Category Archives: Don’t miss

FDA plans to improve medical device cybersecurity

The US Food and Drug Administration (FDA) plans to tackle security issues related to medical devices and has released a plan of action it means to implement in the near future. Broadly, plan is as follows: Establish a robust medical device patient safety net in the US Explore regulatory options to streamline and modernize timely implementation of postmarket mitigations; Spur innovation towards safer medical devices; Advance medical device cybersecurity; and Integrate CDRH’s premarket and postmarket … More

The post FDA plans to improve medical device cybersecurity appeared first on Help Net Security.

Expand vulnerability and risk management programs to eliminate security misconfigurations

In this podcast recorded at RSA Conference 2018, Tim White, Director of Product Management, Policy Compliance at Qualys, discusses how expanding vulnerability and risk management programs can eliminate security misconfigurations. Many don’t realize misconfigurations can be exploited just as easily as a vulnerable piece of software to result in compromise. Here’s a transcript of the podcast for your convenience. Hi, my name is Tim White with Qualys. I am the Director of Product Management for … More

The post Expand vulnerability and risk management programs to eliminate security misconfigurations appeared first on Help Net Security.

GDPR: It’s an issue of transparency

The General Data Protection Regulation (GDPR) has been on the lips of security professionals for a long time now – but in just over a month, it will become a reality. While it is easy to get stuck with reviewing the potential fines or setting up efficient security procedures to ensure compliance, many are still overlooking what is at the heart of the regulation: transparency. Getting the bigger picture It goes without saying that transparency … More

The post GDPR: It’s an issue of transparency appeared first on Help Net Security.

Most dangerous attack techniques, and what’s coming next

Experts from SANS presented the five most dangerous new cyber attack techniques in their annual RSA Conference 2018 keynote session in San Francisco, and shared their views on how they work, how they can be stopped or at least slowed, and how businesses and consumers can prepare. The five threats outlined are: 1. Repositories and cloud storage data leakage 2. Big Data analytics, de-anonymization, and correlation 3. Attackers monetize compromised systems using crypto coin miners … More

The post Most dangerous attack techniques, and what’s coming next appeared first on Help Net Security.

IT workforce increasingly overworked and stressed out

45% of IT workers are feeling the pressure of strained technology operations and suffer regular stress in their jobs, according to Chess Cybersecurity. IT staff who said they were stressed out indicated the following: 59% work more than 45 hours a week, 20% more than the ONS’s stated national average of 37.1 hours, hinting at a chronic overworking problem in the sector Six out of 10 lack the resources to do their jobs well Almost … More

The post IT workforce increasingly overworked and stressed out appeared first on Help Net Security.

Energy security pros worry about catastrophic failure due to cyberattacks

70 percent of energy security professionals are concerned that a successful cyberattack could cause a catastrophic failure, such as an explosion, a recent survey has shown. Of the 151 IT and operational technology (OT) security pros at energy and oil and gas companies that were polled, 97 percent are concerned that attacks could cause operational shutdowns, and 96 percent believe they could impact the safety of their employees. Respondents were also asked about their organizations’ … More

The post Energy security pros worry about catastrophic failure due to cyberattacks appeared first on Help Net Security.

When BEC scammers specialize

A group of BEC scammers has been focusing its efforts on the global maritime shipping industry, compromising emails accounts and attempting to trick targets into delivering considerable sums to bank accounts set up by the group. Secureworks researchers have been tracking the group’s activities for quite a while and have been warning the targets. They estimate that between June 2017 and January 2018, the scammers attempted to steal a minimum of $3.9 million U.S. dollars … More

The post When BEC scammers specialize appeared first on Help Net Security.

NIST releases Cybersecurity Framework 1.1

The US Commerce Department’s National Institute of Standards and Technology (NIST) has announced at RSA Conference 2018 the release of version 1.1 of its popular Framework for Improving Critical Infrastructure Cybersecurity, more widely known as the Cybersecurity Framework. The framework was developed with a focus on industries vital to national and economic security, including energy, banking, communications and the defense industrial base. It has since proven flexible enough to be adopted voluntarily by large and … More

The post NIST releases Cybersecurity Framework 1.1 appeared first on Help Net Security.

Cisco plugs critical hole in WebEx, users urged to upgrade ASAP

Cisco has fixed a critical vulnerability in its WebEx videoconferencing software that could be exploited to compromise meeting attendees’ systems by simply opening a booby-trapped Flash file shared in a meeting. About the vulnerability (CVE-2018-0112) The flaw is due to insufficient input validation by the Cisco WebEx clients, and affects Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server. (The Cisco WebEx Business Suite (WBS) meeting services and Cisco WebEx Meetings … More

The post Cisco plugs critical hole in WebEx, users urged to upgrade ASAP appeared first on Help Net Security.

LocalBlox found leaking info on tens of millions of individuals

LocalBlox, a US-based data technology company that “crawls, discovers, extracts, indexes, maps and augments data in a variety of formats from the web and from exchange networks” and ties it all together to create profiles on individuals that contain personal, business and consumer data for marketing purposes, has been found leaking information on tens of millions of individuals. The discovery was made by UpGuard researcher Chris Vickery, who stumbled upon the unsecured Amazon Web Services … More

The post LocalBlox found leaking info on tens of millions of individuals appeared first on Help Net Security.

Researchers propose scheme to secure brain implants

A group of researchers from KU Leuven, Belgium, have proposed a practical security scheme that would allow secure communications between a widely used implantable neurostimulator – an electrical brain implant used to treat a number of medical issues – and its external device programmer. Other researchers have already noted that motivated attackers could find ways to hack brain implants due to their poor or inexistent security, and have pointed out that, while the current risk … More

The post Researchers propose scheme to secure brain implants appeared first on Help Net Security.

New targeted surveillance spyware found on Google Play

A new targeted surveillance app has been found and booted from Google Play. The app, named Dardesh, posed as a chat application and acted as a downloader for a second app that could spy on users. The Dardesh app was spotted and analyzed by Lookout researchers, who dubbed the malware family Desert Scorpion. How was the app delivered to targets? The malicious Dardesh chat app was apparently downloaded and installed by over a hundred users, … More

The post New targeted surveillance spyware found on Google Play appeared first on Help Net Security.

Cryptominers displace ransomware as the number one threat

During the first three months of 2018, cryptominers surged to the top of detected malware incidents, displacing ransomware as the number one threat, Comodo’s Global Malware Report Q1 2018 has found. Another surprising finding: Altcoin Monero became the leading target for cryptominers’ malware, replacing Bitcoin. The surge of cryptominers For years, Comodo Cybersecurity has tracked the rise of cryptominer attacks, malware that hijacks users’ computers to mine cryptocurrencies for the attacker’s profit while remaining hidden … More

The post Cryptominers displace ransomware as the number one threat appeared first on Help Net Security.

Top tech firms pledge not to help governments launch cyberattacks

34 global technology and security companies have pledged not to aid governments launch cyberattacks and to protect all customers regardless of nationality, geography or attack motivation. The Cybersecurity Tech Accord The Cybersecurity Tech Accord is a watershed agreement among the largest-ever group of companies agreeing to defend all customers everywhere from malicious attacks by cybercriminal enterprises and nation-states. The 34 companies include ABB, Arm, Avast, Bitdefender, BT, CA Technologies, Cisco, Cloudflare, Datastax, Dell, DocuSign, Facebook, … More

The post Top tech firms pledge not to help governments launch cyberattacks appeared first on Help Net Security.

Researchers develop algorithm to detect fake users on social networks

Ben-Gurion University of the Negev and University of Washington researchers have developed a new generic method to detect fake accounts on most types of social networks, including Facebook and Twitter. According to their new study in Social Network Analysis and Mining, the new method is based on the assumption that fake accounts tend to establish improbable links to other users in the networks. “With recent disturbing news about failures to safeguard user privacy, and targeted … More

The post Researchers develop algorithm to detect fake users on social networks appeared first on Help Net Security.

Tech-skilled cybersecurity pros in high demand and short supply

The worldwide cybersecurity skills gap continues to present a significant challenge, with 59 percent of information security professionals reporting unfilled cyber/information security positions within their organization, according to ISACA’s new cybersecurity workforce research. The research is the result of polling 2,300+ cybersecurity professionals who hold ISACA’s Certified Information Security Manager (CISM) and/or Cybersecurity Nexus Practitioner (CSXP). Among the concerning trends revealed in part 1 of the ISACA State of Cybersecurity 2018 Report, released today at … More

The post Tech-skilled cybersecurity pros in high demand and short supply appeared first on Help Net Security.

US, UK warn Russians hackers are compromising networking devices worldwide

Russian state-sponsored hackers are targeting network infrastructure devices worldwide, the US Department of Homeland Security (DHS), Federal Bureau of Investigation (FBI), and the United Kingdom’s National Cyber Security Centre (NCSC) have warned on Monday. A joint technical alert published by the organizations says that the targets are “primarily government and private-sector organisations, critical infrastructure providers, and the Internet service providers (ISPs) supporting these sectors.” The attackers are compromising routers, switches, firewalls, Network-based Intrusion Detection System … More

The post US, UK warn Russians hackers are compromising networking devices worldwide appeared first on Help Net Security.

Most US consumers don’t trust companies to keep their data private

While a majority of the US public sees companies’ ability to keep data private as absolutely key, it has little trust in companies to do so. In fact, only 20 percent of them “completely trust” organizations they interact with to maintain the privacy of their data, the results of a recent survey have shown. They are also much more worried about hackers accessing their data than companies using it for purposes they have not agreed … More

The post Most US consumers don’t trust companies to keep their data private appeared first on Help Net Security.

Devs know application security is important, but have no time for it

Sonatype polled 2,076 IT professionals to discover practitioner perspectives on evolving DevSecOps practices, shifting investments, and changing perceptions, and the results of the survey showed that breaches related to open source components grew at a staggering 50% since 2017, and 121% since 2014. This follows on from Sonatype’s findings earlier in the year, which showed that 1 in 8 open source components downloaded by developers in the UK contained a known security vulnerability. Yet despite … More

The post Devs know application security is important, but have no time for it appeared first on Help Net Security.

Moxa plugs serious vulnerabilities in industrial secure router

A slew of serious vulnerabilities in the Moxa EDR-810 series of industrial secure routers could be exploited to inject OS commands, intercept weakly encrypted or extract clear text passwords, expose sensitive information, trigger a crash, and more. Moxa EDR-810 series flaws The existence of the flaws has been revealed when the Cisco Talos team published a post detailing them on Friday. The good news is that they’ve all been fixed, and Moxa is urging users … More

The post Moxa plugs serious vulnerabilities in industrial secure router appeared first on Help Net Security.

Your Android phone says it’s fully patched, but is it?

How do fully-maintained (i.e., patched) Android phones end up getting exploited? Searching for an answer to that question spurred security researchers to analyze thousands of Android firmwares for the presence of hundreds of patches. Their research led to an unwelcome discovery: most Android vendors regularly forget to include some patches in the security updates provided to users. The research Security Research Labs researchers Jakob Lell and Karsten Nohl explained how they went about making the … More

The post Your Android phone says it’s fully patched, but is it? appeared first on Help Net Security.

Security researchers sinkholed EITest infection chain

Security researchers have managed to neutralize “EITest,” one of the oldest infection chains and thus preventing as many as two million potential malicious redirects a day. About EITest EITest relied on compromised websites – mostly WordPress-based, but also using other CMSes – to direct users to exploit kit landing pages and social engineering schemes, which then delivered a wide variety of malware. It has been in use, on and off, since at least 2011. “Shortly … More

The post Security researchers sinkholed EITest infection chain appeared first on Help Net Security.

1-in-4 orgs using public cloud has had data stolen

McAfee has polled 1,400 IT professionals across a broad set of countries (and continents), industries, and organization sizes and has concluded that lack of adequate visibility and control is the greatest challenge to cloud adoption in an organization. However, the business value of the cloud is so compelling that some organizations are plowing ahead. Cloud services nearly ubiquitous According to the survey, the results of which have been unveiled at RSA Conference 2018, 97 percent … More

The post 1-in-4 orgs using public cloud has had data stolen appeared first on Help Net Security.

Real-time detection of consumer IoT devices participating in DDoS attacks

Could we detect compromised consumer IoT devices participating in a DDoS attack in real-time and do someting about it? A group of researchers Princeton University have presented some encouraging results showing that the first part of that equation can be relatively easily solved. As IoT traffic is often distinct from that of other Internet connected devices and as machine learning has proved promising for identifying malicious Internet traffic, they decided to use these facts to … More

The post Real-time detection of consumer IoT devices participating in DDoS attacks appeared first on Help Net Security.

Researchers use power lines to exfiltrate data from air-gapped computers

Researchers from the Ben-Gurion University of the Negev have come up with another way to exfiltrate data from air-gapped computers: this time, its via malware that can control the power consumption of the system. “Data is modulated, encoded, and transmitted on top of the current flow fluctuations, and then it is conducted and propagated through the power lines,” they pointed out. They call this malware PowerHammer. Data exfiltration via power lines They have devised two … More

The post Researchers use power lines to exfiltrate data from air-gapped computers appeared first on Help Net Security.

Court rules to ban access to Telegram in Russia

It didn’t take long for judge Yuliya Smolina of the Tagansky District Court of Moscow to rule that the Telegram secure messaging service should be blocked on the whole territory of Russia. She made the decision in less than 20 minutes and expects it to be effected immediately. The Roskomnadzor – the Russian media and telecom regulator – said that it will start the procedure to block the service as soon as it received a … More

The post Court rules to ban access to Telegram in Russia appeared first on Help Net Security.

Thousands of WP, Joomla and SquareSpace sites serving malicious updates

Thousands of compromised WordPress, Joomla and SquareSpace-based sites are actively pushing malware disguised as Firefox, Chrome and Flash Player updates onto visitors. This campaign has been going on since at least December 2017 and has been gaining steam. The malicious actors are injecting JavaScript that triggers the download requests into the content management systems’ JavaScript files or directly into the sites’ homepage. Keeping the effort on the down-low The malware peddlers are using a variety … More

The post Thousands of WP, Joomla and SquareSpace sites serving malicious updates appeared first on Help Net Security.

One in 10 C-level execs say GDPR will cost them over $1 million

Companies are taking the new General Data Protection Regulation (GDPR) much more seriously than HIPAA and PCI: 99 percent are actively involved in the process to become GDPR-compliant, despite the cost and internal reorganization involved, a new survey that polled 300 C-level security executives has shown. About half (49 percent) are 75 percent of the way through the process, and another 37 percent are halfway there. What’s more, 71 percent of the pollees are confident … More

The post One in 10 C-level execs say GDPR will cost them over $1 million appeared first on Help Net Security.

What’s your security story? How to use security as a sales tool

Positioning security as a value-add to the business rather than a necessary evil is a challenge for many organizations. Since the dawn of enterprise computing, information security has generally been seen as a purely technical function. Did the new two-factor authentication setting lock the sales team out of the system in the middle of a demo? Too bad. The “S” in “IS” is for security, not sales. Security teams often believe that their job is … More

The post What’s your security story? How to use security as a sales tool appeared first on Help Net Security.

AMD users running Windows 10 get their Spectre fix

AMD has released new microcode updates for mitigating variant 2 of the Spectre attack and Microsoft has released an OS update with the mitigation to AMD users running Windows 10. As you might remember, AMD processors were found not to be vulnerable to Meltdown attacks, but they were affected by Spectre (both variants). Variant 1 necessitates application-level fixes and variant 2 (CVE-2017-5715) requires changes at the OS level. Microsoft fixes problem for Windows 10 users … More

The post AMD users running Windows 10 get their Spectre fix appeared first on Help Net Security.

2.5 billion crypto mining attempts detected in enterprise networks

The volume of cryptomining transactions has been steadily growing since Coinhive came out with its browser-based cryptomining service in September 2017. Some websites have embraced the option and are giving their visitors the choice between viewing ads or sharing their CPU power to mine cryptocoins. Unfortunately malicious, covert hijackings of computer power are much more common, as the mining code can be secretly injected into compromised legitimate sites or even ads that are being served … More

The post 2.5 billion crypto mining attempts detected in enterprise networks appeared first on Help Net Security.

Key obstacles in enterprise security budgeting

IANS released its latest findings on budget-related best practices for information security leaders to consistently command the budget and resources they need. “It’s part of the CISO’s job to transition from unsupported to being fully supported, but that can only be done when the stage has been properly set within an organization,” said Doug Graham, CSO at Nuance Communications. “This research report from IANS goes beyond the numbers and uncovers some of the underlying and … More

The post Key obstacles in enterprise security budgeting appeared first on Help Net Security.

2.6 billion records were stolen, lost or exposed worldwide in 2017

Gemalto released the latest findings of the Breach Level Index, revealing that 2.6 billion records were stolen, lost or exposed worldwide in 2017, an 88% increase from 2016. While data breach incidents decreased by 11%, 2017 was the first year publicly disclosed breaches surpassed more than two billion compromised data records since the Breach Level Index began tracking data breaches in 2013. Over the past five years, nearly 10 billion records have been lost, stolen … More

The post 2.6 billion records were stolen, lost or exposed worldwide in 2017 appeared first on Help Net Security.

What patches to prioritize following the April 2018 Patch Tuesday?

Patch Tuesday came and went and, as usual, Microsoft and Adobe have released patches/security updates for vulnerabilities affecting a wide variety of their products. Adobe’s patches This April 2018 Patch Tuesday Adobe addressed vulnerabilities in Adobe PhoneGap Push Plugin, Adobe Digital Editions, Adobe InDesign, Adobe Experience Manager, and Adobe Flash Player. Of these updates, the most important one is that for Adobe Flash Player. Not only is the product the most widely used of those … More

The post What patches to prioritize following the April 2018 Patch Tuesday? appeared first on Help Net Security.

How security researchers deal with risks stemming from their activities

Broad and inconsistent interpretations of behind the times laws, new anti-infosec legislation, lawsuits and criminal prosecutions are having a chilling effect on security research. It’s difficult to quantify the effect, but Joseph Lorenzo Hall and Stan Adams of the US-based non-profit Center for Democracy & Technology have attempted to reveal the worries and choices of security researchers in the current climate by interviewing twenty of them. “We used a qualitative methods research design to understand … More

The post How security researchers deal with risks stemming from their activities appeared first on Help Net Security.

How many can detect a major cybersecurity incident within an hour?

Less than half of all organizations were able to detect a major cybersecurity incident within one hour. Even more concerning, less than one-third said that even if they detected a major incident, they would be unable to contain it within an hour, according to LogRhythm. Average time to detect a major cybersecurity incident The study, conducted by Widmeyer, which surveyed 751 IT decision makers from the U.S., U.K. and Asia-Pacific, also revealed that a majority … More

The post How many can detect a major cybersecurity incident within an hour? appeared first on Help Net Security.

Organizations want to leverage the cloud but are held back by security misconceptions

iboss has published the findings of its 2018 Enterprise Cloud Trends report. The survey of IT decision makers and office workers in U.S. enterprises found that 64% of IT decision makers believe the pace of software as a service (SaaS) application adoption is outpacing their cybersecurity capabilities. Combined with growing pressures from shadow IT and mobile employees, 91% of IT decision makers agree they need to update security policies to operate in a cloud-first environment. … More

The post Organizations want to leverage the cloud but are held back by security misconceptions appeared first on Help Net Security.

Emergency alert systems used across the US can be easily hijacked

A vulnerability affecting emergency alert systems supplied by ATI Systems, one of the leading suppliers of warning sirens in the USA, could be exploited remotely via radio frequencies to activate all the sirens and trigger false alarms. “We first found the vulnerability in San Francisco, and confirmed it in two other US locations including Sedgwick County, Wichita, Kansas,” Balint Seeber, Director of Threat Research at Bastille, told Help Net Security. “Although we have not visited … More

The post Emergency alert systems used across the US can be easily hijacked appeared first on Help Net Security.

Major uptick in mobile phishing URL click rate

In a study of Lookout users, more than half clicked mobile phishing URLs that bypassed existing security controls. Since 2011, Lookout has observed this mobile phishing URL click rate increase 85 percent year-over-year. “Mobile devices have eroded the corporate perimeter, limiting the effectiveness of traditional network security solutions like firewalls and secure web gateways,” said Aaron Cockerill, chief strategy officer at Lookout. “Operating outside the perimeter and freely accessing not just enterprise apps and SaaS, … More

The post Major uptick in mobile phishing URL click rate appeared first on Help Net Security.

How to minimize healthcare supply chain threats

There are many reasons why healthcare institutions have poor cybersecurity: most resources go towards providing patient care and not enough is left for cybersecurity; not all hospitals have a dedicated cybersecurity team; cybersecurity policies and authentication procedures are difficult to implement due to many users who rotate within the hospital, and more. In a recent paper, though, Trend Micro researchers zeroed in on two particular risks these organizations are susceptible to and they don’t feel … More

The post How to minimize healthcare supply chain threats appeared first on Help Net Security.

Steps executives are taking to increase security while launching new ways to pay

More than 80 percent of organizations that have been impacted by a data breach have introduced a new security framework and 79 percent have reduced employee access to customer data, according to new benchmark data, “2018 Global Payments Insight Survey: Bill Pay Services,” from ACI Worldwide and Ovum. The benchmark, comprised of responses from executives at billing organizations such as consumer finance, healthcare and higher education, also revealed that over 70 percent of organizations that … More

The post Steps executives are taking to increase security while launching new ways to pay appeared first on Help Net Security.

Hackers leverage flaw in Cisco switches to hit Russian, Iranian networks

The proof-of-concept exploit code for a vulnerability affecting many Cisco switches has been leveraged by vigilante hackers to mess with networks and data-centers in Russia and Iran. Who has been hit? According to Kaspersky Lab researchers, after exploiting the flaw the attackers are able to run code that allows them to rewrite the Cisco IOS image on the switches and change the configuration file, leaving a message that reads “Do not mess with our elections.” … More

The post Hackers leverage flaw in Cisco switches to hit Russian, Iranian networks appeared first on Help Net Security.

Russian government asks court to allow them to block Telegram

Russian communications regulator’s fight to block the Telegram encrypted messaging service continues. Telegram (the company) has been fighting the Roskomnadzor – the Russian federal agency tasked with overseeing that the media, telecoms and other mass communications providers comply with existing laws and adequately protect the confidentiality of personal data being processed – every step of the way. First, they tried to skip on registering as an “organizer of dissemination of information,” which would force them … More

The post Russian government asks court to allow them to block Telegram appeared first on Help Net Security.

The eternal struggle: Security versus users

There’s an old joke that a job in security is a safe place to be grumpy. From what I’ve seen over my career, that is often true. Security people seem to cherish their reputation for being pessimistic and untrusting. Some take it further and cast their disdain upon the users, who obviously need to be protected from themselves. (As a side note, my mom always hated when we computer folk referred to their customers as … More

The post The eternal struggle: Security versus users appeared first on Help Net Security.

April Patch Tuesday forecast: Expect updates for Adobe Flash, others

Springtime is here! Although up here in Minnesota you wouldn’t believe it as we received snowfalls that rivaled anything in the past 34 years! As spring arrives you think of all the things you need to do. Start packing up the shovels and snow blowers (except here where we may get a little bit more snow yet). Tune up the lawn mower and break out the yard gear. Given some recent cyber threats you may … More

The post April Patch Tuesday forecast: Expect updates for Adobe Flash, others appeared first on Help Net Security.

Security teams are under resourced, overwhelmed by attackers

A new report conducted by the Ponemon Institute uncovered security’s “patching paradox” – hiring more people does not equal better security. While security teams plan to hire more staffing resources for vulnerability response – and may need to do so – they won’t improve their security posture if they don’t fix broken patching processes. Firms struggle with patching because they use manual processes and can’t prioritize what needs to be patched first. The study found … More

The post Security teams are under resourced, overwhelmed by attackers appeared first on Help Net Security.

Delta and Sears suffer data breach, credit card information compromised

US-based Delta Air Lines and Sears Holdings, the owners of Sears and Kmart, have announced that the breach suffered by chatbot company [24]7.ai has resulted in the compromise of credit card information of its customers. According to a statement by [24]7.ai, which provides online support services to the two companies, the incident began on September 26 and was discovered and contained on October 12, 2017. Sears Holdings says that the incident involved unauthorized access to … More

The post Delta and Sears suffer data breach, credit card information compromised appeared first on Help Net Security.

IT audit best practices: Technological changes give rise to new risks

IT security and privacy, IT governance and risk management, regulatory compliance, emerging technology and cloud computing are the key issues impacting IT audit plans in 2018, according to a benchmarking study from Protiviti and ISACA. To whom within the organization does your IT audit director report? The seventh annual survey of more than 1,300 chief audit executives (CAE), internal audit professionals and IT audit vice presidents and directors worldwide found that most audit plans for … More

The post IT audit best practices: Technological changes give rise to new risks appeared first on Help Net Security.

Cyber attacks are becoming more organized and structured

Trustwave released the 2018 Trustwave Global Security Report which reveals the top security threats, breaches by industry, and cybercrime trends from 2017. The report is derived from the analysis of billions of logged security and compromise events worldwide, hundreds of hands-on data-beach investigations and internal research. Findings depict improvement in areas such as intrusion to detection however, also showed increased sophistication in malware obfuscation, social engineering tactics, and advanced persistent threats. North America and retail … More

The post Cyber attacks are becoming more organized and structured appeared first on Help Net Security.

Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise

A critical and extremely easily exploitable vulnerability in the Microsoft Malware Protection Engine (MMPE) has been patched through an out-of-band security update pushed out by Microsoft on Tuesday. “Administrators of enterprise antimalware deployments should ensure that their update management software is configured to automatically approve and distribute engine updates and new malware definitions. Enterprise administrators should also verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded, … More

The post Easily exploited flaw in Microsoft Malware Protection Engine allows total system compromise appeared first on Help Net Security.

ShifLeft: Fully automated runtime security solution for cloud applications

When talking about data loss prevention, the first thing that comes to mind are solutions aimed at stopping users from moving sensitive documents/data out of a network. But there is a different type of data loss that app developers should be conscious and worry about: cloud applications inadvertently sending critical data to unencrypted/public databases/services. Fuelled by the adoption of microservices and short software development cycles, this is the fastest growing problem in application security today. … More

The post ShifLeft: Fully automated runtime security solution for cloud applications appeared first on Help Net Security.

Establishing covert communication channels by abusing GSM AT commands

Security research often starts as a hobby project, and Alfonso Muñoz’s and Jorge Cuadrado’s probe into mobile privacy is no exception. The duo, who’s scheduled to reveal the results of their research at the Hack in the Box Conference in Amsterdam next week, ended up finding a way to establishing covert communication channels over GSM by abusing GSM AT commands. The investigation The first step of their investigation was to build a DIY mobile phone, … More

The post Establishing covert communication channels by abusing GSM AT commands appeared first on Help Net Security.

Fewer records breached: Cybercriminals focus on ransomware, destructive attacks

According to the 2018 IBM X-Force Threat Intelligence Index, the number of records breached dropped nearly 25 percent in 2017, as cybercriminals shifted their focus on launching ransomware and destructive attacks that lock or destruct data unless the victim pays a ransom. Last year, more than 2.9 billion records were reported breached, down from 4 billion disclosed in 2016. While the number of records breached was still significant, ransomware reigned in 2017 as attacks such … More

The post Fewer records breached: Cybercriminals focus on ransomware, destructive attacks appeared first on Help Net Security.

What’s new at RSAC 2018?

With the most significant global information security event just around the corner, we caught up with Sandra Toms, VP and Curator, RSA Conference, to find out what attendees can expect in San Francisco, April 16-20, 2018. What is new at RSA Conference this year that you’d like to highlight? One exciting thing we’re introducing this year is Broadcast Alley, which you could consider the “unofficial newsroom” of RSAC 2018. Publishers, sponsors, partners and exhibitors can … More

The post What’s new at RSAC 2018? appeared first on Help Net Security.

How critical infrastructure operators rate their security controls

Indegy revealed that nearly 60 percent of executives at critical infrastructure operators polled in a recent survey said they lack appropriate controls to protect their environments from security threats. As expected, nearly half of all respondents indicated their organizations plan to increase spending for industrial control system (ICS) security measures in the next 12-24 months. “We have been tracking the escalation in cyber threat activity specifically targeting critical infrastructures for some time,” says Barak Perelman, … More

The post How critical infrastructure operators rate their security controls appeared first on Help Net Security.

Intel will not provide Spectre/Meltdown microcode updates for some processor families

Intel has decided not to provide microcode updates to plug Spectre and Meltdown vulnerabilities in a number of older processors. According to the last update (April 2, 2018) of the “Microcode Revision Guidance,” Bloomfield, Bloomfield Xeon, Clarksfield, Gulftown, Harpertown Xeon C0 and E0, Jasper Forest, Penryn/QC, SoFIA 3GR, Wolfdale, Wolfdale Xeon, Yorkfield, and Yorkfield Xeon families of processors will not receive the updates. (Most of these “abandoned” CPUs are older products no longer in production.) … More

The post Intel will not provide Spectre/Meltdown microcode updates for some processor families appeared first on Help Net Security.

Critical vulnerability opens Cisco switches to remote attack

A critical vulnerability affecting many of Cisco’s networking devices could be exploited by unauthenticated, remote attackers to take over vulnerable devices or trigger a reload and crash. The company says that the vulnerability is not actively exploited in the wild, but as information about it and Proof-of-Concept code has now been published network administrators would do well to install the released security updates as soon a possible. About the vulnerability (CVE-2018-0171) The flaw was discovered … More

The post Critical vulnerability opens Cisco switches to remote attack appeared first on Help Net Security.

Would automation lead to improved cybersecurity?

Concerted efforts to increase job satisfaction, automation in the Security Operations Center (SOC) and gamification in the workplace are key to beating cybercriminals at their own game, according to McAfee. Which of the below areas of the cybersecurity process is your organization using automation in? The landscape for cyberthreats is growing, both in complexity and volume. According to the report, 46 percent of respondents believe that in the next year they will either struggle to … More

The post Would automation lead to improved cybersecurity? appeared first on Help Net Security.

Cloudflare launches privacy-protecting DNS service

If you’ve been offline during the weekend you might have missed Cloudflare announcing a new privacy-oriented consumer DNS service, hosted at the following IP addresses: 1.1.1.1 and 1.0.0.1. With this launch the US-based Internet services giant has joined the likes of Google and IBM Security, who also offer free DNS resolution services as an alternative to using ISPs’ DNS resolvers or locally installed DNS servers. The Cloudflare DNS Resolver Cloudflare says that their DNS service … More

The post Cloudflare launches privacy-protecting DNS service appeared first on Help Net Security.

How to close the security update gap

Security patching is hard and patch fatigue is real. So what can be done to make the process more simple, less disruptive, and more likely to be performed in a timely manner? According to the results of a recent survey by ACROS Security, those responsable for it are asking for – among other things – the capability to quickly un-apply patches if they cause problems, security and functional patches to be decoupled, want to have … More

The post How to close the security update gap appeared first on Help Net Security.

Report: What two years of real pen testing findings will tell you

The information included in this report (Time to Fix, Vulnerability Types, Findings Criticality, Issues Fixed) is summary data from all of the penetration tests Cobalt performed in 2017. Additionally, they provide data (Portfolio Coverage, Pen Test Frequency) from 75 survey respondents in security, management, operations, DevOps, product, and developer roles. Industry thought-leaders Caroline Wong and Mike Shema offer guidance on pen testing metrics that adds functional value for infosec practitioners. Key takeaways: Proven methods to … More

The post Report: What two years of real pen testing findings will tell you appeared first on Help Net Security.

Google to purge cryptomining extensions from Chrome Web Store

In a bid to prevent Chrome users’ computers being covertly used for cryptocurrency mining, Google will try to purge the Chrome Web Store of extensions that hijack machines’ CPU resources to do just that. Announced changes “Until now, Chrome Web Store policy has permitted cryptocurrency mining in extensions as long as it is the extension’s single purpose, and the user is adequately informed about the mining behavior,” Extensions Platform Product Manager James Wagner explained. “Unfortunately, … More

The post Google to purge cryptomining extensions from Chrome Web Store appeared first on Help Net Security.

Hackers steal payment card data of 5 million Saks, Lord & Taylor customers

Hackers have apparently managed to compromise the cash register systems at Saks Fifth Avenue and Lord & Taylor stores in the US and Canada, and have stolen payment card data of some five million customers, a cybersecurity research firm has revealed on Sunday. What happened? “On March 28, 2018, a notorious hacking JokerStash syndicate, also known as Fin7 announced the latest breach of yet another major corporation, with more than five million stolen payment cards … More

The post Hackers steal payment card data of 5 million Saks, Lord & Taylor customers appeared first on Help Net Security.

Are legacy technologies a threat to EU’s telecom infrastructure?

Telecommunications is a key infrastructure based on how our society works. It constitutes the main instrument that allows our democracy and our EU core values such as freedom, equality, rule of law and human rights to function properly. Common types of attacks There are currently over 5 billion unique mobile subscribers and over 2000 mobile operators worldwide. In Europe, we have 456 million unique mobile subscribers, which is equivalent to 84% of the population. Mobile … More

The post Are legacy technologies a threat to EU’s telecom infrastructure? appeared first on Help Net Security.

Nation-state hackers are attacking our trust in critical systems

In the last few years, the lines between cyber criminals and nation-states have become increasingly blurry and it has become obvious that the private sector is not capable of handling cyber threats on its own, Chris Inglis, former deputy director of the National Security Agency, told the crowd at World Cyber Security Congress this week. The WannaCry and NotPetya attacks – generally attributed to North Korea and Russia – have shown that an organization doesn’t … More

The post Nation-state hackers are attacking our trust in critical systems appeared first on Help Net Security.

Apple puts privacy information screens in users’ line of sight

Apple has released the latest round of updates for its various products. They come with the usual security fixes, but also a new feature aimed at informing users about what information Apple-made apps collect about them and how that information is used. The security fixes Apple kas plugged a bucketload of vulnerabilities in WebKit, the layout engine software component for rendering web pages in Safari, most of which may lead to arbitrary code execution, as … More

The post Apple puts privacy information screens in users’ line of sight appeared first on Help Net Security.

Are there too many cybersecurity companies?

The most potent global threat in 2018 may not be armed conflict or civil unrest, but cybersecurity. While cybersecurity awareness has increased with high profile breaches in recent years, the core problem remains of how industries can protect themselves and their customers when so much of our interaction has gone digital. Here are some predictions for the challenges companies may face in 2018: There are too many security vendors, and many of them will go … More

The post Are there too many cybersecurity companies? appeared first on Help Net Security.

Crypto mining runs rampant in higher education: Is it students?

The higher education sector exhibited a startling increase in potentially damaging cryptocurrency mining behaviors, according to Vectra. The Attacker Behavior Industry Report reveals cyberattack detections and trends from a sample of 246 opt-in enterprise customers using the Vectra Cognito platform, across 14 different industries. From September 2017 through January 2018, Vectra monitored traffic and collected metadata from more than 4.5 million devices and workloads from customer cloud, data center and enterprise environments. By analyzing this … More

The post Crypto mining runs rampant in higher education: Is it students? appeared first on Help Net Security.

Macro-less word document attacks on the rise

WatchGuard released its Internet Security Report for Q4 2017. Among the report’s most notable findings, threat intelligence showed that total malware attacks are up by 33 percent, and that cyber criminals are increasingly leveraging Microsoft Office documents to deliver malicious payloads. “After a full year of collecting and analyzing Firebox Feed data, we can clearly see that cyber criminals are continuing to leverage sophisticated, evasive attacks and resourceful malware delivery schemes to steal valuable data,” … More

The post Macro-less word document attacks on the rise appeared first on Help Net Security.

The current state of USB data protection

Data protection, whether related to personal customer or patient information, is critical across virtually all industries. So how can organizations best protect their most sensitive and confidential information? To answer this question, Apricorn surveyed more than 400 employees in September 2017, ranging in ages from 18 to 65 across numerous industries that included education, finance, government, healthcare, legal, retail and manufacturing. Among other things, the survey revealed that while USB drives are ubiquitous and widely … More

The post The current state of USB data protection appeared first on Help Net Security.

Businesses suspect their mobile workers are being hacked

More than half (57%) of organisations suspect their mobile workers have been hacked or caused a mobile security issue in the last 12 months, according to the iPass Mobile Security Report 2018. Overall, 81% of respondents said they had seen Wi-Fi related security incidents in the last 12 months, with cafés and coffee shops (62%) ranked as the venues where such incidents had occurred most. That was closely followed by airports (60%) and hotels (52%), … More

The post Businesses suspect their mobile workers are being hacked appeared first on Help Net Security.

Consumers worry that small privacy invasions may lead to a loss of civil rights

A new report by The Economist Intelligence Unit (EIU) shows that consumers around the world perceive wide ranging risks in how their personal information is collected and shared with third parties. They want greater transparency and control, as well as commitments from government and industry to protect privacy. Large shares of the consumers surveyed indicate a host of concerns related to the collection and transmission of their personal information. These range from identity theft to … More

The post Consumers worry that small privacy invasions may lead to a loss of civil rights appeared first on Help Net Security.

Compliance functions make a turn towards innovation-fueled strategies

Faced with growing threats of ‘industry shocks’ such as cyber fraud, cryptocurrency, quantum computing and open banking, financial institutions expect to increase their compliance investments over the next two years as they seek new approaches to strengthening compliance capabilities, according to a new report from Accenture. Compliance investments increase Based on a survey of 150 compliance executives at financial services institutions, Accenture’s fifth annual compliance risk report, “Comply and Demand,” found that 89 percent of … More

The post Compliance functions make a turn towards innovation-fueled strategies appeared first on Help Net Security.

Organizations blame legacy antivirus protection for failed ransomware prevention

More than half (53 percent) of U.S. organizations that were infected with ransomware blamed legacy antivirus protection for failing to prevent the attack, according to SentinelOne. Nearly 7 out of 10 of these companies have replaced legacy AV with next-gen endpoint protection to prevent future ransomware infections. AV fails to foil ransomware Behind employee carelessness as the primary cause (56 percent blamed this), failed legacy AV protection is viewed as the leading factor in successful … More

The post Organizations blame legacy antivirus protection for failed ransomware prevention appeared first on Help Net Security.

Using deception to gain enterprise IoT attack visibility

The main lessons from attacks against Internet of Things (IoT) devices are to change default usernames and passwords, use longer passphrases to avoid brute force attacks, and make sure devices have enough memory for firmware and kernel updates to remove vulnerabilities or service backdoors, plus implement strong encryption for communications. Also, having IoT devices connected to standard PC platforms is not advised given endpoints are often the foothold in most attacks. Case in point with … More

The post Using deception to gain enterprise IoT attack visibility appeared first on Help Net Security.

Analysis of 560 incidents demonstrates need for cyber resilience

Many entities face the same types of security incidents – some are viewed as handling the incident well, and for some it’s a disruptive and costly lesson. The ones that fare better have prepared for an incident and use lessons-learned from prior incidents. Recognizing that entities need a source of reliable information on what actually happens during an incident, the BakerHostetler Privacy and Data Protection team published the 2018 edition of its Data Security Incident … More

The post Analysis of 560 incidents demonstrates need for cyber resilience appeared first on Help Net Security.

Axonius goes retro to see and secure all devices

Just 6 months after its seed funding, Axonius today announced the general availability of its Cybersecurity Asset Management Platform to enable customers to see and secure all devices. With over 100,000 devices already managed at early customers worldwide, today’s announcement marks the official availability of the platform in advance of RSA Conference 2018 held in San Francisco. “We started this company to solve a very specific, acute problem – fragmentation,” said Dean Sysman, CEO and … More

The post Axonius goes retro to see and secure all devices appeared first on Help Net Security.

Hacking intelligent buildings using KNX and Zigbee networks

A great many of us are living, staying or working in “smart” buildings, relying on automated processes to control things like heating, ventilation, air conditioning, lighting, security and other operation systems. We expect those systems to work without a glitch and withstand attacks but, unfortunately, the security of these systems is still far from perfect. A group of researchers from Tencent Security Platform is getting ready to demonstrate just how imperfect it is at the … More

The post Hacking intelligent buildings using KNX and Zigbee networks appeared first on Help Net Security.

Third-party IoT risk management not a priority

With the proliferation of IoT devices used in organizations to support business, technology and operations innovation, respondents to an Ponemon Institute study were asked to evaluate their perception of IoT risks, the state of current third party risk management programs, and governance practices being employed to defend against IoT-related cyber attacks. Has your organization experienced a data breach or cyber attack caused by unsecured IoT devices or applications in the past 12 months? This year’s … More

The post Third-party IoT risk management not a priority appeared first on Help Net Security.

Digital innovation held back as IT teams firefight security threats

43% of IT executives at European financial institutions reveal that fears of a cyber-attack keep them awake at night – two months before the GDPR comes into force, according to figures published by financial services IT consultancy and service provider Excelian, Luxoft Financial Services. The survey of over 200 IT executives working in capital markets, wealth management and corporate banking reveals that although 89% agree implementing a cybersecurity strategy is a top priority, budget cuts … More

The post Digital innovation held back as IT teams firefight security threats appeared first on Help Net Security.

Like any threat, malware evolves: Discover new trends

Cofense released the 2018 Cofense Malware Review, detailing the trends that defined malware attacks in 2017 and the emerging trends for network defenders to prioritize in 2018. While a couple of high profile breaches stole the spotlight in 2017, Cofense’s global security team uncovered a number of less visible evolutions that dramatically changed the threat landscape and continue to pose threats. Malicious actors demonstrated how quickly they could exploit recently disclosed vulnerabilities, change how they … More

The post Like any threat, malware evolves: Discover new trends appeared first on Help Net Security.

Do you have what it takes to withstand modern DDoS attacks?

As the latest record DDoS attack hit GitHub and threatened to overwhelm its edge network, the popular Git-repository hosting service quickly switched to routing the attack traffic to their DDoS mitigation service. In the end, GitHub ended up completely unavailable for five minutes and intermittently unavailable for four. But while the effect of the attack could have been worse, GitHub’s engineering team aims to do better next time they are hit. Robert Hamilton, Director of … More

The post Do you have what it takes to withstand modern DDoS attacks? appeared first on Help Net Security.

How Facebook’s data issue is a lesson for everyone

The headlines have been dominated by the recent news around Facebook, Cambridge Analytica and the misuse of customer data. The impact of these revelations has led to millions being wiped off Facebook’s share price and an ongoing investigation into the incident. With just two months left until the General Data Protection Regulation (GDPR) comes into effect, this scandal could not be timelier. The ongoing discussions around Facebook’s use of customer data are a clear reminder … More

The post How Facebook’s data issue is a lesson for everyone appeared first on Help Net Security.

Businesses know breaches are happening, but do they know how, why and when?

Nearly four in five companies (79%) were hit by a breach in the last year, according to Balabit. Their research also revealed that 68% businesses expect to be impacted by further breaches this year, with more than a quarter anticipating a breach to occur within the next six months. The Unknown Network Survey, deployed in the UK, France, Germany and the US, reveals the attitudes of 400 IT and security professionals surrounding their IT security … More

The post Businesses know breaches are happening, but do they know how, why and when? appeared first on Help Net Security.

Phishing, malware, and cryptojacking continue to increase in sophistication

Attackers are constantly trying new ways to get around established defenses. The data, collected throughout 2017 by Webroot, illustrates that attacks such as ransomware are becoming a worldwide threat and are seamlessly bypassing legacy security solutions because organizations are neglecting to patch, update, or replace their current products. The findings showcase a dangerous, dynamic threat landscape that demands organizations deploy multi-layered defenses that leverage real-time threat intelligence. Cryptojacking is gaining traction as a profitable and … More

The post Phishing, malware, and cryptojacking continue to increase in sophistication appeared first on Help Net Security.

Experiences and attitudes towards cloud-specific security capabilities

Dimensional research conducted a survey of IT professionals responsible for cloud environments. The survey, which is comprised of data collected from over 600 respondents from around the world, provides an overview of experiences and attitudes in regards to cloud security. In your opinion, how does the overall security posture for your company’s cloud services compare to your on-premises security? The cloud is redefining the role of the firewall An overwhelming 83 percent of respondents have … More

The post Experiences and attitudes towards cloud-specific security capabilities appeared first on Help Net Security.

Netflix, Dropbox promise not to sue security researchers, with caveats

Netflix and Dropbox have both noted recently that they won’t sue security researchers who find and disclose vulnerabilities in their products. The only caveat is: the researchers must conduct the research in line with their vulnerability disclosure policy and bug bounty program guidelines. Dropbox Dropbox Head of Security Chris Evans announced on Wednesday that they’ve updated their vulnerability disclosure policy to clearly say that the company will “not initiate legal action for security research conducted … More

The post Netflix, Dropbox promise not to sue security researchers, with caveats appeared first on Help Net Security.

Atlanta government systems hit by rasomware

The city of Atlanta has suffered a ransomware attack on Thursday, which resulted in outages of some of its customer facing applications, including some that customers may use to pay bills or access court-related information. The city government alerted the public about the outages on Thursday morning via Twitter, but did not say at the time what was their cause. Later that day, Keisha Lance Bottoms, the city’s mayor, held a press conference during which … More

The post Atlanta government systems hit by rasomware appeared first on Help Net Security.

RSA Conference 2018 USA: What you can expect at this year’s event

With RSA Conference 2018 USA less than a month away, we asked Britta Glade, Director, Content and Curation for RSA Conference, to tell us more about this year’s event. Read on to find out what’s in store for the world’s largest gathering of information security professionals. What have been the major security developments in the past year, and how have these informed the conference agenda for 2018? Where to begin? 2017 showed us just how … More

The post RSA Conference 2018 USA: What you can expect at this year’s event appeared first on Help Net Security.

New infosec products of the week​: March 23, 2018

Gemalto unveils enhanced security features for ID documents These security features are available as additional options in the Gemalto Color Laser Shield secure identity solutions range. The new enhancements are simple to adopt by the government agents in the field. They are designed to counter forgery while remaining easy for officials to verify their authenticity, thereby providing convenience for legitimate holders. QuintessenceLabs qStream 100P PCIe card integrates high-entropy, quantum-based true random numbers to servers QuintessenceLabs … More

The post New infosec products of the week​: March 23, 2018 appeared first on Help Net Security.

1 in 10 targeted attack groups use malware designed to disrupt

Cyber criminals are rapidly adding cryptojacking to their arsenal and creating a highly profitable new revenue stream, as the ransomware market becomes overpriced and overcrowded, according to Symantec’s Internet Security Threat Report (ISTR), Volume 23. “Cryptojacking is a rising threat to cyber and personal security,” said Mike Fey, president and COO, Symantec. “The massive profit incentive puts people, devices and organizations at risk of unauthorized coinminers siphoning resources from their systems, further motivating criminals to … More

The post 1 in 10 targeted attack groups use malware designed to disrupt appeared first on Help Net Security.

Flaws in ManageEngine apps opens enterprise systems to compromise

Researchers have discovered multiple severe vulnerabilities in ManageEngine’s line of tools for internal IT support teams, which are used by over half of Fortune 500 companies. About the vulnerabilities The first flaw affects EventLog Analyzer 11.8 and Log360 5.3, and could be exploited to achieve remote code execution with the same privileges as the user that started the application, by uploading a web shell to be written to the web root. The rest of the … More

The post Flaws in ManageEngine apps opens enterprise systems to compromise appeared first on Help Net Security.

Excessive alerts, outdated metrics, lead to over-taxed security operations centers

A new study, conducted by 360Velocity and Dr. Chenxi Wang, found that excessive alerts, outdated metrics, and limited integration lead to over-taxed security operations centers (SOCs). SOCs are overwhelmed The study was conducted over the span of three months, interviewing security practitioners from enterprise companies in a cross-section of industries: Software-as-a-Service (SaaS), retail, financial services, healthcare, consumer services, and high tech. As the threat landscape changes and enterprises move to adopt additional layers of defensive … More

The post Excessive alerts, outdated metrics, lead to over-taxed security operations centers appeared first on Help Net Security.