Apps that belch out sensitive military information, what could the world learn from South Korea’s digital response to the Coronavirus pandemic, and who has been deepfaking Bill Clinton, Jay-Z, and Donald Trump… and why?
All this and much much more is discussed in the latest episode by computer security veterans Graham Cluley and Carole Theriault, joined this week by Brian Klaas of the “Power Corrupts” podcast.
Over on my sister blog, Security In Five, episode 749 of the Security In Five...
The post Interview With the CEOs Of Vivaldi And Startpage.com appeared first on Binary Blogger.
Tony Sager, Senior Vice President and Chief Evangelist at CIS (Center for Internet Security) joins us to discuss the best approaches to the changing security landscape in the wake of COVID-19. Tony is a lifelong defender, with more than 44 years of experience. He spent most of his career at the NSA and now leads […]… Read More
The post Podcast Episode 7: The Perimeter Really Is Gone – CIS Controls and COVID-19 with Tony Sager appeared first on The State of Security.
Graham shares stories of email storms, Carole describes the steps being taken by firms as they try to coax employees back to the office, and special guest Lisa Forte details a hack that has impacted Lady Gaga and other celebrities.
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast with computer security veterans Graham Cluley and Carole Theriault.
This week’s episode of the Security Stories podcast was one of my favorites to record, for a few reasons.
Our interview is with a remarkable lady called Masha Sedova, who co-founded Elevate Security. Elevate uses data and analytics to invoke cultural and behavioural change in a company’s approach towards cybersecurity. I met Masha at RSA when she had just been announced as finalist for the 2020 Innovation Sandbox award, which tells you something about how unique and interesting her solution is.
Before Elevate, Masha was a Security Executive at Salesforce where she built and led the security engagement team focused on improving the security mindset of employees, partners and customers. And it’s there where she had the idea for Elevate.
I have always loved that within the security industry, you really can make a difference. Masha saw something that could change, and had the courage to go out and set something up herself, rather than wait for someone else to do it. “The industry doesn’t have to be this way” is the mantle she had when she decided to go for it.
There’s many reasons why this was one of my favorite interviews. For anyone tempted to listen, I would say – come for the unique insights into human behavior and why we make the security choices that we do sometimes. And then stay for the discussion on setting up a business, as a woman, in the security industry.
During the interview, Masha recalls a specific and very personal example of gender discriminatory behavior she came up against whilst she was trying to raise investment three years ago. This led to Masha creating a hiring policy in her organization which focusses on hiring more women, and embracing diversity as a rule.
It really struck a chord with me. Because this type of gender discrimination isn’t uncommon for women in the technology sector (dare I say most sectors). I myself can still recall, very vividly, when it’s happened to me. I know it’s happened to friends of mine. It does stay with you, and it has lasting impact.
So I wanted to share this important message to say that it doesn’t have to be this way, and Masha is an example of the kind of leadership that’s required to ensure it doesn’t have to happen to anyone else. Thanks also to Masha’s co-founder Robert Fly, who had her back in that investor meeting.
I have a few friends with daughters who are growing up, and I hope that soon, the world is open to whatever they want to do with their lives and careers.
Also in this episode, Ben talks about the resurgence of digital extortion scams, what they tend to include, and what to do about them.
And finally we have our ‘On this Day’ feature. For this, we go back into the cybersecurity archives and pick out significant events that happened around this time, however many years ago. We’ve gone back to the 70s to talk about the first ever network attack, and we visited the 90s in the last episode to talk about the launch of Snort onto opensource, but for this episode we’re only going to go back 3 years, because, well we couldn’t not.
Because on May 12th 2017, something called WannaCry began to wreak havoc within computer systems across the world. We revisit the timeline of the attack, how it all unfolded, and the significance that WannaCry still has today.
The post “The security industry doesn’t have to be this way”. Talking people powered security with Masha Sedova appeared first on Cisco Blogs.
In this episode, Senior Product Marketing Manager Cindy Chen and Senior Manager of Product Management Michael Schneider take us through the details of Unified Cloud Edge.
The post ST19: Unified Cloud Edge with Cindy Chen & Michael Schneider appeared first on McAfee Blogs.
The head of McAfee Advanced Programs Group, Patrick Flynn and Security Researcher Anne An discuss Chinese Cyber Crime trends and operations.
The post ST18 Chinese Cyber Crime with Anne An & Patrick Flynn appeared first on McAfee Blogs.
What can X Æ A-12 Musk teach us about passwords? How did our guest finally hunt down in Manila the author of one of history’s biggest virus outbreaks? And what on earth is a hacker doing breaching Roblox security?
All this and much more is discussed in the latest edition of the award-winning “Smashing Security” podcast by computer security veterans Graham Cluley and Carole Theriault, joined this week by technology journalist Geoff White.
Listen and subscribe to our new podcast! Tripwire’s cybersecurity podcast features 20-minute conversations with the people who protect people from cyber threats. Hosted by Tripwire’s VP of Product Management and Strategy, Tim Erlin, each episode brings on a new guest to explore the evolving threat landscape, technology trends, and cybersecurity best practices. Spotify: https://open.spotify.com/episode/5wXKv9DiQjfsZNf6heXg67 Stitcher: […]… Read More
The post Podcast Episode 6: Taking Over IoT Devices with MQTT appeared first on The State of Security.
The UK went into lockdown in March due to the coronavirus pandemic, these are unprecedented and uncertain times. Unfortunately, cybercriminals are taking full advantage of this situation, both UK citizens and businesses have been hit with a wave of COVID-19 themed phishing emails, and scam social media and text messages (smishing). Which prompted warnings by the UK National Cyber Security Centre and UK Banks, and a crackdown by the UK Government.
I have not had the opportunity to analyse a copy of the above scam text message (smishing), but it looks like the weblink displayed is not as it appears. My guess is the link is not part of the gov.uk domain, but the attacker has used an international domain name homograph attack, namely using foreign font characters to disguise the true address of a malicious website that is linked.
I was privileged to be on The Telegraph Coronavirus Podcast on 31st March, where I was asked about the security of video messaging apps, a transcript of what I advised is here. Further coronavirus cybersecurity advice was posted on my blog, on working from home securely and to provide awareness of coronavirus themed message scams. It was also great to see the UK payment card contactless limit increased from £30 to £45 to help prevent coronavirus spread.
March threat intelligence reports shone a light to the scale of the cybercriminal shift towards exploiting COVID-19 crisis for financial gains. Check Point Global Threat Index reported a spike in the registration of coronavirus themed domains names, stating more than 50% of these new domains are likely to be malicious in nature. Proofpoint reports for more 80% of the threat landscape is using coronavirus themes in some way. There has been a series of hacking attempts directly against the World Health Organisation (WHO), from DNS hijacking to spread a malicious COVID-19 app to a rather weird plot to spread malware through a dodgy anit-virus solution.
International hotel chain Marriot reported 5.2 million guest details were stolen after an unnamed app used by guests was hacked. According to Marriots online breach notification, stolen data included guest name, address, email address, phone number, loyalty account number and point balances, employer, gender, birthdays (day and month only), airline loyalty program information, and hotel preferences. It was only on 30th November 2018 Marriott disclosed a breach of 383 million guests. Tony Pepper, CEO at Egress said “Marriott International admitted that it has suffered another data breach, affecting up to 5.2 million people. This follows the well-documented data breach highlighted in November 2018 where the records of approximately 339 million guests were exposed in a catastrophic cybersecurity incident. Having already received an intention to fine from the ICO to the tune of £99m for that, Marriott will be more than aware of its responsibility to ensure that the information it shares and stores is appropriately protected. Not only does this news raise further concerns for Marriott, but it also serves as a reminder to all organisations that they must constantly be working to enhance their data security systems and protocols to avoid similar breaches. It will be interesting to see if further action is taken by the ICO”
March was another busy month for security updates, patch Tuesday saw Microsoft release fixes for 116 vulnerabilities and there was an out-of-band Microsoft fix for 'EternallDarkness' bug on 10th March, but a zero-day exploited vulnerability in Windows remained unpatched by the Seattle based software giants. Adobe released a raft of security patches, as did Apple (over 30 patches), Google, Cisco, DrayTek, VMware, and Drupal.
Stay safe, safe home and watch for the scams.
- How Safe are Video Messaging Apps?
- Working from Home Cybersecurity Guidance
- Coronavirus Cybersecurity: Scams To Watch Out For
- Payment Card Transactions in the UK will be increased from £30 to £45 due to Coronavirus
- Cyber Security Roundup for March 2020
- UK Banks warn on Wave of COVID-19 Themed Text Message ‘Smishing’ Scams
- UK Government Cracks Down on Fake Coronavirus Advice on Social Media and WhatsApp
- Virgin Media leaves Database Open, Thousands of Records Exposed
- T-Mobile Email Vendor Breach Exposes Info on Customers and Employees
- Five Billion Records Exposed in Open ‘Data Breach Database’ by UK-based Security Company’
- New Marriott Data Breach Impacts 5.2 Million Guests
- 8 Million EU Retail Sales Records Exposed on AWS MongoDB
- Blisk Browser left open, 2.9 Million Records Exposed
- Boots halts Advantage Card Payments after Credentials Stuffing Cyber-Attack
- Huawei: Government wins vote after Backbench Rebellion
- Unpatched Windows Zero-Day Flaws exploited according to Microsoft
- Drupal, Google and Cisco Post Security Advisories
- Adobe Patches 41 Vulnerabilities, 22 in Photoshop
- Adobe Patches Critical Flaw in Creative Cloud
- Cisco Fixes Three High-Level bugs, but a Fourth Remains Unpatched
- Apple Releases more than 30 Security Patches
- Zero-day vulnerabilities used against DrayTek Routers and Switches
- VMware Fixed Critical Code Execution Bug in Hypervisors
- MicrosoftIssues Out-of-Band Fix for Leaked ‘EternalDarkness’ Bug
- Hijacked Routers and attempted WHO hacks highlight latest COVID-19 attacks
- Thousands of New Coronavirus-Themed Domains Registered, more than 50% likely to be Malicious
- APT41 Activity Down during China COVID-19 Quarantines; Massive Campaign Undeterred
- Coronavirus Tracking App Locks up Android Phones for Ransom
- Russian Cybercrime Forums have seen selling Malware-Sabotaged COVID-19 map
- TrickBot Banking Trojan introduces RDP Brute Forcing Module
- Necurs Botnet Operation Dismantled; Millions of Malicious Domains Disabled
- Foreign APT groups use Coronavirus Phishing Lures to drop RAT Malware
In this podcast, McAfee’s Principal Engineer Mo Cashman and Chief Scientist & McAfee Fellow Raj Samani cover how to stay safe while working remotely.
The post ST17: Secure Remote Working with Raj Samani & Mo Cashman appeared first on McAfee Blogs.
Our increased use of video messaging apps has not gone unnoticed by cybercriminals, who are seeking to exploit the increase of use by sending phishing emails, social media scam messages and even scam text messages, with fake invitations to video messaging app meetings.
Typically, these scam messages will entice you into either opening a malicious attachment or click a web link which directs to a malicious website. The ultimate aim of these cyberattacks is to deliver malicious software, such as ransomware which locks your PC and demands a ransom payment to unlock, scam a payment, or steal your personal information which can be resold to other cybercriminals on the dark web.
So, never open an attachment or click on any links within any unexpected or suspicious emails, social media messages and text messages.
The next piece of advice is to ensure your video messaging app is always kept up-to-date. Luckily most modern smartphones and computer operating systems will automatically update your apps, but it is always worth double-checking and not to suppress any app updates from occurring, as often the app updates are fixing security flaws.
And finally, on home computers and laptops, when not using video messaging apps, either cover your webcam with a piece of tape or face your webcam towards a wall or ceiling, just in case your computer is covertly compromised and a malicious actor gains access to your computer's webcam.
One tip I didn't have time to say on the podcast, is always ensure your video chats are set to private, using a strong password to prevent ZoomBombing. Recent reportshave shown a series of “Zoombombing” incidents lately, where unwanted guests have joined in on open calls.
Bharat Mistry, Principal Security Strategist at Trend Micro on Zoom advises “Although not alone in being targeted, Zoom has been the subject of some of the highest-profile incidents so far this year. Fortunately, there are things you can do to keep your business safe.
It’s all about taking advantage of unsecure settings in the app, (and possibly using brute-force tools to crack meeting IDs). With access to a meeting, hackers could harvest highly sensitive and/or market-critical corporate information, or even spread malware via a file transfer feature.
Hackers know users are looking en masse for ways to communicate during government lockdowns. By creating legitimate-looking Zoom links and websites, they could steal financial details, spread malware or harvest Zoom ID numbers, allowing them to infiltrate virtual meetings. One vendor discovered 2,000 new domains had been registered in March alone, over two-thirds of the total for the year so far.
- Ensure Zoom is always on the latest software version
- Build awareness of Zoom phishing scams into user training programmes. Users should only download the Zoom client from a trusted site and check for anything suspicious in the meeting URL when joining a meeting
- Ensure all home workers have anti-malware including phishing detection installed from a reputable vendor
- Ensure you also generate a meeting ID automatically for recurring meetings
- Set screen-sharing to “host only” to prevent uninvited guests from sharing disruptive content
- Don’t share any meeting IDs online
- Disable “file transfers” to mitigate risk of malware
- Make sure that only authenticated users can join meetings
- Lock the meeting once it’s started to prevent anyone new joining
- Use waiting room feature, so the host can only allow attendees from a pre-assigned register
- Play a sound when someone enters or leaves the room
- Allow host to put attendees on hold, temporarily removing them from a meeting if necessary”
McAfee’s Interim Chief Marketing Officer Vittorio Viarengo and VP of Product & Solution Marketing Naveen Palavallil team up to discuss their favorite McAfee highlights of this year’s RSA Conference.
The post ST16: Top 5 RSA Moments 2020 with Vittorio Viarengo & Naveen Palavalli appeared first on McAfee Blogs.