Category Archives: Featured news

Should you trust that Chrome extension? Use CRXcavator to decide

Duo Security has released CRXcavator, a tool that can help end users and enterprises make an informed decision about installing a specific Chrome extension. About CRXcavator CRXcavator was created as an internal tool by Duo’s Corporate Security Engineering team and, because it’s extremely helpful, they made it publicly available. “CRXcavator automatically scans the entire Chrome Web Store every 3 hours and produces a quantified risk score for each Chrome Extension based on several factors,” the … More

The post Should you trust that Chrome extension? Use CRXcavator to decide appeared first on Help Net Security.

Criminal groups promising salaries averaging $360,000 per year to accomplices

New research from Digital Shadows reveals that criminal groups are promising salaries averaging the equivalent of $360,000 per year to accomplices who can help them target high-worth individuals, such as company executives, lawyers and doctors with extortion scams. These salary promises can be higher still for those with network management, penetration testing and programming skills – with one threat actor willing to pay the equivalent of $768,000 per year, with add-ons and a final salary … More

The post Criminal groups promising salaries averaging $360,000 per year to accomplices appeared first on Help Net Security.

Exposure of sensitive data via cloud applications and services increases 20%

To identify top threats, the Dtex researchers collected and analyzed information from work-issued endpoints across more than 300,000 user accounts. Proprietary, cloud and personal accounts such as email were included in the total. Assessed organizations spanned multiple industries across North America, Europe (EMEA) and the Asia Pacific Region (APAC). The results are available in the Dtex 2019 Insider Threat Intelligence Report released by Dtex Systems. Among the top insider threat trends identified: 98% of assessments … More

The post Exposure of sensitive data via cloud applications and services increases 20% appeared first on Help Net Security.

92% of organizations rank users as their primary security concern

Cybercrime continues to evolve and become more sophisticated. AI and machine learning are leveraged by many criminal organizations to help them better understand how to improve their attacks and they are now targeting specific industry verticals, organizations and even individuals. Increases in the frequency of ransomware, phishing and crypto jacking attacks were experienced by businesses of nearly every size, vertical and locale. On average, 81% of organizations had some degree of concern around security issues, … More

The post 92% of organizations rank users as their primary security concern appeared first on Help Net Security.

Tech companies fret over data privacy, but ready to bet on IPO market

Cybersecurity concerns, along with U.S. economic growth, are the two top drivers anticipated to spur overall U.S. tech industry growth in 2019. Data privacy remains at the center of the sector’s worries, with 87 percent of tech CFOs expressing a high or moderate concern about the issue. It also ranked third in the list of companies’ biggest business priorities this year, after scaling the business (37 percent) and product or service innovation (34 percent), according … More

The post Tech companies fret over data privacy, but ready to bet on IPO market appeared first on Help Net Security.

The risks associated with the influx of unauthorized collaboration tools

A majority (82 percent) of end-users are pushing back on IT or management when the company tries to dictate which collaboration tools should be used. But IT is standing its ground; nearly two-thirds (63 percent) of information technology professionals say they prevail when employees push back. A new NextPlane report uncovers the risks associated with this influx of unauthorized collaboration tools, the internal pressures IT is feeling, and the level of resistance IT is experiencing … More

The post The risks associated with the influx of unauthorized collaboration tools appeared first on Help Net Security.

Cisco fixes risky flaws in HyperFlex and Prime infrastructure

Cisco has released another batch of fixes for many of its products, including HyperFlex, Prime infrastructure, WebEx, and Firepower devices. Fixed HyperFlex bugs Five of the patched vulnerabilities affect Cisco HyperFlex Software, software running on Cisco HyperFlex HX-Series data center nodes. Two of them are high risk security holes: CVE-2018-15380 could allow an unauthenticated, adjacent attacker to run commands on the affected host as the root user CVE-2019-1664 could allow an unauthenticated, local attacker to … More

The post Cisco fixes risky flaws in HyperFlex and Prime infrastructure appeared first on Help Net Security.

500,000+ WinRAR users open to compromise via a 19-year-old flaw

A vulnerability affecting all versions of WinRAR, the popular file archiver utility for Windows, could be exploited by attackers to deliver malware via specially crafted ACE archives. About the flaw The vulnerability was unearthed by Check Point researchers and the effectiveness of a PoC exploit has been demonstrated in this video: They created a malicious ACE archive disguised as a RAR file that, when decompressed by WinRAR, extracts a malicious executable to one of the … More

The post 500,000+ WinRAR users open to compromise via a 19-year-old flaw appeared first on Help Net Security.

(IN)SECURE Magazine issue 61 released

(IN)SECURE Magazine is a free digital security publication discussing some of the hottest information security topics. Issue 60 has been released today. Table of contents How to know when you’re ready for a fractional CISO Debunking conventional wisdom to get out of the security and privacy rut How accepting that your network will get hacked will help you develop a plan to recover faster Four differences between the GDPR and the California Consumer Privacy Act … More

The post (IN)SECURE Magazine issue 61 released appeared first on Help Net Security.

How are businesses facing the cybersecurity challenges of increasing cloud adoption?

Cloud services serve core functions essential to all aspects of business operations, but getting cloud security right is still a challenge for many organizations, the 2019 Cloud Threat Report by Oracle and KPMG has shown. The two companies have asked 450 cyber security and IT professionals from private and public-sector organizations in the US, Canada, UK, Australia and Singapore about the problems surrounding cloud adoption and use in their environments. While 73 percent of them … More

The post How are businesses facing the cybersecurity challenges of increasing cloud adoption? appeared first on Help Net Security.

(ISC)² Secure Summit EMEA will welcome hundreds of the best minds in cybersecurity

This year’s (ISC)² Secure Summit EMEA will take place in The Hague in April. In order to find out what elements set this event apart from other cybersecurity events, we sat down with Mary-Jo de Leeuw, Director of Cybersecurity Advocacy, EMEA at (ISC)². How has the fast-paced threat landscape influenced the program of this year’s (ISC)² Secure Summit EMEA event? The rapid pace of change has been fundamental in forming the agenda for this year’s … More

The post (ISC)² Secure Summit EMEA will welcome hundreds of the best minds in cybersecurity appeared first on Help Net Security.

Formjacking is the new get rich quick scheme for cybercriminals

Faced with diminishing returns from ransomware and cryptojacking, cybercriminals are doubling down on alternative methods, such as formjacking, to make money according to Symantec’s Internet Security Threat Report (ISTR), Volume 24. Symantec’s ISTR provides an overview of the threat landscape, including insights into global threat activity, cybercriminal trends, and motivations for attackers. The report analyzes data from Symantec’s Global Intelligence Network, which records events from 123 million attack sensors worldwide, blocks 142 million threats daily … More

The post Formjacking is the new get rich quick scheme for cybercriminals appeared first on Help Net Security.

Prevent shadow IT: Companies need security covering multiple communication vectors

There is a critical need for companies to adopt comprehensive and secure enterprise communications platforms to prevent shadow IT. It is a phenomenon where employees, to compensate for the lack of a comprehensive suite of communication tools within their company, leverage unauthorised external applications for business purposes, creating multiple challenges for companies. Apart from being highly vulnerable to data breaches, these applications also compromise a company’s data/information confidentiality and sovereignty and, in some cases, could … More

The post Prevent shadow IT: Companies need security covering multiple communication vectors appeared first on Help Net Security.

Global mobile networks to support 12.3 billion devices and IoT connections by 2022

There has been a worldwide rise in mobile access for consumers and business users. The expanded reach and quality of mobile broadband has fostered a seemingly insatiable demand for mobile communications, media and a wide range of mobile IoT applications. More than a decade ago, mobile (or cellular) traffic represented less than five percent of total IP traffic crossing global networks, according to Cisco’s Mobile Visual Networking Index (VNI) Forecast. According to this year’s forecast … More

The post Global mobile networks to support 12.3 billion devices and IoT connections by 2022 appeared first on Help Net Security.

Phishers’ new trick for bypassing email URL filters

Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels). The trick has been spotted being used in a email spam campaign aimed at leading victims to a credential harvesting login page. Why does this approach work? “Office documents (.docx, .xlsx, .pptx) are made up of a number of XML files that include all the … More

The post Phishers’ new trick for bypassing email URL filters appeared first on Help Net Security.

Rockwell Automation industrial energy meter vulnerable to public exploits

A low-skilled, remote attacker could use publicly available exploits to gain access to and mess with a power monitor by Rockwell Automation that is used by energy companies worldwide, ICS-CERT warns. All versions of Rockwell Automation’s Allen-Bradley PowerMonitor 1000 are vulnerable and there is currently no available fix for the flaws. About the vulnerabilities and available exploits PowerMonitor 1000 is an energy metering device used in industrial control applications, such as destribution centers, industrial control … More

The post Rockwell Automation industrial energy meter vulnerable to public exploits appeared first on Help Net Security.

Flawed password managers allow malware to steal passwords from computer memory

The most widely used password managers sport fundamental vulnerabilities that could allow malware to steal the master password or other passwords stored by the software directly from the computer’s memory, researchers with Independent Security Evaluators (ISE) have found. The findings They tested the 1Password, Dashlane, KeePass and LastPass password manager applications for Windows, which are collectively used by 60 million users and 93,000 businesses worldwide. They reverse engineered each software package to evaluate its handling … More

The post Flawed password managers allow malware to steal passwords from computer memory appeared first on Help Net Security.

Ryuk: What does the helpdesk tell us?

Cybercrime is the only criminal channel that provides a helpdesk. An amusing side note in the world of digital crime, and whilst considerable efforts have been taken to understand what the code infers about the source of attacks, very little is done regarding the administrative support provided by the malicious actors. In the case of ransomware this is a significant omission, since we have witnessed notable investment by malicious operators to ‘support’ victims to encourage … More

The post Ryuk: What does the helpdesk tell us? appeared first on Help Net Security.

Insights on modern adversaries and their tactics, techniques, and procedures

In today’s ever-evolving cyber landscape, speed is essential for effective cyber defense. CrowdStrike’s Global Threat Report reveals “breakout time” – the critical window between when an intruder compromises the first machine and when they can move laterally to other systems on the network – for top cyber adversaries. This ranking offers organizations unprecedented insight into how fast they need to be at detecting, investigating and remediating intrusions (also known as the 1-10-60 rule) to thwart … More

The post Insights on modern adversaries and their tactics, techniques, and procedures appeared first on Help Net Security.

European standards org releases consumer IoT cybersecurity standard

The European Telecommunications Standards Institute (ETSI) has released ETSI TS 103 645, a standard for cybersecurity in the Internet of Things, to establish a security baseline for internet-connected consumer products and provide a basis for future IoT certification schemes. As more devices in the home connect to the internet, the cyber security of the Internet of Things (IoT) is becoming a growing concern. People entrust their personal data to an increasing number of online devices … More

The post European standards org releases consumer IoT cybersecurity standard appeared first on Help Net Security.

Free decryption tool could save victims millions in ransomware payments

A new decryption tool has been released for free on the No More Ransom depository for the latest strand of GandCrab. This tool was developed by the Romanian Police in close collaboration with the internet security company Bitdefender and Europol, together with the support of law enforcement authorities from Austria, Belgium, Cyprus, France, Germany, Italy, the Netherlands, UK, Canada and US FBI. In addition to versions 1, 4 and early versions of 5, the new … More

The post Free decryption tool could save victims millions in ransomware payments appeared first on Help Net Security.

Detecting Trojan attacks against deep neural networks

A group of researchers with CSIRO’s Data61, the digital innovation arm of Australia’s national science agency, have been working on a system for run time detection of trojan attacks on deep neural network models. Although it has yet to be tested in the text and voice domain, their system is highly effective when it comes to spotting trojan attacks on DNN-based computer vision applications. What are deep neural networks? Artificial neural networks (ANNs) are computational … More

The post Detecting Trojan attacks against deep neural networks appeared first on Help Net Security.

Webinar: Defending account takeovers at Remitly

Account Takeover attacks don’t follow conventional attack patterns – they look, act, and feel like legitimate users. Without the right tooling, visibility into your environment, and intimate understanding of your users, defending against Account Takeover attacks (ATOs) can be extremely difficult. Worse yet, if done incorrectly, defending against ATOs can end up impacting legitimate users and traffic. There are ways to make defending these attacks much easier. This webinar (registration required) with guest Kevin Hanaford, … More

The post Webinar: Defending account takeovers at Remitly appeared first on Help Net Security.

IT security incidents affecting German critical infrastructure are on the rise

The number of IT security incidents reported by critical infrastructure companies in Germany has soared. In 2017, the German Federal Office for Security in Information Technology (BSI) received 145 such reports from critical infrastructure providers. In the second half of 2018 alone that number reached 157, Welt am Sonntag reports. Reporting requirements The BSI is the federal agency charged with managing computer and communication security for the German government, as well as monitoring the security … More

The post IT security incidents affecting German critical infrastructure are on the rise appeared first on Help Net Security.

How RSA Conference 2019 brings diverse security professionals together

With RSA Conference 2019 USA just two weeks away, we asked Sandra Toms, Vice President and Curator, RSA Conference, to tell us more about the challenges involved in developing a broad educational resource for information security professionals the event is known for. Read the Q&A to discover how the conference brings security professionals together, what you can expect at this year’s event, and what RSA Conference plans for the future. The information security industry has … More

The post How RSA Conference 2019 brings diverse security professionals together appeared first on Help Net Security.

Building security into cloud native apps with NGINX

Companies like Airbnb, Uber and DoorDash, which have a cloud-based software infrastructure as one of their main enablers, are disrupting the hospitality, transportation and food delivery sector. Why do all these new companies use the cloud and what advantages does it give them? Unlike legacy competitors, innovators with new infrastructure can: 1. Quickly scale and grow their customer base. 2. Support their business in different geographies and ensure availability. 3. Ensure convenience (users are accessing … More

The post Building security into cloud native apps with NGINX appeared first on Help Net Security.

74% of organizations face outages due to expired certificates

As information security budgets grow and funds are allocated to protect the defensive perimeter, many companies have overlooked the critical importance of digital certificate management. And a new study shows it could cost them up to $67.2 million over the next two years. The study, a benchmarking report released today by Keyfactor and Ponemon Institute also finds that 71% of IT pros believe that their organization does not know exactly how many keys and certificates … More

The post 74% of organizations face outages due to expired certificates appeared first on Help Net Security.

The importance of consumer trust in the second-hand mobile market

58 percent of global consumers have yet to trade in an old mobile device, though almost two-thirds (64%) globally reported they would be willing to do so if more stringent data management processes were in place. These are the results of an exclusive global consumer research study examining consumer sentiment and actions for trading in mobile devices, released by Blancco Technology Group. This is good news for mobile operators, OEMs and third-party logistics providers (3PLs) … More

The post The importance of consumer trust in the second-hand mobile market appeared first on Help Net Security.

2018 saw 6,515 reported breaches, exposing 5 billion sensitive records

There were 6,515 publicly disclosed data compromise events through December 31, 2018, exposing over 5 billion sensitive records, according to Risk Based Security’s Year End 2018 Data Breach QuickView Report. While the year ended below 2017’s high mark of 6,728 reported breaches, a slow trickle of new breach information continues and may end up placing 2018 in the top spot. “It’s been an unusual year for breach activity,” commented Inga Goddijn, Executive Vice President of … More

The post 2018 saw 6,515 reported breaches, exposing 5 billion sensitive records appeared first on Help Net Security.

Three reasons employee monitoring software is making a comeback

Companies are increasingly implementing employee and user activity monitoring software to: Ensure data privacy Protect intellectual property and sensitive data from falling into the wrong hands Stop malicious or unintentional data exfiltration attempts Find ways to optimize processes and improve employee productivity. Modern user activity monitoring software is incredibly flexible, providing companies with the insights they need while offering the protection they demand. By examining three prominent use cases, it’s evident that employee monitoring software … More

The post Three reasons employee monitoring software is making a comeback appeared first on Help Net Security.

Machine learning fundamentals: What cybersecurity professionals need to know

In this Help Net Security podcast, Chris Morales, Head of Security Analytics at Vectra, talks about machine learning fundamentals, and illustrates what cybersecurity professionals should know. Here’s a transcript of the podcast for your convenience. Hi, this is Chris Morales and I’m Head of Security Analytics at Vectra, and in this Help Net Security podcast I want to talk about machine learning fundamentals that I think we all need to know as cybersecurity professionals. AI … More

The post Machine learning fundamentals: What cybersecurity professionals need to know appeared first on Help Net Security.

Mozilla will use AI coding assistant to preemptively catch Firefox bugs

Mozilla will start using Clever-Commit, an AI coding assistant developed by Ubisoft, to make the Firefox code-writing process more efficient and to prevent the introduction of bugs in the code. How does Clever-Commit work? “By combining data from the bug tracking system and the version control system (aka changes in the code base), Clever-Commit uses artificial intelligence to detect patterns of programming mistakes based on the history of the development of the software. This allows … More

The post Mozilla will use AI coding assistant to preemptively catch Firefox bugs appeared first on Help Net Security.

SaaS spending increasing by 78 percent year-over-year

43% of the average company’s SaaS application stack changed in the last two years, according to the 2019 Annual SaaS Trends report. This is far greater than the typical employee churn rate. Meanwhile, spending has not slowed down – the average SaaS spend per company increased 78 percent year-over-year across organizations in Blissfully’s dataset. This rapid pace of technology change shows that organizations are willing to go to great lengths to increase their teams’ productivity … More

The post SaaS spending increasing by 78 percent year-over-year appeared first on Help Net Security.

How organizations handle disruptive data sources

In the 2018 Data Connectivity Survey by Progress, more than 1,400 business and IT professionals in various roles across industries and geographies shared their insights on the latest trends within the rapidly changing enterprise data market. The findings revealed five data-related areas of primary importance for organizations as they migrate to the cloud: data integration, real-time hybrid connectivity, data security, standards-based technology and open analytics. Significant findings from the survey include: Data integration has become … More

The post How organizations handle disruptive data sources appeared first on Help Net Security.

Bank of Valletta suspended all operations in wake of cyber attack

Maltese Bank of Valletta (BOV) has been breached by hackers and has temporarily suspended all of its operations to minimize risk and review its systems. The bank shuttered its braches across the island, disabled ATMs, internet and mobile banking and prevented its customers from using BOV cards for effecting payments in stores, hotels, restaurants, etc. What is known about the attack? According to Times of Malta, the attack was detected shortly after the start of … More

The post Bank of Valletta suspended all operations in wake of cyber attack appeared first on Help Net Security.

Trickbot becomes one of the most dangerous pieces of modular malware hitting enterprises

Along with Emotet, Trickbot has become one of the most versatile and dangerous pieces of modular malware hitting enterprise environments. Most recently, its creators have added another dangerous module to it, which allows it to extract and exfiltrate credentials from popular remote access software. Trickbot’s evolution Like Emotet, Trickbot started as a pure banking Trojan but was slowly developed through the years and now has many more additional capabilities. It can: Achieve persistence (through scheduled … More

The post Trickbot becomes one of the most dangerous pieces of modular malware hitting enterprises appeared first on Help Net Security.

Most companies anticipate a critical breach in 2019, CISOs need to prioritize threats

80 percent of IT business leaders anticipate a critical breach or successful cyberattack over the coming year, according to the Cyber Risk Index (CRI), a Trend Micro survey of more than 1,000 IT security professionals in the United States. The CRI survey was conducted to measure business risk based on the difference between organizations’ current security posture and their likelihood of attack, with the goal of helping CISOs and their teams better assess, protect, detect, … More

The post Most companies anticipate a critical breach in 2019, CISOs need to prioritize threats appeared first on Help Net Security.

Most wanted malware in January 2019: A new threat speaks up

Check Point’s Global Threat Index for January 2019 reveals a new backdoor Trojan affecting Linux servers, which is distributing the XMRig crypto-miner. The new malware, dubbed SpeakUp, is capable of delivering any payload and executing it on compromised machines. The new Trojan currently evades all security vendors’ anti-virus software. It has been propagated through a series of exploitations based on commands it receives from its control center, including the 8th most popular exploited vulnerability, “Command … More

The post Most wanted malware in January 2019: A new threat speaks up appeared first on Help Net Security.

NIST Cybersecurity Framework: Five years later

Five years after the release of the Framework for Improving Critical Infrastructure Cybersecurity, organizations across all sectors of the economy are creatively deploying this voluntary approach to better management of cybersecurity-related risks. The U.S. Department of Commerce’s National Institute of Standards and Technology (NIST) issued what is now widely known simply as the “NIST Cybersecurity Framework” on February 12, 2014. Its development was the result of a year-long collaborative process involving hundreds of organizations and … More

The post NIST Cybersecurity Framework: Five years later appeared first on Help Net Security.

Snapd flaw gives attackers root access on Linux systems

A vulnerability affecting Snapd – a package installed by default in Ubuntu and used by other Linux distributions such as Debian, OpenSUSE, Arch Linux, Fedora and Solus – may allow a local attacker to obtain administrator privileges, i.e., root access and total control of the system. About Snapd Snapd is a service used to deliver, update and manage apps (in the form of snap packages) on Linux distributions. “This service is installed automatically in Ubuntu … More

The post Snapd flaw gives attackers root access on Linux systems appeared first on Help Net Security.

February 2019 Patch Tuesday: PrivExchange hole plugged

For the February 2019 Patch Tuesday, Microsoft has released fixes for over 70 CVE-numbered vulnerabilities, 20 of which are rated Critical. Also rated Critical are the Adobe Flash security update (ADV190003, which carries a fix for CVE-2019-7090, an information disclosure flaw in Adobe Flash Player), and the latest servicing stack updates (ADV990001). Previously disclosed and exploited vulnerabilities “Two vulnerabilities were publicly disclosed previous to today’s releases,” notes Greg Wiseman, senior security researcher for Rapid7. “CVE-2019-0686, … More

The post February 2019 Patch Tuesday: PrivExchange hole plugged appeared first on Help Net Security.

SMBs spending a day each week dealing with cybersecurity issues

Almost half of UK small to medium-sized businesses (SMBs) believe a cyberattack would put their business at risk of closure, and 48 per cent of businesses report they have had to deprioritise activities that would help grow their business to address cybersecurity, a new research from Webroot reveals. The report, titled “Size Does Matter,” details the challenging climate for UK SMBs in a time of rapid political, economic and social change. Second only to Brexit, … More

The post SMBs spending a day each week dealing with cybersecurity issues appeared first on Help Net Security.

Healthcare email fraud: Attack attempts jump 473% over two years

Proofpoint found that healthcare organisations were targeted in 96 email fraud attacks on average in Q4 2018 – a 473 percent jump from Q1 2017. More than half of these organisations (53 percent) were attacked more often, with incidents up between 200 and 600 percent during the two-year period. Researchers analysed more than 160 billion emails sent across 150 countries in both 2017 and 2018 to identify email fraud attack trends targeting more than 450 … More

The post Healthcare email fraud: Attack attempts jump 473% over two years appeared first on Help Net Security.

Nearly two-thirds of organizations say tech skills gap is impacting IT audits

Technologies such as AI are reshaping the future of IT auditors, but auditors are largely optimistic about the future, according to new research from ISACA. In the Future of IT Audit, the results of a survey of more than 2,400 IT auditors worldwide, 92 percent of IT auditors responded that they are optimistic about how technology will impact them professionally over the next five years. Nearly 8 in 10 say their IT audit team has … More

The post Nearly two-thirds of organizations say tech skills gap is impacting IT audits appeared first on Help Net Security.

Impersonation, sender forgery and corporate email spoofing top the charts

This Q4 of 2018 was a busy period for phishing scammers. INKY researchers saw a spike in email volume this time of year as people use email to gather their receipts from online shopping, shipping notifications, returns, and virtual holiday greetings. For its 2018 Q4 email security report, the company pulled out the highest volume attack types and broke down each one. The majority of attacks that were analyzed showed an increase in target personalization, … More

The post Impersonation, sender forgery and corporate email spoofing top the charts appeared first on Help Net Security.

Hackers hit VFEmail, wipe US servers and backups

Unknown attackers have breached the servers of VFEmail and have wiped disks on every one of its US-based servers, the email provider has confirmed. At this time, the attacker has formatted all the disks on every server. Every VM is lost. Every file server is lost, every backup server is lost. NL was 100% hosted with a vastly smaller dataset. NL backups by the provideer were intact, and service should be up there. — VFEmail.net … More

The post Hackers hit VFEmail, wipe US servers and backups appeared first on Help Net Security.

RunC container escape flaw enables root access to host system

A serious vulnerability in runC, a widely used CLI tool for spawning and running containers, could be exploited to compromise the runC host binary from inside a privileged runC container, allowing the attacker to gain root access on the underlying host system. RunC is the container runtime underneath infrastructure and engines such as Docker, CRI-O, containerd, Kubernetes, etc. About the vulnerability (CVE-2019-5736) CVE-2019-5736 was reported by researchers Adam Iwaniuk and Borys Popławski to runC maintainers, … More

The post RunC container escape flaw enables root access to host system appeared first on Help Net Security.

Security wellness takes more than a fad diet

Every year, millions of people make the same New Year’s resolution: to lose weight and improve health. But by February, a mere thirty days or so into the year, stats show 75 percent of us have fallen off the wagon. The pitfalls are many, whether the resolution is vague and broad, or we neglect to set measurable goals and regular check-ins, or perhaps we’re just not really ready for change. Achieving a true state of … More

The post Security wellness takes more than a fad diet appeared first on Help Net Security.

Is 2019 the year national privacy law is established in the US?

Data breaches and privacy violations are now commonplace. Unfortunately, the consequences for US companies involved can be complicated. A company’s obligation to a person affected by a data breach depends in part on the laws of the state where the person resides. A person may be entitled to free credit monitoring for a specified period of time or may have the right to be notified of the breach sooner than somebody living in another state. … More

The post Is 2019 the year national privacy law is established in the US? appeared first on Help Net Security.

88% of UK businesses breached during the last 12 months

The UK’s cyber threat environment is intensifying. Attacks are growing in volume, and the average number of breaches has increased, according to Carbon Black. Key survey research findings: 88% of UK organizations reported suffering a breach in the last 12 months The average number of breaches per organization over the past year was 3.67 87% of organizations have seen an increase in attack volumes 89% of organizations say attacks have become more sophisticated 93% of … More

The post 88% of UK businesses breached during the last 12 months appeared first on Help Net Security.

People still shocked by how easy it is to track someone online

Netflix’s hit series You, has got people discussing their online privacy and traceability. However, McAfee, the device-to-cloud cybersecurity company, discovered less than a fifth (17%) of Brits who lost or had their phone stolen (43%) made any attempt to prevent criminals from accessing data stored on the device or in the cloud. Only 17% said they remotely locked or changed passwords and a mere 12% remotely erased data from the lost or stolen device to … More

The post People still shocked by how easy it is to track someone online appeared first on Help Net Security.

BEC-style attacks exploded in Q4 2018

Email remains the top vector for malware distribution and phishing, while BEC fraud continues to grow rapidly, Proofpoint warns in its Q4 2018 Threat Report. “The number of email fraud attacks against targeted companies increased 226% Quarter-on-Quarter and 476% vs. Q4 2017,” the company pointed out. “On average, companies targeted by BEC received about 120 fraudulent emails in the fourth quarter of the year, up from 36 in Q3 2018 and up from 21 in … More

The post BEC-style attacks exploded in Q4 2018 appeared first on Help Net Security.

Product showcase: Veriato Cerebral user & entity behavior analytics software

When it comes to identifying and stopping insider data security threats, actionable insights into people’s behaviors are invaluable. Employees involved in negative workplace events, contractors with access to critical systems and sensitive data, and departing employees all present elevated risks. Whether it’s a true insider exfiltrating data, or hackers leveraging compromised credentials to become an insider, behavior patterns can indicate both emerging and immediate risks to your security. Veriato Cerebral user & entity behavior analytics … More

The post Product showcase: Veriato Cerebral user & entity behavior analytics software appeared first on Help Net Security.

How can we improve adoption and ROI on security investments?

Traditionally, whenever employees are required to interact with security solutions, they push back because they don’t want their lives to be made more complicated with extra procedures and, essentially, clicks. Human behavior dictates that if there’s a tech roadblock, users will find a way around it to get their jobs done. In light of these work arounds, organizations often struggle to quantify how to reduce risk and improve compliance, which makes it harder to prove … More

The post How can we improve adoption and ROI on security investments? appeared first on Help Net Security.

Zero trust browsing: Protect your organization from its own users

To the casual observer, the cyberattack landscape is constantly shifting. In recent years, the threats and scams have evolved from Nigerian princes to stranded travelers, pop-ups warning of outdated software to ransomware, cryptojacking, phishing and spear phishing. Predictions for 2019 are full of dire warnings about the very-real explosion of phishing, backed by geometric increases in phishing sites as the number of malware sites drops. Just as 2018 predictions focused on cryptojacking and ransomware were … More

The post Zero trust browsing: Protect your organization from its own users appeared first on Help Net Security.

There’s a growing disconnect between data privacy expectations and reality

There is a growing disconnect between how companies capitalize on customer data and how consumers expect their data to be used, according to a global online survey commissioned by RSA Security. Consumer backlash in response to the numerous high-profile data breaches in recent years has exposed one of the hidden risks of digital transformation: loss of customer trust. According to the study, which surveyed more than 6,000 adults across France, Germany, the United Kingdom and … More

The post There’s a growing disconnect between data privacy expectations and reality appeared first on Help Net Security.

Average DDoS attack volumes grew by 194% in 12 months

The volume and complexity of DDoS attacks continued to grow in Europe during the final quarter of 2018, according to Link11. While Link11’s Security Operations Center (LSOC) registered 13,910 attacks in Q4 (12.7% down compared to Q3), the average attack volume grew by 8.7% to 5Gbps, and 59% of attacks used multiple attack vectors. Key findings of Link11’s Q4 DDoS report include: Average attack volumes grew by 194% in 12 months: In Q4 2018, average … More

The post Average DDoS attack volumes grew by 194% in 12 months appeared first on Help Net Security.

Adiantum: A new encryption scheme for low-end Android devices

Google has created an alternative disk and file encryption mode for low-end Android devices that don’t have enough computation power to use the Advanced Encryption Standard (AES). About Adiantum For the new encryption scheme, dubbed Adiantum, Google used existing standards, ciphers and hashing functions, but combined them in a more efficient way. Paul Crowley and Eric Biggers from the Android Security & Privacy Team noted that they have high confidence in the security of the … More

The post Adiantum: A new encryption scheme for low-end Android devices appeared first on Help Net Security.

Apple fixes FaceTime eavesdropping bug, two iOS zero-days

Apple has pushed out critical security updates for iOS and macOS, which fix the “Facepalm” FaceTime eavesdropping bug but also two zero-day flaws that, according to Google researchers, have been exploited in the wild. Fixed vulnerabilities The Facepalm bug (CVE-2019-6223) affects FaceTime Groups both on iOS and macOS, and was discovered by Grant Thompson, a high schooler from Arizona. After the existence of the flaw and demontration videos of its exploitation were made public, Apple … More

The post Apple fixes FaceTime eavesdropping bug, two iOS zero-days appeared first on Help Net Security.

New infosec products of the week: February 8, 2019

Masergy launches Secure Wi-Fi and extends protection into the customer LAN Masergy has launched Masergy Secure Wi-Fi as the latest feature in the ongoing evolution of the company’s Secure Hybrid Networking offering. The new capability delivers swift and secure enterprise-grade wireless network access to both high- and low-density areas including retail and corporate environments. Mitsubishi Electric develops security technology to detect attacks on equipment sensors Mitsubishi Electric announced that it has developed what is believed … More

The post New infosec products of the week: February 8, 2019 appeared first on Help Net Security.

DevOps and DevSecOps developments to watch in 2019

Some predictions are more accurate than others. Last year, I was sure that serverless would finally overtake containers—but then 2018 turned out to be the year of Kubernetes. In the San Francisco Bay Area, you couldn’t throw a rock without hitting an engineer talking about Kubernetes (or cryptocurrency, but let’s not go there.) That’s not stopping me from offering a fresh batch of hot-off-the-press predictions about DevOps and DevSecOps for 2019. It’s finally the year … More

The post DevOps and DevSecOps developments to watch in 2019 appeared first on Help Net Security.

Infosec pros believe data isn’t secure in the cloud, despite desire for mass adoption

65 percent of infosecurity professionals would like to store object data in the cloud, but 47 percent either don’t believe or are not sure if data in the cloud is as secure as in their own data center, according to a study by Ponemon Institute. The study looks at perceptions around on-premise and cloud-based data storage technologies across 483 IT and IT security professionals familiar with the benefits of object storage technology. The primary reasons … More

The post Infosec pros believe data isn’t secure in the cloud, despite desire for mass adoption appeared first on Help Net Security.

How today’s workforce stays secure and what apps it prefers

User-focused security apps KnowBe4, LastPass, and Proofpoint dominate the list of fastest growing apps within enterprises, according to Okta. “KnowBe4 in particular is fulfilling a clear market need: less than half of survey respondents have ever participated in cybersecurity training at work,” the company noted in its latest Businesses @ Work report, which is based on data collected between November 1, 2017 to October 31, 2018 from its Okta Integration Network. Most popular apps Microsoft … More

The post How today’s workforce stays secure and what apps it prefers appeared first on Help Net Security.

What do successful pentesting attacks have in common?

In external penetration testing undertaken for corporate clients in industrial, financial, and transport verticals in 2018, Positive Technologies found that, at the vast majority of companies, there were multiple vectors in which an attacker could reach the internal network. Full control of infrastructure was obtained on all tested systems in internal pentesting. In addition, the testers obtained access to critical resources such as ICS equipment, SWIFT transfers, and ATM management. These statistics are based on … More

The post What do successful pentesting attacks have in common? appeared first on Help Net Security.

Lookalike domains: Artificial intelligence may come to the rescue

In the world of network security, hackers often use lookalike domains to trick users to unintended and unwanted web sites, to deliver malicious software into or to send data out of victim’s network, taking advantage of the fact that it’s hard to tell the difference between those domains and the targets they look alike. For example, in a recent card skimming malware attack, domain google-analyitics.org was used to receive collected payment card data (there is … More

The post Lookalike domains: Artificial intelligence may come to the rescue appeared first on Help Net Security.

Malicious macros can trigger RCE in LibreOffice, OpenOffice

Achieving remote code execution on systems running LibreOffice or Apache OpenOffice might be as easy as tricking users into opening a malicious ODT (OpenDocument) file and moving their mouse over it, a security researcher has found. About CVE-2018-16858 CVE-2018-16858 takes advantage of a LibreOffice feature where documents can specify that pre-installed macros can be executed on various document events (e.g. mouse-over-object). “Prior to 6.0.7/6.1.3 LibreOffice was vulnerable to a directory traversal attack where it was … More

The post Malicious macros can trigger RCE in LibreOffice, OpenOffice appeared first on Help Net Security.

The problem with vulnerable IoT companion apps

There’s no shortage of exploitable security holes in widely used Internet of Things devices, so it shouldn’t come as a surprise that the communication between many of those devices and their companion apps is not encrypted. The research A group of researchers from Brazil’s Federal University of Pernambuco and the University of Michigan have analyzed 32 unique companion Android apps for 96 WiFi and Bluetooth-enabled devices popular on Amazon. They searched for answers to the … More

The post The problem with vulnerable IoT companion apps appeared first on Help Net Security.

Google’s new Chrome extension flags insecure passwords

As the number of compromised and leaked credentials rises inexorably with each passing day, Google has decided to help users choose safe combinations for all their online accounts. To that end, the company has released a new Chrome extension called Password Checkup. About Password Checkup Once installed, Password Checkup appears in the browser bar. It springs into action when the user uses a username/password combination that is one of over 4 billion that Google knows … More

The post Google’s new Chrome extension flags insecure passwords appeared first on Help Net Security.

5 reasons why asset management is a hot topic in 2019

Sometimes buzzwords are good predictors of what organizations see as priorities in a given year. If you surveyed both the revenue-generating and security functions of enterprises in 2019, you would hear two terms often repeated: digital transformation and zero trust. While the two terms may seem at linguistic odds, the idea that organizations must embrace the digital age to drive growth and operate more efficiently while simultaneously maintaining adequate information security makes sense. It won’t … More

The post 5 reasons why asset management is a hot topic in 2019 appeared first on Help Net Security.

The impact of cyber-enabled economic warfare escalation

The results of a tabletop exercise on cyber-enabled economic warfare find that when a large-scale destructive cyberattack occurs, the United States and the private sector must already have in place the resources and methods to share information in order to mitigate the attack and recover from it quickly, according to a joint report by the Foundation for Defense of Democracies (FDD) and The Chertoff Group. The exercise, which featured former senior government officials and private … More

The post The impact of cyber-enabled economic warfare escalation appeared first on Help Net Security.

70 real-life hackers and cybersecurity practitioners share their personal insights

Entering the information security industry can be a formidable undertaking and renowned professionals often seem larger than life and unapproachable (even though most are on Twitter and their email address is public). Luckily for us all, Marcus J. Carey and Jennifer Jin have the ear of some of the biggest names in the field and have decided to generously share that access. Their book Tribe of Hackers: Cybersecurity Advice from the Best Hackers in the … More

The post 70 real-life hackers and cybersecurity practitioners share their personal insights appeared first on Help Net Security.

RSA Conference announces finalists for Innovation Sandbox Contest 2019

RSA Conference announced the 10 finalists for its annual RSAC Innovation Sandbox Contest. The competition is dedicated to providing innovative startups a platform to showcase their groundbreaking technologies that have the potential to transform the information security industry. Past winners include companies such as Phantom, Invincea, UnifyID and, most recently, BigID. Dr. Herbert (Hugh) Thompson On Monday, March 4, the Top 10 finalists listed below will present a three-minute quick-pitch followed by Q&A with a … More

The post RSA Conference announces finalists for Innovation Sandbox Contest 2019 appeared first on Help Net Security.

Why vaporworms might be the scourge of 2019

Not too long ago, the WatchGuard Threat Lab predicted the emergence of vaporworms as a major new cyber threat that will affect organizations of all sizes in 2019. We coined the term to describe a new breed of fileless malware with self-propagating, wormlike properties. At the time of the initial prediction, our team was fairly sure this idea was more than conjecture, but now the advent of the vaporworm in 2019 seems to be an … More

The post Why vaporworms might be the scourge of 2019 appeared first on Help Net Security.

AI won’t solve all of our cybersecurity problems

AI is already supporting businesses with tasks ranging from determining marketing strategies, to driverless cars, to providing personalized film and music recommendations. And its use is expected to grow even further in the coming years. In fact, IDC found that spending on cognitive and AI systems will reach $77.6 billion in 2022, more than three times the $24.0 billion forecast for 2018. But the question remains – can businesses expect AI adoption to effectively protect … More

The post AI won’t solve all of our cybersecurity problems appeared first on Help Net Security.

eBook: The DevOps Roadmap for Security

DevOps is concerned with uniting two particular tribes: development and operations. These tribes have seemingly competing priorities: developers value features while operations value stability. These contradictions are largely mitigated by DevOps. A strong argument could be made that the values of the security tribe – defensibility – could just as easily be brought into the fold, forming a triumvirate under the DevSecOps umbrella. The security tribe’s way forward is to find ways to unify with … More

The post eBook: The DevOps Roadmap for Security appeared first on Help Net Security.

Four differences between the GDPR and the CCPA

By passing the California Consumer Privacy Act (CCPA), which goes into effect on January 1, 2020, the Golden State is taking a major step in the protection of consumer data. The new law gives consumers insight into and control of their personal information collected online. This follows a growing number of privacy concerns around corporate access to and sales of personal information with leading tech companies like Facebook and Google. The bill was signed by … More

The post Four differences between the GDPR and the CCPA appeared first on Help Net Security.

CISOs: Change your mindset or lose your job

Capgemini commissioned IDC to produce a new piece of research, which reveals the increasing pressure on the Chief Information Security Officer to drive forward digital transformation – or risk losing their seat at the table when it comes to key business decisions. Whilst CISOs are now involved in 90% of significant business decisions, the research found that just 25% of business executives perceive CISOs as proactively enabling digital transformation – which is a key goal … More

The post CISOs: Change your mindset or lose your job appeared first on Help Net Security.

Evaluating the biggest cyber threats to the electric power sector

The network of power plants and lines connecting to homes and businesses is widely considered to be among the most critical infrastructure in the world. It’s also one of the most frequently attacked, with consequences that could potentially reach far beyond the power sector. A new Deloitte Global report, “Managing cyber risk in the electric power sector,” evaluates the biggest cyberthreats to the electric power sector and suggests how companies can manage these risks. The … More

The post Evaluating the biggest cyber threats to the electric power sector appeared first on Help Net Security.

Email authentication use growing steadily in every industry sector

U.S. federal government agencies and many major enterprises have made significant strides to thwart the spread of fake emails, a major cybersecurity attack vector. But many organizations remain susceptible because they’re still not using readily available open standards-based technologies that prevent these fakes from reaching end-user inboxes. Valimail’s “Email Fraud Landscape, Q4 2018” indicates that the fight against fake email is advancing around the world — but email fraud remains a widespread and pernicious problem. … More

The post Email authentication use growing steadily in every industry sector appeared first on Help Net Security.

RSA Conference 2019 USA: What you can expect at this year’s event

It’s that time of year: RSA Conference 2019 USA is a little over a month away. To prepare, we asked Britta Glade, Director of Content and Curation for RSA Conference, to tell us more about this year’s event. Read our Q&A for more on what’s in store at the world’s largest gathering of information security professionals. What have been the major security developments in the past year, and how have these informed the conference agenda … More

The post RSA Conference 2019 USA: What you can expect at this year’s event appeared first on Help Net Security.

Most Magento shops get compromised via vulnerable extensions

Vulnerable third party extensions (modules) are now the main source of Magento hacks, says security researcher and Magento forensics investigator Willem de Groot. “The method is straightforward: attacker uses an extension bug to hack into a Magento store. Once in, they download all of the other installed extensions. The attacker then searches the downloaded code for 0day security issues, such as POI, SQLi and XSS flaws. Once found, the attacker launches a global scan to … More

The post Most Magento shops get compromised via vulnerable extensions appeared first on Help Net Security.

Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users

5G cellular mobile communications, when implemented, are expected to provide high bandwidth, low latency, energy savings, better connectivity, but security and privacy must also be assured. The security challenges are many but, luckily for us all, researchers are already probing the draft standard for weaknesses. Much of the research has focused on the security and privacy of 5G AKA, the Authenticated Key Exchange standardized by the 3rd Generation Partnership Project (3GPP) for 5G. A new, … More

The post Researchers reveal new privacy attack against 3G, 4G, and 5G mobile users appeared first on Help Net Security.

Safeguarding your data from human error and phishing attacks with the cloud

This is the third article of a series, the first article is available here, and the second one is here. In a world of ransomware attacks, companies should prepare for the worst-case scenario by having smart backup strategies in place to mitigate any potential damage. The public cloud ensures that your information is always backed up and encrypted. Encrypting backup files in the cloud adds an extra layer of protection against unwelcome external parties. Unlike … More

The post Safeguarding your data from human error and phishing attacks with the cloud appeared first on Help Net Security.

Is your organization ready for the data explosion?

“Data is the new oil” and its quantity is growing at an exponential rate, with IDC forecasting a 50-fold increase from 2010 to 2020. In fact, by 2020, it’s estimated that new information generated each second for every human being will approximate to 1.7 megabytes. This creates bigger operational issues for organizations, with both NetOps and SecOps teams grappling to achieve superior performance, security, speed and network visibility. This delicate balancing act will become even … More

The post Is your organization ready for the data explosion? appeared first on Help Net Security.

Employees report 23,000 phishing incidents annually, costing $4.3 million to investigate

Account takeover-based (ATO) attacks now comprise 20 percent of advanced email attacks, according to Agari’s Q1 2019 Email Fraud & Identity Deception Trends report. ATO attacks are dangerous because they are more difficult to detect than traditional attacks – compromised accounts seem legitimate to email filters and end users alike because they are sent from a real sender’s email account. “Credential phishing was already a huge risk for organizations because of the potential for data … More

The post Employees report 23,000 phishing incidents annually, costing $4.3 million to investigate appeared first on Help Net Security.

Companies getting serious about AI and analytics, 58% are evaluating data science platforms

New O’Reilly research found that 58 percent of today’s companies are either building or evaluating data science platforms – which are essential for companies that are keen on growing their data science teams and machine learning capabilities – while 85 percent of companies already have data infrastructure in the cloud. Companies are building or evaluating solutions in foundational technologies needed to sustain success in analytics and AI. These include data integration and Extract, Transform and … More

The post Companies getting serious about AI and analytics, 58% are evaluating data science platforms appeared first on Help Net Security.

New Mac malware steals cookies, cryptocurrency and computing power

A new piece of Mac malware is looking to steal both the targets’ computing power and their cryptocurrency stash, Palo Alto Networks researchers warn. About the CookieMiner malware Dubbed CookieMiner on account of its cookie-stealing capabilities, this newly discovered malware is believed to be based on DarthMiner, another recently detected Mac malware that combines the EmPyre backdoor and the XMRig cryptominer. Like DarthMiner, CookieMiner uses the EmPyre backdoor for post-exploitation control. This agent checks if … More

The post New Mac malware steals cookies, cryptocurrency and computing power appeared first on Help Net Security.

Google also abused its Apple developer certificate to collect iOS user data

It turns out that Google, like Facebook, abused its Apple Enterprise Developer Certificate to distribute a data collection app to iOS users, in direct contravention of Apple’s rules for the distribution program. Unlike Facebook, though, the company did not wait for Apple to revoke their certificate. Instead, they quickly to disabled the app on iOS devices, admitted their mistake and extended a public apology to Apple. Google’s app Google’s Screenwise Meter app is very similar … More

The post Google also abused its Apple developer certificate to collect iOS user data appeared first on Help Net Security.

Taking ethical action in identity: 5 steps for better biometrics

Glance at your phone. Tap a screen. Secure access granted! This is the power of biometric identity at work. The convenience of unlocking your phone with a fingertip or your face is undeniable. But ethical issues abound in the biometrics field. The film Minority Report demonstrated one possible future, in terms of precise advertising targeting based on a face. But the Spielberg film also demonstrated some of the downsides of biometrics – the stunning lack … More

The post Taking ethical action in identity: 5 steps for better biometrics appeared first on Help Net Security.

Microsoft rolls out new tools for enterprise security and compliance teams

Microsoft has announced a number of new capabilities and improvements for tools used by enterprise administrators. New Microsoft 365 security and compliance centers The new Microsoft 365 security center allows security administrators and other risk management professionals to manage and take full advantage of Microsoft 365 intelligent security solutions for identity and access management, threat protection, information protection, and security management. The new Microsoft 365 compliance center allows compliance, privacy, and risk management professionals to … More

The post Microsoft rolls out new tools for enterprise security and compliance teams appeared first on Help Net Security.

eCommerce credit card fraud is nearly an inevitability

Riskified surveyed 5,000 US-based consumers aged 18 and older about their online shopping behaviors, experience with and prevalence of credit card fraud, repeat shopping likelihood and customer satisfaction to develop a full picture of how consumers react to a number of common shopping experiences. The results are worrisome for both consumers and merchants, as roughly half of respondents reported experience with credit card fraud and 30% had their purchase wrongly declined, with a corresponding negative … More

The post eCommerce credit card fraud is nearly an inevitability appeared first on Help Net Security.

Free training course material on network forensics for cybersecurity specialists

Based on current best practices, the training includes performance indicators and means that will help those who take it increase their operational skills of tackling cyber incidents. Network forensics is more important than ever, since more and more data is sent via networks and the internet. When there is a security incident, network forensics can help reduce the time needed to go from Detection to Containment – an essential step in any major security incident. … More

The post Free training course material on network forensics for cybersecurity specialists appeared first on Help Net Security.

Facebook to shut down iOS app that allowed for near total data access

When Apple banned its Onavo VPN app from its App Store last summer, Facebook took repackaged the app, named it “Facebook Research” and offered it for download through three app beta testing services, TechCrunch has discovered. About the Facebook Research app Facebook used the Onavo app to collect the aforementioned data of both Android and iOS users and, based on the information gleaned from it, made decisions to acquire competing apps and add popular features … More

The post Facebook to shut down iOS app that allowed for near total data access appeared first on Help Net Security.

Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65

Mozilla has released Firefox 65, which includes enhanced, configurable protection against online tracking. The organization has also published an official anti tracking policy that effectively maps out the direction which its popular browser will take when it comes to blocking online tracking. Enhanced Tracking Protection controls Firefox 65 carries a number of improvements and various security fixes, but the one that gets most attention is enhanced tracking protection through simplified content blocking settings. Users can … More

The post Mozilla releases anti tracking policy, enhances tracking protection in Firefox 65 appeared first on Help Net Security.

Enterprises are struggling with cloud complexity and security

The rush to digital transformation is putting sensitive data at risk for organizations worldwide according to the 2019 Thales Data Threat Report – Global Edition with research and analysis from IDC. As organizations embrace new technologies, such as multi-cloud deployments, they are struggling to implement proper data security. Greatest data security threats “Our research shows that no organization is immune from data security threats and, in fact, we found that the most sophisticated organizations are … More

The post Enterprises are struggling with cloud complexity and security appeared first on Help Net Security.

The biggest cybersecurity challenge? Communicating threats internally

IT executives responsible for cybersecurity feel a lack of support from company leaders, and 33 percent feel completely isolated in their role, according to Trend Micro. IT teams are under significant pressure, with some of the challenges cited including prioritizing emerging threats (47 percent) and keeping track of a fractured security environment (43 percent). The survey showed that they are feeling the weight of this responsibility, with many (34 percent) stating that the burden they … More

The post The biggest cybersecurity challenge? Communicating threats internally appeared first on Help Net Security.

$1.7 billion in cryptocurrency was stolen and scammed in 2018

$1.7 billion in cryptocurrency was stolen and scammed in 2018 — a dramatic rise in criminal activity despite a slump in the market, according to CipherTrace. Criminals need to launder all these funds in order to cash out before a wave of regulations go into effect in 2019. Theft from cryptocurrency exchanges accounted for the majority of the criminal activity: more than $950 million was stolen in 2018, representing 3.6 times more than in 2017. … More

The post $1.7 billion in cryptocurrency was stolen and scammed in 2018 appeared first on Help Net Security.

Exploring opportunities for infosec pros to use their skills to fight for social change

RSA Conference has teamed up with cybersecurity expert Bruce Schneier and the Ford Foundation to host the first full-day Public Interest Technologist Track, Bridging the Gap: Cybersecurity + Public Interest Tech, during RSA Conference 2019 in San Francisco. Set to take place March 7, 2019, the event consists of six sessions highlighting public interest technologists inside governments, as part of civil society, at universities, and in corporate environments. “All security policy issues have strong technology … More

The post Exploring opportunities for infosec pros to use their skills to fight for social change appeared first on Help Net Security.

Critical FaceTime bug turns iPhones, Macs into eavesdropping tools

A shocking and easily exploitable FaceTime bug allows people to listen in on other users of Apple devices by simply calling them through the service. The bug apparently affects Group FaceTime and Apple has reacted by making the service unavailable until they can push out a fix. Exploitation of the FaceTime bug The bug was first reported by 9to5Mac and then replicated and confirmed by others. The gist of it is this: it allows the … More

The post Critical FaceTime bug turns iPhones, Macs into eavesdropping tools appeared first on Help Net Security.

Emotet: A veritable Swiss Army knife of malicious capabilities

Formerly just a banking Trojan, Emotet is now one of the most dangerous and multifaceted malware out there. According to Malwarebytes, it and Trickbot are part of the reason why Trojans topped their list of most common business detections in 2018. Emotet’s capabilities Emotet’s initial incarnation dates back to 2014 but, in the intervening years, it has become a veritable Swiss Army knife of malicious capabilities. It can: Download additional malware (often Trickbot) Collect information … More

The post Emotet: A veritable Swiss Army knife of malicious capabilities appeared first on Help Net Security.

Global IT spending to reach $3.8 trillion in 2019, up 3.2% from 2018

Worldwide IT spending is projected to total $3.76 trillion in 2019, an increase of 3.2 percent from 2018, according to the latest forecast by Gartner. Worldwide IT spending forecast (billions of U.S. dollars) “Despite uncertainty fueled by recession rumors, Brexit, and trade wars and tariffs, the likely scenario for IT spending in 2019 is growth,” said John-David Lovelock, research vice president at Gartner. “However, there are a lot of dynamic changes happening in regards to … More

The post Global IT spending to reach $3.8 trillion in 2019, up 3.2% from 2018 appeared first on Help Net Security.

What steps consumers need to take to protect themselves online

Yesterday was Data Privacy Day, so McAfee warned consumers that cybercriminals are continuing to access personal information through weak passwords, phishing emails, connected things, malicious apps and unsecure Wi-Fi networks. Weak Passwords Consumers often pick simple passwords for the multiple accounts they use daily, not realizing that choosing weak passwords can open the door to identity theft and identity. Tip: Use strong passwords that include uppercase and lowercase letters, numbers and symbols. Don’t use the … More

The post What steps consumers need to take to protect themselves online appeared first on Help Net Security.

ENISA outlines top cyber threats and trends in 2018

In 2018, the cyber threat landscape changed significantly. The most important threat agent groups, namely cyber-criminals and state-sponsored actors have further advanced their motives and tactics. Monetisation motives contributed to the appearance of crypto-miners in the top 15 cyber threats. Advances in defence have also been assessed: law enforcement authorities, governments and vendors were able to further develop active defence practices such as threat agent profiling and the combination of cyber threat intelligence (CTI) and … More

The post ENISA outlines top cyber threats and trends in 2018 appeared first on Help Net Security.

Industry reactions to Data Privacy Day 2019

The purpose of Data Privacy Day is to raise awareness and promote privacy and data protection best practices. Data Privacy Day began in the United States and Canada in January 2008 as an extension of the Data Protection Day celebration in Europe. Data Privacy Day is observed annually on Jan. 28. Cindy Provin, CEO, nCipher Security These high profile policy developments are sending a signal that the days of using personal data for commercial advantage … More

The post Industry reactions to Data Privacy Day 2019 appeared first on Help Net Security.

How to know when you’re ready for a fractional CISO

Many companies eventually find themselves in the following situation: they’re growing, their technology, infrastructure and teams are expanding, perhaps a M&A is on the horizon, and the board is asking pointed questions about security. It’s usually at this point that a business starts to notice fissures in the walls of what once felt like a tightly locked structure. New challenges in operations, culture, and security begin to arise. Inevitably, when a company hits this phase … More

The post How to know when you’re ready for a fractional CISO appeared first on Help Net Security.

How accepting that your network will get hacked will help you develop a plan to recover faster

As anyone in the network security world will tell you, it is an extremely intense and stressful job to protect the corporate network from ever-evolving security threats. For a security team, a 99 percent success rate is still a complete failure. That one time a hacker, piece of malware, or DDoS attack brings down your organization’s network (or network availability) is all that matters. It’s even more frustrating when you consider that the proverbial ‘bad … More

The post How accepting that your network will get hacked will help you develop a plan to recover faster appeared first on Help Net Security.

Webinar: Automate compliance audits without the staff

With so many consequential data breaches in the past decade, data security and privacy are top of mind issues for security leaders and corporate boards. Numerous government and industry regulations like HIPAA, PCI, GDPR, and FERPA are designed to focus attention on securing data and keeping personal information private. Agile and DevOps development models are moving too quickly for manual security assurance and compliance validation. Join Data Theorem Thursday, January 31st @ 11:00am PST to … More

The post Webinar: Automate compliance audits without the staff appeared first on Help Net Security.

Vulnerable cloud infrastructure experiencing increasing attacks

Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn. Some attacks are fairly trivial, but others are multi-vector/multi-platform threats where multiple functionalities are combined as part of the same malicious threat (e.g., XBash, which combines cryptomining, ransomware and botnet/worm activity). The way in The attacks are automated and probe the infrastructure and cloud services for vulnerabilities and/or weak or default login credentials. Among the … More

The post Vulnerable cloud infrastructure experiencing increasing attacks appeared first on Help Net Security.

Researcher warns of privilege escalation flaw in Check Point ZoneAlarm

Illumant researcher Chris Anastasio has discovered a serious vulnerability in Check Point’s security software. It affects ZoneAlarm Free Firewall and ZoneAlarm Free Antivirus + Firewall and, if exploited, it may allow a malicious user with low privilege access to escalate privileges to SYSTEM level. WCF and self-signed code in the spotlight The vulnerability is due to insecure implementation of services developed using Windows Communication Foundation or “WCF.” It targets a .NET service in ZoneAlarm that … More

The post Researcher warns of privilege escalation flaw in Check Point ZoneAlarm appeared first on Help Net Security.

GDPR-ready organizations see lowest incidence of data breaches

Organizations worldwide that invested in maturing their data privacy practices are now realizing tangible business benefits from these investments, according to Cisco’s 2019 Data Privacy Benchmark Study. The study validates the link between good privacy practice and business benefits as respondents report shorter sales delays as well as fewer and less costly data breaches. Business benefits of privacy investments The GDPR, which focused on increasing protection for EU residents’ privacy and personal data, became enforceable … More

The post GDPR-ready organizations see lowest incidence of data breaches appeared first on Help Net Security.

New infosec products of the week: January 25, 2019

Threat Stack announces new API for streamlined DevOps and security workflows The new API will allow for the suppression and dismissal of alerts from existing tools, streamlining incident response workflows and reducing the mean time to response (MTTR). The ability to disable and enable rules will also enable Threat Stack customers to conduct system maintenance without interrupting DevOps and security teams or increasing the number of false positive alerts. Cohesity backup solution prevents, detects, and … More

The post New infosec products of the week: January 25, 2019 appeared first on Help Net Security.

83% of global respondents experienced phishing attacks in 2018

Proofpoint analyzed data from tens of millions of simulated phishing attacks sent over a one-year period, along with nearly 15,000 cybersecurity professional survey responses, to provide an in-depth look at state of global phishing attacks. Overall, 83 percent of global infosecurity respondents experienced phishing attacks in 2018, up from 76 percent in 2017, and nearly 60 percent saw an increase in employee detection following security awareness training. In addition, more organizations were affected by all … More

The post 83% of global respondents experienced phishing attacks in 2018 appeared first on Help Net Security.

The most effective security strategies to guard sensitive information

Today’s enterprise IT infrastructures are not largely hosted in the public cloud, nor are they SaaS-based, with security being the single largest barrier when it comes to cloud and SaaS adoption. With the recent rise in breaches and privacy incidents, enterprises are prioritizing the protection of their customers’ personally identifiable information, according to Ping Identity. Most infrastructure is hybrid Less than one quarter (21%) of IT and security professionals say that more than one half … More

The post The most effective security strategies to guard sensitive information appeared first on Help Net Security.

Enterprises turn to MSPs to mitigate huge skills gap concerns

A huge skills gap coupled with security worries is driving IT decision makers to engage Managed Service Providers (MSPs) to handle their IT needs, according to NTT Com. Of the 417 IT decision makers in the US from large enterprises across all industries who participated in the research study, 26 percent put security risks as their biggest challenge in managing in-house IT. This was followed by infrastructure complexity (10 percent). In addition, 16.5 percent said … More

The post Enterprises turn to MSPs to mitigate huge skills gap concerns appeared first on Help Net Security.

PHP PEAR supply chain attack: Backdoor added to installer

Some additional details have emerged about the recent security breach involving the PHP PEAR (PHP Extension and Application Repository) webserver, but much is still unknown. What happened? The PEAR project maintains a system for distributing PHP software code and for managing free code libraries (aka packages) written in the popular programming language. On Saturday, the project’s site (located at pear.php.net) has been temporarily disabled and visitors were pointed towards a short warning saying that anyone … More

The post PHP PEAR supply chain attack: Backdoor added to installer appeared first on Help Net Security.

Cisco fixes security holes in SD-WAN, Webex, Small Business routers

Cisco has fixed a heap of security holes in a variety of its products, including a critical one affecting its SD-WAN Solution. Cisco SD-WAN vulnerabilities The most critical among the flaws fixed are a buffer overflow vulnerability (CVE-2019-1651) and a high risk unauthorized access flaw (CVE-2019-1647) affecting any Cisco vSmart Controller Software versions running a release of the Cisco SD-WAN Solution prior to 18.4.0. CVE-2019-1651 could be exploited by sending a malicious file to an … More

The post Cisco fixes security holes in SD-WAN, Webex, Small Business routers appeared first on Help Net Security.

Organizations waste money storing useless IT hardware

A survey of 600 data center experts from APAC, Europe and North America reveals that two in five organizations that store their data in-house spend more than $100,000 storing useless IT hardware that could pose a security or compliance risk. Astonishingly, 54 percent of these companies have been cited at least once or twice by regulators or governing bodies for noncompliance with international data protection laws. Fines of up to $1.5 million could be issued … More

The post Organizations waste money storing useless IT hardware appeared first on Help Net Security.

Branching out more efficiently and securely with SD-WAN

As enterprises expand, through organic growth or acquisition, they need to support the IT needs of more distributed locations. These often include teams in shared office spaces versus enterprise-owned or leased facilities. To serve remote locations and users, enterprises are rapidly moving toward cloud-based applications including Unified Communications as a Service (UCaaS). As always, IT teams are under pressure to contain costs and are turning to Software Defined Wide Area Networks (SD-WAN) to play a … More

The post Branching out more efficiently and securely with SD-WAN appeared first on Help Net Security.

Reimagining risk management to mitigate looming economic dangers

In a volatile market environment and with the edict to “do more with less,” many financial institutions are beginning efforts to reengineer their risk management programs, according to a new survey by Deloitte Global, with emerging technologies in the driver’s seat. Seventy percent of the financial services executives surveyed said their institutions have either recently completed an update of their risk management program or have one in progress, while an additional 12 percent said they … More

The post Reimagining risk management to mitigate looming economic dangers appeared first on Help Net Security.

Microsoft remains the most impersonated brand, Netflix phishing spikes

Although Microsoft remains the top target for phishers, Netflix saw an incredible surge in Dec., making it the second most impersonated brand in Q4 2018, according to Vade Secure. Microsoft remains the #1 impersonated brand, receiving more than 2.3 times the number of phishing URLs than Netflix. One credential can provide hackers with a single entry point to all of the apps under the Office 365 platform—as well as the files, data, contacts, etc. stored … More

The post Microsoft remains the most impersonated brand, Netflix phishing spikes appeared first on Help Net Security.

Cyberattacks fueled by geopolitical tension are increasing

Billions of personal records were stolen in 2018, unearthed in breaches that successfully targeted household names in government, technology, healthcare, travel and hospitality. Compounding the problem has been increased geopolitical tension between western democracies and countries like Russia, China and North Korea. Modern cyberattacks appear to increasingly be fueled by geopolitical tension and reveal how clever attackers have become in evolving to remain undetected — using techniques such as lateral movement, island hopping and counter … More

The post Cyberattacks fueled by geopolitical tension are increasing appeared first on Help Net Security.

Apple delivers security patches, plugs an RCE achievable via FaceTime

Apple has released a new set of updates for its various products, plugging a wide variety of vulnerabilities. WatchOS, tvOS, Safari and iCloud Let’s start with “lightest” security updates: iCloud for Windows 7.10 brings fixes for memory corruption, logic and type confusion issues in the WebKit browser engine, all of which can be triggered via maliciously crafted web content and most of which may lead to arbitrary code execution. The update also carries patches for … More

The post Apple delivers security patches, plugs an RCE achievable via FaceTime appeared first on Help Net Security.

Most out of date applications exposed: Shockwave, VLC and Skype top the list

More than half (55%) of PC applications installed worldwide are out-of-date, making PC users and their personal data vulnerable to security risks. Avast’s PC Trends Report 2019 found that users are making themselves vulnerable by not implementing security patches and keeping outdated versions of popular applications on their PCs. The applications where updates are most frequently neglected include Adobe Shockwave (96%), VLC Media Player (94%) and Skype (94%). The report, which uses anonymized and aggregated … More

The post Most out of date applications exposed: Shockwave, VLC and Skype top the list appeared first on Help Net Security.

0patch releases micropatch for Windows Contacts RCE zero-day

ACROS Security, the creators of 0patch, have released a micropatch for a recently revealed zero-day RCE flaw affecting Windows. About the vulnerability and the micropatch Security researcher John Page (aka Hyp3rlinx) published the details about the vulnerability and PoC exploit code after Microsoft failed to fix the issue within 90 days of it being reported. “The issue was initially reported as related to VCF files (which are by default associated with the Windows Contacts application) … More

The post 0patch releases micropatch for Windows Contacts RCE zero-day appeared first on Help Net Security.

Industry reactions to Google’s €50 million GDPR violation fine

On 21 January 2019, the French National Data Protection Commission (CNIL) imposed a financial penalty of €50 million against Google, in accordance with the GDPR. This is the first time that the CNIL applies the new sanction limits provided by the GDPR. The amount decided and the publicity of the fine are justified by the severity of the infringements observed regarding the essential principles of the GDPR: transparency, information and consent. Here are some reactions … More

The post Industry reactions to Google’s €50 million GDPR violation fine appeared first on Help Net Security.

Business resilience should be a core company strategy, so why are businesses struggling to take action?

A recent survey showed that only 51% of U.S. business decision makers say their organization is definitely as resilient as it needs to be against disruptions such as cyber threats. In addition, the survey showed that 96% of U.S. business decision makers claim business resilience should be a core company strategy. If 96% of business decision makers realize this, why are organizations still struggling to protect themselves against cybercrime and technology-based disruption? IT teams face … More

The post Business resilience should be a core company strategy, so why are businesses struggling to take action? appeared first on Help Net Security.

Agents of disruption: Four testing topics argue the case for agentless security

Let me introduce myself. I’m a set of flaws in your otherwise perfect, agent-based security world. Like all disruptive agents, I derail your best-laid plans with expensive havoc; but in my case I create sticky situations inside your multi-cloud arrangement. You may be thinking that the premise of this article is bogus, because most cloud-based security systems automate the deployment and management of agents; and any one of those and their kid can microsegment and … More

The post Agents of disruption: Four testing topics argue the case for agentless security appeared first on Help Net Security.

SSDP amplification attacks rose 639%

The Nexusguard Q3 2018 Threat Report has revealed the emergence of an extremely stealthy DDoS attack pattern targeting communications service providers (CSPs). Comparison between normal attack traffic and attack traffic with legitimate traffic This new vector exploits the large attack surface of ASN-level (autonomous system number) CSPs by spreading tiny attack traffic across hundreds of IP addresses to evade detection. The ongoing evolution of DDoS methods suggests that CSPs need to enhance their network security … More

The post SSDP amplification attacks rose 639% appeared first on Help Net Security.

Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution

A vulnerability in the firmware of a Wi-Fi chipset that is widely used in laptops, streaming, gaming and a variety of “smart” devices can be exploited to compromise them without user interaction. The research and the discovered flaws The discovery was made by Embedi researcher Denis Selianin, who decided to first analyze the code of the Marvell Avastar Wi-Fi driver code, which loads firmware to Wi-Fi SoC (system on chip), and then to engage in … More

The post Bug in widespread Wi-Fi chipset firmware can lead to zero-click code execution appeared first on Help Net Security.

Beware the man in the cloud: How to protect against a new breed of cyberattack

One malicious tactic that has become quite prevalent in recent years is known as a ‘man in the cloud’ (MitC) attack. This attack aims to access victims’ accounts without the need to obtain compromised user credentials beforehand. Below, this article explains the anatomy of MitC attacks and offers practical advice about what can be done to defend against them. What is MitC attack? To gain access to cloud accounts, MitC attacks take advantage of the … More

The post Beware the man in the cloud: How to protect against a new breed of cyberattack appeared first on Help Net Security.

Machine learning trumps AI for security analysts

While machine learning is one of the biggest buzzwords in cybersecurity and the tech industry in general, the phrase itself is often overused and mis-applied, leaving many to have their own, incorrect definition of what machine learning actually is. So, how do you cut through all the noise to separate fact from fiction? And how can this tool be best applied to security operations? What is machine learning? Machine learning (ML) is an algorithm that … More

The post Machine learning trumps AI for security analysts appeared first on Help Net Security.

Cybercrime could cost companies trillions over the next five years

Companies globally could incur $5.2 trillion in additional costs and lost revenue over the next five years due to cyberattacks, as dependency on complex internet-enabled business models outpaces the ability to introduce adequate safeguards that protect critical assets, according to Accenture. Based on a survey of more than 1,700 CEOs and other C-suite executives around the globe, the report — Securing the Digital Economy: Reinventing the Internet for Trust — explores the complexities of the … More

The post Cybercrime could cost companies trillions over the next five years appeared first on Help Net Security.

Researchers analyze DDoS attacks as coordinated gang activities

In a new report, NSFOCUS introduced the IP Chain-Gang concept, in which each chain-gang is controlled by a single threat actor or a group of related threat actors and exhibit similar behavior among the various attacks conducted by the same gang. IP Gang attack-type classification against attack volume size Researchers analyzed attack types, volume, size of events, gang activities, and attack rates. By studying the historical behavior of the 80 gangs identified in the report, … More

The post Researchers analyze DDoS attacks as coordinated gang activities appeared first on Help Net Security.

Most Facebook users aren’t aware that Facebook tracks their interests

Too many Facebook users aren’t aware that the company uses the information provided by them and their actions on the platform and outside of it to create a list of their traits and interests, which is then used by to target them with relevant ads. The survey According to the results of a new Pew Research Center surveys, which polled a representative sample of US-based, adult Facebook users: 88% discovered that the site had generated … More

The post Most Facebook users aren’t aware that Facebook tracks their interests appeared first on Help Net Security.

New infosec products of the week: January 18, 2019

XebiaLabs launches new DevOps risk and compliance capability for software releases The XebiaLabs DevOps Platform provides a single pane of glass for technical and business stakeholders to track the release chain of custody across the end-to-end CI/CD toolchain, from code to production. And, with visibility into security and compliance issues, teams can take action to ensure that release failure risks, security vulnerabilities, and IT governance violations are resolved early in the software delivery cycle. ExtraHop … More

The post New infosec products of the week: January 18, 2019 appeared first on Help Net Security.

Protecting privileged access in DevOps and cloud environments

While security strategies should address privileged access and the risk of unsecured secrets and credentials, they should also closely align with DevOps culture and methods to avoid negatively impacting developer velocity and slowing the release of new services. Example of tools in the DevOps pipeline Despite this, 73 percent of organizations surveyed for the 2018 CyberArk Global Advanced Threat Landscape report have no strategy to address privileged access security for DevOps. Key recommendations The report … More

The post Protecting privileged access in DevOps and cloud environments appeared first on Help Net Security.