How to Retain the Right Kinds of Control in the Cloud

This post was originally published by Jacob Serpa. The last several years have seen an unprecedented shift in the way that businesses conduct their operations and employees perform their work. Users are no longer confined to working on premises from desktop computers. Data is being accessed, stored, shared, and processed in new ways. While these changes have enhanced productivity and collaboration in the enterprise, organizations must consider how they are affecting cybersecurity. Read more here:https://www.bitglass.com/blog/how-to-retain-the-right-kinds-of-control-in-the-cloud Photo:...

Read More

WHITE PAPER ON CLOUD SECURITY RISKS – AND HOW TO MITIGATE THEM

This post was originally published by(ISC)² Management. Cloud security today is touted as better than ever. So how do we explain the ever-increasing number of data breaches? According to the new white paper, Cloud Security Risks & How to Mitigate Them, the disconnect arises from a shared security model. Cloud Service Providers protect the datacenter, but customers are responsible for safeguarding their own data, and focus is shifting from the provider to the customer. Read more here: https://blog.isc2.org/isc2_blog/2020/02/white-paper-on-cloud-security-risks-and-how-to-mitigate-them.html Photo:giveuselife.org The...

Read More

THREAT HUNTING: IS YOUR SECURITY OPERATION READY TO LAUNCH SUCH A PROGRAM?

This post was originally published by (ISC)² Management. It could be a blended attack as slick as a multichannel marketing campaign. Or a spontaneous crime of opportunity by a single dis-gruntled employee. It could even be an innocent configuration error. When a threat exists, there will be indicators. The perennial challenge is to hunt for signs in the right places and to isolate the signal from the noise. How best to find—and remove, where possible—such threats remains up for debate.  Read more here: https://blog.isc2.org/isc2_blog/2020/02/threat-hunting-is-your-security-operation-ready-to-launch-such-a-program.html Photo:https://ift.tt/1qHGp7p The...

Read More

How VPNs Keep Your Data Secure

Virtual Private Networks are a pretty important point of contention nowadays. Namely, Internet privacy is being constantly attacked from many directions, leaks are common, and both governments and companies are trying to get their own piece of the pie. Facebook, Google, Microsoft, all of these companies are very useful, they practically changed how we lead our lives. They have also with or without subtlety squeezed out information and data from all of us and are continually selling this info to others. And since we can’t really rely on the government...

Read More

How to avoid Amazon Chief Jeff Bezos Mobile Security pitfalls

We all know that Amazon Chief’s Jeff Bezos might have been hacked when he shared his number with a Saudi prince who later used phony tactics to gain access to the world’s richest businessman’s WhatsApp account and stole his private conversations and photos at some time in 2018. Now, to those who are feeling paranoid about facing such circumstances, here’s a list of precautions which when followed might help avoid the Mobile Security Pitfalls made by the Amazon CEO. Use two-factor authentication where ever it is possible, especially while using...

Read More

Microsoft Ireland confirms every 3 in 4 organizations are worried about Cyber Threats

Microsoft Ireland researchers have discovered that every 3 in 4 of the largest organizations operating in Ireland were worried by Cyber Threats after screening the employee security habits in the respective organizations. The focus of the researching team was on 4 key areas which include Identity Access Management, Threat Protection, Information Protection, and Security Management. Microsoft which conducted a similar survey on 900 employees working in Large Irish Companies in 2019 concludes that there have been no changes in the attitude towards...

Read More

Cyber Attack news trending on Google

Firstly, it is the news related to a Cyber Attack on Redcar and Cleveland Borough Council which is trending on Google. On February 8th, 2020 a ransomware attack targeted the servers of the Redcar and Cleveland Borough Council disrupting the servers from the past three weeks. Council Leader Mary Lanigan says that the IT staff has been working 24/7 to bring back essential services online since then and have partially succeeded in doing so. The attack is reported to have impacted the children who were anxiously waiting for their join in the secondary...

Read More

Mobile Security alert as Google removes 600 apps downloaded 4.5 billion times

Google has stated that it has removed over 600 apps from its Play Store- howbeit not before there were downloaded 4.5 billion times on an overall note. The intention of the tech giant with the move was clear; to keep its apps store free from spam which violated its ad policies. According to the statement released by the Alphabet Inc’s company, the apps which were removed from its store were displaying full-screen ads even when the phone was not being operated- which is a clear cut violation of its policies as it even disrupts most of the device...

Read More

Online payment security: 8 Steps to ensure safe transactions

This blog was written by an independent guest blogger. Online shopping has become an increasingly popular trend in the past few years as people find it more convenient to buy from the comfort of their homes. You can get pretty much anything and everything from online stores: groceries, clothing, jewelry, electronics and other household items. Yet, we need to consider for a...

Read More

Ransomware shuts down Australian wool auction and erases data of Florida Police

The Australian wool auctioning event was shut down for a week as a ransomware attack on a supplier’s main software locked out the auctioning company from carrying on the event on a further note.   Secretary of National Auction Selling Committee (NASC) has confirmed the news and said that the weeks auctioning has been canceled due to a cyber attack.   Authorities are working to hard to restore the system related to Electronic Data Interchange by this weekend through backups and related tools.   David Cother, the Secretary of the National...

Read More

Russia criticizes Canada for Cyber Attacks on Georgia

Russia has sharply criticized Canada for blaming Moscow for launching Cyber Attacks on Georgia in 2019. The word comes just after the United States allegedly blamed Kremlin last week for launching cyberattacks on the websites of Georgia and Ottawa joining the blame game.   Cybersecurity Insiders readers have to notify a fact over here that more than 2K public and private websites faced disruption on October 28th, 2020 due to a cyber-attack allegedly launched by Kremlin and this includes the disruption of IT infrastructure those belonging to...

Read More

MWC 2020 is cancelled – but the spirit of limitless connectivity will go on

The GSMA’s decision to cancel this year’s MWC is unfortunate but understood in light of the threat posed by the Covid-19 outbreak. As an international organization with offices in nearly 70 countries, Thales acknowledges the severity of the situation and has taken steps to restrict business travel. Our deepest sympathies are with those affected in China and all around the...

Read More

Google Android 11 OS focuses more on Data Privacy

As Google opened the doors of Android 11 for developers last week the web search giant has insisted that its focus will be more on data privacy for this segment of the operating system. For instance, the upcoming version might include the feature where apps will get one-time access permission to access location or camera on the device.   Google has disclosed that its next operating system will support digital docs like driver licenses and another identity related information and will expand the use of Biometrics like IRIS, Fingerprint data,...

Read More

US Pentagon ethically adopts AI to use in Battlefield

Finally, it’s out that the US Pentagon has decided to use the technology of Artificial Intelligence on the battlefield. However, the usage will be done via ethical practices will utmost judgment and care.   As countries are showing a lot of interest in using Artificial Intelligence in war situations, the concerns among nations have risen that the technology might spell a doomsday the entire humankind someday.   “United States Pentagon has put a full stop to all these concerns by making the use of AI technology traceable and governable....

Read More

US Massachusetts Power Station reigning under Ransomware Attack

Ransomware news is out that all computers belonging to a power station located in Massachusetts were reigning under a ransomware attack and hopes of revival are bleak. However, the good news is that the officials at the power station are doing their best to clean up the database from the file-encrypting malware and have already achieved success in doing so on a partial note.   The Reading Municipal Light Department (RMLD) is the power station in discussion and the station bosses are reported to have hired an outside IT Consultant to resolve...

Read More

How to harden your employees from the massive social engineering threat

This blog was written by an independent guest blogger. Social engineering is the art of human deception. In the world of cybersecurity, it’s how to fool human beings in order to conduct cyber attacks. Some of these cyber attacks can be very expensive to your business! In fact, many of the worst cyber attacks to your organization’s network start with fooling you or one of your...

Read More

Dopple Leaks website launched by DopplePaymer Ransomware to publish victim data

Unexpected things are happening in the cyber world and here’s a news piece to share with those who are interested in knowing the latest in the ransomware world. Till a couple of years ago, ransomware spreading hackers were seen encrypting a database unless a ransom is paid. From 2019, the cyber crooks first started to steal a portion of the data from a database and then locked it with the file-encrypting malware unless a ransom in cryptocurrency is paid. And in the case the victim fails to pay a ransom, then the hacker would then sell the stolen...

Read More

Mexico and Australian Governments tackling Cyber Attacks

Mexico’s economic ministry has made it official that it is has detected malevolent server activity on its servers on Sunday this week. But assured that no sensitive information was compromised in the incident and all security measures were beefed up to prevent such incidents in the future. Readers of Cybersecurity Insiders have to notify a fact over here that a ransomware attack was poised at the National Oil Company named Pemex last November and the hackers were demanding $5 million in Bitcoins to free up the data. So, the Mexican government has...

Read More

Google revamps its Cloud Security measures

Google LLC has made an official announcement at the RSA Conference that it is going to facelift its Cloud Security capabilities of its consumers to protect their data, irrespective of the place where it resides. Thus, with the announcement the web search giant has hinted that it is going to technically revamp its Chronicle Security Platform and the reCAPTCHA Enterprise and Web Risk API Tools. As enterprises are embracing cloud for their application and data storage needs, they are opting for only those services which offer sophistication indulged...

Read More

Dawn of a new decade: Leaping from GRC to IRM – A building block approach

This blog was co-authored by Carisa Brockman, GRC Practice Lead. First things first: It is crucial to understand the difference between Governance, Risk and Compliance (GRC) and Integrated Risk Management (IRM) because this sets the stage for long term strategic risk management and breaks down the siloed approach to risk that exists in many organizations today.  It is...

Read More

Testing Cloud application stability using the principles of Chaos Engineering

Across the business landscape, we’re seeing a wholesale movement of services to the Cloud as companies wake up to the benefits of capacity and flexibility that accompany such a shift away from hosting systems on servers. While there are clear advantages to migrating to the cloud, there are challenges too – such as layers of added complexity. Testing these cloud-based systems...

Read More

Report claims $11.5 billion loss from ransomware in 2019

A new report says that ransomware attacks quantified to $11.5 billion in damage in the year 2019 which confirms that those spreading file-encrypting malware has made some good profits for sure. According to a study made by Deep Instinct…hmm, not the Basic Instinct, hackers stayed more focused in 2019 in spreading ransomware and the loss per incident was recorded to be $141,000 per incident-up from $46,650 a year earlier. Deep Instinct Ransomware Report says that the threat actors did not focus on a single business field to spread the malware. As...

Read More

US Politician Katie Hill in news for launching DDoS Cyber Attack on an opponent

FBI arrested a 32-year old man named Jan Dam hailing from California for launching DDoS Cyber Attacks on a Congressional candidate’s website in April- May 2018- eventually paving way for the win of Katie Hill. As the accusations are proved, apparently Dam will face a 10 years Federal imprisonment.   Therefore, this reminds us of the fact that Russia is not the only cyber threat for US Elections 2020 as they are also other forces that might be interested in acting a threat to democracy.   According to a statement released by the Department...

Read More

Ransomware leads to lawsuit and data concerns from NRC health

A Ransomware attack launched on New Jersey’s Hackensack Meridian Health on December 2nd, 2019 reportedly led to the disruption in services at 17 urgent care centers, hospitals, and nursing homes. At that time the hospital authorities paid an undisclosed sum to the hackers to retrieve encrypted files to normalcy and announced that there was no evidence that the hackers accessed the locked-up data. Now, the news is out that two persons hailing from Newark District have filed a lawsuit against the healthcare services provider seeking reimbursement...

Read More

Cloud Security that Performs

This post was originally published by Nat Kausik. We heard from another customer today that their incumbent cloud security vendor keeps going down. And when it is not down, DLP scans take hours, if they complete at all.   What is going on? Cloud security offerings are typically based  on the network security model, where fixed capacity nodes handle traffic on fixed bandwidth pipes.  These “bump in the wire” offerings are priced and sold by bandwidth, and things work well enough when they are used in such single-tenant contexts. Read...

Read More

The Healthcare Breach Report: Breaches on the Upsurge

This post was originally published by Juan Lugo. The vast majority of healthcare organizations utilize and store protected health information (PHI), which is composed of patients’ sensitive information. HIPAA, the privacy rule that classifies PHI, describes protected health information as medical history, Social Security numbers, personal financial data, and more.  Read more here:https://www.bitglass.com/blog/the-2020-healthcare-breach-report Photo:www.csoonline.com The post The Healthcare Breach Report: Breaches on the Upsurge...

Read More

Bitglass Security Spotlight: Healthcare Burglary Results in Data Breach Affecting Over 654,000 Members

This post was originally published by Juan Lugo. As cloud adoption continues to increase exponentially across all industries, data breaches have been, by large, the result of hacking and IT incidents. However, there are still a few data breaches each year that arise from loss or theft, and that is exactly what occurred to medical transportation vendor, GridWorks. The Oregon-based ride to care vendor experienced a burglary that resulted in a laptop stolen, which contained the personal identifiable information (PII) of 654,362...

Read More

BREACHES INCREASED IN 2019, BUT THE NUMBER OF EXPOSED RECORDS DECLINED

This post was originally published by (ISC)² Management. The number of U.S. data breaches bumped up 17% in 2019 but despite the increase, the volume of sensitive consumer records that were exposed declined substantially by 65%, according to a newly published report. Read more here: https://blog.isc2.org/isc2_blog/2020/02/breaches-increased-in-2019-but-the-number-of-exposed-records-declined.html Photo:www.identityforce.com The post BREACHES INCREASED IN 2019, BUT THE NUMBER OF EXPOSED RECORDS DECLINED appeared first on Cybersecurity Insiders. February...

Read More

Google trending Cyber Attack news headlines

Firstly, it is the US Department of Defense which is topping the headlines when it comes to cyber-attacks. News is out that the systems related to Defense Information Systems Agency(DISA) affiliated to DoD have been hacked the incident reportedly exposed personal data of more than 200,000 people. DISA is the agency that looks into the operations related to military communications and white house and it includes calls and web traffic monitoring of US President Donald Trump. It has to be notified over here that data related to names and social security...

Read More

DNA data become a soft target for hackers who are stealing it via Cyber Attacks

A team of security experts from Israel has warned that hackers are seen sweetly preying on DNA Research repositories these days as it proving lucrative to them. Researchers from Ben Gurion University (BGU) have released a white paper on the issue and published the same in their recent Journal Eurosurveillance.   Speaking about the dangers unfolding in microbiology advances, the experts have highlighted the fact that data related to genome sequences of pathogens which might bring a revolution into the detection of infectious diseases is said...

Read More

Ransomware attack on ISS World

ISS World, a Denmark based company that is into catering, cleaning and security business is reported to have become a victim of a ransomware cyberattack. The company’s website has been inaccessible since Feb 17th of this week and the management at the London’s Surrey, Canary Wharf and Weybridge offices consisting of 43,000 staff members are unable to access emails since then.   ISS (International Service System) officials say that the database has been locked from being accessed due to file-encrypting malware infection and details on the ransom...

Read More

Is the cybersecurity skills gap real?

An independent guest blogger wrote this blog. If you do a web search for “cybersecurity skills gap,” you’ll get many, many pages of results. It’s certainly a hot topic in our industry. And it’s a matter that security practitioners and human resources people often disagree on. But before I get further into the matter, it would help to know what it is we’re talking about when...

Read More

Google Adsense users facing extortion Cyber Threats with fake web traffic

If you maintain a website, then you will surely know what Google does if you flood your website with fake web traffic. Yes, for the first count it bans you on a temporary note and as soon as it detects a ‘repeat’, the web search giant completely blocks your website from being indexed on its search engine permanently. Then you probably have the other choice rather than buying a new domain. Now, the news is out that Google Adsense users are getting extortion threats on a digital note via email saying that their website will be flooded with fake web...

Read More

What is a Gen 6 Cyber Attack

As the cyber attack vectors are ever-evolving, it is becoming increasingly challenging for companies and individuals to protect themselves from the dangers lurking in the digital landscape.   Recent research carried out by security researchers of Check Point has concluded that most companies operating these days are lacking the basic cyber defenses and those which have are only capable of combating with 3rd generation of cyber-attacks while the demand now is for 6th generation.   Now to those who are unaware of the “Generation” difference...

Read More