Russia alleges Cyber Attack on its Presidential Elections from West

Russia, the country led by President Vladimir Putin has alleged that two nations from the west have launched cyber attacks on its Presidential Elections in March 2018 to influence the election results.

In what seems to be direct blame on the United States and Dan Coats, the UK intelligence officer, Nikolai Murashov, the deputy director of the National Coordination Center for Computer Incidents, Moscow accused the nations residing in the west for launching cyber attacks on critical infrastructure since June 2017.

Murshov says that the 1st serious cyberattack was launched on June 15th, 2017 when Russia decided to host a Q&A session. However, the attack consequences were nullified by the technical department which later decided not to disclose the incident to the public for reasons.

Disclosing the same at the National Information Security Forum, InfoForum-2019 the intelligence officer of Russia holding a top rank said in a polite tone that his nation knows on how to defend its digital assets against such attacks and can harshly retaliate to such instances.

Nikolai Murashov then disclosed to the world that a new wave of cyber attack with full intensity was launched on March 18, 2018- just before the day of the President Elections. It was aimed to disrupt video surveillance over the voting process across the country which could have then led to the influence of election results via black hat tactics. The cyber attack was reportedly caused by a botnet involving over 30K computers in 86 countries aimed at the election servers with 15K fake DNS queries per hour.

Murashov said that the intelligence forces managed to halt the attacks from over 50K sources over six months period and succeeded in tracking down the use of 30,000 domain names by perpetrators.

Later security experts analyzed around hundred samples & 3 malware modifications and notified the heads of 86 nations about the attack.

“We will not stay calm” were the final words said by the Nikolai Murashov at the conference.

Note- The National Coordination Center for Computer Incidents which works similar to NCSC of UK was set up in Sept’18 by the Russian Government based on the order of the Federal Security Service. The aim of this center is to detect, prevent and eliminate the attacks on Russian Information Sources.

The post Russia alleges Cyber Attack on its Presidential Elections from West appeared first on Cybersecurity Insiders.

February 01, 2019 at 11:25AM

Read More

APT10 Group Targets Multiple Sectors, But Seems to Really Love MSSPs

Threat Actors That Don’t Discriminate 

When it comes to threat actors and the malware variants they use, let’s talk dating — or rather, the way people date — because one could argue there are marked similarities between the two. You see, there are criminal groups who have a “type,” i.e. using malware that targets specific industries or even organizations — say, financial services (ever-popular and oh-so debonair) or perhaps critical infrastructure (spicy and daring!), or even healthcare for those who prefer staid and demure. Yet other groups are the free lovin’ types who go after multiple sectors using many different malware variants and approaches to accomplish their goal — no discriminating with this bunch.

Let’s look at one such example, APT10 / Cloud Hopper, which is likely the group behind a long running, sophisticated campaign that uses multiple malware variants to target many different sectors in many different countries. You can check out some of the pulses relating to APT10 / Cloud Hopper on the Open Threat Exchange (OTX).

The U.S. National Cybersecurity and Communications Integration Center (NCCIC) reports the campaign started in May 2016, and NCCIC last updated its alert in December 2018 — so it’s not going away yet.

The group known as APT10 / Cloud Hopper has hit quite a few victims over the last few years in many different sectors, such as: information technology, energy, healthcare and public health, communications, and critical manufacturing. However, their “date of choice” seems to be MSSPs due to the fact a that credential compromises within those networks could potentially be leveraged to access customer environments. From OTX pulse “Operation Cloud Hopper”:

The espionage campaign has targeted managed IT service providers (MSSPs), allowing the APT10 group unprecedented potential access to the intellectual property and sensitive data of those MSSPs and their clients globally. This indirect approach of reaching many through only a few targets demonstrates a new level of maturity in cyber espionage – so it’s more important than ever to have a comprehensive view of all the threats your organization might be exposed to, either directly or through your supply chain.

As any clever serial dater would do, APT10 / Cloud Hopper doesn’t use just one approach. The NCCIC reports they have deployed multiple malware families and variants, some of which are currently not detected by anti-virus signatures — for example, PLUGX / SOGU and REDLEAVES. And although the observed malware is based on existing malware code, APT10 / Cloud Hopper modifies it to improve effectiveness and avoid detection by existing signatures.

How Can APT10 Group Impact You?

If these free lovin’ bad guys decide to come after you, they’re likely looking for your data (perhaps to steal intellectual property). At a high level, they’re accomplishing this by leveraging stolen administrative credentials (local and domain) and certificates to place sophisticated malware implants on critical systems (such as PlugX and Redleaves). Depending on the defensive mitigations in place, they then gain full access to networks and data in a way that appears legitimate to existing your monitoring tools. Voila! They’ve gone from first date to a home run!

Wired Magazine reported the following on APT10 in a December 2018 article:

In the case of the MSP intrusions, that malware appears to have mostly made up of customized variants of PlugX, RedLeaves—which have previously been linked to Chinese actors—and QuasarRAT, an open source remote access trojan. The malware posed as legitimate on a victim’s computer to avoid antivirus detection, and communicated with any of the 1,300 unique domains APT10 registered for the campaign.

What Can You Do About APT10 Group?

For sophisticated, long-standing, and non-discriminating campaigns such as this, the NCCIC suggests there is no single or set of defensive techniques or programs that will completely avert all malicious activities — because new variants are constantly being created. Instead, security pros should be using a defense-in-depth approach (multiple layers of security) to provide a complex barrier to entry and increase the likelihood of detection. Among the key recommendations are the following (which can be easily managed via the AlienVault Unified Security Management (USM) platform).

• Conduct regular vulnerability scans of the internal and external networks and hosted content to identify and mitigate vulnerabilities.
• Implement an Intrusion Detection System (IDS) to: conduct continuous monitoring; send alerts to a SIEM tool; monitor internal activity.

AlienVault Labs has identified more than 660 Indicators of Compromise (IOCs) associated with this campaign, which are shared in OTX.  You can use USM Anywhere or OSSIM to directly check for these IOCs throughout your attack surface. The Labs team has also released IDS signatures and correlation rule updates to the USM Anywhere Platform so customers can identify suspicious activity that could be related to this campaign.

For further investigation, visit the Open Threat Exchange (OTX) to see what research members of the community have shared: https://otx.alienvault.com/pulse/59096495b8eeba365246b24d/

Also, check out US-CERT Alert (TA17-117a), Last revised December 20, 2018.

      

The post APT10 Group Targets Multiple Sectors, But Seems to Really Love MSSPs appeared first on Cybersecurity Insiders.

February 01, 2019 at 09:09AM

Read More

New Mac Malware steals iPhone text messages from iTunes backups

By Waqas

The IT security researchers at Palo Alto Networks’ Unit 42 have discovered a dangerous new Mac malware capable of targeting devices for multi-purposes including stealing cryptocurrency. Dubbed CookieMiner by researchers; the Mac malware is a variant of OSX.DarthMiner, another nasty piece of malware known for targeting MacOS. But, CookieMiner aims at much more than its predecessor. See: 400% increase in […]

This is a post from HackRead.com Read the original post: New Mac Malware steals iPhone text messages from iTunes backups

February 01, 2019 at 05:54AM

Read More

2018 Annual Digest of Identity and Access Management

Identity and Access Management continues to be a key component in building an enterprise’s cyber security strategy. Today we are presenting our observations of Identity and Access Management in 2018. What happened this year? What can enterprises learn from events in the media in terms of Cyber Security in general, and Identity and Access Management specifically?

Here is a brief timeline of significant regulations, data breaches and world events that were marked by the media, including Gemalto sources and these events signified in the Identity and Access Management arena:

Q1

February 1
PCC DSS 3.2 takes effect

What happened
This payment card regulation affects individuals who access systems which hold credit card data. From February 1, 2018, they are required to authenticate themselves with multi-factor authentication. The Payment Card Industry Data Security Standard was developed to encourage and enhance cardholder data security and facilitate broad adoption of consistent data security measures globally. The ultimate aim is to reduce credit card fraud.

Lessons learned
Companies should already be far along the road to PCI DSS 3.2 compliance by now. They should be prioritizing compliance by working with partners on encryption, key management and authentication.

Q2

May 19
The Royal Wedding

What happened
When Prince Harry married Meghan Markle, thousands of reporters were present, and yet the secrets about Meghan’s dress, manufacturer and designer remained a secret. While the interworking of the dress designer, Givenchy and the Royal Family network will remain privileged, it seems that part of the reason for the success of the secret was that the work was confined to locations which were secured physically.
Lessons learned

Physical seclusion is not always possible for fashion industries and other global enterprises today. They often collaborate on Computer Aided Design (CAD) software alongside cloud-based applications, and some require reports that provide visibility into login attempts into their ecosystem. An identity and access management solution as a service (IDaaS) can help fashion enterprises or governmental institutions ensure that only the right person receives the right information at the right time, without endangering the enterprise or its end customers.

May 25
General Data Protection Regulation (GDPR) begins

What happened

General Data Protection Regulation (GDPR), requires companies to be more accountable to their EU-based users on how their data is controlled and used. It also requires companies to notify their local data protection authority regarding suspected data breaches.

Lessons learned

Although GDPR can fine organizations for data breaches, these fines may be reduced if the organizations can prove that they have deployed security controls to minimize damage. To help your organization handle GDPR, identity and access management provides a first line of defense to the sensitive user data harbored in your companies’ cloud and web apps. With scenario based policies and convenient access management, you can help your enterprise save on GDPR costly fines or sanctions.

Q3

August 1
Reddit’s Company Cloud Attacked

What happened
Reddit, the social media platform, considered to be the 5th top rated website in the U.S., shared that a few of their employees’ administrative accounts were hacked. An attacker gained access to data through Reddit’s company cloud after compromising some accounts.

Lessons learned
While they did in fact have their sensitive resources protected with two-factor authentication (2FA), Reddit encouraged users to move to token-based 2FA. For years corporations and security professionals have been urged to implement multi-factor authentication (MFA) as the solution for cybersecurity concerns. While MFA isn’t a silver bullet that solves all your cybersecurity concerns, it is a key component in elevating the security of an organization and adding a very important layer of protection.

September 25
Facebook Mega Breach

What happened

The September 2018 Facebook breach was not only a ‘mega’ breach in terms of the 50 millions of compromised users affected, but also a severe breach due the popularity of the social media giant. Cyber criminals got ahold of users’ FB login credentials. The breach was compounded by the fact that many users utilize their Facebook credentials to log into other social media sites, which means that the hackers actually were able to access not only a user’s Facebook account, but to all other accounts that use Facebook login credentials.

Lessons learned
The risks that consumers were exposed to as a result of buffet-style sign on in the Facebook case, also apply to the enterprise. Fortunately, there is a solution: To maintain the convenience of single sign on without compromising on security, enterprises can use Smart Single Sign On.

Q4

November 30
Quora and Marriott Hotels announce massive breaches of user data

What happened
Quora Q&A site suffered a massive breach of user data, including the compromise of 100 million users’ credentials. On the same day, the Marriot International Hotel chain suffered a serious breach, allegedly undetected for 4 years!

Lessons learned
In the Quora case, similar to Facebook, accounts are linked to other social media sites such as games and quizzes, so that access to one account opens the doors to related data. The Marriott Hotel incident shows that it’s not enough to protect your data. It also deals with access issues involved with mergers and acquisitions – in this case merging the Starwood Reservation system with Marriott. You need to see who is accessing your networks and see if there is any unusual activity, right from the start. Monitoring and reporting capabilities in an access management solution can help organizations gain insights into unauthorized access attempts.

Identity and Access Management as a Strategy, 2019-style:
In 2019, it is inevitable that there will be more cyber security violations, including corporate identity theft. And it’s likely that more regulations will be put in place to force enterprises to be proactive, not just reactive.

The question is what organizations will do to brace these breaches. For more information on how your enterprises can prevent breaches, enable the continuous business transformation of their resources securely and simplify compliance, learn more about Gemalto’s SafeNet Identity and Access Management, request a 30 minute demo of SafeNet Trusted Access or watch our video, “How Access Management Enables Cloud Compliance.”

The post 2018 Annual Digest of Identity and Access Management appeared first on Cybersecurity Insiders.

January 31, 2019 at 09:09PM

Read More

DOJ discloses North Korean Joanap Botnet Cyber Attack

Department of Justice(DOJ) has disclosed details of a fresh cyber attack which was launched on the critical infrastructure of the United States and is all set to issue a warning soon to victims who were infected by with Joanap Botnet launched and developed by a hacking group being funded by North Korean government.

Recently, the law enforcement has issued a search warrant with which the special forces conducted search operations which allowed them to track down the network of infected devices. It was then that the forces discovered about the Joanap botnet which is reported to have infected computer servers of several government agencies in the United States.

“Through this operation, we have decided to eradicate the cyber threat of the state hackers funded by Kim Jong UN-led government,” said John Demers, the Assistant Attorney General in charge of the Justice Department’s National Security Division.

Note 1- The said botnet developers and spreaders are also suspected to be behind the 2014 attack on Sony Pictures Entertainment.

Note 2- Investigators who were pressed into service were assigned the official search warrant in June last year by the federal judge. They then used the California servers of FBI to mimic a server infection of malware and communicated with the infected devices, known as peers. By doing so, they succeeded in creating an outline of a map with infected IP addresses which then disclosed the IP addresses of the known peers. In coming weeks, FBI is said to send in a notification to all the owners of the servers and will the ask the federal agency heads to look into the matter and conduct a cleanup as soon as possible.

Note 3- The incident came into light on Wednesday after Donald Trump, the 45th President of United States pronounced an end to the ‘government shut down’ on last Friday- that too on a partial note.

Meanwhile, in other news related to cyber attack incidents, Airbus on Wednesday announced that it has detected unauthorized access to its information systems which resulted in a data breach. However, the company is confident that the accessed info wasn’t used by the hackers on the dark web to date and the breach did not impact its commercial operations.

The post DOJ discloses North Korean Joanap Botnet Cyber Attack appeared first on Cybersecurity Insiders.

January 31, 2019 at 09:08PM

Read More

The Internet of Energy: delivering safe, smart energy in the smart city era

We hear and talk a lot about smart cities, and with good reason. They represent the realisation of the IoT’s promise – a network of connected devices helping everyone living inside to enjoy better convenience, security and, ultimately, a better quality of life.

One element of the smart city that has been developing rapidly in recent times is energy. So, we wanted to look at its role today and how it will evolve in the years ahead.

It goes without saying that the efficient use of energy is critical to life in a city. It’s something we often take for granted, but our increasing demand for energy means that improving how we manage it is essential. Not only is demand in our homes going up as the population grows (according to the UN, almost a third of the world’s population will live in urban settlements by 2030) and the number of devices we use gets larger, but other fundamental aspects of daily life are changing our relationship with energy.

Take electric vehicles for instance. They’re seen as a key part of our fight against climate change – helping to reduce carbon emissions. But if everyone who owns a vehicle today switched to an electric alternative, and then we all plugged them in to charge after getting home at 6pm, the resulting surge would be much for our current infrastructure to handle. So smart IoT technology is helping to solve problems like these, as well as giving consumers greater insight and control over how much energy they consume.

Many consumers around the world will already be familiar with the concept of smart meters. The devices are designed to communicate directly between your home’s electricity or gas meter and your energy supplier. This real-time connection means that consumers can see exactly how much energy they are consuming, and the resulting cost. So whether it’s turning the heating up on a cold day, or simply switching lights off that aren’t being used, consumers can take an informed decision on what to use and how they can behave more cost efficiently. At the same time, Utilities can offer accurate billing, according to real-time energy consumption, and carefully control and balance demand and supply.

The renewed focus on energy efficiency and the potentially devastating effects of climate change (as debated at the UN climate talks in Poland) have also led to increasing use of renewable energy sources, such as solar, wind or wave power. That’s good news for the quality of the air we breathe, but does pose challenges from its unpredictable nature. It was relatively easy to understand how much energy a fossil fuel power station would output and when – but that’s much harder to plan when you’re relying on mother nature. And this is not just an industrial concern. With a big push to integrate renewable energy generation into consumer homes (see Tesla’s ambitious plan to replace conventional roof tiles with solar panels), it could soon be the case that many more of us depend on our own energy generation, with potential surplus energy to either store or sell back into the grid.

This complexity requires a clever solution, and that’s where smart grids come into play. By connecting every smart meter, every solar panel, every electric vehicle and every other energy-related assets, a smart grid can analyze countless data points to help manage the flow of energy – available and needed – at the right time, to the right places, to ultimately run sustainable and efficient smart grids.

Of course, energy grids are a critical part of national infrastructure and keeping them safe is essential. Building and connecting smart grids in this way requires robust security that can protect against hacking or cyber-attacks – whether they’re designed to steal user data, tamper with energy consumption and billing or directly attack the infrastructure itself. We spoke to Michael John, Senior Security Consultant for the European Network for Cyber Security (ENCS). He highlighted the need for connected devices and metering data protection, to prevent malicious access which could result into grid instability: “In electromobility, we have to make sure charging stations don’t overload the grid. Utilities are preparing for this with ‘smart charging’, which adapts the rate based on availability and time of day. But that has to be secure: there’s a risk devices could be used to attack the grid or to attack customers.”

We’re part of the security effort, providing strong digital identities for energy connected assets, steadfast access credentials and security containers,, plus leading-edge stakeholder authentication and encryption technology. These make sure that all data received is from a legitimate source, while protecting it from tampering and fraud at all points.

Guillaume Djourabtchi, IoT Services Marketing Director, speaking about securing the grid, at the European Utility Week, in Vienna (Nov 2018)

But the smart energy ecosystem is still evolving, and all stakeholders will have to push forward and collaborate to ensure its future security and stability. And with smart grids built to last for several years, security lifecycle management is a particular concern. Michael John recognizes the scale of the challenge but remains optimistic, saying: “Years ago, security wasn’t high on the agenda. But everyone now has a Chief Security Officer and project leads who take care of security for new projects. The challenge is that legacy systems weren’t interconnected, automation has to be introduced over time and new processes need to be in place to protect systems that were never designed to be secure.”

For more on the role of smart energy and smart cities within the wider IoT security landscape, head over to our dedicated microsite here: https://www.gemalto.com/review/iotsecurity/index.aspx

The post The Internet of Energy: delivering safe, smart energy in the smart city era appeared first on Cybersecurity Insiders.

January 31, 2019 at 09:08PM

Read More

Selfie stealing malware found in popular Android beauty camera apps

By Waqas

We all want to look perfect in the pictures that we post online and beauty camera apps are our best bet in order to fine-tune our pictures. However, according to the findings of Trend Micro researchers, these kinds of applications are performing more functions than what we think they are. Reportedly, some of the Android […]

This is a post from HackRead.com Read the original post: Selfie stealing malware found in popular Android beauty camera apps

January 31, 2019 at 07:12PM

Read More

Intel invests in Cloud Security and data storage startups

Intel Capital, a business arm of Intel Corporation has made it official that it is investing in startups called Fortanix and Pliops to strengthen and secure its standing in Cloud Computing and Security fields.

CyberSecurity Insiders has learned that Intel will be investing around $23 million in raising the funding of Fortanix to $31 million which includes other investments from Foundation Capital and Neotribe.

Fortanix is known to protect data by developing a system which helps applications run in separate enclosures which prevent the data from getting hacked in the event of cyber attack instances. The Mountain View startup is said to use the investment money in R&D of its products in order to expand its services and portfolio on an international level.

In other news which is related to Intel investments, Israel based startup Pliops is said to receive a $30 million round 2 funding which brings its overall fund gathering to $40 million.

Pliops which is known to develop storage processor technology for data centers is said to use the latest round of financial investments in making silicon chips for server farms in order to make them run faster and more efficient. Also the Ramat Gan, Tel Aviv based company is looking to use the funding to increase its research base by hiring talent from the US, China, and India.

The news is out that Pliops will also get investments from Softbank Ventures Asia, State of Mind Ventures and Viola Ventures.

The post Intel invests in Cloud Security and data storage startups appeared first on Cybersecurity Insiders.

January 31, 2019 at 11:32AM

Read More

Facebook Research App data scandal

Facebook which is trying hard to shrug off its presence from the Cambridge Analytica data scandal is reportedly caught up in the latest which is about a paid ‘Research App’.

From the past three years i.e. from 2016, the Mark Zuckerberg Company has been testing an app meant for teens and young adults (aged 13 to 35).

But in the background security researchers from TechCrunch have found that Facebook is offering a payback of $20 per month plus referral fees to those who are ready to sell their privacy. They argue that the paid app has unconfined access to all the data of the device on which it is operating.

The perspective of the social media on this issue is that the app can be used as a VPN by its users who in-turn gets paid for doing so.

But in reality, the app has been snooping by accessing the web activity and the app activity on the phones on which it is installed.

As Facebook is rewarding users to download the ‘research app’ it is getting root access to the network traffic in what may be a clear cut violation of data privacy. For example, the Zuckerberg led company has been caught in one instance demanding the ‘Research App’ users to screenshot their Amazon order history’s page.

TechCrunch has learned that the app is being circulated through beta testing services Applause, Betabound, and uTest which are being promoted as testing programs related to ‘Project Atlas’- a Facebook’s 2016’s retail effort to map new trends and rivals around the world.

Since the practice is taking place on Apple’s iOS platforms it has already strained the relationship between the two tech giants, with Apple CEO Tim Cook already expressing concerns about Facebook’s ‘oppressive’ data collection methods and declaring the end of ‘Facebook’s Research App’ operations on iOS platforms from Dec’19.

Google is yet to comment on this issue!

The post Facebook Research App data scandal appeared first on Cybersecurity Insiders.

January 31, 2019 at 11:30AM

Read More

Contactless Biometric Payment Cards arrive in Italy

Italy has taken a step forward into the future of payments. The first ever contactless biometric card deployment from Mastercard launched with Intesa SanPaolo during the opening day of Il Salone dei Pagamenti 2018 – Payvolution— one of the world’s leading payment exhibitions.

With this card, you can pay for goods using your fingerprint to authorize transactions instead of inputting a PIN on a terminal. The surprisingly battery-less card has started to be tested at merchants by 153 selected bank employees in Rome, Milan and Turin, from November 26^th. The pilot/testing process will run for approximately 16 weeks and marks a significant landmark in the development of biometrics use in Europe.

Setting-up the card couldn’t be easier: cardholders simply need to register their fingerprints using secure, customized tablets that will be installed in specific bank branches in the trial cities. The technology is similar to popular self-enrolment processes available on leading smartphones and tablets. And the whole process takes about 5 minutes. In the upcoming product generation, consumers will also be able to register their fingerprint data from the comfort of their home.

The card itself has many features that make it stand out. For example, the absence of a battery is of particular note; at the exhibition, many spectators and media were keen to see the solution in person, expressing surprise at the card’s ability to provide secure biometric (fingerprint in this instance) authentication for payments by drawing power from the POS terminal.

There is also a comprehensive enrolment solution for issuers and the ability to call upon the experience of large government programs and state of the art partners.

Commenting on the launch, Cinzia Bruzzone, Marketing Manager Retail at Intesa Sanpaolo said: “Once again Intesa Sanpaolo brings an exclusive innovation to its customers with the first-ever pilot of a Biometric Payment Card in Italy. This project that reflects our corporate strategy to innovate and listen to our customer needs also goes in parallel with the new offer of digital payment. In the Italian market while we are experiencing double-digit growth of digital payment services we still witness a solid base of customers asking for payment instruments based on plastic cards.”

Antonio Di Meo, Vice President Account Leader at Mastercard Italy, highlighted how biometrics will bring new advantages to customers: “Mastercard is becoming more and more of a technology enabler company going beyond being a payment circuit, working constantly with our strategic partners in order to provide consumers a richer and seamless payment experience. Biometrics is definitively one of the areas we believe is helping offer our customers solid advantages such as security and ease of use.”

And finally, Giovanni Memoli, Key Account Manager at Gemalto Italy added:

“Gemalto is confirming its leadership in innovation by bringing its latest technologies into a Biometric Payment Card. It is developed to ensure convenience for in-store transaction and removes the cap on tap-and-go transactions. It also gives users peace of mind in case their card is lost or stolen card because only the registered fingerprint will enable the card to work at POS terminals.”

Clearly, the buzz for biometrics is alive and well-received in Europe right now, especially in Italy. The UK is very soon likely to follow in Italy’s footsteps. We’ve been having ongoing conversations with UK banks with a few of them interested in the technology, so we’re expecting to have our first UK trial next year. This would be great news for consumers, as according to our recent research, they are ready to adopt the new biometric payment card. Ultimately, biometrics will change the face of financial services, resulting in an improvement in experience and security for both consumers and providers.

For more information on the very latest biometric solutions and the new EMV card with fingerprint biometrics, make sure you check out our dedicated webpage here.

What do you think of the prospect of biometric payment cards coming to a bank near you? Let us know by tweeting to us @Gemalto.

The post Contactless Biometric Payment Cards arrive in Italy appeared first on Cybersecurity Insiders.

January 31, 2019 at 09:10AM

Read More

Transforming immigration and border crossing in Colombia with Automated Border Control

Anyone who’s travelled outside their country knows the drill: after a long and exhausting day of travel, you arrive home only to endure another long wait in the airport immigration queue. The fast-pace of globalization is making it ever more challenging for airports and customs authorities worldwide to maintain safety and security while simultaneously simplifying and speeding up immigration.

Such is the case for arrivals at Colombia’s El Dorado International Airport in Bogota, the third busiest airport in Latin America after Sao Paulo and Mexico City, with more than 31 million passengers in 2017. Nearly 60% of travelers arriving at Bogota are Colombian citizens re-entering the country, which means that queues at border control can get quite long.

The good news is that there are innovative and powerful digital solutions to address this challenge.

To speed up the immigration control process for Colombian citizens, we have been working with the Colombia Border Control Agency, Migracion Colombia, to install ABC Gates. Our gates combine expertise in document verification and passenger biometric authentication with an optimized and modular solution to automate border control. ABC Gates provide greater flexibility with regards to airport floor and passenger flow management and processing passengers faster.

How do e-Gates work?  

Gemalto e-Gates automate the ID verification process through facial recognition that allows a seamless, less intrusive and faster experience, even for first-time users. The state-of-the-art passenger authentication software leverages biometric data contained in the ePassport and captured live at the gate, and can perform the ID verification within seconds.

The ABC solution in Colombia, known as “BIOMIG”, verifies personal identity through iris recognition technology, which improves the comfort, speed and ease of use for users. Colombian passengers benefit from a solution that integrates a highly intuitive iris recognition that allows capture from 35 to 45 centimeters away. This system allows for speedy entrance into the country while maintaining strict security during the immigration process.

 

Furthermore, the e-Gates at EL Dorado International Airport benefit from a one-person detection system that identifies intrusion, piggyback and tailgating. It also uses transparent material which facilitates visual control through the doors, while improving the passenger experience.

How secure are e-Gates?

Gemalto e-Gates leverage self-service and biometrics to automate and expedite border crossing at airports. They are already widely deployed across Europe and the Middle East, and to some extent in Asia. This technology is designed with security front of mind. e-Gates are built with the ability to:

• Ensure document security by detecting fraud with high quality checks on the electronic chip, document security features and photo/ data integrity
• Check that the passenger is the rightful owner of the document by matching the biometric data captured in the ePassport with the one the passenger presents at the e-Gate
• Perform risk assessment through automated comparison of identity against text-based and biometric control/ alert lists.

3 key benefits of e-Gates

To face the challenge of increasing traffic while, at the same time, respecting financial and operational constraints, it is crucial that airports and border control authorities implement durable and low-cost solutions. The e-Gate solution addresses the challenge of minimizing and simplifying immigration procedures at airports while improving ease, speed and convenience for end users. With the benefits of fluid preventive maintenance, our solution has the best Machine Cycle Before Failure rate (MCBF) on the market. As a result, airports save on maintenance and replacement costs for a quick recovery of financial investment. The three key benefits of ABC include:  

• Flexible and modular – The ABC solution presents a choice of form factors to adapt to the floor space, control level and future evolutions in passenger traffic. These include: one door, 2-door ABC gate, integrated or segregated control process, ABC kiosks.
• Fastest facial recognition – ABC is designed to have passengers look intuitively towards the camera as to capture their face on-the-fly and provide fast matching results. Enabled with best in class face recognition software, the ABC gates allow for identity matching in less than 2 seconds.
• Best Document Authentication – The ABC Gates are equipped with worldwide-recognized document readers and with a document authentication software allowing to manage updates from one central post, and automatically delivered in the field. Border guards can add new travel documents to the eligible list, and add or modify verification actions

Biometrics and ABC Gates are not only improving the immigration experience, but the overall airport experience, because by not having to wait in line passengers have more time to spend around the retail stores and leisure facilities in airports, which is a strong revenue booster for airports.

The post Transforming immigration and border crossing in Colombia with Automated Border Control appeared first on Cybersecurity Insiders.

January 31, 2019 at 09:10AM

Read More

Top 5 Benefits of Public Cloud Computing Versus Traditional IT

This is part 2 of our two-part series on the benefits of public cloud computing, or Infrastructure as a Service (IaaS), versus traditional IT.

Long before cloud computing, traditional IT infrastructure was great for enterprises that needed to run many different types of applications, because it gave them full control of their applications and data on their local servers. It also made security less complex.

Back then you only had data centers to worry about, and the way that enterprises deployed applications was through someone serving as the application owner. That application owner would be responsible for the cost of  “hardware,” which once purchased would then be completely dedicated to a specific application. Simple. Better still, the network that the application operated on could also be dedicated to that one application, and this made it very easy to create segmentation between different applications.

Prior to cloud computing, that traditional IT model was great from a security perspective. Since application owners paid for or directed the spending on infrastructure, they knew what they needed to define security measures, as well as how and where they were deployed. In a nutshell, they were able to control their computing environment the way they wanted to.

The downside to that model, from a general economics perspective, is that the environment’s total hardware capacity might only be utilized up to 40 percent of the time. If application A needed more resources, it couldn’t just tap into the unused resources of application B, so those unused resources were wasted capacity, creating an economic problem for the organization.

Enter the Power of the Cloud Computing

While the new approach to setting up a modern application environment using the power of IaaS brings numerous opportunities for optimization, it also presents new challenges from a security and compliance perspective.

Part of the challenge is that cloud computing is more abstract–all the servers, software and networks are hosted in the cloud, off premise, rather than being accessible via physical hardware.

Despite its abstract “nature” the benefits of cloud computing still far outweigh the challenges. Even from a security perspective, because rather than having to make a major capital investment to purchase physical servers in-house, you can get access to computing resources from cloud computing providers on demand and on a pay-per-use basis.

Paying for only what you use eliminates the need to pay for unutilized IT resources, which is a lot more cost effective and extremely appealing from a deployment perspective, as you can whip up a new and improved environment in a matter of minutes.

Top 5 Benefits of Cloud Computing

Agility: Today, your business needs to enable innovation and drive productivity to stay competitive. To continuously evolve and improve your processes, tools, technologies, and policies, you need agility.

Being agile enables you to make quicker and better decisions, and to take the necessary actions that can ensure customer satisfaction. With public cloud, businesses experience simplified internal operations, better delivery, better collaboration, and faster deployments. It also enables improved data gathering and improved analysis.

Using IaaS means you can always count on top-of-the-line IT resources without having to invest your own money in buying them.

Pay-as-you-Grow/Flexible Pricing: Public cloud hosting, offering extremely flexible, pay-as-you-grow models, is the ideal option for many companies as it does not require a long-term commitment or major capital investment.

Like other tech leaders, you are likely looking for flexible contracts to drive cost-effectiveness. Organizations of all sizes try to avoid long-term contracts and commitments to specific storage or bandwidth capacity as they often are challenged to predict their future requirements.

Most public cloud providers will now give you the flexibility to even pay by the hour. That helps businesses, especially the small and medium size, to better control their costs by paying for the infrastructure based on their needs.

Unlimited Space to Grow, Burst and Scale: A public cloud offers unlimited space, without requiring data centers or similar infrastructure on your part. This makes it easy for you to scale up, or down, as your business grows and transitions. If you should need additional storage or processing capacity, all you have to do is request it from your provider. This allows you to rapidly expand your IT capabilities whenever you need to.

Better still, having the ability to scale down if you need to is extremely beneficial from a cost perspective. If you are restructuring your organization or paying for more IaaS capacity than you need, you can simply renegotiate and adjust your contract accordingly. This allows you to save money, and makes your business more responsive and agile.

Faster and Easier Set-Up and Maintenance: Unlike traditional IT infrastructure, you can set up your public cloud within a matter of a few hours, by easily purchasing it on the Internet. Then your IT team can easily configure and manage the set up remotely on the provider website as well, potentially shortening the process from weeks or months to a fraction of the time.

The cloud provider is responsible for the maintenance of the hardware, software, and networks in the cloud, which means you won’t ever have to worry about keeping the infrastructure up-to-date or worry about upgrades.

Economies of Scale/Optimization: The public cloud offers massive economies of scale, something extremely difficult to match with private data centers. You can ensure that the infrastructure is optimally used by seamlessly making adjustments to the inevitable peaks, or spikes, and drops in your workloads.

Additionally, since the infrastructure costs are shared across multiple users, the cloud providers typically optimize the hardware needs of their data centers and can offer you services at lower costs.

Securing Your IaaS

Cloud computing will continue to drive a beneficial shift for enterprises from expensive physical IT resources to much more agile and highly controllable online resources enabling optimization across multiple areas of computing infrastructure. With cloud providers covering all the infrastructure elements, that gives you more time to focus on innovation, deployment and security.

Keep in mind that cloud security is based on a Shared Responsibility Model, so choosing the right cloud security solution to protect what’s “in the cloud” is still up to you. As the number of cloud assets you’ll have to monitor and secure will inevitably increase, you’ll need a solution that uses automation to deliver the scale and speed required to secure every endpoint of the evolving cloud attack surface.

See for yourself how Halo Cloud Secure can give you comprehensive security and compliance visibility of your IaaS environment. Sign up for a free 15-day trial of Halo Cloud Secure today.

The post Top 5 Benefits of Public Cloud Computing Versus Traditional IT appeared first on Cybersecurity Insiders.

January 31, 2019 at 09:09AM

Read More

Finance: A Cloud Security Investigation (CSI)

This post was originally published here by Will Houcheime.

In a recent Bitglass Security Spotlight, we enumerated the risks associated with failing to implement proper data and threat protection in financial services. Financial organizations are often targeted by hackers who are looking to seize personally identifiable information (PII) and nonpublic personal information (NPI) – this information is useful for identity theft and lucrative to sell on the dark web. Data loss prevention (DLP) and access controls are obvious priorities, and while employees generally use managed devices in the financial industry, data leakage is still a common occurrence.

In addition to merely protecting their data, financial institutions are looking for a solution that can help them do so in a way that enables compliance with the Payment Card Industry Data Security Standard (PCI DSS), the Gramm-Leach-Bliley Act (GLBA), and other relevant regulations. As employees are using more cloud applications to store, process, and share corporate data than ever before, finding an appropriate cloud security solution is imperative for financial services organizations that want to secure their sensitive, regulated information. Fortunately, the rise of cloud access security brokers (CASBs) has made this endeavor far simpler.

CASBs give comprehensive visibility over all user and file activity wherever data goes, enabling audit and assisting with the demonstration of regulatory compliance. With leading CASBs like Bitglass, automated policies can be enforced in real time, protecting data and preventing unauthorized access according to the rules that you define.

Encryption of data at rest can obfuscate sensitive financial details, hiding them from the cloud vendors with whom they are stored as well as employees who are not permitted to view them. Uniquely, Bitglass can provide this encryption for files and field-level data without breaking key functionality like search and sort.

Unmanaged App Security can turn any application read only. This prevents the exfiltration of data to unmanaged cloud applications while still allowing employees to access and download information from apps in use by partners, suppliers, vendors, and other parties.

Finally, CASBs like Bitglass can also provide advanced threat protection (ATP) and defend against zero-day malware as it is uploaded to apps, downloaded to devices, or at rest within the cloud. This is critical because a recent Bitglass study found that malware caused most of the financial breaches in 2018.

In the era of the cloud, security and visibility are vital for financial services. Want to learn more about what CASBs can do to help? Download the Definitive Guide below.

The post Finance: A Cloud Security Investigation (CSI) appeared first on Cybersecurity Insiders.

January 31, 2019 at 08:52AM

Read More

HAPPY DATA PRIVACY DAY!

This post was originally published here by (ISC)² Management.

This year, Data Privacy Day will spotlight the value of information. Whether you’re an individual looking to better manage your privacy and how your data is collected and shared, or a business collecting, using and storing that information, remember: Personal information is like money. Value it. Protect it.

Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is now a celebration for everyone, observed annually on January 28.

In North America, the Data Privacy Day initiative is officially led by the National Cyber Security Alliance (NCSA), a nonprofit, public-private partnership dedicated to promoting a safer, more secure and more trusted internet. You can learn more about the history of Data Privacy Day, as well as information on how you can get involved and become a Champion, visit staysafeonline.org/data-privacy-day. You can also follow NCSA on Facebook and Twitter for updates and resources and use the official hashtag #PrivacyAware to join the conversation. Here are some ways you can get involved:

As an (ISC)² member: 

• Sign up and take the new GDPR Privacy Course
• Discuss privacy at your next (ISC)² Chapter meeting (consider having your chapter sign up to be a Privacy Champion on the NCSA website)

As a parent:

• Talk to your children about cybersafety
• Sponsor a cybersafety training at your child’s school

As an individual: 

• Use the resources on the NCSA website to update your privacy or security settings on your devices
• Purge or shred old files that are no longer needed

Photo: Eric D. Brown

The post HAPPY DATA PRIVACY DAY! appeared first on Cybersecurity Insiders.

January 31, 2019 at 08:31AM

Read More

PLANNING TO TAKE AN (ISC)² CERTIFICATION EXAM? GET YOUR FREE CERTIFICATION PREP KIT.

This post was originally published here by (ISC)² Management .

Cheers to you on your decision to pursue an (ISC)² credential in 2019! You’re about to embark on a challenging and highly rewarding journey. Make sure you get the most out of it with the new (ISC)² Certification Prep Kit.

Preparing for the exam is no small task… Your path to success starts with the right study plan, and the Certification Prep Kit will help you map a course that fits your schedule and learning style. Dive right in for everything you’ll need to move ahead with confidence.

Inside this free resource, you’ll find…

• Fast Facts on (ISC)² Training and Study Tools
• Training Myths Debunked
• Official Courseware Previews
• Justification for Certification and Training
• The Best Study Options for Your Goals
• Insider Tips, Strategies and Insights

From textbooks and study guides to interactive flash cards and study apps, (ISC)² offers a variety of industry-leading study tools to round out your knowledge. Get your Certification Prep Kit and quickly discover which options work for you!

Remember: (ISC)² is here to help you learn, grow and thrive in the New Year – and throughout your career. Contact us anytime with questions or to schedule a consult.

Photo:IFSEC Global

The post PLANNING TO TAKE AN (ISC)² CERTIFICATION EXAM? GET YOUR FREE CERTIFICATION PREP KIT. appeared first on Cybersecurity Insiders.

January 31, 2019 at 08:14AM

Read More

Windows 7 users should be aware of these Cyber Security vulnerabilities

All you Windows 7 users out there, its better you make a note of the following cybersecurity vulnerabilities to which your system will get exposed after December’ 19.

1.) Obsolete systems which do not receive security updates from their developers( Microsoft in this case) can easily be used to spread malware.

2.) Unless you go for extra support for a premium, you are not going to receive updates from then on. Meaning your system can become prone to Ransomware attacks such as Wannacry and NotPetya.

3.) As they are millions of PCs which still run on Windows 7, IT departments have to prioritize the migration of those PCs to a more stable Windows 10 Operating system. And a recent survey conducted by stats counter says that over 17 percent of tech departments did not know about the deadline.

4.) Reports are in that Microsoft is keen to move companies onto Windows 10 as it doesn’t want to take any risks associated with the security of Win 7. Remember, Windows XP which was pulled down in 2014 by Microsoft pushed all its users towards malware attack in 2017- in the form of WannaCry. On seeing its users suffering, the tech giant issued a security update to XP, Win 8 and Window Server 2003 to prevent further damage from the malware attack.

5.) UK’s National Cyber Security Center(NCSC) has issued a reminder to Win 7 users operating in its region about the looming deadline and also issued a warning of the risks of running software without support.

6.) Keeping the software up-to-date is the only way to tackle the situation and after the deadline, it can only be done by opting for premium support. Otherwise, go for a Win 10 OS update which is probably available for $179.

The post Windows 7 users should be aware of these Cyber Security vulnerabilities appeared first on Cybersecurity Insiders.

January 30, 2019 at 09:11PM

Read More

Top 7 Tips for Improving Cyber Risk Management in 2019

With the constant barrage of headlines regarding breaches in the last few years, it seems that society in general has become numb to losing personal data. This year’s overarching cybersecurity theme is clear: We’re all in this together because we simply can’t do it alone. Effective defense demands a team effort where employees, enterprises, and end users alike recognize their shared role in reducing cybersecurity risks.

To borrow a phrase, “If not us, then who? If not now, then when? by John Lewis.  Here are  tips for improving your cyber risk management this year.

Tip #1: Balance risk versus reward.

The key is to balance risks against rewards by making informed risk management decisions that are aligned with your organization’s objectives — including your business objectives. This process requires you to:

• Assign risk management responsibilities;
• Establish your organization’s risk appetite and tolerance;
• Adopt a standard methodology for assessing risk and responding to risk levels; and
• Monitor risk on an ongoing basis.

Tip #2: Use your investments wisely.

When determining the best strategy for future cyber investments, it’s vital that you review your organization’s current security posture and existing security controls, including technology, people and processes. Before making new investments, perform an architectural and program review to understand how the existing controls can be utilized to address your identified risks.  There are almost always ways to optimize, reduce cost, or minimize upcoming investments.

Tip # 3: Be nimble; make sure your strategy can quickly adapt.

Business is not static and neither are the solutions that enable and protect it. To grow, compete, and own its place in the market, a business must adopt new models and technologies to stay relevant and competitive. As the business evolves, so too must the operations and security solutions that protect it. Today, a cybersecurity strategy needs to be nimble to match the pace and dynamic modeling of the business it is protecting.

Tip #4: Don’t lose sight of the data — are you asking the right questions?

Before analyzing your security controls, take a step back to understand what data is needed to support the business, who that data must be shared with, and where that data is stored.  Look at your operations, the flow of data into, throughout, and outside of your organization, and the risks associated with your business model. This will give you an understanding of the exposures that the data faces, enabling you to address and prioritize security measures. The three questions most organizations should be asking are:

1. How secure are we?
2. Are we going to be secure based on our current and future business plans?
3. Are we investing the right amount of time and resources to minimize risk and ensure security — especially people, technology and process?

Tip # 5:  Re-imagine your security approach; don’t go looking for the silver bullet.

The cybersecurity market is flooded with solutions, leaving many organizations struggling to select the right protection for their business and get the best value from their investments. Most cybersecurity solutions, however, are point solutions, which don’t adequately address today’s threats.

Tip # 6:  Make security awareness stick.

More than 90 percent of security breaches involve human error. These acts are not always malicious, but often careless and preventable. To change security behavior effectively, employees must know what to do, care enough to improve, and then do what’s right when it matters. An effective security awareness program can help change organizational behavior and lower risk. Look for best practices for implementing a successful security awareness training program to change employee behavior and help make your organization more secure.  Consider the answers to the following questions.:

• Does the program assess your users’ ability to spot real-world phishing attacks?
• How is the training delivered to help employees identify phishing and other social engineering tactics?
• Is there flexibility for planning, scheduling, and running the program?

Tip #7: Think beyond compliance.

Achieving Compliance is not the ultimate goal, it is about sustaining compliance. Security and Compliance are not equal. Compliance management is not a project that you start and finish, but rather an ongoing program that needs to be continuously maintained. To make the journey easier, follow an integrated compliance and risk management framework that addresses security, privacy, risk, and compliance, such as the National Institute of Standards of Technology (NIST) framework. This ensures a more manageable program and allows you to report compliance posture more efficiently.

      

The post Top 7 Tips for Improving Cyber Risk Management in 2019 appeared first on Cybersecurity Insiders.

January 30, 2019 at 09:08PM

Read More

Planning to Take an (ISC)² Certification Exam? Get Your FREE Certification Prep Kit.

Cheers to you on your decision to pursue an (ISC)² credential in 2019! You’re about to embark on a challenging and highly rewarding journey. Make sure you get the most out of it with the new (ISC)² Certification Prep Kit.

Preparing for the exam is no small task… Your path to success starts with the right study plan, and the Certification Prep Kit will help you map a course that fits your schedule and learning style. Dive right in for everything you’ll need to move ahead with confidence.

Inside this free resource, you’ll find…

• Fast Facts on (ISC)² Training and Study Tools
• Training Myths Debunked
• Official Courseware Previews
• Justification for Certification and Training
• The Best Study Options for Your Goals
• Insider Tips, Strategies and Insights

From textbooks and study guides to interactive flash cards and study apps, (ISC)² offers a variety of industry-leading study tools to round out your knowledge. Get your Certification Prep Kit and quickly discover which options work for you!

Remember: (ISC)² is here to help you learn, grow and thrive in the New Year – and throughout your career. Contact us anytime with questions or to schedule a consult.

The post Planning to Take an (ISC)² Certification Exam? Get Your FREE Certification Prep Kit. appeared first on Cybersecurity Insiders.

January 30, 2019 at 09:08PM

Read More

US Intelligence feels that China and Russia are the biggest cyber threats to the US

US Intelligence has told US Senators on Tuesday that countries like China and Russia were the biggest cyber threats to their country than they have been in decades.

Dan Coats, the Director of National Intelligence said that the change in US policies on security and trade under trump administration are influencing the American allies in a negative way. As a result of which they are keeping a distance from Washington.

“As countries like China, Iran, North Korea, and Russia use cyber warfare to threaten nations- just to steal information, influence citizens, influence the political stats or to disrupt critical infrastructure, they can be treated as the top adversaries to the United States”, said Coats.

Also, the relationship of Moscow with Beijing has fortified in recent years as both nations have common adversaries- which are the developed nations in the west added the director of the world’s most smart intelligence services.

There is a strong chance of Russia and China interfering or influencing the general US elections of 2020 by refining their capabilities and adding innovative tactics. The plan is to deteriorate social and racial tensions among nations said Coats.
 
“Russia’s use of social media will create a troublesome situation to our nation”, said Senator Mark Warner of Democratic Party. He added that Putin led the nation is looking to create divisions in society and is aiming to influence the democratic processes.

Note- On Monday, the government of United States has slapped criminal charges against Chinese technology maker Huawei for conducting espionage through its equipment and services.

So, US intelligence feels that the charges could deteriorate the ties between Washington and Beijing further which could result in retaliation from nations residing in the east in the form of more and sophisticated cyber attacks.

The post US Intelligence feels that China and Russia are the biggest cyber threats to the US appeared first on Cybersecurity Insiders.

January 30, 2019 at 11:01AM

Read More

Authorities shut down xDedic marketplace for selling hacked servers

By ghostadmin

The domain for xDedic has been seized as well. In a joint operation, the Federal Bureau of Investigation (FBI) and authorities from several European countries have successfully taken down xDedic, a notorious dark web marketplace known for selling stolen digital goods such as login credentials, identity cards, and hacked servers. The operation was carried out on January 24th […]

This is a post from HackRead.com Read the original post: Authorities shut down xDedic marketplace for selling hacked servers

January 30, 2019 at 04:48AM

Read More

New Firmware Version of Nintendo Switch Hacked in just 4 Hours

By Waqas

Nintendo Switch Hacked: The company was claiming to have added advanced security codes in this version of Switch Firmware. The problems for Nintendo console owners are far from over as the latest firmware version got hacked in merely a few hours. According to reports, the newly rolled out Firmware for Nintendo Switch, the much-awaited version 7.0.0 […]

This is a post from HackRead.com Read the original post: New Firmware Version of Nintendo Switch Hacked in just 4 Hours

January 29, 2019 at 10:21PM

Read More

Hackers sell credit card info of Saint John Parking System on Dark Web

Credit Card Information of nearly 6000 people or even more related to Saint John Parking System could have been sold on the dark web in the past 18 months as reports are in that hackers have gained access to the said information by intercepting the parking database at some time 2 year ago.

In December’18 the IT staff of the parking system learned that the database related to the parking ticket fines municipal server was infected with malware which could have spilled critical details such as names, credit card numbers, card verification numbers and expiry dates and addresses of more than 6K people who paid parking penalties online using their credit cards.

On December 19th,2018, IT World, an online news publication reported a breach on Central Square Technologies owned click2gov software which is being used by over 46 other municipalities along with Saint John.

All the payments taking place via the click2gov software were halted by the end of last month. But security experts say that the damage was already done by then as stolen info belonging to cardholders who made payment on Saint John Parking System was being sold on the dark web from the past 15 months.

Don Darling, the Mayor of the Saint John city released a press statement a few hours ago and stated that neither he nor his council members were aware of the incident until an article in IT world was brought to their notice.

They are blaming CentralSquare folks for the activity and said that strict action will be taken against them in the next council meeting. Also, the council members have decided to unanimously purchase a cyber insurance policy covering entire city’s digital assets as a precautionary measure after the incident.

In the meantime, the Canadian Institute of Cyber Security is said to perform a cyber threat assessment on the city’s IT Systems by this month end and will provide further details to the media if necessary.

More details are awaited!

The post Hackers sell credit card info of Saint John Parking System on Dark Web appeared first on Cybersecurity Insiders.

January 29, 2019 at 09:41PM

Read More

Russia hit by a new kind of ransomware

All these days whenever a cyber attack of ransomware variant took place, media resources around the world reported that the hack could have been launched by hackers from Russia or those associated with Russian intelligence.

But now, the news is out that the online users in Russia are facing a cyber threat from a new ransomware variant which spreads in the form of malicious javascript email attachments i.e phishing attacks.

Known as Shade or Troldesh, the ransomware developed in the Russian language is reportedly spreading in the form of spam with the file code Win32/Filecoder.shade.

Researchers from ESET were the first to report on this issue about the malicious spam campaign which emerged in January 2019. The security experts from the Slovakian based firm discovered that the campaign actually started in Oct’18 and then became dormant during the Christmas season. Again the developers of the ransomware started to spread the malware with more vigor from Jan’19 and that might be due to their recent purchase of the new set of business-related email addresses available in bulk from the dark web.

Telemetry stats of ESET notifies that the campaign spreading the Shade ransomware in Jan’19 was most active in Russia with 52% detection of the malicious JavaScript attachments. Other countries which were affected by the shade ransomware campaign includes Ukraine, France, Germany, and Japan.

Cybersecurity Insiders has learned that the hackers are spreading the shade or Troldesh malware in the form of emails written in Russia and having a ZIP archive attachment named as “info.zip” or “inf.zip”.

ESET researchers have found that the hackers are demanding $8000 in Crypto to decrypt the locked files of the infected database.

So, all you Russians out there, please be aware of this threat lurking in the cyber landscape and avoid opening of any suspicious attachments or URL links in your emails.

The post Russia hit by a new kind of ransomware appeared first on Cybersecurity Insiders.

January 29, 2019 at 09:39PM

Read More

US$85 billion to US$193 billion Global Cyber Attack loss

A new hypothetical report jointly compiled by Lloyd’s of London and AON says that a global cyber attack spread via phishing emails could fetch a loss ranging from $85 billion to $193 billion USD and this is said to put a strain on the insurance market in near future.

Technical speaking, when a cyber attack takes place it generally leads to business interruption, cyber extortion, and incident response costs. This will ultimately lead to insurance claims which will surely show influence on the premium amounts quoted to businesses in future.

God forbid, if a cyber attack on a global level takes place on businesses, Aon estimates that the total claims provided by the insurance sector will be in the range between $10 billion and $27 billion- which strictly depends on the policy limits ranging between $500,000 to $200,000.

So, those companies(like those into healthcare, manufacturing, banking, and retail) which go for under insurance will put their digital assets at risk and that is evident as the report quotes that 35% of companies operating in the world are functioning without an insurance cover and 7% of them are those operating in multiple regions of the world.

The security report compiled by the Lloyds says that the economies of the United States and Europe will be the only & most suffering regional economies from a global cyber attack. And that’s due to the fact that they are services dominated and the attack will impeach them to direct financial loss.

Governments are already doing their part in creating awareness on what cyber attacks launched on a global note could yield in losses. For instance, Britain’s National Cyber Security Center(NCSC) announced last Friday that it has launched a probe on the large scale hijacking campaign which took place on Domain Name Systems (DNS).

The cyber security wing of GCHQ has also alerted the world that nations like China, Iraq, Russia and North Korea- all labeled as big adversaries to developed western nations are in plan to launch a cyber attack on a worldwide note in this year. FBI has also endorsed this news and added to the statement that the attack will be in the form of phishing, cryptomining, and ransomware.

So, companies should start taking cyber security on a serious note from now on and start allotting a budget to gain resources to strengthen their cyber defenses. Also, as a precautionary measure, it is better for them to insure their digital assets with a cyber cover. Otherwise, it could prove fatal to their future business operations on an overall note.

The post US$85 billion to US$193 billion Global Cyber Attack loss appeared first on Cybersecurity Insiders.

January 29, 2019 at 09:36PM

Read More

FaceTime bug exposes live audio & video before recipient picks call

By Waqas

FaceTime bug is exposing calls and videos – Here’s how to disable FaceTime until this issue is fixed. According to reports, there is a major bug in iPhone FaceTime’s video calling function that lets users hear audio from the call even before the recipient has accepted the video call. Moreover, the flaw also lets people see […]

This is a post from HackRead.com Read the original post: FaceTime bug exposes live audio & video before recipient picks call

January 29, 2019 at 08:39PM

Read More

Ways to Respond to a Breach

Breaches aren’t easy to deal with, especially if you are of the opinion that companies are people too. Having seen, been part of, and lent a shoulder to many a breach, here are nine of the common ways companies respond to breaches.

Delayed response

A delayed response is when a breach has occurred and the company is informed a long time after the fact, usually when the data appears on a dark web sharing site. The company sometimes informed by law enforcement, or by reading about it on Brian Krebs’ blog.

Complicated response (traumatic or prolonged)

A complicated breach becomes severe with time and can impact the entire company. This can be the case when regulators step in to look at a breach. Were you PCI DSS compliant? Well not anymore. Did you have European citizen data? Well say hello to my little GDPR friend.

Disenfranchised response

Disenfranchised breaches are where the company experiences a loss, but others do not acknowledge the importance or impact. For example, an intellectual property breach that allows a competitor to get ahead is felt by the company, but elicits little, if any sympathy from customers.

Cumulative response

A cumulative breach is when multiple breaches or incidents are experienced, often within a short period of time. For example, getting locked out of your IoT devices accounts while records are being exfiltrated out of the mainframe during a DDoS attack.

A cumulative breach can be particularly stressful because a company doesn’t have time to properly respond to one incident stating how they ‘take security seriously’ before experiencing the next.

Distorted response

Sometimes a company responds to a breach in extreme and hostile ways. In a manner befitting a toddler, the company may resort to blaming a partner or any other third party company.

On occasion the finger of blame is pointed towards an employee or contractor for not patching a system. Or, in some cases, the company will want to set an example and unceremoniously fire the CISO.

Inhibited response

Also known as “keep this between us” is a conscious decision by a company to keep details of a breach limited to a very small group.

Problems can occur if customers or regulators get wind of it, and can cause bigger issues down the road. By then, the only viable option for companies is to shred the documents, wipe the hard drives, and research countries with non-extradition treaties.

Collective response

Collective breach is felt by a wider group, and the impact is shared. It can be a useful tactic in bringing all people on the same side and put their differences aside.

When everyone is forced to change their passwords after a breach, it gives common ground for them to share the pain.

Absent response

A favourite of social media giants, absent response is when a company doesn’t acknowledge or show signs of any response. This can be as a result of shock, denial, or simply passing everything onto business as usual.

It’s important to note that in some instances, just because you can’t see the signs of a response, it doesn’t necessarily mean that a company isn’t taking responsive actions.

Or it could just mean they don’t care, it can be hard to tell.

Anticipatory response

Remember all those posters telling you ‘it’s not a matter of if, but when’ – well, that can have a positive affect as companies can go into anticipatory mode, expecting a breach and preparing accordingly. It doesn’t lessen the sting of a breach, but does allow you to have plans in place to respond and recover.

      

The post Ways to Respond to a Breach appeared first on Cybersecurity Insiders.

January 29, 2019 at 09:08PM

Read More

Happy Data Privacy Day!

By Marie E. Olson, CISM, CISSP, FIP
Deputy Chief Privacy Officer, The Boeing Company

This year, Data Privacy Day will spotlight the value of information. Whether you’re an individual looking to better manage your privacy and how your data is collected and shared, or a business collecting, using and storing that information, remember: Personal information is like money. Value it. Protect it.

Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Protection Day commemorates the January 28, 1981, signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Data Privacy Day is now a celebration for everyone, observed annually on January 28.

In North America, the Data Privacy Day initiative is officially led by the National Cyber Security Alliance (NCSA), a nonprofit, public-private partnership dedicated to promoting a safer, more secure and more trusted internet. You can learn more about the history of Data Privacy Day, as well as information on how you can get involved and become a Champion, visit staysafeonline.org/data-privacy-day. You can also follow NCSA on Facebook and Twitter for updates and resources and use the official hashtag #PrivacyAware to join the conversation. Here are some ways you can get involved:

As an (ISC)² member: 

• Sign up and take the new GDPR Privacy Course
• Discuss privacy at your next (ISC)² Chapter meeting (consider having your chapter sign up to be a Privacy Champion on the NCSA website)

As a parent:

• Talk to your children about cybersafety
• Sponsor a cybersafety training at your child’s school

As an individual: 

• Use the resources on the NCSA website to update your privacy or security settings on your devices
• Purge or shred old files that are no longer needed

The post Happy Data Privacy Day! appeared first on Cybersecurity Insiders.

January 29, 2019 at 09:08AM

Read More