Category Archives: Don’t miss

Three reasons employee monitoring software is making a comeback

Companies are increasingly implementing employee and user activity monitoring software to: Ensure data privacy Protect intellectual property and sensitive data from falling into the wrong hands Stop malicious or unintentional data exfiltration attempts Find ways to optimize processes and improve employee productivity. Modern user activity monitoring software is incredibly flexible, providing companies with the insights they need while offering the protection they demand. By examining three prominent use cases, it’s evident that employee monitoring software … More

The post Three reasons employee monitoring software is making a comeback appeared first on Help Net Security.

Machine learning fundamentals: What cybersecurity professionals need to know

In this Help Net Security podcast, Chris Morales, Head of Security Analytics at Vectra, talks about machine learning fundamentals, and illustrates what cybersecurity professionals should know. Here’s a transcript of the podcast for your convenience. Hi, this is Chris Morales and I’m Head of Security Analytics at Vectra, and in this Help Net Security podcast I want to talk about machine learning fundamentals that I think we all need to know as cybersecurity professionals. AI … More

The post Machine learning fundamentals: What cybersecurity professionals need to know appeared first on Help Net Security.

Mozilla will use AI coding assistant to preemptively catch Firefox bugs

Mozilla will start using Clever-Commit, an AI coding assistant developed by Ubisoft, to make the Firefox code-writing process more efficient and to prevent the introduction of bugs in the code. How does Clever-Commit work? “By combining data from the bug tracking system and the version control system (aka changes in the code base), Clever-Commit uses artificial intelligence to detect patterns of programming mistakes based on the history of the development of the software. This allows … More

The post Mozilla will use AI coding assistant to preemptively catch Firefox bugs appeared first on Help Net Security.

Increased appetite for biometrics fueled by speed, security and convenience

The Biometric Consumer Sentiment Survey of more than 1,000 U.S. adults who have experience using biometrics to log into their accounts, reveals an increased appetite for the technology. 70 percent of respondents reported that they would like to expand the use of biometric authentication into the workplace, according to Veridium. Consumers cited speed (35 percent), security (31 percent) and not having to remember passwords (33 percent) as the primary reasons for liking biometric authentication. “The … More

The post Increased appetite for biometrics fueled by speed, security and convenience appeared first on Help Net Security.

Bank of Valletta suspended all operations in wake of cyber attack

Maltese Bank of Valletta (BOV) has been breached by hackers and has temporarily suspended all of its operations to minimize risk and review its systems. The bank shuttered its braches across the island, disabled ATMs, internet and mobile banking and prevented its customers from using BOV cards for effecting payments in stores, hotels, restaurants, etc. What is known about the attack? According to Times of Malta, the attack was detected shortly after the start of … More

The post Bank of Valletta suspended all operations in wake of cyber attack appeared first on Help Net Security.

Trickbot becomes one of the most dangerous pieces of modular malware hitting enterprises

Along with Emotet, Trickbot has become one of the most versatile and dangerous pieces of modular malware hitting enterprise environments. Most recently, its creators have added another dangerous module to it, which allows it to extract and exfiltrate credentials from popular remote access software. Trickbot’s evolution Like Emotet, Trickbot started as a pure banking Trojan but was slowly developed through the years and now has many more additional capabilities. It can: Achieve persistence (through scheduled … More

The post Trickbot becomes one of the most dangerous pieces of modular malware hitting enterprises appeared first on Help Net Security.

Most companies anticipate a critical breach in 2019, CISOs need to prioritize threats

80 percent of IT business leaders anticipate a critical breach or successful cyberattack over the coming year, according to the Cyber Risk Index (CRI), a Trend Micro survey of more than 1,000 IT security professionals in the United States. The CRI survey was conducted to measure business risk based on the difference between organizations’ current security posture and their likelihood of attack, with the goal of helping CISOs and their teams better assess, protect, detect, … More

The post Most companies anticipate a critical breach in 2019, CISOs need to prioritize threats appeared first on Help Net Security.

Snapd flaw gives attackers root access on Linux systems

A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus – may allow a local attacker to obtain administrator privileges, i.e., root access and total control of the system. About Snapd Snapd is a service used to deliver, update and manage apps (in the form of snap packages) on Linux distributions. “This service is installed automatically in Ubuntu … More

The post Snapd flaw gives attackers root access on Linux systems appeared first on Help Net Security.

February 2019 Patch Tuesday: PrivExchange hole plugged

For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe Flash security update (ADV190003, which carries a fix for CVE-2019-7090, an information disclosure flaw in Adobe Flash Player), and the latest servicing stack updates (ADV990001). Previously disclosed and exploited vulnerabilities “Two vulnerabilities were publicly disclosed previous to today’s releases,” notes Greg Wiseman, senior security researcher for Rapid7. “CVE-2019-0686, … More

The post February 2019 Patch Tuesday: PrivExchange hole plugged appeared first on Help Net Security.

SMBs spending a day each week dealing with cybersecurity issues

Almost half of UK small to medium-sized businesses (SMBs) believe a cyberattack would put their business at risk of closure, and 48 per cent of businesses report they have had to deprioritise activities that would help grow their business to address cybersecurity, a new research from Webroot reveals. The report, titled “Size Does Matter,” details the challenging climate for UK SMBs in a time of rapid political, economic and social change. Second only to Brexit, … More

The post SMBs spending a day each week dealing with cybersecurity issues appeared first on Help Net Security.

Nearly two-thirds of organizations say tech skills gap is impacting IT audits

Technologies such as AI are reshaping the future of IT auditors, but auditors are largely optimistic about the future, according to new research from ISACA. In the Future of IT Audit, the results of a survey of more than 2,400 IT auditors worldwide, 92 percent of IT auditors responded that they are optimistic about how technology will impact them professionally over the next five years. Nearly 8 in 10 say their IT audit team has … More

The post Nearly two-thirds of organizations say tech skills gap is impacting IT audits appeared first on Help Net Security.

Hackers hit VFEmail, wipe US servers and backups

Unknown attackers have breached the servers of VFEmail and have wiped disks on every one of its US-based servers, the email provider has confirmed. At this time, the attacker has formatted all the disks on every server. Every VM is lost. Every file server is lost, every backup server is lost. NL was 100% hosted with a vastly smaller dataset. NL backups by the provideer were intact, and service should be up there. — VFEmail.net … More

The post Hackers hit VFEmail, wipe US servers and backups appeared first on Help Net Security.

RunC container escape flaw enables root access to host system

A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged runC container, allowing the attacker to gain root access on the underlying host system. RunC is the container runtime underneath infrastructure and engines such as Docker, CRI-O, containerd, Kubernetes, etc. About the vulnerability (CVE-2019-5736) CVE-2019-5736 was reported by researchers Adam Iwaniuk and Borys Popławski to runC maintainers, … More

The post RunC container escape flaw enables root access to host system appeared first on Help Net Security.

Security wellness takes more than a fad diet

Every year, millions of people make the same New Year’s resolution: to lose weight and improve health. But by February, a mere thirty days or so into the year, stats show 75 percent of us have fallen off the wagon. The pitfalls are many, whether the resolution is vague and broad, or we neglect to set measurable goals and regular check-ins, or perhaps we’re just not really ready for change. Achieving a true state of … More

The post Security wellness takes more than a fad diet appeared first on Help Net Security.

Is 2019 the year national privacy law is established in the US?

Data breaches and privacy violations are now commonplace. Unfortunately, the consequences for US companies involved can be complicated. A company’s obligation to a person affected by a data breach depends in part on the laws of the state where the person resides. A person may be entitled to free credit monitoring for a specified period of time or may have the right to be notified of the breach sooner than somebody living in another state. … More

The post Is 2019 the year national privacy law is established in the US? appeared first on Help Net Security.

88% of UK businesses breached during the last 12 months

The UK’s cyber threat environment is intensifying. Attacks are growing in volume, and the average number of breaches has increased, according to Carbon Black. Key survey research findings: 88% of UK organizations reported suffering a breach in the last 12 months The average number of breaches per organization over the past year was 3.67 87% of organizations have seen an increase in attack volumes 89% of organizations say attacks have become more sophisticated 93% of … More

The post 88% of UK businesses breached during the last 12 months appeared first on Help Net Security.

People still shocked by how easy it is to track someone online

Netflix’s hit series You, has got people discussing their online privacy and traceability. However, McAfee, the device-to-cloud cybersecurity company, discovered less than a fifth (17%) of Brits who lost or had their phone stolen (43%) made any attempt to prevent criminals from accessing data stored on the device or in the cloud. Only 17% said they remotely locked or changed passwords and a mere 12% remotely erased data from the lost or stolen device to … More

The post People still shocked by how easy it is to track someone online appeared first on Help Net Security.

BEC-style attacks exploded in Q4 2018

Email remains the top vector for malware distribution and phishing, while BEC fraud continues to grow rapidly, Proofpoint warns in its Q4 2018 Threat Report. “The number of email fraud attacks against targeted companies increased 226% Quarter-on-Quarter and 476% vs. Q4 2017,” the company pointed out. “On average, companies targeted by BEC received about 120 fraudulent emails in the fourth quarter of the year, up from 36 in Q3 2018 and up from 21 in … More

The post BEC-style attacks exploded in Q4 2018 appeared first on Help Net Security.

Product showcase: Veriato Cerebral user & entity behavior analytics software

When it comes to identifying and stopping insider data security threats, actionable insights into people’s behaviors are invaluable. Employees involved in negative workplace events, contractors with access to critical systems and sensitive data, and departing employees all present elevated risks. Whether it’s a true insider exfiltrating data, or hackers leveraging compromised credentials to become an insider, behavior patterns can indicate both emerging and immediate risks to your security. Veriato Cerebral user & entity behavior analytics … More

The post Product showcase: Veriato Cerebral user & entity behavior analytics software appeared first on Help Net Security.

How can we improve adoption and ROI on security investments?

Traditionally, whenever employees are required to interact with security solutions, they push back because they don’t want their lives to be made more complicated with extra procedures and, essentially, clicks. Human behavior dictates that if there’s a tech roadblock, users will find a way around it to get their jobs done. In light of these work arounds, organizations often struggle to quantify how to reduce risk and improve compliance, which makes it harder to prove … More

The post How can we improve adoption and ROI on security investments? appeared first on Help Net Security.

Zero trust browsing: Protect your organization from its own users

To the casual observer, the cyberattack landscape is constantly shifting. In recent years, the threats and scams have evolved from Nigerian princes to stranded travelers, pop-ups warning of outdated software to ransomware, cryptojacking, phishing and spear phishing. Predictions for 2019 are full of dire warnings about the very-real explosion of phishing, backed by geometric increases in phishing sites as the number of malware sites drops. Just as 2018 predictions focused on cryptojacking and ransomware were … More

The post Zero trust browsing: Protect your organization from its own users appeared first on Help Net Security.

There’s a growing disconnect between data privacy expectations and reality

There is a growing disconnect between how companies capitalize on customer data and how consumers expect their data to be used, according to a global online survey commissioned by RSA Security. Consumer backlash in response to the numerous high-profile data breaches in recent years has exposed one of the hidden risks of digital transformation: loss of customer trust. According to the study, which surveyed more than 6,000 adults across France, Germany, the United Kingdom and … More

The post There’s a growing disconnect between data privacy expectations and reality appeared first on Help Net Security.

Average DDoS attack volumes grew by 194% in 12 months

The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key findings of Link11’s Q4 DDoS report include: Average attack volumes grew by 194% in 12 months: In Q4 2018, average … More

The post Average DDoS attack volumes grew by 194% in 12 months appeared first on Help Net Security.

Adiantum: A new encryption scheme for low-end Android devices

Google has created an alternative disk and file encryption mode for low-end Android devices that don’t have enough computation power to use the Advanced Encryption Standard (AES). About Adiantum For the new encryption scheme, dubbed Adiantum, Google used existing standards, ciphers and hashing functions, but combined them in a more efficient way. Paul Crowley and Eric Biggers from the Android Security & Privacy Team noted that they have high confidence in the security of the … More

The post Adiantum: A new encryption scheme for low-end Android devices appeared first on Help Net Security.

Apple fixes FaceTime eavesdropping bug, two iOS zero-days

Apple has pushed out critical security updates for iOS and macOS, which fix the “Facepalm” FaceTime eavesdropping bug but also two zero-day flaws that, according to Google researchers, have been exploited in the wild. Fixed vulnerabilities The Facepalm bug (CVE-2019-6223) affects FaceTime Groups both on iOS and macOS, and was discovered by Grant Thompson, a high schooler from Arizona. After the existence of the flaw and demontration videos of its exploitation were made public, Apple … More

The post Apple fixes FaceTime eavesdropping bug, two iOS zero-days appeared first on Help Net Security.

New infosec products of the week: February 8, 2019

Masergy launches Secure Wi-Fi and extends protection into the customer LAN Masergy has launched Masergy Secure Wi-Fi as the latest feature in the ongoing evolution of the company’s Secure Hybrid Networking offering. The new capability delivers swift and secure enterprise-grade wireless network access to both high- and low-density areas including retail and corporate environments. Mitsubishi Electric develops security technology to detect attacks on equipment sensors Mitsubishi Electric announced that it has developed what is believed … More

The post New infosec products of the week: February 8, 2019 appeared first on Help Net Security.

Mild to medium volume expected for February 2019 Patch Tuesday

If you look at the recent Patch Tuesday lineups, we have seen the usual updates for the Microsoft Windows OS, browsers, and Office. In the last two months we have seen updates for .Net Framework and in the last four months we have seen updates for Exchange Server. For non-Microsoft updates we have a pre-notification from Adobe, but Oracle released their CPU in January and both Chrome and Firefox just released at the end of … More

The post Mild to medium volume expected for February 2019 Patch Tuesday appeared first on Help Net Security.

DevOps and DevSecOps developments to watch in 2019

Some predictions are more accurate than others. Last year, I was sure that serverless would finally overtake containers—but then 2018 turned out to be the year of Kubernetes. In the San Francisco Bay Area, you couldn’t throw a rock without hitting an engineer talking about Kubernetes (or cryptocurrency, but let’s not go there.) That’s not stopping me from offering a fresh batch of hot-off-the-press predictions about DevOps and DevSecOps for 2019. It’s finally the year … More

The post DevOps and DevSecOps developments to watch in 2019 appeared first on Help Net Security.

Infosec pros believe data isn’t secure in the cloud, despite desire for mass adoption

65 percent of infosecurity professionals would like to store object data in the cloud, but 47 percent either don’t believe or are not sure if data in the cloud is as secure as in their own data center, according to a study by Ponemon Institute. The study looks at perceptions around on-premise and cloud-based data storage technologies across 483 IT and IT security professionals familiar with the benefits of object storage technology. The primary reasons … More

The post Infosec pros believe data isn’t secure in the cloud, despite desire for mass adoption appeared first on Help Net Security.

How today’s workforce stays secure and what apps it prefers

User-focused security apps KnowBe4, LastPass, and Proofpoint dominate the list of fastest growing apps within enterprises, according to Okta. “KnowBe4 in particular is fulfilling a clear market need: less than half of survey respondents have ever participated in cybersecurity training at work,” the company noted in its latest Businesses @ Work report, which is based on data collected between November 1, 2017 to October 31, 2018 from its Okta Integration Network. Most popular apps Microsoft … More

The post How today’s workforce stays secure and what apps it prefers appeared first on Help Net Security.

What do successful pentesting attacks have in common?

In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast majority of companies, there were multiple vectors in which an attacker could reach the internal network. Full control of infrastructure was obtained on all tested systems in internal pentesting. In addition, the testers obtained access to critical resources such as ICS equipment, SWIFT transfers, and ATM management. These statistics are based on … More

The post What do successful pentesting attacks have in common? appeared first on Help Net Security.

Lookalike domains: Artificial intelligence may come to the rescue

In the world of network security, hackers often use lookalike domains to trick users to unintended and unwanted web sites, to deliver malicious software into or to send data out of victim’s network, taking advantage of the fact that it’s hard to tell the difference between those domains and the targets they look alike. For example, in a recent card skimming malware attack, domain google-analyitics.org was used to receive collected payment card data (there is … More

The post Lookalike domains: Artificial intelligence may come to the rescue appeared first on Help Net Security.

Malicious macros can trigger RCE in LibreOffice, OpenOffice

Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and moving their mouse over it, a security researcher has found. About CVE-2018-16858 CVE-2018-16858 takes advantage of a LibreOffice feature where documents can specify that pre-installed macros can be executed on various document events (e.g. mouse-over-object). “Prior to 6.0.7/6.1.3 LibreOffice was vulnerable to a directory traversal attack where it was … More

The post Malicious macros can trigger RCE in LibreOffice, OpenOffice appeared first on Help Net Security.

The problem with vulnerable IoT companion apps

There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many of those devices and their companion apps is not encrypted. The research A group of researchers from Brazil’s Federal University of Pernambuco and the University of Michigan have analyzed 32 unique companion Android apps for 96 WiFi and Bluetooth-enabled devices popular on Amazon. They searched for answers to the … More

The post The problem with vulnerable IoT companion apps appeared first on Help Net Security.

Google’s new Chrome extension flags insecure passwords

As the number of compromised and leaked credentials rises inexorably with each passing day, Google has decided to help users choose safe combinations for all their online accounts. To that end, the company has released a new Chrome extension called Password Checkup. About Password Checkup Once installed, Password Checkup appears in the browser bar. It springs into action when the user uses a username/password combination that is one of over 4 billion that Google knows … More

The post Google’s new Chrome extension flags insecure passwords appeared first on Help Net Security.

5 reasons why asset management is a hot topic in 2019

Sometimes buzzwords are good predictors of what organizations see as priorities in a given year. If you surveyed both the revenue-generating and security functions of enterprises in 2019, you would hear two terms often repeated: digital transformation and zero trust. While the two terms may seem at linguistic odds, the idea that organizations must embrace the digital age to drive growth and operate more efficiently while simultaneously maintaining adequate information security makes sense. It won’t … More

The post 5 reasons why asset management is a hot topic in 2019 appeared first on Help Net Security.

70 real-life hackers and cybersecurity practitioners share their personal insights

Entering the information security industry can be a formidable undertaking and renowned professionals often seem larger than life and unapproachable (even though most are on Twitter and their email address is public). Luckily for us all, Marcus J. Carey and Jennifer Jin have the ear of some of the biggest names in the field and have decided to generously share that access. Their book Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the … More

The post 70 real-life hackers and cybersecurity practitioners share their personal insights appeared first on Help Net Security.

RSA Conference announces finalists for Innovation Sandbox Contest 2019

RSA Conference announced the 10 finalists for its annual RSAC Innovation Sandbox Contest. The competition is dedicated to providing innovative startups a platform to showcase their groundbreaking technologies that have the potential to transform the information security industry. Past winners include companies such as Phantom, Invincea, UnifyID and, most recently, BigID. Dr. Herbert (Hugh) Thompson On Monday, March 4, the Top 10 finalists listed below will present a three-minute quick-pitch followed by Q&A with a … More

The post RSA Conference announces finalists for Innovation Sandbox Contest 2019 appeared first on Help Net Security.

Why vaporworms might be the scourge of 2019

Not too long ago, the WatchGuard Threat Lab predicted the emergence of vaporworms as a major new cyber threat that will affect organizations of all sizes in 2019. We coined the term to describe a new breed of fileless malware with self-propagating, wormlike properties. At the time of the initial prediction, our team was fairly sure this idea was more than conjecture, but now the advent of the vaporworm in 2019 seems to be an … More

The post Why vaporworms might be the scourge of 2019 appeared first on Help Net Security.

AI won’t solve all of our cybersecurity problems

AI is already supporting businesses with tasks ranging from determining marketing strategies, to driverless cars, to providing personalized film and music recommendations. And its use is expected to grow even further in the coming years. In fact, IDC found that spending on cognitive and AI systems will reach $77.6 billion in 2022, more than three times the $24.0 billion forecast for 2018. But the question remains – can businesses expect AI adoption to effectively protect … More

The post AI won’t solve all of our cybersecurity problems appeared first on Help Net Security.

eBook: The DevOps Roadmap for Security

DevOps is concerned with uniting two particular tribes: development and operations. These tribes have seemingly competing priorities: developers value features while operations value stability. These contradictions are largely mitigated by DevOps. A strong argument could be made that the values of the security tribe – defensibility – could just as easily be brought into the fold, forming a triumvirate under the DevSecOps umbrella. The security tribe’s way forward is to find ways to unify with … More

The post eBook: The DevOps Roadmap for Security appeared first on Help Net Security.

Four differences between the GDPR and the CCPA

By passing the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, the Golden State is taking a major step in the protection of consumer data. The new law gives consumers insight into and control of their personal information collected online. This follows a growing number of privacy concerns around corporate access to and sales of personal information with leading tech companies like Facebook and Google. The bill was signed by … More

The post Four differences between the GDPR and the CCPA appeared first on Help Net Security.

RSA Conference 2019 USA: What you can expect at this year’s event

It’s that time of year: RSA Conference 2019 USA is a little over a month away. To prepare, we asked Britta Glade, Director of Content and Curation for RSA Conference, to tell us more about this year’s event. Read our Q&A for more on what’s in store at the world’s largest gathering of information security professionals. What have been the major security developments in the past year, and how have these informed the conference agenda … More

The post RSA Conference 2019 USA: What you can expect at this year’s event appeared first on Help Net Security.

Most Magento shops get compromised via vulnerable extensions

Vulnerable third party extensions (modules) are now the main source of Magento hacks, says security researcher and Magento forensics investigator Willem de Groot. “The method is straightforward: attacker uses an extension bug to hack into a Magento store. Once in, they download all of the other installed extensions. The attacker then searches the downloaded code for 0day security issues, such as POI, SQLi and XSS flaws. Once found, the attacker launches a global scan to … More

The post Most Magento shops get compromised via vulnerable extensions appeared first on Help Net Security.

Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users

5G cellular mobile communications, when implemented, are expected to provide high bandwidth, low latency, energy savings, better connectivity, but security and privacy must also be assured. The security challenges are many but, luckily for us all, researchers are already probing the draft standard for weaknesses. Much of the research has focused on the security and privacy of 5G AKA, the Authenticated Key Exchange standardized by the 3rd Generation Partnership Project (3GPP) for 5G. A new, … More

The post Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users appeared first on Help Net Security.

Safeguarding your data from human error and phishing attacks with the cloud

This is the third article of a series, the first article is available here, and the second one is here. In a world of ransomware attacks, companies should prepare for the worst-case scenario by having smart backup strategies in place to mitigate any potential damage. The public cloud ensures that your information is always backed up and encrypted. Encrypting backup files in the cloud adds an extra layer of protection against unwelcome external parties. Unlike … More

The post Safeguarding your data from human error and phishing attacks with the cloud appeared first on Help Net Security.

Is your organization ready for the data explosion?

“Data is the new oil” and its quantity is growing at an exponential rate, with IDC forecasting a 50-fold increase from 2010 to 2020. In fact, by 2020, it’s estimated that new information generated each second for every human being will approximate to 1.7 megabytes. This creates bigger operational issues for organizations, with both NetOps and SecOps teams grappling to achieve superior performance, security, speed and network visibility. This delicate balancing act will become even … More

The post Is your organization ready for the data explosion? appeared first on Help Net Security.

Employees report 23,000 phishing incidents annually, costing $4.3 million to investigate

Account takeover-based (ATO) attacks now comprise 20 percent of advanced email attacks, according to Agari’s Q1 2019 Email Fraud & Identity Deception Trends report. ATO attacks are dangerous because they are more difficult to detect than traditional attacks – compromised accounts seem legitimate to email filters and end users alike because they are sent from a real sender’s email account. “Credential phishing was already a huge risk for organizations because of the potential for data … More

The post Employees report 23,000 phishing incidents annually, costing $4.3 million to investigate appeared first on Help Net Security.

New Mac malware steals cookies, cryptocurrency and computing power

A new piece of Mac malware is looking to steal both the targets’ computing power and their cryptocurrency stash, Palo Alto Networks researchers warn. About the CookieMiner malware Dubbed CookieMiner on account of its cookie-stealing capabilities, this newly discovered malware is believed to be based on DarthMiner, another recently detected Mac malware that combines the EmPyre backdoor and the XMRig cryptominer. Like DarthMiner, CookieMiner uses the EmPyre backdoor for post-exploitation control. This agent checks if … More

The post New Mac malware steals cookies, cryptocurrency and computing power appeared first on Help Net Security.

Google also abused its Apple developer certificate to collect iOS user data

It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of Apple’s rules for the distribution program. Unlike Facebook, though, the company did not wait for Apple to revoke their certificate. Instead, they quickly to disabled the app on iOS devices, admitted their mistake and extended a public apology to Apple. Google’s app Google’s Screenwise Meter app is very similar … More

The post Google also abused its Apple developer certificate to collect iOS user data appeared first on Help Net Security.

Taking ethical action in identity: 5 steps for better biometrics

Glance at your phone. Tap a screen. Secure access granted! This is the power of biometric identity at work. The convenience of unlocking your phone with a fingertip or your face is undeniable. But ethical issues abound in the biometrics field. The film Minority Report demonstrated one possible future, in terms of precise advertising targeting based on a face. But the Spielberg film also demonstrated some of the downsides of biometrics – the stunning lack … More

The post Taking ethical action in identity: 5 steps for better biometrics appeared first on Help Net Security.

Microsoft rolls out new tools for enterprise security and compliance teams

Microsoft has announced a number of new capabilities and improvements for tools used by enterprise administrators. New Microsoft 365 security and compliance centers The new Microsoft 365 security center allows security administrators and other risk management professionals to manage and take full advantage of Microsoft 365 intelligent security solutions for identity and access management, threat protection, information protection, and security management. The new Microsoft 365 compliance center allows compliance, privacy, and risk management professionals to … More

The post Microsoft rolls out new tools for enterprise security and compliance teams appeared first on Help Net Security.

Facebook to shut down iOS app that allowed for near total data access

When Apple banned its Onavo VPN app from its App Store last summer, Facebook took repackaged the app, named it “Facebook Research” and offered it for download through three app beta testing services, TechCrunch has discovered. About the Facebook Research app Facebook used the Onavo app to collect the aforementioned data of both Android and iOS users and, based on the information gleaned from it, made decisions to acquire competing apps and add popular features … More

The post Facebook to shut down iOS app that allowed for near total data access appeared first on Help Net Security.

Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65

Mozilla has released Firefox 65, which includes enhanced, configurable protection against online tracking. The organization has also published an official anti tracking policy that effectively maps out the direction which its popular browser will take when it comes to blocking online tracking. Enhanced Tracking Protection controls Firefox 65 carries a number of improvements and various security fixes, but the one that gets most attention is enhanced tracking protection through simplified content blocking settings. Users can … More

The post Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65 appeared first on Help Net Security.

Enterprises are struggling with cloud complexity and security

The rush to digital transformation is putting sensitive data at risk for organizations worldwide according to the 2019 Thales Data Threat Report – Global Edition with research and analysis from IDC. As organizations embrace new technologies, such as multi-cloud deployments, they are struggling to implement proper data security. Greatest data security threats “Our research shows that no organization is immune from data security threats and, in fact, we found that the most sophisticated organizations are … More

The post Enterprises are struggling with cloud complexity and security appeared first on Help Net Security.

Critical FaceTime bug turns iPhones, Macs into eavesdropping tools

A shocking and easily exploitable FaceTime bug allows people to listen in on other users of Apple devices by simply calling them through the service. The bug apparently affects Group FaceTime and Apple has reacted by making the service unavailable until they can push out a fix. Exploitation of the FaceTime bug The bug was first reported by 9to5Mac and then replicated and confirmed by others. The gist of it is this: it allows the … More

The post Critical FaceTime bug turns iPhones, Macs into eavesdropping tools appeared first on Help Net Security.

Emotet: A veritable Swiss Army knife of malicious capabilities

Formerly just a banking Trojan, Emotet is now one of the most dangerous and multifaceted malware out there. According to Malwarebytes, it and Trickbot are part of the reason why Trojans topped their list of most common business detections in 2018. Emotet’s capabilities Emotet’s initial incarnation dates back to 2014 but, in the intervening years, it has become a veritable Swiss Army knife of malicious capabilities. It can: Download additional malware (often Trickbot) Collect information … More

The post Emotet: A veritable Swiss Army knife of malicious capabilities appeared first on Help Net Security.

ENISA outlines top cyber threats and trends in 2018

In 2018, the cyber threat landscape changed significantly. The most important threat agent groups, namely cyber-criminals and state-sponsored actors have further advanced their motives and tactics. Monetisation motives contributed to the appearance of crypto-miners in the top 15 cyber threats. Advances in defence have also been assessed: law enforcement authorities, governments and vendors were able to further develop active defence practices such as threat agent profiling and the combination of cyber threat intelligence (CTI) and … More

The post ENISA outlines top cyber threats and trends in 2018 appeared first on Help Net Security.

Industry reactions to Data Privacy Day 2019

The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Privacy Day is observed annually on Jan. 28. Cindy Provin, CEO, nCipher Security These high profile policy developments are sending a signal that the days of using personal data for commercial advantage … More

The post Industry reactions to Data Privacy Day 2019 appeared first on Help Net Security.

How to know when you’re ready for a fractional CISO

Many companies eventually find themselves in the following situation: they’re growing, their technology, infrastructure and teams are expanding, perhaps a M&A is on the horizon, and the board is asking pointed questions about security. It’s usually at this point that a business starts to notice fissures in the walls of what once felt like a tightly locked structure. New challenges in operations, culture, and security begin to arise. Inevitably, when a company hits this phase … More

The post How to know when you’re ready for a fractional CISO appeared first on Help Net Security.

How accepting that your network will get hacked will help you develop a plan to recover faster

As anyone in the network security world will tell you, it is an extremely intense and stressful job to protect the corporate network from ever-evolving security threats. For a security team, a 99 percent success rate is still a complete failure. That one time a hacker, piece of malware, or DDoS attack brings down your organization’s network (or network availability) is all that matters. It’s even more frustrating when you consider that the proverbial ‘bad … More

The post How accepting that your network will get hacked will help you develop a plan to recover faster appeared first on Help Net Security.

Webinar: Automate compliance audits without the staff

With so many consequential data breaches in the past decade, data security and privacy are top of mind issues for security leaders and corporate boards. Numerous government and industry regulations like HIPAA, PCI, GDPR, and FERPA are designed to focus attention on securing data and keeping personal information private. Agile and DevOps development models are moving too quickly for manual security assurance and compliance validation. Join Data Theorem Thursday, January 31st @ 11:00am PST to … More

The post Webinar: Automate compliance audits without the staff appeared first on Help Net Security.

Vulnerable cloud infrastructure experiencing increasing attacks

Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn. Some attacks are fairly trivial, but others are multi-vector/multi-platform threats where multiple functionalities are combined as part of the same malicious threat (e.g., XBash, which combines cryptomining, ransomware and botnet/worm activity). The way in The attacks are automated and probe the infrastructure and cloud services for vulnerabilities and/or weak or default login credentials. Among the … More

The post Vulnerable cloud infrastructure experiencing increasing attacks appeared first on Help Net Security.

Researcher warns of privilege escalation flaw in Check Point ZoneAlarm

Illumant researcher Chris Anastasio has discovered a serious vulnerability in Check Point’s security software. It affects ZoneAlarm Free Firewall and ZoneAlarm Free Antivirus + Firewall and, if exploited, it may allow a malicious user with low privilege access to escalate privileges to SYSTEM level. WCF and self-signed code in the spotlight The vulnerability is due to insecure implementation of services developed using Windows Communication Foundation or “WCF.” It targets a .NET service in ZoneAlarm that … More

The post Researcher warns of privilege escalation flaw in Check Point ZoneAlarm appeared first on Help Net Security.

New infosec products of the week: January 25, 2019

Threat Stack announces new API for streamlined DevOps and security workflows The new API will allow for the suppression and dismissal of alerts from existing tools, streamlining incident response workflows and reducing the mean time to response (MTTR). The ability to disable and enable rules will also enable Threat Stack customers to conduct system maintenance without interrupting DevOps and security teams or increasing the number of false positive alerts. Cohesity backup solution prevents, detects, and … More

The post New infosec products of the week: January 25, 2019 appeared first on Help Net Security.

83% of global respondents experienced phishing attacks in 2018

Proofpoint analyzed data from tens of millions of simulated phishing attacks sent over a one-year period, along with nearly 15,000 cybersecurity professional survey responses, to provide an in-depth look at state of global phishing attacks. Overall, 83 percent of global infosecurity respondents experienced phishing attacks in 2018, up from 76 percent in 2017, and nearly 60 percent saw an increase in employee detection following security awareness training. In addition, more organizations were affected by all … More

The post 83% of global respondents experienced phishing attacks in 2018 appeared first on Help Net Security.

The most effective security strategies to guard sensitive information

Today’s enterprise IT infrastructures are not largely hosted in the public cloud, nor are they SaaS-based, with security being the single largest barrier when it comes to cloud and SaaS adoption. With the recent rise in breaches and privacy incidents, enterprises are prioritizing the protection of their customers’ personally identifiable information, according to Ping Identity. Most infrastructure is hybrid Less than one quarter (21%) of IT and security professionals say that more than one half … More

The post The most effective security strategies to guard sensitive information appeared first on Help Net Security.

PHP PEAR supply chain attack: Backdoor added to installer

Some additional details have emerged about the recent security breach involving the PHP PEAR (PHP Extension and Application Repository) webserver, but much is still unknown. What happened? The PEAR project maintains a system for distributing PHP software code and for managing free code libraries (aka packages) written in the popular programming language. On Saturday, the project’s site (located at pear.php.net) has been temporarily disabled and visitors were pointed towards a short warning saying that anyone … More

The post PHP PEAR supply chain attack: Backdoor added to installer appeared first on Help Net Security.

Cisco fixes security holes in SD-WAN, Webex, Small Business routers

Cisco has fixed a heap of security holes in a variety of its products, including a critical one affecting its SD-WAN Solution. Cisco SD-WAN vulnerabilities The most critical among the flaws fixed are a buffer overflow vulnerability (CVE-2019-1651) and a high risk unauthorized access flaw (CVE-2019-1647) affecting any Cisco vSmart Controller Software versions running a release of the Cisco SD-WAN Solution prior to 18.4.0. CVE-2019-1651 could be exploited by sending a malicious file to an … More

The post Cisco fixes security holes in SD-WAN, Webex, Small Business routers appeared first on Help Net Security.

Branching out more efficiently and securely with SD-WAN

As enterprises expand, through organic growth or acquisition, they need to support the IT needs of more distributed locations. These often include teams in shared office spaces versus enterprise-owned or leased facilities. To serve remote locations and users, enterprises are rapidly moving toward cloud-based applications including Unified Communications as a Service (UCaaS). As always, IT teams are under pressure to contain costs and are turning to Software Defined Wide Area Networks (SD-WAN) to play a … More

The post Branching out more efficiently and securely with SD-WAN appeared first on Help Net Security.

Reimagining risk management to mitigate looming economic dangers

In a volatile market environment and with the edict to “do more with less,” many financial institutions are beginning efforts to reengineer their risk management programs, according to a new survey by Deloitte Global, with emerging technologies in the driver’s seat. Seventy percent of the financial services executives surveyed said their institutions have either recently completed an update of their risk management program or have one in progress, while an additional 12 percent said they … More

The post Reimagining risk management to mitigate looming economic dangers appeared first on Help Net Security.

Apple delivers security patches, plugs an RCE achievable via FaceTime

Apple has released a new set of updates for its various products, plugging a wide variety of vulnerabilities. WatchOS, tvOS, Safari and iCloud Let’s start with “lightest” security updates: iCloud for Windows 7.10 brings fixes for memory corruption, logic and type confusion issues in the WebKit browser engine, all of which can be triggered via maliciously crafted web content and most of which may lead to arbitrary code execution. The update also carries patches for … More

The post Apple delivers security patches, plugs an RCE achievable via FaceTime appeared first on Help Net Security.

0patch releases micropatch for Windows Contacts RCE zero-day

ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch Security researcher John Page (aka Hyp3rlinx) published the details about the vulnerability and PoC exploit code after Microsoft failed to fix the issue within 90 days of it being reported. “The issue was initially reported as related to VCF files (which are by default associated with the Windows Contacts application) … More

The post 0patch releases micropatch for Windows Contacts RCE zero-day appeared first on Help Net Security.

Industry reactions to Google’s €50 million GDPR violation fine

On 21 January 2019, the French National Data Protection Commission (CNIL) imposed a financial penalty of €50 million against Google, in accordance with the GDPR. This is the first time that the CNIL applies the new sanction limits provided by the GDPR. The amount decided and the publicity of the fine are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent. Here are some reactions … More

The post Industry reactions to Google’s €50 million GDPR violation fine appeared first on Help Net Security.

Business resilience should be a core company strategy, so why are businesses struggling to take action?

A recent survey showed that only 51% of U.S. business decision makers say their organization is definitely as resilient as it needs to be against disruptions such as cyber threats. In addition, the survey showed that 96% of U.S. business decision makers claim business resilience should be a core company strategy. If 96% of business decision makers realize this, why are organizations still struggling to protect themselves against cybercrime and technology-based disruption? IT teams face … More

The post Business resilience should be a core company strategy, so why are businesses struggling to take action? appeared first on Help Net Security.

Agents of disruption: Four testing topics argue the case for agentless security

Let me introduce myself. I’m a set of flaws in your otherwise perfect, agent-based security world. Like all disruptive agents, I derail your best-laid plans with expensive havoc; but in my case I create sticky situations inside your multi-cloud arrangement. You may be thinking that the premise of this article is bogus, because most cloud-based security systems automate the deployment and management of agents; and any one of those and their kid can microsegment and … More

The post Agents of disruption: Four testing topics argue the case for agentless security appeared first on Help Net Security.

SSDP amplification attacks rose 639%

The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison between normal attack traffic and attack traffic with legitimate traffic This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack traffic across hundreds of IP addresses to evade detection. The ongoing evolution of DDoS methods suggests that CSPs need to enhance their network security … More

The post SSDP amplification attacks rose 639% appeared first on Help Net Security.

Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution

A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to compromise them without user interaction. The research and the discovered flaws The discovery was made by Embedi researcher Denis Selianin, who decided to first analyze the code of the Marvell Avastar Wi-Fi driver code, which loads firmware to Wi-Fi SoC (system on chip), and then to engage in … More

The post Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution appeared first on Help Net Security.

Beware the man in the cloud: How to protect against a new breed of cyberattack

One malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the need to obtain compromised user credentials beforehand. Below, this article explains the anatomy of MitC attacks and offers practical advice about what can be done to defend against them. What is MitC attack? To gain access to cloud accounts, MitC attacks take advantage of the … More

The post Beware the man in the cloud: How to protect against a new breed of cyberattack appeared first on Help Net Security.

Machine learning trumps AI for security analysts

While machine learning is one of the biggest buzzwords in cybersecurity and the tech industry in general, the phrase itself is often overused and mis-applied, leaving many to have their own, incorrect definition of what machine learning actually is. So, how do you cut through all the noise to separate fact from fiction? And how can this tool be best applied to security operations? What is machine learning? Machine learning (ML) is an algorithm that … More

The post Machine learning trumps AI for security analysts appeared first on Help Net Security.

Cybercrime could cost companies trillions over the next five years

Companies globally could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, according to Accenture. Based on a survey of more than 1,700 CEOs and other C-suite executives around the globe, the report — Securing the Digital Economy: Reinventing the Internet for Trust — explores the complexities of the … More

The post Cybercrime could cost companies trillions over the next five years appeared first on Help Net Security.

Most Facebook users aren’t aware that Facebook tracks their interests

Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their traits and interests, which is then used by to target them with relevant ads. The survey According to the results of a new Pew Research Center surveys, which polled a representative sample of US-based, adult Facebook users: 88% discovered that the site had generated … More

The post Most Facebook users aren’t aware that Facebook tracks their interests appeared first on Help Net Security.

New infosec products of the week: January 18, 2019

XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for technical and business stakeholders to track the release chain of custody across the end-to-end CI/CD toolchain, from code to production. And, with visibility into security and compliance issues, teams can take action to ensure that release failure risks, security vulnerabilities, and IT governance violations are resolved early in the software delivery cycle. ExtraHop … More

The post New infosec products of the week: January 18, 2019 appeared first on Help Net Security.