Category Archives: cyberattack

Most IT pros find red team exercises more effective than blue team testing

More than one-third of security professionals’ defensive blue teams fail to catch offensive red teams, a study from Exabeam reveals. The survey, conducted at Black Hat USA 2019, also showed that 68% find red team exercises more effective than blue team testing, and more companies are practicing red over blue team testing. As cyberattacks become increasingly sophisticated and hack techniques become more highly targeted, organizations must learn how digital adversaries think to help identify gaps … More

The post Most IT pros find red team exercises more effective than blue team testing appeared first on Help Net Security.

Researchers were able to detect what is typed using just a smartphone

You likely know to avoid suspicious emails to keep hackers from gleaning personal information from your computer. But a new study from SMU (Southern Methodist University) suggests that it’s possible to access your information in a much subtler way: by using a nearby smartphone to intercept the sound of your typing. Eric Larson and Mitch Thornton Researchers from SMU’s Darwin Deason Institute for Cybersecurity found that acoustic signals, or sound waves, produced when we type … More

The post Researchers were able to detect what is typed using just a smartphone appeared first on Help Net Security.

Deception technology shifts power back to the defender

Users of deception technology reported a 12X improvement in the average number of days it takes to detect attackers operating within an enterprise network when compared to those unfamiliar with the technology, according to a research report conducted by Enterprise Management Associates (EMA). EMA surveyed 208 respondents across North America in June 2019, with the majority of respondents working in IT/IS/telecoms or cybersecurity within an IT organization. Other studies conducted by incident response service providers … More

The post Deception technology shifts power back to the defender appeared first on Help Net Security.

Attackers’ growing use of anti-analysis, evasion tactics pose a challenge to enterprises

Cybercriminals continue to look for new attack opportunities throughout the digital attack surface and are leveraging evasion as well as anti-analysis techniques as they become more sophisticated in their attempts, according to Fortinet. Upping the ante on evasion tactics Many modern malware tools already incorporate features for evading antivirus or other threat detection measures, but cyber adversaries are becoming more sophisticated in their obfuscation and anti-analysis practices to avoid detection. For example, a spam campaign … More

The post Attackers’ growing use of anti-analysis, evasion tactics pose a challenge to enterprises appeared first on Help Net Security.

Online skimming: An emerging threat that requires urgent awareness and attention

A growing threat that all merchants and service providers should be aware of is web-based or online skimming. These attacks infect e-commerce websites with malicious code, known as sniffers or JavaScript (JS) sniffers and are very difficult to detect, according to PCI Security Standards Council and the Retail & Hospitality ISAC. Once a website is infected, payment card information is “skimmed” during a transaction without the merchant or consumer being aware that the information has … More

The post Online skimming: An emerging threat that requires urgent awareness and attention appeared first on Help Net Security.

As attackers get more creative, mobile threats and attacks increase in both quantity and impact

It is no longer a matter of if or when an enterprise’s mobile endpoints will be compromised. They already are and most organizations have little to no knowledge or visibility of the compromise, according to a new Zimperium report. Device threats and attacks Mobile OS vendors created patches for 440 security vulnerabilities. Twenty seven percent of enterprise mobile endpoints were exposed to device threats. The majority of malicious profiles (68 percent) were considered “high-risk,” meaning … More

The post As attackers get more creative, mobile threats and attacks increase in both quantity and impact appeared first on Help Net Security.

Many companies don’t know the depth of their IoT-related risk exposure

In the digital age, cyber is everywhere. Cyber risk now permeates nearly every aspect of how we live and work. Organizations should better understand how to manage the risks created by known and unknown Internet of Things (IoT) and Industrial IoT (IIoT) devices. According to a recent Deloitte poll, nearly half of IT security professionals (48%) realized it is imperative, when developing or deploying secure-by-design connected products and/or devices, that both of these conditions exist: … More

The post Many companies don’t know the depth of their IoT-related risk exposure appeared first on Help Net Security.

Flaws allow attackers to bypass payment limits on Visa contactless cards

Flaws that allow attackers to bypass the payment limits on Visa contactless cards have been discovered by researchers Leigh-Anne Galloway and Tim Yunusov at Positive Technologies. The attack was tested with five major UK banks, successfully bypassing the UK contactless verification limit of £30 on all tested Visa cards, irrespective of the card terminal. The researchers also found that this attack is possible with cards and terminals outside of the UK. These findings are significant … More

The post Flaws allow attackers to bypass payment limits on Visa contactless cards appeared first on Help Net Security.

Ransomware attack leaves Johannesburg residents without electricity

A ransomware attack aimed at City Power, the electricity provider for Johannesburg (aka Joburg), South Africa, has resulted in some residents temporarily without power. While the provider’s operational technology (OT) network hasn’t been hit, the IT disruption prevented customers from buying electricity through its pre-paid vending system. About the attack City Power, which is owned by the City of Johannesburg. didn’t name the ransomware that started wreaking chaos on Thursday. Through the City of Joburg’s … More

The post Ransomware attack leaves Johannesburg residents without electricity appeared first on Help Net Security.

Damaging insider threats rise to new highs in the past year

70 percent of organizations are more frequently seeing insider attacks, with 60 percent experiencing one or more within the last 12 months, and 68 percent feeling “extremely to moderately” vulnerable to them, according to Nucleus Cyber. Not only are organizations seeing a dramatic increase of attacks from insiders, but 85 percent are finding it difficult to determine the actual damage being caused from each instance, especially in cloud environments. Since they’ve migrated to the cloud, … More

The post Damaging insider threats rise to new highs in the past year appeared first on Help Net Security.

50% of organizations believe attackers can infiltrate their networks each time they try

As organizations increase investments in automation and agility, a general lack of awareness about the existence of privileged credentials – across DevOps, robotic process automation (RPA) and in the cloud – is compounding risk. According to the CyberArk Global Advanced Threat Landscape 2019 Report, less than half of organizations have a privileged access security strategy in place for DevOps, IoT, RPA and other technologies that are foundational to digital initiatives. This creates a perfect opportunity … More

The post 50% of organizations believe attackers can infiltrate their networks each time they try appeared first on Help Net Security.

Every minute, $2.9 million is lost to cybercrime

Cybercriminals cost the global economy $2.9 million every minute last year, a total of $1.5 trillion, according to RiskIQ. Top companies pay $25 per minute due to security breaches. Additional malicious activity includes: $1,930: the cost of hacks on cryptocurrency exchanges every minute $17,700: lost from phishing attacks per minute $22,184: the projected by-the-minute cost of global ransomware events in 2019 8,100: identifier records compromised every minute 7: malicious redirectors detected each minute 2.4: phish … More

The post Every minute, $2.9 million is lost to cybercrime appeared first on Help Net Security.

Employees overestimate the efficacy of their workplace’s email security strategy

22 percent of businesses have experienced a data breach – defined as loss of confidential data or credentials, compromised account loss, or fraudulent financial transactions – due to an email-based attack in the past three months, accoring to GreatHorn. The company surveyed 1,021 email security and white-collar professionals from March to June 2019 to gain a better understanding of the current state of enterprise email security, threat prevalence, remediation frequency, and attitudes on email attacks … More

The post Employees overestimate the efficacy of their workplace’s email security strategy appeared first on Help Net Security.

Most SMBs have not identified and documented cybersecurity threats

A majority of small and medium-sized businesses (SMBs) do not have cybersecurity protection at the top of their agenda and are highly prone to risks and vulnerabilities, according to ConnectWise. The risk assessments reveal that an alarming 69% of SMBs have not identified and documented cybersecurity threats, while 66% have not identified and documented cybersecurity vulnerabilities. Beginning in fall 2018, ConnectWise’s MSP partners around the world were offered free risk assessments to assess their SMB … More

The post Most SMBs have not identified and documented cybersecurity threats appeared first on Help Net Security.

Average data breach cost has risen to $3.92 million

The cost of a data breach has risen 12% over the past 5 years and now costs $3.92 million on average, according to IBM. These rising expenses are representative of the multiyear financial impact of breaches, increased regulation and the complex process of resolving criminal attacks. The financial consequences of a data breach can be particularly acute for small and midsize businesses. In the study, companies with less than 500 employees suffered losses of more … More

The post Average data breach cost has risen to $3.92 million appeared first on Help Net Security.

Intrusion Prevention System market to surpass $8.5 billion by 2025

The Intrusion Prevention System market is forecast to surpass $8.5 billion by 2025, after growing at a CAGR 13.7% during the forecast period 2019-2025, according to IndustryARC. Increasing awareness among entities regarding cyber security and essential data protection practices has consequently driven growth of the intrusion prevention system market. The Intrusion Prevention System market is expected to grow at a rapid pace owing to its deployment across a wide range of industries including BFSI, aerospace, … More

The post Intrusion Prevention System market to surpass $8.5 billion by 2025 appeared first on Help Net Security.

Cyberthreats targeting municipalities are on the rise

Through the first half of 2019, a growing number of municipalities across the US were hit with crippling ransomware attacks, while several large companies disclosed data breaches that exposed more than 625 million records. A new AppRiver report also highlighted the most prevalent attacks identified by the company during the first half of the year, including chained malware attacks, Emotet, and conversation hijacking attacks. Cities under siege The report, based on global data compiled by … More

The post Cyberthreats targeting municipalities are on the rise appeared first on Help Net Security.

Hackers Expose Russian FSB Cyberattack Projects

More nation-state activity in cyberspace, this time from Russia:

Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects since 2009 for FSB unit 71330 and for fellow contractor Quantum. Projects include:

  • Nautilus -- a project for collecting data about social media users (such as Facebook, MySpace, and LinkedIn).

  • Nautilus-S -- a project for deanonymizing Tor traffic with the help of rogue Tor servers.

  • Reward -- a project to covertly penetrate P2P networks, like the one used for torrents.

  • Mentor -- a project to monitor and search email communications on the servers of Russian companies.

  • Hope -- a project to investigate the topology of the Russian internet and how it connects to other countries' network.

  • Tax-3 -- a project for the creation of a closed intranet to store the information of highly-sensitive state figures, judges, and local administration officials, separate from the rest of the state's IT networks.

BBC Russia, who received the full trove of documents, claims there were other older projects for researching other network protocols such as Jabber (instant messaging), ED2K (eDonkey), and OpenFT (enterprise file transfer).

Other files posted on the Digital Revolution Twitter account claimed that the FSB was also tracking students and pensioners.

Firmware Bugs Plague Server Supply Chain, 7 Vendors Impacted

Lenovo, Acer and five additional server manufacturers are hit with supply-chain bugs buried in motherboard firmware.

Organizations expect to boost their cybersecurity investments by 34%

Annual losses from cyberattacks averaged $4.7 million in the last fiscal year — with more than one in 10 firms losing over $10 million —according to a new report from ESI ThoughtLab in conjunction with Willis Towers Watson and other organizations specialized in cybersecurity and risk management. The study covered 467 firms across multiple industries in 17 countries revealing that companies worldwide expect to boost their cybersecurity investments by 34% in the next fiscal year, … More

The post Organizations expect to boost their cybersecurity investments by 34% appeared first on Help Net Security.

Multi-stage attack techniques are making network defense difficult

IT managers are inundated with cyberattacks coming from all directions and are struggling to keep up due to a lack of security expertise, budget and up to date technology, according to Sophos. The survey polled 3,100 IT decision makers from mid-sized businesses in the US, Canada, Mexico, Colombia, Brazil, UK, France, Germany, Australia, Japan, India, and South Africa. Cybercriminals use multiple attack methods and payloads for maximum impact The Sophos survey shows how attack techniques … More

The post Multi-stage attack techniques are making network defense difficult appeared first on Help Net Security.