emt Distribution survey finds 85% of MSPs see growth potential in password or privileged account management as a service

EndPoint Protector overview


Protect your endpoints with the solution already being used with over 30 million devices, Endpoint Protector by Cososys. EndPoint Protector by CoSoSys will allow you to choose what gets moved on your network, to which device, and with a complete logging and reporting suite.

The feature rich nature of Endpoint Protector (EPP) makes it a comprehensive solution for businesses, enterprise, critical infrastructure, utilities and governments requiring strong control of portable media/devices and the protection and transfer of sensitive data. Features include:

  • Content Aware DLP that helps ensure data transferring through various exit points like email and cloud file transfer solutions, doesn’t contain confidential information
  • Device Control of removable devices on Windows, OS X and Linux platforms, assigning device rights, custom classes, File tracing and shadowing, device blocklists and whitelists and Alerting
  • eDiscovery gives visibility into sensitive data at rest and allows you to apply remediation actions helping prevent data leaks
  • Mobile Device Management adds protection and control to mobile devices such as geofencing, tracking and logging and mobile application management.

The administration console is intuitive, easy to navigate and easy to pick up configuration quickly.  Implementing DLP policies is a straightforward process but incredibly powerful and flexible.

Speak to us today about looking through this fantastic data loss prevention solution!

Reward your hard work – Introducing Secunia Deal Registration

It’s no surprise the amount of work that goes into growing an opportunity with a customer from an idea or quick conversation, to evaluation, proof of concept and finally through to close. After the weeks or months of work that you put into the process the last thing that you want to happen is a competitor to come in and take that away from you. Wouldn’t it be nice to have a way to protect the hard work that you have put in, and also possibly gain an extra discount margin to make the sale even more lucrative to your business?

Strangely enough there is a way, introducing the “Secunia Deal Registration Program”:


The concept behind the program is simple in its design and yet provides a large help to your business as a partner trying to get the customer over the line. By registering an opportunity the partner can increase the discount margin and protect it from being won by a competitor. The opportunity can only be registered to one partner, which then leaves competing partners with a lower margin and hence helping secure the deal for you. The only requirement that needs to be fulfilled for the opportunity to be accepted is that it is not previously known to Secunia and you are an approved Silver Partner. Should you be successful in registering the deal, you will also receive deal registration approval for the renewal, further protecting the investment you put in!

Deal Registration benefits include:
1. Dedicated technical support and sales support for customer meetings
2. Special pricing support
3. Installation and product configuration support
4. Training
5. MDF funds (Gold partners only)

Head over to the FAQ for more information (see below) and as always feel free to contact myself or the team at emt for any further information.




Joining the team

Having the last name Hack it now seems inevitable that I would end up working for a company specialising in security products, and so here I am now joining the emt team as the pre-sales engineer for the Secunia products.

My name is Adam and I have been working in IT (amongst other things) for around 6 years now, having previously dealt with ISP’s and MSP’s before settling into this new role. Ever since I started back in my first helpdesk job with a prominent South Australian ISP back in 2007, security has been a keen interest of mine and one of which I intend to continue to grow. Being able to deal directly with the software that operates in the security space is an opportunity I am looking forward to and something I intend to try and work closely with partners to help them grow.

With that in mind, don’t be shy to come find me on LinkedIn, shoot me an email or give me a call if you wish to discuss anything.

emt to distribute Acunetix

acunetix - Copy

Today we are pleased to announce that emt Distribution will begin to exclusively distribute Acunetix products throughout Australia and New Zealand.

Used by IT Security Adminstrators,  and penetration testers and web developers, Acunetix Vulnerability Scanner is one of the leading tools on the market for detecting vulnerabilities. It’s an easy-to-use tool which has been continuously developed for a decade; evolving with the latest vulnerabilities and cyber threats. It’s the tool of choice for customers including the US Army, the US Airforce, Barclays Bank, American Express and more.

Automated hacks such as the recent WordPress cross sight scripting (XSS) Vulnerability late last week saw many people having their public websites defaced. Acunetix Web Vulnerability Scanner can bring these types of vulnerabilities to your attention.


Acunetix Web Vulnerability Scanner is already used by major companies such as Adidas, American Express, CERN, Credit Suisse, NASA, Siemens, Skype, Sony, T-Mobile, the University of Potsdam, the U.S. Air Force and many others and is well suited to join the emt portfolio of security solutions.

The AFP Phishing email is cryptolocker

In the news over the last couple of days there have been warnings of an Australian Federal Police (AFP) branded phishing email. We received one of these emails in our office and decided to run it through our malware analysis sandbox, ThreatAnalyzer, to determine the behaviour of the sample – something that wasn’t mentioned in the news articles.


The body of the spear-phishing email.

Although Facebook comments have been mostly light-hearted puns from people would like to unsubscribe from from police infringement notices the malware poses a significant threat.

Visiting the link with-in the email provides the attacker with the targets email address as it is embedded in URL allowing the attackers to identify the individuals who have visited the the links, allowing the attackers to follow up, or in the future re-target the individuals as they may be more likely to click on these these types of links.

Once the page loads the victim is presented with a captcha challenge, and when it is entered they will download a zip file containing an executable file which is a variant of the well known cryptolocker virus.


The fake “AFP” website with captcha used to download the malware.

When executed by the user the Cryptolocker virus will then encrypt the users files, communicate with a C&C server and the provide the user with a ransom message providing the victim with instructions on how to connect to the anonymous Tor network to make payment to be able to recover their encrypted data.


The encrypted files shown in explorer, and the instructional email giving recovery instructions

Although the various news articles urge users to update their antivirus, at the time of writing this article only 4/57 AV vendors detected the sample. None of these vendors are popular in Australia, showing that there would have been little to no protection offered to users running these solutions.

This attack is an example of how AV technology is struggling to keep up with modern malware. Preventative controls such as as Application Whitelisting would have stopped this attack by not allowing computer to execute an untrusted file. Although in this case the file was dropped as an executable, we often see the similar attacks where the spearphishing email links go directly to PDF, DOC, or Flash files which contain exploits to vulnerabilities so this is also a timely reminder to stay up to date with OS and 3rd party patching. Both these control types form part of the Australian Signals Directorate (ASD) Top 4 Mitigation Strategies.

Using a sandbox for dynamic analysis allows IT Security Administrators to quickly analyse reported phishing URLs and malware in a to determine the actions of the malware by executing the sample in a dedicated environment. Indicators such as DNS names, IP addresses and hashes can quickly be extracted and operationalised to prevent and identify future instances of the same attack, or other attacks from the same group.

For more information on sandboxing, or on how to operationalise your Threat Intelligence please don’t hesitate to contact us.