FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Monday, December 31, 2018

Devastating Malware Attacks of 2018

The year 2018 has just passed and a hearty welcome to 2019! Hope, this year brings an immense success, joy and wealth to all our readers of Cybersecurity Insiders along with good health- as that’s the need of the hour to many. 

Coming to the article of ‘devastating virus attacks of 2018’ cybersecurity firm REVE has compiled a list of top viruses which hit the news headlines in 2018 and the list is as follows-

Coin Miner- This virus was launched to target those using Mac computers and is basically a cryptocurrency mining malware and was found influencing the CPU and battery of a system in a negative way. ‘Coin Miner’ virus was found targeting the systems of victims who download malicious docs and programs and fake flash player installations from gaming or A-rated websites.

Goner- This notorious virus is found hitting the systems as a screen saver attached to an email. It actually makes way through a computer’s Outlook program and infects the system in such a way that the PC starts sending emails attached with the virus on an automated note to all the email addresses saved in the Outlook. Security analysts say that the virus is found moving security files from the system in a discrete way.

MyloBot- Researchers from the antivirus firm REVE discovered that this malware gains full access to the infected systems as soon as it hits the target. The malware is seen mostly targeting Windows 10 PCs after disabling the Windows Defender and Windows Update operations after blocking the firewall. The most interesting part of this malware is that hackers can use this malware to add payloads to this malware to launch other attack variants.

WannaMine 3.0- Developed by Shadow Brokers, WannaMine 3.0 was used as part of WannaCry Ransomware attack and for other virus attacks. It is basically crypto mining software that uses the targeted PCs computing power to mine digital currencies.

Thanatos- This is a ransomware variant which allows the victims to decrypt their files on payment of 0.01 Bitcoins. It is spreading through malicious files, phishing websites, and freeware….etc.

Red Alert 2.0- Hackers are seen masking this malware in disguise of WhatsApp and Viber applications. It basically hits Android operating systems and prompts users to enter their credentials which are then sent to the server controlled by cyber crooks. Then the malware is seen showing its devastating traits by blocking all Calls and SMS thereby offering the web crook to gain more time to execute their malicious activities.

It’s obvious that the year 2019 will witness many such sophisticated viruses hitting the web. So, it’s crucial to ensure that your future internet activities remain well protected by advanced security solutions.

The post Devastating Malware Attacks of 2018 appeared first on Cybersecurity Insiders.


January 01, 2019 at 10:56AM

The Bitglass Blog

Way back in 2013/14, Cloud Access Security Brokers (CASBs) were first deployed to identify Shadow IT, or unsanctioned cloud applications. At the time, the prevailing mindset amongst security professionals was that cloud was bad, and discovering Shadow IT was viewed as the first step towards stopping the spread of cloud in their organization.

Flash forward just a few short years and the vast majority of enterprises have done a complete 180º with regards to cloud, embracing an ever increasing number of “sanctioned” cloud apps. As a result, the majority of CASB deployments today are focused on real-time data protection for sanctioned applications – typically starting with System of Record applications that handle wide swaths of critical data (think Office 365, Salesforce, etc). Shadow IT discovery, while still important, is almost never the main driver in the CASB decision making process.

The post The Bitglass Blog appeared first on Cybersecurity Insiders.


January 01, 2019 at 09:09AM

5 Common DNS Attacks

The Domain Name System (DNS) security directly impacts both end users and service providers, as the system’s critical nature makes it a sought-after target for those attempting to compromise or disrupt Internet services via DNS attacks.  

DNS is the Internet directory that allows the translation of domain names/URLs into IP addresses and is a critical component of how users are able to interact with the vast number of resources at their fingertips. DNS is deployed in a hierarchy where root level DNS servers communicate with top-level domains, top-level domains with domains below them, and so on. Depending on how an organization implements DNS, they might manage and be responsible for a DNS subdomain. 

A 2018 survey by EfficientIP of 1,000 security and IT professionals found that 77% of organizations were subject to a DNS-based attack, and the average cost of downtime, response, and business loss due to a DNS attack was $715,000.  

Common DNS Attacks noted by Infoblox include:

  1. TCP SYN Flood Attacks – A DDoS DNS attack, typically leaves “hanging” connections by flooding DNS server with new TCP connection requests until the target machine fails.
  2. UDP Flood Attack – A DDoS DNS attack, sends a large number of UDP packets to a random port on the targeted host to confuse or overwhelm the target machine until it fails.
  3. Spoofed Source Address/LAND Attacks – A DDoS DNS attack, sends a spoofed TCP or UDP packet with the target host’s IP address to an open port as both source and destination. The reason this attack works is because it causes the machine to reply to itself continuously, therefore making it essentially unavailable to other applications.
  4. Cache Poisoning Attacks – A core DNS attack, poisons DNS cache typically in order to send legitimate requests to malicious websites.
  5. Man in the Middle Attacks – A core DNS attack, a compromised machine in the network can penetrate and take over the entire DNS structure and then route legitimate requests to malicious websites.

Managing a DNS system for your organization can be a daunting task given the security requirements that must be implemented. Fortunately, most of these attacks can be mitigated with proper technologies and configurations that guard against them.  

Amazon Web Services offers services such as Amazon Route 53, Amazon CloudFront, Elastic Load Balancing, and AWS Web Application Firewall, which help create a dynamic barrier to defend your hosted infrastructure.

DNS configuration standards, including CIS benchmarks and DISA STIGS, along with other AWS best practices provide an accessible path to security and can be implemented to limit exposure. Adherence to the principles in those configuration best practices can now be monitored using Halo Cloud Secure’s newest integrations with Amazon Route 53.

Learn more about how Halo Cloud Secure can give you security visibility into your inventory of DNS and help you figure out your external domain exposures. Read our AWS solutions here, or request a customized demo.

The post 5 Common DNS Attacks appeared first on Cybersecurity Insiders.


January 01, 2019 at 09:08AM

Major US newspapers suffer malware attack; printing & delivery affected

By Waqas

It is believed that the malware attack was carried out from outside the United States. The Los Angeles Times suffered a malware attack earlier this Saturday that disrupted printing and delivery process for several of its print editions across the country, the newspaper said. The malware attack, according to LA Times, was conducted from “outside” the […]

This is a post from HackRead.com Read the original post: Major US newspapers suffer malware attack; printing & delivery affected


December 31, 2018 at 05:36AM

The biggest data breaches of all times till date

All these days Cybersecurity Insiders has reported to its reader’s info about the news of cyber attacks and the top data breaches which happened in the current year. But on the last day of this year, it would like to bring to your notice a list of the largest reported data breaches of USA in order of magnitude.

Yahoo! – The year 2016 witnessed the said web search giant hitting the news headlines two times. One was in March’16 and the other was in Sept’16 for the leak of customer information related to over 500 million accounts.

Marriott- The month of November in 2018 witnessed a data breach disclosure by Starwood hotels, a business unit of Marriott Group of Hotels. An official statement released by the hotel group says that info of more than 500 million customers was accessed by hackers.

MySpace- In March’16, MySpace, which is now a part of Time, Inc disclosed that hackers managed to access usernames and passwords of more than 427 million of its customers and the compromised details were available for sale in an online hacker forum.

Under Armour- On March 29th of this year, Under Armour made it official that hackers accessed data of over 150 million of its MyFitnessPal accounts. The investigation indicates that the cyber crooks managed to access info such as usernames, passwords, email addresses and hashed passwords of the food and nutrition services provider.

Equifax- In May 2018, Equifax disclosed that a massive data breach has exposed sensitive data of over 146 million US populace and the compromised info includes passport and driver’s license details along with the social security numbers. The hack resulted in the resignation of the CEO who later was found apologizing for the incident before the US Congress.

eBay data Breach- In March 2014, the online auction website disclosed that its database was hacked by unknown hackers group and information such as encrypted passwords and other personal info of its customers who visited the website in between Feb and early March was compromised. The accessed records include names, email addresses, mailing addresses, phone numbers, birth dates, and encrypted passwords. Later when the incident was probed, it was revealed that the hack took place when a few eBay employees accidentally logged into a malicious website with their company’s login credentials.

Target data breach- In the year 2013, Target, an American retailing company disclosed that hackers gained access to over 110 million accounts of its customers through a cyber attack. Investigations later revealed that payment card details of more than 41 million Target customers were also compromised in the incident making the company pay a penalty of $18.5 million for showing laxity towards protecting the data of its customers hailing from 47 states.

LinkedIn- On May 18th,2016, professional social networking platform LinkedIn revealed that hacker has gained access to over 167 million user accounts on its database and was found selling the credentials which include passwords on a Russian crime forum. Few media resources reported that the hack was conducted by a state-sponsored hacking group running on the name of ‘Peace’. However, they couldn’t provide any evidence to prove their point.

Quora data breach- On Dec 3rd, 2018, the question and answers services providing website Quora admitted that a cyber attack on its servers has compromised data of more than 100 million accounts. Later an official statement from the company said that compromised data includes information regarding name, email addresses, encrypted passwords and data imported from linked networks.

JP Morgan Chase Cyber Attack- In Sept’ 2014, JP Morgan Chase released an official statement that hackers have managed to intercept the bank servers compromising data of more than 83 million accounts released to over 76 million households. The hack actually took place in July’14 but was disclosed to the world only after two months. Names, email, postal addresses, phone numbers of account holders were said to have compromised in the attack. However, social security numbers of all the compromised accounts remain untouched.

Sony PlayStation Network- In April 2011, an external intrusion on the network of Sony PlayStation resulted in the service disruption and compromise of over 77 million accounts. The cyber incident made PlayStation 3 and play station portable console users from accessing the services for more than 24 days. After Sony released security patches to the compromised versions, the situation was brought under control.

Facebook- In September 2018, Facebook’s IT security staff discovered a vulnerability on their web services platform which could have exposed sensitive info of users to hackers- allowing them to take over the accounts. Later it was disclosed that the incident occurred due to a software bug issue on the site’s “ View As” feature which was fixed within 48 hours of its disclosure.

UBER- In 2017, it was revealed that hackers accessed data of more than 57 million drivers from UBER database. The accessed information includes names and license details of more than 600,000 drivers residing across the United States. The cab services offering company had to a pay a penalty of $148 million to settle a nationwide investigation launched by the law enforcement.

NOTE 1-Due to reasons, we could include the details of the hack which leaked personal info of 10 million accounts and below. However, it doesn’t mean that those companies somehow managed to get out of the news headlines that easily.

NOTE 2- the Year 2018 proved worst to Facebook, the social media network led by Mark Zuckerberg. First, it was the Cambridge Analytica data scandal which shook the company from March 2018 which also led to the testimony of Mr. Zuckerberg before the Congress in May’18.  Later, the data leak of more than 50 million accounts due to a bug in the site’s View As feature embarrassed the company to a further extent. Then in Dec’18, it was revealed that another software bug has led to the exposure of photos of 6.8 million FB users which includes those which weren’t posted.

The post The biggest data breaches of all times till date appeared first on Cybersecurity Insiders.


December 31, 2018 at 09:30PM

Sunday, December 30, 2018

Cyber Attack news for the last day of this year 2018

1.) France based security engineers have found a software tool to navigate and monitor the dark web. But they also argue that the tool could spell deep trouble to the web users if it falls into wrong hands.

Nicolas Hernandez, the Co-founder, and CEO of Aleph Networks, a company based in Lyon- France said that his company rejected over 30 to 40 licensing requests for its newly found software tool named as the “ Google of the Dark Web” in 2018 and will probably stick to it in the coming year as well.

As some website owners like to operate with anonymity with the help of TOR or I2P, finding such sites has become a herculean task to the law enforcement. As we need to type in the exact URL string of often random characters.

Aleph promises that its newly found software could engage in activity which the law enforcement of different countries has been struggling to do it till date.

Celine Haeri, the founder of the software said that her company has so far succeeded in indexing around 1.4 billion links and over 450 million documents across some 140,000 dark websites. And with the new software, the France based company was able to find over 3.9 million stolen credit card info which would have missed out in a comprehensive search engine view.

Founded in the year 2012, the company has recently managed to bag a 200,000 Euros funding from a French Military’s weapon and technology procedural agency. Earlier, the company faced a threat to go bankrupt as its mass data and indexing software couldn’t convince the renowned data analytics companies of the world.

2.) A British cybersecurity firm named ‘Insinia’ was able to post tweets on the behalf of several celebrities last week- all without entering a password. And the security firm achieved this task by compromising the twitter accounts of famous celebrities by spoofing their mobiles phones with hacking technology- all without their knowledge. This includes the accounts of Louis Theroux and Eamonn Holmes.

Mike Godfrey, the owner of the British business said that the activity was triggered to disclose the security flaws exhibited by social networking systems- like spreading disinformation and ruin the reputation of the account holders by abusing the security features of various platforms- in this case, Twitter.

3.) Recently, a new kind of ransomware was seen attacking Linux servers through Intelligent Platform Management Interface (IPMI). The discovered ransomware variant is reported to JungleSec and was seen targeting only the unsecured IPMIs to remotely access and lock down the victim’s system.

A source from Bleeping Computer which was the first to report the issue said that the cyber crooks spreading the ransomware were seen demanding a ransom of 0.3 Bitcoins, but when the money was transferred to their wallets, they did not return the decryption key.

Security analysts say that the best way to keep your Linux servers from such cyber threats is by resetting the IPMI password to a more secure one.

 

The post Cyber Attack news for the last day of this year 2018 appeared first on Cybersecurity Insiders.


December 31, 2018 at 10:38AM

RYUK ransomware disrupts US Newspaper distribution

RYUK ransomware is said to have disrupted the US Newspaper distribution from California and Florida on Saturday last week. Thus, the cyber attack which appeared to have originated outside the United States is said to have led to a 4-hour delay in the distribution of news editions related to Times, the Tribune, the Sun and other news resources majorly operating from Los Angeles.

Sources say that the news sharing network services of Los Angeles Times, Chicago Tribune, Wall Street Journal, and New York Times were majorly hit by the virus attack disrupting the news distribution in entire West Coast.

An investigation launched by Tribune Publishing which also owns the Chicago Tribune and the SUN said that the malware could have impacted the back office publish and production servers on Friday.

Since the corrupted files on Tribune Publishing database contained an extension of “.ryk” RYUK ransomware is expected to be the culprit in causing the news distribution delay said, Ms. Kollias.

Department of Homeland Security (DHS) spokesperson Katie Waldman said that DHS is aware of the situation and was busy studying it.

Currently, we cannot comment on the situation without verifying the facts. But it appears to be a foreign country’s involvement said, Ms. Waldman.

The representatives of the Federal Bureau of Investigation (FBI) were informed about the ransomware attack on the newspaper publications on early hours of Sunday and are currently unavailable for comment.

The post RYUK ransomware disrupts US Newspaper distribution appeared first on Cybersecurity Insiders.


December 31, 2018 at 10:32AM

Researchers exploit Vein-based authentication system using a wax hand

By Waqas

Biometric authentication is currently a widely used option for maintaining the security of devices and systems. With the emergence of vein-based authentication, biometric verification has moved beyond facial recognition and fingerprints. Vein-based authentication involves scanning of the size, shape, and location of the users’ veins under their hand’s skin to verify the person. On paper […]

This is a post from HackRead.com Read the original post: Researchers exploit Vein-based authentication system using a wax hand


December 29, 2018 at 11:21PM

Saturday, December 29, 2018

Hackers steal credit card data of 14,579 BevMo customers

By Uzair Amir

A warning has been issued by the Concord, California-based alcoholic beverages retailer BevMo informing its customers about a data breach that its online store experienced between 2 August and 26 September. During the attack, credit card data of its customers was exposed. “BevMo takes the privacy of our customers’ personal information seriously and we deeply […]

This is a post from HackRead.com Read the original post: Hackers steal credit card data of 14,579 BevMo customers


December 29, 2018 at 09:26PM

Hackers steal personal details of 1,000 North Korean Defectors

By Uzair Amir

The data breach against North Korean Defectors came after hackers targeted computer at Resettling agency. Private data of approx. 1,000 North Korean Defectors present in the South have been exposed in a data breach which makes them vulnerable to all sorts of threats from the North, claims the officials from the Unification Ministry. According to […]

This is a post from HackRead.com Read the original post: Hackers steal personal details of 1,000 North Korean Defectors


December 28, 2018 at 09:37PM

Hackers steal Bitcoin worth $750,000 by hacking Electrum wallets

By Waqas

This year we have seen an unprecedented rise in malware attacks against cryptocurrency wallets whereas cryptomining incidents have increased by 4,000%, reports McAfee. The latest attack on well-known Bitcoin wallet Electrum further proves that malware attacks on crypto wallets are indeed on a rise. According to reports, Electrum Bitcoin wallet has been attacked and hackers […]

This is a post from HackRead.com Read the original post: Hackers steal Bitcoin worth $750,000 by hacking Electrum wallets


December 28, 2018 at 08:28PM

School hackers steal personal data of half a million students & staff

By Waqas

A school district in the United States has suffered a cyber attack in which unknown hackers managed to steal a trove of personal data belonging to over 500,000 staff and students. The targeted school was San Diego Unified School District in California whose database was accessed by hackers just before Christmas allowing them to steal 10 years […]

This is a post from HackRead.com Read the original post: School hackers steal personal data of half a million students & staff


December 27, 2018 at 11:45PM

These people don’t exist – They were created by tech using Artificial Intelligence

By Waqas

Artificial intelligence is increasingly advanced and has entered more and more areas, even in the most unexpected and sensitive issues for society such as the world’s first AI lawyer Ross. Now, tech giant NVIDIA has developed a tool that uses Artificial Intelligence to create extremely realistic human faces. See: This man is creating chatbot for his mom […]

This is a post from HackRead.com Read the original post: These people don’t exist – They were created by tech using Artificial Intelligence


December 27, 2018 at 06:58PM

Bitglass Security Spotlight: Quora and Healthcare Breaches

This post was originally published here by Will Houcheime.

Here are the top cybersecurity stories of recent weeks: 

  • 100 million Quora users affected by data breach
  • First multi-state healthcare breach impacts 3.9 million
  • Australia’s anti-encryption bill becomes law
  • Unprotected MongoDB server exposes 66 million
  • Malware attack undetected for four years

100 million Quora users affected by data breach

Quora, a website that allows users to inquire about different topics for credible feedback, was recently attacked by hackers. This website has been trusted by 300 million users, but, due to this immense cyberattack, users are now questioning the safety of their personal data on the site. Last week, Quora discovered that their database had been infiltrated, and that about one-third of their users were affected. The investigation is still ongoing; however, it is certain that user account information has been accessed by an authorized third party.

First multi-state healthcare breach impacts 3.9 million

The news of a healthcare breach is severe enough as is, but the announcement of the first multi-state data breach is nothing short of a cybersecurity disaster. The protected health information (PHI) of 3.9 million people was accessed through this single breach, and the affected healthcare companies failed to disclose the occurrence in a timely fashion. A lawsuit was recently filed against the involved healthcare firms, but the investigation shows that the breach actually happened in 2015.

Australia’s anti-encryption bill becomes law

In Australia, law enforcement can now undermine encryption in order to gain unauthorized access to civilian devices. The government claims this will help stop terrorist attacks, homicides, and other serious crimes. However, this allows for the invasion of privacy and creates a loophole for cyber criminals, causing many concerns about the security of sensitive data. Now that the Australian government has set this law, any company or website operating within the country will have to find a way to preserve the trust between them and their users.

Unprotected MongoDB server exposes 66 million

A database with personally identifiable information (PII) of 66 million individuals was found unprotected. This information included full names, contact information, employment history, and more. The availability of this information gives malicious cybercriminals the power to launch targeted phishing attacks that are difficult to recognize. The information seems like it has been scraped from LinkedIn profiles. Fortunately, the data did not fall into the wrong hands and was taken offline before it could affect the users exposed.

Malware attack undetected for four years

The existence of malware within a 1-800-FLOWERS database was recently discovered. The threat was stealing funds from customers’ credit cards for four years before finally being detected. Other information was also collected, including full names, card numbers, expiration dates, and card security codes. More than 500 million California residents have been affected and the state’s attorney general office has filed a legal complaint.

To learn about cloud access security brokers (CASBs) and how they can protect your enterprise from ransomware, data leakage, misconfigurations, and more, download the Definitive Guide to CASBs below. 

Photo:IT PRO

The post Bitglass Security Spotlight: Quora and Healthcare Breaches appeared first on Cybersecurity Insiders.


December 29, 2018 at 05:30PM

SaaS Apps And the Need for Specialized Security

This post was originally published here by  Paul Sullivan.

Keeping cloud services running is a complex, multi-faceted endeavor for cloud service providers. They need to juggle adding new features, keeping their customers’ sensitive data secure, and having high uptime for their services – there is virtually no room for error. Microsoft learned about the need for high uptime a few weeks ago when they suffered a four-hour outage for users with multi-factor authentication enabled on their Azure and Office 365 services.

For companies that use these services, the impact of outages can be significant. Many firms have all of their documents hosted in cloud storage or use Salesforce as their source of client information. If an outage happens, these companies typically find themselves scrambling to keep everything from grinding to a halt while hoping that their provider can fix the problem quickly.

Fortunately, this risk can be mitigated by diversifying and using several specialized cloud services for different purposes. That way, if one goes down, not everything is impacted and business can continue. Many companies have already realized this, with a projected 85% of companies using more than one cloud provider in 2018. The tradeoff with multiple providers is that it then becomes harder to enforce consistent security policies across multiple, disparate, disjointed cloud services. Luckily, a cloud access security broker(CASB) can help solve these problems by providing security controls and authentication for all apps from a single pane of glass. In this way, enterprises can benefit from specialized, advanced cybersecurity, and cloud service providers like Microsoft can focus on keeping solutions like Offiice 365 online.

When companies migrate to cloud-based applications, they put themselves at risk if they don’t equip themselves with the correct security tools. The purpose of a CASB is to secure corporate data, protect against threats like malware, ensure robust authentication, and provide visibility over all user and file activity. With the rapid growth of cloud apps continuing to accelerate, cloud access security brokers are more necessary than ever.

Photo:Securities.io

The post SaaS Apps And the Need for Specialized Security appeared first on Cybersecurity Insiders.


December 29, 2018 at 05:22PM

Bitglass: a one-way trip to Secureland

This post was originally published here by Michael Tamayo.

It’s that time of year again – the time to spend with those you hold dear so you can look back and reflect on the past year. If we look back even further, we can see the progress from our humble (yet ambitious) beginnings to our current position as a leading solution in the cloud access security broker (CASB) space. We are immensely proud of our achievements, but even more proud of our team who worked tirelessly to get us to where we are now. We could not have made it to this point without their passion and dedication.

This got me thinking about our “vision” and what it means to me personally. In my mind, I imagine this digitally driven world we live in, but free of data security threats. We’re not there yet, but I believe this is what we at Bitglass are working towards. This world where your data is secure – anytime and anywhere – is a place we call “Bitglass Secureland” if you will.

So, I present to you this holiday-themed song, set to the tune of “Winter Wonderland.”

 

Cell phones ring, are you securing?

In the cloud, data is streaming

A worrisome plight

Sleep soundly tonight

Living in a Bitglass Secureland

 

Cast away, your old MDM

Here to stay, is AJAX-VM

Bid plaintext so long

We’re encrypting along

Living in a Bitglass Secureland

 

Our real-time alerts are a great watchman

Telling us when security is down

They’ll say, are you worried?

We’ll say, no, man!

We’re the leading CASB in our town

 

Later on, they’ll conspire

Tapping in, through the wire

But we’re not afraid

The DLP that we’ve placed

Living in a Bitglass Secureland

 

In the cloud oh we can build a watchman

Machine learning all that it can down

It will be the sharpest little watchman

Making all the others look like clowns

 

Access control, ain’t it thrilling

Your data, it’s safely keeping

GDPR that we slay, and UEBA

Living in a Bitglass Secureland

 

Living in a Bitglass Secureland

Living in a Bitglass Secureland

 

We wish everyone happy holidays and a happy New Year! Please continue to join us in Bitglass Secureland!

To learn about cloud access security brokers (CASBs) and how they can protect your enterprise from ransomware, data leakage, misconfigurations, and more, download the Definitive Guide to CASBs below

Photo: CSO

The post Bitglass: a one-way trip to Secureland appeared first on Cybersecurity Insiders.


December 29, 2018 at 05:15PM

CISSP-ISSAP MEMBERS: YOUR FEEDBACK IS REQUESTED

This post was originally published here by (ISC)² Management .

(ISC)² regularly conducts Job Task Analysis (JTA) studies to review and update the content outline of its credentialing examinations. A JTA is the methodical process used to determine tasks that are performed by credential holders and knowledge and skills required to perform those tasks successfully. Results of the JTA study link a candidate’s examination score directly to the domain knowledge being tested.

A JTA Study Workshop for CISSP-ISSAP has tentatively been scheduled toward the end of March 2019. In preparation for the upcoming study, we would like to hear from our CISSP-ISSAP members. Please comment on any new content and emerging concepts or technology in the security architecture field that needs to be covered by the CISSP-ISSAP exam. This is your opportunity to shape the content of the CISSP-ISSAP exam! Thank you in advance for taking the time to share your feedback and experiences – it will help us ensure the CISSP-ISSAP continues to meet the needs of an ever-evolving security architecture profession.

You can find a copy of the current CISSP- ISSAP Exam Outline online. (ISC)² would appreciate you reviewing this Outline and answering the following questions:

Do you believe that current CISSP-ISSAP exam outline covers all the appropriate domains of the security architecture profession? Are there any domains missing or better covered elsewhere?

If not, what sort of topics and domains must be added to the exam content outline so that the Exam Outline reflects the changing face of security architecture?

Also, please let us know if any important content (tasks, knowledge, and skills) are not covered by the current CISSP-ISSAP Outline. Send your comments to us at 2019ISSAPJTA@isc2.org. Your comments will be compiled and presented to the JTA Committee for further review.

Photo:Udemy

The post CISSP-ISSAP MEMBERS: YOUR FEEDBACK IS REQUESTED appeared first on Cybersecurity Insiders.


December 29, 2018 at 05:07PM

Friday, December 28, 2018

99 Free Privacy Tools That Will Keep You Safe Online

Thursday, December 27, 2018

China puts chips on children’s school uniforms for surveillance

If you think that the China’s penchant to spy on its populace has hit a saturation point, here’s more to add to it. All schools in Southern China have been asked to implement a new rule to force children to wear micro-chipped uniforms in order to track down truants.

The objective of this extensive surveillance is to inform the parents of the children if their skip classes or if are caught doing mischief. While the children below 10 don’t have a problem in being monitored, the teenage lads are found opposing the new rule to the core.

As per the news report from The Global Times, at least 10 schools operating in Guizhou province and its neighboring state of Guangxi have made it mandatory for children to wear “smart uniforms”.

Management of these educational institutions call these chip-based clothes as “Intelligent Uniforms” and say that the manufacturer Guizhou Guanyu is offering them a price cut due to the Communist Party’s call to offer a government subsidy for all those educational institutes which are indulging in the creation of “Smart Campuses”.

The technology firm claims that its uniforms will have two chips embedded in the shoulders of the jacket and can sustain around 500 wash cycles and temperatures of 150 degree Celsius.

A source from China said that the tags will be matched by the facial recognition scanners installed at the school gate any student caught swapping the jackets will get caught and punished. Also, the chip-based jackets will also help monitor those kids who fall asleep in the classrooms and will inform their parents via an app.

Schools who implemented the “Intelligent Uniforms” say that the technology has helped improve the attendance of pupils attending classes and helps them keep a track of the children after hours of the school i.e. till they reach their respective homes.

“As soon as a child enters the campus the surveillance starts by taking a photo and video of the child until he/she reaches their classroom”, said Ran Ruxiang, a school principal of an elementary school operating in Guizhou province.

We do not keep the location tracking of a student precisely. However, if the child misses or skips the classes, the chip in their uniforms helps to detect them easily said Lin Zongwu again a school principal of a school located in Guizhou.

In near future, the embedded chips will also help teachers send parent notifications and exam reports and homework to students through the app.

The post China puts chips on children’s school uniforms for surveillance appeared first on Cybersecurity Insiders.


December 28, 2018 at 10:37AM

FBI seizes firms offering Cyber Attacks-on-Demand

US Department of Federal Bureau of Investigation (FBI) has announced that it has seized over 15 internet domains and has charged around 14 men associated with firms that offer cyber attacks-on-demand.

The law enforcement agency has added in its statement that the firms were found indulging in malicious practices such as spreading malware and launching ransomware and DDoS attacks on several computer networks related to financial institutions, universities, internet services providers, government organizations and gaming platforms.

Some of the domains in the sized list include the world’s biggest “Booter” or Stresser services providing domain services such as critical-boot.com, ragebooter.com, downthem.org, and quantumstress.net.

Highly placed sources of Cybersecurity insiders report that the law enforcement engaged in the activity after receiving criminal complaints from individuals and companies operating in California and Alaska.

“As such companies offer services at very low cost, individuals and companies are seeking help to drop the websites of their competitors out of vengeance”, said a federal law enforcement official who liked to report in an anonymous way.

According to a 33-page affidavit in support of the warrant filed in the US District Court of California, two people’s names have been publicized. Matthew Gatrel, 30, of St. Charles, Illinois, and Juan Martinez, 25, of Pasadena, California were found guilty for hosting services in the name of Ampnode and Downthem and so were slapped with charges of computer fraud and abuse act.

Downthem was found offering cyber attack on-demand services in between Oct’14 to Nov’18 and had managed to bag more than 2,000 customer subscriptions for launching more than 200,000 Distributed denial of service aka DDoS attacks.

The charging document also highlights another name called David Bukoski, 23, from Hanover Township, Pennsylvania, for operating Quantum Stresser, one of the longest-running DDoS services in operation. FBI claims that the services had more than 80k customer subscriptions dating back to 2012 and has so far launched over 50,000 attacks on news agencies, government organizations and some of the multinational corporate companies.

Note- FBI arrested all the individuals and seized their online services only after verifying the records of services being offered by them with valid proof.

The post FBI seizes firms offering Cyber Attacks-on-Demand appeared first on Cybersecurity Insiders.


December 28, 2018 at 10:30AM

How Malware Sandboxes and SIEMs Work in Tandem to Effectively Detect Malware

Rohan Viegas of VMRay explains some of the key factors IT security teams should consider when evaluating a malware analysis sandbox and whether it’s a good fit for their existing SIEM environment. He then outlines how VMRay Analyzer complements and enhances the capabilities of AlienVault’s flagship platform, USM Anywhere.

For IT security organizations, malware threats and attacks continue to play a prominent role in the threat landscape. According to Verizon’s 2018 Data Breach Investigations Report:

  • Of the 2,216 data breaches that were studied by participating security vendors, 30% involved malware.
  • Six types of malware (ransomware, C2, RAM scraper, backdoor, etc.) were among the top 20 varieties of action used in the data breaches covered in the study.
  • Ransomware, used primarily to commit financial crimes, is now involved in more than 40% of malware attacks.
  • Malware attacks can be completed in minutes. However, due primarily to poor detection, an intrusion may not be discovered for weeks or months, potentially causing damage all the while.

“Full-featured SIEM, Looking for the Right Malware Sandbox”

When selecting an automated malware analysis sandbox to address these challenges, IT security teams should not only compare the side-by-side capabilities of different vendor products. They should also weigh how a particular sandbox will interact with their existing SIEM platform and the extent to which a product’s strengths (or its weaknesses) are utilized across the managed security ecosystem. Below are some key points to consider.

The sandbox’s detection efficacy. Malware today is designed to recognize when it is running inside an analysis environment and to stall or exit in the sandbox, thereby evading detection altogether or inhibiting the analysis by not fully revealing its behavior. This leaves blind spots in the analysis results, which can then be carried over to the SIEM. A key quality to look for in a sandbox is its ability to reliably conceal itself from the samples being analyzed so the malware can fully execute, giving you comprehensive visibility into the threat.

The quality of Threat Intelligence that can be shared. Another consideration is what types of threat information can be ingested by your SIEM and made available across your security environment. Important IOCs include severity scores, suspicious behaviors, network activity, dropped files etc. You also need to consider how complete that information is.

Full visibility into malware behavior is essential for generating quality threat intelligence. For instance, if you discover a malicious file, the analysis results should detail all the places it tried to reach out to, all the bad files it tried to create, and all the registry keys it tried to touch or modify.

How can the Threat Intelligence be used once your analysis results are handed off to your SIEM? Can the data be easily monitored? Correlated with other data sources? What actions can you take with this information? To build on the prior example, if your sandbox identifies a new malicious file that has reached out to an unfamiliar and presumably bad IP address, can you search your entire infrastructure for systems that have also accessed that address?

Rising to the Challenge

For organizations that have USM Anywhere or another comprehensive SIEM platform in place, adding VMRay Analyzer to the managed security environment addresses these core challenges, strengthening the ability to detect and respond to malware threats, attacks and vulnerabilities more quickly and effectively.

Unlike traditional malware sandbox solutions, VMRay Analyzer runs solely in the hypervisor layer and does not modify a single bit in the analysis environment. The sandbox remains completely invisible to the malware sample and can transparently monitor all aspects of the malware’s behavior, without triggering the evasion techniques that thwart detection and analysis in other sandboxes. In turn, analysis results provide complete and detailed visibility

VMRay Analyzer’s Intelligent Monitoring engine, for example works much like an auto-zoom lens on a camera, adjusting to find the optimal level of monitoring. This allows analysts to distinguish between legitimate operations performed by the OS and trusted applications and unusual or malicious activities performed by the monitored sample. The result is to ensure security teams don’t miss any critical information while also delivering results that are precise and noise-free, with minimal false positives.

Once VMRay malware analysis results are ingested by the SIEM, using VMRay’s REST API interface, that information gains wider use and greater value. It can be monitored, searched, correlated with other data sources, and shared with security devices, such as firewalls and endpoint protection system. It can also be investigated and acted upon.

In addition, VMRay also has an out-of-the-box SIEM integration by publishing analysis alerts in Syslog/CEF format. These customizable syslog messages are generated when critical events occur.

Here are some of the ways VMRay Analyzer makes SIEM environments, such as USM Anywhere, more efficient, useful and comprehensive.

  • Ensures timely analysis and detection of zero day and polymorphic threats—as well as known threats—and translates that information into actionable intelligence.
  • Automatically propagates analysis results (including sample details, severity scores, IOCs, network activity and YARA rule matches) to the SIEM’s centralized environment.
  • Improves the productivity and effectiveness of analysts and incident responders by providing all the information they need and only the information they need to analyze and respond to malware threats, vulnerabilities and attacks.
  • Eliminates the productivity-killing noise and false positives that many sandboxes generate, while also ensuring irrelevant information is not pumped into the SIEM environment.
  • Continually adds to the malware-related threat intelligence that is made available to the SIEM.

Sandboxes and SIEMs work in tandem to effectively detect malware or respond to a security breach. Choosing an evasion-resistant sandbox that generates precise, actionable Threat Intelligence ensures that you will have a good fit with your existing SIEM environment.

      

The post How Malware Sandboxes and SIEMs Work in Tandem to Effectively Detect Malware appeared first on Cybersecurity Insiders.


December 27, 2018 at 09:09PM

Bitglass: a one-way trip to Secureland

It’s that time of year again – the time to spend with those you hold dear so you can look back and reflect on the past year. If we look back even further, we can see the progress from our humble (yet ambitious) beginnings to our current position as a leading solution in the cloud access security broker (CASB) space. We are immensely proud of our achievements, but even more proud of our team who worked tirelessly to get us to where we are now. We could not have made it to this point without their passion and dedication.

The post Bitglass: a one-way trip to Secureland appeared first on Cybersecurity Insiders.


December 27, 2018 at 09:09PM

Wednesday, December 26, 2018

Devastating Cyber Attacks of 2018

Want to know the details of the most devastating cyber attacks of 2018. Then Cybersecurity Insiders brings to you a synopsis of those which hit the headlines in this year. 

Marriott Hotel Cyber Attack- In November 2018, Starwood Hotels a subsidiary of Marriott International admitted that its hotel guest database was accessed by hackers since 2014 and possibly information pertaining to over 500 million customers could have been stolen in the data breach. The statement released by the hotel and resorts giant said that the unauthorized access was detected after September 10 this year. But the company chose to disclose the news to the world after a two months gap i.e. in Nov’18.

FIFA Cyber Attack- On October 30, 2018, the football governing body FIFA revealed that its systems were hacked for the 2nd time in this year triggering concerns that the hackers might have sold the details on the dark web. The European Soccer event’s governing body fears that the attack cannot be linked to the one launched in 2017 by a Russian intelligence agency, but hasn’t ruled out the possibility that it could be the work of adversaries. Cybersecurity Insiders learned that the attack was of phishing genre where 3rd parties try to fool their targets for giving up their login credentials.

Google + Shutdown- In December this year, internet Juggernaut Google said that it was planning to shut down its Google + services from April next year as the service experienced a data breach exposing private data of hundreds of thousands of the Alphabet Inc’s subsidiary. It’s said that Google plus People APIs platform allowed 3rd party developers to access data of more than 500,000 users and that includes usernames, email addresses, occupation, date of birth, profile photos and gender-based information. As Google + servers do not keep user info for more than 2 weeks, the web search giant isn’t sure on the exact number of users who were impacted by the vulnerability.

Facebook 50m user data exposed- In September this year, social media giant Facebook announced that over 50 million accounts of its users could have been hacked due to a bug in ‘View As’ feature which was fixed after the revelation. Cybersecurity Insiders learned that the data expose took place on September 25th i.e. Tuesday while the fix was issued by late Thursday.

SHEIN hack- In August this year, reputed online fashion retailer SHEIN revealed that its user database was hacked by unknown cyber crooks who accessed personally identifiable information (PII) of almost 6.5 million customers. The largest online retailer added in its statement that the hack took place in June this year and the back door remained open to the criminals till Aug 13th of this year when the company was finally made aware of the potential theft by the IT staff.

Government Payment Service hack- The said online web portal which offers payment gateways for US populace to pay traffic citations and licensing fees disclosed in Sept this year that a data leak could give exposed data of more than 14 million customers dating back to 2012. The IT staff of the web portal which is known to serve over 2,300 government agencies in 35 states said that the hack could have leaked info such as names, addresses, phone numbers and the last 4 digits of credit cards.

Apple servers hacked- In August 2018 many media resources buzzed with the news that a Melbourne based schoolboy broke in the computer systems of Apple Inc and was nabbed by FBI based on a tip-off from the technology giant’s Australian business arm. It is learned that the teen managed to intercept the mainframe computer of Apple from his PC located in his suburban home on 2 occasions over the year and succeeded in downloading over 90GB of critical data and customer accounts.

Reddit Database hacked- In June this year; a spokesperson from Reddit disclosed to the world that its technology-based website suffered a security breach when hackers accessed a database containing user info dating back to 2007. The news was out that the hackers managed to gain read-only access to some of the systems containing backup data, source codes and internal log files along with some developer’s analysis. Though Christopher Slowe, the CTO of Reddit admitted that the hack was a serious one, he assured that its users will never-ever suffer such a hack in future.

T-Mobile hack- On August 20th, 2018, T-Mobile confirmed that a security breach was detected on its US servers resulting in the leak of personal info of up to 2 million T-Mobile customers. The access data includes customers name, billing zip codes, phone numbers, email addresses, account numbers, and account types such as prepaid or postpaid. However, the telecom giant assured that no financial info like credit card details, social security numbers or password were compromised in the incident.

Verizon faced cyber attack embarrassment due to AWS- In August this year, ZNET reported that millions of Verizon’s user accounts were compromised due to a security lapse caused due to human error. It was later revealed that the exposure error was caused when an employee from Nice Systems- an Israel based IT services provider accidentally left the data stored on Amazon S3 Storage server unprotected. As the data was downloadable to anyone, Verizon suggests that the data exposure could cause serious consequences in near future.

The post Devastating Cyber Attacks of 2018 appeared first on Cybersecurity Insiders.


December 27, 2018 at 10:43AM

Ransomware attack exposes data of 16K patients from Georgia health center

A Ransomware attack launched on the database of Mind and Motion Developmental Center in Georgia is said to have exposed over 16,000 patient records. A spokesperson from the healthcare said that the attack was discovered on Sept 30 this year but was made public only after a preliminary investigation was conducted and results were obtained.

News is out that the malware attack led to the leak of personal details such as patient names, addresses, birth dates, medical records, social security numbers, and insurance data.

According to a forensic report offered by TeamLogic IT, it was discovered that an inactive keylogger and spam emailer led to the breach.

The Mind and Motion Developmental Center is said to have reported the breach to the US Department of Health & Human Services and all the staff members were recently trained on how to spot security issues such as phishing attacks.

A consulting firm has been approached by the healthcare to make sure that the organization was meeting all the compliance standards of HIPAA after the breach.

Cybersecurity Insiders has learned that the hackers first encrypted the database with malware. But since their ransom demands weren’t obliged, chose to leak the data on the dark web.

However, to date, the health center authorities haven’t observed any signs of data leak on the dark web. So, assume that the hackers might have retreated when their ransom demands were not valued by the IT staff of the medical facility.

The post Ransomware attack exposes data of 16K patients from Georgia health center appeared first on Cybersecurity Insiders.


December 27, 2018 at 10:36AM

Holiday and Christmas scams users should be aware of

By Carolina

“It’s that time of the year again” when Holiday and Christmas scams target users around the world since millions of people are celebrating and buying gifts for friends and family. Most people prefer shopping online and that is where hackers and cybercriminals take full advantage of the situation and scam unsuspecting users. Here are some Holiday and Christmas scams you […]

This is a post from HackRead.com Read the original post: Holiday and Christmas scams users should be aware of


December 24, 2018 at 11:00PM

Nokia exposes passwords & secret access keys to its internal systems

By Waqas

Another day, another data breach – This time, multinational tech giant Nokia has been caught exposing highly sensitive data of industrial nature that would have put its internal security at risk. The data was discovered by the director of the cyber risk research team at Hacken and Hackenproof Bob Diachenko during routine Shodan security audit on December […]

This is a post from HackRead.com Read the original post: Nokia exposes passwords & secret access keys to its internal systems


December 24, 2018 at 06:29PM

CISSP Spotlight: Amy Mitchell

Headshot_AmyName: Amy Mitchell
Title: Managed Services Engineer
Employer: KnowBe4
Location: Clearwater, FL, U.S.
Education: Associates of Science
Years in IT: 6
Years in cybersecurity: 4
Cybersecurity certifications: Security+, CISSP

 

How did you decide upon a career in cybersecurity?

I realized how important PCI DSS security is when I worked in the service industry. From there, I worked in network security for point of sale systems and have now moved to KnowBe4. I help teach people about cybersecurity awareness around the world.

 

Why did you decide to pursue your CISSP?

I interact and work with CISSPs on a regular basis. I wanted to be able to communicate and understand their thought processes on the same level as them.

 

In cybersecurity, no two days are the same – what is your main role in your organization?

I manage the security awareness training and simulated phishing plans for large global enterprises.

 

Tell us about a project that you were particularly proud of –

One project I was particularly proud of was my first, large global account set up. It was a native language simulated phishing that started in Asia and chased the sun around the globe. It took six straight hours to set up the account.

 

What impact has the CISSP had on your career?

The level of respect that others, both in and outside of the industry, have has grown and they can be confident in my level of knowledge.

 

What advice would you give to those who are thinking about pursuing cybersecurity as a career?

While it may seem like a highly technical field, there are many different facets of cybersecurity. No matter where you started in your career, there is always room for more cybersecurity professionals.

 

Aspiring to be a CISSP? Download the Ultimate Guide to the CISSP.

The post CISSP Spotlight: Amy Mitchell appeared first on Cybersecurity Insiders.


December 26, 2018 at 09:08PM

Tuesday, December 25, 2018

Information Security Digital Privacy law tops EU Google’s Search List 2018

From May 25th, 2018 European Union announced the world’s toughest rules for companies offering online services to the populace of the region. And the internet juggernaut Google has claimed that its search engine was fueled with queries related to the digital privacy law in the whole of 2018.

As per the most search stats released by the Alphabet, Inc.’s subsidiary yesterday, what is GDPR, what is a bitcoin, digital privacy law EU, and the Brexit repercussions on European Union were the most searched terms by the populace in between June- Dec’18.

The web search giant also claims that the populace of Britain and Ireland were most interested in knowing the terms of Brexit and how the technology companies in the silicon valley of US were working to comply with the data privacy rules in their region.

“Currently, the EU is more advanced than the US in protecting consumer privacy, and what happens there could be a forerunner of the future”, said Micheal Kearns, a computer science professor at the University of Pennsylvania.

Facebook, Microsoft and Amazon Web Services have already been working for months and have disclosed that their services are in compliance with the latest set of stipulations related to General Data Protection Regulation (GDPR).

United States, Brazil, Japan, and South Korea are planning to follow the footsteps of European with some already having a dialogue on how to make amendments to the prevailing data protection laws in their region to match with the GDPR.

Note- As per the current privacy measures prevailing in Europe, called GDPR in short, the online users can reduce their trail of information left while browsing social media and reading the news or indulging in online shopping by requesting technology companies to delete them when the privacy concerns get paramount.

The post Information Security Digital Privacy law tops EU Google’s Search List 2018 appeared first on Cybersecurity Insiders.


December 26, 2018 at 11:17AM

A study on Cyber Threats to Automated Cars

Authorities in Japan are intending to launch a study on the cyber threats that could target self-driving cars. The research is meant to prepare the country’s law enforcement to deal with such attacks and keep the populace safe from any untoward incident.

Self Driving cars are those which use internet access for navigation and Japan’s National Police Agency is worried that such cars could become easy targets for crime doers.

As the government of Japan is planning to launch autonomous car services on expressways by 2020 in order to give a big transportation boost or the Summer Olympic Games to be held in Tokyo, it is planning to weed out the anomalies affecting its objective by next year. For this reason, the Police Agency has allocated $63,000 for the study on cyber attacks on automated cars which are expected to begin in the next fiscal year- i.e. April 2019.

Cybersecurity experts say that such studies will not only help in the proliferation of technologies in a secure way but will also help the people using those services feel secure.

News is out that the researchers assigned the duty to study the vulnerabilities will be using machine learning tools in order to combat security risks associated with autonomous vehicles.

And as the world is preparing to get a transition to 5G data networks, leveraging AI tools to secure self-driving cars will help autonomous car operators detect cyber threats well in time and react accordingly within a millisecond time frame.

In the coming years, there is no doubt that hackers will try to intercept the operations of autonomous cars. At the same time as maturity levels among the cybersecurity professionals increase with time, they are sure to come up with powerful tactics to defend the connected cars against such attacks.

The post A study on Cyber Threats to Automated Cars appeared first on Cybersecurity Insiders.


December 26, 2018 at 11:14AM

Artificial Intelligence tops Google Search List in 2018

When it comes to ‘technology’, ‘Artificial Intelligence’ shortly & widely known as ‘AI’ is said to have topped the Google Search List in 2018. And mind you, the list was released by Google today and includes only those search terms hitting the news headlines in between Dec’17 to Dec 18th,2018.

Among the trends, the top searched term happens to be about the ‘Microsoft’s AI Commercial’ followed by the news related to 4 AI robots which killed 29 scientists in Japan.

Rapper ‘Common’ aka Lonnie Corant Jaman Shuka Rashid Lynn became a household face as soon as the Microsoft’s AI commercial was released on YouTube on Feb 11th of 2018. Some supported his words, while most of them took a dig at the washed-up rapper-common sense.

Coming to the news of 4 AI robots killing 29 Japanese scientists, it was a news breakout from a woman journalist named Linda Moulton Howe in Feb this year. A video which went viral on the issue says that the massacre happened in a humanoid robots development unit in Japan where 4 Artificial Intelligence robots shot metal bullets at the researchers present in the lab. Twenty-nine of them died and 13 were said to be severely injured.

What’s more interesting about this story is the fact that 2 robots were controlled by the scientists who managed to deactivate them with great difficulty while the 3rd one had to be dismantled by other means. But the 4th robot somehow began restoring itself by connecting itself to an orbiting satellite and managed to download information on how to rebuild itself. However, the intervention by human minds at the right time failed the robot’s mission to rebuild itself to likely take control of the facility—wow a great story for a Hollywood movie….isn’t it?

The next most searched term happens to be Sophia AI Robot of 2018- a robotized model of social humanoid developed by Hong Kong-based Hanson Robotics. The highlight of this silicon machine is that it has the capabilities to display more than 50 facial expressions like humans.

The other term which topped the google search list happens to be about the AI news anchor of China where a news channel named Xinhua News introduced two computerized avatars of news anchors meant to read the daily news events. Called as “AI Synthetic Anchors” developed by Sogou, Inc, a Beijing based search engine and voice recognition technology; the Chinese AI news anchors have displayed their potentials to such a level that the world came to a conclusion that machines have the ability to take over human anchors in near future.

The post Artificial Intelligence tops Google Search List in 2018 appeared first on Cybersecurity Insiders.


December 25, 2018 at 09:10PM

Monday, December 24, 2018

Cloud Startup gains $100 M funding to build secure data centers in Satellites

After exploring land and the water to build data centers, scientists are now finding ways to build secure data centers in a network of satellites operating in Low Earth Orbit (LEO). In fact, a new startup has taken a step ahead in the process by gaining a $100M funding for its Space Laser Cloud Security.

Cloud Constellation is the company in the discussion which has received a series B funding of $100M from Hong Kong-based HCH Group Company.

Cloud Constellation which made to news headlines with its SpaceBelt Data Security-as-a Service plans to launch its network of satellites and have them operational by the year 2021.

“The objective of the company in building data centers in space is to secure data for Earthbound enterprises in space from the dreaded intrusions of cyber crooks”, said Cliff Beek, CEO of Cloud Constellation.

In most cases, the cloud will be stored onboard the satellites, while in some cases only the encryption keys will be stored there while the data rests in server farms operating on earth said, Mr. Beek.

Coming to the technicalities here are some points projected in layman terms. Data leaves the earth via Radio Frequencies to conventional geosynchronous satellites. Then the data is transmitted from the geosynchronous satellites to the Spacebelt satellites owned by Cloud Constellation via radio frequencies.

When the data needs to be accessed, the path is same and is transmitted in reverse form to earth- i.e. from Spacebelt to geosynchronous satellites and then to the land.

Here the terms which had to be known to the consumers of the above-said services is that the company works within sync with the conventional geosynchronous satellite operators such as Intelsat LTD, SES SA( Paris: SESG) and Arabat. As the need to file a regulatory approval is cut down, Cloud Constellation believes that its Spacebelt will become a hit for those handling sensitive data which includes application services related to government, military, finance, and healthcare.

Initially, the cloud startup is planning to network around 8-12 satellites for its needs and the plans to scale the services based on the needs.

The post Cloud Startup gains $100 M funding to build secure data centers in Satellites appeared first on Cybersecurity Insiders.


December 25, 2018 at 10:25AM

Critical Digital US Infrastructure to be protected by “Dark Side”

An Idaho based National laboratory has been assigned the duty to protect the critical infrastructure of the nation from the next fall at a cost of $80 million. And the news is out that the lab is on a hiring spree and is looking for all technology enthusiasts irrespective of their college degrees or the study status they hold.

Named as the “Dark Side” the facility is already buzzing with 50 workers who prefer to keep the lights low and the brightness of their computer screens dim. The aim of the facility is to protect digital systems from hackers and that includes the ones operating in the energy pipelines, hydroelectric projects, drinking water systems, and nuclear power plants across the country.

So, all those cyber crooks who try to open the valves cut power or manipulate traffic lights, you better beware. 

Scott Cramer, the chief-in-charge of the cybersecurity program says that duty to protect the digital systems has been assigned to the Idaho laboratory in tough conditions-especially amid concerns that the old infrastructure controls have been infiltrated by malicious entities of US adversaries

“This is no joke. They are vulnerabilities out there and we will sort them all”, said Mr. Cramer.

Cybersecurity Insiders has learned that currently, the 80,000 square feet facility called Cybercore Integration Center will start holding 20 laboratories and over 200 workers on an initial note.

Another 67K square feet building called the Collaborative Computing Center is said to house two of the world’s most powerful Supercomputers which is expected to be completed by the end of next year.

Currently, the facility has an electronics lab to dismantle and examine computers, and it includes data pull from severely damaged data storage hard drives. The Lab’s Cybercore- a division of National and Homeland Security has a car-sized computer which is said to take control of US West’s power grid when an untoward situation occurs. This includes taking control of Idaho Power, known to supply electricity to over 1.2 million homes in Southern Idaho and Eastern Oregon.

Brad Bowlin, the spokesperson of Idaho Power admitted this news. However, he failed to provide new details as his company’s policy doesn’t allow him from commenting on cybersecurity efforts.

Note- High school students, middle schoolers, college students and industry veterans are all being welcomed to serve the nation through ‘Dark Side’.

The post Critical Digital US Infrastructure to be protected by “Dark Side” appeared first on Cybersecurity Insiders.


December 25, 2018 at 10:22AM

The Dangers of Free VPNs

If you use a free VPN, then you have to wonder how your provider earns money to cover their own costs. The answer often involves advertising, but it can also be through far more sinister means.

Running a VPN service costs a significant amount of money. There are setup costs, infrastructure costs, labor and other running costs. The companies behind these services generally want to make a profit as well.

Why are free VPNs a problem?

It really depends on your use case, but in general, VPNs are used to enhance both the online privacy and security of those who use one. Privacy and security tend to involve trust, which becomes especially important when we consider VPNs.

To understand this properly, we have to take a step back and examine how VPNs protect their users. The most common analogy is that a VPN provides an encrypted tunnel between the VPN client on a user’s device and the VPN server.

This tunnel essentially means that no other party can see the connections and data you are transferring between your device and the exit server. Your ISP, the government and other snoopers will be able to see that you are sending encrypted data through a VPN, but they won’t be able to see what it is.

If someone is examining the traffic between the exit server and the website you are visiting, they will be able to see that someone from the VPN’s server is connecting to the site, but they won’t know where the connection originates from.

In this way, a VPN’s encrypted tunnel protects users and their information from outside parties like hackers and governments, and also allows users to get around geo-restrictions by making it seem like their connection is coming from another place.

The point is that the VPN provider is the one that keeps you safe by letting you use their encrypted tunnel. Since all of your data goes through the provider, you need to find one that you can trust. If you can’t trust your provider, how can you know that your data is being kept secure and private?

What can a VPN provider see?

Technically, VPN providers have the capacity to see everything you do while connected. If it really wanted to, a VPN company could see what videos you watched, read emails you send, or monitor your search history.

Thankfully, reputable providers don’t do this. A good provider shouldn’t take any logs of your activity, which means that although they could theoretically access your data, they discard it instead. These “no-log” companies don’t keep copies of your data, so even if they get subpoenaed by a government agency, they have no data that they can hand over.

VPN providers may take different types of logs, so you need to be careful when reading the fine print of any potential provider. These logs can include your traffic, DNS requests, timestamps, bandwidth and IP address.

It will depend on your use case, but if you want your VPN to provide the highest level of privacy, then you will want to choose one that records no logs at all.

How do you know if a VPN provider keep logs?

Most VPN providers will state on their websites whether or not they take logs, and if so, what kind. If the privacy policy doesn’t state the logging policy, or they make their logging process unclear, it’s best to assume the worst. No-log policies can be a huge selling point of many VPNs, so if a company doesn’t make their practice clear, it’s best to assume that they do keep logs in some form.

How can you trust a VPN provider’s claims?

At the end of the day, you can never really be 100 percent sure. The closest we can get is if a VPN provider was served a warrant or subpoena and was unable to give any data because they simply don’t have it. Even so, a provider may change their practices after a the court order has been carried out.

While this may seem disheartening, the reality is that we don’t really need 100 percent confidence. For most situations, 99.99 percent is more than enough. You just need to find a VPN provider that you can trust enough for the activities that you intend to conduct over their service.

There are a range of things that you will need to consider when evaluating whether a VPN provider is trustworthy enough for your intended uses. First, you will want to see that their website looks reputable.

If everything checks out, you will want to go through their privacy policy and legal statements to ensure that everything is legitimate. Then you will want to do some background research to see if the company has been involved in any dodgy practices, and whether its users are generally happy with the service.

NordVPN recently became the first provider to undergo a voluntary third-party audit of its zero-logs policy. Other providers like ExpressVPN have had their servers seized by police, but the servers contained no information of use thanks to no-logs policies.

If you do a thorough search and it doesn’t bring up any red flags, then you can probably trust the VPN provider’s claims. This is because most established providers aren’t willing to sacrifice their long term revenue by doing something unscrupulous. They have a vested interest in keeping their users around and attracting more in the future, because keeping the business reputable will be worth more in the long run.

Can you trust free VPNs?

Paid VPNs can be dodgy, but free VPNs are even more of a minefield. From loading malware onto your computer to selling your data to third parties, there are countless dangers. This list narrows some of the offerings down a bit, but there are still many complications to consider.

When it comes to free VPNs, the relationship between the provider and the user is different to that of a paid VPN. The user isn’t paying the provider any money, so the provider doesn’t have to do much to keep the user happy. How bad a service will be tends to depend on the VPN provider’s business model:

Advertising

Some free VPN companies make their money through advertising. This can range from showing banner ads to users, such as Psiphon, to those like Hotspot shield, which the Center for Democracy and Technology alleged tracks users and hijacks web requests. Many free VPNs insert advertisements into your web browser, and these ads can place tracking cookies on your device to monitor your browsing.

If a VPN provider places ads in their app, it’s far from ideal, but it’s also hard to criticize a service for trying to monetize itself in some way. If a provider is actively tracking its users, this spells much bigger problems, particularly for those with privacy and security concerns.

Although Hotspot Shield claims that it doesn’t collect “information that allows us to trace Internet usage on Hotspot Shield back to individual users”, VPN users are better off avoiding services that track them.

Malware distribution

Some free applications may look like they are offering an excellent service, when they are actually an underhanded way for hackers to install malware. It can be hard to know for sure whether an app does this, so it’s always best to be prudent when downloading software.

In an academic study, numerous VPNs were run through a host of different virus scanners. Some free VPN apps such as Betternet and OKVPN tested positive for malicious activity in many of these tests. Those looking for a new VPN should err on the safe side and stay away from any free VPN that looks like it might be used to infect their devices.

Botnets

One of the most alarming VPN controversies of the last few years was when the popular service Hola was taken advantage of to form a botnet. Due to how the service operates, the bandwidth of Hola users was leveraged in an attack on 8chan.

Obviously, no one wants their devices to be part of a botnet that attacks other individuals or organizations. This is just another instance shows how users need to be careful when dealing with free VPNs.

As a free offering to attract users to a premium VPN service

Some VPN providers offer a free service as a way to draw new users toward their paid services. These vary in quality, but they can often be more legitimate than the free VPNs that rely on other business models. Free tier services like Hide.me and Windscribe aren’t necessarily bad, but they are much more limited than paid VPNs.

Research

VPN Gate is operated by the University of Tsukuba using volunteer resources. The university runs it as an experiment, but anyone can use it or operate a node to contribute to the network. As an experiment, its service is pretty restricted, but it’s also less likely that a university would be using the network for any illicit activity.

If a VPN’s free, it’s probably not fast

Trust issues aren’t the only problems that come with free VPNs. They also tend to be slow and have other service limitations. It’s an old cliche, but with VPNs, you really get what you pay for. On free plans, the providers are hardly rolling out the red carpet, so users will have to put up with subpar service.

Free VPNs often have fewer servers, which can force users to connect to those in less-than-ideal locations. This can make the speed much slower. In addition, some free VPN servers have heavy congestion, which can make connections stall to a near standstill. Other providers may force free users to wait in queues so that they don’t clog up the network.

A lot of VPNs also have bandwidth limits that restrict the speeds that free users can access. Many have data caps as well, which tend to be between 512MB and 2GB. This amount of data won’t get most people too far. A few hours of heavy browsing could easily eat up the cap and watching videos will drain it much faster.

What can you use free VPNs for?

Now that you understand a little bit about how free VPNs work and their various business models, we can talk about their limitations. As we have just discussed, free VPNs tend to operate in ways that really restrict their use.

These range from those that simply can’t be trusted and should be avoided at all costs, to those which have very low data caps or bandwidth limits. If you absolutely require privacy and performance, you will need to go with a paid provider that is well-regarded.

In saying that, there can be circumstances where a free VPN will help you without putting you in serious danger. These include if you need to spoof your location temporarily, or if you need to get around internet restrictions. Again, you need to make sure that you aren’t engaging in risky or illegal behavior if you are using a free VPN. Most of them are simply far too unreliable.

If you are going to use a free VPN, please make sure that you do your research and find a reliable provider that suits your needs. Using an untrustworthy provider can give you far more trouble than accessing the internet without one.

What shouldn’t you use free VPNs for?

In an ideal world, you wouldn’t use a free VPN at all, because the services are far too limited. Despite this, there are a lot of people who simply don’t have the money or don’t want to pay a few dollars each month for a reliable service.

Anyone who does use a free VPN needs to be aware of their issues and be incredibly careful with how they use it. They absolutely must not engage in any illegal behavior, nor anything that requires a high degree of security or anonymity.

As we discussed earlier, a VPN provider has the capacity to access all of the data that goes through their service. When the service is being provided to you for free, the provider doesn’t have much of an incentive to provide you with a reputable service. If you can’t trust the provider to give you a high-level of service, then you can’t trust them to be responsible for your privacy and security.

Everything on the internet should be free

One of the key issues isn’t with VPN technology itself, but with our attitudes to technology services in general. Many people have grown up in the internet age and become accustomed to free content, products and services. This is generally supported by advertising and other means.

These funding models have provided opportunities for the poor to access all kinds of media and technology that traditional payment models would have locked them out of.

It’s hard to deny that this has been a good thing in many ways, but it has also had some unfortunate results. The overwhelming amount of free stuff in our lives has left many of us unwilling to pay for things which we would have in the past.

With many products and services, such an attitude doesn’t cause problems. With VPNs, it can be a big issue. If you really care about your privacy and security, your best course of action is to stay far away from free VPNs, because they simply don’t provide a service you can trust.

      

The post The Dangers of Free VPNs appeared first on Cybersecurity Insiders.


December 24, 2018 at 09:09PM