| Massive increase in targeted attacks, deepfakes and hacktivism. The outlook for IT security is not bright | | https://www.aec.cz/en/news/Pages/massive-increase-in-targeted-attacks-deepfakes-and-hacktivism-the-outlook-for-it-security-is-not-bright.aspx | Massive increase in targeted attacks, deepfakes and hacktivism. The outlook for IT security is not bright | <p>
<strong style="color:#6773b6;"><span style="color:#6773b6;">According to the experts at AEC, a leader in cybersecurity, some of the most common threats in cyberspace were until recently random attacks. However, we are now seeing a significant increase in targeted attacks which are much more sophisticated. The trend is towards a combination of different types of aggressive attacks by increasingly differentiated criminal groups. Attackers, who now have cutting-edge technologies, including artificial intelligence, are also perfecting methods to put their victims under as much pressure as possible.</span></strong><br></p><p>We can still count phishing as one of the most common types of attacks, but it has changed significantly. This is also confirmed by Maroš Barabas, Head of Product Management at AEC: <em>“Phishing has become very sophisticated. We have seen the quality of phishing scams improve year on year, including the graphic appearance of the messages. Attackers are already now able to mimic any official email with such authenticity that even knowledgeable people, including IT professionals, will have trouble recognising phishing scams in the foreseeable future.”</em>
</p><p>There has also been a dramatic increase in ransomware attacks, up 200 percent from previous years. Specialists at AEC helped an unprecedented number of customers who had been attacked last year. Along with the intensity, the nature of these attacks is also changing. Hackers are focusing more on specific critical locations in the systems they attack such as network or backup drives.
</p><p>Attackers today operate like regular companies, meaning they have they own suppliers and customers. This allows them to become more specialised. As a result of this, they are perfecting techniques for gaining access to their victim’s infrastructure, delivering malware, extortion or laundering dirty cryptocurrency into dollars or euros.
</p><p>For companies, this means that they need to change their perspective on how to defend themselves effectively as quickly as possible. Maroš Barabas sums the situation up as follows: <em>“We expect to see an increasing emphasis on Cyber Resilience in the coming years. This means that companies will prepare in advance for the fact that sooner or later they will be attacked and have a strategy in place to recover effectively from that attack.”</em>
</p><p>Companies continue to recognise the need to train employees in cybersecurity using the most effective forms of education. However, they will also be forced to improve other security measures, including a greater emphasis on verifying the identity of all people concerned (e.g. the Zero Trust approach) and other related identity centralisation systems, so-called Identity-Centric Security. At the same time, we will see even greater adoption of passwordless authentication.
</p><p>Changes can also be expected in the greater emphasis on compliance, i.e. on ensuring that the company’s activities comply with the regulations. The European Union’s new NIS2 directive on network and information security will affect about six thousand domestic companies.
</p><p>Artificial intelligence is experiencing a massive boom. It is no longer difficult for hackers to access the most advanced technologies, which offer them much greater options for automation, including the opportunity to use an almost unlimited range of languages. All of this ultimately gives them a greater chance of succeeding with much faster and more powerful attacks, including deepfakes.
</p><p>Hacktivism and disinformation campaigns are becoming a major topic. The war in Ukraine has shown us that there is a growing number of groups which are assiduously organising themselves to carry out attacks, for example to execute code, overwhelm the system of a selected company and cause as much damage to it as possible. An ever-increasing threat to companies may also be posed by their own people. If employees are frustrated, for example by their economic situation, they are more likely to believe all sorts of half-truths and are more willing to harm their employer, often with fatal consequences.
</p><p>Another risk is the rapid development of digitalisation and cloud technologies, which are however being used in an old-fashioned way due to a lack of trust in the unknown. Experts agree that sooner or later companies will have to rethink this approach and start addressing API security, although many will only do so after they have been the target of an attack.
</p><p><em>“There is no doubt that we are facing extraordinary challenges today. Many solutions are already proving to be dead ends in the face of future threats, many technologies need to be abandoned and some stages skipped. It is clear then looking at the longer-term horizon that we will be forced to start looking at the issue of IT security in a completely new way,”</em> says Maroš Barabas from AEC, in conclusion.
</p>
<br> | | | | |
| Hackers look forward to Christmas too. Don’t make it easy for them to gain access to your wallet | | https://www.aec.cz/en/news/Pages/hackers-look-forward-to-christmas-too-dont-make-it-easy-for-them-to-gain-access-to-your-wallet.aspx | Hackers look forward to Christmas too. Don’t make it easy for them to gain access to your wallet | <p>
<strong style="color:#6773b6;"><span style="color:#6773b6;">The Christmas holidays are a critical time from the point of view of IT security. Particularly useful to attackers is the fact that people spend much more than usual in the run-up to Christmas and often do so in a hurry and are less cautious about their transactions. However, the experts at AEC, a leading cyber security provider, point out that following a few basic rules can significantly reduce the risk of an attack.</span></strong><br></p><p>Attackers count on the fact that now is precisely that time when many of us are willing to spend a lot of the money we have been saving all year. Our bank cards, mobile phones or computers are the ideal means to achieve their goal. Countering the sophisticated tricks of hardened cybercriminals is becoming increasingly difficult, yet there are ways to avoid losing your money when shopping online.</p><p>There are many situations in which hackers can catch us. This might be when choosing an e-shop, it can happen during the ordering process, during payment or just at the moment when we are expecting delivery of our goods. The experts at AEC therefore recommend that you only buy things from verified shops. Before actually ordering the goods, you can check the credibility of the e-shop on portals such as Heureka or directly on <a href="https://www.coi.cz/pro-spotrebitele/rizikove-e-shopy/">the website of the Czech Trade Inspection</a>, which is updated on a daily basis.</p><p>Another problem is ordering goods. The general advice is to enter the name of the given shop into a search engine and read a few reviews before buying anything from it. “Whether you are ordering goods using a computer or a mobile phone, always make sure that you keep your device updated and protected by high-quality antivirus software,” warns Maroš Barabas, Head of Product Management at AEC.</p><p>You should choose unique passwords whenever you register anywhere – on social media, in e-shops or with delivery services. At the same time, you must use multi-factor authentication for all of the accounts where protection of access is important to you. Here, it is advisable to use the resources and capabilities offered by the given device (for example, password management is free of charge in iOS and Android) as these can significantly complicate a hacker attack.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/aec-ukazka-phishingu-04.jpg" data-themekey="#" alt="AEC" style="margin:5px;width:658px;" />
<br>
<em style="color:#6773b6;">
<span style="color:#6773b6;">Sample of a fraudulent offer</span></em><br></p><p>The moment you come to pay also represents a big risk. “If you receive a message about any problem with a transaction, purchase or parcel and it asks you to click on a link, don’t do it,” warns Maroš Barabas, adding another important piece of advice: “No employee of any bank, post office or e-shop should ever ask you for your card number, username or password. If they do, hang up because the caller is not who they say they are.”</p><p>The period when you are waiting for delivery of your goods can also be a problematic moment in online shopping. The possibility of tracking the ordered goods represents a huge temptation to mindlessly click on a link or prompt, which may subsequently turn out to be a scam. Nowadays, attackers do not only hide behind global brands such as DHL or FedEx, but also behind high-quality fake versions of Zásilkovna or Česká pošta. So, make sure that you think carefully and calmly about every click, and if we want to be certain, check the request directly with the shop or delivery service.</p><p style="text-align:center;"><img class="maxWidthImage" src="/cz/PublishingImages/news/2022/aec-ukazka-phishingu-03.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /><br><em style="color:#6773b6;"><span style="color:#6773b6;">Sample phishing message impersonating a shipping company</span></em><br><br></p>
<br> | | | | |
| The Karel Komarek Foundation assumed patronage of a Ukrainian art exhibition in Prague | | https://www.aec.cz/en/news/Pages/the-karel-komarek-foundation-assumed-patronage-of-a-ukrainian-art-exhibition-in-prague.aspx | The Karel Komarek Foundation assumed patronage of a Ukrainian art exhibition in Prague | <p>The “Unbreakable“ exhibition of paintings and statues by Ukrainian artists is on display in the foyer of KKCG's headquarters in Prague's Bořislavka district. The Karel Komárek Family Foundation (KKFF) has taken over patronage of this exhibition of art by contemporary Ukrainian painters and sculptors. Their pieces reflect themes related to the ongoing war.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/vystava-20221005_004a.jpg" data-themekey="#" alt="KKCG Unbreakable" style="margin:5px;width:658px;" />
<br>
<br>
</p><p>The charitable fund has also decided to support the philanthropic purpose of the project with a donation of 250 000 CZK. This amount and the proceeds from the sale of the artworks themselves will purchase prosthetic limbs for Ukrainian mothers who have been injured in the war and to support children who lost their families.</p><p>“Unbreakable” is a travelling charity exhibition of fifty exhibits by twenty-six emerging and established artists. It heads to Bořislavka having been in Berlin, Vienna, Lviv, Paris, and Rome. Visitors can see or buy the artworks in Prague every weekday from 10 am to 6 pm, and on weekends from 1 pm to 6 pm, until Saturday, November 5.</p><p>You can support the exhibition, which is part of the international We and World project, without buying a painting or sculpture. You can do so through the <a href="https://lnkd.in/eF7u3p_7" target="_blank">Karel Komárek Family Foundation website</a>. The co-founder of the KKFF, Karel Komárek, is a Czech entrepreneur and philanthropist. He owns the ARICOMA Group, the largest Czech ICT holding. AEC is a member of the ARICOMA Group.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/vystava-20221005_029a.jpg" data-themekey="#" alt="KKCG Unbreakable" style="margin:5px;width:658px;" />
<br>
<br>
</p><br> | | | | |
| We fully support the Cyber product which won the Newcomer of the Year 2022 award | | https://www.aec.cz/en/news/Pages/we-fully-support-the-cyber-product-which-won-the-newcomer-of-the-year-2022-award.aspx | We fully support the Cyber product which won the Newcomer of the Year 2022 award | <p>The Newcomer of the Year 2022 award for <a href="https://www.colonnade.sk/pre-firmy/poistenie-zodpovednosti/poistenie-cyber" target="_blank">the Cyber product</a> – Insurance for corporate clients which includes a forensic service by AEC went to our partner institute Colonnade Insurance in Slovakia. The new service helps customers of the insurance company with prevention and resolution of cybersecurity issues. At a time when the number of attacks, not only on large corporations, but also on SMEs is increasing dramatically, clients of this leading financial institution can benefit from the top security service offered by our IT consultants.</p><p>The unique Cyber insurance product came out top in the independent Slovak “Gold Coin” competition to find the best financial products. Only new products launched before 22 August 2022 could be nominated for the Newcomer of the Year 2022 category. Colonnade Insurance was the only insurance company which managed to win an award with its product in the competition this year. Colonnade Insurance is one of those responsible service providers which address the issue of cybersecurity and promote awareness in this area systematically and over the long term.</p><p>“We are pleased that a product which shows such significant potential has been a success and also that we are able to get directly involved in it,” said Maroš Barabas, Head of Product Management at AEC, adding: “We are continuing to deepen our innovative cooperation, unique in this country, with Colonnade Insurance, not only during implementation of new projects, but also within the framework of education of the market, the need for which is proving to be more and more urgent.”<br><br> </p><center>
<iframe width="560" height="315" src="https://www.youtube.com/embed/vxzePo7vTBs" title="YouTube video player" frameborder="0" allowfullscreen=""></iframe>
<br></center><h3>
<br>More info:<br></h3><p>
<a href="https://www.opoisteni.sk/poistny-trh/vysledky-spolocnosti/colonnade-insurance-ziskala-ocenenie-zlata-minca-v-kategorii-objav-roka/c:23819/" target="_blank">https://www.opoisteni.sk/poistny-trh/vysledky-spolocnosti/colonnade-insurance-ziskala-ocenenie-zlata-minca-v-kategorii-objav-roka/c:23819/</a></p><br> | | | | |
| ARICOMA Group acquires Musala Soft | | https://www.aec.cz/en/news/Pages/aricoma-group-acquires-musala-soft.aspx | ARICOMA Group acquires Musala Soft | <p>ARICOMA Group and Musala Soft announce a deal for the acquisition of Musala Soft. ARICOMA Group, part of KKCG is a fast-growing European NextGen IT services provider. This investment is another key step in ARICOMA’s strategic development.</p><p>With Musala Soft, the ARICOMA Group will comprise of 10 technology companies with a consolidated turnover exceeding EUR 400 million, an EBITDA of EUR 39 million and 4000+ professionals.</p><p>“With Musala Soft onboard, we are becoming a leader in custom software development from South-eastern Europe. Musala is a natural fit for ARICOMA on our path to become a European leader, and we’re excited to work together. Its innovative culture and amazing people will further bolster our internal talent as well as market potential. The leadership team has a legacy of growing the business with client focus and a problem-solving approach. We believe that Musala will thrive as part of ARICOMA and we will jointly accelerate our long-term growth and value creation plans,” says Ludovic Gaudé, CEO of ARICOMA Digital.</p><p>“We are eager to enter a new faster chapter of our development by joining forces with ARICOMA and KKCG. The synergy with both the overlapping and complementary client base and expertise of ARICOMA gives us confidence and fuels the exciting journey ahead. Of course, we will also keep and expand together our dedication to the development of the IT community, business climate, IT education, science, innovation, and inspiring young talent,” says Elena Marinova, President and Chair of the Board of Musala Soft.</p><p>“I am delighted that we managed to reach an agreement with Musala. This is our second acquisition this year and it fits in line with our strategy to turn ARICOMA into a significant player in Europe. Musala has an exciting portfolio of clients, which will boost our Telco, Finance, and Automotive verticals. Even in these challenging times the IT sector continues to grow and increase in relevance and we remain optimistic about the industry’s potential in the long-term,” adds Michal Tománek, Investment Director at KKCG, the investment company behind ARICOMA Group.</p><p>The deal signed by the owners of Musala Soft and the ARICOMA Group is for the sale of a 100% share in the company. The full Musala Soft management team will stay on board in the long term and will actively participate in building ARICOMA’s future. The transaction is still subject to approval of the respective anti-monopoly offices and is expected to close in Q4 this year.</p><p>CMS Cameron McKenna acted as Legal Advisor and Deepak Bhandari from Marylebone Capital Advisors Private Limited acted as Financial Advisor to Musala Soft.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/musala-soft-logo.png" data-themekey="#" alt="Musala Soft" style="margin:5px;" />
<br>
<a href="https://www.musala.com/" target="_blank">Musala Soft</a> builds future generation software products and enterprise solutions for impactful organizations around the globe. The company is provider of high-end software engineering services in AI, Big Data, IoT, Analytics, Cloud, and Integration. Musala Soft professional team covers with expertise and creativity all elements of the software life cycle. Musala Soft clients are challenging, innovative and trendsetting enterprises in IT, Telecom, Finance and Automotive devoted to stability and growth, daring to pioneer new ideas and build the future. Among them are IBM, SAP, VMware, Deutsche Telecom, A1, Generali, Canaccord, Experian, Procredit Bank, PTV Group, EDAG, Bosch, KPMG, PerkinElmer, Siemens Energy, and the Financial Times. Musala Soft was founded in 2000 and has its headquarters in Bulgaria with a team of 750 employees from 10+ nationalities located in Bulgaria, North Macedonia, Egypt, Albania and Kosovo. Musala Soft is the proud winner of multiple national and international honours and recognitions in Talent Development, Science and Innovation, Quality of Software Solutions, Leadership and Corporate Social Responsibility.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/aricoma-group-purple-50px.jpg" data-themekey="#" alt="Aricoma Group" style="margin:5px;" />
<br>
<a href="https://aricomagroup.com/en/" target="_blank">ARICOMA Group</a> is a leading Central European IT Services provider with a significant Scandinavian presence providing services to 1000+ clients in 15 markets from its 8 Europe-based delivery centres. ARICOMA’s focus is to help both private- and public-sector clients navigate the ever-changing demands, risks, and business opportunities. Through its portfolio companies, it provides end-to-end digital transformation solutions, including UX design and consulting, custom software development, IT infrastructure and IT operations management, cloud operations, and cloud security services. Notable members of ARICOMA Group include Sweden- and CEE-based custom software developer Seavus, Sweden-based software developer Stratiteq, Czechia- and Slovakia-based system integrator AUTOCONT, custom software developers Cleverlance Enterprise Solutions and KOMIX, cybersecurity services specialist AEC, and government digital transformation specialist CESEA.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/KKCG-logo-35px.jpg" data-themekey="#" alt="KKCG" style="margin:5px;" />
<br>
<a href="https://aricomagroup.com/en/" target="_blank">KKCG</a>, managed by Karel Komárek, one of the most successful Czech entrepreneurs, is an international investment company with a total value of more than €9bn. KKCG develops its business activities in thirty-three countries around the world and its key fields include the entertainment industry, the energy industry, IT technologies, and real estate. It holds shares in many leading companies, including Allwyn (lotteries and gaming), ARICOMA Group (IT), MND Group (energy), KKCG Real Estate Group, and Springtide Ventures (venture capital fund with investments in European and Israeli IT start-ups).<br>
<br>
Karel Komárek Family Foundation supports a diverse range of projects, such as the construction of the REACH - a new building in the John F. Kennedy Center for the Performing Arts, support for Ukrainian people right after the war broke out and Ukrainian refugees in the Czech Republic, the restoration of South Moravia, which was damaged by the tornado in 2021, and many Czech cultural heritage projects, including the flagship Dvořák Prague International Music festival.
</p> <br> | | | | |
| We are in the TOP 10 teams in the world of the Capture the Flag competition! | | https://www.aec.cz/en/news/Pages/we-are-in-the-top-10-teams-in-the-world-of-the-capture-the-flag-competition.aspx | We are in the TOP 10 teams in the world of the Capture the Flag competition! | <h3>The AEC team, made up of Erik Šabík, Miriam Gáliková, Lukáš Bendík, Petr Řepa and Michal Kališ, finished in a fantastic ninth place in the world-renowned Tenable CTF competition. Our five colleagues, who joined forces as Želvy Ninja (Ninja Turtles), thus considerably improved on last year’s result, which was still an impressive twenty-first place. </h3><div>
<br>
</div><div>Five hectic days, 1 357 registered teams, but just a handful of truly successful ones. That was this year’s international Capture the Flag competition organised by Tenable, the American provider of top-class vulnerability monitoring solutions and also one of our company’s major partners. </div><div><br></div><div>
This year, our artists Leonardo, Michelangelo, Raphael, Donatello and Master Splinter relentlessly fought their way through the competition to finish amongst the top ten very best teams from all over the world. From 9 to 13 June 2022 each of them completed a whole range of tasks focused on IT security to win as many points as possible for their team. </div><div><br></div><div>
“<a href="https://tenable.ctfd.io/scoreboard">This year’s CTF was really interesting, especially as it emphasised dealing with attacks from the real world</a>,” said Erik Šabík, adding: “Tenable is a particularly renowned company in the security world, and just because it faces the highest level of current threats on a daily basis, we could expect this competition to be a major challenge.” </div><div><br></div><div>
The Ninja Turtles team was made up of five AEC pen testers, each specialising in a slightly different area, which proved to be an advantage in tasks that covered a broader scope. Erik, Miriam, Lukáš, Petr and Michal first focused on the areas that interest each of them the most, and completed tasks in which they excelled. </div><div><br></div><div>
“We worked together to try to find solutions to the most difficult tasks,” explained Erik Šabík. He said that, paradoxically, the team struggled most with the lesser-scoring, tasks, which were apparently easier. Yet they coped very well with the toughest assignments. </div><div><br></div><div>
The tasks in this year’s Tenable Capture the Flag included web applications, reverse engineering, cryptography, steganography and forensic analysis. There were a couple of tasks focusing on the Tenable Nessus scanner, as well as on analytical thinking. </div><div><br></div><div>In the opinion of our successful colleagues, what helped them the most in this year’s achievement was the skilled make-up of the team and the fact that the hardest tasks they had to deal with were not so different from what they face in their work for AEC.
<br></div> | | | | |
| Security 2022 Conference: the online world is getting hotter, risks are escalating | | https://www.aec.cz/en/news/Pages/security-2022-conference-the-online-world-is-getting-hotter-risks-are-escalating.aspx | Security 2022 Conference: the online world is getting hotter, risks are escalating | <p>
<strong style="color:#6773b6;">
<span style="color:#6773b6;">Covid-19 and Russia’s invasion of Ukraine have changed the IT environment to such an extent that it will never be the same. What risks do we face and what scenarios can we expect to unfold? Participants at the Security 2022 conference on international cybersecurity also pondered this.</span></strong> </p><p>After a two-year hiatus enforced upon us by the coronavirus pandemic, we managed to organize the 28th Security 2022 conference. This is the largest independent event in the Czech Republic to focus on cybersecurity and took place on Tuesday 7 June in Prague.</p><p>“We are glad that this year we managed to successfully build on previous years,” said Igor Čech, marketing manager at AEC, adding: “We are pleased that we could once again meet everyone in person, and I really appreciate the big turnout.”</p><p style="text-align:center;"><img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-063.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /><br><br></p><p>The lectures, covering the most topical cyber security issues of the day, were divided into two parallel sessions. They were attended by 580 registered participants. This year’s event was dominated by topics related to Covid-19 and, in particular, the war in Ukraine.</p><p>This conflict changes many of the rules. Global development scenarios are unclear, the business environment is unstable, and governments are increasingly willing to resort to tough regulations. The time when everyone did business with everyone else is over, and corporate leaders are being forced to face risks that are escalating in ways never before imagined.</p><p>In their presentation, the experts from Gartner more or less outlined this framework of current events and then proposed four possible scenarios for future developments in political and economic relations. Unfortunately, none of them even remotely envisages a return to the stability of previous years.</p><p>The packed hall also listened to our colleague, Ukrainian security specialist Yehor Safon, who filled us in on the little-known circumstances of the cyber war between Russia and Ukraine, described sophisticated attack vectors, as well as those defence techniques that have proven to be effective.</p><p style="text-align:center;"><img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-060.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /><br><br></p><p>This year, 27 speakers from the Czech Republic and abroad presented their papers. The presentation by Israeli expert Paul Moskovich, who vividly described the tale of an unprepared company that failed to cope with the fatal consequences of a cyber-attack, received well-deserved attention.</p><p>So, which lectures did the Security 2022 conference participants vote for most? Firstly, the one by cryptologist Tomáš Rosa from Raiffeisenbank about the fundamental weaknesses in the security of the eRouška app, where it turned out that not all aspects played in our, the users’, favour.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-108.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" />
<br>
<br>
</p><p>Then there was the presentation by Robert Šuman, in which the head of ESET's research laboratory gave a detailed mapping and a timeline of the activities of three major pro-Russian hacker groups and their role in attacks on Ukrainian IT infrastructure.</p><p>Last but not least, the presentation by security specialists Lukáš Renec and Katarína Galanská from our company grabbed the audience’s attention. In their presentation, they gave listeners an entertaining insight into the preparation and course of a simulated social engineering attack on large banking houses in the Czech Republic.</p><p>“We are delighted with the evaluation and the feedback, it is clear that the conference met its purpose,” said Igor Čech and concluded, “The quality of the lectures, the interesting discussions and the overall friendly and shared atmosphere all contributed greatly to this. We would like to focus even more on networking in the future.”<br></p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/security-2022-092.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" />
<br>
<br>
</p>
<br> | | | | |
| We are now TISAX certified | | https://www.aec.cz/en/news/Pages/we-are-now-tisax-certified.aspx | We are now TISAX certified | <p>We have recently added another important standard to the list of our security certifications. Following the implementation of all necessary measures we have obtained TISAX® certification. This is a German security standard that guarantees the trustworthiness of organizations and their ability to protect the information of automotive industry partners.
<br></p><p>“As a company that offers its clients the highest level of cyber security, information security comes first,” noted Hana Vystavělová, AEC Compliance Manager, who added: “Our efforts to obtain TISAX® certification were helped considerably by the fact that we have long been compliant with the current international ISO/IEC 27001 standard, which defines the requirements for information security management systems.”
</p><p>Over time, representatives of the automotive industry have come to demand the systematic and trustworthy information security assessment of partners in the form of TISAX® (Trusted Information Security Assessment Exchange) certification. The reason for this is the growing amount and importance of sensitive information exchanged and processed between automotive service providers and suppliers.
</p><p>The TISAX® certification guarantees the ability of companies to protect the information of their clients and associates and minimize cyber risks. This confirms the ability to meet the most demanding customer requirements, including preventing misunderstandings and risks when exchanging information and protecting prototype <a href="https://portal.enx.com/en-US/TISAX/tisaxassessmentresults/?fbclid=IwAR0qPrh1b-SINsf80FlvVsEJkV945pC6ikH_RZENda7AhiP-kpl7mu6MxdU" target="_blank">the ENX portal</a>. </p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2022/aec-tisax-statement-2022.jpg" data-themekey="#" alt="TISAX" style="margin:5px;width:658px;" />
<br>
<br>
</p>
<br> | | | | |
| An open letter from the Chairs of KKCG | | https://www.aec.cz/en/news/Pages/an-open-letter-from-the-chairs-of-kkcg.aspx | An open letter from the Chairs of KKCG | <p>Everyone at KKCG and Allwyn Entertainment remains horrified by Russia’s brutal invasion of Ukraine. It is a senseless act of aggression that must be condemned in the strongest possible terms, and we are doing all we can to support the brave Ukrainians impacted by the barbarism of Vladimir Putin’s regime.
</p><p>As Czech companies with tremendous pride in our heritage, the past week has been a bleak reminder of the hard-fought freedoms our country only recently reclaimed after spending years under the jackboot of Soviet oppression. Many of our employees – including us personally – were raised under communism and the totalitarian shadow of the Soviet Union. Despite being wrapped in this straightjacket, we long dreamt of living, working and raising our own families in a Czech Republic that valued freedom, openness and democracy.
</p><p>That’s why we must now stand shoulder-to-shoulder in total solidarity with the Ukrainian people to protect the democratic values upon which our modern societies are built. We cannot and will not stand for the brutal imperialism that is once again rearing its ugly head on our doorstep.
</p><p>Now is the time to listen to the people of Ukraine and do everything in our power to support them. Hundreds of thousands of people with nowhere to stay are fleeing eastern and central Ukraine for the Lviv area. Through the Komárek Family Foundation and our partner in Lviv, we are supporting efforts to prepare for the arrival of large numbers of refugees by ensuring these people have a safe and warm place to sleep and be fed. Trucks equipped with durable food, mattresses, sleeping bags, camping mats, hygiene products, and other supplies are currently arriving in the area. One of the Group's offices in Prague is already being converted to a safe centre for Ukrainian refugees.
</p><p>Allwyn Entertainment’s lotteries are raising funds for Red Cross and employees are being encouraged to engage in volunteer work. Humanitarian and financial support will continue as long as it is needed.
</p><p>We also believe that any friends of the Putin regime must also be excluded from our democratic societies. We’ve already seen many cultural and sporting institutions take important action, and through our continued support for Dvořákova Praha – Prague’s international music festival – we have also banned Kremlin linked musicians, including the composer Valerije Gergiev, a known supporter of Putin, from performing.
</p><p>We recognise that these are only small acts in comparison to the thousands of brave Ukrainians who have taken up arms to defend their homeland and freedoms. However, we believe it’s the responsibility of anyone who values free and democratic values to play their part, no matter how big or small. It is critical that we all speak out.
</p><p>Slava Ukraini.
</p><p>Sincerely,<br><br>
</p><p>Karel Komarek, KKCG <br>
Robert Chvátal, Allwyn Entertainment
</p>
<br> | | | | |
| We’ve prepared preventive recommendations regarding current security threats in cyberspace | | https://www.aec.cz/en/news/Pages/weve-prepared-preventive-recommendations-regarding-current-security-threats-in-cyberspace.aspx | We’ve prepared preventive recommendations regarding current security threats in cyberspace | <p>
<strong style="color:#6773b6;"><span style="color:#6773b6;">The conflict between the Russian Federation and Ukraine involves not only the armed forces of both countries, but the war is also increasingly affecting cyberspace. Hacker groups on both sides have launched massive cyberattacks and it is already clear that the unprecedented level of aggression is also focused on IT targets in countries that are not directly involved in the dispute.</span></strong><br></p><p>Attacks are currently targeting critical infrastructure, especially in the field of public administration, the government, energy and healthcare, but attacks on other important sectors cannot be ruled out. We’ve therefore decided to respond to the current situation before our clients start contacting us about possible preventive measures.<br><br> </p><h2>The following attacks can be expected at this time:</h2><ul><li>use of social engineering techniques (<a href="https://www.antivirus.cz/Blog/Stranky/co-je-phishing.aspx">phishing</a>, vishing, smishing), </li><li>misuse of leaked login data from other services</li><li>attacks on supply services,</li><li>distributed denial of service (DDoS) attacks.</li></ul>
<br>
<p>The access point in most attacks is the user or user device. Therefore, we will divide our recommendations on how to boost cyber security into recommendations aimed at regular users and corporate infrastructure and processes.<br><br> </p><h1>We recommend the immediate implementation of activities in the following areas for users:</h1><h2>1. Education<br></h2><ul><li>Regardless of the ongoing conflict, it is vital to systematically increase the resilience of users, especially in their recognition of phishing, vishing and smishing.</li><li>You will find news regarding the current situation on our blog
<a href="https://www.antivirus.cz/">antivirus.cz</a> (in Czech language only).<br></li><li>At this moment, we are releasing one of our
<a href="https://edu.aec.cz/">Security Academy</a> courses on phishing free of charge.<br></li></ul><center>
<iframe width="560" height="315" src="https://www.youtube.com/embed/qw_fw5Fqaic" title="YouTube video player" frameborder="0" allowfullscreen=""></iframe></center>
<br>
<h2>2. Work with passwords and login details in general</h2><ul><li>Encourage the use of secure passwords (at least 12 characters, uppercase and lowercase letters, numbers and special characters). Change your passwords regularly, don't wait until they are compromised.</li><li>Use different passwords for different accounts (you can't use the same password for social networks and the corporate environment).</li><li>We recommend immediately activating two-factor authentication for all services, where possible (not just services in the corporate environment, but also free mail, social networks, cloud services).</li><li>
<em style="color:#6773b6;">
<span style="color:#6773b6;">We are preparing further details in the form of more intensive communication in this area.</span></em> </li></ul>
<br>
<h2>3. Update user systems<br></h2><ul><li>Right now is the best time to upload the latest versions and patches to all user devices, including private ones.</li><li>In general, it is important to keep operating systems up to date, as well as the individual applications you use, both on your computer and on your phone, tablet, wearables, etc.</li></ul>
<br>
<h2>4. Reporting security events and incidents<br></h2><ul><li>Users need to know exactly how and where to report a security incident and what to do before getting a response to their report.</li></ul>
<br>
<h1>We recommend the following preventive measures at corporate infrastructure level:<br></h1><h2>1. In the area of communication infrastructure<br></h2><h3>a. Ensure that incoming and outgoing communications are blocked based on geolocation.</h3><ul><li>We prefer whitelisting areas where you have active clientele, or</li><li>blacklisting areas where you have no activities.</li></ul><h3>b. Establish a strict antispam policy.</h3><ul><li>If possible, whitelist the domains from which e-mail communication originates.</li><li>Activate an antispam solution, if available (e.g., MS Intune).</li><li>Restrict the receipt of external e-mail messages from your own domain. </li><li>Monitor the frequency of e-mail messages; ensure the anti-spam policy has not been breached and that phishing messages have not been spread within the internal network.</li></ul><p>(In terms of the last point, we recommend setting a frequency monitoring limit for current accounts. For example, a maximum of 5 recipients per email, or a maximum of 20 recipients per email for personal and marketing accounts, Inform the user of this fact.)<br><br> </p><h2>2. Monitoring and incident management</h2><h3>a. Ensure increased visibility across the entire infrastructure, including OT devices</h3><p>(monitor activities using EDR on end stations, internet facing servers, critical servers, etc.).</p><h3>b. Improve processes for a quick response.</h3><ul><li>This is primarily an incident management procedure for managing cyber incidents in connection with reported incidents by users.</li><li>Scenarios or checklists will also help determine how to proceed in the event of a reported incident in typical situations (on user devices, OT equipment, maintenance tablets, etc.).</li></ul>
<br>
<h2>3. Setting multi-factor authentication and conditional access</h2><p>(in case of the O365 Premium license and higher, this is free as part of the licence).<br><br> </p><h2>4. Vulnerability management</h2><p>a. Apply all critical patches immediately.</p><p>b. Activate patch management procedures. Reconsider any patches that have not yet been implemented, assuming you accepted the risk at the time. Is this still valid?</p><p>c. Actively monitor vulnerabilities in the infrastructure and hardening individual platforms according to CIS recommendations (primarily for internet facing servers).</p><p>
<br>The question of defence against DDoS attacks, i.e., attacks aimed at disabling services, is so complicated that in most cases it will require
<a href="/en/contact">personal consultation</a>. At cloud service level, there are suitable solutions, and global load balancing or filtering incoming communication can help in case of on-prem infrastructure.</p>
<br>
<center>
<table width="75%" border="3px" background="#6773b6" bordercolor="#6773b6" cellspacing="0" style="text-align:center;"><tbody><tr><td valign="middle" bgcolor="#6773b6">
<span style="color:#ffffff;"><br>
<h1>
<span style="color:#ffffff;"><span style="color:#ffff00;">Help Ukraine</span><br></span></h1>
<br>
<p>
<strong>The Karel Komárek Family Foundation crisis fund was established in response to specific needs identified by Ukrainian co-workers at our sister company MND, which operates in western Ukraine.</strong><br></p>
<h2>
<a href="https://www.komarekfoundation.org/en/vision/pomoc-ukrajine" target="_blank"><span style="color:#ffff00;">https://www.komarekfoundation.org/en/vision/pomoc-ukrajine</span></a></h2>
<p>
<br>100 % of donations go to direct aid.</p>
<p>
<span style="color:#ffff00;">THANK YOU!</span><br></p>
<br> </span> </td></tr></tbody></table></center><p></p><p class="maxWidthImage" style="text-align:center;"><a href="https://www.komarekfoundation.org/en/vision/pomoc-ukrajine" target="_blank"><img src="/cz/PublishingImages/news/2022/kkff-ukrajina-en.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /></a><br></p><br><br> | | | | |
| We donated our Security Academy training platform to the SOS Children’s Villages organisation | | https://www.aec.cz/en/news/Pages/we-donated-our-security-academy-training-platform-to-the-sos-childrens-villages-organisation.aspx | We donated our Security Academy training platform to the SOS Children’s Villages organisation | <p>
<strong style="color:#6773b6;"><span style="color:#6773b6;">The oldest non-profit organisation in the country, which helps children at risk, will be able to take advantage of eleven different training platforms offered through the AEC Security Academy for free over the course of the next three years.</span></strong><br></p><p><a href="https://www.sos-vesnicky.cz/" target="_blank">The SOS Children’s Villages</a> organisation manages a lot of sensitive personal data. At the same time, children are one of the most at-risk and most vulnerable groups from the point of view of IT security. The organisation itself takes the issue of cybersecurity very seriously, so we were not surprised when we received an enquiry about the possibility of purchasing one of the AEC Security Academy e-learning courses.</p><p>In the context of this request, and in the spirit of the values which are central to AEC as a company, we decided to provide the staff of this non-profit organisation free licences to use all of our Security Academy courses for three years. The offer has been valid since January 2022 and can be used by more than one hundred employees of SOS Children’s Villages.</p><p>Our courses are designed in such a way as to allow people who have taken them to pass on the information they have learned, in this case, for example, to families and foster parents of children. This mainly concerns courses relating to management of social networks, using mobile phones safely, logging into online banking securely and recognising phishing and other attacks.</p><p>The project providing Security Academy courses for SOS Children’s Villages is one of a number of similar projects which we implement. For example, when the coronavirus pandemic broke out and companies started asking their people to work from home, we launched a new course within the framework of the Security Academy project for the Czech Republic and Slovakia, focusing on the basic rules of working safely and securely from home.</p><p>The AEC Security Academy routinely offers its training courses in Czech, Slovak and English to customers on a turnkey basis. The e-learning system is designed to be always up-to-date, as accessible as possible and as efficient as possible. All of the materials, including the respective infographics, are prepared in line with the given company’s environment. Even subsequent testing and checking the course participants’ knowledge is provided by AEC as a tailor-made service.<br></p>
<br> | | | | |
| We monitor our carbon footprint in AEC | | https://www.aec.cz/en/news/Pages/we-monitor-our-carbon-footprint-in-aec.aspx | We monitor our carbon footprint in AEC | <div style="text-align:justify;">
<span style="color:#444444;">
<strong style="color:#336699;">
<span style="color:#336699;">
<span style="color:#336699;">
<span style="color:#336699;">
<span style="color:#336699;">
<span style="color:#336699;">
<span style="color:#336699;">Within the Aricoma Group, which we are part of, we began to monitor our carbon footprint in 2019. For this purpose, we commissioned CI2 to perform licensed audits, which we have been undergoing repeatedly over the past two years. </span></span></span></span></span></span></strong><br></span></div><div style="text-align:justify;">
<br>
</div><div style="text-align:justify;">Compliance Manager Hana Vystavělová comments on this certification saying: “Environmental protection is one of our company’s core values. Responsible behaviour towards our planet is reflected in the company’s daily operations. We therefore welcomed the opportunity to audit the environmental impact of our activities and we intend to continue to do so regularly in the coming years. At the same time, we want to use the data which we have obtained to implement further measures to reduce the environmental burden caused by our company.” “ </div><div style="text-align:justify;">
<br>
</div><div style="text-align:justify;"> For us, carbon neutrality, reduction of emissions and other aspects of sustainability are topics we discuss with candidates at job interviews and
<a href="/cz/kariera">we are happy to welcome like-minded faces to our ranks</a>. After the obvious steps such as sorting of waste and LED lighting, this certification is yet another step towards a greener AEC.<br></div><div style="text-align:justify;">
<br>
</div><div style="text-align:justify;"><h2>Certificates:<br></h2>
<br>
</div><div>
<br>
</div><div style="text-align:center;">
<a href="/cz/Documents/Files/2021_1038_CI2_CERTIFIKAT_aec_EN.pdf?d=webc2d097deeb4b4986cc8ffe0f18991d" target="_blank"><img src="/cz/PublishingImages/news/2022/2021_1038_CI2_CERTIFIKAT_aec_EN.jpg" data-themekey="#" alt="" style="margin:5px;width:223px;height:320px;" /></a><a href="/cz/Documents/Files/2021_1039_CI2_CERTIFIKAT_aec_EN.pdf?d=wf8605fcf2ed349d09ffe617692bbb464" target="_blank"><img src="/cz/PublishingImages/news/2022/2021_1039_CI2_CERTIFIKAT_aec_EN.jpg" data-themekey="#" alt="" style="margin:5px;width:223px;height:326px;" /></a><br></div><div>
<br>
</div><div>
<br>
</div><div>
<br>
</div><div>
<br>
<br>
</div><div>
<br>
<br>
<br> <br><br></div> | | | | |
| We have started collaboration with the HAVEL & PARTNERS law firm, helping their clients hit by cyberattacks | | https://www.aec.cz/en/news/Pages/we-have-started-collaboration-with-the-havel-and-partners-law-firm-helping-their-clients-hit-by-cyberattacks.aspx | We have started collaboration with the HAVEL & PARTNERS law firm, helping their clients hit by cyberattacks | <p>
<strong style="color:#6773b6;">We have launched a nonstop helpline for clients of the largest Czech-Slovak law firm Havel & Partners to provide immediate assistance in the event of cyberattacks or other security incidents. </strong></p><div style="text-align:justify;"> Cyberattacks targeting businesses, corporations, public institutions and start-ups are increasingly common. This trend is also confirmed by the increasing number of cyberattacks reported to the National Cyber and Information Security Agency (NCISA). In 2020, companies, organisations and public institutions reported a total of 468 cases of cyberattacks to the agency, double the number of incidents reported the previous year. </div><div style="text-align:justify;">
<br>
</div><div style="text-align:justify;">If a client of Havel & Partners does not have their own Security Operations Centre, they can contact specialists from the Cyber Defense Center at AEC whenever they need. We will provide immediate assistance to them and explain step-by-step how to proceed and how to stop the attack as quickly as possible, therefore minimising any damage. Clients are assured service with the highest possible level of expertise. The steep rise in cyberattacks should also convince everyone that the issue of data security is not one which should be underestimated.</div><div style="text-align:justify;">
<br>
</div><div style="text-align:justify;">The HAVEL & PARTNERS law firm has at its disposal an experienced team of more than 30 lawyers for the field of technology and cybersecurity who have successfully provided thousands of hours of legal advice on data protection and recovery. They have experience from hundreds of data projects and are proficient in best practices proven in the environment of international transactions. As a result of this, they are able to help clients find the best practical solutions for setting up preventive measures to counter the risk of cyberattacks, to ensure data protection, and can also help effectively remedy the consequences of security incidents.
<br></div><div style="text-align:justify;">
<br>
</div><div style="text-align:left;"> For more information about collaboration, please visit the website of HAVEL & PARTNERS.<a href="https://www.havelpartners.cz/havel-partners-ve-spolupraci-s-aec-spustila-nepretrzitou-telefonickou-linku-na-pomoc-klientum-zasazenym-kybernetickymi-utoky/">https://www.havelpartners.cz/havel-partners-ve-spolupraci-s-aec-spustila-nepretrzitou-telefonickou-linku-na-pomoc-klientum-zasazenym-kybernetickymi-utoky/</a><br><br><br></div> | | | | |
| TEST: the security of digital vaccination certificates is reliable | | https://www.aec.cz/en/news/Pages/test-the-security-of-digital-vaccination-certificates-is-reliable.aspx | TEST: the security of digital vaccination certificates is reliable | <p>
<strong style="color:#6773b6;"><span>We set about performing comprehensive security tests of the EU COVID-19 international vaccination certificates. Their protection is, in a word, reliable and protection of personal data within the system of these certificates is also as effective as possible. We also found that the security of the Tečka and čTečka mobile apps is of a sufficiently high quality.</span></strong><br></p><div> Analysis of the European COVID certificate, which is designed to prove a person’s health status in relation to the Covid-19 disease, shows the high level of cyber protection provided by the system. Tečka and čTečka, the two official domestic apps for management and control of digital COVID-19 vaccination certificates, are also transparent and secure. This is the outcome of the investigation performed by our colleagues from the Security Assessment Division. </div><div>
<br>
</div><div>“Both apps are written and built according to the current trends and rules which we recommend to our clients,” says our colleague Martin Musil from the position of Mobile Security Specialist. According to him, the only shortcoming is the fact that the production versions of the Tečka and čTečka apps for the Android platform contain hyperlinks to the testing environment of the Ministry of Health or the Institute of Health Information Systems. These are publicly accessible and could potentially serve as a place for hackers to launch their attacks. </div><div>
<br>
</div><div> However, it still does hold true that none of the problems associated with COVID certificates which have been made public so far are attributable to sophisticated attacks on these apps. The current cases of fraud are made possible in part by some obvious security flaws in the certification servers in individual EU countries, by outdated computer systems in doctors’ surgeries and also by error on the part of specific responsible persons, including staff at vaccination centres. </div><div>
<br>
</div><div> One of the important findings for the security of users is that the čTečka app does not store the signatures of scanned certificates or even the entire QR code locally in its memory, but only records the number of certificates checked and their status. “Simply put, there is no risk that civil servants, service employees or entrepreneurs in the hospitality industry could collect the checked certificates of visitors and then use them in an illegal manner,” added our colleague, Martin.
<div>
<br>
</div><div> More detailed information about the test can be found at
<a href="https://www.hackinglab.cz/cs/blog/bezpecnost-ockovacich-certifikatu-a-aplikace-ctecka/">https://www.hackinglab.cz/cs/blog/bezpecnost-ockovacich-certifikatu-a-aplikace-ctecka/</a>.<br></div></div> | | | | |
| ARICOMA Group Acquires AdTech and MarTech Development Company Clearcode | | https://www.aec.cz/en/news/Pages/aricoma-group-acquires-adtech-and-martech-development-company-clearcode.aspx | ARICOMA Group Acquires AdTech and MarTech Development Company Clearcode | <p>
<strong style="color:#6773b6;">ARICOMA Group continues to deliver on its expansion strategy as it acquires the Polish software development company Clearcode. The company specialises in custom AdTech and MarTech platform development and has worked with many top-tier AdTech companies, agencies, publishers and global media companies. ARICOMA Group, an emerging pan-European IT services player backed by KKCG, will acquire Clearcode to enter the booming market of advertising and marketing technology.</strong> </p><p>“Acquiring Clearcode represents a major step for the ARICOMA Group, and it fits perfectly with our plans to expand to new, dynamic markets across Europe. Poland represents one of the largest markets in the Central Eastern European region and Clearcode has a wonderful position here,” says Ludovic Gaudé, Head of Custom Software Development operations at ARICOMA Digital, part of ARICOMA Group. </p><p>“We are thrilled to be joining the ARICOMA Group. This acquisition will turbocharge our growth plans over the next few years. Being part of ARICOMA Group will mean more business opportunities for Clearcode and quicker expansion into new markets and industries,” says Piotr Banaszczyk, CEO at Clearcode. </p><p>“The decision to be acquired by ARICOMA Group was an obvious one for us. The many synergies between Clearcode and ARICOMA Group were one of the main areas that attracted us,” adds Piotr Banaszczyk. </p><p>“Being a software development company that specializes in AdTech and MarTech, we’re one of only a few companies that has the experience and knowledge required to design and build the complex tech that powers programmatic advertising and digital marketing. With this acquisition, we’re confident that we’ll quickly become the number one AdTech and MarTech development company in Europe and the US,” explains Tomasz Chmielewski, COO at Clearcode. </p><p>“The new connections we’ll form as part of ARICOMA Group will allow us to offer more services to our clients, especially around data processing, data science and machine learning, which are increasingly playing a bigger role in programmatic advertising and digital marketing,” Tomasz Chmielewski adds. </p><p>The agreement between Clearcode and ARICOMA Group has been finalised, with a 100 % share in Clearcode now belonging to ARICOMA Group. Representatives of Warsaw Equity Group (who had a 22% stake in Clearcode), also contributed to the negotiations, alongside representatives of the ARICOMA Group. The sale price hasn’t been revealed. </p><p>With Clearcode’s 100 professionals, ARICOMA Group will consist of 10 companies, with a consolidated turnover exceeding EUR 340 million and over 3,000 employees. </p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/Clearcode.png" data-themekey="#" alt="Clearcode" style="margin:5px;" />
<br>
<a href="https://clearcode.cc/" target="_blank">Clearcode</a> is a leading software development company that specializes in advertising technology (AdTech) and marketing technology (MarTech). Since 2009, tech companies, publishers, agencies and brands have been partnering with Clearcode to design and build real-time bidding (RTB), programmatic, data, and analytics platforms for the digital advertising and marketing industries.
<br></p><p>Clearcode offers its clients years of AdTech and MarTech development experience and domain knowledge of the inner workings of the programmatic advertising and digital marketing industries.</p><p>With offices in Wroclaw and Katowice, Poland, Clearcode has over 100 employees across management, finance, HR, development, marketing, and design.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/aricoma-group-purple-50px.jpg" data-themekey="#" alt="Aricoma Group" style="margin:5px;" />
<br>
<a href="https://aricomagroup.com/en/" target="_blank">Skupina ARICOMA</a> is a leading Central European IT Services provider with a significant Scandinavian presence, over EUR 340 million of revenue and 3,000 specialists providing services to over 200 clients in 20+ markets from its 15+ Europe-based delivery centers. ARICOMA’s focus is to help both private- and public-sector clients navigate the ever-changing demands, risks, and business opportunities.</p><p>Through its portfolio companies, it provides end-to-end digital transformation solutions, including UX design and consulting, custom software development, IT infrastructure and IT operations management, cloud operations, and cloud security services.</p><p>The company is owned by
<a href="https://kkcg.com/en/" target="_blank">KKCG Group</a>, a private investment company with €7bn AUM.<br></p> | | | | |
| CDC Team Receives Recognized International Accreditation | | https://www.aec.cz/en/news/Pages/cdc-team-receives-recognized-international-accreditation.aspx | CDC Team Receives Recognized International Accreditation | <p>
<strong style="color:#6773b6;">The monitoring team at our Cyber Defense Center (CDC) has been accredited by the Trusted Introducer Service. After detailed verification, the experts of the renowned certification authority formally confirmed the high quality of the CDC’s day-to-day operating activities and their compliance with the recognized international standard.</strong> </p><p>The center received accreditation in mid-November this year, exactly three months after submitting its application. Until then, the team was listed on the certification agency’s TI list of operational teams without assessment and confirmation of the quality of their work. Having gained accreditation, CDC colleagues now face the challenge of becoming the agency’s certified partner.</p><p><em>"In terms of the processes we carry out every day, accreditation has not changed anything for us, because our work has always been of the required quality,"</em> said Lubomír Almer, Head of the Cyber Defense Center, and adds: <em>“This was simply formal confirmation that the work of our center is of a demonstrably high order and complies with international standards."</em></p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2021/lubomir-almer-cdc-aec.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" />
<br>
<br>
</p><p>Accreditation confirms, among other things, that the activities of the audited entity comply with well-defined formalized processes and that its services are provided to a clearly defined standard, including transparent and verified procedures. In addition to the ability to promptly and correctly respond to unforeseen incidents and events, the agency also assessed other aspects such as corporate culture, approach to selected issues and the center's vision.</p><p>The Trusted Introducer Service agency recognizes three categories of teams: listed, accredited and certified. Certification would mean access to a number of new benefits for the CDC, including the fact that teams at the highest level are willing to share valuable knowledge. This represents a literal treasure trove of new information and is an important motivating factor for the further development and improvement of every company's current practices.</p><p><em>"Efforts to obtain formal recognition of our work are not only in line with the CDC’s mission, but also that of AEC. In this way, we try to help our people grow professionally, gain insight, contacts and, of course, professional certificates,”</em> says Igor Čech, AEC Marketing Manager, and concludes: <em>"We believe that we do our job well, but we also realize that it is our openness to new challenges and ideas and our willingness to confront established practices with the competition, that continues to move us forward."</em><br></p><p style="text-align:center;">
<em>
<img class="maxWidthImage" src="/cz/PublishingImages/news/2021/cdc-trusted-introducer-service.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" />
<br></em></p> | | | | |
| Security Awareness | | https://www.aec.cz/en/news/Pages/Security-Awareness.aspx | Security Awareness | <p>The number and severity of social engineering attacks is increasing dramatically. Hackers unerringly target the weakest component of corporate protection, i.e. the human factor, using increasingly sophisticated methods and technologies.
<br></p><p>Random attempts at distributing fraudulent letters are a thing of the past. Today, businesses and institutions face sophisticated phishing, completely believable fake phone calls and, more and more often, attacks using artificial intelligence.
</p><p>The goal of all these activities is to misuse employee accounts and gain access to the company’s system so that the attackers can then blackmail the company or use it as a springboard to attack its partners.
</p><p>A company may have the most sophisticated technological protection there is, but it is useless when an attacker decides to focus on deceiving poorly trained employees instead of breaking complex codes.
</p><p>The defensive wall of any company is only as strong as its weakest link. And that link has always been and will always be people with their typically human imperfections and weaknesses. Findings show that there is no more effective protection of the corporate environment than informed employees who can react correctly and in a timely manner.
</p><p>The best way to protect the company from cyber criminals is to train its people. To turn weakness into a strength. See how we can help you at <a href="https://socialing.cz/en">www.socialing.cz</a>.
</p><br> | | | | |
| ARICOMA Group acquires Swedish tech consultancy company Stratiteq | | https://www.aec.cz/en/news/Pages/aricoma-group-acquires-swedish-tech-consultancy-company-stratiteq.aspx | ARICOMA Group acquires Swedish tech consultancy company Stratiteq | <p>
<strong style="color:#6773b6;">ARICOMA Group takes another step in its international expansion as it acquires the Swedish technology company Stratiteq. ARICOMA Group, an IT services buy-and-build platform owned by KKCG, will strengthen its position not only in the markets of Sweden and Scandinavia but also within the field of data-driven business solutions and strategic consulting. Stratiteq, with offices in Malmö and Stockholm, brings over 100 new employees to ARICOMA Group.</strong></p><p>”With Stratiteq, we have found a true gem of a company, with great people. Their track record is impressive, with many innovative projects for both regional and international companies such as Haldex, Skånetrafiken, Securitas, and Vattenfall. They know the whole process from start to finish; from advanced software development, to innovative strategies that transform how companies can operate in the digital and data-driven landscape. They will strengthen our group, and we will accelerate their growth. It’s really a perfect fit,” says Ludovic Gaudé, Head of Custom Software Development operations at ARICOMA Group.</p><p>
<img src="/cz/PublishingImages/news/2021/stratiteq-johan-ahlqvist.jpg" data-themekey="#" alt="" style="margin:5px;width:75px;height:100px;float:left;" />Johan Ahlqvist, Chairman of the Board at Stratiteq, continues:” We are delighted to join the ARICOMA Group. For us, this is taking a natural next step in the story of Stratiteq, by fast-tracking the new strategic direction we started in 2020, while respecting the core values on which Stratiteq was founded 17 years ago. We look forward to working with the companies in the group and creating innovative solutions together.”</p><p>ARICOMA Group is working towards becoming a strong European player in the field of ICT and SW solutions. According to Michal Tománek, Investment Director at KKCG, this acquisition is yet another step towards that goal. “Stratiteq will help us not just to increase our profile in Scandinavia but also to enhance our capabilities in the extremely attractive space of digital transformation.”</p><p>With this acquisition, all of Stratiteq’s operations and lines of business will continue unchanged in the near future. ARICOMA Group is committed to maintaining the leadership and the core values that Stratiteq was built upon.</p><p>
<img src="/cz/PublishingImages/news/2021/stratiteq-frank-hennekens.jpg" data-themekey="#" alt="" style="margin:5px;width:75px;height:100px;float:right;" />Frank Hennekens, CEO, Stratiteq, says: ”We have big ambitions and have so far focused 100% on creating our own growth. But when we met with the people behind ARICOMA Group, it just felt right, not least culturally. We believe that our competence is a natural complement to the ARICOMA Group and we are excited to become part of a constellation that has both the knowledge and the muscle to help us grow our business.”</p><p>The deal was signed this Monday, where an agreement on the sale of a 100% share in the company was made by the owners of Stratiteq and representatives of the ARICOMA Group. The transaction is still subject to approval of the respective anti-monopoly offices and is expected to close at the beginning of October.</p><p>Once the deal goes through, the ARICOMA Group will comprise of 9 companies with a consolidated turnover exceeding EUR 340 million, and an EBITDA (earnings before interest, taxes, depreciation, and amortization) of almost EUR 37 million. It employs over 3,000 people.</p><p></p><p>
<img src="/cz/PublishingImages/news/loga/stratiteq-logo-50px.jpg" data-themekey="#" alt="" style="margin:5px;" />
<br>Stratiteq is a knowledge-based consultancy company for forward thinking clients who aim to become sustainable data-driven businesses. Stratiteq enables clients to take control of their digital future through the delivery of technology and strategy implementations. They help identify and implement solutions for better decision-making and enable companies to make their unique data their new competitive advantage. Stratiteq is specialized within the industries of Public Transport, Professional Services and Manufacturing. Stratiteq was founded in 2004 and has over 100 employees with offices in Malmö and Stockholm. Stratiteq’s client list includes Haldex, Höganäs, Region Skåne, Securitas, Skånetrafiken and Vattenfall.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/aricoma-group-purple-50px.jpg" data-themekey="#" alt="" style="margin:5px;" />
<br>ARICOMA Group is a leading Central European IT Services provider with a significant Scandinavian presence, over EUR 340 mil. of revenue and 3,000 specialists providing services to over 200 clients in 20+ markets from its 15+ Europe-based delivery centres. ARICOMA’s focus is to help both private- and public-sector clients navigate the ever-changing demands, risks, and business opportunities. Through its portfolio companies, it provides end-to-end digital transformation solutions, including UX design and consulting, custom software development, IT infrastructure and IT operations management, cloud operations, and cloud security services. Notable members of ARICOMA Group include Sweden- and CEE-based custom software developer Seavus, Czechia- and Slovakia-based system integrator AUTOCONT, custom software developers Cleverlance Enterprise Solutions and KOMIX, cybersecurity services specialist AEC and EU-based Tier 3-capable datacentre DataSpring.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/KKCG-logo-35px.jpg" data-themekey="#" alt="" style="margin:5px;" />
<br>The KKCG Group, managed by Karel Komárek, one of the most successful Czech entrepreneurs, is an international investment company with a total value of more than €7bn. The KKCG Group develops its business activities in twenty-eight countries around the world and its key fields include the entertainment industry, the energy industry, IT technologies, and real estate. It holds shares in many domestic and international companies, including SAZKA Group, ARICOMA Group, MND Group, KKCG Real Estate, US Methanol, the capital fund Springtide Ventures and others. KKCG also invests in the American fund Jazz Venture Partners, based in Silicon Valley. This fund focuses on investments in technologies for improving human performance, for instance, through neuroscience.</p>
<br>
<br>
<br> | | | | |
| Covid-19 failed to stop AEC get its ISO 9001:2015 certification this year | | https://www.aec.cz/en/news/Pages/covid-failed-to-stop-aec-get-its-iso-certification-this-year.aspx | Covid-19 failed to stop AEC get its ISO 9001:2015 certification this year | <p>
<strong>AEC a.s. once again managed to successfully obtain the ISO 9001:2015 quality management system certificate in 2021. The final report of the certification body, Lloyds Register, shows that the quality management system in place is an effective tool for managing the company, or rather its processes, and is continuously being improved.</strong></p><p>“Despite the crisis associated with Covid-19, we at AEC have once again defended our ISO 9001:2015 certification. It is thus clear that the unexpected use of home office for so long - and the associated sudden changes - did not have a negative impact on the pre-set processes in our company. Obtaining this year's certification is clear proof for us that the quality of our work has not wavered despite the difficulties associated with what is going on at the global scale. We obtained the first such ISO certificate in 1998, and, to the satisfaction of our customers, we will continue to do so, regardless of any further negative external influences,” said Karin Gubalová, Head of Risk & Compliance at AEC.</p><div style="text-align:center;">
<strong></strong><img class="maxWidthImage" alt="QMS UKAS" src="/cz/PublishingImages/news/2018/qms-logo-ukas.jpg" data-themekey="#" style="width:350px;height:245px;" /><strong></strong> </div><p>The quality management system is described in the well-known ISO 9000 series of standards. These standards are issued by the International Organization for Standardization (ISO). ISO 9001:2015 is the basis on which the entire system is built. It defines the requirements for quality management systems in companies that prove their ability to consistently provide products that comply with technical and legislative regulations, as well as products that meet ever-changing customer requirements.</p><p>
<a href="/cz/Documents/Files/2021/AEC-QMS-CESCZ.PDF" target="_blank">QMS certifikát (C<span>Z</span>)</a></p><p>
<a href="/cz/Documents/Files/2021/AEC-QMS-ENGUS.PDF" target="_blank">QMS certificate (<span>EN</span>)</a></p><p> </p> | | | | |
| AEC customers benefit from the company’s unique collaboration with the Tenable platform | | https://www.aec.cz/en/news/Pages/aec-customers-benefit-from-the-companys-unique-collaboration-with-the-tenable-platform.aspx | AEC customers benefit from the company’s unique collaboration with the Tenable platform | <p>
<strong>Tenable, a global leader in vulnerability management, has awarded AEC the Platinum Partner status. Thanks to this exclusive partnership, customers of the foremost Czech cybersecurity provider can benefit from the industry-leading tools and expert services on this US platform, tools that cover the entire vulnerability management process.</strong></p><p>The highest possible level of cooperation. That is what the platinum partnership between AEC and Tenable entails. So just who are Tenable? A US-based provider of vulnerability management security solutions. Through its platform the company’s products are used by tens of thousands of organizations worldwide, primarily because of their sophisticated technologies and original solutions to vulnerability management.</p><p>“We chose Tenable because this company has been focused purely on vulnerability management right from the very start, therefore the products it offers are of exceptional quality,” explains Maroš Barabas, Head of Product Management at AEC. He goes on to say that it is this successful cooperation with Tenable that has made vulnerability management a strategic product for AEC.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2021/tenable-forrester-leader.png" data-themekey="#" alt="" style="margin:5px;width:658px;" /> </p><p>Vulnerability management is a process that involves detecting, analysing and evaluating system vulnerabilities, including their removal. The basic detection tool is equipment used to scan for vulnerabilities. The most critical ones should then be analysed by an expert who can thus understand how an attacker can exploit them and who also has intimate knowledge of the network and the systems on it. This approach is the most effective both in terms of prioritising vulnerabilities and the subsequent patching.</p><p>AEC currently has an experienced team of experts who can fully comprehend the entire vulnerability management process as used in companies and institutions. “AEC focuses on delivering security as a service provided in close partnership with customers and the area of vulnerability management is the best example of this,” notes Maroš Barabas, specifying that it is not only about the technical solution itself, but also about ensuring that the entire vulnerability management process is always in full agreement with the customer’s needs and capabilities.</p><p>The AEC team offers its clients a wide range of technologies and services. The cornerstone is choosing and implementing a suitable tool, setting up the vulnerability management processes and its technological integration. Whilst doing so, it also offers hardening, compliance checks and a whole host of other solutions, such as manual identification and verifying the vulnerabilities in systems and applications.</p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2021/tenable-platinum-partner.jpg" data-themekey="#" alt="" style="margin:5px;width:658px;" /> </p><p>The collaboration between AEC and Tenable has been ongoing since 2010. At the time, the Czech cyber security provider was the first in the Czech Republic and Slovakia to be partnered with the US platform. Eight years later, Tenable gave this partnership Gold status, and in 2021 it was upgraded to the highest possible level – Platinum.<br></p> | | | | |
| ARICOMA Group acquires the IT company KOMIX | | https://www.aec.cz/en/news/Pages/aricoma-group-acquires-the-it-company-komix.aspx | ARICOMA Group acquires the IT company KOMIX | <p>
<strong style="color:#6773b6;">?Another major player in the domestic information technology market will become part of the ARICOMA Group, which belongs to entrepreneur Karel Komárek’s investment group KKCG. Today, the owners of KOMIX and representatives of the ARICOMA Group signed an agreement on the sale of a 100% share in the company. The transaction is still subject to approval by the Office for the Protection of Competition (ÚHOS).</strong></p><p>For almost thirty years, KOMIX has been developing bespoke software for e-government, health insurance companies and major companies such as Škoda Auto, Nestlé or Porsche Czech Republic. In the past, KOMIX has taken part in projects such as electronic sick notes, biometric travel documents and an information system for the population register. KOMIX’s revenues rank it among the top 10 suppliers on the Czech market as concerns developing customised software. This year’s sales are predicted to reach more than half a billion crowns. KOMIX employs just under 300 people, above all developers.</p><p>“It is a great honour for me that we are to be part of the ARICOMA group and that we will play an active role in accomplishing its vision to build an ICT leader of European importance,” said Tomáš Rutrle, KOMIX’s director and current co-owner. “Thanks to this merger, we will be able to offer our current customers a much wider portfolio of services, whilst at the same time we will work with other companies in the group to reach out to new customers in the Czech Republic and abroad. We bring decades of experience to the ARICOMA Group, this includes large-scale projects, a passion for IT technologies and a proven ability to finish the job to a satisfactory conclusion for all. We firmly believe that we are at the start of an amazing story of digital transformation, one that is growing from its roots in the Czech Republic, and we want to be a fully-fledged part of it,” added Rutrle.</p><p>After acquiring the international company Seavus at the end of last year, ARICOMA Group is continuing in its acquisition campaign. Its goal is to build a strong European player in the field of ICT and SW solutions. According to Michal Tománek, KKCG’s Investment Director, who is responsible for all IT acquisitions, KOMIX’s entry is another hugely important step in this direction. “We have managed to acquire a company that is a perfect fit for ARICOMA’s current portfolio of businesses. Their expertise, products and customer base will ideally complement what we already have at this moment in time. What’s more,
in the future, we will be able to offer this mix of services not only to the domestic market, but increasingly to foreign markets too,” said Michal Tománek.</p><p>According to Milan Sameš, the ARICOMA Group’s CEO, this further expansion of the group is a continuation of the strategy it set out four years ago. “The current developments in the company, which have been fundamentally affected by the Covid-19 pandemic, show us that we have set off in the right direction and that our assumptions about developments in the market were correct. Customers are trying to accelerate the digital transformation as much as possible, and this brings new opportunities for the entire field of information technology,” said Sameš.</p><p>ARICOMA Group buys a 100% stake in KOMIX for a non-disclosed price. The entire transaction is financed from a bank loan and from the buyer’s own resources.</p><p>The company’s management, including its director Tomáš Rutrle, will continue to play a role in managing KOMIX. KOMIX will act independently until the transaction is approved by the ÚHOS. Once the deal goes through, the ARICOMA Group will comprise of 8 companies with a consolidated turnover exceeding CZK 8.5 billion, and an EBITDA (earnings before interest, taxes, depreciation, and amortization) of almost CZK 900 million. It employs over 3,000 people.<br><br></p><p>
<img src="/cz/PublishingImages/news/loga/komix-logo-25px.jpg" data-themekey="#" alt="" style="margin:5px;" />
<br>The company was established in 1992 and since its inception it has been offering software services to clients in the public and private spheres. This primarily concerns solutions for eGovernment and eHealth, where it helps the Czech state administration accelerate development so that these solutions are as user-friendly as possible for citizens. KOMIX is also a major supplier for car makers, namely Škoda Auto. In this segment, KOMIX is basing its steps on the current situation where the car industry is going through a fundamental transformation and mutually reinforcing trends, which include autonomous driving, shared mobility, online connectivity and electrification. Software solutions have thus become the main source of the customer’s perception of the car’s value, innovation and appeal. KOMIX also offers products focused on digital transformation, such as automated decision-making, business intelligence or robotic process automation. The company manages the comprehensive development of all layers in sophisticated information systems – front end, back end, database, mobile applications, integration buses. The most common technologies it uses for development are JAVA and Microsoft.NET. In February 2021, KOMIX opened a branch in Switzerland, where it acquired a new client, Nestlé, one of the largest food concerns in the world.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/aricoma-group-purple-50px.jpg" data-themekey="#" alt="" style="margin:5px;" />
<br>The largest Czech ICT holding company, its members are AUTOCONT, Cleverlance, DataSpring, AEC, Cloud4com, Internet Projekt and Seavus. The companies from the ARICOMA Group cover its entire portfolio of business services, starting with the design of ICT architecture and going on to infrastructure and cloud services, implementing business applications up to developing their own large-scale software solutions and outsourcing. Its total revenues for 2020 exceeded CZK 8bn.</p><p> </p><p>
<img src="/cz/PublishingImages/news/loga/KKCG-logo-35px.jpg" data-themekey="#" alt="" style="margin:5px;" /> <br>The KKCG Group, managed by Karel Komárek, one of the most successful Czech entrepreneurs, is an international investment company with a total book value of more than €6bn. The KKCG Group develops its business activities in twenty-two countries around the world and its key fields include the gaming industry, the energy industry, IT technologies and real estate. It holds shares in many domestic and international companies, including SAZKA Group, ARICOMA Group, MND Group, KKCG Real Estate, US Methanol, the capital fund Springtide Ventures and others. KKCG also invests in the American fund Jazz Venture Partners, based in Silicon Valley, which focuses, for instance, on investments in technologies for improving human performance (neuroscience).</p> | | | | |
| A pentad of our colleagues succeeded in the international CtF competition organized by partners from Tenable | | https://www.aec.cz/en/news/Pages/a-pentad-of-our-colleagues-succeeded-in-the-international-ctf-competition-organized-by-partners-from-tenable.aspx | A pentad of our colleagues succeeded in the international CtF competition organized by partners from Tenable | <p>
<strong style="color:#6773b6;"><span style="color:#6773b6;">The team of our colleagues, consisting of David Pecl, Lukáš Bendík, Erik Šabík, Vojtěch Šindler and Tomáš Hliboký, did well in the worldwide Capture the Flag competition. This year was the first time it was organized by one of our leading partners, the American company Tenable.</span></strong></p><p>The international Capture the Flag competition had a total of 1,762 participants and it was all under the direction of Tenable, a provider of top solutions for vulnerability monitoring. With such strong competition, the AEC representatives did amazingly well and finished in
<a href="https://tenable.ctfd.io/scoreboard" target="_blank">21st place</a>.</p><p>Any one from all over the world could take part in the tournament, which was held from 18 to 22 February 2021. Participants could form teams of up to five people and solved their tasks either individually or together. AEC’s colours were defended by five representatives taken from the divisions for Technology, Penetration Tests and the Cyber Defence Centre.</p><p>The five-day competition itself consisted of ongoing task solving in
<a href="https://ctftime.org/event/1266/tasks/" target="_blank">traditional categories</a>, such as web applications, reverse engineering, cryptology, coding, working with information (OSINT), forensic analysis, regular expressions and a whole host of others.</p><p>“We did best in cryptography, web applications and coding. Mainly because it is the bread and butter for pentesters,” said Erik Šabík, adding, “But we certainly didn’t fall behind in other tasks either, the problem was more to do with time. We solved it by agreeing that whoever had the time would open the page with the tasks and try and solve what they could. Sometimes we called each other, and we also brainstormed...”</p><p>Here it’s necessary to point out that, unlike many other teams, our busy colleagues could only get down to the competition tasks after they’d finished their professional duties, so they had significantly less time to solve them than the others.</p><p>However, this makes their success all the more valuable and our congratulations all the greater. Thanks to their position, they have now joined the elite ranks who can wow those around them with their exclusive T-shirts that the competition organizer reserved for the best of the best. 😊</p><p>CTF-related activities are nothing new to AEC. Apart from the fact that we often take part in such competitions, quite successfully it must be said, we regularly organize a similar event ourselves. One of the most popular things at our annual
<a href="https://konferencesecurity.cz/">Security conference</a>, the largest independent event of its kind in the Czech Republic, is the hacker competition.<br></p> | | | | |
| Vulnerabilities in Microsoft Exchange Server have a serious impact. Simple patching is not enough | | https://www.aec.cz/en/news/Pages/vulnerabilities-in-microsoft-exchange-server-have-a-serious-impact-simple-patching-is-not-enough.aspx | Vulnerabilities in Microsoft Exchange Server have a serious impact. Simple patching is not enough | <h3>Unauthorized access to e-mail. Potential dangers of malicious code installation, data theft and misuse thereof with social engineering methods. Local companies and institutions are in serious danger connected to the massive attacks on systems using Microsoft Exchange Server. The latest large-scale incident revealed the fact that simple updating is not sufficient for the protection of the company's system.</h3><p>
<br>The attack targeting one of the most common Microsoft software products used for e-mail exchange and resource sharing was most likely launched as early as the end of 2020. In the following months, before its discovery in March, hackers have silently attacked tens of thousands of servers around the globe. The Czech Republic and Slovakia did not escape these attacks either, as there were thousands of vulnerable servers in both countries. </p><p>A compromised e-mail server can serve the attackers as a springboard for attacking other systems in the organization, as well as those of its business partners, suppliers, or customers. Although updates are underway at present aiming at fixing the vulnerabilities, it cannot be ruled out that the hackers have created backdoors in the infected systems with an intention to use them for more future attacks.</p><p>As the experience of experts from the AEC company providing cyber protection to enterprises and institutions shows, attackers who have gained access to sensitive information will definitely try to effectively monetize the stolen data or misuse it for further attacks with social engineering methods.</p><p>Despite the timely installation of patches, no company can be sure that a number of confidential information such as contacts, addresses, employee names, invoices or contracts has not escaped from their systems together with the stolen e-mails. And this is also one of the reasons why cyber security experts continue to recommend the highest level of caution to be applied.</p><p>“If we cannot be sure whether the system was compromised or not, we have to assume that it was compromised,” comments Maroš Barabas, Head of Product Management in AEC and he adds: “Be prepared that attacks can be targeted not only at you, but also at all your partners, suppliers, or customers you are interacting with and that your confidential information and data can be misused to achieve it.” </p><p>The key issue with this type of compromise lies in the fact that the attacker knows perfectly well how the attacked company communicates with its surroundings due to possessing the stolen information. This allows him to follow with the communication in a proper manner and at the right time. For example with a fake e-mail written in a format identical to the correspondence which the infected company would normally exchange with its business partner, including the history of conversation.</p><p>However, there may be one tiny difference – for example in addition to the standard message attributes and the usual business information, the e-mail may also contain a little note: we are sending the requested invoice; however, we would like to notify you of a change in the account number. There is no way this e-mail can be recognized as a scam. The only way the company can be certain that it will not loose its money would be a proper check of such message by its duly informed employee. </p><p>“In this case, we recommend checking this information directly with the supplier by phone. But be sure not to call the number listed on the suspicious invoice, because the person on the other end of the line could easily be the attacker himself. Call only known numbers. And send the money only to accounts verified by a process not relying on e-mail communication,” says Maroš Barabas. He also said that companies can face these and similar practices by utilizing security awareness services. These include comprehensive employee trainings provided with the latest technologies and procedures, including testing. A specially trained worker could be exactly the decisive factor for ensuring the company’s cyber security.<br></p><p style="text-align:center;">
<img class="maxWidthImage" src="/cz/PublishingImages/news/2021/aec-security-awareness-graphics-2-eng.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" /> </p><p>Please see our website
<a href="https://socialing.cz/en">https://socialing.cz/en</a> for more information.<br></p> | | | | |
| We present new cybersecurity training programme provided on the KnowBe4 platform | | https://www.aec.cz/en/news/Pages/we-present-new-cybersecurity-training-programme-provided-on-the-knowbe4-platform.aspx | We present new cybersecurity training programme provided on the KnowBe4 platform | <p>
<strong>AEC, a leading cybersecurity provider, is offering an effective training programme for employees of enterprises and institutions. Recently, the company started to utilize tools featured by the U.S.-made KnowBe4 platform for the provision of its security awareness services. When using these new tools, AEC’s customers will be now ready to face cyberattacks with greater success, including scam e-mails or fraudulent phone calls.</strong></p><p>Now, AEC’s customers can choose between two learning modes. The first one enables them to purchase the product in the form of providing a unique access to the tools on the U.S.-made KnowBe4 platform. Here, they may simulate hacker attacks themselves and subsequently, use the follow-up e-learning training as needed.</p><p>However, the majority of Czech companies do not possess the know-how required for such activities. A proper processing, targeting and evaluation of all steps requires lot of effort. For this reason, AEC offers also a second option, namely the opportunity to order security awareness as an all-embracing service with all procedures, including the utilization of unique tools, executed by AEC experts.</p><p style="text-align:center;">
<img class="maxWidthImage" alt="AEC Security Awareness" src="/cz/PublishingImages/news/2021/aec-security-awareness-graphics-1-eng.jpg" data-themekey="#" style="margin:5px;width:650px;" /> </p><p>Maroš Barabas, Head of Product Management in AEC pointed out: “For AEC, the partnership with KnowBe4, a company that is indisputably one of the top leaders in the field of security awareness worldwide, means a significant evolution of its services portfolio,” and he added: “Now, we can interconnect and automate the individual partial steps in all our tutorials and steer their strength in the right direction.”</p><p>KnowBe4 has one main advantage. And that is its ability to combine testing with learning in an interesting way. The environment where it functions allows to carry out examinations before and after the training. This way, it is clearly visible which users are improving over time and which still need some help, and specifically with what. The results are helping to modify the trainings better, both to accommodate the individual participants, as well as the specific needs of the given organization.</p><p>A training programme assembled in the form of a series of attractive steps is now available to AEC’s customers: incident analysis, trainings, clear infographics, instructive e-mails, as well as examinations and specific testing of the knowledge acquired focusing on the physical, e-mail and phone call attack methods. The goal is to change the habits of the users and to reinforce new patterns in their behaviour until the topic of cybersecurity becomes a natural part of the corporate culture.</p><p>“We do not impersonate an attacker who would misuse the attack; in fact, exactly the opposite. Even though this is a training for educational purposes, our progress would be as insidious and as merciless as the actions taken by any of the experienced hackers,” observed Maroš Barabas, adding: “Our previous experience shows that personal confrontation with an attack, albeit simulated, together with an intense personal encounter with the situation provide a long-term experience for the employees."</p><p style="text-align:center;">
<img class="maxWidthImage" alt="AEC Security Awareness" src="/cz/PublishingImages/news/2021/aec-security-awareness-graphics-2-eng.jpg" data-themekey="#" style="margin:5px;width:650px;" /> </p><p>Today, the overwhelming majority of all cyberattacks focus on the weakest link in corporate data protection, i.e. the human factor. Attackers use a variety of fraudulent methods, including the gathering of publicly available data and they do not hesitate to use it in order to pressure the user, confuse, and deceive him.</p><p>“A rising number of enterprises are becoming aware that the best way to secure their data from social engineering attacks does not mean building an expensive technological wall around it, but to educate their staff as well as they can. Our offer is an answer to the fact that education of employees in the form of a standard one-off training has proven to be ineffective,” concludes Maroš Barabas.</p><p>For more information please see
<a href="https://socialing.cz/cs">https://socialing.cz/cs</a>.</p><p>AEC organizes short free webinars on the issue of cyber attacks. The next one will take place on Tuesday February 16 from 10 am CET. Maroš Barabas and ethical hacker Martin Fojtík will introduce the most common attacks and their form to those interested within forty-five minutes and outline what a security awareness program focused on the risks of social engineering should look like. The next time will be put in Q&A. More information at:
<a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=c2e66a69-98ba-44b2-9c45-29be530f4c7c&TermSetId=f883c0d5-da01-4517-a46d-bb0f2322ac82&TermId=53fb62fc-50ff-4fc4-b58b-9b3ccbb838b0">https://aec.cz/cz/security-awareness-webinar</a>.</p><p style="text-align:center;">
<a href="/_layouts/15/FIXUPREDIRECT.ASPX?WebId=b9ce95c9-07dc-4bea-b380-1061fe4d85cd&TermSetId=884ec23f-e893-4c04-bd81-6d70c3c2a36c&TermId=53fb62fc-50ff-4fc4-b58b-9b3ccbb838b0">
<img class="maxWidthImage" src="/cz/PublishingImages/webinar/security-awareness-cz-2021.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" /></a> </p> | | | | |
| ARICOMA Group acquires the tech company Seavus | | https://www.aec.cz/en/news/Pages/aricoma-group-acquires-the-tech-company-seavus.aspx | ARICOMA Group acquires the tech company Seavus | <p>
<strong>ARICOMA Group representatives have announced a major step in the international expansion of the company, which is part of Karel Komárek’s KKCG Group. According to the purchase agreement, ARICOMA Group has acquired the technology company Seavus. With this acquisition, ARICOMA Group penetrates further markets in Europe and strengthens its position in the USA. At the same time, it becomes an international player in the IT industry, with consolidated revenues of EUR 300 million, earnings of over EUR 23 million before interest, taxes, depreciation, and amortization (EBITDA), and more than 2,800 employees.</strong></p><p>
<em>“This acquisition fulfils the long-term strategy of the KKCG Group in the field of information technology. Ever since ARICOMA Group was founded, when we consolidated the big players on the Czech IT market, we always envisaged that the next step would be international expansion. Personally, I am delighted that we have been able to complete the transaction in these challenging times,”</em> says
<strong>Michal Tománek, Technology Investment Director of KKCG</strong>. </p><p>ARICOMA Group (the IT services consolidation platform of the KKCG Group), continues to deliver on its ambition to become a major European IT services provider. According to Tománek, it will encompass a group of specialized companies, which together will offer customers an integrated range of digital transformation services.</p><p>
<em>“With its range of services focused on IT consulting, software development, implementation of software solutions and products for maintenance and support, infrastructure management, cybersecurity and compliance, Seavus fits perfectly into the ARICOMA Group portfolio,”</em> says
<strong>ARICOMA Group CEO, Milan Sameš</strong>. Sameš is also positive about the history of Seavus, which was founded in Malmö and Skopje in 1999 and has continued to develop ever since. Probably the best testament to the quality of its 800 employees is the fact that the company provides services in many countries in Europe including, its core Scandinavian region, the Benelux countries, Switzerland, and the USA. Its main clients include companies in the telecommunications sector (e.g. Sunrise, Tele2, A1, Globalstar), banking industry (Erste Bank, Banca Intesa, Marginalen Bank), and tech companies, such as Bosch.
<em>“The experience we have gained this year, which has been so fundamentally marked by the coronavirus pandemic, tells us that the digital transformation of companies is proceeding faster than we had expected. We see in this a massive opportunity for further growth. The acquisition of Seavus fits into this plan perfectly,”</em> says
<strong>Sameš</strong>. </p><p>One of the main objectives of ARICOMA Group is to establish itself more strongly in foreign markets while supporting the more dynamic development of its own SW solutions and services.</p><p>
<em>“We strongly believe that the involvement of a strong strategic partner, such as ARICOMA Group of companies, will accelerate innovation and further strengthen our capabilities to offer high quality software development services and next generation solutions, to our customers worldwide. Now, we will remain not only dedicated to success, but even more motivated to accomplish our goals: expand our portfolio of customers, become a trustworthy partner in their process of digitalization, and to lead the way as one of Europe’s best IT providers. Seavus is going to be an immense part of the KKCG success story,” </em>says
<strong>Igor Lestar, Chairman of the Board, Seavus Group</strong>. With this acquisition, all operations and lines of business will continue unchanged in the near future. ARICOMA Group is committed to maintaining the leadership and the core values that have made Seavus a trusted partner, service provider, and a reliable employer. </p><p>
</p><h2>Seavus</h2><p>Seavus is a software development and consulting company with a proven track-record in providing successful enterprise-wide business solutions. The company has over 800 IT experts worldwide and offers a variety of products and service options, successfully covering the European and US market from several offices in the world. Their expanding portfolio covers: BSS/OSS, CRM, CEM, Business Intelligence solutions, ALM, embedded programming, business and consumer products, mobile and gaming solutions, managed services, as well as custom development, consultancy and resourcing. Seavus’ portfolio includes over 4000 customers, among which are leading worldwide telecom and handset manufacturers, organizations from the banking and finance industry, consumer electronics, technology, education, government, health, etc.<br>As of today, Seavus has fifteen operating offices located in several countries, including Sweden, the United States of America, North Macedonia, Belarus, Moldova, Switzerland, Serbia, Bosnia and Herzegovina, with a continuous growth strategy.</p><h2>ARICOMA Group</h2><p>The largest ICT holding in the Czech Republic. The group includes the companies AUTOCONT, Cleverlance, DataSpring, AEC, Cloud4com and Internet Projekt. The companies in the ARICOMA group provide a wide range of services, starting with the design of ICT architecture, through infrastructure and Cloud services and the implementation of corporate applications, up to the development of its own comprehensive software solutions and outsourcing. Last year, the group’s overall revenue exceeded 7 billion crowns.</p><h2>About KKCG</h2><p>KKCG Group, founded and led by successful Czech entrepreneur, Karel Komárek, is an in-ternational investment company which manages more than EUR 6 billion (book value) of assets. KKCG operates in 19 countries and its key strategic sectors include gaming, oil and gas, technology and real estate. KKCG Group includes SAZKA Group, ARICOMA Group, MND Group, US Methanol, the Springtide Ventures capital fund, and others.
<br></p> | | | | |
| IMPORTANT WARNING: TrickBot-Ryuk Activity Increased | | https://www.aec.cz/en/news/Pages/important-warning-trickbot-ryuk-activity-increased.aspx | IMPORTANT WARNING: TrickBot-Ryuk Activity Increased | <p>
<strong>TrickBot malware and Ryuk ransomware activity has grown significantly over the past 48 hours. This activity has been noticed by our technology team in the AEC customer base, across several different segments. Therefore, we recommend taking this warning with the utmost seriousness.<br><br></strong></p><hr /><h2>Update 02/11/2020:</h2><p>Further indicators of compromise were added, connected with, among others, the Emotet botnet. When investigating incidents at our customers’, we identified additional IOCs, which have been newly added in the table below.</p><hr /><p> </p><p>You may be aware of this malicious software due to the attacks successfully executed both this and last year; TrickBot malware and Ryuk ransomware were also taking part in the attack on the Benešov Hospital last December. We have already written several times about the abovementioned attack as well as about other activities by attackers using the Emotet botnet or the malware in question [1, 2].</p><p style="text-align:center;">
<img class="maxWidthImage" alt="TrickBot Ryuk" src="/cz/PublishingImages/news/2020/aec-TrickBot-Ryuk.jpg" data-themekey="#" style="margin:5px;width:650px;" /> </p><p>On Wednesday October 25, 2020, the Cybersecurity and Infrastructure Security Agency (CISA) reported on the increased activity of this malware and the likeness of attacks on hospitals and other healthcare facilities [3]. The Czech National Cyber and Information Security Agency (NÚKIB) also warned about the increased activity of the botnet Emotet in early October [4].</p><p>The current version of the TrickBot malware is no longer just your regular banking trojan. Now, after your computer has been attacked, the attackers have the ability to steal credentials and e-mail messages, to extract cryptocurrencies, steal data from payment systems, or to download additional malware or ransomware to the infected system.</p><p>We recommend all our customers to check how up-to-date is their endpoint protection solution and to scan for vulnerabilities, since the exploitation of vulnerabilities is the way this malware spreads across the network the most often. Companies with an IOC search tool can search the managed devices for IOCs listed in the table below.
<br><br></p><table width="100%" class="ms-rteTable-default" cellspacing="0" style="height:33px;"><tbody><tr><td class="ms-rteTableEvenCol-default" bgcolor="#6773b6" style="text-align:center;"><h3>
<span style="color:#ffffff;">IOC type</span></h3></td><td class="ms-rteTableEvenCol-default" bgcolor="#6773b6" style="text-align:center;"><h3>
<span style="color:#ffffff;">IOC</span></h3></td><td class="ms-rteTableEvenCol-default" bgcolor="#6773b6" style="text-align:center;"><h3>
<span style="color:#ffffff;">Note</span></h3></td></tr><tr><td class="ms-rteTable-default" rowspan="2">
<strong>File name</strong></td><td class="ms-rteTable-default">12 characters (including ".exe")</td><td class="ms-rteTable-default" rowspan="2">F.e. mfjdieks.exe</td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">anchorDiag.txt</td></tr><tr><td class="ms-rteTable-default" rowspan="3">
<strong>Location of the suspicious file in the directory</strong></td><td class="ms-rteTable-default">C:\Windows\</td><td class="ms-rteTable-default" rowspan="3"></td></tr><tr><td class="ms-rteTable-default">C:\Windows\SysWOW64\</td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">C:\Users\\AppData\Roaming\</td></tr><tr><td class="ms-rteTable-default" rowspan="2">
<strong>String</strong></td><td class="ms-rteTable-default">Global\fde345tyhoVGYHUJKIOuy</td><td class="ms-rteTable-default">Typically present in running memory</td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">/anchor_dns/[COMPUTERNAME]_<br>[WindowsVersionBuildNo].[32CharacterString]/</td><td class="ms-rteTable-default">Typically present in the communication to the C&C server</td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">
<strong>Planned tasks</strong></td><td class="ms-rteTable-default">[random_folder_name_in_%APPDATA%_excluding_Microsoft]<br>autoupdate#[5_random_numbers]</td><td class="ms-rteTable-default"></td></tr><tr><td class="ms-rteTable-default" rowspan="2">
<strong>CMD command</strong></td><td class="ms-rteTable-default">cmd.exe /c timeout 3 && del C:\Users\[username]\[malware_sample]</td><td class="ms-rteTable-default"></td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">cmd.exe /C PowerShell \"Start-Sleep 3; Remove-Item C:\Users\[username]\[malware_sample_location]\"</td><td class="ms-rteTable-default"></td></tr><tr><td class="ms-rteTable-default" rowspan="6">
<strong>DNS</strong></td><td class="ms-rteTable-default">kostunivo[.]com</td><td class="ms-rteTable-default" rowspan="6">DNS names connected with Anchor_DNS (included in the TrickBot malware)</td></tr><tr><td class="ms-rteTable-default">chishir[.]com</td></tr><tr><td class="ms-rteTable-default">mangoclone[.]com</td></tr><tr><td class="ms-rteTable-default">onixcellent[.]com</td></tr><tr><td class="ms-rteTable-default">innhanmacquanaogiare[.]com<span style="color:#6773b6;"> - update 2020-11-02</span></td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">edgeclothingmcr[.]com <span style="color:#6773b6;">- update 2020-11-02</span></td></tr><tr><td class="ms-rteTable-default" rowspan="8">
<strong>DNS</strong></td><td class="ms-rteTable-default">ipecho[.]net</td><td class="ms-rteTable-default" rowspan="8">DNS names used for connectivity checks</td></tr><tr><td class="ms-rteTable-default">api[.]ipify[.]org</td></tr><tr><td class="ms-rteTable-default">checkip[.]amazonaws[.]com</td></tr><tr><td class="ms-rteTable-default">ip[.]anysrc[.]net</td></tr><tr><td class="ms-rteTable-default">wtfismyip[.]com</td></tr><tr><td class="ms-rteTable-default">ipinfo[.]io</td></tr><tr><td class="ms-rteTable-default">icanhazip[.]com</td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">myexternalip[.]com</td></tr><tr><td class="ms-rteTable-default" rowspan="11">
<strong>IP address</strong></td><td class="ms-rteTable-default">23[.]95[.]97[.]59</td><td class="ms-rteTable-default" rowspan="11">C&C servers IP addresses</td></tr><tr><td class="ms-rteTable-default">51[.]254[.]25[.]115</td></tr><tr><td class="ms-rteTable-default">193[.]183[.]98[.]66</td></tr><tr><td class="ms-rteTable-default">91[.]217[.]137[.]37</td></tr><tr><td class="ms-rteTable-default">87[.]98[.]175[.]85</td></tr><tr><td class="ms-rteTable-default">81[.]214[.]253[.]80
<span style="color:#6773b6;">- update 2020-11-02</span></td></tr><tr><td class="ms-rteTable-default">94[.]23[.]62[.]116
<span style="color:#6773b6;">- update 2020-11-02</span></td></tr><tr><td class="ms-rteTable-default">104[.]28[.]27[.]212
<span style="color:#6773b6;">- update 2020-11-02</span></td></tr><tr><td class="ms-rteTable-default">172[.]67[.]169[.]203 <span style="color:#6773b6;">- update 2020-11-02</span></td></tr><tr><td class="ms-rteTable-default">104[.]28[.]26[.]212 <span style="color:#6773b6;">- update 2020-11-02</span></td></tr><tr style="border-bottom-color:#6773b6;border-bottom-width:2px;border-bottom-style:solid;"><td class="ms-rteTable-default">93[.]114[.]234[.]109 <span style="color:#6773b6;">- update 2020-11-02</span></td></tr></tbody></table><p> </p><p>
<span style="color:red;">
<strong>If you register any of the IOCs listed above or any other suspicious activity in your network, please do not hesitate to
<a href="mailto:matej.kacic[@]aec.cz">contact us directly</a> and ask for a consultation, incident analysis or the implementation of specific security measures.
<br>
<br></strong></span></p><hr /><h3>Sources:</h3><p>[1]:
<a href="/cz/novinky/Stranky/zprava-o-bezpecnosti-v-prosinci-2019.aspx" target="_blank">https://aec.cz/cz/novinky/Stranky/zprava-o-bezpecnosti-v-prosinci-2019.aspx</a><br>[2]:
<a href="https://www.antivirus.cz/Blog/Stranky/pozvanka-na-vanocni-vecirek-poradany-botnetem-emotet.aspx" target="_blank">https://www.antivirus.cz/Blog/Stranky/pozvanka-na-vanocni-vecirek-poradany-botnetem-emotet.aspx</a><br>[3]:
<a href="https://us-cert.cisa.gov/ncas/alerts/aa20-302a" target="_blank">https://us-cert.cisa.gov/ncas/alerts/aa20-302a</a><br>[4]:
<a href="https://www.nukib.cz/cs/infoservis/hrozby/1638-upozorneni-na-zvysenou-aktivitu-malwaru-emotet/" target="_blank">https://www.nukib.cz/cs/infoservis/hrozby/1638-upozorneni-na-zvysenou-aktivitu-malwaru-emotet/</a><br></p> | | | | |
| Zerologon: Critical Vulnerability of Windows AD | | https://www.aec.cz/en/news/Pages/zerologon-kriticka-zranitelnost-windows-ad.aspx | Zerologon: Critical Vulnerability of Windows AD | <p style="margin:0px 0px 10px;text-align:justify;color:#696158;text-transform:none;line-height:1.6;text-indent:0px;letter-spacing:normal;font-family:source-sans-pro, open-sans, sans-serif;font-size:14px;font-style:normal;font-weight:400;word-spacing:0px;white-space:normal;orphans:2;widows:2;background-color:#ffffff;text-decoration-color:initial;text-decoration-style:initial;">The name of the vulnerability is closely related to the main attack vector exploiting the vulnerability, which is a bug in the configuration of the initialisation vector (IV) when encrypting Netlogon Remote Protocol (MS-NRPC) messages, allowing an internal attacker to fully break the encryption and to pass off as any computer of his choice in the network.</p><p style="margin:0px 0px 10px;text-align:justify;color:#696158;text-transform:none;line-height:1.6;text-indent:0px;letter-spacing:normal;font-family:source-sans-pro, open-sans, sans-serif;font-size:14px;font-style:normal;font-weight:400;word-spacing:0px;white-space:normal;orphans:2;widows:2;background-color:#ffffff;text-decoration-color:initial;text-decoration-style:initial;"> </p><p style="text-align:center;">
<img class="maxWidthImage" alt="Samsung zranitelnost" src="/cz/PublishingImages/news/2020/aec-zerologon.png" data-themekey="#" style="margin:5px;width:650px;" />
</p><p>The name of the vulnerability is closely related to the main attack vector exploiting the vulnerability, which is a bug in the configuration of the initialisation vector (IV) when encrypting Netlogon Remote Protocol (MS-NRPC) messages, allowing an internal attacker to fully break the encryption and to pass off as any computer of his choice in the network.</p><p>The impact of this vulnerability is enormous. So troubling in fact, that its severity in the Common Vulnerability Scoring System (CVSS) reached a critical 10 out of 10. A successful exploitation of the vulnerability allows an attacker who can establish TCP connections to a Domain Controller to escalate his privileges all the way up to the level of the domain admin, resulting in a complete compromising of the entire domain as well as all the systems connected to it. In most cases (unless the domain controller is publicly available from the Internet), the attack can only be performed from the internal network, therefore the chances of its misuse are reduced.</p><p>There are several scripts already circling on the Internet nowadays exploiting the vulnerability successfully (mostly to evidence the concept); also, due to the data available from some honeypot systems (systems that are intentionally vulnerable and accessible from the Internet, for which any attempts of exploit are actively monitored), the vulnerability is already actively and automatically exploited by several hacker groups on a global scale.</p><p>Microsoft announced two patches fixing the defect allowing this vulnerability. <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472"><span lang="EN-GB">The first patch was issued on August 11, 2020</span></a> and it was labelled as critical. This patch fixes the bug enabling the attack and making it possible for an attacker to authenticate himself as any machine in AD. It should present a sufficient way of preventing the exploit. For this reason, we strongly recommend you to apply the patch and to update all domain controllers as soon as possible.</p><p>The second patch is planned for the beginning of the upcoming year and deals with one of the mechanisms of the RPC protocol related to the Signing and Sealing of RPC messages (RPC Signing and Sealing). This feature, set by a flag in the header of every message, determines whether the communication between the client and the DC is encrypted. By simply setting the value to 0, an attacker can turn this mechanism off and now he can send any messages without knowing the actual encryption key. This patch is not critical for the prevention of the vulnerability, since in order to be exploited, an authentication to the domain controller is required, which has been prevented by the first patch.</p><h2 dir="ltr" style="margin-right:0px;">Technical details</h2><p>The vulnerability was announced in a <a href="https://www.secura.com/pathtoimg.php?id=2055"><span lang="EN-GB">report published in September 2020 by Tom Tervoort, a security researcher</span></a> representing Secura. The report describes the flaws in the implementation of Netlogon Remote Protocol (MS-NRPC) encryption and the way in which it is possible to establish an authentication to a domain controller for any machine in the network, including the domain controller itself, with a simple brute force attack.</p><p>The MS-NRPC protocol is used in the AD environment for tasks related to the authentication of user and machine accounts. Most often, it is a matter of logging in to servers using the NTLM protocol, as well as changing the user password in the domain for example.</p><p>There is one thing peculiar about this protocol. And this is the fact that it does not use standard domain authentication mechanisms, such as Kerberos, but uses a different procedure instead. Simply put, for an authentication to be successful, the client and the server will exchange a set of random numbers (challenges) which they will combine with the user password hash, resulting in a common encryption key. Once the key generated by the client is identical to the key generated by the server, it is taken as a proof that the client knows the user's password and therefore, that it can be authenticated.</p><p>The issue lies in the manner in which the encryption key proving that the client knows its password is created. An AES<a href="/en/news/Pages/zerologon-kriticka-zranitelnost-windows-ad.aspx#_msocom_1">[ZN1]</a> encryption is used to produce the key, but in a relatively obscure setting know as CFB-8, and in addition to it, also used in a wrong way, because it contains an initialisation vector with fixed value of 16 bytes of zeros (the initialisation vector is one of the primary mechanisms providing the proper functioning of this type of encryption, and it should be always a random number). Research has shown that this bug results in the fact that with the zero IV and for a randomly selected encryption key, the data containing only zeros will be encrypted as all zeros in one of about 256 cases (see the figure below).</p><p style="text-align:center;">
<img class="maxWidthImage" alt="Samsung zranitelnost" src="/cz/PublishingImages/news/2020/zerologon-01.png" data-themekey="#" style="margin:5px;width:650px;" />
</p><p style="text-align:justify;">The Zerologon vulnerability relies on this feature and bypasses the calculation of the client challenge required by the server to prove that the client knows the correct value of the encryption key calculated for this session. The value required by the server is calculated by encrypting the selected random number (which is chosen by the client in the previous authentication step) with an encryption key generated on the basis of both random numbers (from the client and the server). Therefore, due to the encryption flaw described above, it is possible to forge this answer, since in case the client selects its random key in the form of all zeros, the encrypted value will equal a chain of all zeros for 1 out of 256 encryption keys on average. Thus, it is sufficient for an attacker to repeat the log-in process approximately 256 times until this phenomenon occurs, resulting in a successful authentication and gaining the ability to perform actions on the user account, such as changing the password.</p><p style="text-align:justify;">In order to complete the attack successfully, it is necessary to exploit the second part of the vulnerability connected to RPC Signing and Sealing of messages. This feature determines whether the rest of the communication between the server and the client will be encrypted (using the encryption key obtained in the previous step), or if the communication will be unencrypted. However, the authentication handshake includes a header defined by the client allowing this feature to be disabled, thus enabling the attacker (not knowing the encryption key because the log in as such was executed with no knowledge of it by exploiting the first part of the Zerologon vulnerability) to send additional requests to the server without restriction and to continue doing so until the server is completely compromised by changing the password for the domain administrator.</p><p style="text-align:center;">
<img class="maxWidthImage" alt="Samsung zranitelnost" src="/cz/PublishingImages/news/2020/zerologon-02.jpg" data-themekey="#" style="margin:5px;width:650px;" />
</p>
<h2>Patching the vulnerability</h2><p>To prevent the exploitation of the vulnerability, application of security patches to all Windows Servers version 2008 and later is required, according to the information available at <a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472"><span lang="EN-GB">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472</span></a>.</p><h3 style="margin:auto;text-align:justify;color:#262626;text-transform:none;line-height:1.4em;text-indent:0px;letter-spacing:normal;font-family:source-sans-pro, open-sans, sans-serif;font-size:14px;font-style:normal;font-weight:bold;word-spacing:0px;white-space:normal;orphans:2;widows:2;background-color:#ffffff;text-decoration-color:initial;text-decoration-style:initial;">Sources</h3><ul style="list-style:square;margin:0px;padding:0px 0px 0px 20px;text-align:justify;color:#696158;text-transform:none;text-indent:0px;letter-spacing:normal;font-family:source-sans-pro, open-sans, sans-serif;font-size:14px;font-style:normal;font-weight:400;word-spacing:0px;white-space:normal;orphans:2;widows:2;background-color:#ffffff;text-decoration-color:initial;text-decoration-style:initial;"><li>
<a href="https://www.secura.com/pathtoimg.php?id=2055" target="_blank" style="color:#5c72b7;text-decoration:none;">https://www.secura.com/pathtoimg.php?id=2055</a></li><li>
<a href="https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472" target="_blank" style="color:#5c72b7;text-decoration:none;">https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1472</a></li><li>
<a href="https://www.trendmicro.com/en_us/what-is/zerologon.html" target="_blank" style="color:#5c72b7;text-decoration:none;">https://www.trendmicro.com/en_us/what-is/zerologon.html</a></li><li>
<a href="https://nukib.cz/cs/infoservis/hrozby/1636-upozorneni-na-zranitelnost-zerologon/" target="_blank" style="color:#5c72b7;text-decoration:none;">https://nukib.cz/cs/infoservis/hrozby/1636-upozorneni-na-zranitelnost-zerologon/</a></li><li>
<a href="https://threatpost.com/zerologon-attacks-microsoft-dcs-snowball/159656/" target="_blank" style="color:#5c72b7;text-decoration:none;">https://threatpost.com/zerologon-attacks-microsoft-dcs-snowball/159656/</a></li><li>
<a href="https://github.com/VoidSec/CVE-2020-1472" target="_blank" style="color:#5c72b7;text-decoration:none;">https://github.com/VoidSec/CVE-2020-1472</a></li><li>
<a href="https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hijacking-a-domain-controller-with-netlogon-rpc-aka-zerologon-cve-2020-1472/" target="_blank" style="color:#5c72b7;text-decoration:none;">https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/hijacking-a-domain-controller-with-netlogon-rpc-aka-zerologon-cve-2020-1472/</a></li><li>
<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472" target="_blank" style="color:#5c72b7;text-decoration:none;">https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1472</a></li></ul><p> </p><table width="390" style="border-width:0px;color:#696158;text-transform:none;text-indent:0px;letter-spacing:normal;font-family:source-sans-pro, open-sans, sans-serif;font-size:14px;font-style:normal;font-weight:400;word-spacing:0px;white-space:normal;border-collapse:collapse;orphans:2;widows:2;background-color:#ffffff;text-decoration-color:initial;text-decoration-style:initial;"><tbody><tr><td width="100" align="center" valign="middle"><img alt="Mikuláš Hrdlička, AEC" src="https://www.antivirus.cz/Blog/PublishingImages/AEC-lidi/hacker-assessment-green.png" data-themekey="#" style="margin:5px;border:currentcolor;width:100px;max-width:690px;" /></td><td width="290" align="left" valign="top"><p style="margin:0px 0px 10px;line-height:1.6;"><strong>Mikuláš Hrdlička</strong><br>Cyber Security Specialist<br>AEC a.s.</p><p style="margin:0px 0px 10px;line-height:1.6;"><img src="https://www.antivirus.cz/Blog/PublishingImages/AEC-lidi/aec-sroubovice-dna-assessment.png" data-themekey="#" alt="" style="margin:5px;border:currentcolor;width:150px;max-width:690px;" /> </p></td></tr></tbody></table> | | | | |
| New type of attack siphons money from ATMs. Financial institutions are implementing countermeasures | | https://www.aec.cz/en/news/Pages/atm-jackpotting.aspx | New type of attack siphons money from ATMs. Financial institutions are implementing countermeasures | <p><strong><span lang="EN-GB" style="color:#696158;line-height:107%;font-family:source-sans-pro;font-size:10.5pt;"><strong>Financial institutions
operating Diebold Nixdorf ATMs are facing new types of attacks. Tests conducted
by AEC experts show that existing devices with an out-of-date system are unable
to withstand an attack. Attacks on cashpoints, which are also widely used by
banks in the Czech Republic and Slovakia, have recently been reported in many
European countries.</strong></span></strong></p><p><strong><img src="/cz/PublishingImages/news/2020/SON00908.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" /></strong> </p><p> </p><p>A major Slovak financial institution asked specialists from AEC, a leading cyber security provider, to test its ATMs. It did so after Diebold Nixdorf, one of the largest ATM suppliers, responded to the attacks with official security warnings. One of the things it shows is that the ATM manufacturer is looking into how it is possible that the attackers were apparently able to eavesdrop on communications within the device on an out-of-date version of the ATM.</p><p>During testing, AEC carried out a step by step simulation of the attacker's activities. The latest incidents fall into a category called ATM jackpotting, where the attacker gets under the chosen device's cover. Here, with the help of their own, specially modified device, the attackers connect to the ATM's USB port and communicate directly with the dispenser, i.e. the device that issues cash from the ATM. Another type of attack tested was one in which the attacker connects to the ATM's USB port and then tries to increase his access rights to the level of administrator so that he can subsequently evade the restrictions for uploading his own code.</p><p><em><img src="/cz/PublishingImages/aec-people/SON00208.jpg" data-themekey="#" alt="" style="margin:5px;width:144px;height:187px;float:left;" /><em>"We have verified that a person who knows where to look can get to the ATM's hidden USB port in a matter of seconds," </em>warns Tomáš Sláma, head of penetration testers at AEC, adding,<em> "The result was the finding that those ATMs that did not have updated firmware, are not sufficiently resistant to this type of attack, and can be used to illegally withdraw money."</em></em></p><p>According to Tomáš Sláma, this is the reason why every responsible bank should employ experts to regularly check its resistance to various types of vulnerabilities, just as one of the banking houses in Slovakia did in this case.</p><p>Since it was set up, AEC's ethical hackers have become leaders in the field of cyber security. Thanks to their extensive experience, knowledge and erudition, they can test the security system of any ATM, and therefore they are regularly approached by a number of the world's leading banking companies. The AEC team provides a comprehensive security audit. This is used to alert the client to vulnerabilities in the system of the device being tested and offer recommendations on how to give it better security settings, thus significantly reducing the risk of misuse.</p><p><em>"In this case, after testing their device, we unequivocally recommend that clients update the firmware," </em>says AEC's head of penetration testers, specifying,<em> "The update increases the level of security in the communication between the system that allows money to be released and the dispenser. After it is installed, the device no longer accepts the attacker's specious commands." </em></p><p><em> </em></p><p style="text-align:center;"><em></em> <a href="/cz/Documents/Files/2020/AEC_Leaflet_ATM-CZ-prev.pdf?" target="_blank"><img src="/cz/PublishingImages/news/2020/AEC_Leaflet_ATM-ENG-prev.jpg" data-themekey="#" alt="" style="margin:5px;width:278px;height:396px;" /></a> </p><div class="ms-rtestate-read ms-rte-wpbox"><div class="ms-rtestate-notify ms-rtestate-read da0989e0-b202-43cf-ada9-ff10944de212" id="div_da0989e0-b202-43cf-ada9-ff10944de212" unselectable="on"></div><div id="vid_da0989e0-b202-43cf-ada9-ff10944de212" unselectable="on" style="display:none;"></div></div><p style="text-align:center;"> </p> | | | | |
| AEC merger and new company identification number | | https://www.aec.cz/en/news/Pages/nove-sidlo-spolecnosti.aspx | AEC merger and new company identification number | <p>Let us inform you that as of June 25, 2020, the merger of AEC a.s., as the merging company, with AEC Group a.s., as the successor company, took place. On the same date, AEC Group a.s. changed its name to AEC a.s. and as the legal successor of the merged company AEC a.s. entered into all its rights and obligations.<br><br></p><h2>Current information about AEC a.s. are as follows:</h2><p>
<strong>Company identification number: 04772148</strong> (instead of the original 26236176)<br>
<strong>VAT number: CZ04772148</strong> (instead of the original CZ26236176)<br>
<strong>ISDS (ID data box): 9kvkzi9</strong><br>
<strong>The file number of the entry in the Commercial Register is now B 21326</strong><br>
The company headquarter remains the same: Voctářova 2500/20a, Prague 8, 180 00</p><p>All original information, including telephone numbers and e-mail contacts, remain valid.<br><br></p><p>See the full contacts at:
<a href="/en/contact">https://www.aec.cz/en/contact</a>.</p> | | | | |
| AEC knows how to find and fix security bugs in applications under development. With support of Checkmarx from Israel | | https://www.aec.cz/en/news/Pages/aec-knows-how-to-find-and-fix-security-bugs-in-applications-under-development-with-support-of-checkmarx-from-israel.aspx | AEC knows how to find and fix security bugs in applications under development. With support of Checkmarx from Israel | <p style="text-align:justify;"><strong>EAC, a leading cybersecurity provider, entered into partnership with the leading developer of solutions for the analysis, identification and elimination of security risks in application software. Tools from Checkmarx, an Israeli company, are helping AEC's customers to efficiently reconcile functional and security requirements for their applications under development.</strong></p><p style="text-align:justify;">Online communication between enterprises and their customers by way of various computer, web or mobile applications has become an absolute standard nowadays. However, the effort to build one's own applications as a means to keep up with rapid progress, brings along several considerable risks.</p><p style="text-align:justify;">The management usually gives preference to business aspects of the application, i.e. its speed, cost-minimization and maximum user-friendliness, over its security. The reason behind is the fact that all these processes comprising testing and verifications are extremely complex and when executed directly by the programmers, the development of each application becomes excessively lengthy and expensive.</p><p style="text-align:justify;">AEC has been focusing on the provision of cyber security for a long time now. <strong>It can provide its customers with appropriate tools and processes in order not to slow down the development of the application in question, even after all necessary security standards have been introduced. </strong>The company's experts guide the customers through gradual changes in processes and definition of security requirements and checks in order to enable their efficient work on the development of applications and at the same time, to ensure the highest possible level of security.</p><p style="text-align:justify;"><img src="/cz/PublishingImages/aec-people/maroš-barabas-2018-1.jpg" data-themekey="#" alt="" style="margin:5px;width:150px;height:204px;vertical-align:auto;float:right;" />Checkmarx products are among the key tools significantly assisting them with the minimization of security risks for the developed application. "<em>We are happy, because thanks to our partnership with Checkmarx, </em><a href="/en/products-and-services/Pages/secure-development.aspx"><strong><em>we have gained access to unique tools significantly streamlining the security management during development</em></strong></a>," says Maroš Barabas, Head of Product Management in AEC.</p><p style="text-align:justify;">These tools developed by the Israeli company enable AEC experts to include the application source code security checks directly into the program development life cycle. This way, all potential security bugs in the code can be found and fixed immediately over the course of the application development, with no undue delays.</p><p style="text-align:justify;"><em>"AEC has an extensive background in cybersecurity</em><em> and DevSecOps</em><em>, making them a natural fit for the Checkmarx partner program,"</em> said Orit Shilvock, Director of EMEA Channels, Checkmarx. </p><p style="text-align:justify;"><em><img src="/cz/PublishingImages/illustration/Checkmarx-logo-2019-vertical.png" data-themekey="#" alt="" style="margin:5px;width:168px;height:131px;vertical-align:auto;float:left;" />"</em><em>As organizations in the Czech Republic and around the world work to address security gaps in the applications and software they develop, they're turning to testing tools that streamline and accelerate DevOps workflows and enable the development of a more secure final product. </em><em>We're excited to add AEC as an authorized reseller of Checkmarx products and anticipate a long, fruitful relationship as they support our services and solutions for years to come." </em>said Orit Shilvock.</p><p style="text-align:justify;">The most common way to develop a new application is the so-called in-house development, when a company is programming an entire application on its own. If it is done by means of outsourcing, the customer contracts a third party to have certain things programmed to measure and assumes only the role of an authority placing requirements. In both cases, however, it is also necessary to keep in mind that security requirements have to be included and checked during the delivery acceptance phase.</p><p style="text-align:justify;">Due to the fact that AEC experts combine application security methodologies and standards based on the customers' requirements and capabilities, they are able to provide the required quality and level of application security either at the customer's or in case of a third-party developer workforce. And on top of that, the application will be precisely checked in scope of the acceptation criteria by AEC penetration testers in the end and all potential bugs and weaknesses will be found. </p><p style="text-align:justify;">The fact that their developers will learn to work in a more secure way is then quite an appreciable bonus for any company. It can therefore be assumed that their future projects will be more secure starting from the design phase and the whole development cycle will become more efficient.</p><p style="text-align:justify;">And this is also one of the AEC objectives. "<em>We are helping our customer to be able to manage on his own. We teach him to define security requirements and how to incorporate these requirements into development. When we see that they need it, we will also provide them with appropriate training,</em>" concludes Maroš Barabas.</p> | | | | |
| AEC experts eliminate hackers with EDR technology surpassing traditional antiviruses | | https://www.aec.cz/en/news/Pages/aec-experts-eliminate-hackers-with-edr-technology-surpassing-traditional-antiviruses.aspx | AEC experts eliminate hackers with EDR technology surpassing traditional antiviruses | <p style="text-align:justify;"><strong>To defeat hackers, AEC is successfully using a sophisticated solution, efficiency of which significantly exceeds the capabilities of traditional antivirus programmes. Leading cyber security provider’s specialists have repeatedly deployed EDR technology during responses to recent attacks in financial institutions and medical facilities. With help of this technology, they promptly detected the attackers and subsequently prevented them from any further harmful activities.</strong></p><p style="text-align:justify;">The Endpoint Detection and Response (EDR) technology is featuring tools providing ways to identify a problem immediately including its correct assessment, to take a series of appropriate measures, and ultimately, to completely eliminate it. At AEC, a group of the most experienced people forming our Cyber Defense Center (CDC) is designated for the monitoring of systems of our customers and for immediate response in case of attacks.</p><p style="text-align:justify;">Karel John, Head of CDC describes a typical situation: <em>"Not so long ago, we had an urgent call from the Institute of Health Information and Statistics. There was a cyberattack under way in one the domestic medical facilities," </em>and he further specifies:<em> "One of their endpoints showed every evidence of malware presence, encryption was in process, files were being renamed literally under one's hands."</em><em> </em> </p><p style="text-align:center;">
<img class="maxWidthImage" alt="Karel John" src="/cz/PublishingImages/news/2020/AEC_CDC_Karel_John.jpg" data-themekey="#" style="margin:5px;width:650px;" />
</p><p style="text-align:justify;">CDC members deployed an EDR tool and discovered very quickly, that the main issue was not this specific machine, but that the malware was coming through the network from one of the servers. Following on that, with help of other EDR functionalities, they tracked the code, identified the attacker's sources, and stopped him. In this case, the whole intervention took them only few hours. </p><p style="text-align:justify;">Shortly after that, their good job was recognized also by Adam Vojtěch, Minister of Health, who in his statement for AEC, the parent company, said: <em>"I would like to express many thanks in the name of the Ministry of Health. We really appreciate your approach and selflessness." </em>The minister accentuated the fact that due to the efforts of CDC specialists the consequences of the attack were removed in an extremely short time.</p><p style="text-align:justify;">However, according to Karel John, critical situations like this one need not occur at all. If the customer has an EDR solution installed including professional supervision, i.e. monitoring provided directly by CDC, the experts from the monitoring centre not only alert him to a potential issue in time, but in the event of an incident, they immediately switch to the state of emergency and apply appropriate measures. The combination of the implemented EDR together with expert supervision significantly reduces the time available to the attacker for trying to do anything.</p><p style="text-align:justify;">EDR technology arranges for the collection of information on activities at the customer's endpoint, thus enabling efficient evaluation of potential security threats. This is a part of the whole solution complex suitably complementing the security of the customer's system. Also due to the cases such as the attack on a medical facility mentioned above, more and more enterprises and institutions are interested in knowing how is it possible for CDC to manage what many others cannot do.</p><p style="text-align:justify;">The growing interest in the possibility of securing systems with EDR technology is one of the reasons why AEC has currently prepared a special webinar. In course of the presentation, company's experts will present a detailed anatomy breakdown of the recent attacks covered by media. The event, which will take place on Thursday, May 21 from 10 am for those <a href="/_layouts/15/FIXUPREDIRECT.ASPX?fbclid=IwAR2DW022kDjxM_Segwh4glJsp7Vaix3ass_5iGf8mRrLTgesqkWV_ttqNy4&WebId=c2e66a69-98ba-44b2-9c45-29be530f4c7c&TermSetId=f883c0d5-da01-4517-a46d-bb0f2322ac82&TermId=35c687c5-35e0-439a-88a5-54d72bd83248"><span lang="EN-GB" style="text-decoration:underline;">registered</span></a> on the AEC website, will include an introduction to the tools and techniques used in the interventions and an explanation of the principles and benefits of the monitoring provided by CDC.</p><p style="text-align:justify;"><em>"Sometimes it happens that a company gets an EDR implemented and then gains a feeling that it is 100% protected. Of course, this is not true. The key is a combination of the state-of-the-art technology and experienced people. Only professionals with expert know-how, including knowledge of the customer's environment, are able to stop the attacker quickly and correctly. For example in order to know that they are not limiting some of the customer's key functionalities by their intervention,"</em> concludes Karel John.</p> | | | | |
| By Opening a Picture in MMS, You May Give Access to Your Phone Data to an Attacker | | https://www.aec.cz/en/news/Pages/by-opening-a-picture-in-mms-you-may-give-acess-to-your-phone-data-to-a-attacker.aspx | By Opening a Picture in MMS, You May Give Access to Your Phone Data to an Attacker | <p>We have written several times already about the Android OS vulnerabilities that were found within the Google Zero project. And now, another serious vulnerability has been identified, which not only allows attackers to access SMS text messages, contacts, phone data, it can even give them complete control over a mobile device. This time, however, it is not a vulnerability in the Android operating system, but in the Quram library processing the image files. This library is predominantly used in Samsung mobile phones.</p><p style="text-align:center;">
<img class="maxWidthImage" alt="Samsung zranitelnost" src="/cz/PublishingImages/news/2020/samsung-zranitelnost.jpg" data-themekey="#" style="margin:5px;width:650px;" />
</p><p> The issue has been solved by the last update issued this May, which is already available for Samsung mobile phones. This vulnerability can be found under the code <strong>SVE-2020-16747</strong>, or possibly under <strong>NVD CVE-2020-8899</strong>. It has been classified as critical, with temporary evaluation level of <strong>CVSS 10.0</strong>, i.e. the top possible one.According to the official statement released by Samsung, only models with the Android operating system version 8 and up are vulnerable. However, researcher Mateusz Jurczyk, who discovered this vulnerability, proved by his testing that Samsung models released in 2014 and later, i.e. with an older version of Android, are also vulnerable.</p><p>The vulnerability discovered in the Quram library lies in the way in which certain image formats are decoded. If an attacker manages to compile a "malicious" image and it is opened on a vulnerable phone, he can gain access to all the data accessible to the very application, which opened the picture. Let's take an MMS channel attack as an example. This was also presented by the researcher and is considered to be the most likely form of attack. An attacker sends a special picture via an MMS message. Immediately after it is opened by the application for reading SMS messages, the attacker gains access to everything that can be accessed by the given application. Thus, in most cases, this includes SMS messages, contacts, call logs, storage, and others. It always depends on the specific application permissions. However, it cannot be ruled out that an attacker could gain even higher privileges in case the image is decoded by some other application.</p><p>In reality, such attack is not so simple. First, an attacker must figure out the layout of the address space, which is "protected" on Android against exploitation of vulnerabilities by ASLR (Address Space Layout Randomization). The Proof of Concept of this attack took almost 2 hours and it was necessary to send more than 100 MMS messages. However, it cannot be ruled out that other vectors of attack may appear, reducing the required number of MMS messages and, in addition to that, preventing any notifications of the incoming message to be seen by the user. This type of attack has not been published yet, however, theoretically, it is possible. </p><p><strong>Since the attack via the MMS channel is the most probable one, we recommend the following:</strong></p><ul><li>To disable "MMS auto-retrieve" in your Messages app.</li><li>To check the current OS Android version and, if need be, to install the patch with the fix as soon as possible.</li></ul> <br>
<h3>Video Proof of Concept:</h3><center>
<iframe width="560" height="315" src="https://www.youtube.com/embed/nke8Z3G4jnc" frameborder="0"></iframe></center>
<br>
<p><strong>Please refer to: </strong></p><p>The original vulnerability report including the list of tested devices: <a href="https://bugs.chromium.org/p/project-zero/issues/detail?id=2002"><span lang="EN-GB" style="text-decoration:underline;">https://bugs.chromium.org/p/project-zero/issues/detail?id=2002</span></a></p><p>The attack Proof of Concept video: <a href="https://www.youtube.com/watch?v=nke8Z3G4jnc"><span lang="EN-GB" style="text-decoration:underline;">https://www.youtube.com/watch?v=nke8Z3G4jnc</span></a></p><p><a href="https://security.samsungmobile.com/securityUpdate.smsb"><span lang="EN-GB" style="text-decoration:underline;">https://security.samsungmobile.com/securityUpdate.smsb</span></a></p><p><a href="https://nvd.nist.gov/vuln/detail/CVE-2020-8899"><span lang="EN-GB" style="text-decoration:underline;">https://nvd.nist.gov/vuln/detail/CVE-2020-8899</span></a></p> | | | | |
| Free Codebashing Service | | https://www.aec.cz/en/news/Pages/45-Free-Days-Codebashing-Service.aspx | Free Codebashing Service | <p>Here at AEC we have always been committed to putting our customers first. Through good times and bad times, we are here for you. In light of recent events, many organizations are shifting to “work from home” and more precisely to “develop from home” when it comes to software development teams. We understand that this may not be an easy transition, especially while striving to maintain your high-security standards.</p><p>AEC collaborating with Checkmarx, is here to help and enrich your development team in these times.</p><p>To help you keep your software as secure as possible during this challenging time, we are providing you with free access to AppSec Awareness solution – Codebashing (<a href="/cz/Documents/Files/2020/AEC-Codebashing-Datasheet.pdf" target="_blank"><span style="color:#6773b6;">see datasheet</span></a>).
<br></p><table width="600" height="150" align="center" border="0" cellspacing="0" cellpadding="0"><tbody><tr align="center" valign="middle"><td width="10" align="center" bordercolor="#6773b6" valign="middle" bgcolor="#6773b6"><p> </p></td><td width="580" align="center" bordercolor="#6773b6" valign="middle" bgcolor="#6773b6"><p style="text-align:center;">
<span style="color:#ffffff;"><strong>CxCodebashing</strong> is a training and awareness solution that empowers security teams and development teams to create and sustain a software security culture that puts AppSec awareness in front of the developers, front-and-center! Through the use of communication tools, gamified training, competitive challenges and ongoing assessments, Codebashing helps organizations eliminate the introduction of vulnerabilities in the source code.</span></p></td><td width="10" align="center" bordercolor="#6773b6" valign="middle" bgcolor="#6773b6"><p> </p></td></tr></tbody></table><p>
<br>Checkmarx and AEC are providing free access* to AppSec Awareness Solution for DevOps – Codebashing – for a limited time.<br></p><center>
<iframe width="560" height="315" class="video" src="https://www.youtube.com/embed/cttO-5GlP0c" frameborder="0"></iframe></center>
<br>
<h2> Benefits:</h2><ul><li>
<strong>Fast and Easy To Start</strong></li><ul><li>Once you fill out the form, a Checkmarx/AEC representative will reach out within 24 hours and start the setup process.</li></ul><li>
<strong>Developers Improve their Secure Coding Skills</strong></li><ul><li>Codebashing offers easy to use modules that cover common security vulnerabilities found in software like SQL Injections, Leftover Bug Code, Cross-site Request Forgery, and much more. The training is delivered in brief, gamified lessons designed to be both informative and fun.</li></ul><li>
<strong>AppSec Managers Raise the Bar</strong></li><ul><li>Security that empowers developers to think and act securely in their day to day work. Organizations can engage their remote development teams to participate in:</li><li>Gamified Training to enhance your team’s security skills.</li><li>Baseline Assessments to understand your team’s secure coding competency.</li><li>Team Challenges to foster community and AppSec awareness while enhancing software security.</li></ul></ul>
<br>
<h2> Terms and Conditions:</h2><ul><li>One trial per company </li><li>Number of trial seats:</li><ul><li>Minimum 10 developers</li><li>Maximum 100 developers </li></ul><li>Offer expires May 31, 2020 </li><li>Not open to existing Codebashing customers</li><li>For this trial, we will exclude SSO integration support.</li></ul><div style="text-align:center;">
<img class="maxWidthImage" alt="languages and frameworks" src="/cz/PublishingImages/news/2020/codebsahing-lang-coverage.jpg" data-themekey="#" style="margin:5px;width:658px;" />
</div><div class="registrationForm shadowBack"><div class="ms-rtestate-read ms-rte-wpbox"><div class="ms-rtestate-notify ms-rtestate-read 9b21ed2b-33ee-42cc-87b8-398cfc97c25b" id="div_9b21ed2b-33ee-42cc-87b8-398cfc97c25b" unselectable="on"></div><div id="vid_9b21ed2b-33ee-42cc-87b8-398cfc97c25b" unselectable="on" style="display:none;"></div></div>
<br>
</div>
<br>
<p>Last day to get free access - May 31st.</p><p>With Codebashing, your developers can learn how to code securely at work or from home, improving the security and quality of your software. </p><p style="text-align:center;">
<img class="maxWidthImage" alt="Checkmarx Codebashing" src="/cz/PublishingImages/news/2020/screenshot-codebashing-dark.png" data-themekey="#" style="margin:5px;" />
</p><p> </p><h2>Contact:</h2><div align="left"><table style="width:320px;"><tbody><tr><td align="center" valign="middle" style="width:72px;">
<img alt="Lukáš Bláha" src="/cz/PublishingImages/aec-people/martin-fojtík-2019-01.png" data-themekey="#" style="margin:5px;width:75px;" />
</td><td width="250" align="left" valign="top"><p>
<strong style="color:#6773b6;">
<span style="color:#6773b6;">Martin Fojtík</span></strong><br>Security Specialist<br>martin.fojtik[@]aec.cz </p></td></tr></tbody></table></div> | | | | |
| AEC experts intervened in hospitals paralyzed by cyberattacks | | https://www.aec.cz/en/news/Pages/aec-experts-intervened-in-hospitals-paralyzed-by-cyberattacks.aspx | AEC experts intervened in hospitals paralyzed by cyberattacks | <p style="text-align:justify;"><strong>Computer systems in medical facilities in Brno and in Kosmonosy paralyzed by recent phishing and security attacks were restored with the help provided by AEC. Specialists working for the leading cyber security provider designed recovery procedures for the internal infrastructure of the compromised systems and recommended steps leading to a significant streamlining and acceleration of the recovery process.</strong></p><p style="text-align:justify;">Experts from AEC were called to the University Hospital in Brno immediately on the day following the detection of the incident. It was a typical phishing attack. Attackers from an organized international group used an infected message to attack the system. When the message was opened, the ransomware started spreading and encrypting individual workstations, servers etc., which resulted in the paralysis of the entire IT infrastructure.</p><p style="text-align:justify;">
<img alt="Matej Kačic" src="/cz/PublishingImages/aec-people/matej-kacic-2016-02.jpg" data-themekey="#" style="margin:5px;width:94px;float:left;" />„<em>“AEC was providing assistance under its mandate as a professional supervisor and adviser, the scope of which is, in this case, influenced by many factors, namely the ones set by the law,”</em> noted Matej Kačic, Head of Security Technologies Division in AEC and he specified it some more:
<em>“Our task was to analyse the situation and to check whether the measures taken for the immediate rehabilitation of the system are correct from the safety and best practices point of view. Based on the findings, we then recommended how to streamline and speed up the individual procedures.”</em></p><p style="text-align:justify;">The hospital responded to the incident with immediate shut down of all stations and contacted the National Cyber and Information Security Agency. Upon arrival, agency experts fully disconnected one part of the network infrastructure and began working on forensic analyses. Summoned AEC specialists collaborated on the rescue and recovery of data in Brno with colleagues from their sister company AUTOCONT, which, the same as AEC, is a member of the ICT holding Aricoma Group.</p><p style="text-align:justify;">In reaction to the cyberattack at the University Hospital in Brno, the CyberSecurity Action Committee of the Ministry of Health was established.
<em>"We at AEC immediately joined this programme, offering our professional services in areas such as forensic analysis, penetration testing, or protection against APT attacks and phishing campaigns,"</em> said Matej Kačic. Only a few days had passed since the establishment of the Action Committee, and the entire team, including the AEC experts, was on alert again. Yet another attack was lead on the computer network of a medical facility, this time at the Psychiatric Hospital in Kosmonosy near Mladá Boleslav.</p><p style="text-align:justify;">According to Matej Kačic, the Head of Security Technologies Division in AEC, the majority of Czech health care facilities suffer from deficiencies in preventive measures, which lowers their security. The use of flat infrastructure networks allowing the rapid spread of malware is quite typical, as well as incorrectly set up key processes, such as incorrect use of privileged administrator accounts. The consequences of an attack on this type of facility can be fatal.</p><h1>Media coverage</h1><table class="ms-rteTable-default" cellspacing="0" style="width:100%;"><tbody><tr class="ms-rteTableHeaderRow-default"><th class="ms-rteTableHeaderFirstCol-default" rowspan="1" colspan="1" style="width:50%;"><p>Source</p></th><th class="ms-rteTableHeaderLastCol-default" rowspan="1" colspan="1" style="width:50%;"><p>URL</p></th></tr><tr class="ms-rteTableOddRow-default"><th class="ms-rteTableFirstCol-default" rowspan="1" colspan="1" style="width:50%;"><p>
<strong>Economia</strong></p></th><th class="ms-rteTableLastCol-default" rowspan="1" colspan="1" style="width:50%;"><p><a href="https://archiv.ihned.cz/c1-66762100-nemocnice-ochromily-kyberneticke-utoky">https://archiv.ihned.cz/c1-66762100-nemocnice-ochromily-kyberneticke-utoky</a></p></th></tr><tr class="ms-rteTableEvenRow-default"><td class="ms-rteTableFirstCol-default"><p>
<strong>Seznam news</strong></p></td><td class="ms-rteTableLastCol-default"><p><a href="https://www.seznamzpravy.cz/clanek/muz-ktery-stoji-proti-utocnikum-na-nemocnice-nebyl-jen-jeden-107958">https://www.seznamzpravy.cz/clanek/muz-ktery-stoji-proti-utocnikum-na-nemocnice-nebyl-jen-jeden-107958</a></p></td></tr><tr class="ms-rteTableOddRow-default"><td class="ms-rteTableFirstCol-default"><p>
<strong>Czech Radio</strong></p></td><td class="ms-rteTableLastCol-default"><p><a href="https://vysocina.rozhlas.cz/zakladem-ochrany-pocitacu-a-siti-pred-utoky-hackeru-je-zodpovedny-uzivatel-8234205">https://vysocina.rozhlas.cz/zakladem-ochrany-pocitacu-a-siti-pred-utoky-hackeru-je-zodpovedny-uzivatel-8234205</a></p></td></tr><tr class="ms-rteTableEvenRow-default"><td class="ms-rteTableFirstCol-default"><p>
<strong>Letter of thanks of the Ministry of health of the Czech republic</strong></p></td><td class="ms-rteTableLastCol-default"><p>
<a href="https://www.facebook.com/informacni.bezpecnost/posts/1729202290554802">https://www.facebook.com/informacni.bezpecnost/posts/1729202290554802</a></p></td></tr><tr class="ms-rteTableFooterRow-default"><td class="ms-rteTableFooterFirstCol-default"><p>
<strong>Our webinar</strong></p></td><td class="ms-rteTableFooterLastCol-default"><p><a href="https://www.youtube.com/watch?v=25wR3GuuUsE">https://www.youtube.com/watch?v=25wR3GuuUsE</a></p></td></tr></tbody></table>
<br>
<p style="text-align:justify;">
<img alt="Karel John" src="/cz/PublishingImages/aec-people/karel-john-2019-01.jpg" data-themekey="#" style="margin:5px;width:94px;height:125px;float:right;" /> “Situations such as the attacks on the University Hospital in Brno and the Psychiatric Hospital in Kosmonosy can be prevented, not only by training employees in cybersecurity awareness, but also by introducing continuous expert supervision and monitoring,” emphasized Karel John, Head of <strong><a href="/en/products-and-services/Pages/cdc.aspx" target="_blank">Cyber Defense Center in AEC</a></strong>. The next necessary step, according to him, is the correct backup of data: <em>"It is no exception that in the event of a major incident, all backups of the infected system may be completely deleted or encrypted, therefore they can no longer be restored to their original state."</em></p><p style="text-align:justify;">In the case of the attacked hospitals, the restoration of operation on all workstations is difficult and takes weeks. Thanks to the findings and recommendations provided by the staff from AEC and other teams, the most important systems of the affected infrastructures were able to start operating in relatively short time, which was recognized by Tomáš Bezouška, Cybersecurity Manager of the Ministry of Health of the Czech Republic:
<em>“Great job! I would like to thank AEC for their generous help with removing the consequences of the cyberattack on the Psychiatric Hospital in Kosmonosy.”</em></p> | | | | |
| Employee Without IT Security Awareness Can Unleash Hell on the Company | | https://www.aec.cz/en/news/Pages/employee-without-it-security-awareness-can-unleash-hell-on-the-company.aspx | Employee Without IT Security Awareness Can Unleash Hell on the Company | <p><strong>Carelessness, slackness and poor knowledge demonstrated by employees are the most common causes of data leaks from company systems.</strong> <strong>Human factor is responsible for nine out of ten cases of all security incidents in cyberspace. Therefore, education in the field of IT security presents today a significant benefit not only for the further advancement of employee's career, but in the first place, for the company itself. AEC, a leading cybersecurity provider, comes through its AEC Security Academy with an affordable, sophisticated and effective employee training system.</strong></p><p>Affected institutions and companies usually have two things in common. A solid and costly security system with multi-level protection of their IT environment on the one hand, and employees with only slight knowledge on the other. Statistics show that up to 94% of all malware compromises are delivered through phishing. An inconspicuous e-mail, looking all trustworthy and urgent, appears in some employee's mailbox among new messages. All future operations in the company now depend on the correct reaction of a single person.</p><p><img src="/cz/PublishingImages/aec-people/maros-barabas-2019-01.jpg" data-themekey="#" alt="" style="margin:5px;width:190px;vertical-align:middle;float:left;" />"<em>An employee without sufficient awareness of cyberspace threats has no idea whatsoever, what a single reckless decision or omission can unleash. Cyberattack may totally paralyze the whole company,</em>" says Maroš Barabas, AEC Head of Product Management.</p><p>The solution to this situation is in fact neither complicated, nor expensive. It lies in an efficient employee training – a benefit with great added value for everyone involved. For an informed employee, it opens the door to future professional growth, and at the same time, it is a great asset for the enterprise itself. More importantly, the company is well protected as a result. It is also true, that a training is incomparably cheaper for the employer than providing other employee benefits, such as meal vouchers, insurance contributions or company cars.</p><p>E-learning, especially short and densely instructive video tutorials, has proven to be the perfect tool for educating employees on the topic of IT security. At present, AEC Security Academy offers 10 educational e-learning courses. Among the topics are mobile devices security, deletion of data, data on USB flash drives, passwords, safe behaviour in online networks, secure e-mail, or employees' reaction in course of an incident. Up-to-date and clearly arranged videos are available online, i.e. easily accessible at any time.</p><p>"<em>Each of our training procedures is aimed at making IT security an integral part of the company. Employees should take it for granted that they are the ones providing the crucial protection. We aim to incorporate this approach into their corporate culture so that it becomes completely automated,</em>" says Maroš Barabas.</p><p>It would be a mistake to assume that after people learn some elemental knowledge through e-learning, they are done once and for all. Over time, the information they learned has to be repeated and updated. </p><p>The best way to do it is by thematically centred newsletters, posters, games, infographics, competitions, various motivational challenges and, above all, experiences. When people link some information with emotions, they keep it in their heads much longer.</p><p>This is one of the reasons why AEC offers testing of the employees who have been trained as part of these courses. It takes place in the form of a sent out e-mail containing a tailor-made, completely harmless malware. All employees who open this "harmful" message, are automatically directed to further e-learning, to work on their vigilance and knowledge. Based on the testing results, AEC provides the rankings listing all participants' success, according to which the company can reward its people.</p><p>AEC Security Academy offers its trainings in Czech, Slovak and English as a turnkey delivery. This means, among other things, that the company has full control over the whole training procedure. Individual courses are always assigned by the company manager in charge. He is the one who, based on the resource materials provided and his knowledge of the corporate environment, defines the educational plan for the company, distributes the courses to the appropriate employees and divides them into batches.</p><p>As Maroš Barabas points out: "<em>The system of our courses is designed to be as accessible as possible and as efficient as possible at the same time. All materials, including relevant infographics, are prepared in accordance with the corporate culture familiar to the employees. Even the testing is provided as a tailor-made service and, if the company is interested, we provide the tools enabling them to do it on their own.</em>"</p><p>Although humans are oftentimes the weakest link in the protection of IT environment in a company, the cause of their failure is usually not lack of interest, but little knowledge. The whole point of the courses and other educational tools offered by AEC is to support those facing the dangers on the front line as effectively as possible, while on top of this, they can relatively simply, but fundamentally, protect their company from a possible disaster.</p><p style="text-align:right;"> </p> | | | | |
| Teach your employees how to work safely from home, we will give you a free course | | https://www.aec.cz/en/news/Pages/teach-your-employees-how-to-work-safely-from-home-we-will-give-you-a-free-course.aspx | Teach your employees how to work safely from home, we will give you a free course | <p>While working from home employees access company data remotely using private or corporate devices. Apart from working in quarantine, they are also searching for various forms of distraction on the Internet. Whether they are downloading music, movies or just clicking on fake links with COVID-19, they represent threat to the employers' networks.</p><p>What is safe when you work remotely and what is the risk? Can one innocent download of an attachment from an e-mail compromise your company's security infrastructure?</p><p>We will answer these and other questions through our entertaining Security Academy e-learning platform. One of whose parts you can now check for free in a form of a video.</p><p>You can also download a free PDF file as well as presentation about safe work at:
<a href="https://edu.aec.cz/pages/home">
<span lang="EN-US" style="text-decoration:underline;">https://edu.aec.cz/pages/home</span></a>.</p><center>
<iframe width="560" height="315" src="https://www.youtube.com/embed/Kx0_4EGA4aQ" frameborder="0"></iframe></center><p> </p> | | | | |
| Security, the conference on cybersecurity, is changing its date | | https://www.aec.cz/en/news/Pages/security-the-conference-on-cybersecurity-is-changing-its-date.aspx | Security, the conference on cybersecurity, is changing its date | <strong>The conference Security 2020 will not take place as announced, i.e. from March 11th to 12th. Its organizers endeavour to prevent the risks associated with holding such a major international event at the time of acute spreading of the coronavirus infection. At present, AEC is intensively working on the negotiation of a substitute date, with September 2020 looking as the most probable. Agenda of the conference remains unchanged, all already purchased tickets remain valid and the new date will be specified well in advance.</strong><br><br>The organizer's decision to postpone the date of this largest independent domestic cybersecurity event was preceded by careful consideration of all circumstances and by repeated consultations with the event participants, partners and the responsible officials from the Ministry of Health of the Czech Republic.<br><br>It is easy to understand that companies are trying to protect their people and in the current situation, they are not recommending their participation in major events, with an international outreach on top of that. In addition, in case of the Security conference, these measures apply not only to the participants themselves, but also to the speakers.<br><br>"31 Czech and international speakers were scheduled to present at the conference," said Igor Čech, AEC Marketing Manager, and added: "The number of people who had to ask us for cancellation of their participation was continually growing. In past few days, these included four of the speakers and many dozen attendees."<br><br>For more than a week, the people from AEC company in charge of the event had been working with emergency plans in case a need would arise to radically change the way the conference was organized. They nimbly provided the necessary technology and equipment for potential telecasting transmission and started interacting with all interested parties.<br><br>More than 600 attendees attend the Security conference every year, and it turned out that many of them see this event as an opportunity to engage in meetings, exchange of experience and networking. A telecasting solution would deprive the conference exactly of this important aspect.<br><br>Behind the decision of the AEC crisis team to change the date of the 28th conference notwithstanding all logistic and other complications are both the aim to minimize the current risks associated with the spread of coronavirus infection, as well as their effort to maintain the unique character of one of the most interesting domestic get-togethers of IT professionals.<br><br>"Over the past few hours, I have been talking to many representatives from the participating companies. All of them regretted what is happening at the moment and at the same time, each of them appreciated our final decision to find a substitute date for the conference," said Igor Čech.<br><br>According to him, all agreed that both the speakers, as well as this year's main topics, i.e. Real-life security incidents and Cloud Security, are way too attractive for the conference Security 2020 to be done with by some halfway compromise solution.<br><br> | | | | |
| Vulnerability in Cisco Discovery Protocol | | https://www.aec.cz/en/news/Pages/vulnerability-in-cisco-discovery-protocol.aspx | Vulnerability in Cisco Discovery Protocol | <p style="text-align:center;">
<img src="/cz/PublishingImages/news/2020/cisco-discovery-protocol-vulnerability.png" data-themekey="#" alt="" style="margin:5px;width:650px;" />
</p><p>We would like to inform our customers about several
<strong style="color:#6773b6;"><span style="color:#6773b6;">critical vulnerabilities in Cisco Discovery Protocol</span></strong>, which an
<strong style="color:#6773b6;"><span style="color:#6773b6;">unauthorized attacker</span></strong> attacker can misuse to perform either a
<strong style="color:#6773b6;"><span style="color:#6773b6;">Remote Code Execution</span></strong> or a
<strong style="color:#6773b6;"><span style="color:#6773b6;">Denial of Service</span></strong> type of attack. There are five of these vulnerabilities rated from
<strong style="color:#6773b6;"><span style="color:#6773b6;">CVSS 7,4 až 8,8</span></strong>. You can see an identifier for each of the vulnerabilities including their CVSSv3 rating below.</p><table width="175" class="ms-rteTable-default" cellspacing="0" style="height:33px;"><tbody><tr><td class="ms-rteTable-default">CVE-2020-3120</td><td class="ms-rteTable-default">7,4</td></tr><tr><td class="ms-rteTable-default">CVE-2020-3119</td><td class="ms-rteTable-default">8,8</td></tr><tr><td class="ms-rteTable-default">CVE-2020-3118</td><td class="ms-rteTable-default">8,8</td></tr><tr><td class="ms-rteTable-default">CVE-2020-3111</td><td class="ms-rteTable-default">8,8</td></tr><tr><td class="ms-rteTable-default">CVE-2020-3110</td><td class="ms-rteTable-default">8,8</td></tr></tbody></table><p> Using specially created packets sent to a vulnerable device, an unauthenticated attacker can exploit the vulnerability and thus can achieve a remote code execution or denial of service. Since CDP is a protocol operating on the L2 level, this is the case when the attacker must be on the same broadcast domain as the vulnerable device (typically a guest Wi-Fi network). Examples of vulnerable devices are some routers, switches, IP phones, and IP cameras using the CDP protocol. A complete list of devices for each individual vulnerability can be found on the Cisco website in the Security Advisory section or by following the link listed at
<a href="https://kb.cert.org/vuls/id/261385/" target="_blank">https://kb.cert.org/vuls/id/261385/</a>. </p><p>
<strong style="color:#6773b6;"><span style="color:#6773b6;">Cisco Discovery Protocol is allowed in default settings on</span></strong> some of the Cisco devices, for example routers with Cisco IOS XR. </p><p>Cisco issued a
<strong style="color:#6773b6;">
<span style="color:#6773b6;">security patch</span></strong> patch for the majority of vulnerable devices, or alternatively, a workaround can be used, as defined in the appropriate Security Advisory section.</p><p>To find out which systems in your network are vulnerable, we recommend
<strong style="color:#6773b6;">
<span style="color:#6773b6;">executing a control scan for resistance against these vulnerabilities using the Tenable tools</span></strong> – the Advanced Scan policy can be used, and the systems can be scanned for these specific vulnerabilities only. You can find the plug-ins detecting these vulnerabilities
<a href="https://www.tenable.com/plugins/search?q=cves:%28%22CVE-2020-3110%22%20OR%20%20%22CVE-2020-3111%22%20OR%20%20%22CVE-2020-3118%22%20OR%20%20%22CVE-2020-3119%22%20OR%20%20%22CVE-2020-3120%22%29&sort=&page=1" target="_blank">here</a>. We further recommend
<strong style="color:#6773b6;">
<span style="color:#6773b6;">banning the CDP protocol</span></strong> on all your devices and
<strong style="color:#6773b6;">
<span style="color:#6773b6;">performing a configuration audit and network components hardening</span></strong>. </p><p>Information sources:<br><a href="https://www.armis.com/cdpwn/" target="_blank">https://www.armis.com/cdpwn/</a><br><a href="https://kb.cert.org/vuls/id/261385/" target="_blank">https://kb.cert.org/vuls/id/261385/</a><br><a href="https://tools.cisco.com/security/center/publicationListing.x" target="_blank">https://tools.cisco.com/security/center/publicationListing.x</a><br><a href="https://www.tenable.com/blog/cdpwn-cisco-discovery-protocol-vulnerabilities-disclosed-by-researchers" target="_blank">https://www.tenable.com/blog/cdpwn-cisco-discovery-protocol-vulnerabilities-disclosed-by-researchers</a></p><p> </p><h3>Contact:</h3><div align="left"><table width="300"><tbody><tr><td width="70" align="center" valign="middle">
<img alt="David Pecl, AEC" src="/cz/PublishingImages/aec-people/david-pecl-2018-02.jpg" data-themekey="#" style="margin:5px;width:68px;height:90px;" />
</td><td width="190" align="left" valign="top">
<strong style="color:#6773b6;"><span style="color:#6773b6;">David Pecl</span></strong><br>Senior Security Specialist<br>AEC a.s.<br><span style="color:#6773b6;"><br>david.pecl</span>[<span style="color:#6773b6;">@</span>]<span style="color:#6773b6;">aec.cz</span></td></tr></tbody></table></div> | | | | |
| End of Support for the TLS 1.0 and TLS 1.1 Protocols | | https://www.aec.cz/en/news/Pages/end-of-support-for-the-TLS-1.0-and-1.1-protocols.aspx | End of Support for the TLS 1.0 and TLS 1.1 Protocols | <p>For quite some time now, we have been seeing gradual withdrawal from TLS 1.0 and TLS 1.1. During the celebration of the protocol's 20th anniversary, Microsoft, Google, Mozilla, and Apple announced their intention to <strong>stop supporting</strong> TLS1.0 and TLS 1.1 for the Edge, Chrome, Firefox, and Safari browsers <strong>in the first quarter of 2020</strong>. Naturally, end of support has not been announced only by the companies developing web browsers, but by others as well. These include for example Cisco, which announced the end of support for older TLS versions as of March 31, 2020.</p><p>The first version of the TLS (Transport Layer Security) protocol was introduced to the world in 1999, as the successor to the SSL protocol from 1996. At present, the most advanced version is TLS 1.3, the previous two being susceptible to great variety of attacks, such as BEAST or POODLE. One of the most important uses of TLS is its "connection" with http, giving us (simply put) https as a result.</p><p>The most commonly used version of TLS today is TLS 1.2 (see below). The main differences when compared to the older versions include, for example, MD5 / SHA1 in PRF replaced by SHA-256 or support of authenticated encryption for data modes. The third version of TLS is nothing new on this planet, its launch took place way back in 2008.</p><p>In 2018, Google made an announcement that only 0.5% of all HTTPS connections to the Chrome browser was established using the TLS 1.0 or TLS 1.1 protocol. In 2020, this ratio further decreased to 0.3%. Based on the data from August to September 2018, Mozilla could boast of 1.11% for TLS 1.0 and 0.09% for TLS 1.1. However, for the period of January to February 2020, we are getting as low as 0.26% for TLS 1.0 and 0.01% for TLS 1.1.</p><p><br> <img class="fullWidthImage" alt="TLS 1.0 a 1.1" src="/cz/PublishingImages/news/2020/aec-tls-graf.jpg" data-themekey="#" style="margin:5px;" /> </p>
<p><strong>The above-mentioned declining ratios show that both protocols are being abandoned and their newer version dominate in vast majority of cases.</strong></p><p>However, in case a server is still supporting the said protocols, this fact can be exploited by an attacker who can use them instead of the newer versions. Therefore, disabling old protocols on the server is recommended, which may however prevent some browsers from connecting. This behaviour can be tested for example by a ssltest (<a href="https://www.ssllabs.com/ssltest/"><span lang="EN-GB" style="text-decoration:underline;">https://www.ssllabs.com/ssltest/</span></a>). <strong>Note that none of the modern browsers require an old TLS version.</strong></p><p>Administrators had a relatively long time to make the switch. However, if they have loitered until now, they have about a month to remedy this situation. Otherwise, starting from March, they would have to prepare for potential impacts, such the sites they are operating being unavailable.</p><p>Our recommendation is thus simple: check the TLS version on your servers as soon as possible and if needed, switch to a newer one. This said, we at AEC will of course be happy to assist you with the status analysis and risk mitigation.</p><p> <br></p><div align="right"><table style="width:320px;"><tbody><tr><td align="center" valign="middle" style="width:72px;">
<img alt="David Pecl" src="/cz/PublishingImages/aec-people/jakub-rubas-2018-02.jpg" data-themekey="#" style="margin:5px;width:75px;" />
</td><td width="250" align="left" valign="top"><p>
<strong style="color:#6773b6;">
<span style="color:#6773b6;">Jakub Rubáš</span></strong><br>Security Specialist</p><p>
<strong style="color:#6773b6;">
<span style="color:#6773b6;">AEC a.s.</span></strong><br>Security Technologies Division</p></td></tr></tbody></table></div> | | | | |
| We are testing the resistance of corporate systems to cyber-attacks in real life | | https://www.aec.cz/en/news/Pages/we-are-testing-the-resistance-of-corporate-systems-to-cyber-attacks-in-real-life.aspx | We are testing the resistance of corporate systems to cyber-attacks in real life | <p><strong><strong>We offers a service providing the testing of how the companies are resistant to ransomware attacks. This is the leading cyber security provider's response to the growing interest of the local businessmen and institutions in protection of their systems. This screening includes the current situation analysis together with a system resilience test, and a final report including recommendation of appropriate solutions.</strong></strong></p><p>We offer two packages:</p><blockquote dir="ltr" style="margin-right:0px;"><p>The first one includes a high-level audit of architecture, processes and real-life verification whether the company infrastructure is resistant to ransomware or not.</p><p>The other one consists of a three-month anti-phishing programme focusing on checking the employees' response to suspicious e-mails and a recommendation of further actions regarding their education, including the possibility of direct training using the AEC Security Academy product.</p></blockquote><p>Our <strong>Hacking Lab</strong>, a hub for our ethical hackers, which has been recently established as part of the Security Assessment Division at AEC, has been intensively involved in <a href="/en/news/Pages/test-yor-companys-immunity-against-ransomware-attack.aspx"><strong>detecting the corporate systems vulnerabilities to ransomware attacks</strong></a> as part of the rendered services. Hacking Lab experts are determining the level of security of the most state-of-the-art technologies available on the market by hacking them on purpose and searching for all their weaknesses.</p><p>"Testing the resistance of a corporate system includes endpoint security analysis and network infrastructure security analysis, " outlined <strong>Lukáš Bláha</strong>, Head of Hacking Lab. "As a follow-up activity, we check their actual condition in real-life by sending malicious software samples to a selected isolated computer while observing at which level are the existing technologies capable to detect or even to stop the attack, and thus to protect the company from becoming infected."</p><p>Then comes a turn for checks using specialized tools from various security technology manufacturers, and finally, proposal of recommendations regarding what needs to be improved sorted according to the cost-benefit scores. Meaning a list of what should be done as quickly as possible in order to bring the maximum effect for the company at the given time.</p><p>"We are aware that especially in the smaller companies the pressure for cost-efficiency of the provided technologies and services is quite high. Therefore, every time and for each one of them, we prepare a solution that will increase their security immediately, with a maximum possible effect, and for an affordable price," said the head of Hacking Lab.</p><p>According to Lukáš Bláha, attackers are becoming more and more interested in the Czech Republic and Slovakia, as shown by the attacks on the banking sector and the public institutions at the end of 2019. Phishing attacks are becoming increasingly sophisticated, and recognizing a fraudulent e-mail is getting harder and harder. All this while the truth is that the most common way the malicious software enters the corporate system is through a fraudulent e-mail.</p><p>"Phishing attacks are counting on the fact that human factor is usually the weakest link in the entire security system. And that is why we are telling the companies why and how to educate their staff in order to be able to recognize fraudulent e-mails and respond to them correctly. An educated and watchful user is actually the most basic and efficient way to protect the company data," concludes Lukáš Bláha the interview.</p><p style="text-align:center;"><a href="/cz/Documents/Files/2020/AEC_Phishing-LITE_ENG.pdf"><img src="/cz/PublishingImages/news/2020/AEC_Phishing-LITE_ENG.png" data-themekey="#" alt="" style="margin:5px;width:250px;height:353px;" /></a> </p> | | | | |
| Czech financial institutions were facing cyberattacks. Fatal damage was prevented by CDC experts | | https://www.aec.cz/en/news/Pages/czech-financial-institutions-were-facing-cyberattacks-fatal-damage-was-prevented-by-cdc-experts.aspx | Czech financial institutions were facing cyberattacks. Fatal damage was prevented by CDC experts | <p>
<strong><strong>AEC Cyber Defense Center successfully eliminated phishing attacks on Czech financial institutions lead by hacking groups Cobalt Group and TA505. Our specialized cyber defence centre has been providing comprehensive, efficient, and at the same time affordable outsourcing services to large, medium, as well as small companies.</strong></strong></p><p>At the end of last year, our Cyber Defense Center (CDC)<strong> </strong>managed to detect and stop execution of several sophisticated attacks aimed at gaining access to accounts of the invaded local financial institutions and siphoning off the finances deposited there. </p><p>The centre subsequently provided reports on the attacks including the detailed indicators of compromise (IOCs) not only to the AEC clients and customers, but to other companies as well. "Usually, we offer these services exclusively to our clients. The reason for this exception was that any attack by hackers from the Cobalt Group, or TA505, respectively, could be fatal for the unprotected companies, " said Tomáš Filip, Head of CDC.</p><p>The companies' representatives acknowledged the decision and willingness of CDC to share the acquired data with deep gratitude and appreciated both the readiness and quality of the work done by the experts from the centre, as well as the provided reports as highly informative.</p><p>"In case of the hackers called Cobalt Group, the attack was executed by abusing accounts belonging to a local telephone operating company. These accounts were used for sending credible messages looking as a reminder for the payment of a fictitious invoice and after it was opened, the attacker was able to gain control of the infected computer and spread further over its network," stated Tomáš Filip.</p><p>
<img src="/cz/PublishingImages/news/2020/20200125-cdc-event.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" />
</p><p>The attacked institution strived to solve the problem on its own but was getting itself into an increasingly arduous situation. At a critical moment, it asked CDC for help. It took less than two hours for the called up expert to uncover the attack and to identify the attacker. After implementing the appropriate tool, the CDC staff took over the activity, began to control every single attacker's step and in the end, eliminated all his efforts.</p><p>According to Tomáš Filip, the amount and intensity of the currently detected attacks is bad news for the local companies: "Incidents multiply by order, therefore, it is evident that the Czech Republic and the companies operating here have already become extraordinarily interesting and completely regular targets for these groups. And this was not the case, until recently." </p><p>According to him the problem lies in the fact that while the severity and increasing number of cyberattacks are fundamentally changing the environment in the Czech Republic, companies are still trying to brave the dangers with their own limited forces.</p><p>"Prevention in the form of active expert supervision is definitely worth the costs for the companies today. This way, the certainty that an attack shall be fended off right in the beginning is the greatest," pointed out Tomáš Filip, while adding that this was the exact scenario in case of the TA505 hacking group's attack on the client. He also added: "But by counting on the fact that you will be able to find a top-class expert on the market available to immediately dedicate his time to your company in the moment of dire straits, you are taking a great risk – either of failure, or that it will take longer than you can afford at such a critical moment." </p><p>CDC started to operate about half year ago as a competence centre in AEC, a company firmly established on the market. It aims to provide its clients with cyber protection by monitoring their system and real-time responses to any potential incidents. Over this time, the centre has managed to avert a number of attacks led on an increasing number of its clients as well as on the companies that became customers of the centre only after they were forced to make this decision due to circumstances.</p><p>"The key fact is that the highly efficient services provided by CDC are available at a reasonable price to everyone regardless of their situation, also due to its direct connection to the capacities provided by three divisions of the parent company AEC. The main advantage for our clients is that as soon as we spot any issue at one of our customers, we begin an intensive watch over everybody else with help of all available tools and data, be it current or acquired in the past," concluded Tomáš Filip, Head of CDC.</p><h2>CDC reporty Cobalt Group a TA505</h2><center><table width="90%" class="ms-rteTable-default" border="0" cellspacing="0"><tbody><tr><td class="ms-rteTable-default" style="width:50%;text-align:center;"><a href="/cz/Documents/Files/CDC-Report-20191205-Cobalt.pdf" target="_blank"><img src="/cz/PublishingImages/news/2020/CDC-Report-20191205-Cobalt-small.jpg" data-themekey="#" alt="" style="margin:5px;width:250px;height:353px;" /></a></td><td class="ms-rteTable-default" style="width:50%;text-align:center;"><a href="/cz/Documents/Files/CDC-Report-20191211-TA505.pdf" target="_blank"><img src="/cz/PublishingImages/news/2020/CDC-Report-20191211-TA505-small.jpg" data-themekey="#" alt="" style="margin:5px;width:250px;height:353px;" /></a></td></tr></tbody></table></center><p> </p> | | | | |
| Test your company’s immunity against ransomware attack | | https://www.aec.cz/en/news/Pages/test-yor-companys-immunity-against-ransomware-attack.aspx | Test your company’s immunity against ransomware attack | <p>Massive ransomware attacks targeting businesses are happening all around the world. On average, every Czech company faces 640 attacks per week! Avoid becoming one of the victims and minimize the risks!<br></p><p><strong>
<br></strong> </p><h2><strong>Our services include: </strong></h2><ul><li>High-level audit of the network architecture, endpoint security, and back-up processes.</li><li>Verification of the true state of your endpoint security as well as the security of the web and e-mail channels by sending ransomware samples.</li><li>Checks using specialized security tools.</li><li><p>Final report including proposed recommendations.<br><br></p></li></ul><p>
<br>Contatc us for set up and activation.</p><div class="ms-rtestate-read ms-rte-wpbox"><div class="ms-rtestate-notify ms-rtestate-read 58852461-2f1a-4e6f-b711-d06c2b29871e" id="div_58852461-2f1a-4e6f-b711-d06c2b29871e" unselectable="on"></div><div id="vid_58852461-2f1a-4e6f-b711-d06c2b29871e" unselectable="on" style="display:none;"></div></div> | | | | |
| KKCG Launches Aricoma – Biggest Czech ICT Holding | | https://www.aec.cz/en/news/Pages/kkcg-launches-aricoma-biggest-czech-ict-holding.aspx | KKCG Launches Aricoma – Biggest Czech ICT Holding | <p>
<strong>The Aricoma Group, the biggest ICT holding in the Czech Republic, was introduced today by representatives of the KKCG investment group owned by entrepreneur Karel Komárek. Inspired by a mountain in the Peruvian Andes, Aricoma's name and logo stand for strength, ambition and power. The members of Aricoma Group include AUTOCONT, Cleverlance, CAD Studio, DataSpring and AEC. </strong></p><p>The establishment of the Aricoma holding is another step in the fulfillment of KKCG's plan to build a strong pan-European provider of ICT services. KKCG's overall business strategy aims to diversify risks and to promote both organic and inorganic growth in the gaming, information technology, energy, tourism and real estate sectors. Because ICT has become one of the most important pillars of the group's business in recent years, KKCG has now decided to bring together selected technology firms, which mainly specialize in solutions and services for the corporate sector, under the Aricoma Group. The portfolios of Aricoma companies cover the entire range of ICT services, from IT architecture design, infrastructure and cloud services, and the implementation of enterprise management applications, to the development of comprehensive proprietary software solutions and outsourcing. In addition, cybersecurity issues are the common denominator of all of the group's services. Aricoma has nearly two thousand employees, and it saw revenues last year in excess of 6.75 billion crowns.</p><p style="text-align:center;">
<img src="/cz/PublishingImages/news/2019/Aricoma-logo-edit.jpg" data-themekey="#" alt="" style="margin:5px;" />
</p><p>"When we entered information technologies in 2009, we knew that it was a high-potential business sector. Since then, our expectations have been more than fulfilled year after year," says Michal Tománek, KKCG's Investment Director responsible for ICT. According to Tománek, ICT currently offers excellent investment opportunities, mainly thanks to the globally growing complexity of ICT solutions and the consequent rise in demand for ICT services. In addition, ICT development is driven by the demise of traditional business models and the emergence of new approaches that rely on online interaction with clients. The growing ICT market and a lack of qualified experts provides an opportunity to offer top-quality services to companies that wish to move away from handling IT internally and seek outsourcing solutions. "In our opinion, the future lies in the ability to find excellent workers both at home and abroad, as well as in knowing how to retain the best of them. This alone will allow us to offer our customers sufficiently large and qualified professional teams," explains Tománek. </p><p>"The Aricoma Group is now facing two main tasks. The first consists of consolidating KKCG's activities and making them more visible on the Czech and Slovak IT markets, where we want to be the biggest provider of ICT services for the corporate sector. The Aricoma Group's main role is to be an umbrella brand, presenting the group externally, while promoting cooperation among the group's individual members, which will continue to operate independently under their own brands," comments CEO Milan Sameš, elaborating on Aricoma's vision, adding, "The other challenge the Aricoma Group faces is to become a platform for the Europe-wide expansion of KKCG's operations, because our ambition is to become a leading pan-European provider of ICT services. Our big advantage is the availability of equity that is not restricted by a fixed investment horizon. In other words, we have the time to choose the very best opportunities, to invest into them, and to develop them in a prosperous manner." According to Sameš, another strategic advantage is the global dimension of KKCG's business, as the group is currently active on markets that provide the highest growth potential.</p><p> "We believe that if Aricoma becomes a strong international provider of ICT services, it will prevent domestic IT experts and talents from seeking opportunities in other countries, which will, in turn, be conducive to the creation of innovative products and services in the Czech Republic. We want to expand in IT in the same way we have done over the past seven years in the gaming industry, where the SAZKA Group is now the biggest lottery group in Europe," adds Tománek.</p><table width="100%" class="ms-rteTable-default" cellspacing="0"><tbody><tr class="ms-rteTableEvenRow-default"><td class="ms-rteTableEvenCol-default" bgcolor="#6773b6" rowspan="1" colspan="1" style="width:50%;">
<span style="color:#ffffff;"><strong>Company</strong></span></td><td class="ms-rteTableOddCol-default" bgcolor="#6773b6" rowspan="1" colspan="1" style="width:50%;">
<span style="color:#ffffff;"><strong>Revenues in 2018</strong></span></td></tr><tr class="ms-rteTableOddRow-default"><td class="ms-rteTableEvenCol-default">DataSpring</td><td class="ms-rteTableOddCol-default">CZK 110 million</td></tr><tr class="ms-rteTableEvenRow-default"><td class="ms-rteTableEvenCol-default">Cleverlance a AEC</td><td class="ms-rteTableOddCol-default">CZK 1,112 million </td></tr><tr class="ms-rteTableOddRow-default"><td class="ms-rteTableEvenCol-default">AUTOCONT a CAD Studio</td><td class="ms-rteTableOddCol-default">CZK 5,532 million</td></tr><tr class="ms-rteTableEvenRow-default"><td class="ms-rteTableEvenCol-default">Total</td><td class="ms-rteTableOddCol-default">CZK 6,752 million</td></tr></tbody></table>
<p>
<br>KKCG is an international investment group managing more than EUR 6 billion in book value of assets and employing about 6,000 employees. KKCG holds stakes in such corporations as MND Group, SAZKA Group, Aricoma Group, US Methanol, FISCHER Group, Conectart, SafeDX, Springtide Ventures, and others. KKCG operates in 18 countries worldwide.</p><p> </p><center>
<iframe width="560" height="315" src="https://www.youtube.com/embed/7V94KjsmJNE" frameborder="0"></iframe></center><p> </p> | | | | |
| AEC receives Cyber Security Award | | https://www.aec.cz/en/news/Pages/aec-receives-cyber-security-award.aspx | AEC receives Cyber Security Award | <p>AEC has received the Cyber Security Award 2019 from the Acquisition International Committee in the categories of Most Innovative Cyber Security Providers and Ethical Hacking Specialists of the Year. The Committee experts examined one year of their work and were evaluating the data collected for over three months. Only projects that actually had something to offer could thus pass through the imaginary sieve.<br></p><p><img src="/cz/PublishingImages/aec-people/maros-barabas-2016-02.jpg" data-themekey="#" alt="" style="margin:5px;width:113px;vertical-align:auto;float:left;" />The Most Innovative Cyber Security Providers Award was commented on by the Head of the Product Management, <strong>Maroš Barabas</strong>: “In the field of information security, we have been introducing innovations to our markets for almost thirty years. During that time, we have brought in several global brands. Together with selected clients, we create pilot incubators in which those clients help us to test and further develop new technologies. The cooperation is great and, thanks to it, many of our clients are a step ahead compared to conventional security standards. Cooperation and partnership in innovation bring about great results and constitute a part of our long-term strategy. That strategy also includes a balanced portfolio, long-term consulting services and the effort to support start-ups and innovative solutions.”</p><p><img src="/cz/PublishingImages/aec-people/lukas-blaha-2016-02.jpg" data-themekey="#" alt="" style="margin:5px;width:113px;vertical-align:auto;float:right;" />The Ethical Hacking Specialists of the Year Award was given to the Head of the Penetration Department of AEC, <strong>Lukáš Bláha</strong>. “The Pentester Department is the largest division of AEC. We have invested in the training of employees and, over the past six years, we have also executed large projects abroad. Our ethical hacking specialists have gained great prestige for example in Indonesia, Switzerland, Ireland, Belgium and elsewhere. However, we carry out most tests for foreign clients in the Czech Republic. We have extensive know-how based on long-standing experience. We are very flexible, effective and reliable, and we are not afraid of challenges. We deliver real quality to our clients. We greatly appreciate the award; I see it as an award for the entire team. I am proud that a relatively small Czech company can achieve such a success in a prestigious international competition,” he added.</p>
<p>
<em>
<img alt="Cyber Security Award 2019" src="/cz/PublishingImages/news/2019/Cyber%20security%20award.jpg" data-themekey="#" style="margin:5px;width:650px;" />
<br></em></p><p>
<br>
</p> | | | | |
| WhatsApp vulnerability | | https://www.aec.cz/en/news/Pages/WhatsApp-vulnerability.aspx | WhatsApp vulnerability | <p>At the beginning of last week, a vulnerability in WhatsApp was publicly revealed which gave attackers a possibility to run malicious code on mobile devices that could allow leak of sensitive data. The vulnerability has already been removed in the app's newer versions, so the only protective measure required is to update to the latest version. </p><p>The attack exploited buffer overflow vulnerabilities. An attacker called to Whatsapp from an unknown telephone number using the VOIP protocol, which is used for this type of calls. During the ringing and connecting phase, the attacker sent specially modified SRTCP protocol packets that caused buffer overflow. Common SRTCP packet types are used to establish a secure connection between users. The buffer overflow then enabled the attacker to run its code in the memory where the application normally does not have access. Consequently, the attacker could gain access to the infected mobile device's data and steal it. </p><p>From the user's point of view, the attack went through unnoticeably. Users did not have to accept the attacker's call since the attack took place already in the ringing phase. Once the malicious code was run, it deleted information about the missed call so the users did not realize they were being hacked.
<br>The vulnerability was classified as critical since, among other reasons, it does not require user interaction or use of a higher-privilege account. According to the international scoring system CVSS v3.0, it is rated Critical with 9.8 points out of 10. </p><p>All Whatsapp's vulnerable versions are listed on the website of the National Vulnerability Database under
<a href="https://nvd.nist.gov/vuln/detail/CVE-2019-3568" target="_blank">CVE-2019-3568</a>, Android and iOS apps are listed below:</p><ul><li>WhatsApp for Android up to version v2.19.134 </li><li>WhatsApp Business for Android up to version </li><li>WhatsApp for iOS up to version v2.19.51 </li><li>WhatsApp Business for iOS up to version v2.19.51</li></ul>To avoid the vulnerability, please update your Whatsapp at least to the first higher version that is no longer vulnerable. | | | | |
| We have once again renewed the ISMS certification! | | https://www.aec.cz/en/news/Pages/we-have-once-again-renewed-the-ISMS-certification.aspx | We have once again renewed the ISMS certification! | <p>“We are happy to inform you that we have successfully defended our ISMS certification for yet another year. It is both an advert and obligation for us. By having a certified information security management system, we make it clear to our clients that we mean business about security. Not only in their own environments and implemented projects, but also internally,” summed up Jan Poduška, AEC's Head of Risk & Compliance Division.</p><p>We have obtained a certificate for compliance with the requirements of ISO/IEC 27001:2014 for the Czech and Slovak Republic. An ISMS can be defined as a documented management system aimed at ensuring an adequate level of information security within an organization in its information system and other processes. Our portfolio includes the design and implementation of information security management systems and other services related to the identification and evaluation of information risks.</p><p>We have held the certification since 2005, and so we have plenty of experience with it. Do you want to boast of your own ISMS? We will be happy to assist you at any stage of the certification process. Check out our services:</p><ul><li>preparation for certification and guidance through the certification process, </li><li>risk analysis, </li><li>definition and implementation of suitable measures to address identified risks, e.g., by preparing a security development strategy, </li><li>selection of a suitable solution, deployment analysis, and implementation of security technologies such as FW, DLP, SIEM, or document tagging, </li><li>penetration tests and information system audits, </li><li>design of security processes and preparation of documentation, </li><li>training, audits, and security tests according to security standards, including GDPR.</li></ul><p>More information about <span lang="EN-GB" style="line-height:115%;font-family:source-sans-pro;font-size:11pt;"><a href="/en/products-and-services/Pages/information-security-management-system.aspx"><span style="color:blue;line-height:115%;font-family:source-sans-pro;font-size:12pt;"><span style="text-decoration:underline;">ISMS certification</span></span></a></span> here.</p><table align="center" border="0" cellspacing="0" style="width:90%;height:200px;text-align:center;"><tbody><tr><td class="ms-rteTable-default" style="width:33.33%;">
<a href="/cz/PublishingImages/news/2019/AEC_ISMS_CQS_2019_cz.jpg" target="_blank">
<img src="/cz/PublishingImages/news/2019/AEC_ISMS_CQS_2019_cz.jpg" data-themekey="#" alt="" style="margin:5px;width:120px;" /></a></td><td class="ms-rteTable-default" style="width:33.33%;">
<a href="/cz/PublishingImages/news/2019/AEC_ISMS_CQS_2019_en.jpg" target="_blank">
<img src="/cz/PublishingImages/news/2019/AEC_ISMS_CQS_2019_en.jpg" data-themekey="#" alt="" style="margin:5px;width:120px;" /></a></td><td class="ms-rteTable-default" style="width:33.33%;"><a href="/cz/PublishingImages/news/2019/AEC_ISMS_IQNet_2019_en.jpg" target="_blank"><img src="/cz/PublishingImages/news/2019/AEC_ISMS_IQNet_2019_en.jpg" data-themekey="#" alt="" style="margin:5px;width:120px;" /></a></td></tr></tbody></table><p style="text-align:center;"> </p> | | | | |
| The AEC Security Conference offered an unprecedented range of topics this year | | https://www.aec.cz/en/news/Pages/the-aec-security-conference-offered-an-unprecedented-range-of-topics-this-year.aspx | The AEC Security Conference offered an unprecedented range of topics this year | <p>The 27<sup>th</sup> Security 2019 international conference took place in Prague on the last day of February. As is tradition, the largest independent event of its kind in the Czech Republic was organized by AEC. A total of 22 talks on the topic of cybersecurity, divided into two parallel – technical and management – sections, were attended by a record number of 670 registered people. The defining feature of this year's event was the wide range of presented topics, that had one thing in common which was a high level of expertise and an emphasis on practical usability.</p><p>“There is no place for marketing-business presentations at the Security Conference,” said Tomáš Strýček, the CEO of AEC, adding, “We place emphasis on the practical usability of the contributions; the main goal of our event is a professional standard of the individual talks and maximum benefit for the participants.” According to the head of the organizing company, the conference programme was also built on case studies presented by the customer. “We are not afraid of presenting unsuccessful projects to show the risks and to be able to learn from the mistakes,” Strýček pointed out.</p><p>
<img src="/cz/PublishingImages/news/2019/security-2019-030.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" />
</p><p>The contributions of nearly 30 security specialists from the Czech Republic, Slovakia, Greece, Austria, England, Israel, Finland and Germany included areas of fundamental principles of a systematic approach to addressing security in development, mobisle application security, or practical demonstrations of so-called ethical hacking. After all, the hacking tools ecosystem used by the American NSA hacker division presented by Lukáš Antala of AEC, the organizing company, was one of the most impressive among this year's presentations as voted by participants.</p><p>
<img src="/cz/PublishingImages/news/2019/security-2019-049.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" />
</p><p>The talk presented by Jan Tomíšek of Rowan Legal on the topic of cloud security from a lawyer's point of view, including adequate contract setting, was also gripping. Another interesting contribution, this time on the topic of mobile banking runtime protection, was presented by Petr Dvořák, the CEO of Wultra. Dušan Petričko, a delegate from Slovenská spořitelna, presented a highly innovative approach to the question of how to grasp DevOps in terms of security, or rather the question of the possibility of using appropriate tools.</p><p>As in the previous year, the conference was attended by the Chairman of the Czech Pirate Party, Ivan Bartoš, this time with the topic of Security Operations Centre in state administration. In his presentation, he dealt with reserves and options for security solutions – state-level SOC, highlighting the issues regarding the alignment of legislative and security requirements. At the same time, he thematized the uncertainties regarding the possible transferability of existing experience between the commercial and public sectors.</p><p>Security 2019 also included a number of additional programmes, including panel discussions and workshops, accompanied by the popular test lab. AEC penetration testers were available to the participants, under whose guidance, within the Capture the Flag contest, those interested could test their knowledge in fulfilling the given tasks in the areas of hacking, cracking, cryptanalysis and finding information from open sources. Another accompanying event was the exhibition part of the Expo Hall Conference with stands of individual partners. A new feature of this year's conference was the presentation of the Best Exposition Award received by ESET.</p><p>
<img src="/cz/PublishingImages/news/2019/security-2019-091.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" />
</p><p>“This year we witnessed another record attendance,” Tomáš Strýček commented on Security 2019. “We are, no doubt, excited to see a lot of interest, but even more than the number of participants we appreciate the growing quality of contributions, their thematic breadth and often the ability to capture further development and direction of individual ICT areas,” concluded AEC's Executive Director.</p><p>
<img src="/cz/PublishingImages/news/2019/security-2019-014.jpg" data-themekey="#" alt="" style="margin:5px;width:650px;" />
<br>
</p> | | | | |
| KKCG buys into AEC | | https://www.aec.cz/en/news/Pages/kkcg-buys-into-aec.aspx | KKCG buys into AEC | <p>
<strong>Executives from the KKCG investment group and the owners of the Cleverlance Group signed an agreement today under which KKCG will buy majority stakes in AEC and Cleverlance Enterprise Solutions. The transaction paves the way for the establishment of a unique provider of ICT services that will operate under KKCG's management in the Czech Republic, with consolidated revenues in excess of CZK 5 billion, EBITDA over CZK 300 million, and more than 1,800 employees. The transaction is subject to merger clearance by the anti-monopoly authority. Until clearance has been obtained, Cleverlance Enterprise Solutions and AEC will act as an independent business entities.</strong></p><p>
<em>"By acquiring majority stakes in AEC and Cleverlance Enterprise Solutions (CES), KKCG is pursuing its long-term strategy aimed at creating an ICT holding that will bring together specialized firms capable of offering clients a comprehensive portfolio of ICT products and services,"</em> said KKCG's Investment Director Michal Tománek in commenting on this year's first major ICT transaction on the Czech market. KKCG's involvement in the ICT sector began in 2017, when the group acquired a majority stake in AUTOCONT Holding, the largest independent provider of ICT services in the Czech Republic. The group's ICT portfolio also includes DataSpring and SafeDX data centers, Conectart, and startups acquired by the Springtide Ventures fund in the Czech Republic and Israel.
<em>"Our goal is to develop the business of all of the companies in our portfolio. The main objectives include securing access to foreign markets and supporting the dynamic development of proprietary SW services and solutions. Most customers are undergoing digital transformation, a fact that provides a major opportunity for growth,"</em> explained Tománek.</p><p>
<em>"We are happy to be a part of KKCG's ambitious plan to build an undertaking that will be the Central European leader in the segment of ICT and SW solutions. Already now, KKCG's technology pillar includes leading firms specializing in ICT services, HW and SW infrastructure, and cloud services. By adding AEC and Cleverlance Enterprise Solutions to its portfolio, KKCG will strengthen its position in the enterprise segment that focuses on application development and ICT security,"</em> revealed Jiří Bíba, CEO and Member of the Board of Directors at the Cleverlance Group. According to him, a positive role in negotiating the strategic partnership was played by the successful collaboration of KKCG's and the Cleverlance Group's experts two years ago when the Springtide Ventures fund bought into ThreatMark, a startup into which the Cleverlance Group had formerly made an angel investment.
<em>"I am convinced that the partnership with KKCG is a step in the right direction that will usher Cleverlance into a new era of growth during which we will grow from a strong local firm into a major regional player, a strategic ICT partner to our customers and an employer of choice capable of offering new challenges for the professional development of our employees,"</em> explained Bíba.</p><p>AEC CEO Tomáš Strýček added,
<em>"KKCG has been able to see the quality of our company's work during several domestic projects. Likewise, from our viewpoint, it was evident that security is given appropriate consideration. We hope that being a part of such a major group as KKCG will provide us with access to new foreign markets. To date, AEC has successfully completed reference projects in 28 countries around the world."</em></p><p>KKCG will purchase majority stakes in AEC and Cleverlance Enterprise Solutions (CES) from the Cleverlance Group for an undisclosed sum. The Cleverlance Group will retain a minority share in the joint venture, and its executives Jiří Bíba, Vít Urbanec, and Petr Štros will continue to take part in the management of CES. Likewise, minority shareholder Tomáš Strýček, will participate in the management of AEC. The management of the operations of KKCG's new ICT holding will be the responsibility of Milan Sameš. </p><p>
<br>
<strong>Cleverlance Group</strong><br>The Cleverlance Group brings together Czech IT companies providing consulting, solutions, and services with a focus on finance, telecommunications, utilities, and public administration. Members of the Cleverlance Group operate internationally and include Cleverlance Enterprise Solutions, AEC, TrustPort, CTS TRADE IT, and Cleverlance H2B.</p><p>With organic growth at an annual rate of 12-15%, the Cleverlance Group has made investments into such new products and technologies as ThreatMark, CleverBus, Multichannel Banking, People@Work, the CleverBSS telecommunications bundle, and CleverBin smart garbage containers. The Cleverlance Group is currently completing the initial implementations of virtual reality solutions and the Empeena empathic chatbot. </p><p>
<strong>KKCG Investment Group </strong>
<br>KKCG manages leading corporations with an aggregate book value in excess of EUR 5.2 billion. KKCG and companies owned by the group have more than 3,500 employees and conduct business in 19 countries in various parts of the world. KKCG holds stakes in such corporations as the MND Group, the SAZKA Group, US Methanol, the FISCHER Travel Group, and others. </p><p>KKCG companies conducting business in the information technology sector include AUTOCONT, Conectart, DataSpring, and SafeDX. AUTOCONT is the largest independent provider of ICT services in the Czech Republic. Conectart offers an all-inclusive portfolio of contact centers. DataSpring provides professional cloud and ICT services with a focus on data analysis and processing, business intelligence consulting, and proprietary software development. DataSpring operates a Tier III-certified data center. SafeDX is a joint venture of KKCG and the technology giant Foxconn, providing cloud services and ICT operations outsourcing using infrastructure located in the company's own data centers. Springtide Ventures is a venture capital fund specializing in the identification of high-potential startups. To date, Springtide Ventures has acquired stakes in the Israeli companies Bio-Nexus and SpotInst and in such Czech firms as cloud4com, Geewa, Techloop, and ThreatMark. KKCG's portfolio also includes Jazz Venture Partners, a Silicon Valley-based investment fund specializing in human enhancement and neuroscience technologies.<br></p> | | | | |
| AEC Is Now a 3 Star Check Point Partner | | https://www.aec.cz/en/news/Pages/aec-is-now-a-3-star-check-point-partner.aspx | AEC Is Now a 3 Star Check Point Partner | <p>AEC has deepened its long-term partnership with the Check Point company and has achieved the Certified Collaborative Support Provider status. In addition, AEC advanced to the 3-Star level partner within the Stars Program, which is the Check Point global partnership program.<br><br></p><h2>3 STARS PARTNER</h2><p>We have successfully achieved the “3 STARS PARTNER” certification awarded by the Check Point Software Technologies Ltd. company. We have demonstrated our successfully finished projects, outstanding expert knowledge, sufficient substitutability, well-working support, as well as the required number of technical and business certifications.</p><p>Advancing to the 3-Star level clears the way to easier and more flexible cooperation with the Check Point company in the Czech Republic. This steps also brings shorter sales cycles and increased technical support capacity to our customers.</p><p>Our team sees this partnership as an evidence of a job well-done and also as a commitment to all our customers and also to the Check Point company. Our specialists are available during support, migration, management, monitoring, and implementation of their security solutions.</p><p style="text-align:center;">
<img src="/cz/PublishingImages/news/2019/StarsPartnerLogo_3Stars.jpg" data-themekey="#" alt="" style="margin:5px;width:210px;" />
</p><h2>CERTIFIED COLLABORATIVE SUPPORT PROVIDER </h2><p>We have demonstrated high level of professionalism during realization of our projects and expert knowledge and sufficient personal resources when solving any occurring issues. The fact that we hold the “Check Point Collaborative Support Provider” status means that we can collaborate directly with the Check Point core support team, including the possibility to use their engineering teams at our customers’.</p>
<p style="text-align:center;">
<img src="/cz/PublishingImages/news/2019/SpecializationsLogo_CCSP.jpg" data-themekey="#" alt="" style="margin:5px;width:200px;height:200px;" />
</p> | | | | |
| AEC regained the Quality Management System Certificate | | https://www.aec.cz/en/news/Pages/aec-regained-the-quality-management-system-certificate.aspx | AEC regained the Quality Management System Certificate | <p>The AEC a.s. company successfully defended the ISO 9001:2015 Quality Management System certificate. The final report released by the Lloyds Register certification authority shows that the quality management system established in the company is an effective tool for its management, or for management of its processes, respectively, and is being improved on continuous basis.</p>
<p style="text-align:center;">
<img class="maxWidthImage" alt="QMS UKAS" src="/cz/PublishingImages/news/2018/qms-logo-ukas.jpg" data-themekey="#" style="width:350px;height:245px;" /> </p><p>The AEC a.s. company successfully defended the ISO 9001:2015 Quality Management System certificate. The final report released by the Lloyds Register certification authority shows that the quality management system established in the company is an effective tool for its management, or for management of its processes, respectively, and is being improved on continuous basis.</p><p>
<em>"In recent years, the AEC company has undergone significant changes, while the number of our employees rose considerably. To us, obtaining the certificate is a proof of the fact that we kept our unique know-how while the company was continuously growing. We do not perceive the applied quality system management principles as a bureaucratic duty but as a tool for efficient management and for increasing transparency of processes. We place great emphasis on quality of our services, as proven also by the other certificates we obtained. Our satisfied customers are also confirmation of the fact that this strategy is correct," </em>said Tomáš Strýček, the AEC company Executive Director.</p><p>The Quality Management System is described in the familiar series of ISO 9000 standards. These are the standards issued by the International Organization for Standardization (ISO). The ISO 9001:2015 standard then serves as the corner-stone for building of the entire system. It defines requirements for quality management systems in the companies that demonstrate their ability to consistently deliver products compliant with technical and legislative regulations and, at the same time, the products corresponding with the ever-changing customer requirements.</p><p>
<a href="/cz/Documents/Files/aec-qms-2018-cz.pdf" target="_blank">QMS certifikát (CZ)</a><br><a href="/cz/Documents/Files/aec-qms-2018-en.pdf" target="_blank">QMS certifikát (EN)</a><br></p> | | | | |
