FireSale HackBoy

Knowledge Shared By FireSale HackBoy...

Hacking

The Art Of Exploitation...

Ethical Hacking

Security Experts...Same Techniques To Make Hacker's Stuff Useless.

Black Hat Hacking

Dark Side Of Hacking... In Short Destruction Of Cyber Stuff.

Digital Stuff

All The Digital Stuff Is Under The Influence Of Cyber Attacks... Be Safe

Wednesday, January 31, 2024

Can cyber attacks cause societal panic in America

Can a cyber-attack induce societal panic in the United States? According to Jen Easterly, the Director of the Cybersecurity and Infrastructure Agency (CISA), the answer is yes. Easterly suggests that China has the capability to execute such attacks, potentially causing widespread panic among the American populace.

Easterly underscores the threat posed by ransomware attacks, emphasizing their capacity to instill fear and concern among citizens. She stresses the need for heightened vigilance within the entire business community to address these evolving cyber threats.

Making a startling revelation, Easterly discloses that the Chinese federation has the potential to launch assaults on national infrastructure, posing a serious risk of disrupting the entire government’s functionality, particularly during the preparations for the November 2024 US Elections.

Highlighting China’s capabilities, Easterly points out that Beijing could target power facilities, nuclear systems, water supply systems, and even oil supply. Such an occurrence could potentially trigger widespread panic among the American population.

Despite these concerns, the United States remains resilient and prepared to face such threats. The country has implemented proactive security measures, and the Pentagon is equipped to conduct espionage on adversaries, neutralizing state-funded cyber attacks in advance.

Moreover, the Department of Justice has granted authorization for the cyber arms of law enforcement to eliminate malicious files from government routers infected during a cybercrime group’s operation known as Volt Typhoon, associated with Chinese hacking activities.

Recognizing the collective responsibility in cybersecurity, businesses—whether public or private—are urged to play a crucial role in supporting the Biden administration. Strengthening their security measures, particularly endpoint security adopted by Small and Medium-sized Businesses (SMBs), can contribute to securing national networks on a broader scale through automated solutions.

The post Can cyber attacks cause societal panic in America appeared first on Cybersecurity Insiders.


February 01, 2024 at 11:03AM

Change Your Password Day: Navigating the Shift Towards a Passwordless Future

The growth of our digital footprints has resulted in concerns about online identity security. Traditional passwords systems have become outdated, creating fertile ground for increasingly sophisticated cyber threats. On this Change Your Password Day, we should not only change our passwords but also investigate the very essence of digital security.

Just think of how annoying it is to see ‘Login Failed.’ It is a message many people have seen too often and shows the system does not meet the needs for modern security. People not wanting too many passwords is the cause of some of the biggest security breaches to date, and change must happen.

Protecting users in the present

When looking at protecting themselves, organisations need to ensure they are acting in the here and now. Adam Marrè from Arctic Wolf who serves as Chief Information Security Officer highlights that while “passwords are the lifeblood of our online persona; we need to take them seriously to protect ourselves from the threat of cybercrime.” He highly recommends organisations have strong password management practices, including regular updates to passwords and ensuring they “don’t consist of words or phrases that can be associated directly with you, your interests or family.”

At the same time Marrè observes that, while people should use unique passwords for every account, “we must turn on two-factor authentication if it’s available.” He adds, “with so many passwords to keep track of, password discipline is difficult.”

David Warburton, Director, F5 Labs agrees with this advice, but with the caveat that, “while multi-factor authentication is still strongly recommended wherever possible, the vast number of tricks attackers have at their disposal means it is far from the unbreakable security control it was once was.” He states businesses need, “solutions that directly disrupt attacker ROI and that can curate and analyse network, device, and environmental telemetry signals across data centres, clouds, and architectures. By modelling threat intelligence across similar attack profiles and risk surfaces, affected organisations can autonomously deploy appropriate countermeasures.”

Our present security practices conceal more danger than meets the eye according to Andy Thompson, Offensive Research Evangelist at CyberArk Labs. “Simply putting strong passwords in place is no longer good enough. In fact, no matter how strong your password is, if a threat actor gets a hold of a cookie, none of it matters,” he explains. “Instead, we need a mechanism that mandates users to frequently change their credentials. And, each time, this mechanism must require strong, unique passwords, not iterative Password1, Password2 changes.”

Paul Anderson, VP UK & Ireland at Fortinet, concludes, “no single organisation can combat cybercrime alone, even with the most effective technologies and skilled security professionals in place. Having strong passwords is a way to prevent threats from entering networks, while regularly changing passwords to ensure data is protected demonstrates how everyone in a business has a part to play to maintain security.”

The future of passwordless 

While protecting ourselves in the here and now is vital, organisations also need to look to the future. But what does that future look like? According to Ping Identity’s General Manager, EMEA, Paul Inglis, with backing from industry giants like Google and Amazon, “the momentum behind passwordless authentication is undeniable and many enterprise organisations are already on this digital transformation journey.”

Frederik Mennes, Director Product Management & Business Strategy at OneSpan, adds, “Upholding the integrity of your digital identity should be a top priority. This starts with passwordless protection which emerges as a viable alternative for securing critical systems that store sensitive data, providing defence against evolving threats by eliminating vulnerabilities associated with traditional passwords.”

A beacon of hope, according to Inglis, passwordless authentication is, “a paradigm shift to enhance security and user convenience significantly.” With Ping Identity research revealing that 59% of UK consumers would switch to a different brand or service that offered them passwordless as a means of logging in. According to Inglis, “this change will fundamentally reduce fraud and give consumers more security to freely navigate the digital world without fear of scams.”

The transition to passwordless then, is not just about throwing away passwords; rather it is a transformative step towards secure, open-ended and low-friction digital identity.

Final thoughts

Digital security has reached a tipping point this Change Your Password Day. Passwordless authentication provides a sneak preview on what secure future digital identities will look like and, although the adoption of passwordless technologies is still in its infancy, it’s indicative of changing perceptions about what it means to be safe in an increasingly web-based environment.

In conclusion, Change Your Password Day must be more than a cursory nod to security – it must be a clarion call for systemic change. As we await further contributions from industry experts, let us pivot towards embracing these emerging technologies, all the while maintaining vigilant, robust security practices. This is not just a step but a leap towards a future where our digital lives are as protected as they are connected – a future where our security is not just reactive, but proactive, comprehensive, and deeply integrated into the fabric of our digital existence.

The post Change Your Password Day: Navigating the Shift Towards a Passwordless Future appeared first on Cybersecurity Insiders.


January 31, 2024 at 09:39PM

Orange Espana data breach leads to more ransomware attacks

Orange España, the second-largest mobile operator in Spain, fell victim to a cyber-attack earlier this month, resulting in a disruption of mobile services lasting over three hours. Subsequent investigations by a group of security researchers unveiled that the assailants, identified as the hacking group “Snow,” successfully breached Orange España’s RIPE Network Coordination Centre. This intrusion led to configuration errors in the public key infrastructure and border gateway protocol.

In the aftermath, a study conducted by Resecurity uncovered that the cyber-attack also resulted in the compromise of credentials for more than 1572 computer networks. Among the affected entities were a Kenya-based IT firm, a sizable IT firm in Azerbaijan, and a multinational data center in Africa.

The attackers executed a password theft campaign by deploying data-stealing malware such as Lumma, Azorult, Vidar, Redline, and Taurus within the organizational networks. These malicious programs targeted credentials used by data center administrators, ISP engineers, telecom administrators, network engineers, IT managers, and technology outsourcing companies.

Such network compromises often pave the way for ransomware attacks and the unauthorized extraction of intellectual property.

Typically, threat actors either sell the pilfered data for $10 each or collaborate with other cybercriminals to profit from activities like phishing attacks. Notably, Orange España had previously disclosed details of the Aadhaar data breach affecting over 850 million Indian citizens in October 2023.

In response to these escalating cybersecurity challenges, Resecurity has initiated a partnership with Cybercrime Atlas to combat global cybercrime networks. This collaboration, announced at the World Economic Forum’s Center, involves expertise from more than 40 public and private entities working together to provide technical support for this groundbreaking project.

The post Orange Espana data breach leads to more ransomware attacks appeared first on Cybersecurity Insiders.


January 31, 2024 at 08:33PM

Tuesday, January 30, 2024

Precision in Action: A Guide to Handling Cybersecurity Incidents

In an era dominated by digital connectivity, the importance of robust cybersecurity cannot be overstated. As organizations navigate the complex landscape of cyber threats, having a precise and effective response plan for handling cybersecurity incidents is crucial. This article provides a comprehensive guide on how to handle cybersecurity incidents with precision, ensuring swift and strategic action in the face of evolving cyber threats.

1. Preparation: Before an incident occurs, thorough preparation is key. This involves creating a detailed incident response plan that outlines the roles and responsibilities of each team member, communication protocols, and steps for escalation. Regularly update and test this plan to ensure it remains relevant and effective in addressing new and emerging threats.

2. Detection and Identification: Early detection is critical in minimizing the impact of a cybersecurity incident. Implement advanced threat detection tools and establish a system for continuous monitoring of network activities. Automated alerts and anomaly detection can help in identifying potential threats promptly. Once detected, swiftly identify the nature and scope of the incident to inform subsequent response actions.

3. Isolation and Containment: Upon identifying a cybersecurity incident, isolate affected systems to prevent further spread. This may involve taking compromised systems offline, segmenting networks, or disabling compromised accounts. Containment measures should be executed promptly to limit the damage and prevent the escalation of the incident.

4. Forensic Analysis: Conduct a thorough forensic analysis to understand the root cause of the incident. Preserve and analyze digital evidence to gather insights into the attacker’s tactics, techniques, and procedures. This information is invaluable for strengthening security measures and preventing future incidents.

5. Communication: Transparent and timely communication is crucial during a cybersecurity incident. Establish clear communication channels internally and externally. Inform stakeholders, including employees, customers, and regulatory bodies, about the incident’s impact and the steps being taken to address it. Maintaining open lines of communication builds trust and reinforces your commitment to resolving the situation.

6. Remediation: Develop and implement a remediation plan based on the findings of the forensic analysis. This may involve patching vulnerabilities, updating security protocols, or re-configuring systems. The goal is to eliminate the root cause of the incident and fortify the organization’s defenses against similar future threats.

7. Recovery: Once the incident is contained and remediated, focus on restoring normal operations. Prioritize critical systems and services, ensuring that they are brought back online securely. Monitor the restored environment for any signs of residual threats and conduct thorough testing to validate the effectiveness of the recovery efforts.

8. Post-Incident Analysis: Conclude the incident response process with a comprehensive post-incident analysis. Evaluate the effectiveness of the response plan, identify areas for improvement, and document lessons learned. Use this information to enhance the organization’s overall cybersecurity posture and readiness for future incidents.

Conclusion:

Handling cybersecurity incidents with precision requires a proactive and well-coordinated approach. By investing in preparation, detection, containment, and recovery processes, organizations can navigate the evolving threat landscape with confidence. Regularly updating incident response plans and staying informed about emerging cyber threats ensures that your cybersecurity measures remain effective and adaptive in the face of ever-changing challenges.

The post Precision in Action: A Guide to Handling Cybersecurity Incidents appeared first on Cybersecurity Insiders.


January 31, 2024 at 10:49AM

Australian companies breach no ransomware payment policy

In response to the surge in ransomware attacks over the last couple of years, the Australian government introduced legislation in 2022 prohibiting companies from making ransom payments.

Despite this prohibition, a recent survey conducted by Cohesity, a firm specializing in AI-backed data security and management services, revealed that almost 60% of respondents acknowledged opting to pay hackers’ ransom demands. Their rationale centered on the ease of data recovery and the substantial reduction in recovery time and downtime, reaching nearly 95%.

Surprisingly, the study found that 77% of the 300 participants admitted their organizations had fallen victim to file-encrypting malware, and the situation is anticipated to worsen in 2024.

Cybercriminals demonstrate no preference for the size or scope of targeted companies, as they target both large and small enterprises with the primary goal of maximizing financial gains.

Remarkably, only 4% of respondents stated that their organizations were incapable of recovering from a cyber incident within a three-day timeframe. The majority, however, conceded that their assets remained unrecoverable unless a ransom was paid to the perpetrators of the malware.

The implications of the study underscore the imperative for Chief Information Officers (CIOs) and Chief Technology Officers (CTOs) to be well-versed in the dos and don’ts during and after a cyber attack. Failure to comply with government-mandated rules may result in legal consequences.

While some security experts argue that paying a ransom is financially justifiable when considering recovery and downtime costs during a cyber incident, there remains a crucial caveat. The scenario arises when hackers, after receiving payment, claim to have deleted stolen data only to later threaten victims with a potential data spill in the future. This raises questions about the efficacy and reliability of ransom payments as a guaranteed solution.

The post Australian companies breach no ransomware payment policy appeared first on Cybersecurity Insiders.


January 31, 2024 at 10:46AM

Aembit Announces New Workload IAM Integration with CrowdStrike to Help Enterprises Secure Workload-to-Workload Access

Aembit, the Workload Identity and Access Management (IAM) platform that enables DevOps and security teams to discover, manage, enforce and audit access between workloads, today announced the availability of a new integration with the industry-leading CrowdStrike Falcon® platform to give enterprises the ability to dynamically manage and enforce conditional access policies based on the real-time security posture of their applications and services. This integration signifies a significant leap in Aembit’s mission to empower organizations to apply Zero Trust principles to make workload-to-workload access more secure and manageable. 

Workload IAM transforms enterprise security by securing workload-to-workload access through policy-driven, identity-based, and secretless access controls, moving away from the legacy unmanaged, secrets-based approach. 

Through this partnership, the Aembit Workload IAM solution checks to see if a CrowdStrike Falcon agent is running on the workload and evaluates its real-time security posture to drive workload access decisions to applications and data. With this approach, now enterprises can protect their workloads from unauthorized access, even against the backdrop of changing conditions and dynamic access requirements. Additional customer benefits from this partnership include:

  • Managed Workload-to-Workload Access: Enforce and manage workload access to other applications, SaaS services, and third-party APIs based on identity and policy set by the security team, driving down risk.
  • Seamless Deployment: Drive consolidation by effortlessly integrating the Aembit Workload IAM Platform with the Falcon platform in a few clicks, providing a unified experience for managing workload identities while understanding workload security posture.
  • Zero Trust Security Model: Embrace a Zero Trust approach, ensuring that every access request, regardless of the source, is verified before granting access rights. Aembit’s solution enforces the principle of least privilege based on identity, policy, and workload security posture, minimizing potential security vulnerabilities.
  • Visibility and Monitoring: Gain extensive visibility into workload identities and access permissions, enabling swift detection and response to potential security threats. Monitor and audit access logs based on identity for comprehensive security oversight.

This industry-first collaboration builds on the recent CrowdStrike Falcon Fund strategic investment in Aembit, underscoring the global cybersecurity leader’s commitment to fostering innovation within the space. The investment reflects the recognition of the growing demands for securing workload access.

Aembit Workload IAM is available in the CrowdStrike Marketplace, a one-stop destination and world-class ecosystem of third party products. See more here

Supporting Quotes:

“Today’s attacks are increasingly identity-based, which is why enforcing identity-protection across the enterprise at every layer is critical for modern security. The CrowdStrike Falcon platform is rapidly becoming the center of cybersecurity’s ecosystem. This integration with Aembit enables organizations to secure machine identities as part of a holistic approach to security.” said Daniel Bernard, chief business officer at CrowdStrike.

“The launch of the Aembit Workload IAM Platform on the CrowdStrike Marketplace represents a significant advancement in our joint mission to securely manage workload-to-workload access,” said David Goldschlag, CEO and co-founder at Aembit.

“We are excited to bring the power of Aembit’s Workload IAM to the CrowdStrike Marketplace. This collaboration enables us to deliver Zero Trust for workload access in a way that simplifies and automates the evolving security challenges faced by DevOps and DevSecOps teams,” said Apurva Dave, CMO at Aembit.

The post Aembit Announces New Workload IAM Integration with CrowdStrike to Help Enterprises Secure Workload-to-Workload Access appeared first on Cybersecurity Insiders.


January 30, 2024 at 06:47PM

Cybersecurity concerns rise with Elon Musk Telepathy Neuralink technology

Elon Musk’s company, Neuralink, has achieved a remarkable feat in replacing human brains with computer chips, allowing individuals to control electronic devices through neural signals, eliminating the need for physical movement. This breakthrough holds significant promise for those with permanent paralysis, akin to the renowned physicist Stephen Hawking.

Despite the groundbreaking nature of this technological leap, concerns are burgeoning among Musk’s critics, especially on platforms like Twitter and Telegram. Some argue that manipulating the intricacies of the human brain in this manner poses ethical dilemmas and potential dangers to humanity.

In December 2023, Neuralink, a venture funded by Tesla’s owner, obtained approval to conduct human trials for their Telepathy technology. This innovative system involves implanting a computerized chip in place of a human brain, featuring an AI interface that allows users to seamlessly control nearby computers, tablets, and other digitally connected devices through mere thought.

While Telepathy seems like a boon for individuals with physical limitations, cybersecurity experts caution about the potential vulnerabilities associated with such advanced technology. They argue that the silicon wafers used in the chips could be susceptible to manipulation, enabling unauthorized control over networks of smart gadgets.

The procedure involves a surgical process where a small portion of the skull is removed to accommodate the computer chip with flexible threads as connectors. These threads establish a connection with the brain, enabling the chip to interpret and execute the user’s thoughts, ultimately controlling nearby devices. After the surgery, the incision is carefully stitched, leaving only a discreet scar visible for a brief period.

Despite Neuralink’s late entry into this arena, with companies like Synchron pioneering such programs since 2016, the $155 billion invested by Musk has propelled the technology into the mainstream. The successful experiments involving pig and monkey brains have garnered significant attention and demand.

While Musk emphasizes in taking this technology to next level, skeptics question the focus on adding features rather than implementing robust security solutions. This raises concerns about potential vulnerabilities that hackers might exploit.

As we witness these unprecedented technological advancements, it becomes imperative for individuals and organizations to fortify their IT infrastructure both physically and digitally to safeguard against potential risks.

The post Cybersecurity concerns rise with Elon Musk Telepathy Neuralink technology appeared first on Cybersecurity Insiders.


January 30, 2024 at 04:24PM

Monday, January 29, 2024

Navigating the Digital Frontier: Insights from Leading Experts on Data Privacy Day

Welcome to the world of data privacy, where safeguarding your digital life takes center stage! Every year, on the 28th of January, we celebrate Data Privacy Day – a global initiative dedicated to spreading awareness and championing best practices in privacy and data protection. This international event resonates in the United States, Canada, Nigeria, Israel, and across 47 European countries.

The roots of Data Privacy Day can be traced back to the European Data Protection Day, marking the historic signing of Convention 108 on January 28, 1981 – the first-ever international treaty addressing privacy and data protection. Fast forward to 2009, when the U.S. House of Representatives and the Senate officially recognized National Data Privacy Day. More recently, in 2023, the National Cybersecurity Alliance extended the celebration into Data Privacy Week, themed “Take Control of Your Data.”

Beyond the festivities, Data Privacy Day and Week serve as dynamic platforms for collaboration and education. These events cover various topics, from webinars and workshops to panel discussions, including data privacy laws, security tips, ethics, innovation, and trust. Emphasizing individuals’ proactive role in securing their data, these initiatives encourage us all to make informed decisions, adjust privacy settings, and navigate the digital landscape responsibly. After all, data privacy isn’t just a right – it’s a shared responsibility for every internet user. So, let’s embark on this journey to empower ourselves and shape a more secure online world!

Terry Storrar, Managing Director, Leaseweb

“In recent years, cloud trends have changed significantly – from the initial gold rush to the cloud and the additional push during the pandemic to the cloud repatriation we’ve been seeing more recently. However, although people are continuing to change how and to what extent they are utilizing cloud technologies, one thing is certain: the cloud is continuing to grow. In fact, this year, global spending on cloud computing infrastructure is forecasted to exceed $1 trillion for the first time.

“With this uptake, the priority for 2024 needs to be ensuring that the data held within – and transferred between – these platforms is secure. Thankfully, there are many things businesses can do to ensure a comprehensive data recovery program is in place. For example, by choosing a trusted hosting provider, customers can gain access to 24/7 security-related support services, standard security training for all employees, and robust disaster recovery solutions.

“In an age where the risks of data loss are broad and in many cases inevitable, it’s essential that organizations make sure they have the right tools to back up and recover quickly and effectively should this take place. Data Protection Day is a great opportunity to take stock of how secure your data is and remember it’s always worth going the extra mile when it comes to putting plans in place before you need to execute them.”

Kevin Cole, director, product and technical marketing, Zerto, an HPE company

“Data is one of the most valuable assets that an organization has. For this Data Privacy Day, it’s critical to consider data protection and recovery as part of any comprehensive privacy strategy. When data is compromised, operations can be halted for extended periods of time, and there is a significant risk of financial loss or brand impact. Protecting both customer and company data should be the top priority for all organizations, especially in light of growing ransomware threats. And yet, shockingly, more than one-third of companies still do not have a well-rounded, holistic ransomware strategy in place, according to a Zerto survey. This is in a digital environment where, as reported by SpyCloud, over 80% of organizations have been impacted by ransomware in the past 12 months. With ransomware attacks on the rise, better data protection is desperately needed.

To address this need, a cyber vault should be an important part of any organization’s data protection plan. Having an isolated data vault containing an untouchable, immutable copy of company data ensures that even during a ransomware attack, a safe data copy will remain. However, vault storage is only one piece of the data protection pie: disaster recovery is also essential to reduce downtime and get organizations back up and running before significant financial consequences are incurred. Combining disaster recovery and cyber recovery together helps ensure data integrity, data protection, and ultimately, data privacy.”

Carl D’Halluin, CTO, Datadobi

“On January 28, we celebrate Data Privacy Day. Initiated in the United States and Canada in 2008 by the National Cyber Security Alliance, its aim is to raise awareness and promote privacy and data protection best practices.

I would say the number one data privacy best practice is pretty simple: make sure you can get the right data to the right place at the right time. Wherever the data is in its lifecycle, it should be protected and only accessible as needed. Of course, this tends to be easier said than done. But, there is perhaps nothing more critical and imperative than implementing the right strategies and technologies to do so. After all, while data is an organization’s most valuable asset (in addition to its people), it also represents its greatest potential risk.

Balancing these two aspects is key. In other words, effective data management enables you to optimize your business intelligence, make faster and smarter decisions, and gain a competitive edge, as well as better meet business requirements such as internal governance and legal mandates, external regulations, and financial obligations and goals.”

Konrad Fellmann, VP, IT Infrastructure & Chief Information Security Officer, Cubic Corporation  

“Data Privacy in 2024 must look at the unique security and privacy considerations for organizations that partner with the public sector. In response to the recent surge in security and privacy mandates within public sector contracts, it is imperative that our security and privacy teams collaborate closely with our contracts department. This joint effort is essential to ensure a comprehensive understanding and assessment of these new requirements, as well as to evaluate the resources needed for compliance. Proactive engagement and deep knowledge of these stipulations will not only streamline contract execution but also optimize both time and financial investments throughout the duration of the contract. Embracing this approach is key to navigating the evolving landscape of public sector agreements with efficiency and expertise.

For our colleagues in the Defense Industrial Base, there is a growing anticipation that the Department of Defense (DoD) might finalize the Cybersecurity Maturity Model Certification (CMMC) 2.0 rule in 2024. Given this potential development, it’s crucial to initiate or advance our compliance assessments against the CMMC framework. Conducting a thorough gap analysis now will position us strategically, ensuring we are fully prepared and compliant when CMMC requirements start being integrated into DoD contracts. This proactive measure is not just about meeting compliance standards; it’s about reinforcing our commitment to cybersecurity excellence and maintaining our competitive edge in the defense sector.

Additionally, when it comes to various U.S. state privacy laws, it becomes evident that one of the key differences among them often lies in the timelines for reporting incidents. It’s my perspective that organizations can effectively navigate the complexity of these varying state regulations by embracing Generally Accepted Privacy Principles (GAPP). Adhering to GAPP can provide a robust framework, enabling compliance with a wide array of state privacy regulations. While the idea of a unified federal privacy standard is appealing for its potential to simplify compliance processes, the uncertainty surrounding its enactment means that for now, leveraging GAPP stands as a practical and comprehensive approach for organizations seeking to meet diverse state requirements in the U.S. data privacy landscape.”

Tom Ammirati, CRO, PlainID

“This year’s theme is ‘take control of your data,’ and the key to that is an organization protecting its data and the applications from cyberattacks. If a bad actor, which can include an employee, has gained access credentials, ensure that they don’t have automatic access to any or all data.

We know now that smart security solutions must be “identity-aware,” but they also call for a smart, dynamic authorization solution. One of the most significant benefits of zero trust is the process of granting an authenticated entity access to resources. Authentication helps ensure that the user accessing a system is who they claim to be; authorization determines what that user has permission to do. Arming your IT team with smart security solutions can be the key difference between a full-blown security incident and a security alert.”

Richard Bird, Chief Security Officer, Traceable AI

“Data privacy faces significant challenges at both consumer and federal levels. Many companies overlook the risks associated with seemingly harmless data, focusing instead on its value for user services and revenue growth. However, the data that is valuable to companies is also valuable to malicious actors, and failing to acknowledge this can lead to devastating lapses in data security.

In addition, companies today have no incentive to honor data privacy. Fines and lawsuit settlements clearly aren’t changing their behaviors or forcing these organizations to be good stewards of their customers’ trust.

Consumers must also exercise caution in oversharing data with companies, approaching privacy settings with a worst-case scenario mindset, as historical patterns reveal companies often neglect user privacy and safety concerns.

In addition, the recent executive order on artificial intelligence by the Biden administration enumerates a laundry list of digital privacy rights that the US government has already shown its inability to protect. This can be seen in incidents like the OPM hack, PPP loan fraud, and IRS refund processing, which raises doubts about the effectiveness of these guidelines and standards.

As we observe Data Privacy Day, let’s turn awareness into action. Advocate for stronger data protection measures, demand transparency from companies, and stay informed about your digital rights. It’s a collective effort to safeguard our privacy in an increasingly interconnected world.”

Dave Hoekstra, Product Evangelist, Calabrio

“Data Privacy Week reminds us of the critical need to protect sensitive information. Dave Hoekstra, Product Evangelist at Calabrio, emphasizes that now more than ever, securing customer-related information—a company’s most valuable assets—is a key strategic initiative.

In the realm of contact centers, where copious amounts of customer information and inquiries are processed, Calabrio places immense care in protecting this data. The commitment extends beyond Calabrio’s operations, as they actively encourage privacy consciousness among their partners. This dedication becomes even more vital in a landscape witnessing a surge in AI integrations.

As we navigate a world increasingly shaped by artificial intelligence, Calabrio’s proactive approach to data privacy meets industry standards and sets a benchmark for fostering trust. By prioritizing privacy consciousness, they can help secure information and contribute to building a foundation of trust in an evolving technological landscape.”

Cris Grossmann, CEO and founder, Beekeeper

“When we celebrate ‘Data Privacy Day,’ we can’t overlook our frontline workforce who don’t traditionally sit behind a computer, yet still need their personal information and sensitive data protected. Frontline industries can tend to depend on outdated processes of communications, ranging from pen and paper to personal text chains that leave workers vulnerable to data leaks. Companies need to prioritize leveraging technology that allows for secure messaging and takes their workers’ privacy into account.

As AI continues to find its way into the workforce, companies need to be mindful of using these tools to empower their workers, not exploit them. A first step employers can take is making sure their tech is GDPR compliant.

Supplying your frontline workers with an updated and secure frontline success system is a crucial step in fostering a culture of trust and security within the organization. By embracing modern technologies that prioritize data privacy, companies not only safeguard sensitive information but also empower frontline workers to perform their roles confidently, knowing that their personal data is handled with the utmost care.”

Steve Moore, Vice President & Chief Security Strategist, Exabeam

“Data Privacy Day presents an opportunity to reflect on the question ‘who is in charge of data privacy, the individuals sharing their data or the organizations in charge of protecting it?’

An individual’s digital identity — their username and password — will always be stolen, traded, sold, and reused. One of the easiest ways for threat actors to conduct these attacks is credential stuffing — where adversaries leverage account information from prior breaches. It’s important that both organizations and individuals understand what these attacks are, and just how prevalent they can.

So, who takes the blame when cyberattackers abuse reused customer passwords but companies don’t push for better hygiene?  While an unsatisfying answer, the liability in these scenarios is often shared across both parties.

A key takeaway here is that companies could, and should, exert more of their own power and security tools to protect customers against increasingly aggressive adversaries. And individuals can make these attempts more difficult just by following best practices like implementing multi-factor authentication (MFA) and not recycling the same passwords.

In the end, high-profile data breaches are only getting more frequent. Data privacy isn’t just a one-day ordeal; it’s a year-round endeavor that requires the participation of both companies and their customers to combat cyber adversaries.”

Or Shoshani, Co-Founder and CEO, Stream.Security

Especially considering the rise of AI-driven social engineering, Data Privacy Day reminds us of the urgency in maintaining our security structure to protect our data both on-prem and in the cloud. 72% of organizations are defaulting to cloud-based services when upgrading their tech. So it’s not surprising that recent surveys show cloud security incidents on the rise with 27% of organizations having experienced a public cloud security incident, up 10% from 2022.

Effectively managing your cloud security processes is the most crucial step in protecting your data. You can successfully prevent threat activity by fine-tuning and enhancing the steps associated with securing your cloud environment. Promote security awareness, follow compliance procedures, and educate yourself and your team to maintain the security of your data with the latest versions of your cloud security tools. Protecting your data in the cloud starts with education and ends with action.

Connie Stack, CEO, Next DLP

“Data privacy has taken on increased importance in the last few years. According to Gartner, by the end of this year, 75% of the world’s population will have its data covered under modern privacy regulations, meaning organizations have a duty – and quickly – to instill compliant procedures, technologies, and culture. Customers will be far more vigilant of how their data is being protected when choosing vendors in the coming years (if they aren’t already). What a vendor does to ensure a potential customer’s sensitive data is appropriately protected will become a key selling point. For these vendors, this means enacting compliant privacy solutions that protect customer data and provide businesses with behavior separate from the users.

What’s more, we’re also seeing intensifying pressure on CISOs to streamline their cybersecurity tools. The adoption of consolidated solutions from major tech companies stems from two primary challenges – the scarcity of skilled cybersecurity professionals and the internal drive for cost efficiency. While this move towards consolidation is becoming a norm, it’s vital to remember that depending on a single solution provider for all security requirements can be risky.

While cost reduction will always be top of mind for executive teams (especially CFOs), organizations should be looking to implement robust Data Loss Prevention (DLP) and Insider Threat Management (IRM) controls, which become essential when consolidating. No organization runs solely on the likes of Microsoft applications, Microsoft file types, and nothing else, for example. In an era where data security and privacy are paramount, DLP and IRM solutions safeguard data regardless of location. By keeping a vigilant eye on data movements and access patterns, these solutions ensure that while the organization benefits from the efficiencies of a streamlined security infrastructure, data privacy requirements are not compromised.”

Kayla Underkoffler, Lead Security Technologist, HackerOne

“Data Privacy Day serves as a reminder that it’s the collective responsibility of businesses, governments, and individuals to protect sensitive data. As cyber threats continue to become more sophisticated and pervasive, we all must stay vigilant and proactive.

This is particularly crucial amidst the whirlwind of excitement around advancements like generative artificial intelligence (AI). As AI simplifies tasks that were previously highly technical, it is imperative humans remain at the center of shaping and monitoring this automation. Without oversight, overreliance on these tools can exacerbate data security and privacy challenges with flawed code and outputs. Basic security hygiene and human-in-the-loop processes help us remain proactive about reducing this risk in new eras of innovation. Basic tenets such as robust patch management, stringent password policies, and meticulous access control are non-negotiable components in safeguarding organizational data.

As we celebrate Data Privacy Day, organizations must remember following the fundamentals of security ensure the protection of data, our resilience against evolving threats, and a safer internet for everyone.”

The post Navigating the Digital Frontier: Insights from Leading Experts on Data Privacy Day appeared first on Cybersecurity Insiders.


January 30, 2024 at 02:18AM

BO Team hackers wipe 2 Peta Bytes Satellite data from Planeta

A hacking group affiliated with the Ukrainian government, known as BO Team, has asserted responsibility for the erasure of data from more than 280 servers connected to Planeta, a Russian meteorological and satellite service provider. Security experts’ preliminary analysis indicates that the compromised information encompassed weather forecasts, climate data, predictions for natural disasters, volcanic monitoring, and the positioning of numerous satellites. Recovery from backups is deemed challenging.

Russia has yet to respond to the incident, currently engrossed in investigating a separate satellite data breach that encompasses intelligence gathering for military, civil aviation, agriculture, maritime activities, and space-related intrusions.

The magnitude of the breach is substantial, with two petabytes, equivalent to over 2000 terabytes, of data eradicated from servers in the far-eastern division of Planeta. Ukraine’s Ministry of Defense has officially acknowledged BO Team as part of its cadre collaborating with government-funded intelligence agencies.

Roscosmos, the parent company of the Russian Centre for Space Hydrometeorology, operating under the name Planeta, issued a statement via Telegram refuting the hackers’ claims, asserting the integrity of their data stored within server farms.

Contradicting this official stance, an anonymous ministerial source revealed that the hack indeed transpired, causing substantial disruptions to the operations of supercomputers, HVAC devices, and power systems. The source disclosed that the wiped data pertained to the Ministry of Defense of the Russian Federation, containing critical information about troop deployments in Ukraine and their planned actions. This information is especially crucial as the conflict with Ukraine, under President Zelensky, approaches its two-year mark after February 23rd, 2024.

It remains unclear whether the cyber-criminals initially copied the data onto their own servers before executing the wipe on the satellite data servers of the Russian Federation.

The post BO Team hackers wipe 2 Peta Bytes Satellite data from Planeta appeared first on Cybersecurity Insiders.


January 29, 2024 at 08:31PM

Sunday, January 28, 2024

Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide

In an era dominated by mobile technology, ensuring the security of consumer mobile devices has become paramount. Various certifications play a crucial role in establishing the trustworthiness of these devices, assuring users that their personal data and digital interactions are safeguarded. This article delves into the key security certifications needed for consumer mobile devices, providing insights into the standards that uphold the integrity and protection of these ubiquitous gadgets.

Common Criteria (CC): Common Criteria (CC) is an international standard for computer security certification. It provides a framework for evaluating the security features and capabilities of IT products, including mobile devices. Mobile manufacturers often seek Common Criteria certification to demonstrate that their devices meet recognized security standards.

Federal Information Processing Standard (FIPS) 140-2: FIPS 140-2, issued by the National Institute of Standards and Technology (NIST), outlines the requirements for cryptographic modules in security systems. For mobile devices, FIPS 140-2 compliance ensures that the cryptographic algorithms employed meet rigorous federal security standards, enhancing the device’s resistance to unauthorized access and data breaches.

Mobile Device Management (MDM) Certifications: Mobile Device Management certifications, such as those from leading providers like VMware or MobileIron, validate that a mobile device management solution adheres to industry best practices. These certifications ensure that the management software used to secure and control mobile devices complies with stringent security measures.

ISO 27001: ISO 27001 is a globally recognized standard for information security management systems. While not specific to mobile devices, its application to the broader information security landscape contributes to a secure ecosystem. Mobile device manufacturers and service providers may leverage ISO 27001 to establish and maintain effective information security management practices.

Trusted Execution Environment (TEE) Certifications: TEE certifications, like GlobalPlatform’s TEE Protection Profile, focus on securing the execution environment of mobile devices. These certifications validate that the device has a secure area, isolated from the regular operating system, to handle sensitive operations like biometric authentication and cryptographic key management.

Conclusion:

As the usage of consumer mobile devices continues to surge, ensuring their security is non-negotiable. Certifications serve as the bedrock of trust, assuring users that their data is handled responsibly and securely. Mobile manufacturers, developers, and service providers should stay abreast of the evolving landscape of security certifications to meet the growing demands for privacy and protection in the digital age. By adopting and promoting these certifications, the mobile industry can contribute to a safer and more secure mobile experience for users worldwide.

The post Essential Security Certifications for Consumer Mobile Devices: A Comprehensive Guide appeared first on Cybersecurity Insiders.


January 29, 2024 at 10:50AM

Data Security concerns make US Cloud Companies impose ban on China AI Training

The Biden Administration, responding to requests from various think tanks, has implemented a ban on the utilization of resources from U.S. Cloud Companies by China for AI training purposes. This mirrors a similar move made by China under the leadership of Xi Jinping since October 2023.

Commerce Secretary Gina Raimondo issued a formal statement, underscoring that U.S.-developed chips will no longer cater to Chinese requests for training their machine learning tools. This decision is rooted in concerns that such collaborations could expose potential vulnerabilities for exploitation by foreign nations and their malicious actors.

To achieve these objectives, the Joe Biden-led government proposed a “Know Your Customer” (KYC) initiative. This requires cloud users to disclose more information about their usage statistics and applications intending to utilize the resources. As part of this scrutiny, all computing power requests linked to China will undergo a review, and suspicious ones will be denied.

Interestingly, the Republican-led government has also imposed a ban on processing chip shipments to countries like Russia, China, and North Korea, citing national security concerns. This move could have far-reaching implications for North America’s diplomatic relations with its international counterparts in the long run.

In response to these restrictions, Russia, under Vladimir Putin’s leadership, has officially declared its intention to develop technology without relying on overseas assistance or technological intervention. This includes using Artificial Intelligence in special military operations, such as those undertaken in Ukraine.

Shifting gears, the start of 2024 brings unsettling news for the job industry, as companies initiate layoffs of in-house workers in the AI tech and talent sector. According to a CNBC report, over 20,000 employees were laid off in the first two weeks of January 2024, particularly in the tech industry. Industry analysts predict that this trend of mass layoffs will intensify in May and October of this year, as major firms seek to innovate in the AI sector. For example, Sundar Pichai-led Google has laid off numerous employees in its Assistant segment, especially in the FitBit section. The company aims to enhance efficiency in certain business areas by replacing manual labor with technology.

The post Data Security concerns make US Cloud Companies impose ban on China AI Training appeared first on Cybersecurity Insiders.


January 29, 2024 at 10:45AM

Friday, January 26, 2024

Generative AI banned by businesses because of data privacy risks

Generative AI has gained widespread adoption globally, finding application in customer service support and supply chain advisory roles. However, a study presented in the Cisco 2024 Data Privacy Benchmark reveals that approximately 27% of organizations have implemented a ban on its usage.

The rationale behind such restrictions is straightforward—concerns over privacy and data security risks. When employees leverage machine learning tools, critical data often needs to be fed into AI systems, raising potential threats to privacy. This could lead to the inadvertent disclosure of sensitive information, including internal processes, employee details, customer information, and project details, posing challenges to legal and intellectual property rights.

Despite these reservations, the utilization of Generative AI can yield significant benefits when data is safeguarded and analyzed in a secure and methodical manner, saving both time and resources.

While skepticism about AI is growing, Google has taken a bold step by unveiling a beta version of its text-to-video generation AI tool named Lumiere. Google’s white paper on the research and development of Lumiere suggests that this innovation could revolutionize web browsing by enabling users to convert text into video content.

Unlike previous tools that generated images from text, Lumiere takes it a step further, allowing the creation of short videos. This raises the question of whether this machine learning tool could pose a threat to YouTubers who regularly produce vlogs with engaging content.

The answer to this question remains uncertain, as the technology is still in its early stages and may require further advancements across various domains. Alphabet Inc., Google’s parent company, has not clarified whether it intends to make this technology publicly available.

A teaser video released by Google on YouTube demonstrates Lumiere’s capabilities in editing videos, showcasing features like color adjustments to clothing and vehicles. The future trajectory of Lumiere and its potential impact on content creators will unfold over time, as the technology evolves and undergoes further development.

The post Generative AI banned by businesses because of data privacy risks appeared first on Cybersecurity Insiders.


January 26, 2024 at 09:59PM

Thursday, January 25, 2024

Controversy Surrounds TFL’s Alleged Data Fraud and Hefty Penalties

Citizens residing in the European Union are facing challenges in settling fines sent by Transport for London (TFL), with penalties ranging from £1000 to £6000 or more. The concern lies not only in the imposed fines but also in the alleged fraudulent acquisition of data and the treatment of London’s visitors as lucrative targets.

Upon delving into the matter, TFL is accused of unlawfully obtaining data concerning millions of drivers from the European Union, issuing penalties to nearly all those who recently visited London. This situation particularly affects individuals traveling from countries like Spain, Belgium, Germany, and the Netherlands, as residents of these regions are required to obtain permission to visit Britain post-Brexit.

Some visitors regard these penalties as a blatant violation of basic human rights, asserting that Ultra Low Emission Zone (ULEZ) fines are being applied without practical violation.

In recent weeks, the Transport authority of London, led by Sadiq Khan, has issued over 316,000 penalty charging notices to visitors arriving in London by vehicle. One such case involves a French driver who received a staggering £25,000 penalty for allegedly violating Low Emission Zone (LEZ) and ULEZ rules while driving a minibus.

According to an exclusive report by The Guardian, more than 100 French drivers and over 60 lorry owners from the Netherlands are contemplating legal action against TFL. They claim that TFL purchased data from Euro Parking Collection centers to impose hefty penalties on vehicles that, despite emitting very low emissions, were deemed non-compliant with ULEZ rules.

A subset of affected individuals argues that penalties were erroneously issued based on 2021 data, even though they had since transitioned to electric vehicles.

In response, Transport for London (TFL) asserts that any instances of wrongly issued notices, if reported promptly, will be addressed through legal channels and rectified accordingly.

The post Controversy Surrounds TFL’s Alleged Data Fraud and Hefty Penalties appeared first on Cybersecurity Insiders.


January 26, 2024 at 11:48AM

Headlines Trending on Google Regarding Recent Cyber Attacks

Kansas City Area Transportation Authority Faces Ransomware Attack on IT Infrastructure

The Kansas City Area Transportation Authority (KCATA) has fallen victim to a digital attack on its IT infrastructure, suspected to be the work of a ransomware spreading gang, according to the latest FBI report. The incident, which began on Monday, has disrupted the organization’s 911 service calls and communication systems. While the full impact is yet to be disclosed, forensic experts are actively investigating, and normal bus services remain unaffected.

Hewlett Packard Enterprise (HPE) Hit by Cyber Attack Attributed to Russian Threat Actor Cozy Bear

HPE has recently confirmed a cyber attack where data was siphoned by hackers, resembling a previous incident in May 2023. The Russian threat actor Cozy Bear, also known as Midnight Blizzard, was identified as the perpetrator, aiming to gather information and pressure the company for ransom. Thanks to a prompt response from HPE’s incident response team, the financial and operational damage was minimized, as reported in the SEC 8-K filing for this month.

SEC Amends Rules for Reporting Cyber Attacks within a 96-Hour Time Frame

The SEC has amended rules requiring companies to report cyber attacks, extending the time frame from 48 to 96 hours, as of the July 2023 update. Businesses falling victim to digital assaults are now obligated to publicly disclose incidents and share information with law enforcement promptly.

Ukrainian Critical Infrastructure Targeted in Cyber Attacks Amid Ongoing Conflict with Russia

The ongoing conflict between Ukraine and Russia takes a digital turn as Russian-backed cyber volunteers, the National Cyber Army, launch distributed denial of service attacks on critical infrastructure. Targets include power infrastructure, oil and gas supplies (Naftogaz), banks (Monobank), postal service (Ukrposhta), and transportation agencies (Ukrzaliznytsia). With leaders on both sides showing hostility towards peace talks, the suffering persists for the affected populations.

Twitter Introduces Passkeys for Enhanced Security, Exclusive to American Users

Social media giant Twitter, known as X, now offers passkeys as an option exclusively for American users, providing an alternative to traditional passwords. This mobile security feature, currently limited to iOS devices, generates passkeys using cryptography. Public keys are stored on service providers’ servers in encrypted form, while private keys remain on the user’s device, connecting for authentication.

Equilend Faces Digital Disruption Following Cyber Attack Amidst Acquisition Announcement

New York-based Equilend experienced a digital disruption initially mistaken for a technical glitch, later revealed to be a cyber attack. This incident coincided with the recent announcement of Equilend’s acquisition by Welsh, Carson, Anderson & Stowe. The Wall Street firm has activated its recovery team to assess the financial implications of the attack.

The post Headlines Trending on Google Regarding Recent Cyber Attacks appeared first on Cybersecurity Insiders.


January 25, 2024 at 08:40PM

Ensuring Data Security in Retail ERP

Retail ERP systems are typically integrated with other key business systems, including eсommerce platforms, procurement and HR software, CRM, and POS tools. This turns them into centralized hubs for retail information, including customer information, payment data, purchase histories, customer preferences, and supply chain data, like information about stock levels and supplier details.

Data security should be one of a retailer’s top business priorities, as it allows them to comply with legal requirements, maintain consumer trust, and avoid reputational and financial losses. A 2023 IBM Security annual report states that the average data breach cost in the retail industry amounted to $2.96 million, and the most common types of compromised information are customer and employee personal identifiable information (PII). That is why, as a business entity, you should always keep in mind that you’re responsible for the security of data you collect.

Below, we enumerate the most common ERP data security issues and provide expert tips on how to protect your retail ERP system.

Common ERP security attacks

Phishing attacks

Phishing remains one of the easiest and most popular methods to get hold of sensitive data like employees’ credentials that allow cybercriminals to enter the corporate ERP system. Such data breaches disrupt operational processes and lead to financial losses.

Cybercriminals send emails that look genuine, pretending to be trusted sources like vendors, customers, or coworkers. These emails typically contain harmful links or files that, when clicked or opened, steal ERP login details or inject malware into the ERP software or the whole IT ecosystem. Hackers can also create fake login pages mimicking the ERP system and trick employees into entering their credentials.

Malware

Cybercriminals may exploit the vulnerabilities and weaknesses of the retail ERP’s security mechanisms to infect the system with malicious software that steals sensitive customer information, financial data, and intellectual property files stored in the system for sale or ransom. In case your ERP system comprises a financial and accounting module, cybercriminals can use malware to initiate fraudulent transactions that lead to financial losses or disrupt the normal functioning of ERP software, causing system downtime and hindering critical business processes.

Insider threats

While data breaches caused by malware or phishing attacks prevail for now, insider threats are slowly but steadily increasing in frequency. There are several types of insider threats:

  • Malicious insiders who aim to steal confidential data from the ERP system and harm the organization.
  • Employees unaware that their credentials have been compromised and used to get hold of valuable data.
  • Employees who accidentally disclose sensitive information due to negligence or lack of security awareness.

7 ways to secure your ERP system

Data security is paramount for retail businesses using ERP systems, as they store sensitive customer information, financial data, and intellectual property. To ensure robust security, retailers should implement various measures, including:

Strong password policies and multifactor authentication

A strong password policy and multifactor authentication are essential to ensuring robust retail ERP security. A strong password policy requires employees to use complex passwords, prohibits the use of one password for multiple accounts, and mandates regular password changes to prevent compromise over time.

MFA is an extra layer of security requiring users to provide more than one form of authentication before accessing the ERP system. For instance, an ERP will first ask for login and password and then require an employee to enter a one-time password sent to their phone or authenticate their identity with biometrics. Multifactor authentication reduces the risk of unauthorized access and helps safeguard retail ERP data even if an employee’s password is compromised.

Network security

Implement network management tools to monitor network activity, detect and prevent suspicious traffic, and restrict access to unauthorized users and devices. These tools provide comprehensive visibility into network health, enabling retailers to identify and address vulnerabilities promptly.

Separation of duties

To reduce the risks of insider threats or other security incidents, consider implementing a separation of duties (SOD) approach. The SOD term describes the practice of appointing more than one person responsible for a task or its completion. For instance, one employee cannot request a fund transfer within an ERP system without the approval of another authorized employee. This practice can significantly reduce the risks of fraud and data breaches in retail ERP.

Continuous monitoring

By continuously monitoring your ERP, you can detect suspicious activities within the system in real time and identify potential malicious insiders by observing and identifying concerning user behavior in the system. Carefully assessing and proactively managing a potential intentional or unintentional insider threat will help prevent possible security breaches and losses of valuable customer or financial information.

Create an incident response plan

A well-defined incident response plan in place will help you swiftly counter a breach or attempted attack and minimize potential damage. Such a plan should outline clear procedures for reporting suspected incidents, provide step-by-step actions on how to contain incidents or identified threats, and describe how to correctly restore affected services and data from backups, minimizing operational disruptions.

Regular security audits and penetration testing

Routine security audits help identify weaknesses in your ERP solution and proactively mitigate them, keeping your ERP and the data stored there safe. Network management tools can also simplify vulnerability scanning and penetration testing, providing valuable insights into system security posture. In particular, we recommend regular vulnerability assessment to identify and eliminate known weaknesses promptly. Retail companies should also conduct periodic penetration testing that simulates real-life cyberattacks and can reveal how effective your ERP security mechanisms are, allowing you to upgrade your ERP security strategy before any data breach occurs.

Regular software updates

Hackers are fast to exploit undiscovered software vulnerabilities, so regardless of whether you have an on-premises or cloud ERP system, it is crucial to update your ERP system or install newly released patches as soon as they are available.

Employee training

Employees in many organizations have a poor understanding of security policies, weak passwords, or total ignorance of cybersecurity attacks, and many of them don’t even realize that their actions can cause cybersecurity issues and place a retail business at risk. This is why retail companies need to invest in cybersecurity training for their employees to teach them to discern popular ERP cyberattacks, like phishing or malware injections.

In conclusion

Whether you are only considering implementing an ERP system into your retail business or have already adopted one, make data security your priority. A solid data security strategy can be expensive and complicated to establish, but the repercussions of sensitive customer or employee data breaches can cost you times more. In case you lack resources or relevant skills to ensure your ERP security, consider hiring third-party experts with experience in retail ERP systems and the security domain.

The post Ensuring Data Security in Retail ERP appeared first on Cybersecurity Insiders.


January 25, 2024 at 07:28PM

Wednesday, January 24, 2024

Facebook and Instagram collect immense data from users

In today’s digital age, nearly one in ten individuals possesses a Facebook account, and a comparable user base is anticipated for Instagram, now under the ownership of Meta, the parent company of Facebook. However, the revelation that these platforms extensively gather user data raises concerns about privacy. A recent study by Surfshark sheds light on this data collection practice.

Interestingly, when compared to its competitors, Twitter, another prominent social media platform, is found to collect relatively less data. Nevertheless, Twitter also engages in data collection, albeit with the aim of enhancing user experience.

According to Surfshark’s report, companies owned by Mark Zuckerberg, namely Facebook and Instagram, stand out by collecting all 32 data points analyzed in the study. This includes personal information such as names, addresses, and phone numbers, which are utilized to track user activity. Additionally, data like geo-location and browsing content contribute to the creation of user profiles, enabling targeted advertising and services.

The question arises as to whether the collected data is shared with third parties or remains secured on the servers. Although many tech giants claim not to share data, there is an underlying reality where data sharing occurs for analytics and marketing purposes.

In general, social networking and messaging platforms collect various data points, such as email addresses used during sign-up and metadata indicating the creation time of photos or data files. Notably, platforms, excluding Telegram, do not collect specific personal information like political and religious beliefs or health-related data.

Address books, call logs, and SMS history are also collected if users opt to upload, sync, or import such data during sign-up. Financial transaction details conducted through the company’s products, like credit or debit card information and CVVs, are collected and safeguarded. Even Twitter engages in this practice, particularly for premium users.

The question then arises: is it prudent to share such critical details?

While companies argue that storing such data streamlines future transactions and allows for targeted advertising, oversharing can lead to issues like information leaks and identity theft, especially in the event of a cyber-attack on the collecting business.

The post Facebook and Instagram collect immense data from users appeared first on Cybersecurity Insiders.


January 25, 2024 at 11:01AM

AI Ransomware Threat to increase in two years says UK GCHQ

The UK’s GCHQ cyber arm, the National Cyber Security Centre (NCSC), is warning of an imminent surge in AI-based ransomware threats over the next two years. The intelligence and security agency of the United Kingdom emphasizes the critical need for businesses to adopt proactive security measures to safeguard their future.

A notable projection from the agency suggests that cybercriminals with low-level competency will increasingly leverage Artificial Intelligence to enhance their endeavors in spreading file-encrypting malware, leading to a threefold increase in financial gains. The advancing technology is anticipated to elevate the success rate of targeting victims, providing criminals with enhanced capabilities to identify and exploit vulnerable devices more effectively, showcasing innovation and sophistication in malware propagation.

NCSC CEO Lindy Cameron assures that the British government is committed to fortifying cybersecurity efforts by investing 2.6 billion pounds. This investment, supported by contributions from private entities engaged in AI development, aims to enhance national cybersecurity resilience through improved detection mechanisms and robust framework design.

Geopolitical tensions, such as the strained relations with Russia due to its support for Ukraine, have intensified the cybersecurity threat landscape. Russia, in its efforts to destabilize the UK, is likely to employ platforms like GenAI to bolster its position in the realm of cybercrime.

To mitigate risks, businesses are strongly advised to adhere to cybersecurity best practices, implementing thorough hygiene measures. Additionally, having a robust data backup system in place is emphasized to ensure efficient data recovery in the event of a cyber incident.

The post AI Ransomware Threat to increase in two years says UK GCHQ appeared first on Cybersecurity Insiders.


January 24, 2024 at 08:27PM

Tuesday, January 23, 2024

Headlines on Trending Cyber Attacks from Google News

Global Sanctions Imposed on Russian-Linked REVIL Ransomware Operator

Governments of Australia, UK, and the United States have jointly sanctioned Alexander Gennadievich, a hacker associated with the Russian-linked REVIL Ransomware group. Gennadievich’s involvement in the Medibank data breach has raised international concerns, as he pilfered and distributed sensitive data, including names, email addresses, contact details, passport information, health claims, and insurance coverage details. The effectiveness of these sanctions on both individuals and criminal organizations remains uncertain.

Trello, a Leading Messaging App, Faces Massive Data Breach
 

Trello, a widely used professional messaging app, has fallen victim to a significant data breach impacting over 15 million users. Hackers have gained unauthorized access to user names, email IDs, full names, and other credentials. While Trello is actively investigating the breach, a portion of the stolen data has surfaced on a hacking forum for sale. Law enforcement and security experts are collaborating to address and mitigate the associated risks.

Privacy Concerns Surround China-Manufactured Biometric Hardware

India and Scotland express apprehensions about the use of Chinese-manufactured biometric attendance systems in government organizations. Concerns center around potential espionage, with fears that servers in Beijing could compromise the security of CCTV cameras and biometric systems deployed in military and defense sectors. Both nations plan a 90-day surveillance period starting February, considering replacements from South Korea if necessary to safeguard sensitive government operations.

UK Faces Controversy Over Smart Electric Meter Billing

Users of smart electric meters in the UK raise alarms over inexplicable billing discrepancies. Reports suggest that some devices may be charging users based on the accounts of geographically distant individuals. Social media platforms witness a surge in complaints, with users demanding immediate government intervention. Some speculate that cyber attacks may have tampered with electric meters, leading to a surge in electricity consumption and subsequent billing concerns.

The post Headlines on Trending Cyber Attacks from Google News appeared first on Cybersecurity Insiders.


January 24, 2024 at 11:12AM

PRODUCT REVIEW: ISC2 CC Certification

In the face of escalating global cyberthreats, the demand for cybersecurity professionals has skyrocketed. Research highlights a need for 3.4 million additional experts in this field. The ISC2 Certified in Cybersecurity (CC) certification, offered by the globally renowned ISC2, is a strategic response to this talent shortage, providing a streamlined entry into the cybersecurity industry.

The ISC2 Certified in Cybersecurity (CC) certification distinguishes itself in the cybersecurity credentialing landscape through several key differentiators, making it a unique and valuable asset for professionals seeking to enter or advance in this field.

THE BENEFITS OF THE ISC2 CC CERTIFICATION

Unparalleled Accessibility
Unique in its approach, the ISC2 CC certification requires no previous experience or formal education in cybersecurity. It’s designed to be inclusive, welcoming a wide array of candidates – from IT professionals and college students to career-changers and executives seeking foundational knowledge. This approach significantly broadens the potential talent pool in cybersecurity. 

The Pathway to Cybersecurity Excellence
The CC certification serves as a crucial first step towards advanced cybersecurity knowledge and leadership roles. It equips entrants with essential skills in security principles, network security, and access controls, preparing them for success in entry-level positions and beyond.

Organizational Impact
For businesses, the ISC2 CC certification is a vital tool for developing skilled cybersecurity teams and narrowing the cybersecurity skills gap. It ensures that certified individuals are equipped with a solid understanding of fundamental cybersecurity concepts, enhancing the organization’s defense capabilities.

Vendor-Neutral Certification
One of the primary differentiators of the CC certification is its vendor-neutral nature. Unlike certifications that are tied to specific technologies or products, the CC certification focuses on broad, foundational cybersecurity principles and practices. This approach ensures that certified professionals possess a well-rounded understanding of cybersecurity that is applicable across various technologies and platforms. It prepares them for a diverse range of challenges in the cybersecurity space, rather than limiting their expertise to a single vendor’s tools or solutions.

Accreditation and International Standards
The CC certification is distinguished by its adherence to and accreditation under prominent international standards, including ISO/IEC 17024, 17788, 17789, 27017, and 27018. These standards are critical in the cybersecurity field, as they represent best practices and guidelines for cloud security, data protection, and information security management. Accreditation under these standards signifies that the CC certification maintains a high level of rigor, relevance, and quality, aligning with global benchmarks in cybersecurity.

Continuing Professional Education
Another significant aspect of the CC certification is the requirement for certified professionals to engage in continuing professional education. This is a crucial requirement, given the fast-evolving nature of cyber threats, technologies, and regulations. By mandating ongoing education, the CC certification ensures that its holders stay current with emerging trends, threats, and best practices in cybersecurity. This commitment to continuous learning is vital for professionals to remain effective and relevant in their roles, as cybersecurity is a field characterized by rapid change and evolution.

ADVANTAGES OF THE CC CERTIFICATION

The CC certification not only elevates professional expertise in cybersecurity but also opens doors to a multitude of benefits. Here are the key advantages that CC certification holders experience:

  1. Gateway to Advanced Certifications: The CC credential serves as an excellent starting point for more advanced certifications like the CISSP, offering a progressive career path within cybersecurity.
  2. No Prior Experience Required: Candidates can take the CC exam without previous cybersecurity work experience or formal education, needing only a basic understanding of IT.
  3. Validation of Foundational Skills: Earning the CC certification demonstrates to employers that you possess the essential knowledge and skills for entry- or junior-level cybersecurity roles.
  4. Access to ISC2 Resources: Successful completion of the CC exam grants access to ISC2 membership benefits, including a vast library of professional development courses, webinars, thought leadership, networking opportunities, and more.

“I’m switching career paths to move into cybersecurity. Certified in Cybersecurity is a great way to demonstrate my knowledge.” – Eric Turner, Cybersecurity Analyst, First Merchants Bank, Daleville, IN

PATH TO CERTIFICATION

BECOME AN ISC2 CANDIDATE:

  • Start by joining ISC2 as a candidate. Visit the ISC2 Candidate Page to register.
  • As a candidate, you gain access to numerous benefits, including 20% off training and 30-50% off textbooks.

STUDY FOR THE EXAM:

  • Utilize self-study resources available through ISC2 for thorough preparation.
  • Consider attending an Official ISC2 Training for a comprehensive review and knowledge refreshment before the exam.

PASS THE EXAM:

Take and successfully pass the 100-item CC exam within the allotted time of two hours.

COMPLETE THE APPLICATION:

  • After passing the exam, complete the ISC2 application process.
  • Agree to fully support the ISC2 Code of Ethics Canons and adhere to the ISC2 Privacy Policy.

MAINTAIN MEMBERSHIP AND EARN CPE CREDITS:

  • Once certified and a member of ISC2, maintain your certification by recertifying every three years.
  • Recertification involves earning Continuing Professional Education (CPE) credits and paying an annual maintenance fee to support your ongoing development.

OFFICIAL TRAINING OPTIONS

  1. Self-Paced Training + Exam (U.S. $0)
  • Train independently with an engaging online learning experience.
  • Includes the CC exam.
  • First-year Annual Maintenance Fee (AMF) of U.S. $50 due after passing the exam.
  1. Self-Paced Training + Exam + Extras (U.S. $199)
  • All features of the basic self-paced training.
  • Bundle Extras:

– Two attempts to pass the exam

– 180-day access to course content

– No AMF for the first year

  1. Live Online Training + Exam + Extras (U.S. $804)
  • Live sessions with an ISC2 Authorized Instructor combined with self-paced learning.
  • Includes the CC exam.
  • Bundle Extras:

– Two attempts to pass the exam

– 180-day access to course content

– No AMF for the first year

– Interactive learning in a live virtual classroom

– Peer discussions and instructor-led training

For more information and to explore these options, visit the ISC2 CC Training Bundles Page.

“I’m shifting careers from product management to information security. Certified in Cybersecurity gives me a starting point and a certificate I can showcase while I work toward earning the CISSP, which is far more complex and requires many months of preparation.” — Radhika Gopalan, Product Management Consultant, Alpharetta, GA

ABOUT ISC2

ISC2 is an international nonprofit membership association focused on inspiring a safe and secure cyber world. Best known for the acclaimed Certified Information Systems Security Professional (CISSP®) certification, ISC2 offers a portfolio of credentials that are part of a holistic, pragmatic approach to security. Our association of candidates, associates, and members, more than 500,000 strong, is made up of certified cyber, information, software, and infrastructure security professionals who are making a difference and helping to advance the industry. Our vision is supported by our commitment to educate and reach the general public through our charitable foundation – The Center for Cyber Safety and Education™.

For more information about CC certification and training, contact an Education Consultant in your region:

Americas | +1.866.331.4722 ext. 2 | Email: training@isc2.org

Europe, Middle East, and Africa | +44 203 960 7800 | Email: info-emea@isc2.org

Asia-Pacific | +852.5803.5662 | Email: isc2asia@isc2.org

The post PRODUCT REVIEW: ISC2 CC Certification appeared first on Cybersecurity Insiders.


January 23, 2024 at 08:13PM

Monday, January 22, 2024

OpenAI says NO to election bot as another company suffers backlash from its own AI tool

OpenAI’s ChatGPT, renowned for its conversational capabilities and vast knowledge, has recently taken a proactive stance in light of the upcoming general elections in various nations, including India and the United States. In a move to prevent potential misuse, the Microsoft-owned company has decided to exercise greater control over its AI tool to avoid any inadvertent complications.

Effective immediately, the machine learning-based AI model will refrain from responding to queries related to elections, a precautionary measure to prevent unintended consequences or erratic behavior.

This decision coincides with OpenAI’s suspension of the account of Delphi, an app development firm entrusted with creating dean.bot, a virtual assistant designed to engage with real-time voters since May of this year. The suspension was attributed to Delphi’s failure to adhere to guidelines set forth by the ChatGPT developers. Given the potential impact of such projects on the US Elections 2024, the decision to suspend all similar initiatives was made until further notice.

In a parallel development underscoring the risks associated with AI unpredictability, DPD, a France-based parcel delivery service, found itself compelled to suspend its recently implemented AI customer support service. The courier company’s chatbot, powered by artificial intelligence, began delivering responses that resembled human-like communication. Unfortunately, some of these responses were not only inappropriate but also generated unwarranted negative feedback for the company.

Instances included the DPD chatbot deeming the company it represented as ineffective in serving its customers and engaging in personal conversations that left customers with the impression of either interacting with the wrong customer service or being encouraged to seek alternatives.

In response, DPD promptly imposed restrictions on the use of its conversational bot until a resolution is found. Additionally, the company is conducting an inquiry to ascertain whether external influences, such as hacking or unauthorized programming, may have contributed to the bot’s unexpected behavior. The recognition of the potential vulnerability of AI platforms to external manipulation underscores the need for heightened security measures in the rapidly advancing field of artificial intelligence.

The post OpenAI says NO to election bot as another company suffers backlash from its own AI tool appeared first on Cybersecurity Insiders.


January 23, 2024 at 10:43AM

Hackers spreading ransomware demand a ransom of $50 from patients

In recent times, the landscape of cyber threats has taken a disconcerting turn, deviating from the conventional approach of hackers encrypting computers for ransom. The latest trend involves cyber attackers directly reaching out to impact patients, demanding a ransom ranging from a mere $50 to $200.

Specifically targeting individuals who have undergone healthcare services, these cyber criminals are employing a chilling tactic by threatening to expose intimate photos captured during critical medical procedures such as life-saving cancer examinations, plastic surgeries, and gynecology.

The compromised images vary in origin, with some appearing to be snapshots taken by medical equipment during cancer screenings, while others seem to have emanated from covertly connected surveillance cameras, often without the knowledge of the affected individuals.

Remarkably, the perpetrators are reaching out directly to the patients, presenting them with extortion demands that fluctuate between $50 and $1500. The amount demanded is contingent upon the perceived sensitivity of the victim’s information and the nature of the undisclosed details uncovered during medical examinations.

Faced with limited options, victims are resorting to seeking legal recourse to address their predicament before it escalates further. Notable cases, such as those involving Hankins & Sohn Plastic Surgery Associates and patients affiliated with the hospital chain Integris Health Inc, have garnered attention, with lawsuits being filed to bring the issue to public awareness.

The outcome of these legal actions remains uncertain, as both defendants and victims presenting their cases possess distinct narratives that appear justified from their respective standpoints.

From the perspective of cybersecurity professionals, the onus is on healthcare service providers to implement robust measures to safeguard customer data in compliance with prevailing data protection laws. The issue, however, presents a dual responsibility where both the service provider and the customer play pivotal roles in fortifying defenses against the incursion of hackers. This underscores the critical importance of a collaborative effort to ensure the security of sensitive medical information.

The post Hackers spreading ransomware demand a ransom of $50 from patients appeared first on Cybersecurity Insiders.


January 22, 2024 at 08:33PM

Sunday, January 21, 2024

How many types of Network Security protocols exist

Network Security protocols are designed to safeguard computer networks from unauthorized access, data breaches, and other cyber threats. And here are some common types of network security protocols:

 Secure Sockets Layer (SSL) / Transport Layer Security (TLS): SSL and its successor TLS are cryptographic protocols that provide secure communication over a computer network. They are commonly used to secure web transactions, such as those conducted in online banking and e-commerce.

IPsec (Internet Protocol Security): IPsec operates at the network layer and is used to secure Internet Protocol (IP) communications. It can provide encryption, authentication, and integrity verification, making it widely used in Virtual Private Networks (VPNs).

Wireless Protected Access (WPA) / WPA2 / WPA3: These are security protocols designed to secure wireless computer networks. They are used to encrypt data transmitted over Wi-Fi networks and protect them from unauthorized access.

Firewall Protocols (e.g., TCP/IP, UDP): Firewalls use various protocols, such as TCP/IP and UDP, to control and monitor incoming and outgoing network traffic. They can be hardware or software-based and act as a barrier between a trusted internal network and untrusted external networks.

Intrusion Detection System (IDS) / Intrusion Prevention System (IPS): While not exactly protocols, IDS and IPS systems use various techniques to detect and prevent unauthorized access and attacks. They analyze network traffic for suspicious patterns or anomalies.

Virtual Private Network (VPN) Protocols (e.g., PPTP, L2TP/IPsec, OpenVPN): VPNs use different protocols to create a secure, encrypted tunnel over an existing network. Protocols like PPTP, L2TP/IPsec, and OpenVPN are commonly used for establishing secure connections over the internet.

Simple Network Management Protocol (SNMP): SNMP is a protocol used for network management and monitoring. While its primary purpose is not security, it plays a role in network security by allowing administrators to monitor and manage network devices.

Secure File Transfer Protocols (e.g., SFTP, SCP, FTPS): These protocols provide secure methods for transferring files over a network. They often use encryption and authentication mechanisms to protect data during transfer.

DNS Security Extensions (DNSSEC): DNSSEC is a suite of extensions to DNS that adds an additional layer of security by digitally signing data to ensure its integrity and authenticity.

Pretty Good Privacy (PGP) / GNU Privacy Guard (GPG): PGP and GPG are used for securing email communications. They provide encryption and digital signatures to ensure the confidentiality and authenticity of email messages.

It’s important to note that new security protocols may emerge over time, and the landscape of network security is continually evolving. Always ensure that your network security measures are up to date with the latest industry standards and best practices.

The post How many types of Network Security protocols exist appeared first on Cybersecurity Insiders.


January 22, 2024 at 11:51AM