FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Wednesday, September 30, 2020

AI to prevent cyber attacks on Medical Devices

The year 2017 witnessed a global outage of computer systems because of WannaCry Ransomware attack. And it was believed that over 75,000 of medical systems operating for National Health Service (NHS) in England and Scotland were virtually shut down for several days for the North Korea propelled digital outage.

This includes cancellation of critical care appointments as most of the MRI Scanners, blood storage refrigerators, operational theatres and connected ventilators could not be operated under normal circumstances.

To counter such issues in near future, scientists at the Ben-Gurion University of the Negev (BGU) have developed an AI based solution that helps in defending medical devices against malware spread or other malicious cyber attacks.

Tom Mahler, a PHD student at BGU, is leading a team of experts who are working on an artificial intelligence based technique that helps in eliminating or reducing potential cyber threats occurring from digital attacks or other human errors.

BGU research claims an AI based surveillance to be implemented on the instructions taking place between a PC to the physical components. Crafted as dual layer architecture, the model can also be inducted into the existing medical devices, thus making them secure against most sophisticated cyber attacks.

Still, a lot of research and analysis has to be done on the AI architecture.

However, a synopsis was presented at the 2020 International Conference on Artificial Intelligence in Medicine (AIME 2020) on a recent note.

The post AI to prevent cyber attacks on Medical Devices appeared first on Cybersecurity Insiders.


October 01, 2020 at 10:34AM

Most Cloud platforms serving as breeding ground for Cryptomining Malware

According to a study taken up by Aqua Security, most of the cyber attacks seen on cloud servers are mostly related to cryptocurrency mining malware rather than other forms. The research that was taken in between June 2019 and July 2020 states that out of 16,378 attacks observed on cloud platforms, most of them were related to malware or decoys deployed in one form or the other.

Aqua Security 2020 Cloud Native Threat report says that the said form of attacks increased by 250% from the previous year and the development suggests that the attack landscape has moved its base towards organized crime, where cyber crooks are hired to launch attacks on CSPs.

The year 2019 witnessed most of the hackers seen deploying crypto mining malware on cloud containers and only a few were witnessed to be used for transferring data to remote servers or to launch other form of attacks like DDoS.

As there is an increased collaboration between threat actors, a surge in the frequency and sophistication of cyber attacks is been observed. For instance, threat actors are seen as multi-stage payloads and 64-bit encoding to avoid detection.

Unpatched systems, human configuration blunders, brute force attacks, easy guess passwords were seen offering hackers a strong chance to exploit cloud servers from the beginning of this year.

Note 1- Crypto jacking or Cryptocurrency mining malware- A malware that is used to mine cryptocurrency by deploying it on computer platforms fraudulently is called crypto currency mining or crypto mining malware. So, hackers are seen harnessing the processing power of many networked computers to generate revenue in bitcoins.

Note 2-According to a study made by AdGuard, over 500 million users are seen unknowingly mining crypto currencies on their computing devices such as tablets and smart phones.

The post Most Cloud platforms serving as breeding ground for Cryptomining Malware appeared first on Cybersecurity Insiders.


October 01, 2020 at 10:32AM

What is identity and why is it important?

What is identity? 

In 1793, French mathematician and philosopher, Nicolas de Condorcet laid the foundations of “social mathematics” by studying the relationship between the individual and the collective to formalise the foundations of the democratic system. He chose the mathematical term “identity” to represent the algebraic concept of equality among citizens in terms of their legal rights and obligations.

However, identity has also come to express the differences between us. Simply speaking, identity is a combination of your physical and behavioural traits that define who you are. For example, your name is part of your identity, as is the form and colour of your eyes and your fingerprint. This set of characteristics allows you to be definitively and uniquely recognisable.

Identity plays an important role in empowering individuals to exercise their rights and responsibilities fairly and equitably in a modern society. It is imperative for social, economic and digital inclusion as it provides access to basic human rights such as healthcare, pensions, social benefits, the ability to exercise our right to vote, and beyond. But to be able to access those rights, one needs to be able to prove that they are who they claim to be.

Usually official documents such as passports and identity cards are used as a proof of your name, and your photo on these documents is the most natural link to who you are.

Official identity as a proxy for inclusion

If a country’s citizens don’t have access to an official identity, they are much more likely to miss out on a variety of essential services, due to the fact that identity touches so many aspects of our lives. For citizens, identity provides them with access to state programs that support their wellbeing. As an example, Jamaica recently approved the use of biometric authentication systems to verify those citizens accessing social welfare benefits.

Yet an official identity system is also beneficial for governments. With more citizens registered they have a much better chance of accurately understanding their population’s demographics, which in turn plays an essential role in impactful policy making.

It is for these reasons that access to a legal identity has been recognised by the United Nations General Assembly as being a fundamental sustainable development goal – ensuring a legal identity from birth to all by 2030.

Nonetheless, getting a population registered is not an easy task and there are many barriers to reaching everyone – both due to physical geographical landscapes and a lack of infrastructure to support the collection of information. On the government side, the space tends to be a fragmented one, with multiple overlapping and incompatible systems being deployed at the same time. In general, there is a lack of coordination between civil registration and identity, and with other state systems that have their own registration and credential systems. Moreover, a proportion of the population is excluded because of excessive charges, indirect costs, and convoluted processes, or simply because they don’t have physical access to the service.

So how can we ensure the responsible adoption of official identity and the necessary protections around it which ensure that it is a tool for public good?

The role of foundational ID systems

Unique identity or foundational ID systems are general-purpose identity platforms that are designed to support all forms of identity. There are no multiple or redundant registrations, meaning that one registration is created for use with all state systems. Furthermore, foundational ID systems offer improved service delivery and economies of scale, and as identity becomes a readily available commodity, a new ecosystem of different applications naturally emerges. One such ID system is India’s Aadhaar, thanks to which nearly 80 percent of India’s citizens have access to critical government services.

Here’s how an individual’s identity is established:

  • The user’s unique biographical (name, date and place of birth, etc.) and biometric data (fingerprint) is captured
  • It is then validated to establish the uniqueness of the request for an accurate digital identity
  • This unique identity is then verified against existing data in internal or external systems
  • The biometric and biographical data is authenticated against physical documents
  • And finally, a unique identity is created in the foundational system, and a private unique identity number (UIN) is assigned to the person.

Achieving identity inclusion has become ever more urgent in the aftermath of the COVID-19 pandemic as public health and economic challenges are pressuring governments to deploy essential measures such as social safety nets, health, and labour programs that ensure the health & wellbeing of the population and help restart their economies. One important link for enabling these is that all measures require inclusive identification of the population.

My colleague Jaume Dubois, who is an identity system specialist at Thales, will join other experts in the field for the ID4Africa discussion to tackle the issue of identity and inclusion and share examples of policies, approaches and technologies that have proven successful. The discussion will take place on 16 September 2020 at 2:30pm CET on International Identity Day.

We invite you to learn more about the underpinning technology and processes for secure delivery of ID services.

 

The post What is identity and why is it important? appeared first on Cybersecurity Insiders.


October 01, 2020 at 09:09AM

2020 IT Spending: Cybersecurity Remains an Investment Priority Despite Overall IT Budget Cuts, Kaspersky Found

WOBURN, Mass.–(BUSINESS WIRE)–According to a new Kaspersky report ‘Investment adjustment: aligning IT budgets with changing security priorities,’ cybersecurity remains a priority for investment among businesses. Its share of IT spending has grown from 23% in 2019 to 26% in 2020 for SMBs, and from 26% to 29% for enterprises. 71% of organizations also expect their cybersecurity budget will increase in the next three years, despite overall IT budgets decreasing in both segments amid the COVID-19 pandemic.

External conditions and events can influence IT priorities for businesses. As a result of the COVID-19 pandemic, organizations have been forced to adjust plans to meet changing business needs. The report, based on a survey of more than 5,000 IT and cybersecurity practitioners, observes recent IT security economics trends and how they correlate with this year’s events1.

While the overall IT budget has fallen from $1.2m in 2019 to $1.1m in 2020 among SMBs, and from $74.1m to $54.3m for enterprises, the share of IT budget dedicated to IT security continues to grow year-on-year. Decreases in budget are likely due to the consequences of the global coronavirus pandemic, according to Gartner, whose experts also predicted that budgets would decrease earlier this year.

As a result, small and medium businesses allocated $275k to cybersecurity while enterprises invested $14m. According to the survey, the majority of companies are expecting these figures to grow in the next three years by 11% in enterprises and 12% in SMBs, on average. 17% believe it will remain at least the same as this year.

Alternatively, one-in-ten (10%) organizations said they are going to spend less on IT security. Interestingly, the main reason for this across enterprises is the deliberate decision of top management, who sees no point in investing so much money in cybersecurity in the future (32%).

Among SMBs, the reason to reduce spend in this area is primarily dictated by the need to cut overall company expenses and optimize budgets (29%). Small and medium organizations were hit hardest by the lockdown with more than half of small companies globally reported a decline in sales or experienced cash flow constraints. It is clear that those affected have needed to optimize their expenses to survive. But while this impacts cyber-protection, it’s important for businesses to find a way to keep safe from cyber-risks in such a challenging time.

2020 has put many companies in situations where they needed to respond, so they wisely concentrated all their resources and efforts on staying afloat,” commented Alexander Moiseev, chief business officer at Kaspersky. “Even though budgets get revised, it doesn’t mean cybersecurity needs to go down on the priority list. We recommend that businesses, who have to spend less on cybersecurity in the coming years, get smart about it and use every available option to bolster their defenses by turning to free security solutions available on the market and introducing security awareness programs across the organization. Those are small steps that can make a difference, especially for SMBs.

Kaspersky suggests the following advice to small and medium organizations in order to maintain their cybersecurity posture, even with low security investments:

  • Always keep employees aware of IT security risks that can target their daily working routine. Dedicated training courses that teach security practices, such as the ones provided in the Kaspersky Automated Security Awareness Platform, use formats that help employees remember cybersecurity rules.
  • Ensure timely updates of all systems, software and devices. Also all corporate devices should be protected with strong passwords that are changed regularly.
  • Use a free endpoint security tool, such as Kaspersky Anti-Ransomware Tool for Business, which provides protection for both PCs and servers from a wide range of threats including ransomware, cryptominers, adware, pornware, exploits and more.
  • There are also some useful tools that could help ad-hoc cybersecurity needs, such as checking suspicious files, IP addresses, domains and URLs. This can be done for free on the Kaspersky Threat Intelligence Portal.

To read the full report ‘Investment adjustment: aligning IT budgets with changing security priorities’, please visit here.

About Kaspersky

Kaspersky is a global cybersecurity company founded in 1997. Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative security solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection and a number of specialized security solutions and services to fight sophisticated and evolving digital threats. Over 400 million users are protected by Kaspersky technologies and we help 270,000 corporate clients protect what matters most to them. Learn more at usa.kaspersky.com.

1 The Kaspersky Global Corporate IT Security Risks Survey (ITSRS) interviewed 5,266 respondents across 31 countries. Conducted by B2B International and commissioned by Kaspersky, fieldwork took place in July 2020.

The post 2020 IT Spending: Cybersecurity Remains an Investment Priority Despite Overall IT Budget Cuts, Kaspersky Found appeared first on Cybersecurity Insiders.


October 01, 2020 at 09:08AM

Next generation firewall (NGFW) explained: What is a NGFW?

What is a next generation firewall?
Traditional firewalls have been around for decades. But NGFWs, uninhibited by the same technology limits, take advantage of significant advancements in storage space, memory, and processing speeds. The feature set for NGFWs build upon traditional firewall features by including critical security functions like intrusion prevention, VPN, and anti-virus, and even encrypted web traffic inspection to help prevent packets containing malicious content from entering the network. Many NGFWs are also capable of integrating with modern networking topologies like software-defined wide area networks (SD-WAN).
Look around at the different firewall solutions today, and you’ll discover that most vendors label their solution as NGFWs. However, without a consensus from the security industry about what a next-gen firewall is and what it is not, organizations must look at all the features and decide if the solution fits their business needs. 
What are the benefits of…

Mary Blackowiak Posted by:

Mary Blackowiak

Read full post

      

The post Next generation firewall (NGFW) explained: What is a NGFW? appeared first on Cybersecurity Insiders.


September 30, 2020 at 09:09PM

How banks can meet the challenge of card recycling

As consumers around the world become more conscious of their responsibilities to the environment, banks and financial institutions have created their own initiatives to going green.

Whether that’s finding solutions to reduce the quantities of plastic by using alternative bio-sourced material with PLA (Polylactic Acid) or reclaimed plastic from coastal areas banks are helping to move us in the right direction towards saving the planet.

One area that continues to be a concern for banks that are moving to green practices is managing the end of life for credit cards in a way that is sustainable and safe. You might think that the environmental impact of a card is small – but if you think that more than 17,000 tonnes of PVC is used in the creation of credit and debit cards around the world every year, you can see the cumulative effect is significant.

We explore why historically this has been an issue and how the landscape is changing to improve this outlook.

The challenge with card recycling

For the vast majority of consumers, the experience of using scissors to cut up their expired credit cards is very familiar. For years, banks have advocated for this as a part of the end-of-life process for cards – as it serves to reduce the chance of fraud.

What happens next isn’t so clear. Lots of consumers assume that plastic credit and debit cards can be recycled. The truth is that with the majority of cards made out of PVC, most kerbside collection teams are not be able to recycle it. That’s not to say that there aren’t specialists that can repurpose and recycle PVC, but it’s generally not possible with day-to-day household collection – it all depends on local regulation.

In most cases, cards either go into the incinerator or to the landfill. In the worst case scenario, it will go back into the environment, gradually turn into micro plastic and get back to us. As every banking card is a well-designed compound, made up of metals (copper, nickel, gold, aluminium, iron), resin, glass, silicon and plastics (PVC, PET), it can be a tough challenge to recycle it.

The alternatives to PVC

One of the ways to tackle the scourge of PVC returning to the environment is to move towards materials that are just as durable but more easily disposable – all the while embodying the consumer shift to more green expectations.

We’re already seeing this move in other industries. From big sports brands like Adidas and Nike using recycled materials in some of their trainers and clothing, to IKEA sourcing 100 percent of its cotton from farms that meet the Better Cotton standards, companies from different industries are making a step change into adopting more sustainable materials to manufacture their products.

Banks are not an exception. For example, Triodos has been working with Thales to become one of only a few UK banks to provide eco-friendly debit cards, which are created from a plastic substitute called polylactic acid (PLA). PLA is made from renewable sources such as plant leaves and corn which makes it biodegradable, recyclable and non-toxic if incinerated. The materials make the card compatible with magnetic stripe, contact and contactless card technologies. Ultimately, working with sustainable materials can have a profound impact on the environment if it is adopted on a large scale.

The key to credit card recycling

While it is challenging, the banking industry is rising to the challenge of card recycling. Last year, American Express announced it was rolling out a card recycling service programme – initially in the U.S. – for card members to send back their expired or non-functioning cards to the bank. This accompanied an announcement that they would be launching a card made from 70% reclaimed ocean plastic, collected by Parley for the Oceans.

This is just one example of how the industry is rising to meet this challenge. At Thales, we have started working with a long-term partner in Europe for the first step of banking card recycling process. This involves recovering the energy from the plastic through the incineration process. The metals are also recycled and then sent for use in other industries, such as jewellery making and gold wire for circuits. This is hugely beneficial, as 0% of these materials end up in landfill. Additionally, we aim to carry out this process in Europe to further mitigate the carbon footprint.

Following a ‘cradle-to-cradle’ philosophy, we are also developing next generation products by putting recycling at the heart of the design process. This includes removing unnecessary components to make the recycling possible – such as taking away magnetic stripes or the traditional signature panel which prevent recycling.

As with other areas, only with industry-wide collaboration will the impact of these green measures truly be felt. Card recycling is undoubtedly a challenge for financial institutions, but with rapid advances happening all the time across the sector, there is a real opportunity for banks – in partnership with manufacturers – to drive this change.

The post How banks can meet the challenge of card recycling appeared first on Cybersecurity Insiders.


September 30, 2020 at 09:09PM

Kasasa Partners with NXTsoft’s OmniConnect Marketplace to Deliver Seamless Loan Experience to Community Financial Institutions

AUSTIN, Texas–(BUSINESS WIRE)–Kasasa®, an award-winning financial technology and marketing provider, has partnered with NXTsoft, the market leader in API connectivity, to enhance the lending process for community banks and credit unions and their borrowers.

Together, NXTsoft and Kasasa will provide a level of ease and flexibility to the lending processes that borrowers have never seen before. The capabilities and functionality of online loan interactions become a non-issue because of the end-to-end connection of data that this partnership provides. Consumers can expect consistency and real-time data whether they’re logging into a mobile banking platform or interacting with a bank or credit union in person.

“Our partnership with Kasasa enables us to provide their clients with quick, seamless and intuitive access to the information borrowers need most regarding their loan status and balances,” said Rich Longo, Chief Strategy Officer and Omni Division President at NXTsoft. “NXTsoft’s OmniConnect has provided connectivity to banks and credit unions for more than 25 years, and we look forward to working with Kasasa to further streamline the lending process for communities across the nation.”

NXTsoft is a secure data solutions software platform that develops products and services to help businesses secure, connect and optimize their data to maximize revenue opportunities, enhance profitability and mitigate cybersecurity risk.

“Our goal is to make life easier for our clients and the people they serve,” said Chris Cohen, EVP, Product Management at Kasasa. “Community financial institutions offer more favorable interest rates and benefits than megabanks, making them one of the best sources for consumer-friendly lending products. By partnering with NXTsoft, Kasasa expands and smoothes the lending process to make it even more intuitive, thus further enabling community financial institutions to compete with larger banks.”

About NXTsoft
NXTsoft is headquartered in Birmingham, Ala., NXTsoft is the market leader in API connectivity, connecting Fintech companies to banks and credit unions throughout the United States. NXTsoft’s other solutions include data security, data analytics, data management and data migration. For more information visit www.nxtsoft.com/marketplace, email marketplace@nxtsoft.com or call 1-800-915-3381.

About Kasasa
Based in Austin, Texas, with 500 employees, Kasasa® is a financial technology and marketing provider committed to driving results for over 900 community financial institutions by attracting, engaging, and retaining consumers. Kasasa does this through branded retail products, world class marketing, and expert consulting. For more information, please visit www.kasasa.com, or visit them on Twitter or LinkedIn.

The post Kasasa Partners with NXTsoft’s OmniConnect Marketplace to Deliver Seamless Loan Experience to Community Financial Institutions appeared first on Cybersecurity Insiders.


September 30, 2020 at 09:08PM

Ransomware news trending on Google

Clark County School District(CCSD) is trending on Google for all wrong reasons, as hackers have leaked personal information of students belonging to the said school district of Las Vegas. The data is flowing on a tech forum and is for a sale for a triple digit number and the information includes social security numbers, retirement info, grades, names of school students, their addresses, their birth dates and more.

Highly placed sources say that Maze Ransomware group was behind the incident of leaking data as Clark County school officials refused to pay a demanded a sum in Bitcoins when the hackers group infiltrated the database of the school district on August 27th,2020 to lock it down thereafter.

As the school denied paying the ransom, the stolen information was made public on September 26th of this year.

In the latest Digital Defense Report released by Microsoft, some ransomware attacks are taking just 45 minutes to encrypt a whole of the corporate database. The highlight of the report is that hackers are seen increasingly targeting supply chain, instead of attacking a company on a direct note.

As most of the threats were linked to Russia, Microsoft has sent over 13,000 Nation-State Notifications to its US customers via email that the threat from the said nation might target them at any moment in the next few months.

Password spraying, use of penetration testing tools, spear phishing attacks, use of web shells to backdoor servers and exploiting VPN servers have topped the threats list discovered by Microsoft in between June 2019 to June 2020.

Third, Gallagher Insurance company has said that some of its internal systems were locked down by a file encrypting malware and the same was disclosed to the world by the company in its latest Securities and Exchange Commission (SEC) filing.

And to contain the ransomware spread, Arthur J Gallagher & Co initiated Cybersecurity measures as a part of business continuity planning and has engaged few Cybersecurity professionals to probe down the incident to the core.

BTW, only the claims unit dubbed Gallagher Bassett was impacted by the ransomware and no other business subsidiaries of Arthur J Gallagher & Co were impacted.

The post Ransomware news trending on Google appeared first on Cybersecurity Insiders.


September 30, 2020 at 08:40PM

Tuesday, September 29, 2020

Three Cyber Attacks on Flightradar24

Flightradar24, a website used to track flights in transit, was reportedly hit by 3 cyber attacks on Monday this week and the services were still down till late Tuesday. As the attempts made by the IT staff failed to restore the website to the core, a third party security services provider was engaged to bring back the digital services to normalcy.

Reports are in that the database of Flightradar24 was hit by a Distributed Denial of Service (DDoS) attack, and prima facie says that no data was compromised in the incident.

Around 180,000 flights are tracked by Flightradar24 users on a daily note, and that includes those using services of Airbus, Boeing and Etihad.

What’s amazing about this online service is the fact that it helps users identify a flight based on the flight number, model, and signal codes send during distress. For those who have subscribed for a premium, more services such as location of the flight during the time of crash and last signal time is also available. Mostly, such services are used by media reporters who cover news incidents related to flight crashes and those who own private jets.

Note- Started in the year 2006; Flightradar24 is reported to have over 2 million daily users and has been app downloaded over 40 million times. So, such a distinctive service being hit by a cyber attack on two consecutive days is raising questions on whether the attack was launched by any state funded actors.

The post Three Cyber Attacks on Flightradar24 appeared first on Cybersecurity Insiders.


September 30, 2020 at 10:22AM

MobileIron and Pulse Secure acquired by Ivanti

Ivanti, an IT software company that’s based in Utah, has proudly announced that it is going to acquire MobileIron and Pulse Secure for an undisclosed amount. Trade analysts say that MobileIron that’s into the business of Mobile Security could have gained anything in between $800-$900 million from the deal, while the price-point of secure access solutions provider Pulse Secure is yet to be estimated.

Ivanti plans to bolster its Unified Endpoint Management business along with Zero Trust and Enterprise Security Service from the deal is said to retain the staff as-in-as- then basis and will be combinable led by Ivanti’s Chairman and CEO Jim Schaper.

“By amalgamating both companies, i.e. MobileIron and Pulse Secure, we will create a leader in Unified Endpoint Management, security and enterprise service management markets”, said Schaper.

As working remotely from any device is the new trend, securing such environments with our software solutions will be the aim of our business added Jim.

Ivanti CEO Jim Schaper said that we welcome the employees, clients, and customers of MobileIron and Pulse Secure into our family and would like to thank our affiliates Clearlake and TA Associates to make this happen.

Simon Biddiscombe, the CEO of MobileIron, appreciated the deal and said that it will position Ivanti as a collective company serving the emerging needs of the market.

Note- Ivanti’s Neurons Hyper Automation Platform offers customers the ability to discover, manage, secure and automate services across all devices.

The post MobileIron and Pulse Secure acquired by Ivanti appeared first on Cybersecurity Insiders.


September 30, 2020 at 10:20AM

A day in the life of the COVID air traveller

Do you recall what air travel was like from just a few months ago? We were practically able to fly anywhere, without having to think about whether our health was at risk, whether we’d be allowed in the country upon arrival, or if we’d need to self-isolate for 14 days as a precaution. The COVID-19 crisis has dramatically disrupted the aviation industry, grounding thousands of planes for months and emptying airports.

Besides the negative economic impact it has had on the industry, the pandemic has considerably shaken the trust between customers and airports, and passengers and airlines. Therefore, in order to encourage individuals to travel again, airport operators and airlines can use innovative technology such as automation, machine learning and biometrics to make safety, hygiene and health their top priority.

Let’s follow the journey of a passenger, Jenny, who regularly flies to different destinations around the world, to see how new technology at airports can keep her safe, while still allowing her to have a seamless and enjoyable passenger experience.

Machine learning can make social distancing a reality

Airports are by nature crowded spaces where procedures are built around people queuing and being in close contact with one another. Many countries have relaxed their social distancing measures from two to one metre, but even so this could still cause disruptions to the airport experience.

Machine learning (ML) algorithms integrated through the airport system can regulate the flow of passengers to avoid over occupancy and long queues at checkpoints, ensuring reasonable time for perusing shops, making use of amenities and maintaining social distancing at boarding. The flow of passengers is regulated by only allowing access to the sterile area of a specified flight according to departure time, the number of flights expected, the forecasted number of passengers and the number of boarding passengers.

Here’s how this would work. The day before her flight Jenny receives a notification though her mobile phone app with a recommended time to arrive at the airport to avoid queues at the self-check-in desk. If her flight has a green light, she will be able to enter the queue for the security checkpoint and go into the sterilized area. Whether her flight has a green or red light is decided by the ML algorithm based on the departure time and passenger occupancy rate. The boarding pass reader will not allow Jenny to enter the queue for the security checkpoint if her flight has a red light.

Health check operations enabled by thermal cameras

The role of the airport as a gateway to the country and to provide health checks is expected to last for quite some time. The requirement to identify symptoms and manage infection, and to increase passenger and staff trust as a result, is likely to remain until a vaccine is found. So how are airport operators going to deploy these operations?

In a recent IATA survey of travellers, 80% indicated that temperature checks make them feel safer when travelling. Temperature checks are likely to remain for a long time and airport operators need to incorporate this measure into their normal practices in a way that it doesn’t disrupt the passenger experience.

Thermal cameras at the airport will monitor whether Jenny and all other passengers and staff are wearing face coverings. These cameras will measure Jenny’s temperature through various touchpoints at the airport, including entrance, departure and arrival. If the camera detects that Jenny has a temperature of 37.8C or greater, she will not be able to proceed with her journey and will need to safely go back home to self-isolate.

Using sensors to ensure smooth passenger experience

Monitoring for people’s behaviour is not just essential for their health and safety but also to ensure an enjoyable passenger experience, which is likely to drastically change because of the social distancing and health and safety measures taken. A video management system will also detect any unusual behaviour and will be able to alarm security officers so that they intervene quickly and restore safety conditions.

If airports deploy sensors that can anonymously track passenger behaviour, this will help operators predict crowded areas, anticipate need for retail and real estate marketing and correctly allocate resources. By tracking her throughout the airport, the operator could send a message to Jenny through digital signage or public announcements to advise her the best time to go to the duty free area in order to avoid crowds.

Improving border crossing safety and wait times with eGates

Automated border control (ABC) gates address the challenge of minimising and simplifying immigration procedures at airports while improving ease, speed and convenience for travellers. eGates automate the ID verification processes through facial recognition tech that allows for seamless, less intrusive and faster experience. The pandemic has placed an increased importance on hands-free interactions to help reduce the rate of infection; therefore, instead of queuing at the immigration desk where a border control officer would need to manually verify her ID documents, Jenny can simply go through the eGates to avoid this.

Here’s how the technology works. Thanks to its multi-camera wall, the gate begins processing biometrics as soon as Jenny steps in. Digital mirrors are placed next to the cameras, instinctively attracting her eyes in the correct direction for successful image capture. This positioning allows Jenny to pass through the gate intuitively, minimising the risk of human error and associated time loss. State-of-the-art biometric verification software with live quality assurance checks ensures that Jenny is the rightful owner of the ID document.

Air travellers rely on clear guidance and this is especially true during times of crisis. The upturn of passengers will only be possible if they can trust that airports can guarantee the safety of everyone on their premises, while ensuring a smooth, undisrupted experience. In order to be implemented effectively, these new procedures, regulations and social-distancing measures need to be supported by first-class technological solutions.

For more information around how technology will enable the new airport experience after the COVID-19 pandemic, download our whitepaper on the topic, listen to the on-demand webinar Addressing COVID-19 challenges at airports to restore passenger trust or tweet us at @ThalesDigiSec.

The post A day in the life of the COVID air traveller appeared first on Cybersecurity Insiders.


September 30, 2020 at 09:09AM

Foresite Named to MSSP Alert’s Top 250 MSSPs List for 2020

OVERLAND PARK, Kan.–(BUSINESS WIRE)–MSSP Alert, published by After Nines Inc., has named Foresite to the Top 250 MSSPs list for 2020 (http://www.msspalert.com/top250).

The list and research identify and honor the top MSSPs, managed detection and response (MDR) and Security Operations Center as a Service (SOCaaS) providers worldwide.

The rankings are based on MSSP Alert’s 2020 readership survey combined with the digital media site’s global editorial coverage of managed security services providers. The fourth-annual list has expanded from 2019 (200 honorees) and 2018-2017 (100 honorees) amid MSSP Alert’s continued, organic readership growth.

“We are honored to be recognized in the top 10 percent of this year’s list. Our continued acknowledgment in the MSSP Alert top list displays the true dedication of our cybersecurity team and employees,” says Marc Brungardt, president of Foresite. “Cybersecurity incidents continue to rise at an alarming rate, especially with more work from home teams than ever before. We want our customers and partners to know that we’re here for them and will work together to make sure businesses are operating as securely as possible and continue to do our part to help them make good decisions regarding their cybersecurity.”

“After Nines Inc. and MSSP Alert congratulate Foresite on this year’s honor,” said Amy Katz, CEO of After Nines Inc. “Despite the coronavirus pandemic, this year’s honorees continue to accelerate their businesses, mitigate customer risk, and safeguard digital assets worldwide.”

Highlights from the associated MSSP Alert research include:

  • MSSP Revenue Growth: MSSP honorees, on average, expect to generate $19.15 million in revenue for 2020, up 16% from $16.47 million in 2019.
  • Geography: Honorees are headquartered in 25 different countries — up from 19 countries in the 2019 report.
  • Profits: 84% of MSSPs surveyed expect to be profitable for the fiscal year 2020.
  • Security Operations Centers: 67% have in-house SOCs, 24% are hybrid, 6% completely outsource their SOCs, and 3% are reevaluating their SOC strategies.
  • Cyberattack Trends: The most frequent attacks targeting MSSP customers in 2020 include phishing (95%), vulnerability (76%), and ransomware (69%) attacks.
  • Cybersecurity Solutions: In a continued sign of market fragmentation, MSSP survey participants mentioned 129 different hardware, software, cloud, and services vendors that assist their cybersecurity efforts — up from 95 in 2019.
  • M&A: Mergers, acquisitions, and private equity investments continue to accelerate across the MSSP landscape. Twenty high-profile deals involving MSSP 250 honorees have surfaced since last year’s report.

The Top 250 MSSPs list and research were overseen by Content Czar Joe Panettieri (@JoePanettieri). Find the online list and associated report here: http://www.msspalert.com/top250.

The unique challenges of 2020 have brought remote workforces into the limelight, massive network changes, and new devices, all accompanied by shortages of resources and trained cybersecurity professionals, thereby increasing many organizations’ risk and exposure to cybercrime. During this time, Foresite has continued to grow through unique and customized service offerings of our proprietary ProVision Cybersecurity Suite. Our services provide our customers with unprecedented visibility into their organization’s logs and security efforts, giving clients incomparable views into their security position. Our team of industry experts put businesses in the driver’s seat by helping them understand their current cybersecurity situation and needs and how we can help with each, building a cybersecurity solution that is unique and right for their business.

Some key services include:

  • MDR – Managed Detection and Response: Active threat hunting to identify potential areas of compromise including detection, analysis, response, and remediation. Providing outcomes – not alarms – with faster incident response times and working as an extension of your security team.
  • SOCaaS – SOC-as-a-Service: Defend against advanced and complex security threats with a 24x7x365 cybersecurity center providing all your security services requirements.
  • SIEM Security Monitoring: Real-time analysis of security events generated across the entire infrastructure. Log storage & management, correlation of events through advanced analytics and machine learning, combined with security intelligence feeds and human enrichment for identification, assessment, notification, and escalation.
  • CASM – Critical Asset Management: Firewall/endpoint/M365 (& more) monitoring and management with 24x7x365 access to skilled security experts as an extension of your security team. Full incident analysis, remediation, change control, and system updates/upgrades.
  • Patch Management: Full unified patching across the organization securing all the endpoints and infrastructure in your network. Evaluate, test, and apply operating system and application patches automatically as a service.
  • Security Testing and Assessments: Penetration testing, vulnerability assessment, application testing, social engineering, phishing, red team testing, and more individual engagements or service schedules.
  • Consulting and Compliance Solutions: Gap assessments, certified audits/attestations (PCI, HIPAA, SOX, NIST, etc.), remediation and QSAs

About Foresite:

Foresite provides a full suite of masterful cybersecurity and compliance services. Delivered through our proprietary ProVision Cybersecurity Suite, our services focus on SOC-as-a-Service, MDR, Critical Asset Management, Patch Management, plus integrated Security Consulting and Testing Services. Foresite is also fully channel focused and technology platform neutral. Our security operation centers staffed with skilled security analysts provide 24/7/365 services designed to reduce the number of operational security resources and investments organizations need to retain in order to achieve their desired security posture, adhere to compliance mandates, and attain the full value from their existing security investments. For more information, visit us at http://foresite.com or contact us at info@foresite.com.

About After Nines Inc.

After Nines Inc. provides timeless IT guidance for strategic partners and IT security professionals across ChannelE2E (www.ChannelE2E.com) and MSSP Alert (www.MSSPAlert.com). ChannelE2E tracks every stage of the IT service provider journey — from entrepreneur to exit. MSSP Alert is the global voice for Managed Security Services Providers (MSSPs).

  • For sponsorship information contact After Nines Inc. CEO Amy Katz, Amy@AfterNines.com
  • For content and editorial questions contact After Nines Inc. Content Czar Joe Panettieri, Joe@AfterNines.com

The post Foresite Named to MSSP Alert’s Top 250 MSSPs List for 2020 appeared first on Cybersecurity Insiders.


September 30, 2020 at 09:08AM

Sage Vegan Bistro Founder, Chef Mollie Engelhart, Joins IMPACT! Podcast’s Guestlist

LOS ANGELES–(BUSINESS WIRE)–A lineup of experts and impactful thought leaders, including plant-based cuisine thought leader and founder of Sage Vegan Bistro & Brewery, Mollie Engelhart, has been announced for the current season of the IMPACT! with John Shegerian podcast. The show is hosted by Shegerian, Co-Founder and Executive Chairman of ERI, the nation’s leading fully integrated IT and electronics asset disposition provider and cybersecurity-focused hardware destruction company.

A woman of many hats, Engelhart is a successful restauranteur and chef serving raved-about plant-based comfort food to the masses at her four locations across Los Angeles. She is also a regenerative farmer growing clean food free of harmful pesticides and a board member of Kiss the Ground, working to train farmers to reverse climate change.

As a guest on the IMPACT! Podcast, Engelhart shared the science, philosophy and benefits behind the vegan lifestyle, regenerative farming, and vegan motivation and discussed the new Netflix documentary, “Kiss the Ground,” narrated by Woody Harrelson. The episode of the IMPACT! Podcast posted live today.

Conversations on IMPACT! explore current topics, advice, information and solutions straight from the greatest innovators, leaders, disruptors and experts. Every week, guests are invited as thought leaders to share with listeners first-hand accounts of how they got their start and how they are able to make the world a better place on a daily basis.

Other recent influencers appearing as IMPACT! guests have included representatives from Nikola Motor Company, Best Buy, the Archdiocese of Atlanta, JetBlue, Comerica Bank, Houlihan Lokey, Homeboy Industries, No Meat Athlete, iFixit, NAID, E2 and a number of fascinating thought leaders and game-changers, including softball legend and ESPN baseball anchor Jessica Mendoza, Radical Body Transformations producer and real estate mogul Anthony Lolli, legendary actor Ed Asner; Super Bowl champion Ryan Harris; Petri ‘Byrd the Bailiff’ Hawkins-Byrd from “Judge Judy;” author and music industry legend Mathew Knowles; “Better Things” star Rebecca Metz; fashion maven Kaila Methven; celebrity chef Ara Zada; and one of the world’s youngest and most successful social entrepreneurs, Ryan Hickman, the 10-year-old founder of Ryan’s Recycling.

IMPACT! with John Shegerian is available for listening on ImpactPodcast.com, Apple’s iTunes, Amazon Music, and as part of iHeartRadio’s digital broadcast, reaching over 120 million users.

“Whether we’re talking to a major international corporation, an athlete, a celebrity, an emerging new company or a nonprofit with a passionate cause, our listeners are sure to be inspired by impactful stories shared by our guests about the issues that matter more than ever,” said Shegerian.

To book a guest on the show, contact producer Linda Ramos at Linda.Ramos@impactpodcast.com.

For more information, visit ImpactPodcast.com

The post Sage Vegan Bistro Founder, Chef Mollie Engelhart, Joins IMPACT! Podcast’s Guestlist appeared first on Cybersecurity Insiders.


September 30, 2020 at 09:08AM

Zero Trust Architecture explained

This blog was written by a third party author.
With the increase in frequency, sophistication, and cost of cyberattacks, the global focus on cybersecurity is at an all-time high. However, the goalposts for those tasked with protecting businesses have shifted. Hackers have a growing number of ways they can compromise a business and are frequently looking to move laterally within an organization, using credentialed (and often elevated) access. On top of this, insider threats are on the rise where trusted users take advantage of their access for nefarious purpose. 
This means that the tried-and-tested concept of perimeter-based security and defenses (where anything located on the corporate network it is assumed to be trusted) is no longer enough. Security teams need to shift their thinking from the perimeter to the authentication and access of resources. This means looking at methods of both restricting access and monitoring access requests to ensure…

Nick Cavalancia Posted by:

Nick Cavalancia

Read full post

      

The post Zero Trust Architecture explained appeared first on Cybersecurity Insiders.


September 29, 2020 at 09:10PM

The results are in – what needs to happen to ensure 5G security

This blog was written with my colleagues Brittany Jedrzejewski, Benoit Jouffrey and Jean-François Rubon.

In 2020, expectations for 5G have never been higher – it is clear users want the technology to provide a variety of new cases, while at the same time allow for some network customisation capability.

What’s more, exponential growth in both web and mobile traffic, especially for streaming video, and the explosion of connected devices mean that network infrastructures will need to scale effectively to deliver higher volumes of data, while remaining secure. Here we delve into a recent survey by Telecoms.com that depicts what industry leaders believe are the biggest 5G security challenges.

Ranking the Security Risks

As we may have expected, the survey uncovered that respondents were most concerned with the use of more complex and potentially unsecured network technologies that 5G will bring, with four in ten citing this as their main worry.

As the nature of the 5G core network is more flexible than any generation we have previously seen, we can use 5G in ways we previously could only do in a very limited case with 4G. Innovations such as slicing and cloud native virtualisation must therefore also be secured if the whole network is to be resilient to attack. As we haven’t had to secure these elements before, it is perhaps unsurprising that this is the primary concern of the respondents, especially if this then also puts consumers at a greater risk of a data breach. However, it is clear that with increased amounts of data processed –both at the core and the edge– more than ever before, there is strong need for data protection, at rest, in motion and at use.

On the other hand, those involved in the design and execution of 5G have learned lessons from previous generations of networks, for example 3G and 4G, and so have been able to better prepare the network for the more common attacks we have seen before, such as Denial-of-service attack (DDoS). This reflected in the number of respondents believing 5G will cause an increase in the number of such cyberthreats being significantly lower that the top concern.

Secure Equipment – the essential pillar

Garnering trust in 5G comes from ensuring that all the key equipment used in its deployment are also secure, as we must be able to create a chain of trust in the 5G networks.

This school of thought also appears to be reflected in the survey, with almost half the respondents stating that while their core network has the highest level of security trust, a variety of other components that will make 5G function at its most secure level, are also now essential to bolster trust in the security of the network as a whole.

With 5G, hardware security has never been more important. Tamper resistant components, such as 5G SIMs, contain secure elements that are essential in allowing secure 5G network access.

On the mobile network operator side, a trusted environment is maintained by their ability to securely and remotely swap, on-demand, the authentication algorithm contained in the SIM thanks to key rotation management. This gives them increased cyber resilience.

For customers, 5G SIM cards allow for the full anonymisation of end-to-end subscriber identities thanks to onboard identity encryption. This eliminates the potential to misuse such information to locate and trace individuals or collect personal data. It also helps mobile operators to stick with increasing pressure about end-user’s data protection regulation.

Edge computing and Cloud security – the final step

With 5G we can deploy a new service called Multi-access Edge Computing (MEC) on a much larger scale than ever before.

MEC allows us to optimise the performance for ultra-low latency and high bandwidth services, as well as real-time access to radio network information that can be leveraged by applications.

By moving some of the computing capability out of the public cloud and closer to the end user and end devices, data doesn’t have to travel as far, which means it can be processed faster. For customers, moving computing, storage and management to the “edge” of the network will create faster speeds and near real-time decision-making. In practice this will bring high definition graphics, virtual reality, gaming and more to mobile devices.

However, just as we need to secure the core network and the hardware associated with 5G, we must now also think about securing access networks between the core. Indeed, edge computing heightens the security risk because it involves distributing compute and storage processes away from one centralised location to a higher number of dispersed locations and endpoints, all of which must be secured.

As the survey rightly points out, end-to-end security is key here. With cloud-based security-as-a-service platforms, a diverse range of encryption, key management and hardware security module services are supported. From here, it is possible to route sensitive data to a guarded data centre on dedicated hardware, should it be deemed necessary. All of these features will help secure the data throughout the access network.

If we are to fully embrace the potential of 5G and other emerging digital services, we must first re-examine and re-architect how networks, applications and systems are delivered and secured. As the survey says, digital security specialists are one of the best placed entities to solve 5G security challenges, especially if we work in conjunction with mobile network operators.

 

The post The results are in – what needs to happen to ensure 5G security appeared first on Cybersecurity Insiders.


September 29, 2020 at 09:10PM

Lumen Teams With VMware to Expand Edge Compute Capabilities for the 4th Industrial Revolution

DENVER & PALO ALTO, Calif.–(BUSINESS WIRE)–VMworld 2020 — At VMworld 2020, Lumen Technologies (NYSE: LUMN) and VMware, Inc. (NYSE: VMW) are announcing a significant collaboration covering edge compute, networking, and security. VMware and Lumen Technologies, or simply Lumen, are taking their current partnership further with the agreement for Lumen to deliver edge services using integrated VMware technologies. This collaboration will help enterprises expand across data center, cloud and edge, moving business applications that require low latency and efficient localization closer to digital interactions. At VMworld, Lumen and VMware will be presenting:

  • How Lumen can migrate and manage workloads across a range of VMware technologies.
  • Lumen’s edge computing solutions, and how enterprise customers can rely on a consistent experience across a range of hybrid cloud venues, including the VMware Cloud.
  • Lumen’s portfolio of solutions built on and integrated with the VMware Cloud Foundation, allowing companies to deploy business innovations with single-digit millisecond latency to over 2,200 public data centers and more than 170,000 on-fiber enterprise locations across the globe.

“In talking with our customers about their digital business initiatives, it comes up time and time again how important it is to support their applications at the edge, where latency matters and enabling performance, and geographical and security compliance is critical,” said Shaun Andrews, Lumen Chief Marketing Officer. “We believe customers can benefit tremendously from the combination of Lumen’s edge compute, network and IT services and VMware’s software to bring technology solutions closer, within milliseconds, of the digital interaction. Together we’re helping businesses acquire, analyze and act upon their enterprise data to enable amazing outcomes across a range of industries and transformed business models.”

Utilizing the VMware SD-WAN by VeloCloud solution and the recently announced VMware SASE Platform, Lumen would have the ability to integrate VMware SD-WAN, VMware Workspace ONE and VMware Carbon Black to deliver a “Work from Anywhere” solution on their global edge infrastructure to create thin-branch solutions for businesses of all sizes across a variety of industries.

Lumen will also be able to develop edge computing services for enterprises to develop new digital services using VMware Tanzu so applications can run consistently from the data center to the cloud to the edge, leveraging the Lumen network. The reach of Lumen’s distributed edge computing sites will also improve application performance with quicker access to multi-cloud environments.

“The combined capabilities of Lumen and VMware will empower organizations to take on the next phase of digital business,” said Rajiv Ramaswami, chief operating officer, products and cloud services, VMware. “We are helping customers take advantage of holistic solutions that support the people, processes, apps, and data that power business.”

Earlier in September, Lumen was launched with the core purpose of furthering human progress through technology. To address the immense challenges in fully realizing the promises of the 4th Industrial Revolution, Lumen enables digital businesses across a range of industries to acquire, analyze and act on data.

Key Facts:

  • Lumen is a VMware Principal Partner and is VMware Cloud Verified.
  • Lumen Private Cloud on VMware Cloud Foundation™ is Lumen’s managed private cloud service, built on VMware Cloud Foundation, available in 100+ of Lumen edge computing locations.
  • Lumen provides fiber-based networking connectivity and managed solutions, with a service portfolio that spans content delivery, cybersecurity, and cloud collaboration.

Additional Resources:

About VMware

VMware software powers the world’s complex digital infrastructure. The company’s cloud, app modernization, networking, security, and digital workspace offerings help customers deliver any application on any cloud across any device. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough technology innovations to its global impact. For more information, please visit https://www.vmware.com/company.html.

About Lumen

Lumen is guided by our belief that humanity is at its best when technology advances the way we live and work. With approximately 450,000 route fiber miles and serving customers in more than 60 countries, we deliver the fastest, most secure global platform for applications and data to help businesses, government and communities deliver amazing experiences. Learn more about Lumen’s network, edge cloud, security and communication and collaboration solutions and our purpose to further human progress through technology at news.Lumen.com, LinkedIn: /Lumentechnologies, Twitter: @Lumentechco, Facebook: /Lumentechnologies, Instagram: @Lumentechnologies and YouTube: /Lumentechnologies. Lumen and Lumen Technologies are registered trademarks of Lumen Technologies, LLC in the United States. Lumen Technologies, LLC is a wholly-owned affiliate of CenturyLink, Inc.

* The Lumen brand was launched on September 14, 2020. As a result, CenturyLink, Inc. is referred to as Lumen Technologies, or simply Lumen. The legal name CenturyLink, Inc. is expected to be formally changed to Lumen Technologies, Inc. upon the completion of all applicable requirements.

VMware, Tanzu, VeloCloud, Workspace ONE, VMworld, VMware Cloud, VMware SD-WAN, VMware SASE Platform, VMware Cloud Foundation, and VMware Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

Forward-Looking Statements

Except for historical and factual information, the matters set forth in this release identified by words such as “will,” “expects,” “believes,” and similar expressions are forward-looking statements as defined by the federal securities laws, and are subject to the “safe harbor” protections thereunder. These forward-looking statements are not guarantees of future results and are based on current expectations only, and are subject to various uncertainties. Actual events and results may differ materially from those anticipated by us in those statements for several reasons. We may change our intentions or plans discussed in our forward-looking statements without notice at any time and for any reason.

The post Lumen Teams With VMware to Expand Edge Compute Capabilities for the 4th Industrial Revolution appeared first on Cybersecurity Insiders.


September 29, 2020 at 09:09PM

Cybersecurity firm offers official Ransomware Negotiation Service

While FBI is urging ransomware victims not to pay any ransom to hackers as it encourages crime, a Cybersecurity firm from Virginia says that it will offer a ransomware consultation and negotiation service on an official note to deal with a situation.

GroupSense, a threat intelligence company based in Arlington County of VA is offering a service package for ransomware victimized companies that facilitates negotiations with actors.

Therefore, those whose data has been locked up from access with the file encrypting malware can approach this firm that has the potential to resolve the issue. On an additional note, it also arranges for the wipe-out of ex-filtrated data to cut down the cyber risks associated with the data thefts.

Furthermore, GroupSense also offers other services that are related to ransomware attacks and that includes evaluation of the attack, construction of post attack remediation, executive support who helps the victim by connecting them to the support technology and legal counseling along with the claim talks if the victim is covered by an insurance company.

If the said services doesn’t satiate the needs of the victim. GroupSense will also offer public relation services and execution in real-time along with communications with clients, stakeholders, employees and customers.

Note- In November 2019, the Federal Bureau of Investigation(FBI) has released a press statement, and it urges the ransomware victims not to pay any ransom to hackers as it encourages crime and also doesn’t guaranty an exchange of decryption key for sure as soon as the hacker receives the demanded amount. However, in Feb’20, a second request put forward by the federal agency says that the victim should analyze the situation first and then pay or not to pay the ransom.

The post Cybersecurity firm offers official Ransomware Negotiation Service appeared first on Cybersecurity Insiders.


September 29, 2020 at 08:36PM

Monday, September 28, 2020

French shipping giant CMA CGM hit by a Cyber Attack

France-based container shipping company CMA CGM has finally joined the list of the Maritime companies that have been hit by a cyber attack, as the sea-line transporter released a statement on Monday stating that it became a victim of a cyber attack at the end of last week.

The other 3 companies that have been hit by a cyber attack are

a.) APM Maersk– hit by NotPetya ransomware in 2017.

b.) COSCO again hit by ransomware in July 2018.

c.) And MSC aka Mediterranean Shipping Company that was targeted by a malware strain in April 2020.

The website of cmacgm-group.com was also disrupted for few hours because of the cyber attack suspected to be of ransomware genre, but was brought back to life within no time- all thanks to an efficient business continuity plan.

CMA CGM says that the customer operations such as booking freight will be available with no interruption. However, the backend digital administration will witness a downtime for two days.

Note- The Acronym for CMA CGM is Compagnie Maritime d’Affretement (CMA) and Compagnie Generale Maritime (CGM) and that translates to ‘Maritime Freighting Company and General Maritime Company. The company is a leader among the shipping logistics companies as it uses over 200 shipping routes to transport goods to around 420 ports in 150 different countries via its 445 fleet vessels.

The post French shipping giant CMA CGM hit by a Cyber Attack appeared first on Cybersecurity Insiders.


September 29, 2020 at 10:34AM

Massive Ransomware Attack targets UHS in US and UK

The Universal Health Services shortly known as UHS was targeted by a massive cyber attack touted to be of ransomware genre and sources say that the incident disrupted the patient care on a severe note, as the authorities resorted to activities such as redirecting ambulances and patients to other nearby hospitals because of the unexpected digital downtime.

Those patients who are not on critical support are been given care through manual prescriptions in the hospital premises and those critical are been shifted to other facilities.

On an overall note, most of the hospitals in the 400+ network chain have been impacted, and that includes those operating in California, Florida, Texas, Arizona, Washington DC and Chicago.

With a staff of over 90,000 employees, The Universal Health Services is one of the largest medical facilities in the Western region of the globe as it treats over 3.9 million patients per year.

Highly placed sources say that the hospital network was hit by the RYUK Ransomware on Friday last week and add that the malware could have been circulated through an email phishing campaign.

IT staff of UHS assured that no patient or staff information was accessed or copied in the incident, and the malware spread was contained before any untoward incident could take place.

Details about the ransom demand note are being kept under wraps for the media. But a source from UHS reported on the condition of anonymity that the ransom demand note is reading “Shadow of the Universe” and is seen demanding $2 million for the decryption key.

Note- As per a statement released by Cybersecurity Firm CrowdStrike, Ryuk is linked with a Russian hacking group named Wizard Spider and has so far struck two shipping giants- Pitney Bowes and the US Coast Guard.

The post Massive Ransomware Attack targets UHS in US and UK appeared first on Cybersecurity Insiders.


September 29, 2020 at 10:32AM

McAfee Announces Filing of Registration Statement for Proposed Initial Public Offering

SAN JOSE, Calif.–(BUSINESS WIRE)–McAfee Corp. (“McAfee”), the device-to-cloud cybersecurity company, today announced it has publicly filed a registration statement on Form S-1 with the U.S. Securities and Exchange Commission (“SEC”) relating to a proposed initial public offering of its Class A common stock. The number of shares to be offered and the price range for the proposed offering have not yet been determined. McAfee has applied to list its Class A common stock on Nasdaq under the ticker symbol “MCFE.”

Morgan Stanley and Goldman Sachs & Co. LLC are acting as lead book-running managers and representatives of the underwriters for the offering. TPG Capital BD, LLC, BofA Securities, Citigroup, RBC Capital Markets, Deutsche Bank Securities, UBS Investment Bank, HSBC and Mizuho Securities will also serve as joint-bookrunning managers for the proposed offering. Evercore ISI, Piper Sandler and Stifel are acting as co-managers for the offering.

The proposed offering will be made only by means of a prospectus. Once available, a copy of the preliminary prospectus related to the offering may be obtained from Morgan Stanley & Co. LLC, Attention: Prospectus Department, 180 Varick Street, 2nd Floor, New York, NY 10014 or Goldman Sachs & Co. LLC, Attention: Prospectus Department, 200 West Street, New York, New York 10282, telephone: 1-866-471-2526, facsimile: 212-902-9316 or by emailing prospectus-ny@ny.email.gs.com.

A registration statement on Form S-1 relating to the proposed offering has been filed with the SEC but has not yet become effective. These securities may not be sold, nor may offers to buy be accepted, prior to the time the registration statement becomes effective.

This press release does not constitute an offer to sell or the solicitation of an offer to buy these securities, nor shall there be any sale of these securities in any state or jurisdiction in which such offer, solicitation or sale would be unlawful prior to registration or qualification under the securities laws of any such state or jurisdiction. The offering is subject to market conditions, and there can be no assurance as to whether or when the offering may be completed, or as to the actual size or terms of the offering.

About McAfee

McAfee is the device-to-cloud cybersecurity company. Inspired by the power of working together, McAfee creates consumer and business solutions that make the world a safer place.

The post McAfee Announces Filing of Registration Statement for Proposed Initial Public Offering appeared first on Cybersecurity Insiders.


September 29, 2020 at 09:08AM

Stories from the SOC – Cloud and On-site Protection

This blog was jointly authored by Josue Gomez
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.
Executive Summary
One of the benefits of having your managed detection and response (MDR) service managed by AT&T Cybersecurity is the visibility into threats from a large number of customers of all sizes and across different industries.  This allows the team to take what they learn from one customer and apply it to another.  Our security operation center (SOC) analysts were able to use an OTX alarm and an AWS correlation rule to discover open ports on public facing servers for two different customers in 24 hours.
Investigation
Initial Alarm Review
Indicators of Compromise (IOCs)
In a 24-hour period the AT&T…

Edwardo Rodriguez Posted by:

Edwardo Rodriguez

Read full post

      

The post Stories from the SOC – Cloud and On-site Protection appeared first on Cybersecurity Insiders.


September 28, 2020 at 09:10PM

HSB Total Cyber™ Adds New Coverages for Small and Mid-Size Businesses

HARTFORD, Conn.–(BUSINESS WIRE)–HSB Total Cyber™, which provides cyber insurance and loss prevention services for small and mid-size businesses, has been expanded with new coverages for computer attacks, data system upgrades, and system failures from unintentional computer outages, HSB announced today.

As new cyber threats emerge, HSB Total Cyber™ coverage has been expanded with several new coverages, including:

  • System Failure for business income loss resulting from unintentional computer system outages, not from a computer attack, lasting more than eight hours.
  • Future Loss Avoidance for improvements to a customer’s computer system following an attack to help prevent future losses.
  • Computer Fraud resulting in payments being misdirected

“The loss of essential business information and systems can result in financial loss and even ruin,” said Timothy Zeilman, vice president for HSB, part of Munich Re. “Data security is critical, and every business should keep up with the latest protections for evolving cyber risks.”

HSB Total Cyber,™ available to U.S.-based small and mid-size businesses through independent insurance agents and brokers, helps pay the costs to prevent, investigate, defend and recover from cyber-attacks, extortion, fraud and other cyber-crimes.

The coverage provides a range of free or discounted legal and technical loss prevention services, including consulting on cyber risks, cybersecurity improvements, employee training, and compliance resources to help meet contract and regulatory obligations.

HSB Total Cyber™ claims service is provided by an experienced team and is strengthened by partnerships with industry-recognized legal, forensic and cybersecurity organizations, offering 24/7 response to cyber events such as data breach, identity theft and computer attacks.

Hartford Steam Boiler (HSB)

HSB, part of Munich Re, is a multi-line specialty insurer and provider of inspection, risk management and IoT technology services. HSB insurance offerings include equipment breakdown, cyber risk, specialty liability and other coverages. HSB blends its engineering expertise, technology and data to craft inventive insurance and service solutions for existing and emerging risks posed by technological change. Throughout its 150-year history HSB’s mission has been to help clients prevent loss, advance sustainable use of energy and build deeper relationships that benefit business, public institutions and consumers. HSB holds A.M. Best Company’s highest financial rating, A++ (Superior). For more information, visit www.hsb.com and connect on LinkedIn, Twitter and Facebook.

Munich Re

Munich Re is one of the world’s leading providers of reinsurance, primary insurance and insurance-related risk solutions. The group consists of the reinsurance and ERGO business segments, as well as the capital investment company MEAG. Munich Re is globally active and operates in all lines of the insurance business. Since it was founded in 1880, Munich Re has been known for its unrivalled risk-related expertise and its sound financial position. It offers customers financial protection when faced with exceptional levels of damage – from the 1906 San Francisco earthquake through to the 2019 Pacific typhoon season. Munich Re possesses outstanding innovative strength, which enables it to also provide coverage for extraordinary risks such as rocket launches, renewable energies, cyberattacks, or pandemics. The company is playing a key role in driving forward the digital transformation of the insurance industry, and in doing so has further expanded its ability to assess risks and the range of services that it offers. Its tailor-made solutions and close proximity to its customers make Munich Re one of the world’s most sought-after risk partners for businesses, institutions, and private individuals.

The post HSB Total Cyber™ Adds New Coverages for Small and Mid-Size Businesses appeared first on Cybersecurity Insiders.


September 28, 2020 at 09:09PM