute to security the most with the least effort.

You mention sophisticated attacks and chaotic arrangement of the infrastructure – what kind of impact might they have on organizations and companies? And what risks do you as an expert link with them?

When investigating attacks, I’m often taken aback by how fast the attackers manage to perform a “lateral movement”. It’s the stage of attacks in which attackers have a device under control, and they attempt to extend it to as much of the network as possible. In many cases they manage within a few hours. For example, in one case they managed to get a backdoor to a Director’s PA’s computer using spear-phishing. On Friday night they connected to it and within three hours they took over the domain administrator account and took control of the whole network. That’s a very short time and it’s really difficult for a company without 24/7 network security monitoring to react in time.
It’s critical to invest more time in securing the internal network to make “lateral movement” harder for the attackers and get time to detect and stop them.
Most administrators I meet put all their effort into protecting the “perimeter”. They see the security black and white – the Internet’s full of the bad, while the internal network seems safe to them. That’s a pity as the perimeter’s usually very well secured and the extra time invested has little effect. On the other hand, the internal network tends to be neglected security-wise, so every single day spent securing it is noticeable.

I understand there’s not a single correct approach that would protect all users. In your opinion, though, is there a “must” for the companies to protect their data nowadays? Something that’s changed in this respect in the past 10 years, e.g. new technologies or tools?

The thing is that security will probably never be 100 %. There will always be some zero-day vulnerabilities, human errors, and it won’t be possible to apply all security technologies (e.g. they won’t be compatible with business requirements). That’s why every company should have an efficient back-up system, resistant to hacker attacks. Thanks to that they’ll be able to get their data back without having to pay a ransom.
The development of the cloud and fast Internet has helped a lot in this area. It’s possible to make off-site backups in the cloud for a reasonable price, where the backups are protected against deleting (thanks to snapshotting, i.e. preserving a state of the storage where backups are located to a particular point in time) and natural disasters.
That doesn’t mean, though, that it isn’t necessary to deal with security anymore. A successful attack still means a downtime for days or weeks for companies as well as the risk of making their private data public.

So, it’s not just about eliminating the causes, but prevention – it’s clear that as an expert on IT security you often face misunderstanding from budget holders. What arguments or real-life cases do you use at such moments?

Exactly, the prevention is paramount. It’s cheaper to prevent problems than to deal with their consequences. Thanks to the media attention paid to the recent cyber attacks (on hospitals) the budget holders now realize the need to deal with security. The money is there. The issue is its effective allocation. Almost every IT company now “does” security. There’re also a lot of vendors of security SW / HW solutions. Security’s not a commodity, though, and the quality of individual solutions differs diametrically. The price isn’t a reliable indicator, either. Our strategy is to educate the public in the area of security. And we want Czech companies and institutions to have good security.

So far, the year 2020 seems to be a year full of changes and the need to be prepared even for the most unbelievable moments, which applies to cyberattacks, too. After all, some may be considered more likely a target than others. For example, in the USA there’ll be the presidential election, the Olympics in Tokyo (postponed to 2021), the world economics has shaken due to the coronavirus, and a lot of companies “go online”, which poses enormous risk in itself. Are there any other events or circumstances this year that, in your opinion, may carry a higher risk of attack?

Talking about the Olympics, I’ve read an article about a cyberattack on the 2018 Winter Olympics in PyeongChang, South Korea. It was a very interesting and sophisticated attack which didn’t turn into a fiasco only thanks to a coincidence and a bit of luck. I definitely recommend reading “The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History”.
It’s hard to say whether companies “going online” will have any influence on cybercrime. Most companies were already ready for home office and remote work. On the other hand, there are still a lot of companies on the market that are only about to modernize and digitize their processes. Due to the lack of IT people on the market, it’s possible that some implementations of changes won’t be done very thoroughly.

Given the direction hacker attacks have taken recently – where do you see the future of security tools?

Good question. Apart from imposing restrictions, it’s also crucial to have an overview of your network. That’s the only way how to recognize that the “restrictions” have been overcome and there’s an intruder in the network. Systems such as IDS / IPS will help you with that, as well as honeypots, network traffic analyzers, or SIEM systems. The choice of the system depends on the needs and possibilities of each company, though.


Apart from an early warning about a network issue, the systems are also necessary for backward incident investigation. With their help, it’s possible to find out how far the attackers got, which accounts and devices were compromised, which techniques and programs they used during the attack, which data they took out, how long the network was compromised, or the intrusion vector (the route of the attack). Without such systems the investigation of attacks is strenuous and inaccurate. Especially nowadays, when ransomware groups not only encrypt the data, but also steal parts of it and subsequently publish it (unless paid), such systems are needed more than ever before. Without them it’s almost impossible to find out whether any of your data got stolen during the attack, or not. 


Due to the decreasing price of network analyzers, their constant debugging, and the increasing importance of IT, I expect their adoption to grow. These technologies have a very good price / performance ratio. 

Martin Haller

Martin Haller is a co-owner of PATRON-IT and a technician with all his heart. He specializes in cyber security and has experience as an ethical hacker. He believes it’s necessary to be able to break the network first in order to secure it well. On his blog martinhaller.cz he shares updates from the field of IT security as well as his own real-life insights. He also runs his own YouTube channel – you’ll find there e.g. what a webcam attack looks like.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About GREYCORTEX
GREYCORTEX uses advanced artificial intelligence, machine learning, and data mining methods to help organizations make their IT operations secure and reliable.

MENDEL, GREYCORTEX’s network traffic analysis solution, helps corporations, governments, and the critical infrastructure sector protect their futures by detecting cyber threats to sensitive data, networks, trade secrets, and reputations, which other network security products miss.

MENDEL is based on 10 years of extensive academic research and is designed using the same technology which was successful in four US-based NIST Challenges.

ESET Research discovers KryptoCibule: The multitasking multicurrency cryptostealer

BRATISLAVAMONTREAL – ESET researchers have discovered a previously undocumented trojan malware family that spreads through malicious torrents and that uses multiple tricks to squeeze as many cryptocoins as possible from its victims while staying under the radar. ESET named the threat KryptoCibule, and according to ESET telemetry the malware seems to primarily target users in the Czech Republic and Slovakia.

This malware is a triple threat in regard to cryptocurrencies. It uses the victim’s resources to mine coins, tries to hijack transactions by replacing wallet addresses in the clipboard and exfiltrates cryptocurrency-related files, all while deploying multiple techniques to avoid detection. KryptoCibule makes extensive use of the Tor network and the BitTorrent protocol in its communication infrastructure.  

“The malware, as written, employs some legitimate software. Some, such as Tor and the Transmission torrent client, are bundled with the installer; others are downloaded at runtime, including Apache httpd and the Buru SFTP server,” says Matthieu Faou, ESET Researcher who uncovered the new malware family.

ESET has identified multiple versions of KryptoCibule, enabling us to trace its evolution all the way back to December 2018; it remains active. New capabilities have regularly been added to the malware over its lifetime, and it is under constant development.

Most of the victims were in Czech Republic and Slovakia, and this reflects the user base of the site on which the infected torrents are found. Almost all the malicious torrents were available on uloz.to, a popular file sharing site in the two countries. Additionally, KryptoCibule specifically checks for ESET, Avast and AVG endpoint security products; ESET is headquartered in Slovakia, while the other two are owned by Avast, which is headquartered in the Czech Republic.

“KryptoCibule has three components that leverage infected hosts in order to obtain cryptocurrencies: cryptomining, clipboard hijacking and file exfiltration,” explains Faou. “Presumably the malware operators were able to earn more money by stealing wallets and mining cryptocurrencies than what we found in the wallets used by the clipboard hijacking component. Alone, the revenue generated by that component does not seem enough to justify the development effort observed,” he adds.

For more technical details about KryptoCibule, read the blogpost “KryptoCibule: The multitasking multicurrency cryptostealer” on WeLiveSecurity. Make sure to follow ESET research on Twitter for the latest news from ESET Research.

KryptoCibule components and tools

 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Siemens S7 PROFINET – A Shocking Network Architecture Flaw

A Shocking Flaw

Here’s an all too often overlooked item in the security architecture of industrial networks.

Below is a diagram of an industrial network architecture we’ve seen in a number of places.

In the diagram, a PLC with multiple network interfaces, in this case a PROFINET-enabled Siemens S7-300 or a S7-1500, is used to connect to the SCADA network on one side, and on the other side – to the I/O network.

Let’s imagine the following scenario:

  1. An attacker has gained access to a host in the SCADA network (10.0.0.x).
  2. The attacker wants to directly attack the I/O devices at 192.168.0.x, in order to sabotage the industrial process.

The question is: What should the attacker do in order to reach the I/O devices?

Think about it, then scroll down to see the answer.

Here’s the diagram of the industrial network architecture:

If you answered “nothing”, that’s the correct answer.

The S7-300, S7-1500 and other controllers with multiple network interfaces are sometimes used to “separate” the SCADA and I/O networks.

However, there is no such separation. If you use this feature, from the perspective of the SCADA network, there’s full L2+ access to the I/O network, and vice-versa.

The PROFINET interface on the S7-1500 (for example, the S7-1511 PN model) is a network switch, allowing anyone from the SCADA network full access to the I/O network, and vice versa.

From the perspective of the attacker, the network is completely flat.

As documented in the manual entry for the S7-1500 PROFINET-enabled CPU:

Source: Siemens, S7-1500 CPU 1511-PN Manual

And as documented in the manual entry for the S7-300 PROFINET-enabled CPU:

Source: Siemens, S7-300 CPU 319-3 PN/DP Manual

How Cyber Attackers Manipulate this Flaw

All an attacker has to do in order to access the I/O network directly, is to take a device in the SCADA network, add an IP address in the I/O network and then communicate with the field devices (in the I/O network) over any protocol they choose (Ethernet, IP, TCP, UDP, ICMP, etc).

This means that for example, if you have PROFINET I/O modules running on the I/O network, they’re accessible from ANY IP on the SCADA network, both by L2 (direct Ethernet) and by L3 (IP).

If you use this topology and you trust the I/O network to be separate from the OT network, this is a major flaw in your architecture.

How to Check if your I/O Field Network is Accessible From your SCADA Network

  1. Perform the test during maintenance windows or in production with caution. Contact SCADAfence support if you need help.
  2. Find out what is the IP range for your I/O network / fieldbus.
  3. Select an IP address that’s not in use, in the I/O network range.
  4. Change the IP of a test machine in the SCADA network using the following command:
netsh int ipv4 add address "Local Area Connection" 192.168.0.253 255.255.255.0
  1. Then, ping an I/O controller, a sensor, a PLC, or any other IP that answers pings in the I/O network. If you got a response back, your I/O network is flat together with your SCADA network.

How to Discover These Vulnerabilities Automatically

This flawed design has been discovered by the SCADAfence Platform: The platform has been used to monitor both the SCADA and I/O networks of a certain industrial facility. Although the I/O network was supposed to be segmented from the SCADA network, in the sensor installed in the SCADA network, the SCADAfence security teams have seen broadcasts originating from the I/O network. When the SCADAfence security teams inspected the topology further, they discovered that in contradiction with what the system integrator and OT team believed – the networks were connected and were completely flat.

How Many Networks are Separating Between I/O and SCADA Using A Network Switch?

For the purpose of this research, it was a network misconfiguration that the SCADAfence platform helped uncover. Nonetheless, this question is very important for OT & IoT network security.

This network architecture flaw is a very clear example of how network packet analysis is a fundamental technology for the security of OT and IoT networks.

If you want to try out the SCADAfence Platform and uncover all of the vulnerabilities in your OT network, we will be glad to help you. Book your free demo here: https://l.scadafence.com/schedule-a-demo-scadafence

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About SCADAfence
SCADAfence helps companies with large-scale operational technology (OT) networks embrace the benefits of industrial IoT by reducing cyber risks and mitigating operational threats. Our non-intrusive platform provides full coverage of large-scale networks, offering best-in-class detection accuracy, asset discovery and user experience. The platform seamlessly integrates OT security within existing security operations, bridging the IT/OT convergence gap. SCADAfence secures OT networks in manufacturing, building management and critical infrastructure industries. We deliver security and visibility for some of world’s most complex OT networks, including Europe’s largest manufacturing facility. With SCADAfence, companies can operate securely, reliably and efficiently as they go through the digital transformation journey.

TÜV Rheinland Obtains CNAS and CMA Mask Testing Qualification

The international independent third-party testing, inspection and certification company, TÜV Rheinland Greater China, announced that TÜV Rheinland Shanghai has successfully obtained CNAS (China National Accreditation Service for Conformity Assessment) and CMA ((China Inspection Body and Laboratory Mandatory Approval) mask testing qualification in August.

Masks, one of the effective types of protective equipment for prevention of virus spread, are playing an important role during the COVID-19 pandemic, and their quality is closely related to the health and safety of the public. With rapidly rising demand for masks both locally and globally, how to ensure the quality of masks on the market and protect those in need from virus infection has become vital. Whether selling domestically or exporting overseas, Chinese manufacturers need to obtain a test report issued by a third-party testing company. In China, testing reports with CMA symbol can be used for product quality evaluation, results, and judicial appraisal, and have legal effect. The TÜV Rheinland Mask Testing Laboratory can provide testing services for medical protective masks, medical surgical masks, daily protective masks, and industrial protective masks basing on CNAS/CMA accreditation. The following table can help customers understand more clearly the usage standards and usage ranges for different mask types.

TÜV Rheinland, as a notified body authorized by the European Union, can provide Conformity Testing services according to EU Directive for medical device products such as medical masks, forehead thermometers, ventilators, and CT scanners. As a CNAS accredited laboratory, it provides testing services for medical masks in accordance with the harmonized standard EN 14683:2019 of Medical Devices Directive.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About TUV
The TÜV Rheinland is a leading provider of technical services worldwide. Since our foundation in 1872, we have been providing safe and sustainable solutions for the challenges arising from the interaction between man, the environment and technology.As an independent, neutral and professional organization, we are committed to working towards a future that can fulfil the needs of both mankind and the environment in the long term.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×