Author Archives: Dean Alvarez

Vulnerable IoT Vacuums, DVRs Put Homes at Risk

The internet of things (IoT) has seen a string of vulnerabilities across multiple devices, the latest of which are new vulnerabilities in Dongguan Diqee 360 robotic vacuum cleaners, which could allow cybercriminals to eavesdrop, perform video surveillance and steal private data, according Positive Technologies.

View Full Story

ORIGINAL SOURCE: Infosecurity Magazine

The post Vulnerable IoT Vacuums, DVRs Put Homes at Risk appeared first on IT SECURITY GURU.

6 ways you are sabotaging your cyber defences

If we asked any of the IT departments that we deal on a daily basis about their current priorities, they would all unfailingly say that protecting their company against cyber attacks and data breaches is top of the list – particularly now that GDPR is finally in force.

 

However, despite high awareness of the risks in terms of reputational damage, regulatory penalties and commercial losses, it’s evident that a surprisingly high proportion of companies – from SMEs to global corporations – are burying their heads in the sand when it comes to shoring up their cyber defences.

 

Here are 6 ways that we see companies failing to minimise their chances of suffering an information breach.

 

  • Neglecting security until it’s too late

This is a far more common story than you would imagine. The reason? Until they’ve been targeted by cyber criminals, many companies still won’t recognise the very real likelihood – and potentially devastating impact – of a security breach. They think they can get away with not spending money until a crisis occurs.

 

Firstly, if there was a system to rate the cyber security threat at an individual company level, it would be severe – an attack is highly likely. Nearly half of all businesses in the UK were hit by a cyber attack in the last 12 months, with 38 new ransomware attacks being reported every day. Secondly, as we tell clients – prepare for disaster, recover faster!

 

  • Thinking you can prevent breaches

In the security world, preparation doesn’t mean prevention. We are all engaged in a constant battle with ever-more sophisticated cyber criminals, and attacks are going to happen. Your security strategy should focus on defence but also response. Early identification and containment is absolutely vital. Once an attacker has infiltrated a laptop or email system, can they then roam freely around your entire network? Think of them like physical intruders, who will try any route. You’ve designed the building so install fire doors to slow them down!

 

  • Not defining your business-critical data assets

Many organisations, especially those who have been hit by a breach and are in panic mode, haven’t covered off one of the basics: defining information assets and ranking them by priority in order to conduct a proper risk assessment. In essence, this crucial step is about understanding what you hold, its importance to the business and specific security risks. Only then can you make informed decisions and put the right measures in place.

 

  • Not testing defences appropriately 

It’s well-recognised that companies should conduct an independent review of their information security posture every 12 months. But we find that a security testing strategy needs to be more flexible than this. A rigid annual review can expose you to vulnerabilities if you’ve installed new software or servers, for instance. Ideally, a pen test should be carried out after any significant change to your IT infrastructure.

 

  • Over-relying on tech

Security is a process, not a product – and to mitigate the risks associated with social engineering, this is a fundamental lesson to take to heart. Overlooking the human angle will cause even the most advanced technical barriers to crumble. Train your staff, refresh that training, embed it into HR procedures and regular team meetings, put policies and procedures in place – and check that they are followed. Clients often tell us that they have the tightest security policies known to man – yet nobody is monitoring how well staff understand and adhere to them. Remember that the workforce is your frontline defence.

 

  • Resistance to change

Is the IT or senior management team open to challenging existing ways of working, such as by bringing in external security advisors? It’s important to be honest with yourself about the capacity and limitations of your in-house resources. There is no room for being defensive or territorial in IT security – in fact those attitudes could lead to very serious problems, particularly under the GDPR which makes data protection everybody’s business. Risk assessments and decision-making needs to be objective – and sometimes that’s easier to hear from a third-party.

 

Of course, many of these fundamental processes are a requirement for ISO 27001-certified firms, but even then we find that there is often an emphasis on box-ticking and meeting initial standards, which tend to lapse over time. An effective information security framework needs to be continually refreshed and honed – with a security mindset embedded into your company’s culture at every level.

The post 6 ways you are sabotaging your cyber defences appeared first on IT SECURITY GURU.

Will this biz be poutine up the cash? Hackers demand dosh to not leak stolen patient records

Hackers say they will leak patient and employee records stolen from a Canadian healthcare provider unless they are paid off. The records include medical histories and contact information for tens of thousands of home-care patients in Ontario, Canada, and belong to CarePartners. The biz, which provides home medical care services on behalf of the Ontario government, admitted last month that it had been hacked, and its documents copied.

View Full Story

ORIGINAL SOURCE: The Register

The post Will this biz be poutine up the cash? Hackers demand dosh to not leak stolen patient records appeared first on IT SECURITY GURU.

Retail cyber security spending ineffective as breaches rise

Half of US retailers experienced a data breach in the past year, up from 19% the year before, according to the retail edition of the 2018 Thales data threat report. This increase drove US retail to the second most breached sector in the US after the federal government, putting it ahead of healthcare and financial services. The increased number of data breaches in the sector means that three-quarters of US retailers polled have experienced at least one data breach, up from 52% a year ago.

View Full Story

ORIGINAL SOURCE: Computer Weekly

The post Retail cyber security spending ineffective as breaches rise appeared first on IT SECURITY GURU.

Brit watchdog fines child sex abuse inquiry £200k over mass email blunder

The UK’s data watchdog today issued the Independent Inquiry into Child Sexual Abuse (IICSA) a £200,000 penalty after it sent a bulk email to participants that identified possible victims of historical crimes. The Information Commissioner’s Office (ICO) said IICSA – set up in 2014 to probe the degree to which institutions in England and Wales failed in their duty to protect young people from molestation – had breached the Data Protection Act (DPA) 1998 by not keeping confidential and sensitive personal data secure.

View Full Story

ORIGINAL SOURCE: The Register

The post Brit watchdog fines child sex abuse inquiry £200k over mass email blunder appeared first on IT SECURITY GURU.

A Short Guide to Cyber Security for Small Businesses

Cyber security is an increasingly important topic for any small business to tackle, yet it remains a mystery to many. Unpicking the complexity of this issue might seem daunting, but this brief guide will lay the groundwork. For a fuller picture, check out this article from Fidus Information Security.  ultimate cyber security guide for business.

Main Security Threats to Consider

There are lots of ever-evolving threats posed by cybercriminals to small businesses, but the main ones include phishing, identity theft, DDoS (distributed denial of service) attacks and malware infections.

Phishing comes in several forms, including fake sites designed to trick visitors into entering sensitive data or downloading dangerous code. It can also factor in phoney emails and other fraudulent communications with similar aims in mind.

ID theft will allow crooks to create accounts, set up credit cards and make purchases using the identity of the victimised individual or organisation.

DDoS involves assaulting a business’ website with traffic from a network of compromised devices, taking it offline and keeping genuine users out of the picture.

Malware and viruses can have a range of implications and uses, from holding a business to ransom by locking down its mission-critical data to stealing information and passing it on to malicious third parties.

There are plenty of other cyber security obstacles to overcome, but getting to grips with these basic concepts is sensible for small business owners.

Why Am I A Target?

Aside from the small handful of cybercriminals who simply want to cause indiscriminate havoc with their actions, most are motivated by money. And the best way to earn a living if you have underhanded computer skills is to steal and manipulate data in the hope of being able to sell it or profit from its subversion.

Data is the currency of the digital world and stolen information can be sold in large volumes to the highest bidder on the black market. Businesses are typically responsible for significant stores of sensitive information, so they are seen as the perfect target by hackers.

What Are The Consequences of Ignoring Cyber Threats?

With a triumvirate of troubling outcomes from being hit by a cyberattack, small businesses cannot afford to ignore the need to implement a suitable security policy.

Firstly your reputation will suffer a blow if you become one of the 40 per cent of British businesses hit by an attack each year.

Secondly, the loss of custom that comes in the wake of a breach will bring many fledgeling firms to their knees, with financial woes knocking out almost two-thirds of small businesses that have been successfully attacked.

Thirdly the legal and regulatory ramifications can be significant, especially in the wake of the GDPR and the steeper fines that firms face if they mishandle customer data. Being sued by individuals and other organisations is also a likelihood, which puts yet more pressure on impacted businesses.

How to Bolster Cyber Security Measures

The first thing to realise about cyber threats is that they can only be faced if everyone involved in a small business, from the latest hires to the members of the board, is aware of these risks and committed to combating them.

Next, you will need to lay down a suitable plan to protect your internal network, simplify it where possible and ensure that it is as robust and resilient in the face of the main cyber threats as possible.

You should also get a handle on the kind of data you are holding, whether it complies with GDPR and whether it is properly secured with encryption. Storing information in a cloud-powered platform can be convenient if you want to avoid the expense of opting for an on-site solution.

Keeping tabs on network traffic, training staff and monitoring internal threats posed by disgruntled employees will all be necessary if you want to have complete peace of mind about the state of your cybersecurity.

Ultimately it is crucial to never become complacent, even if you have put plenty of security measures in place. Cyber threats are always changing and you need to be ready to respond to them, whether you run a small business or a multinational corporation.

 

The post A Short Guide to Cyber Security for Small Businesses appeared first on IT SECURITY GURU.

Hackers Breach Network of LabCorp, US’ Biggest Blood Testing Laboratories

LabCorp, the US’ biggest blood testing laboratories network, announced on Monday that hackers breached its IT network over the weekend. “At this time, there is no evidence of unauthorized transfer or misuse of data,” the company said. “LabCorp has notified the relevant authorities of the suspicious activity and will cooperate in any investigation.”

View Full Story

ORIGINAL SOURCE: Bleeping Computer

The post Hackers Breach Network of LabCorp, US’ Biggest Blood Testing Laboratories appeared first on IT SECURITY GURU.

Alert Logic announces industry-first container security capabilities

Alert Logic, the leading provider of Security-as-a-Service solutions, today announced at the AWS Summit, New York, the industry’s first network intrusion detection system (IDS) for containers, available in Alert Logic Cloud Defender and Threat Manager solutions. This innovation brings organisations powerful new capabilities to inspect network traffic for malicious activity targeting containers, and faster detection of compromises to enhance the security of workloads running on the AWS Cloud.

The Alert Logic network IDS capability supports containers deployed on AWS including Docker, Amazon Elastic Container Service, Kubernetes, CoreOS, and AWS Elastic Beanstalk. Support for additional cloud-deployed containers will be available before the end of the year. The Alert Logic incident console can also now display which containers and hosts might be compromised along with the associated metadata.

Containers enable organisations to leverage the low overhead, power, agility, and security of virtualization with the improved benefit of portability. While the container market is growing fast given these benefits, with an estimated CAGR of 40% through 2020 according to 451 Research, many businesses have delayed container adoption and the related cost and time benefits due to security concerns. Until now, the security industry hasn’t provided the critical ability to inspect the network traffic that targets containers.

“Without real-time detection capabilities, attackers and intruders can lurk within containers installing trojans, malware, ransomware and cryptominers or even corrupting and exfiltrating data,” said Chris Noell, Senior Vice President, Engineering at Alert Logic. “Network intrusion detection is critical to providing the visibility into container attacks that other approaches miss. With Alert Logic, organisations can confidently move forward with their container deployments knowing that they are protected by the only security solution in the market that addresses container visibility at the network layer.”

Customers and Partners Adopt New Network IDS Capabilities for Containers

Accesso Technology, a best-in-class eCommerce, point of sales and ticketing solution provider, helps its clients increase sales and streamline operations and is an early adopter of Alert Logic’s container security innovation.

“As Accesso continues to focus on our industry-leading technology and security infrastructure, we need to ensure our containerized environment is protected without introducing additional complexity,” said William DeMar, Director, Information Security, Accesso Technology. “With Alert Logic, we have extended IDS security monitoring and detection to the container level and have gained more granular visibility into our container environments across multiple cloud platforms. Alert Logic partnered with us to get up and running quickly, and their team of security analysts and consultants proactively escalates incidents so we can prioritise our team’s efforts.”

Wealth Wizards is another Alert Logic customer using the new network IDS capability for containers. “We’re writing products our financial services clients want today, which means we need to build software really quickly,” said Richard Marshall, Head of Platform, Wealth Wizards. “We run in a 100% container environment, using Kubernetes and Docker. Security is a big priority for us, but we need to keep our engineering team focused on delivering the best experience for our clients. With Alert Logic we can concentrate on our core business while being safe in the knowledge we have security experts covering the operational side for us.”

Logicworks, a cloud automation and managed services company, partners with Alert Logic and has extended network IDS for containers capabilities to its customers. “Although container technology is relatively new, it’s already a ‘go to’ code deployment strategy for Logicworks,” said Steven Zeller, Vice President, Product Marketing for Logicworks. “Containers help our customers work smarter, and Logicworks ensures that our customers’ containers run securely and efficiently on AWS. Alert Logic’s container security solutions give our customers confidence in the continuous security of their cloud infrastructure.”

Products + Services Approach

The Alert Logic container security solutions work by analysing the signature of data packets as they traverse the container environment to detect cyberattacks in real-time and provide a graphical representation of the compromised container and its relationships. The intrusion detection capabilities for containers are fully managed by Alert Logic’s 24×7 security and compliance experts in the company’s Security Operations Centers. When a container threat is detected, Alert Logic’s security experts prioritise the threat, proactively escalate within 15-minutes, provide visual context, and offer remediation advice for customers.

The post Alert Logic announces industry-first container security capabilities appeared first on IT SECURITY GURU.

Be Ready to Fight new 5G Vulnerabilities

In the evolving landscape of mobile networks, we are beginning to see new vulnerabilities open up through 3G and 4G networks, and it is more than likely that 5G will follow this same fate. Protecting only this Gi Interface is no longer enough for service provider security.

 

Until recently, the Gi-LAN connecting the EPC (Evolved Packet Core) to the internet was considered to be the most vulnerable part of the service provider network and was protected via Gi-Firewal and anti DDoS systems. The rest of the EPC links were considered difficult targets for hackers because advanced vendor-specific knowledge was required for a successful attack. Since the typical hacker prefers a soft target, defensive measures weren’t a priority for developers or carriers. Network complexity was a defence in itself.

 

However, the requisite know-how to attack EPC from other interfaces is now becoming much more common. The mobile endpoints are being infected at an alarming rate, and this means that attacks can come in from the inside of the network. The year 2016 saw a leap in malware attacks, including headline-makers GooliganPegasus, and Viking Horde. Then the first quarter of 2017 saw a leap in mobile ransomware attacks, which grew by 250 percent.

 

The need for securing the EPC is tied to advances like LTE adoption and the rise of IoT, which are still gaining speed. LTE networks grew to 647 commercial networks in 2017, with another 700 expected to launch this year. With the adoption of LTE, IoT has become a reality—and a significant revenue stream for enterprises, creating a market expected to reach £400 billion by 2022. The time to take a holistic approach to securing the service provider networks has arrived.

There are three primary data paths connecting mobile service providers to the outside world. The first of these is a link to the internet through S/Gi LAN. Next is a link to a partner network that serves roaming users. Last, there is a link for traffic coming from towers. The security challenges and the attack vectors are different on each link. Until recently, the link to the internet was the most vulnerable point of connectivity. DDoS attacks frequently targeted the service provider’s core network on the Gi Link. These attacks were generally volumetric in nature and were relatively easy to block with highly scalable firewalls and DDoS mitigation systems.

 

The Expanding Attack Surface

The threat landscape is rapidly changing, and attacks can come from other points of connectivity. This has been theoretical until recently; while numerous academic research papers have been published in the past decade suggesting that attacks from partner networks or radio access networks (RANs) were a possibility, those threats are no longer merely an intellectual exercise: they are real. At the same time, the rapid rise of IoT is exposing the threat of malicious actors taking control and weaponising devices against a service provider.

 

Multiple botnets, such as WireX and its variants, have been found and taken down. So far, these attacks have targeted hosts on the internet, but it’s just a matter of time until they start attacking Evolved Packet Core (EPC) components.

 

There are multiple weak points in EPC and its key components. Components that used to be hidden behind proprietary and obscure protocols now reside on IP, UDP, or SCTP, which can be taken down using simple DoS attacks.

 

The attack surface is significantly larger than it used to be, and legacy approaches to security will not work.

 

A DDoS Attack, like a signaling storm, against an individual entity can be generated by a malicious actor or even a legitimate source. For example, a misbehaving protocol stack in an IoT device can cause an outage by generating a signaling storm.

 

Securing the SP Network

 

To secure the SP Network, businesses must improve their defences against DDoS attacks. The best way to achieve this is by utilising an S/Gi Firewall solution and a DDoS mitigation solution. TPS should also be deployed in your enterprises’ IT Security on-premise and cloud infrastructures. With all of these solutions in place it becomes easier to mitigate multi-terabit attacks.

 

Utilising powerful tools that can improve these defences, can help detect and mitigate, or stop, a number of advanced attacks specifically against EPC. The tools being used should also allow for a granular deep packet inspection to protect against user impersonation by means of spoofing, network impersonation, and signalling attacks to security professionals.

 

To summarise, in addition to mitigating and stopping terabit-scale attacks coming from the internet and utilising stateful firewall services, it is imperative for enterprises to up their security measures by using full-spectrum security that protect the whole infrastructure of your business.

 

The post Be Ready to Fight new 5G Vulnerabilities appeared first on IT SECURITY GURU.

Mimecast Opens Early Adopter Program for New Web Security Service

Mimecast Limited (NASDAQ: MIME), a leading email and data security company, today announced the launch of its early adopter program after conducting a successful private beta for the new Domain Name System (DNS) Security Gateway solution.

The Mimecast DNS Security Gateway cloud-based service guards against malicious activity initiated by user action or malware while blocking access to websites deemed unsafe or inappropriate based on each organization’s objectives and policies. The program is open for existing Mimecast customers looking to improve their defenses against web-based attacks.

Combining Mimecast DNS Security Gateway with the Mimecast Secure Email Gateway services enables organizations to implement an agile, easy-to-deploy solution that protects against the two most prevalent cyberattack vectors—email and web.

Backed by a comprehensive cloud platform proven at over 30,000 customers globally, the Mimecast DNS Security Gateway leverages Mime|OS, Mimecast’s operating system that delivers a portfolio of cloud-based security services to customers. This new web security service is also supported by the Security Operations Center (SOC) team and global threat intelligence and analytics that support Mimecast’s email security services. A unified, integrated security and business continuity platform allows customers to capitalize on multiple layers of services that together deliver high-performance and exceptional efficacy against the threat landscape.

“A vast proportion of security incidents occur via email or the web, and DNS requests make up a large portion of the associated web activity. The Mimecast DNS Security Gateway adds an all-important security layer for web-based activity,” said Christina Van Houten, chief strategy officer at Mimecast. “We’re laser-focused on collaborating with our customers to strengthen their cyber resilience and ensure their organizations are safe for business. The feedback from early adopter customers has been overwhelmingly positive and we’re eager to open the beta program more broadly before the product is generally available.”

Customers interested in participating in the early adopter program for Mimecast DNS Security Gateway should contact DNSPreview@mimecast.com for more information. Mimecast DNS Security Gateway will be generally available in the fourth quarter of 2018.

The post Mimecast Opens Early Adopter Program for New Web Security Service appeared first on IT SECURITY GURU.

Search for the UK’s Security Serious Unsung Heroes begins

Eskenzi PR, the driving force behind Security Serious , has today announced the third annual Security Serious Unsung Heroes Awards are now open for nominations.  The awards are a chance for the people, not products, on the front lines – whether it’s teaching others, working with law enforcement or battling cyber threats in organisations – to come together and receive the recognition they deserve.

Nominations are open until the 3rd of August and The Unsung Heroes Awards will take place on Tuesday, 2nd October 2018, during Security Serious Week – a week during October’s European Cyber Security Awareness Month dedicated to events put on by cyber-security experts to encourage others in business to take cyber security more seriously.

The Unsung Heroes Awards, started by Eskenzi PR, Smile on Fridays and the IT Security Guru, are backed by the cyber security industry from certification bodies such as CREST to major corporations like Canon and Publicis Groupe as well as vendors CyberArk, Cybereason, Operatix, Janrain, Intelisecure, Mimecast and Gigamon.

The sponsors all make it possible for the Unsung Heroes Awards to be free to enter and free to attend, unlike any other industry award.

“Our unique format means that people can nominate their customers, colleagues, friends or professors to be recognised for the fantastic – but often thankless –  work they do behind the scenes,” said Yvonne Eskenzi, Director of Eskenzi PR and founder of Security Serious. “The Unsung Heroes awards are about unearthing new talent and thanking all those incredible IT security professionals who work tirelessly behind the scenes doing great work.  We also want to encourage new talent into the industry and show them how rewarding a career in cyber security can be.”

The categories are now open for nominations until 3rd August 2018 and include:

Fraud Fighter

Captain Compliance

Godfather of Security

Cyber Writer

Security Avengers (team)

Best Security Awareness Campaign

Security Leader/Mentor

Apprentice/Rising Star

Best Educator

Data Guardian

SecDevOps Trailblazer

CISO Supremos – Retail, CNI, Finance, Manufacturing, Media & Entertainment, Charity and Telecoms

“There are many other ‘Security Awards’ evenings in London, most of which take themselves far too seriously. Security Serious (ironically) gets the mix right – recognising those who make a valuable contribution to our work, our professional community and our society but, for a variety of reasons, don’t seem to get selected for other awards,” said Gerry O’Neill, Security and Assurance Advisor

Director, Inforisca Services who attended the awards last year for the first time.

The post Search for the UK’s Security Serious Unsung Heroes begins appeared first on IT SECURITY GURU.

Two thirds embarrassed by their out of date tech

A study of 1000 UK adults, carried out in May 2018, showed that the main reason people upgrade their smartphone is due to the embarrassment of having an older handset, rather than the desire to have the latest tech.

 

Despite mobile technology drastically improving in recent years, the research, by Satsuma Loans, revealed that 63% of respondents would be embarrassed if their peers saw them using a handset that was more than a couple of years old, and this would impact their decision to upgrade more than their desire to have new features.

 

When it comes to which age group feel most embarrassed by their out of date tech, surprisingly more respondents aged 45-54 admitted to feeling embarrassed by their phone than any other age group.

 

According to the study, the top five reasons for upgrading are:

 

Embarrassment of using an old handset (63%)

Peer pressure to fit in with others (59%)

Desire to always have the latest tech (51%)

Coming to the end of a phone contract (43%)

Desire to have a specific new feature (27%)

 

Looking at how often people involved in the study upgrade their phone, the majority (61%) upgrade each time they reach the end of their current contact, however 14% admitted they try to upgrade every six months – spending over £1000 a year on their mobile phone handset.

 

At the other end of the scale, one in ten adults surveyed stated that they believe smartphones are a waste of money and are happy with a basic handset. As well as the initial cost of the phone handset and monthly contract payments, there are also a number of hidden costs associated with owning a smartphone.  Hidden costs to consider are:

  • Insurance – insurance for top of the range phones can be as high as £14.99 per month
  • Cases, covers and screen protectors – without them you could be looking at a hefty bill for fixing a smashed handset after an accident
  • Cloud storage and backups – if you don’t back up you risk losing all of your precious photos and videos if you lose or damage your handset
  • Anti-virus protection – even the most tech-savvy can be caught out by malware

The post Two thirds embarrassed by their out of date tech appeared first on IT SECURITY GURU.

Organisations need a zero trust model for cyber security, Unisys survey finds

New research from Unisys Corporation found that IT professionals reported three incidents on average where sensitive information had been lost last year, with some respondents reporting 11 losses for the year. Respondents also reported an average of nine incidents per month where they had to address highly severe security issues.

The survey, conducted by information insights company Information Services Group Inc. (ISG), asked 404 enterprise IT professionals in North America, Europe and Asia Pacific to assess their security operations. The findings illustrate high levels of awareness among respondents of their challenges as well as the need to establish digital trust with their customers as they transform their businesses to cloud and mobile platforms.

As a result of these findings, ISG is forecasting that 60 percent of businesses globally will suffer a major service failure due to the new security issues introduced by shifting workloads to the cloud and enabling mobile and remote employees. The research indicates that between 2016 and 2020, on-premises workloads will decline from 55 percent to 20 percent of all workloads.

To address the challenges associated with digital trust, Unisys recommends the adoption of the “zero trust” model – an approach to security that recognizes threats emanate not only from outside the perimeter, but also from malicious insiders within trusted zones. The zero trust approach of granting least privileged access to all users requires a combination of microsegmentation and security services such as security information and event management (SIEM), endpoint protection and risk assessment, eliminating the need to buy new gear, rip and replace or add complexity to an already unwieldy architecture.

“In the era of digital transformation, security professionals recognize that digital trust is table stakes – a requirement that, if not met and delivered as part of the experience for stakeholders of the enterprise’s value chain, will upend organizations everywhere,” said Doug Saylors, research director, ISG. “Enterprises that are first to adopt and leverage digital trust fabrics will realize competitive advantages driven by combinations of deeper customer intimacy, operational excellence and product leadership.”

The survey showed that IT professionals recognize the need to address threats coming from outside their enterprises as well as the need to create security-focused cultures within them.

When asked to choose from among 12 IT security challenges at their enterprises, the top challenge was “external threats,” selected by 43 percent of respondents. It was followed by security challenges related to 24×7 operations (selected by 36 percent) and challenges related to legacy technologies (selected by 34 percent).

“Trust in digital business is earned during every digital interaction with the enterprise,” said Tom Patterson, chief trust officer at Unisys. “This means establishing strong bonds of trust throughout their ecosystems of employees, partners, suppliers and customers. By operating resistant and resilient systems, establishing trusted identities, and focusing passionately on client success, it is possible to make trust your critical success factor.”

Unisys Security Solutions protect critical assets by establishing digital trust and providing secure access to trusted users. Unisys solutions help enterprises reduce their attack surface, easily comply with regulations and simplify the complexity of today’s network security. Combining expert consultants, advanced software and managed security services, Unisys helps enterprises build security into the fabric of their digital transformation.

The post Organisations need a zero trust model for cyber security, Unisys survey finds appeared first on IT SECURITY GURU.

Researchers Mount Successful GPS Spoofing Attack Against Road Navigation Systems

Academics say they’ve mounted a successful GPS spoofing attack against road navigation systems that can trick humans into driving to incorrect locations. The research is of note because previous GPS spoofing attacks have been unable to trick humans, who, in past experiments, often received malicious driving instructions that didn’t make sense or were not in sync with the road infrastructure —for example taking a left on a straight highway.

View Full Story

ORIGINAL SOURCE: Bleeping Computer

The post Researchers Mount Successful GPS Spoofing Attack Against Road Navigation Systems appeared first on IT SECURITY GURU.

UN agency tasks member states on greater attention to cyber security

Babcock International Model United Nations (BIMUN) has urged member states to pay more attention to cyber security and broaden its definition beyond hacking to enhance implementation of broader solutions. It stated this at the simulation of the UN General Assembly First Committee on Disarmament and International Security (DISEC), during the second BIMUN conference, organised by Babcock University, Ilishan Ogun State, in collaboration with the United Nations Information Centre (UNIC), Lagos at the weekend.

View Full Story

ORIGINAL SOURCE: Guardian

The post UN agency tasks member states on greater attention to cyber security appeared first on IT SECURITY GURU.

Windows Malware Carries Valid Digital Signatures

Researchers from Masaryk University in the Czech Republic and Maryland Cybersecurity Center (MCC) monitored suspicious organizations and identified four that sold Microsoft Authenticode certificates to anonymous buyers. The same research team also collected a trove of Windows-targeted malware carrying valid digital signatures.

View Full Story

ORIGINAL SOURCE: Infosecurity Magazine

The post Windows Malware Carries Valid Digital Signatures appeared first on IT SECURITY GURU.

Ukraine Says It Stopped a VPNFilter Attack on a Chlorine Distillation Station

The Ukrainian Secret Service (SBU) said today it stopped a cyber-attack with the VPNFilter malware on a chlorine distillation plant in the village of Aulska, in the Dnipropetrovsk region.

View Full Story

ORIGINAL SOURCE: Bleeping Computer

The post Ukraine Says It Stopped a VPNFilter Attack on a Chlorine Distillation Station appeared first on IT SECURITY GURU.

Janrain and Akamai partner to enhance security of digital customer identities

Janrain®, the company that pioneered the Customer Identity and Access Management (CIAM) category, and Akamai Technologies, Inc. (NASDAQ: AKAM), the world’s largest and most trusted cloud delivery platform, today announced that they have partnered to provide Janrain Secure Edge, bringing new integrated security capabilities to the Janrain Identity Cloud®, the world’s largest identity network.

The value of customer profile data linked to customer identities has grown dramatically over the past decade and is one of the most crucial success factors for digital-first enterprises today.

This sensitive data, and the systems handling it, are facing an increasingly complex and sophisticated variety of threats ranging from opportunistic and sophisticated breach attempts, to malicious API calls, to Distributed Denial of Service (DDoS) attacks. In addition to these network-based threats, there is risk from fake or fraudulent user identity creation that aims to abuse a company’s systems or other users.

Akamai and Janrain have partnered to offer joint customers an unprecedented level of protection against both network-based and identity-based threats, leveraging and combining the capabilities of the Akamai Intelligent Platform™, which consists of more than 200,000 servers in more than 3,500 locations across 1,600 networks in 131 countries, and the Janrain Identity Cloud®, the world’s largest identity network reaching over 1.75 billion digital identities in more than 3,400 commercial deployments worldwide.

The result is Janrain Secure Edge, a new, always-on multi-component protection layer, which is now an integral part of the Janrain Identity Cloud. It combines industry-leading, risk-adaptive protection from the Akamai Intelligent Platform™ to safeguard against the latest digital attacks against websites, applications, and API infrastructure in general – including DDoS, Web Application Firewall, direct-to-origin attacks and a best-of-class Bot Management solution – with the identity-based security measures of the Janrain Identity Cloud, including risk-based adaptive authentication powered by automated fraud detection that safeguards against malicious account activities including fraudulent account creation and credential compromise.

Because Akamai applies protections at the edge of the internet, they can detect and help fend off malicious activities and bad actors before they even reach the actual systems of companies using the Janrain Identity Cloud. This not only minimises the risk of intrusion for Janrain clients but keeps attack traffic away from their sites, which helps to eliminate the need to launch additional and expensive compute resources and prevents negative impact on customer experiences from performance degradation or outages.

“Customer identities are crucial assets to companies, but especially to the individuals who they represent. As individuals engage with digital businesses across more areas of their lives, sensitive personal data ends up in their profile data,” said Josh Shaul, Vice President of Web Security, Akamai. “The Akamai Intelligent Platform provides a unique level of protection to Janrain’s clients, shielding them and their customers from an increasingly diverse and fast changing range of threats and attacks that are trying to steal that valuable customer data.”

“The combination of the leading network protection technology from Akamai with Janrain’s focus and innovation in authentication and authorization for each individual consumer (and thing) identity allows us to secure our clients from malicious activity at the edge in a way that is unique for every user,” said Jim Kaskade, CEO at Janrain. “As the leader in identity security, it was a natural step for us to collaborate with Akamai, the largest and most respected distributed platform operating at the edge of the Internet.”

“The integration of the Akamai Intelligent Platform with the Janrain Identity Cloud allows brands to focus on providing the best digital experiences without compromising on security and data protection, as well as performance or scale,” continued Shaul.

Janrain Secure Edge is available to all Janrain Identity Cloud customers in all global regions, including China and Russia.

As part of Janrain Secure Edge, both companies will work together to further extend security capabilities with an advanced use of data and analytics. “Most companies talking about ‘AI’ reach a level of automation with machine learning technology but miss the mark on self-learning that Artificial Intelligence promises.” said Kaskade. “Akamai and Janrain combined effectively have over one-third of the global internet traffic to learn from, model, and automate to provide the leading identity security solution for our clients.”

The post Janrain and Akamai partner to enhance security of digital customer identities appeared first on IT SECURITY GURU.