FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Tuesday, June 30, 2020

Roblox Gaming users’ Cyber Attacked by Trump 2020 Election Campaign

A group of hackers posing as the representatives of the company assigned with the task of promoting the Trump 2020 Election Campaign have been fraudulently targeting the users of Roblox Game by urging them to vote for US President Donald Trump in the US 2020 Polls.

 

As per the details available to our Cybersecurity Insiders, nearly 1,200 Roblox accounts were fraudulently intercepted by a hacking group who were flooding the popular children’s gaming platform with the propaganda filled with an Avatar wearing MAGA signs and urging the parents of the kids to “Vote for Trump this year !#MAGA 2020”.

 

Technically speaking, the message is being posted in the “About” field of the main profile page related to the player replacing the original biography. And information is out that players residing in Britain are also getting the messages- even if they do not have a voting right in the United States.

 

It all began in June this year after the hackers succeeded in compromising over 500 accounts on an initial note and within a span of 7 days the number of compromised accounts doubled to twelve hundred+.

 

A reaction from the Roblox Corporation on the incident is awaited!

 

Note- Roblox is an open gaming platform where users are allowed to create their own games with avatars of their choice and are allowed to play the game with others. The platform has so far garnered the attention of around 100 million players around the world and is available on iOS and Android devices along with the regular Windows, Max, and Xbox one loaded machines.

The post Roblox Gaming users’ Cyber Attacked by Trump 2020 Election Campaign appeared first on Cybersecurity Insiders.


July 01, 2020 at 10:25AM

Microsoft to train 25 million people for COVID 19 Pandemic after jobs

To all those who have lost their jobs due to the Corona Virus initiated lockdown imposed by governments across the world, here’s a news piece to rejoice. 

 

American technology giant Microsoft led by Satya Nadella is all set to train nearly 25 million job losers with new skills by the end of 2020- all as a part of its skill and up-skill talent nurturing program.

 

It is a known fact that many people in this technology-filled world are anticipated to lose jobs, due to the ongoing pandemic as more companies are looking to tackle the lockdown trend with automation, to get rid of manual labor.

 

So, analysts watching the job market closely predict that nearly 400,000 workers are set to lose their jobs in the next three months as the companies around the world will try their best to recover from the economic crisis by cutting down spend on employees through various means.

 

This is where Microsoft in association with LinkedIn and GitHub are planning to train nearly 25 million people with new skills to cut down the unemployment graph predicted to surge by this year’s end.

 

“We create more technology so that others can make more technology”, said Mr. Nadella. As more jobs will go digital by 2025, we plan to tap the market with new skills- all as a part of the job creation initiative added the Microsoft CEO.

 

LinkedIn will be helping Microsoft to identify the top 10 jobs and skills across the globe by researching the next couple of weeks by allowing its 690 million users to participate and share their thoughts in this regard.

 

Microsoft will then offer content meant to build digital and soft skills for free to employees working in the IT, AI, and Cybersecurity field which in turn will help them up-skill themselves and make them eligible for more job openings.

 

Note- From the past 6 years, companies have been investing less in the training of their employees as a part of cost-cutting initiative. So, the Redmond giant’s job recreation program will help employees rebuild their skills as per the market demand.

The post Microsoft to train 25 million people for COVID 19 Pandemic after jobs appeared first on Cybersecurity Insiders.


July 01, 2020 at 10:24AM

Cybersecurity penetration testing explained

This blog was written by a third party author.
What is penetration testing?
Cybersecurity penetration testing is a method of checking for security weaknesses in software and systems by simulating real-world cyber-attacks.
Also known colloquially as ‘pen tests,’ penetration tests probe beyond the scope of automated vulnerability scans. Pen tests find gaps in protection that can arise when unique combinations of applications, systems, and security defenses work together in live environments.
External vs internal pen testing
Most penetration tests tend to be broken into two broad categories:

External pen testing—External penetration tests try to exploit flaws from the outside of corporate confines, simulating the kinds of attacks that remote hackers would carry out on externally facing assets. This includes internet-facing systems like web applications website servers, open APIs, DNS infrastructure, and more.

Internal pen testing—Internal penetration tests start from inside an organization’s internal network. They’…

Ericka Chickowski Posted by:

Ericka Chickowski

Read full post

      

The post Cybersecurity penetration testing explained appeared first on Cybersecurity Insiders.


July 01, 2020 at 09:09AM

CORRECTING and REPLACING Verimatrix Virtual Summit to Offer the Industry’s Latest Insights into Secure Video Delivery and Mobile Application Protection July 8-9

AIX-EN-PROVENCE, France & SAN DIEGO–(BUSINESS WIRE)–Second to last paragraph of the release should read: “To learn more about the Verimatrix Summer Summit, or register to attend any of the sessions go to https://summit.verimatrix.com/.” instead of “To learn more about the Verimatrix Summer Summit, or register to attend any of the sessions go to www.summit.verimatrix.com.”

The corrected release reads:

VERIMATRIX VIRTUAL SUMMIT TO OFFER THE INDUSTRY’S LATEST INSIGHTS INTO SECURE VIDEO DELIVERY AND MOBILE APPLICATION PROTECTION JULY 8-9

Summer Summit Offers Seven Sessions that Emphasize the Critical Role of Cybersecurity in Protecting Against Threats Affecting Pay TV, Mobile Sports, Healthcare Workflows and More

Verimatrix, (Paris:VMX), the leader in powering the modern connected world with people-centered security, today announced its second virtual event this year designed to showcase how the global expansion of video, applications and connected devices has multiplied today’s attack surfaces. The Verimatrix Summer Summit consists of webcasts and private meetings taking place Wednesday, July 8, and Thursday, July 9, 2020.

“Now more than ever, organizations need to provide their customers with compelling experiences – but those experiences must be protected,” said Asaf Ashkenazi, COO of Verimatrix. “The Verimatrix Summer Summit will showcase why security matters more than ever — and why in today’s modern connected world, security should be intuitive, user-friendly, and fast.”

To kick off the Summit, Verimatrix Chairman and CEO Amedeo D’Angelo will underscore the importance of reliable and trustworthy security in the high-growth areas of video content, mobile applications and connected devices.

Verimatrix Virtual Summit Experience

Trusted Security: What it Means to Be a Trusted Security Partner

Wednesday, July 8, 6:30am PT / 1:30pm GMT
Amedeo D’Angelo, Chairman and CEO of Verimatrix, will explore what it means to be a trusted security partner, how the global expansion of video, applications and connected devices has multiplied today’s attack surfaces, and why the future of scalable, cost-effective SaaS security in the cloud is so exciting.

Every Second Counts: Building Better Sports Fan Experiences Through Secure Mobile Apps and Connected Game Play
Wednesday, July 8, 7:00am PT / 2:00pm GMT
Produced and moderated by SportsPro, this webinar will showcase how today’s technological change is forever altering fan perceptions and demands for the sporting experience. Franchises who provide trusted gameday ecosystems will win over the hearts, minds and pocketbooks of fans – while preserving valuable revenue streams. Panelists include Leanne Johnson, VP of Digital for the Milwaukee Bucks and Lucas von Cranach, CEO and Founder of Onefootball. Eoin Connolly, Editor-At-Large for SportsPro, will moderate.

Cloud Speed Ahead: Unlocking New Opportunities with Secure Content Distribution
Wednesday, July 8, 8:00am PT / 3:00pm GMT
Produced by Omdia, this webinar will explore how content providers are efficiently setting up new distribution channels around the world by maximizing novel OTT direct-to-consumer strategies without breaking the bank. Allen Tatara, Sr. Manager, Webinar Events at Omdia will moderate. Panelists will include Geoff Stedman, Enterprise Media Strategist at AWS Elemental, Asaf Askenazi, Chief Operating Officer at Verimatrix and Merrick Kingston, Associate Director at Omdia.


Apps Under Siege: Understanding Today’s Threats to Web/Mobile Applications and How to Defend Your IP While Safeguarding Customers
Wednesday, July 8, 11:30am PT / 6:30pm GMT
Experts from Jscrambler and Verimatrix will discuss how the lack of application protection is a giant blind spot and source of risk for many companies. Whether they want to acknowledge it or not, virtually every company today is in the app business. This webinar will reveal how to protect apps from harm without degrading the user experience. Lu Bolden, Chief Revenue Officer at Verimatrix will moderate. Panelist will include Pedro Fortuna, Co-Founder & CTO at Jscrambler and Neal Michie, Director Product Management at Verimatrix.

Defend and Protect: How Cybercriminals Are Hacking Healthcare Workflows & How to Stop Them
Thursday, July 9, 8:00am PT / 3:00pm GMT
Moderated by Adam Turinas, this panel session will explore how cybercriminals can cripple healthcare workflows. It will uncover how tele-health platforms, apps and devices can be hacked relatively easily, share examples of breaches and review the latest security techniques. The results of a security effectiveness test of the world’s top 20 healthcare apps will be shared during the session. The webinar will be moderated by Adam Turinas, CEO & Founder of HealthLaunchpad. Panelists include John Ulett, CIO of CentraState Healthcare System, John Hendricks, CTO of Huntzinger Management Group, Brian Lawrence, Director Solution Engineering at NowSecure and Asaf Ashkenazi, Chief Operating Officer at Verimatrix.

Churning It Around: How to Identify and Retain At-Risk Video and Internet Service Subscribers Using Data Stories
Thursday, July 9, 9:00am PT / 4:00pm GMT
This panel will explore how security vendors and systems integrators are working with operators to utilize the latest data harvesting & analytics tools to surface subscriber profitability stories. This can lead to actionable insights powerful enough to boost consumption rates, reduce churn and increase ARPU – all of which are especially critical in a climate of tight pocketbooks caused by COVID-19. Moderated by Sebastian Braun, Director Product Management at Verimatrix, this panel will feature Luc Bleylevens, Senior Product Director, Subscriber Retention Management at Cleeng, Daragh O Brien, CEO & Managing Director of Castlebridge and Derek Harrar, CEO of Zodiac.

Adapt or Die: The Content Distribution Business Model in Flux
Thursday, July 9, 11:30am PT / 6:30pm GMT
Speakers from Xperi (TiVo) and 3Vision come together for this insightful session on the impact of COVID-19 on the traditional Hollywood business and their audiences. Topics to be explored include what’s changing within the content distribution business model and why, the shifting power of content producers, trends in security technologies and integration methods and more. Moderated by Lu Bolden, Chief Revenue Officer at Verimatrix, this webinar will feature Nic Wilson, Head of Customer Success at TiVo and Jack Davison, EVP of 3Vision.

To learn more about the Verimatrix Summer Summit, or register to attend any of the sessions go to https://summit.verimatrix.com/.

About Verimatrix
Verimatrix (Euronext Paris: VMX) helps power the modern connected world with security made for people. We protect digital content, applications, and devices with intuitive, people-centered and frictionless security. Leading brands turn to Verimatrix to secure everything from premium movies and live streaming sports, to sensitive financial and healthcare data, to mission-critical mobile applications. We enable the trusted connections our customers depend on to deliver compelling content and experiences to millions of consumers around the world. Verimatrix helps partners get to market faster, scale easily, protect valuable revenue streams, and win new business. To learn more, visit www.verimatrix.com.

The post CORRECTING and REPLACING Verimatrix Virtual Summit to Offer the Industry’s Latest Insights into Secure Video Delivery and Mobile Application Protection July 8-9 appeared first on Cybersecurity Insiders.


July 01, 2020 at 09:08AM

Ransomware observations

AT&T’s Digital Forensic Incident Response (DFIR) team has been observing cybercriminal organizations steadily increase their ransomware capabilities over the last few years.  We have seen ransomware grow in sophistication and capability at a rapid pace.  So rapidly in fact, that each investigation shows a new tactic or change in the binary program responsible for encrypting clients’ data. 
Not only are the digital tools advancing in scope and complexity, but also the tradecraft.  Up until a few years ago cyber criminals did not particularly care about the evidence they left behind.  The payoff was so high and with so many vulnerable networks it did not make sense to go slow.  But those times have slowly manifested into today’s ransomware capabilities, and no one is immune. 
Ransomware first appeared in 1989 called PcCyborg was very simple and easily circumvented….

Geoff Mefford Posted by:

Geoff Mefford

Read full post

      

The post Ransomware observations appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:09PM

Integrated Endpoint Security Solution Now Offers Incident Response Capabilities With New Kaspersky EDR Optimum and Kaspersky Sandbox

WOBURN, Mass.–(BUSINESS WIRE)–Integrated Endpoint Security solution now offers incident response capabilities with new Kaspersky EDR Optimum and Kaspersky Sandbox

The post Integrated Endpoint Security Solution Now Offers Incident Response Capabilities With New Kaspersky EDR Optimum and Kaspersky Sandbox appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

WhiteHat Security Announces Web and Mobile AppSec Bundle to Help Organizations Secure the Digital Future

SAN JOSE, Calif.–(BUSINESS WIRE)– #SiliconValley–WhiteHat Security today announced a discounted Web + Mobile Application Security bundle to help organizations secure the digital future.

The post WhiteHat Security Announces Web and Mobile AppSec Bundle to Help Organizations Secure the Digital Future appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

Cybersecurity Pioneer Cyemptive Technologies Announces Cyemptive Compliancy Cloud, World’s First Cyber Security Platform Providing a Single Seamless Solution to Meet the New Requirements of DOD’s Upcoming Cybersecurity Maturity Model Certification

SNOHOMISH, Wash.–(BUSINESS WIRE)– #CybersecurityMaturityModelCertification–Cyemptive Technologies Unveils World’s First Cybersecurity Platform With Single Seamless Solution for DOD’s Cybersecurity Maturity Model Certification

The post Cybersecurity Pioneer Cyemptive Technologies Announces Cyemptive Compliancy Cloud, World’s First Cyber Security Platform Providing a Single Seamless Solution to Meet the New Requirements of DOD’s Upcoming Cybersecurity Maturity Model Certification appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

Hunters Raises $15 Million in Series A Funding to Speed Enterprise Breach Detection & Response with Autonomous Threat Hunting

LEXINGTON, Mass. & TEL AVIV, Israel–(BUSINESS WIRE)–Hunters today announced it has raised $15 million in Series A funding to scale its autonomous threat hunting solution to defend enterprises from intruders and missed attacks across cloud, network, endpoint and more. Investors include Microsoft’s venture fund M12, Silicon Valley high-tech venture investor U.S. Venture Partners, with participation by seed investors YL Ventures and Blumberg Capital, and Okta Ventures, the venture arm of publicl

The post Hunters Raises $15 Million in Series A Funding to Speed Enterprise Breach Detection & Response with Autonomous Threat Hunting appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

ShiftLeft Announces New Developer-Focused Next Generation Static Analysis Solution that Increases Application Security Productivity by 5X

SANTA CLARA, Calif.–(BUSINESS WIRE)–ShiftLeft released a new version of NextGen Static Analysis, including new workflows that significantly improve security while enhancing productivity.

The post ShiftLeft Announces New Developer-Focused Next Generation Static Analysis Solution that Increases Application Security Productivity by 5X appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

eSentire Announces Record Growth While Full Conversion to a Distributed Workforce Accelerates Digital Transformation, Rapidly Displacing Legacy Cybersecurity Approaches

WATERLOO, Ontario & SEATTLE–(BUSINESS WIRE)–eSentire announces record growth while full conversion to a distributed workforce accelerates digital transformation.

The post eSentire Announces Record Growth While Full Conversion to a Distributed Workforce Accelerates Digital Transformation, Rapidly Displacing Legacy Cybersecurity Approaches appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

Safe Systems Issues New White Paper: “Top 10 Banking Security and Compliance Concerns for Community Banks and Credit Unions”

ALPHARETTA, Ga.–(BUSINESS WIRE)–Safe Systems issues new white paper, “Top 10 Banking Security and Compliance Concerns for Community Banks and Credit Unions.”

The post Safe Systems Issues New White Paper: “Top 10 Banking Security and Compliance Concerns for Community Banks and Credit Unions” appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

DDoS Attacks Increase 542% Quarter-over-Quarter amid Pandemic, According to Nexusguard Research

SAN FRANCISCO–(BUSINESS WIRE)–DDoS attacks rose more than 278% compared to Q1 2019 and more than 542% compared to the last quarter, according to Nexusguard’s Q1 2020 Threat Report

The post DDoS Attacks Increase 542% Quarter-over-Quarter amid Pandemic, According to Nexusguard Research appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:08PM

Monday, June 29, 2020

Ransomware attack on Indian Highways Authority Email Server

 

As predicted by the Singapore based Cybersecurity firm CyFirma earlier this month, a ransomware attack was launched on the email servers operated by the National Highways Authority of India on Sunday this week. However, as the incident was identified and contained at a preliminary stage, no data loss or disruption was observed.

 

Akhilesh Srivatsav, the IT Chief of NHAI has confirmed the news and stated that other servers were also shut down as a cautionary move. But he denied providing the details of the ransomware variant which targeted the servers.

 

Last week, the CERT-IN had issued an advisory to all government offices and private firms operating across India about a possible Phishing cyber-attack which could be launched from China- all due to the tension growing between the two nations over a border issue near Nepal.

 

Note 1- National Highways Authority of India is a government agency that is assigned with the task of developing, maintaining, and managing National Highways, arterial roads, and inter-state movement of passengers and goods.

 

Note 2- Meanwhile, in one of the major digital developments, the Indian government has decided to impose a ban on TikTok for National Security reasons. Also, 51 other apps developed by Chinese firms like ShareIt, WeChat, and others will be banned from being used by the Indian populace and the Telecom Authority of India will issue guidelines to operators to anticipate the ban on a full scale.

 

Note 3- Last year in November, the US Military and Naval services imposed a nationwide ban on the use of TikTok and some other Chinese apps, as they were found guilty leaking user data to servers located in the Peoples Republic of China. However, the ban was restricted to Military and government services and was not applicable to be imposed on the normal populace.

The post Ransomware attack on Indian Highways Authority Email Server appeared first on Cybersecurity Insiders.


June 30, 2020 at 10:36AM

Mobile Security Threats which so far topped the year 2020

As the year 2020 has passed midway, here are few of the mobile security threats which might see a bright future ahead

 

Data Leakage- The year 2020 has already witnessed enough when it comes to data leaks through mobile devices. While mobile apps remain as primary leak platforms, malware and phishing messages stand beside them in the second and the third position. So, make sure that you download apps only from authorized platforms and never click on links posted in messages as they can lead your device to digital disasters.

 

Unsecured Internet Connections- According to a survey conducted by IDC, more than 400,000 mobile devices fall prey to various cyber scams launched through unsecured Wi-Fi connections every year. And this mainly happens through free internet connections that are offered at airports and other human transit stations. Thus, to be safe from any kind of cyber threat, make sure you use a data connection coming from your telecom service provider and better avoid connecting to a free hotspot that can send your personal information to remote servers maintained by hackers.

 

Network Spoofing- As hackers are getting too sophisticated, network spoofing has emerged as a major threat to mobile devices. Technically speaking, hackers set up fake access points that are seen to be legitimate but are not real. Especially, such kind of connections is found in public places like coffee shops where hackers keep a track of a device accessing the internet and intercept the data movement with fake conversations, phishing links, or data stealing. So, you better be aware of such networks and access the internet only through trusted web resources.

 

Phishing- As said in one of the earlier paragraphs, scammers are finding ways to dupe the public with sophisticated email or text message links which when clicked can infect a targeted device with malware or spam. Therefore, better be aware of such attacks and keep your device safe from such attacks by avoiding clicking on unknown links embedded in the text or email messages.

 

Spyware- This type of malware is arguably the most worrying threat to mobile devices as hackers keep a track of the device whereabouts and activity. But tackling such threats with a comprehensive anti-virus and malware detection suits can help to keep the threats at bay.

 

The post Mobile Security Threats which so far topped the year 2020 appeared first on Cybersecurity Insiders.


June 30, 2020 at 10:33AM

FireEye Endpoint Security Now Available on California SLP Plus Program

MILPITAS, Calif.–(BUSINESS WIRE)–FireEye, Inc. (NASDAQ: FEYE), the intelligence-led security company, today announced that its endpoint security solution is now available for purchase via the California Software Licensing Program (SLP) Plus vehicle.

The SLP Plus contract vehicle, managed by the California Department of General Services, Procurement Division, ensures that FireEye® Endpoint Security complies with the state Endpoint Protection Standard SIMM 5355-A.

Inclusion as an SLP Plus-approved endpoint security vendor means California state agencies can avoid a formal proof-of-concept or a request for proposal to purchase, enabling government agencies across the state to easily procure more advanced cyber security capabilities from vendors like FireEye.

Unlike traditional endpoint security vendors that provide one-size-fits-all solutions to every customer, FireEye Endpoint Security is designed to deliver comprehensive defense using fully customizable protection, detection and response modules. This module creation and review is supported by the world’s leading Mandiant® frontline responders. Through this framework, organizations have an efficient way to deploy advanced features that can be tailored down to an individual level should they choose.

“We applaud California’s efforts to help improve security posture and are hopeful this important initiative paves the way for other states. The inclusion of FireEye Endpoint Security on the California Software Licensing Program Plus contract continues to demonstrate our leading position in helping public sector organizations combat increasingly sophisticated threats to state data and networks,” said Craig Mueller, Vice President of Sales, U.S. Public Sector at FireEye. “We remain committed to helping protect this critical sector and this new vehicle makes doing so that much easier.”

The inclusion on the SLP Plus contract continues a decorated 12 months for FireEye Endpoint Security, in which it was named a winner in the SC Awards Europe 2020 and the 2020 Cybersecurity Excellence Awards, delivered the most comprehensive coverage across all detection categories in the latest MITRE ATT&CK® evaluation, earned first place in the U.S. Naval Information Warfare Systems Command (NAVWAR) Artificial Intelligence Applications to Autonomous Cybersecurity Challenge, and was designated by the Cyber Catalyst by Marsh℠ program for being a solution that can have a meaningful impact on reducing major cyber risks like data breaches, business interruption, data theft or corruption, and cyber extortion.

FireEye Endpoint Security includes four integrated engines: machine learning (MalwareGuard), behaviour-based (ExploitGuard), signature-based (Malware Protection) and intelligence-based (Indicators of Compromise), to provide a layered defense against known and unknown threats. These engines are continually updated with threat intelligence unique to FireEye and designed to keep pace with evolving threats. For additional details, please visit https://fireeye.com/endpoint

To learn more about the California Software Licensing Program, please visit https://www.dgs.ca.gov/PD/About/Page-Content/PD-Branch-Intro-Accordion-List/Acquisitions/Software-Licensing-Program

About FireEye, Inc.

FireEye is the intelligence-led security company. Working as a seamless, scalable extension of customer security operations, FireEye offers a single platform that blends innovative security technologies, nation-state grade threat intelligence, and world-renowned Mandiant consulting. With this approach, FireEye eliminates the complexity and burden of cyber security for organizations struggling to prepare for, prevent, and respond to cyber attacks. FireEye has over 9,000 customers across 103 countries, including more than 50 percent of the Forbes Global 2000.

© 2020 FireEye, Inc. All rights reserved. FireEye and Mandiant are registered trademarks or trademarks of FireEye, Inc. in the United States and other countries. All other brands, products, or service names are or may be trademarks or service marks of their respective owners.

The post FireEye Endpoint Security Now Available on California SLP Plus Program appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:10AM

ECS to Develop Data Consolidation Solution for US Navy and Defense Health Agency

FAIRFAX, Va.–(BUSINESS WIRE)–ECS, a leader in advanced technology, science, and engineering solutions, has been selected by the Naval Information Warfare Center (NIWC) Atlantic to develop a legacy data consolidation solution prototype for the Defense Health Agency (DHA). This project was awarded as a Cost-Plus-Fixed-Fee, Other Transactional Authority (OTA) contract.

Under this contract, ECS will consolidate legacy data from various clinical systems being replaced by the new Military Health System (MHS) electronic health record initiative, MHS Genesis. This cloud-native prototype will provide a secure, active archive for DHA’s legacy health data, allowing clinicians to directly access a patient’s historical medical records from a single source at the point of care.

ECS will involve clinical partners in every phase of the prototype design, from initial concept through the development of user acceptance testing parameters. The active participation of clinicians will create a more patient-centric system, which will ultimately lead to better clinical outcomes for our nation’s military personnel and their dependents.

“By safely sunsetting targeted legacy systems, this prototype is expected to save millions of dollars annually for the federal government,” said Don Oswalt, ECS vice president of information systems. “We are proud to take an active role in pursuing this cost-effective digital transformation strategy.”

“ECS is excited to support NIWC and DHA in this effort, helping to improve continuity of care while providing significant cost savings for DHA and its stakeholders,” said George Wilson, president of ECS. “We are thrilled to have been selected and look forward to working with NIWC and DHA to deliver this innovative solution.”

About ECS

ECS, a segment of ASGN, delivers advanced solutions in cloud, cybersecurity, artificial intelligence (AI), machine learning (ML), application and IT modernization, science, and engineering. The company solves critical, complex challenges for customers across the U.S. public sector, defense, intelligence, and commercial industries. ECS maintains partnerships with leading cloud, cybersecurity, and AI/ML providers and holds specialized certifications in their technologies. Headquartered in Fairfax, Virginia, ECS has more than 3,000 employees throughout the United States. For more information, visit ECStech.com.

About ASGN

ASGN Incorporated (NYSE: ASGN) is one of the foremost providers of IT and professional services in the technology, digital, creative, engineering, and life sciences fields across commercial and government sectors. Operating through its Apex, Oxford, and ECS segments, ASGN helps leading corporate enterprises and government organizations develop, implement, and operate critical IT and business solutions through its integrated offering of professional staffing and IT solutions. Our mission is to be the most trusted partner for companies seeking highly skilled human capital and integrated solutions to fulfill their strategic and operational needs. For more information, visit us at asgn.com.

The post ECS to Develop Data Consolidation Solution for US Navy and Defense Health Agency appeared first on Cybersecurity Insiders.


June 30, 2020 at 09:09AM

WPA security explained: what is Wi-Fi Protected Access?

This blog was written by an independent guest blogger.
An overview on Wi-Fi security standards
WiFi signals can be put into two different categories, unencrypted and encrypted.
Unencrypted WiFi, sometimes known as open WiFi, can be connected to without a password. Anyone with a phone, tablet, PC, video game system, or Internet of Things device within range of the open WiFi signal can use it as long as there aren’t more devices connected to the wireless access point than it can handle. But the data being sent to and from your device through the open WiFi signal is unencrypted. That means a cyber attacker can intercept your internet traffic and put your data and device at risk! Maybe you’re not doing your online banking or shopping, but an attacker could still connect to your device and do considerable harm. The risk can be mitigated if you…

Kim Crawley Posted by:

Kim Crawley

Read full post

      

The post WPA security explained: what is Wi-Fi Protected Access? appeared first on Cybersecurity Insiders.


June 29, 2020 at 09:12PM

Star Tribune Names Code42 a 2020 Top 150 Workplace

MINNEAPOLIS–(BUSINESS WIRE)–Code42, the leader in insider risk detection, investigation and response, has been named one of the Top 150 Workplaces in Minnesota by the Star Tribune. Among the top 50 midsize companies, Code42 was ranked #7 on the list. A complete list of those selected is available at StarTribune.com/topworkplaces2020 and was published in the Star Tribune Top Workplaces special section on Sunday, June 28.

The Star Tribune Top Workplaces list recognizes the most progressive companies in Minnesota based on employee opinions measuring engagement, organizational health and satisfaction. The analysis included responses from over 76,000 employees at Minnesota public, private and nonprofit organizations. The rankings in the Star Tribune Top 150 Workplaces are based on survey information collected by Energage, an independent company specializing in employee engagement and retention.

“Being named as one of the most progressive employers in Minnesota, based on our employees’ feedback, is an honor and I want to thank our team,” said Joe Payne, Code42 president and CEO. “At Code42, we strive to create a workplace and culture where our employees can thrive professionally and personally – from the innovative insider risk solutions we deliver to the career development and community outreach we support.”

Star Tribune Publisher Michael J. Klingensmith said, “The companies in the Star Tribune Top 150 Workplaces deserve high praise for creating the very best work environments in the state of Minnesota. My congratulations to each of these exceptional companies.”

The Code42 insider risk solution provides a company-wide and segmented view of suspicious file movement, sharing and exfiltration activities. It sorts that activity by file type, user and vector, such as email, Dropbox, iCloud, USB, browser uploads, Slack and others. This information allows security teams to identify unusual data trends, gaps in security awareness and Shadow IT.

Code42’s insider risk solution has received a number of industry awards in 2020, including a gold Stevie Award, a CyberDefense Magazine InfoSec Award for Best Insider Threat Detection and a Cybersecurity Excellence Gold Award for Best Insider Threat Solution. For a complete list of Code42’s industry recognitions, visit the Honors page on the company’s website.

To qualify for the Star Tribune Top Workplaces, a company must have more than 50 employees in Minnesota. Nearly 3,000 companies were invited to participate. Rankings were composite scores calculated purely on the basis of employee responses.

About Code42

Code42 is the leader in insider risk detection, investigation and response. Native to the cloud, Code42 rapidly detects data loss, leak, theft and sabotage as well as speeds incident response – all without lengthy deployments, complex policy management or blocking employee productivity. With Code42, security professionals can protect corporate data and reduce insider risk while fostering an open and collaborative culture for employees. Backed by security best practices and control requirements, Code42’s insider risk solution can be configured for GDPR, HIPAA, PCI and other regulatory frameworks.

More than 50,000 organizations worldwide, including the most recognized brands in business and education, rely on Code42 to safeguard their ideas. Founded in 2001, the company is headquartered in Minneapolis, Minnesota, and backed by Accel Partners, JMI Equity, NEA and Split Rock Partners. Code42 was recognized by Inc. magazine as one of America’s best workplaces in 2020. For more information, visit code42.com, read Code42’s blog or follow the company on Twitter.

©2020 Code42 Software, Inc. All rights reserved. Code42 and the Code42 logo are registered trademarks or trademarks of Code42 Software, Inc. in the United States and/or other countries. All other marks are properties of their respective owners.

The post Star Tribune Names Code42 a 2020 Top 150 Workplace appeared first on Cybersecurity Insiders.


June 29, 2020 at 09:09PM

Ransomware news trending on Google

The first and the foremost ransomware news trending on Google is related to Russian hackers targeting work from employees of some multinational firms- including Fortune 500 Companies.

 

According to a research carried out by Cybersecurity firm Symantec, a noted hacking group from Russia dubbed ‘Evil Corp’ was seen targeting employees working from home and has so far reportedly targeted over 31 organizations in the past three months.

 

“Almost 31 firms were affected by the attack, and the attack scale has been higher breaching corporate networks to the core and laying the groundwork to launch ransomware attacks”, says Symantec.

 

Meanwhile, in a similar incident related to the University of California, San Francisco (UCSF), it’s now confirmed that the educational institute staff paid a ransom of $1.14 million to the criminals for decrypting the data related to the School of Medicine.

 

As per a report aired on BBC, UCSF was left with no choice rather than to pay the ransom to unlock the database as the stored information was never backed up to any server.

 

Highly placed sources say that the School of Medicine’s servers belonging to UCSF networks was infected by the file-encrypting malware on June 1st of this year and the encrypted data was related to the operations and research work meant for the treatment of Corona Virus.

 

As the encrypted data was associated with the academic work of inventing a vaccine/medicine to curb the spread of the COVID 19 pandemic, the IT staff succeeded in negotiating the ransom amount from $3 million to $1.4 million and paid it by June 26th, 2020.

 

Note- Paying a ransom is against the advice given by Internationally recognized law enforcement agencies such as FBI, Europol, and NCSC- a cyber arm of UK’s GCHQ.

 

The post Ransomware news trending on Google appeared first on Cybersecurity Insiders.


June 29, 2020 at 08:47PM

Australia invests in Cyber Threat Intelligence platform to shield itself from Cyber Attacks

Almost 10 days ago, Australian Prime Minister Scot Morrison made it formal that the critical infrastructure of his nation was being bombarded by cyber attacks probably launched by hackers funded by Chinese Intelligence.

 

Now, the country has decided to bolster its defense-line against state-funded cyber threats by investing $1.22 million in a firm named Cybermerc to develop a threat intelligence platform named Aushield Defend- all as a part of AustCyber Initiative.

 

Aushield Defend will be acting as an information-sharing platform where businesses operating in Australia can share data related to threats, research, and academia.

 

“On an overall note the new platform will help Australian populace to work together in shielding their networks”, said Matthew Nevin, the Chief of Cybermerc. He added that as a part of this online community program, Universities and research institutes operating across the Australian continent will be able to have access to the latest malware, and some mitigation issues.

 

Additionally, information is out that some of the funds from the AustCyber will also go to the TAFE Cybersecurity Education Project initiated by the University of Adelaide. And as a part of this project schools operating in the region will gain threat intelligence related resources and data related to job vacancies in the field of Cybersecurity.

 

Note- AustCyber is a federally funded non-profit organization founded in the year 2017. Its objective is to boost innovation and science in Australia and is being achieved through extensive research and consultation; thus eventually boosting the Cybersecurity Sector’s growth across the whole of Australia.

The post Australia invests in Cyber Threat Intelligence platform to shield itself from Cyber Attacks appeared first on Cybersecurity Insiders.


June 29, 2020 at 11:42AM

Famous Instagram star Hushpuppi arrested for Cyber Scam

Instagram star Hushpuppi was arrested by FBI in a raid conducted on his apartment on June 10th,2020 for involving in a £350 million Cyber Scam. The Nigerian who often boasted about his lavish lifestyle on private jets and fancy vacations was caught by the US law enforcement agency in association with a police team led by Brigadier Jamal Al Jalaf, of Dubai CBI when he was sleeping in his luxury apartment.

 

The police claim that the 38-year old made money by duping online users with fake websites of renowned banks and companies and stealing their funds from their respective bank accounts in fraudulent ways.

 

According to sources reporting to Cybersecurity Insiders, investigators recovered few luxury cars, documents related to some luxury apartments and estates, some precious metals, 30 million cash, and a data trove of over 2 million email addresses of victims stored on different phones and laptops in the raid.

 

Note 1-Hushpuppi’s actual name is Raymond Abbas and he used to lure victims by showing them a glimpse of his billionaire lifestyle. The accused will also be facing three charges of committing fraud in Europe, Nigeria, and America.

 

Note 2- FBI is all set to extradite Mr. Abbas to America as he has involved in a lot of cybercrimes in the United States. But nothing concrete has emerged in the media as Ray talked very less about his source of wealth to date.

 

Note 3- What amazes is that Mr. Abbas started as a small-time clothes dealer in Lagos and emerged as a billionaire property developer in Dubai. He used to encourage his 2.4 million followers to not give up and strive hard to make it big.

The post Famous Instagram star Hushpuppi arrested for Cyber Scam appeared first on Cybersecurity Insiders.


June 29, 2020 at 11:41AM

Sunday, June 28, 2020

McAfee Revolutionizes Its Endpoint Security Platform With Industry’s First Proactive Solution to Help Organizations Stay Ahead of Emerging Threats

SANTA CLARA, Calif.–(BUSINESS WIRE)–McAfee, the device-to-cloud cybersecurity company, today announced general availability of McAfee MVISION Insights, the industry’s first proactive security solution that changes the cyber security paradigm by helping to stop threats before the attack. MVISION Insights provides actionable and preemptive threat intelligence by leveraging McAfee’s cutting-edge threat research, augmented with sophisticated Artificial intelligence (AI) applied to real-time threat telemetry streamed from over 1 billion sensors. The integration of MVISION Insights significantly enhances the capabilities of McAfee’s award winning endpoint security platform by managing the attack surface, preventing ransomware and aiding security teams to easily investigate and respond to advanced attacks.

According to recent internal research by McAfee, over 90 percent of security teams feel that they are not proactively prepared for the emerging threat landscape. While there is a plethora of threat intelligence feeds available in the market, actionable and contextual threat intelligence is hard to find. Additionally, multiple siloed endpoint security tools are tiring down security teams who are struggling to enable their organizations to safely adopt the cloud for digital transformation. The integration of MVISION Insights into McAfee’s endpoint security platform is designed to eliminate some of the burden on security operations professionals.

“CISOs want an answer to a fundamental question: How truly protected they are against the latest adversarial campaign targeting their organization,” said Ash Kulkarni, executive vice president and chief product officer of the enterprise business group at McAfee. “Our latest endpoint security innovation, MVISION Insights, delivers the industry first actionable threat intelligence so organizations can preempt an attack rather than scramble to contain a breach.”

McAfee’s endpoint security platform incorporates MVISION Insights and integrates multiple proven and new innovations to help deliver the following key customer outcomes:

  • Preempt attacks by “shifting-left” (engaging early) in the attack lifecycle with security posture scores, configuration assessment and automated policies and updates
  • Prevent ransomware and other advanced malware with integrated native OS controls, behavioral blocking, exploit prevention, machine learning and file-less threat defense
  • Simplify investigation and response to sophisticated threat campaigns with unified Endpoint Detection and Response (EDR) capabilities that include continuous monitoring, multi-sensor telemetry, AI-guided investigations, MITRE ATT&CK mapping and real-time hunting
  • Diminish the impact of an attack with enhanced remediation capabilities, which can roll back the destructive effect of a ransomware attack by restoring affected files and negating the need for system reimaging
  • Gain operational efficiencies with a cloud-delivered and unified endpoint solution that reduces total cost of operations and complexity

Click here to learn more about the new McAfee’s endpoint security solution.

About McAfee

McAfee is the device-to-cloud cybersecurity company. Inspired by the power of working together, McAfee creates business and consumer solutions that make our world a safer place. www.mcafee.com.

McAfee technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. No computer system can be absolutely secure. McAfee® and the McAfee logo are trademarks of McAfee, LLC or its subsidiaries in the United States and other countries. Other marks and brands may be claimed as the property of others.

The post McAfee Revolutionizes Its Endpoint Security Platform With Industry’s First Proactive Solution to Help Organizations Stay Ahead of Emerging Threats appeared first on Cybersecurity Insiders.


June 29, 2020 at 09:09AM

Entrust Datacard Wins Frost & Sullivan’s Global Customer Value Leadership Award

MINNEAPOLIS–(BUSINESS WIRE)–Entrust Datacard, a leading provider of trusted identity and secure transaction technology solutions, was awarded Frost & Sullivan’s 2020 Global Customer Value Leadership Award for its certificate issuance and management portfolio. The award is a component of Frost & Sullivan’s Transport Layer Security (TLS) Certificate Market Report, which provides a comprehensive overview of the public trust TLS certificate market.

Frost & Sullivan’s Best Practice Awards recognize organizations across a variety of industries for demonstrating outstanding achievement and exceptional performance in categories such as leadership and technological innovation. Award recipients consistently toil for years to develop innovative, best-in-class solutions within their industries.

As the digital world expands and the threat landscape evolves, Entrust Datacard’s comprehensive portfolio of high assurance TLS/secure socket layer (SSL) certificates and certificate management capabilities helps secure transactions across people, systems and things. Its customer-focused approach goes beyond certificate issuance and management and helps businesses ease the complexities associated with managing digital certificates.

“With a robust trust infrastructure model, Entrust Datacard’s Certificate Solutions (ECS) enable automated certificate installation and management, thereby reducing risks and vulnerabilities associated with TLS certificates,” said Swetha R K, Industry Analyst for Cybersecurity at Frost & Sullivan. “Further, the Certificate Authority (CA) offers industry leading support, DevOps integration to reduce IT’s workload, and a mature business model – the certificate recycling subscription model – which gives companies the full lifetime value of certificates and allows for cost planning.”

“We are honored to be selected by Frost & Sullivan as winners of the 2020 Global Customer Value Leadership and Innovation Excellence Awards,” said Jay Schiavo, Vice President of Certificate Solutions. “As companies become more digitally sophisticated, they need to deploy an increasing number of certificates to improve and maintain public and private trust. This award is a true testament to our devotion to providing solutions that prioritize service levels, innovation and user experience. With the recent launch of our Certificate Hub, we’ll continue to help enterprises navigate the complexities of digital certificates by standardizing, simplifying and streamlining certificate discovery, management and automation.”

The TLS Certificate Market Report takes a deep dive into the global transport layer security certificate market to help industry stakeholders navigate market trends and changes. According to its findings, industries are straining to keep pace with the rate of regulatory changes, such as GDPR and CCPA, increasing the need for the CA/Browser Forum, CAs, and government entities to align on best practices.

The report also revealed a stronger need for identities. Consumers can no longer rely on the padlock in the URL to ensure the validity of a website. More spoofed sites are now using HTTPs and anonymous Domain Validation Secure Sockets Layer (DV SSL) certificates to make it difficult for consumers to distinguish between a phishing and legitimate site – a contributing factor in an alarming rise in data breaches. And consumers are taking note In fact, a Frost & Sullivan survey found that 48 percent of consumers stopped paying for business relationships with a company after a reported data breach.

In addition to the 2020 Global Customer Value Leadership Award, Entrust Datacard was also recognized with this year’s Frost Radar™ Best Practices Award for Innovation Excellence in the Global Transport Layer Security Certificates Market. This award, which is strictly reserved for market leaders at the forefront of innovation, celebrates companies that consistently identify and build new growth strategies based on a visionary understanding of the future.

To read Frost & Sullivan’s Transport Layer Security (TLS) Certificate Market Report: entrustdatacard.com/pages/frost-and-sullivan-report

To learn more about Entrust Datacard’s certificate issuance and management solutions visit: https://www.entrustdatacard.com/products/categories/ssl-certificates

About Entrust Datacard Corporation

Consumers, citizens and employees increasingly expect anywhere-anytime experiences — whether they are making purchases, crossing borders, accessing e-gov services or logging onto corporate networks. Entrust Datacard offers the trusted identity and secure issuance technologies that make those experiences reliable and secure. Solutions range from the physical world of financial cards, passports and ID cards to the digital realm of authentication, certificates and secure communications. With more than 2,000 Entrust Datacard colleagues around the world, and a network of strong global partners, the company serves customers in 150 countries worldwide. For more information, visit www.entrustdatacard.com.

The post Entrust Datacard Wins Frost & Sullivan’s Global Customer Value Leadership Award appeared first on Cybersecurity Insiders.


June 28, 2020 at 09:08PM

Saturday, June 27, 2020

Virtual Summit Explores Methods, Best Practices for How to Secure the Future of Work Environments

BRIDGEWATER, N.J.–(BUSINESS WIRE)–Spear-phishing email attacks have increased 667 percent during COVID-19, with employees unknowingly giving criminals access to their personal data and their employer’s—exposing valuable corporate information like usernames and passwords, credit card account numbers and customer identities. With many companies already working from home due to COVID-19, new data suggests that about 74 percent of CFOs expect at least some of their employees to continue to work from home permanently after the pandemic ends.

During periods of crisis—such as the current coronavirus outbreak and its impact on business operations—CIOs, CISOs, IT and security leaders are getting ahead of the new vulnerabilities and security challenges. This includes clearly communicating to the executive team and staff the nature of the obstacles that they are facing to safeguard the enterprise that is comprised of a highly distributed, remote workforce and addressing the exponential rise in phishing attacks that are occurring.

What:

 

As an authority on fraud and security, iconectiv is joining notable industry leaders in a virtual executive panel at the HMG Live! Philadelphia CIO Virtual Summit titled, “Securing the Future of Work.” Hosted by HMG Strategy, the peer-to-peer event will explore best practices for tackling the complex business and organizational challenges emerging in today’s evolving workplace.

 

Who:

 

Michael Iwanoff, Chief Information Security Officer at iconectiv, will join Kostas Georgakopoulos, CISO of Proctor & Gamble, Sudhanshu Kairab, VP of Cybersecurity Governance, Risk and Compliance for Comcast and moderator Rocco Grillo, Managing Director of Alvarez & Marsal to discuss:

  • The new normal workplace, and the security challenges and vulnerabilities it poses
  • Advice on how to lead effectively during a crisis including the common characteristics of courageous security/IT leaders
  • How best to reassure team members during times of uncertainty, roll out new processes, technology, etc. to keep businesses and employees safe and productive

 

When:

 

Tuesday, June 30th, 2020 / 2:25 p.m. EDT

 

 

Where:

 

Register here to participate in the discussion.

 

 

 

About iconectiv
Your business and your customers need to access and exchange information simply, seamlessly and securely. iconectiv’s extensive experience in information services and its unmatched numbering intelligence helps you do just that. In fact, more than 2 billion people count on our platforms each day to keep their networks, devices and applications connected. Our cloud-based Software as a Service (SaaS) solutions span network and operations management, numbering, trusted communications and fraud prevention. For more information, visit www.iconectiv.com. Follow us on Twitter and LinkedIn.

The post Virtual Summit Explores Methods, Best Practices for How to Secure the Future of Work Environments appeared first on Cybersecurity Insiders.


June 28, 2020 at 09:09AM

CORRECTING and REPLACING ZenGRC Extends Leadership Momentum with Four Badges on G2 Summer 2020 Grid Report for GRC Platforms

SAN FRANCISCO–(BUSINESS WIRE)–Please replace the release with the following corrected version which updates the number of badges from three to four.

The corrected release reads:

ZENGRC EXTENDS LEADERSHIP MOMENTUM WITH FOUR BADGES ON G2 SUMMER 2020 GRID REPORT FOR GRC PLATFORMS

Recognized as Leader, Momentum Leader, Users Love Us, and Easiest To Do Business With

Reciprocity, the company behind ZenGRC, the industry-leading information security risk and compliance solution, today announced ZenGRC has earned four badges on the G2 Summer 2020 Grid Report. This marks the 14th consecutive quarter ZenGRC has been recognized by G2 in its quarterly report. G2 is a peer-to-peer business solutions review website, leveraging customer feedback to rank the best business software and services. In the GRC Platforms category, products are ranked by customer satisfaction and market presence on the Grid Report. The four badges awarded to ZenGRC are:

  • Leader: ZenGRC was rated highly by G2 users and had substantial Satisfaction and Market Presence scores
  • Momentum Leader: ZenGRC ranked in the top 25% of the GRC Platforms category
  • Users Love Us: ZenGRC had at least 20 reviews with an average rating of at least 4 stars
  • Easiest To Do Business With: ZenGRC earned the highest rating for Ease of Doing Business With

“We are thrilled that ZenGRC earned four badges in the G2 Summer 2020 Grid Report. We’re particularly excited that this is the third quarter in a row that ZenGRC has been awarded a badge in the Leader quadrant, and the second quarter in a row ZenGRC has earned the ‘Momentum Leader’ badge. This recognition proves that we’re building momentum as an industry leader, and delivering on our commitment to provide the best and most innovative information security risk and compliance solution on the market,” said Jordan MacAvoy, Vice President of Marketing at Reciprocity. “Earning the badge for ‘Users Love Us’ and ‘Easiest To Do Business With’ reinforces that we’re meeting our goal to closely partner with our customers to successfully fill a mission-critical need for CISOs.”

This news follows the recent announcement that Reciprocity’s ZenGRC Won the 2020 Fortress Cyber Security Award for Compliance.

Connect with us on Twitter, LinkedIn, and Facebook

About G2

G2, the world’s leading business solution review platform, leverages more than 680,000 user reviews to drive better purchasing decisions. Business professionals, buyers, investors, and analysts use the site to compare and select the best software and services based on peer reviews and synthesized social data. Every month, more than one million people visit G2’s site to gain unique insights. Co-founded by the founder and former executives of SaaS leaders like BigMachines (acquired by Oracle) and SteelBrick (acquired by Salesforce) and backed by more than $100 million in capital, G2 aims to bring authenticity and transparency to the business marketplace. For more information, go to g2.com

About Reciprocity

Reciprocity’s mission is to turn corporate compliance from a cost center into a valuable strategic asset. Our ZenGRC platform simplifies the way organizations manage information security risk and compliance, and encourages transparency and trusted relationships with key stakeholders. Find out why the world’s leading companies trust ZenGRC at reciprocitylabs.com

Reciprocity, ZenGRC and ZenConnect are trademarks and registered trademarks of Reciprocity in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2020 Reciprocity. All rights reserved.

The post CORRECTING and REPLACING ZenGRC Extends Leadership Momentum with Four Badges on G2 Summer 2020 Grid Report for GRC Platforms appeared first on Cybersecurity Insiders.


June 27, 2020 at 09:09PM