Major regional hospitals in Victoria hit by a ransomware attack

Health services in Victoria took a major jolt when the IT infrastructures of some of the major regional hospitals operating in the region were hit by a ransomware attack. This includes Gippsland Health Alliance and South West Alliance of Rural Health along with health care service providers in Warrnambool, Colac, Geelong, Warragul, Sale, Bairnsdale, and other services in smaller towns.

Highly placed sources say that the services came to a halt since 3 Pm on Monday and the law enforcement agencies along with a third party Cybersecurity service provider from Melbourne have been pressed into service to deeply probe the incident.

Victorian Premier Daniel Andrews who is an official head to the government has assured that the emergency services will never be hit by the malware as the data recovery is in progress.

However, a source from the Office of Daniel says that patient data recovery could take weeks or even a month time.

David Cullen, the principal advisor for cyber incidents and emergency management at Victoria, Australia stated that the attack appears to be highly sophisticated as the hackers spent a lot of time in researching details of the hospital networks.

Appointment re-schedules, delay in patient care, digital communication across the hospital network is expected to take a hit with the ransomware attack.

As of now, no ransom demand has come to the notice of the government head Daniel or David Cullen.

A special team from the Victorian Police and the Australian Cyber Security Center has been formed to investigate the incident.

Michael O’Brien has lashed the government for showing laxity in implementing strict cybersecurity measures while maintaining Victoria’s health databases. He also stressed on the fact that the cyber attack was expected as per the alert issued by the state auditor general in May this year.

Note– Balmoral Bush Nursing Center, Barwon Health, Barwon South Western Regional Integrated Cancer Center, Casterton Memorial Hospital, Colac Area Health, Dartmoor Bush Nursing Center, Hesse Rural Health Service, Heywood Rural Health, Lorne Community Hospital, Moyne Health Services, Otway Health & Community Services, Portland District Health, Southwest Healthcare(Warrnambool) Terang & Mortlake Health Services, Timboon Healthcare and Western District Health Services come under the network of South West Alliance of Rural Health(SWARH).

The post Major regional hospitals in Victoria hit by a ransomware attack appeared first on Cybersecurity Insiders.

October 01, 2019 at 10:43AM

Read More

Ransomware attack on Demant fetches $95 million loss and FBI on Meridian Cyber Attack

Denmark based hearing aid manufacturer Demant has released an official statement yesterday stating that the ransomware attack which took place on its database early last month could fetch a $95 million loss to the company in the current financial year.

The loss includes disruption of services, recovery, IT staffs extra pay to probe and contain the incident, purchase of new hardware and software and compensation if in any case has affected the clients.

Readers of Cybersecurity Insiders have to notify that the incident impacted heavy loss to company’s infrastructure disrupting services related to ERP systems, production and distribution infrastructure at Poland, and some sites in Mexico, Cochlear implants production sites in France, amplifier production sites in Denmark and some offices of Demant located in Asia pacific.

A $14.69 million cyber insurance cover is expected to help the company while recovering the data infrastructure. However, other loss might have to be borne by the company.

In other news related to a cyberattack on an auto parts manufacturer of the US named Meridian Lightweight Technologies Inc, The Federal Bureau of Investigation shortly referred to as FBI was pressed into service to investigate the incident.

The company which supplies lightweight magnesium parts to car manufacturers and has production units in Mexico, UK and US say that the attack launched on its was sophisticated and is suspected to be the deed of a state-funded intelligence agency.

Hayden Heins, the company representative of Meridian did not divulge details on the nature of the cyber attack and if any ransom is being demanded. However, he stated that the company is urging its employees to refrain from connecting their PCs and laptops to the company network.

The post Ransomware attack on Demant fetches $95 million loss and FBI on Meridian Cyber Attack appeared first on Cybersecurity Insiders.

October 01, 2019 at 10:41AM

Read More

Looking to Break into Cybersecurity Without Direct Experience? Find Out How

The cybersecurity skills gap means companies are scrambling to fill security positions, and that presents an opportunity for you to find security work – even without direct experience. Faced with a critical shortage of qualified candidates, organizations are increasingly taking chances on nontraditional applicants and training them for security roles.

One way to bridge a cybersecurity experience gap and get started? Make the case for your transferable skills.

Success in security requires a mix of technical and soft skills. These can potentially come from ANY previous job. Analytical skills, enthusiasm for exploring technical questions and issues, and diagnostic experience will all serve you well in the security field. Business acumen and a background in project management also prove valuable in showing why you can handle a security role.

Explore more tips and key strategies for breaking into cybersecurity in the latest eBook from (ISC)². Request your FREE copy today and find out how to…

• Position your talents and uncover the right opportunities
• Find a company willing to invest in you
• Show your dedication to the career

Get the eBook >> Breaking Into Cybersecurity.

The post Looking to Break into Cybersecurity Without Direct Experience? Find Out How appeared first on Cybersecurity Insiders.

October 01, 2019 at 09:08AM

Read More

Thousands of Windows PCs infected by Nodersok/Divergent fileless malware

By Sudais

A new fileless malware is on the rise which converts computers into bots that can be controlled by hackers remotely.

This is a post from HackRead.com Read the original post: Thousands of Windows PCs infected by Nodersok/Divergent fileless malware

September 30, 2019 at 11:25PM

Read More

Dark web data center in former NATO bunker seized for hosting child porn

By Waqas

Authorities raided and seized a massive data bunker called “Cyberbunker 2.0” used by dark web criminals to run drugs, explicit child content.

This is a post from HackRead.com Read the original post: Dark web data center in former NATO bunker seized for hosting child porn

September 30, 2019 at 09:43PM

Read More

Cybersecurity Audits Are Now Standard Practice in M&A

Cybersecurity threats are a major concern for businesses of all sizes, and that challenge can have repercussions when a company puts itself on the selling block. One of the things buyers will want to know is whether the company has had a breach and, if so, how it was handled.

If the business can show it addressed the breach in a satisfactory way and learned from the experience by fixing its security vulnerabilities, its sale value increases, according to 88% of respondents in a new (ISC)² study titled Cybersecurity Assessments in Mergers and Acquisitions. The study reveals that cybersecurity audits are now standard practice in the M&A process.

And the results of those audits have weight: 77% of study participants, all of whom have M&A experience in some capacity, make recommendations on deals based on what the audits reveal. A solid majority of respondents (82%) say the stronger a company’s cybersecurity infrastructure, including soft assets such as risk management policies and security awareness training programs, the higher the value assessed to the organization

In addition, 86% say a publicly reported breach detracts from the acquisition price, although it’s not a deal breaker if the target company handled it properly. Buyers can be forgiving when it comes to breaches they already know about but it’s a different story if a previously undisclosed breach comes to light during M&A discovery.

The Risk of Surprise

More than half of respondents (57%) say they have been surprised during the M&A process by previously undisclosed cybersecurity incidents. Such revelations can have serious consequences, as 49% of respondents say deals in which they were involved fell apart as a result.

These findings support earlier research about how cybersecurity audits can influence M&A decisions. Some 53% of respondents in a recent Forescout Technologies study reported that critical cybersecurity issues or incidents have jeopardized M&A deals for their organizations. For 73% of respondents, undisclosed breaches are a deal breaker. In addition, the study found that 65% experienced buyer’s remorse when cybersecurity concerns surfaced following a deal.

It’s clear from both the (ISC)² and Forescout studies that executives involved in M&A activities frown on surprises when it comes to cybersecurity. Buyers understand that when they complete a merger or acquisition, they are taking on the target company’s cybersecurity infrastructure. As such, they want to avoid acquiring a weak program that can become a post-acquisition liability.

The (ISC)² study polled companies of all sizes, and 33% of respondents are from organizations of more than 1,000 employees. More than half of respondents (60%) say their organizations use an in-house team of security auditors, and 35% say they retain outside consultants for the task.

The study shows that cybersecurity already is an influential factor in M&A, and according to 42% of respondents, it will become even more so over the next two years.

The post Cybersecurity Audits Are Now Standard Practice in M&A appeared first on Cybersecurity Insiders.

September 30, 2019 at 09:08PM

Read More

Malware turning Microsoft PCs into Zombie Proxies n new details on Baltimore ransomware attack

Researchers from Cisco Talos in commission with Microsoft have discovered a new kind of malware strain which is being dubbed as Zombie Proxies. News is out that the malware has already infected thousands of PCs across the US and Europe and is being technically called as Nodersok and Divergent by Microsoft respectively.

According to the sources reporting to Cybersecurity Insiders the malware campaign which is currently active only in western countries makes users download and run an HTML app often distributed by malicious ads. The malicious tool obscures itself by hijacking the operational features of NodeJS, a program that executes Javascript outside a browser and a WinDivert program that captures and disports network packets.

What’s more concerning about this find is that the malware can disable the features of Microsoft’s Windows Defender and other anti-malware solutions which prevail in the cyber landscape.
Cisco Talos believes that the purpose of introducing Nodersok and Divergent was to facilitate click frauds which were estimated to have caused a $19 billion loss in 2018.

Meanwhile, the ransomware attack which took on the IT infrastructure of Baltimore city has taken a new turn last week when some astonishing events were unraveled in a probe conducted by security experts.

It’s learned in the investigation that most of the staff of the Baltimore City stored files on their local hard drives which has made the data recovery almost impossible after the ransomware attack on May 7th this year.

The city’s outdated approach came into light last week when a committee from the city council investigated the incident at a granular level.

Josh Pasch, the auditor at Baltimore confirmed that the city needs a new IT policy which ensures that all PCs were being centrally backed up.

The post Malware turning Microsoft PCs into Zombie Proxies n new details on Baltimore ransomware attack appeared first on Cybersecurity Insiders.

September 30, 2019 at 08:47PM

Read More

Cyber Threat to IRAN’s oil and energy sector

Iran’s petroleum sector is on high alert as it has received a tip-off from its intelligence agencies that adversaries of the country might launch a physical or a digital cyber attack on the critical infrastructure of the working units of the region’s energy sector.

In a statement officially pronounced yesterday by the Oil Ministry, Bijan Namdar Zanganeh said that that a possible attack might be launched by the West in retaliation to a drone attack launched on a Saudi company’s oil reserve last week- thus reducing the supply of oil to the world.

Paris, London, Riyadh, Washington, Berlin, and India have all raised their voice against Iran for the attack and collectively warned that such deeds could not only force them to imply sanctions on the nation but also take serious action if it doesn’t mend its ways in coming days.

Tehran has been denying such allegations as baseless stories and claimed that Huthi rebels of Yemen could have launched the attack to blame Iran.

On September 21st, 2019, there was a lot of speculation in the media that Washington on the executive order of US President Donald Trump launched a cyber attack on Iran’s petroleum sector disrupting the operations related to production and storage.

However, Tehran denied these allegations and said that no such attack was launched on its Oil companies.

Perhaps the government in Tehran might have got a tip-off from intelligence that such an attack was due in this month or early next and so might have set their petroleum and energy sector of high alert.

The post Cyber Threat to IRAN’s oil and energy sector appeared first on Cybersecurity Insiders.

September 30, 2019 at 10:14AM

Read More

New Mobile Security alert called WIBattack discovered by Ginno Security

Ginno Security Lab, a China-based Mobile Security service offering company has discovered a new Sim card vulnerability besides the recently discovered SIMJacker cyber threat.

The researcher’s claim that a new vulnerability was lurking in the dark which might hit the entire GSM Association at any moment causing serious harm to millions of telecom subscribers worldwide.

Technically speaking, the described mobile security threat is in existence since 2015 but was recently discovered when a Cybersecurity firm AdaptiveMobile threw some light on Simjacker vulnerability.

Experts from Ginno Security say that WIBattack is identical to Simjacker, but the two attack different app targets running on the Sim cards. While the former hits Wireless Internet Browser (WIB) app, the later targets S@T browser app allowing hackers to exploit & spy on the user and his/her Smartphone activities.

In both cases, attackers are seen targeting mobile phones through malicious OTA SMS containing the WIB commands.

Both are Java-based applets and allow telecom companies to provide Voice over spectrum services.

Furthermore, researchers from Chinese firm Ginno Security argue that there were the first to discover Simjacker attack in 2015 which they named it as S@T attack. However, they did not make it public for reasons.

Note 1- According to experts from ZDNET, only a few mobile providers are now providing SIM cards loaded with apps are located mostly in Eastern Europe, Latin America, and the North African region.

Note 2- It was discovered that threat actors can take the help of WIBattack and hijack mobile phones worldwide. This includes making phone calls from a victim’s phone, send SMS or make calls from that phone to any phone number on the globe and such.
 

The post New Mobile Security alert called WIBattack discovered by Ginno Security appeared first on Cybersecurity Insiders.

September 30, 2019 at 10:11AM

Read More

Crooks used fake job website to scam jobless US veterans

By Sudais

If users who happen to be mostly military veterans, in this case, followed standard principles of double-checking URLs and not downloading files from untrusted sources, they could have remained safe and avoided being the victim.

This is a post from HackRead.com Read the original post: Crooks used fake job website to scam jobless US veterans

September 29, 2019 at 12:11AM

Read More

Can banks and fintech bring environmental accountability to their everyday purchasing decisions?

Environmental concerns are an increasingly important issue for people around the world. From cutting back on the amount of plastic being used to taking public transport wherever possible, there’s been a fundamental shift towards more green-conscious habits in many parts of society. Consumers have also come to expect the same standards from businesses, with 81% of people across the globe saying that it’s the responsibility of companies to help improve the environment. 

As such, many people have tried to incorporate a green-first mentality into all parts of their lives – but this isn’t always easy. After all, consumers can have only so much visibility over the impact of what they spend their money on.  

This has created a disconnect where huge numbers of consumers are driven by environmental concerns when making purchases but often struggle to truly understand their carbon footprint due to the opacity around certain elements of the consumer buying cycle. 

This has historically put mindful customers in a difficult situation. Huge numbers of consumers want to know that the materials their favourite brands use are produced sustainably, clothing is ethically manufactured and that the supply chain that connects all these elements together has as marginal an impact on the environment as possible – but until now, the technology to elucidate these details simply hasn’t existed.    

Fintech’s eco credentials 

Fintech is already an innately sustainable alternative to the traditional finance sector, removing the reliance on paper statements and physical bank branches by instead allowing people to manage their finances using digital technology. That’s not to say that older financial institutions across the world aren’t already taking steps to be greener too. Banks, for example, are improving their environmental credentials by setting targets that will help them to hit their United Nations Sustainable Development Goals – such as the UN Principles for sustainable Banking that will officially launch in September.    

These top-down changes to focus investment on green concerns are happening alongside fundamental and innovative developments in the fintech sector. These changes are ‘opening up’ certain sectors – such as retail – and helping to improve transparency around purchases which, in turn, will make consumers more aware of their carbon footprint.  

While there are already apps – such as Good on You or Giki (UK) – that can give consumers more insight into what they’re buying, the fintech sector has taken this degree of green accountability to another level. The latest Mastercard payment card from Doconomy (Sweden) helps users to track and measure the CO2 emissions associated with their purchases – enabling them to limit the climate impact of their spending through climate savings, climate compensation, sustainable investments and climate refunds from partner brands. This card which is eco-friendly, made from a sustainable plastic substitute by Gemalto – now part of Thales – is connected to a mobile app that allows users to measure their carbon footprint from every purchase.  

Customers in the UK can also apply for an online and app–based current account with Triodos, a bank whose mission is to solely finance progressive entrepreneurs and organisations that are delivering positive impact for people and planet. They aim to give the wider banking sector a blueprint for how to become more transparent, diverse and sustainable. Its debit cards are also made by Gemalto, and created from an innovative, plant-based ‘natural plastic’, rounding out the bank’s green credentials. 

Banks can also offer an eco-friendly payment card as part of their portfolio, which is supplied by Thales and is a personalization of the Gemalto Bio sourced card – helping to offset the carbon footprint of the six billion plastic payment cards that are made every year. Gemalto has created a full set of tools that enables its banking clients to add to their green strategy and covers every aspect of a bank card’s life from bio-sourced materials to eco-packaging. 

Going green – a business case 

The benefits of adopting a more environmental mindset are myriad to various parts of the buying chain. Consumers enjoy the knowledge of being able to observe and manage their carbon footprint, while manufacturers can show off their sustainability credentials and benefit from any radiant upswing in purchases – in fact, three quarters (73%) of Millennials say they are willing to pay more for sustainable goods.  

The wider advantage, of course, is a reduction in emissions in across the supply chain – with a greater degree of accountability helping consumers to make buying choices based on a true reflection of that good’s carbon footprint and encouraging businesses to cater to this shift in consumer tastes. Innovative and evolving fintech is sitting right at the heart of this green revolution. 

Would you spend more money on items with a lower carbon footprint? Do you want more transparency from your bank about what they fund and how they use your money? What is your favourite piece of ‘greentech’?  Let us know in the comments below or by tweeting us @Gemalto. 

The post Can banks and fintech bring environmental accountability to their everyday purchasing decisions? appeared first on Cybersecurity Insiders.

September 28, 2019 at 09:08PM

Read More

The Four Pillars of CASB: Identity

This post was originally published by Juan Lugo.

With cloud being so prevalent, it is inefficient for organizations to not consolidate the existing identity and authentication systems used for internal applications. Consequently, employees will no longer need to memorize multiple passwords for the plethora of applications used in-house by utilizing a single sign-on. With the Bitglass admin platform, you can govern how and where employees can access corporate data. With this tool, organizations can block, allow, coach, or provide immediate levels of access to data and applications based on user identity and context. Additionally, organizations can use granular policies that can grant access based on the browser or application, type of device, and location.

Read more here: https://www.bitglass.com/blog/four-pillars-casb-identity

Photo:www.techfunnel.com

The post The Four Pillars of CASB: Identity appeared first on Cybersecurity Insiders.

September 28, 2019 at 06:49PM

Read More

Glass Class: The ZScaler and Bitglass Integration

This post was originally published by Will Houcheime.

With the various tools used in today’s cloud-first world, it could be confusing for organizations to find the correct tools they need to protect sensitive data. In light of this, Bitglass and Zscaler have partnered with each other to provide a solution to create a safe zone for the use of unsanctioned cloud applications. To find out more about how the Bitglass cloud access security broker (CASB) integrates with the Zscaler secure web gateway (SWG), check out our latest Glass Class.

Read more here: https://www.bitglass.com/blog/the-zscaler-and-bitglass-integration

Photo:www.infoq.com

The post Glass Class: The ZScaler and Bitglass Integration appeared first on Cybersecurity Insiders.

September 28, 2019 at 06:41PM

Read More

ATTACKERS ARE TARGETING IT SERVICE PROVIDERS

This post was originally published by (ISC)² Management.

IT service providers have recently become a common target of cyber attacks and 11 of them have been compromised since July 2018. Attackers target providers in attempts to gain access to their customers, according to a blog post by Symantec.

Read more here: https://blog.isc2.org/isc2_blog/2019/09/attackers-are-targeting-it-service-providers.html

Photo:redmondmag.com

The post ATTACKERS ARE TARGETING IT SERVICE PROVIDERS appeared first on Cybersecurity Insiders.

September 28, 2019 at 06:34PM

Read More

How Brexit Impacts the Future of Europe’s Cybersecurity Posture

The British parliament has been unable to agree the exit package from the European Union. With the possibility of a “no deal” departure looming, EU leaders have granted a six-month extension to Brexit day. But the uncertainty that still lingers with regards to Britain’s future, creates various opportunities which cyber criminals could try to exploit.

Given the situation, careful examination of Brexit’s direct and indirect implications must be made, if we are to better understand the potential ramifications of a “no deal” exit. Let’s begin by looking at relevant regulations.

A brief look at current and future legal frameworks

The EU recently adopted two key pieces of legislation designed to govern cybersecurity and privacy issues. The first piece of legislation, the General Data Protection Regulation (GDPR)1, regulates data protection and privacy for all individuals within the European Union (EU) and the European Economic Area (EEA). The second regulation, the EU Network and Information Security Directive (NIS)2, provides legal measures to boost the overall level of cybersecurity in the EU.

For its part, the United Kingdom incorporated GDPR into its Data Protection Act 20183 and the NIS Directive into its NIS Regulations 20184, a political choice showing that the UK strategically desires to be aligned and, to a certain extent, compliant with the new EU regulations.

Governing the transfer of data

On February 6, the UK government published “Using personal data after Brexit”9. The guideline reveals that post-Brexit UK businesses will still be able to send personal data from the UK to the EU and that the UK will continue to allow the free flow of personal data from the UK to the EU (and the EEA area).

Data originating from the EU that comes into the UK will be a different story. It is illegal for an EU Member State business or organisation to export data to a non-EEA entity without specific legal safeguards in place. Since post-Brexit UK could, depending on the method of exit, be considered a “third country,” UK businesses will be subject to these safeguards.

Current & Post-Brexit Threat Landscape

In the UK, the number of data breaches reported to the Data Protection Commission11 rose by almost 70 percent last year, totaling 4,740 breaches during 2018. At the same time, UK organisations such as universities, businesses, online stores and social media (like Facebook) have been subject to breaches that affected millions of people.

Incident Handling

Today all European businesses, organisations and citizens can utilise a data breach reporting mechanism to notify only the Lead Supervisory Authority (LSA) in their country, to carry out investigations and to inform/coordinate with LSAs in other EU Member States in case of a cross-border cybersecurity incident.

In a post-Brexit future, UK-based businesses and organizations will need to legally notify not only the UK Lead Supervisory Authority, the Information Commissioner’s Office (ICO), but also each relevant Member State’s LSA.

Effects on the Workforce

What concerns me most is the cybersecurity skills shortage14. By limiting the right of free movement and enforcing stricter working visa requirements, Brexit could have a significant impact on the capability of Britain to fight against cyber criminals and nation state threats.

Additionally, UK based universities will potentially lose access to huge amounts of EU research funding because of Brexit.

What we can do to prepare?

On the cybersecurity front, UK companies will have to deal with a disappearing network perimeter, a rapidly expanding attack surface, the widening cybersecurity skills gap and the growing sophistication of cyber-attacks.

These issues are extremely difficult to be dealt with. In response, companies should focus on securing all of sensitive data by encrypting all data at rest and in transit, securely storing and managing all encryption keys and controlling user access and authentication. Doing so will help them staff safe in an increasingly uncertain world. With the rise in threats and the increasing value of data to cyber criminals, it’s important for businesses to know how they can adopt a Secure the Breach approach to protecting their most sensitive data and intellectual property.

The post How Brexit Impacts the Future of Europe’s Cybersecurity Posture appeared first on Cybersecurity Insiders.

September 28, 2019 at 09:09AM

Read More

Hacker publishes ‘unpatchable’ permanent jailbreak for iPhone 4s to iPhone X

By Sudais

Apple's jailbreak just became easier.

This is a post from HackRead.com Read the original post: Hacker publishes ‘unpatchable’ permanent jailbreak for iPhone 4s to iPhone X

September 28, 2019 at 02:42AM

Read More

Thales’ Managed Services Program Honored at MSP Innovation Awards

Thales’ Managed Services program was recognized at the MSP Innovation Awards, powered by Channel Partner Insight (CPI), earlier this summer in New York City. The MSP Innovation Awards are designed to honor the vendors, distributors and MSPs across North America who are leading the way in managed services at a time of unprecedented disruption and change in the channel.

With 20 categories recognizing the achievements of MSPs, MSSPs, distributors and vendors, Channel Partner Insights was looking for businesses that stand out from the crowd in the managed services market. The awards are completely independent and based solely on innovation and achievement in the North American channel over the past year.

We are excited to announce that Thales was recognized in two categories: Best Project and Highly Commended for Best Security Offering. The full list of awards can be found here.

Thales’ Best Project submission was centered on a use case with a Fortune 500 biotech company that was looking for a security provider for installed pacemakers on a global scale. CPI saw the project as a truly ambitious and innovative example of leveraging the power of IoT. Discover how the solution allowed the customer to create a process that maintained data safety throughout every communication using our SafeNet Keyfactor Control and Luna HSMs, and why it came out on top to win the Best Project Award.

The SafeNet Data Protection On Demand (DPOD) product provides MSPs or MSSPs managed security services that can be immediately be deployed for their customers, under their own branding, bundled with their cloud or security services. DPOD made a strong case about how Thales is transforming traditional, on-premises providers into relevant cloud service providers through this as-a-service security product. Learn how DPOD helps MSPs provide data protection as-a-service offering to their customers and develop their revenue streams, and why DPOD was Highly Commended in the Best Security Offering category.

Chen Arbel, VP, Business Development, Cloud Protection & Licensing, represented Thales at the award ceremony. When asked how important security is to an MSP’s business today, Chen stated, “We believe, because we’ve seen many times, that the number one reason MSPs lose business is related to the fact that they do not cover cybersecurity or they have failed to provide expertise in this field. Cybersecurity – or data encryption – is a critical part of each and every organization today.” Watch Chen’s interview on how the MSP space is evolving, where MSPs should be investing, and the top security threats out there today.

Thales also answered CPI’s five crucial questions for MSPs in the market today, read about what is and will be most important for MSPs to grow their businesses.

Hundreds of MSPs anonymously shared their opinions of what they love and loathe about their vendor partners in CPI’s exclusive State of the Market report. The report covers five technology areas: security, RMM, PSA, backup and business continuity, and software. MSPs told CPI what they really look for in their vendor partners from each category, giving frank feedback on what keeps them loyal and invested, as well as what could make them switch to a new vendor partner.

The post Thales’ Managed Services Program Honored at MSP Innovation Awards appeared first on Cybersecurity Insiders.

September 27, 2019 at 09:08PM

Read More

Honeywell offers Forge Software for Industrial Cybersecurity environments

Honeywell which is into Commercial and Consumer product production has unveiled a new Forge Software platform to reduce cyber threats to the critical infrastructure of businesses and industries.

The software is such that it offers mission-critical Cybersecurity performance across single or multiple sites mitigating risks and improving Cybersecurity management capabilities.

Whether it is moving data from one site to another or using operations data to strengthen endpoint and network security, Honeywell’s Forge Software is capable of addressing almost all pain points related to Cybersecurity prevailing in IoT environments.

Technically, the software is a powerful analytics platform that offers real-time data and visual intelligence. It is compatible to be used in any cloud or on-premise data center environment and can be tailored as per the organization needs.

Furthermore, the Honeywell Forge Cybersecurity software platform is available in three variants- Enterprise Core, Enterprise Premium, and Honeywell’s Managed Security Services that host and run the software on Cloud which will help industries which do not have on-premises expertise or resource related to Cybersecurity.

Note- Honeywell is an American Conglomerate that is into the business of Aerospace, Home and Building Technologies, Safety and Productivity Solutions and Performance Materials and Technologies. Founded in 1906 in Charlotte, North Carolina, the company is now listed among the list of fortune 100 companies and has become a business subsidiary of AlliedSignal’s in 1998 due to market consolidation. For those companies which need a consultation in Cybersecurity, Honeywell has started an advisory service in cyber defenses from 2015.

The post Honeywell offers Forge Software for Industrial Cybersecurity environments appeared first on Cybersecurity Insiders.

September 27, 2019 at 08:52PM

Read More

Two Ontario Canada based hospitals hit by Ransomware Attack

Two Ontario based hospital networks were hit by a malware attack early this week locking down their database and offering network issues to staff and patients. The Listowel Wingham Hospital Alliance located in North of Stratford and Wingham Hospital in Northeast Huron County is the victims which have been digitally locked down from access by hackers.

Karl Ellis, the President and the CEO of the Canada based hospital issued a press statement yesterday stating that the attack was of ransomware genre and took place on the hospital network during the weekend, locking down access to patient records from early Monday.

How the malware spread to the network and who is behind the incident is yet to be probed.

Mr. Ellis has clarified that no data was compromised in the incident and a ransom note is yet to be received.

Note 1- The incident occurred when an official statement from the City of Stratford located in Ontario, Canada stated that their database was hit by a ransomware incident in April this year. And the Mayor confessed that they had to bow down to the demands of the hackers by paying them $75,000 in BTC to free up their database from the file-encrypting malware.

Note 2- Law enforcement across the world, for instance, FBI are urging the victims of ransomware not to pay the demanded ransom as it not only encourages crime but also doesn’t guaranty a decryption key on payment for sure.

The post Two Ontario Canada based hospitals hit by Ransomware Attack appeared first on Cybersecurity Insiders.

September 27, 2019 at 11:16AM

Read More

Cyber Attack on Airbus

Airbus which happens to be the second biggest aerospace company in the world was hit by a cyberattack recently. The objective behind the attack was to steal business secrets and some sensitive info about future projects and hackers from China happen to be on suspicion radar.

According to the highly placed sources, the attacks took place in segmented style within 12 months and the motive was to steal the technical secrets on aircraft build of the Airbus A350 Passenger Jet and Airbus Military Transport Plane A400M which is touted to have the world’s largest propeller engine.

In January this year, the European aerospace company stated that a digital invasion made by threat actors resulted in unauthorized access to data.

But security experts from Cisco Talos suggest that the attack was outlined with an orchestration bid towards a massacre.

Readers of Cybersecurity Insiders have to notify a fact over here that the attack took place on Airbus via 4 suppliers/ contractors- the British engine maker Rolls Royce, French technology company Expleo, and two other France based contractors whose networks were first compromised to infiltrate into Airbus systems.

The good news is that the threat monitoring solutions identified the cyber threat in time and neutralized the effect of Airbus systems.

 “As large companies are always well-protected, hackers try to sneak into their client networks to get access to a large company database,” says Holger Schulze, CEO, and Founder of Cybersecurity Insiders.

Note 1- As China’s airplane maker Comac is struggling to get proper certification for its C919 aircraft build, it might have hired some state-funded hackers to learn about the mechanics of engines and avionics of Airbus. However, this theory is just a suspicion and not a confirmation.

Note 2- Was Chinese hacking group APT10 behind the cyber incident is yet to be known? However, this organization which runs on the funds given by Chinese intelligence (Chinese Ministry of State Security CMSS) is known to launch several cyber attack campaigns related to espionage on large companies working across the world.

The post Cyber Attack on Airbus appeared first on Cybersecurity Insiders.

September 27, 2019 at 11:13AM

Read More

How Gemalto is staying at the forefront of eSIM innovation

Developments in eSIM technology are taking place at a rapid pace as demand for hardware-based applications grow. A new generation of eSIM-ready smartphones support both a removable slot SIM card and eSIM (such as Apple’s ever popular iPhones), and the first eSIM-only smartphones are rumoured to go live in the second half of 2019. This will mark a true disruption for mobile operators in the way they envisage their relationship with consumers. At the same time, demand from the automotive market is also rising – with forecasts predicting that over 286 million connected cars will be sold worldwide over the next six years. And that’s before we’ve even mentioned the IoT and wearables market, which continues to thrive and expand into enterprise solutions like smart meters. In fact, the number of hardware-based eSIM-compliant devices in the world is predicted to reach almost 1.8 billion units by 2025, up from 364 million in 2018.

The booming demand shows that the industry’s understanding of the benefits of eSIM is continuing to mature. eSIM proliferation requires and accelerates the digital transformation of the entire mobile subscription management process – enabling quicker, easier mobile connections, more physical space from miniaturization, simplified logistics, cost reductions and new revenue streams.

With the sector in such strong shape, it’s truly an honour to be recognised by independent global industry analysis firm Counterpoint as the leading provider in both hardware-based eSIM and eSIM management solutions, in research that recognizes an elite subset of companies that offer best-of-breed eSIM technologies and solutions.

20 surveyed companies were classified in two categories (eSIM Enablement and eSIM Management) and were assessed based on eight criteria:

We’re very proud that Gemalto has been ranked in the first place in both the eSIM-enablement and eSIM-management categories.

Thales is the number 1 provider for hardware-based eSIM and eSIM management solutions.

(source: Counterpoint Research – July 2019)

A lot of work has been made to help us get to this point. Here are seven key tangible elements that helped us win the eSIM race.

1. Research & Development

We have the largest R&D teams for SIM and eSIM-related technologies, with particular core expertise in remote secure provisioning. In the field of mobile connectivity, this means designing, deploying and operating cutting edge eSIM solutions in order to digitalize and manage mobile subscription provisioning and activation, leveraging service platforms and tamper-proof chips.

2. Contributions to standards and interoperability

We’re the leading contributor to the eSIM standardization & interoperability. As part of the eSIM genesis process, we’ve led a big chunk of the contributions to GSMA’s “Remote Provisioning Architecture for Embedded UICC” specifications.

As the initiator and co-founder of the SIMalliance, we’ve been particularly involved in the eSIM interoperability, ensuring that different eSIM vendors’ eSIM profiles “speak” to different vendors’ eSIM management platforms and to different eSIM-compliant devices. For example, we’ve led contributions to an interoperable profile format definition, which allows any profile to be installed on any eUICC, independently of its manufacturer.

3. Accredited sites for production and management

We have the largest number of GSMA security accredited sites for eSIM production and eSIM management, ten of which are accredited by independent auditing companies Chase Waterford and SRC GmbH. The GSMA’s Security Accreditation Scheme (SAS) enables mobile operators to assess the security of their UICC / SIM and eUICC / eSIM suppliers, as well as of their eUICC subscription management service providers.

4. A large, and growing, portfolio

We have the largest portfolio of eSIM solutions, and are the only company with full certification with live operation for all eSIM solutions:

1. Subscription Manager Data Preparation (SM-DP),
2. Subscription Manager Secure Routing (SM-SR),
3. Subscription Manager Data Preparation for Consumer (SM-DP+),
4. Subscription Manager (Root) Discovery Service (SM-DS)
5. Data Centre Operation & Management (DCO&M)

In the increasingly crucial field of eSIM orchestration, we – together with Amdocs’s BSS expertise – intend to accompany mobile operators in their digital transformation of their mobile connectivity lifecycle management policy in order to fully enjoy eSIM benefits.

More recently, we announced the launch of a pioneering brand new technology aimed at bringing effortless initial connectivity to consumer eSIM-ready devices. Gemalto Instant Connect aims to remotely deliver mobile connectivity to eSIM-compliant devices at their first use, as they come unconnected by default, without the need of primary connectivity such as Bluetooth, WiFi or bootstrap.

5. A large roster of customers and partners

We have the largest eSIM customer and partner footprint, and have deployed more than 150 eSIM management platforms for mobile operators, MVNOs, operator alliances, automotive manufacturers and OEMs across all continents (e.g. AT&T, Huawei, Telefónica Group, Vodafone Group, Bridge Alliance, GigSky…). According to the SIM Alliance, a total of 230 eSIM management platforms were deployed globally by the end of 2018, meaning that we’ve provided two-thirds of the deployments worldwide.

Consequently, we have also been working with an increasing number of customers on all continents to design, produce and remotely download eSIM profiles.

In light of the evolution of the SIM delivery and value chain – from removable SIM to eSIM, to iSIM, we have set up close partnerships with leading companies in the mobile and chipset industries including Amdocs, Qualcomm and Microsoft.

6. Paving the way to iSIM

We are collaborating with the world’s leading mobile chipset manufacturer Qualcomm Technologies to develop iSIM (integrated SIM), thus bringing eSIM innovation into the Snapdragon Mobile PC Platform.

Technologically, one of the main challenges here is to ensure the same level of security and integrity in the iUICC as the eUICC. For example, in June 2019, Qualcomm’s Secure Processing Unit (aka SPU, an on-die secure element recently launched as part of the Qualcomm Snapdragon 855 Mobile Platform), received Common Criteria EAL-4+ security certification, the gold standard for smart card hardware security assurance and testing. This shows that we are committed to providing advanced built-in security to accelerate the adoption of eSIM-based mobile connectivity among a wide variety of consumer connected devices.

7. Building a chain of trust in 5G networks

With the launch of the first 5G handsets and offers in 2019, it was natural to launch the world’s first 5G SIM in order to unleash the potential of the next generation mobile networks. 5G SIM / 5G eSIM can now help operators addressing data protection regulation compliancy and increased network cyberattacks, thanks to providing subscriber identity privacy and trusted environment resilience.

It’s an honor and tremendous source of encouragement to receive this accolade, with Peter Richardson, Research Director at Counterpoint Research, noting: “Gemalto [is] leading the pack due to their diverse partnerships across the value chain, GSMA certifications, and end-to-end eSIM solutions.”

“This recognition rewards our vision to make eSIM accessible to the largest number of stakeholders in the mobile, consumer & industrial industries” said Emmanuel Unguran, Executive Vice President Mobile Connectivity Solutions at Thales. “It is also the public acknowledgement of the work of our teams involved in standardization, product management, innovation, operations and sales. I feel privileged to be working with and leading such fantastic teams.”

It’s paramount that OEMs, service providers and eSIM solution providers continue to work hand-in-hand to deploy a global, interoperable and fully-digitalized mobile subscription ecosystem to address the tremendous need of mobile connectivity for billions of IoT devices.

I’d be glad to get your comments and feedback. As a device maker or OEM/ODM, what’s your view here? Are there any other points you consider crucial for developing your business? Let us know by tweeting us at @GemaltoMobile or leaving comment below.

The post How Gemalto is staying at the forefront of eSIM innovation appeared first on Cybersecurity Insiders.

September 27, 2019 at 09:10AM

Read More

Does Jack Dorsey’s Twitter Account hack mean two factor authentication is waste of time?

Is Two Factor Authentication a Waste of Time?
Not All MFA Methods are Created Equal

Over the past few years, people have been advised to replace the passwords they use to access cloud services, with two-factor authentication or ‘two step verification’. This is because the majority of data breaches to cloud services are the result of compromised passwords. But as evident in the takeover of Jack Dorsey’s Twitter account , the SMS two step verification that was in place for Dorsey’s account, didn’t provide the expected protection and hackers were able to take over his account nonetheless. Does that mean MFA is overrated as an effective method for securing cloud accounts? Turns out that not all MFA methods are created equal. Dorsey was using SMS-based two-step verification. When logging into his account, an SMS code was sent to his phone. In the Twitter case, the hackers succeeded in carrying out an ‘SMS Swap’ attack: they likely bribed or persuaded an employee of Dorsey’s mobile phone carrier to transfer his number to a phone in their possession. The SMS code was then sent to the hacker’s device, and was used to get into Dorsey’s account.

Two factor authentication is still the best way to protect your account. But not necessarily SMS-based MFA. In 2016, NIST determined based on extensive independent research that redirecting and intercepting SMS messages has become too easy and can be operated at scale. As a result NIST has deprecated SMS-based authentication advising that it is not secure. . Paul Grassi, who at the time was senior standards and technology advisor at NIST said then, “We don’t want you to use SMS as a second factor, but we absolutely want two-factor authentication, in fact, we recommend it for all levels of assurance.”

If Not SMS,  What Kind of Two-Step Verification Should You Use?
For mobile phones, the easiest and most secure method, is PUSH OTP, using an OTP app that is installed on a smart phone. With OTP technology, the cryptographic secret that generates the security code is highly secured within the app, and the app is securely tied to the physical device. Unlike SMS, this technology doesn’t rely on the mobile carrier to deliver the security code. Even if the phone number were to be transferred to another device, the malicious actor would still not be able to generated security codes using the app.  So what should you look for when evaluating OTP and Push based two factor authentication?

1. Make sure the OTP app cannot be backed up to an external drive or copied to another device. Apps that allow this don’t have the built in security to ensure the apps can only be used on a specific and intended device.  So always make sure that the OTP app is encrypted, protected and tied cryptographically to a specific mobile device.
2. Make sure the OTP app supports secure app enrollment and activation:  In order for the security code to be protected and secured when a user installs the app, the app installation process needs to be encrypted.  Otherwise, the cryptographic module that generates the security codes could be at risk. Some vendors carry out an OS check before allowing the app to be installed on the intended mobile device. However, if the app can be copied to a malicious device that complies with the OS rules, this kind of workaround  wouldn’t be of any help in protecting the integrity of the app itself.

To sum, when developed with the best built-in security, PUSH OTP-based two-factor authentication is a highly effective way of protecting apps and cloud services, and overcoming the weaknesses of passwords. It offers both security and an easy and convenient way of logging into apps – check it out for yourself in this video showing how PUSH OTP can secure your O365 account.

The post Does Jack Dorsey’s Twitter Account hack mean two factor authentication is waste of time? appeared first on Cybersecurity Insiders.

September 26, 2019 at 09:09PM

Read More

Transforming into Code Signing

How two enterprise transformations are increasing the importance of code signing security

Every enterprise understands the need for security, but recent transformations in the business ecosystem are increasing the urgency to implement strong and transparent security processes. At the same time, these transformations are shifting how this security must be delivered.

Digital transformation and the rise of the cloud have changed the economics of business delivery. Recognizing that data center infrastructure and hardware do not deliver to the bottom line, more companies are shifting to a cloud-based business delivery model. Applications delivered in the cloud, and databases stored in the cloud, have created a whole new paradigm of how business is conducted. Data that is accessed and used anywhere offers a global market to companies who previously couldn’t dream of that broad of a potential audience.

This fluid and indistinct enterprise perimeter also add a level of complexity to security. For organizations today, it becomes increasingly difficult to ensure each user is who they say they are and gains access to only what they are permitted to see. On the other end, you must ensure the software you deliver has not been tampered with, and that their data remains safe at rest and in transit. This is where code signing can add security and peace of mind to both the Enterprise and their customers.

Another transformation driving the need for secure code signing is Dev Ops. With on-site development environments using on-premises security, certificates are often kept on a physical device stored locally. While this still carries many inherent risks, as companies implement DevOps strategies and leverage globally distributed development teams, this implementation becomes impossible. Program development processes like Agile, applied to a global development community, requires a company to implement security solutions that are both cloud-based and transparent. This will enable manufacturers to certify that their software comes from a legitimate source and that it hasn’t tampered with since it was published.

This ever-changing security landscape can quickly move outside the expertise of a corporation. Partnering with companies that focus on delivering a cohesive security solution that was designed with the cloud at its core is critical to success. Keyfactor Code Assure, which includes Thales’ cloud-based SafeNet Data Protection on Demand HSM service, or with out-of-box support for on-premises SafeNet Luna HSMs, ensures that as a company transforms, its code signing solution is ready to secure its products, customers, and reputation.

Want to learn more? Listen to this Keyfactor Podcast “Dev, Security or Ops: How Code Signing Affects You”, where you will learn how to be flexible, remove bottlenecks, distribute responsibility and stay secure.

The post Transforming into Code Signing appeared first on Cybersecurity Insiders.

September 26, 2019 at 09:09PM

Read More

Five easy-to-miss Gemalto products that make life easier

As the world becomes ever more reliant on technology, we have become accustomed to new inventions making our lives easier than ever before. As a result, there are many objects you might take for granted on a daily basis but never realized how difficult life would be without them. To show you exactly how easy it is to miss these products we’ve come up with a list of five Gemalto solutions that make life easier.

ePassports and automated border control gates

Can you remember a time before your passport had a chip to quickly get you through the security gates at the airport? There was nothing worse than getting off a flight ready to enjoy your holiday only to find that the queue at passport control snaked for miles around the airport.

With the introduction of ePassports in 2006, passports were revolutionized, featuring a new design with additional security features. Using our technology, your personal and biometric data is stored in the chip inside your passport, which mirrors the same information as printed on the personal data page. When you go through security using the Automated Boarder Control gates the reader compares the measurements on your face with your passport photo, for example how far your eyes are from your lips, and uses this data to determine if it is really you using the passport.

The biometric technology reduces the risk of document fraud and allows passengers to avoid longer queues when getting through security checks. So, if you have an ePassport, there is a good chance we made it!

The security when logging on to your mobile banking app

The number of people using mobile banking via an app on their smartphone is predicted to reach over 35 million by 2023 in the UK alone, meaning the worldwide figure will be in the billions. As such, it is inevitable that the number of cyberattacks in the banking ecosystem has also risen. To counter this threat, we created Gemalto’s Mobile Protector, which provides multi-factor authentication and mobile security services when logging onto mobile banking.

For example, when you access mobile banking you are required to put in a pin code that only you know, or use the biometrics in your fingerprint to open the app. Previously, weaker methods such as receiving an SMS text message to confirm your authentication were used, however, these methods were much easier to deceive. Our technology now shields the mobile banking app against attacks like key loggers, phone theft and malware, while also protecting non-mobile channels against fishing and men-in-the-middle attacks. This is done through dynamic linking which creates a unique authentication key per transaction and also supports PSD2 compliance.

Connected Cars

Our technology puts the “connect” into connected cars. Our wireless modules are like stripped down mobile phones that provide a cellular data connection needed to power navigation and infotainment services. Indeed, the days of using a physical map on long journeys seem like a distant memory now, as these navigation systems provide us with live traffic information and smart routing.

The ability to transmit and receive data with an embedded SIM in the car identifies individual vehicles, while Machine to Machine (M2M) encrypted communications mean no one can hack into your car. In addition, the wireless modules ensure secure global connectivity for smart vehicle systems including eCall emergency solutions, vehicle telematics.

This system is designed to bring rapid assistance to drivers involved in collisions. In the event of a serious road incident, an eCall-equipped car automatically dials the emergency services. We supply many car makers, if you have a new Peugeot or Citroën for example, there’s a good chance that we connected it.

Encrypting interbank fund transfers so the world’s economy keeps turning

We all agree that keeping your money in a bank is safer than under the mattress. Our data encryption platforms, known as Hardware Security Modules (HSM) are used by banks to protect money and financial data from cyberattacks. This technology not only helps financial organizations keep money safe inside their networks but also ensures it can be safely exchanged within the global financial system. Our platforms protect more than $1 trillion every day in interbank fund transfers and makes sure the economy doesn’t come to a halt.

Roaming Management

Ever wondered how, when you take your phone off airplane mode or switch it off and on again, it automatically reconnects to a network? This is enabled via a Gemalto device-based steering solution, called Roaming Management, which connects you to the preferred network, according to your service provider. This technology also provides real-time and effective traffic steering during peak periods, ensuring up to 95+% successful traffic redirection, avoiding anti-steering issues and improving the network you get.

Were these solutions new to you? Are you surprised that Gemalto is behind these interesting life-hacks? Let us know in the comments below or by tweeting us @Gemalto.

And as part of the Thales group there are now many more ways we’re helping you out, whether it be guiding your plane safely to its destination or ensuring your train arrives on time at the right platform – learn more at the Thales website.

The post Five easy-to-miss Gemalto products that make life easier appeared first on Cybersecurity Insiders.

September 26, 2019 at 09:09PM

Read More

Cyber Attack news currently trending on Google

Danish company Demant which is into the manufacturing of Oticon brand hearing aids has released a press statement today stating that it has lost over 500,000 Kroner via a cyber attack early this month.

Highly placed sources report that the incident took place on September 3rd disrupting production and distribution servers of Oticon hearing aids. The Denmark based company which is also known as William Demant as per the trade association is reported to have an annual turnover of around 14 billion Kroner and has an employee count of over 14,000 staff members.

Soren Nelson, the CEO of Demant confirmed the cyber attack on the company servers and clarified that the recovery is expected to take over 2-3 weeks.

In other news related to cyberattack and trending on Google, Palo Alto Networks has revealed that a survey conducted by its security researchers on a recent note has stated that the hackers are increasingly targeting transport and logistics based companies these days with a trojan malware campaign.

Already the researchers from the Santa Clara based company say that the malware campaign has targeted a company in Kuwait and some have already become a victim of the campaign, but chose not to reveal to the world for some reason.

Currently, the Trojan campaign is said to be targeting companies operating in Kuwait and transport companies are said to be the prime targets.

Cybersecurity Insiders learnt that the attack campaign first starts with a backdoor installation named Hisoka Tool. Then the tool paves way for the download of other tools which help carry out post-exploitation activities.

Palo Alto Networks have confirmed that the tools were developed by a single hacker from middle east and are active since June’18 and the victim list and the attack style will be revealed shortly on an official note by the Cybersecurity company.

Third news belongs to China and its Cyberattack on Czech republic’s Foreign Ministry last year. According to a report released this week by the intelligence agency of Czech Republican EU member of Intelligence agency NUKIB have clarified that the Republic of China was involved in a major cyber attack on a Key government institution operating in the borders of Europe.

NUKIB is a National Cyber and Information Security Agency which is a Cybersecurity unit of the Czech Republic. The agency has now clarified that a hacking group from China was involved in the attack.

Note– Earlier the same agency suspected the hands of Russia and its military intelligence behind the cyber attack on the Ministry of Czech Republic.

The post Cyber Attack news currently trending on Google appeared first on Cybersecurity Insiders.

September 26, 2019 at 08:52PM

Read More

Information Security Professional Degeneration

By Ian Trump

If you ask mid-and-advanced-career information security professionals about their jobs in information security, most of them may not express the kindest sentiments.

This is a post from HackRead.com Read the original post: Information Security Professional Degeneration

September 24, 2019 at 03:25AM

Read More

AI Leaps into Banking: When to know You Can Trust It

By Uzair Amir

Banking is readily recognized as one of the main sectors undergoing significant transformation with the advent of AI (Artificial Intelligence).

This is a post from HackRead.com Read the original post: AI Leaps into Banking: When to know You Can Trust It

September 26, 2019 at 03:12PM

Read More

Utmost Mobile Security for low budget phones with Android 10 Go

Google which offered a preview of Android Q in March this year has renamed it as Android 10 and has been testing its beta versions on its home grew Pixel phones. The internet juggernaut and the subsidiary of the Alphabet Inc have now released an Android 10 Go Edition for budget-friendly phones on Wednesday and has announced that the software will not only make mobile phones faster but will also add more security to users.

For those phones which are running with a 1.5GB RAM and less memory, Google plans to target them with Android 10 Go Edition. As the new operating system is super light allowing apps to run 10% faster, it is said to make switching between apps super fast.
As such phones do not have the hardware to protect data in the silicon chips, Google is said to offer its Android 10 Go edition with cryptographic encryption named Adiantum.

This AES range storage encryption algorithm will ensure that the sensitive data on the device remains secure from prying eyes likes spying malware.

Note 1- Adiantum is exclusively devised for Android 9 and above phones whose CPUs lack AES instructions.

Note 2- In high-end phones such as Apple iPhones, Samsung Galaxy series and Pixel, a dedicated encryption chip is available on-board which keeps data such as phone locking information and other data needed securely.

Note 3-Android 10 Go is developed for those devices which have less memory and energy to operate which are general features available on entry-level smartphones.

The post Utmost Mobile Security for low budget phones with Android 10 Go appeared first on Cybersecurity Insiders.

September 26, 2019 at 10:53AM

Read More

Microsoft Internet Explorer users are vulnerable to Zero Day flaw

Microsoft is urging its users to install a new security patch for the Internet Explorer Zero-Day flaw which could be anytime exploited by hackers to run malicious code. Security analysts from the American Technology company say that the exploit can trick IE users in clicking on malicious links and might make them visit unsafe web pages.

 

The Redmond giant specified in its latest statement that flaw affects IE versions 9,10 & 11 and can to lead to real-time attacks with remote code execution threat on the browser’s scripting engine that helps threat actors install malicious programs, view, alter or erase data and generate new accounts with full user privileges.

 

As per the stats compiled by the research firm StatCounter, over 7% of web users are using the affected versions of IE which doesn’t include IE Edge and all are said to be vulnerable to cyber-attacks. So, those using Windows 7, 8, 10 and even some using Windows Server versions are said to be susceptible to attacks.

 

By default, those who have opted for automated updates will get the fix updated on their systems soon. But those who do it manually should install the security patch via Windows update.

 

Note 1- Windows 10 users should manually activate IE 11 and so the threat vulnerability is low for these users.

 

Note 2- As per the numbers offered by StatCounter, Usage share of IE across the globe is meager 2.29% while the share occupied by IE among desktop browsers is 7.3%. Usage share of IE on mobiles is 0.05% and on Tablets is 0.075%

The post Microsoft Internet Explorer users are vulnerable to Zero Day flaw appeared first on Cybersecurity Insiders.

September 26, 2019 at 10:51AM

Read More

Complying with APRA Prudential Standard CPS 234

Since Australia’s Notifiable Data Breaches (NDB) scheme launched on the 22^nd February 2018, the Office of the Australian Information Commissioner (OAIC) noted that there were 964 data breaches¹ reported between 1 Apr 2018 and 31 March 2019. This equates to just over 700% increase in data breaches reported compared to the 114 data breaches voluntarily reported in the previous year … a mind-blowing statistic!

With cyber-attacks unwaning, it is not surprising to see that the Australian Prudential Regulation Authority (APRA) released its Prudential Standard CPS 234 for Information Security on 1^st July 2019. The objective of CPS 234 is to ensure all APRA regulated entities in the banking, insurance and superannuation industries are prepared to protect against any information security incidents (including cyber-attacks) and are able to respond swiftly and effectively in the event of a data breach.

In particular, Prudential Standard CPS 234 requires that APRA-regulated entities must:

• Clearly define information-security related roles and responsibilities;
• Maintain an information security capability that fits with the size and extent of threats to their information assets;
• Implement controls to protect information assets and undertake regular testing and assurance of the effectiveness of controls; and
• Promptly notify APRA of material information security incidents

Yet in a recent Thales survey on Data Protection², only 20% of Australian organisations consider themselves to have a mature cybersecurity programme, with over two-thirds finding challenges with the complexity of cybersecurity solutions and integrating cybersecurity with existing technologies.

But all is not lost! Join us at this webinar where you can:

• Discuss the key requirements of CPS 234
• Identify disruptive cybersecurity trends and the implications
• Learn best practices to protect against data breaches

Presenters:

• Graeme Pyper, A/NZ Regional Director, Thales

Webinar:

Date: Thursday, 5th September 2019
Time: 1:00PM (Sydney, Melbourne)
Duration: 60 Minutes

Register Now

Don’t worry if you can’t attend the live webinar as you will get a link to the webinar recording that you can watch at your leisure.

And if you have any questions or like to discuss this more, don’t be shy; please do contact us. We’d love to hear from you.

¹https://www.oaic.gov.au/resources/privacy-law/privacy-act/notifiable-data-breaches-scheme/quarterly-statistics/ndb-scheme-12%E2%80%91month-insights-report.pdf

²https://www6.gemalto.com/ecosystm-cybersecurity-research

The post Complying with APRA Prudential Standard CPS 234 appeared first on Cybersecurity Insiders.

September 26, 2019 at 09:09AM

Read More

Our insights from the latest European Banking Authority’s paper on PSD2 readiness, advances and challenges

The PSD2 directive, a fundamental piece of payments legislation in Europe, is set to introduce security requirements for the initiation and processing of electronic payments and the protection of customers’ financial data, starting in September 2019.

Since the European Banking Authority (EBA) published its first paper in June 2018 on exactly what the PSD2 legislation would mean for businesses affected, many more questions have arisen. Because of this, the EBA has since published a second paper, one year later, entitled the “Opinion on the elements of strong customer authentication under PSD2”. This paper has been highly anticipated by key stakeholders in the financial and retail sectors to clarify some of the uncertainties around preparing for compliant practices. As the implementation deadline for PSD2 draws nearer, the EBA’s second paper provides vital insight about what the future holds after the 14^th of September. We have taken a look at some key takeaways from this paper to see what has changed.

Strong Customer Authentication

The latest paper from the EBA exclusively focuses on “the elements of strong customer authentication” and does not cover other aspects of the PSD2 directive, including open banking. As such, it seems this paper has been created to act as a guideline for National Competent Authorities (NCAs), such as central banks and their delegates. This is because it is these institutions that will be in charge of orchestrating and controlling the application of PSD2 and its Regulatory Technical Specifications.

As part of this paper the EBA has also confirmed and summarized which methods can or cannot be considered as “authentication elements” under PSD2. This is important as its first paper on the subject was somewhat ambiguous and left many stakeholders with unanswered questions.

SMS One-time Password Solutions (OTPs) as an authentication method

The EBA’s desire for two-factor authentication to become mandatory under PSD2 legislation has been reinforced by its latest paper. However, interestingly, the EBA have stated that SMS one-time password (OTP) solutions, one of the most used ways to authenticate customers today, will still be an acceptable solution under PSD2. This is somewhat a surprise as the June 2018 paper seemed to conclude that SMS OTP should be replaced by more secure authentication methods, such as biometrics.

However, the EBA’s most recent paper also clearly points out the weaknesses of this solution compared to more secure alternatives. This is partly because SMS OTP includes possession as a factor of authentication, which is less secure than inherence factors that cannot be replicated, such as an iris pattern. Therefore, in the medium term some sort of inherence factor will still be necessary to implement, as security concerns, including SIM swapping and confidentiality, will need to be addressed.

Nonetheless, as SMS OTP remains an authentication method for now, improving SMS security, for example by using SIM monitoring, is definitively an area to investigate further in the next few years. It is also good practice to keep SMS possession authentication as an option for customers who cannot be reached by other authentication methods.

Dynamic Card Verification (DCV) security codes as a possession factor

As stated in the EBA’s first paper, the use of DCV, where a PIN code is not printed but instead changes every hour, may now count as evidence of possession authentication, in line with Article 7 of the Regulatory Technical Standards (RTS). This is significant as Article 7 offers increased protections for the possession factor, requesting that security must be in place to prevent replications. Importantly, this reiterates the fact that the EBA no longer believes a customer simply typing their card number into a portal is an acceptable possession authentication factor.

It is also important to note that come September 2019, under PSD2, device binding will also be mandatory for mobile apps to be considered compliant as a type of possession authentication. Device binding allows users to transact on trusted devices without repetitive authentications. This process securely links an authorized user to their device using their SIM card hardware or the secure element of their mobile device. In this way, transactions are given increased scrutiny but there is no added friction for the customer. On the other side of this, card details and the security code that are printed on the card do not constitute either a knowledge element or possession element according to Article 7 of the RTS.

National Competent Authorities (NCAs) and compliance delays

One final comment from the EBA, which has received a significant amount of attention from stakeholders, is that it officially gives NCAs the ability to negotiate compliance delays with Payment Service Providers (PSPs). To a large extent this announcement was to be expected, but this latest paper makes it official. From September 2019, NCAs will have the final word on what Strong Customer Authentication practices are acceptable by a PSP. This will come as good news to many, who have been requesting more time to become PSD2 compliant since the legislation was first passed in November 2015.

While this second paper has provided a lot more clarity to stakeholders concerned by PSD2, the directive does not mention what we can expect to happen with Open Banking and the relationships between banks and FinTechs. Therefore, it is expected that there will be more questions concerning the more challenging side of the PSD2 implementation discussion that the EBA will need to answer before the September deadline.

 

You can download our white papers about PSD2 at https://www.gemalto.com/financial/ebanking/psd2 or contact me at Jean.Lambert@thalesgroup.com for more information.

The post Our insights from the latest European Banking Authority’s paper on PSD2 readiness, advances and challenges appeared first on Cybersecurity Insiders.

September 26, 2019 at 09:09AM

Read More