Category Archives: Threats

MSPs face increased risks and opportunities to rethink cybersecurity

Managed service providers (MSPs) and their small-and medium-sized business (SMB) customers lack the tools and resources needed to sufficiently defend against rising cyberattacks and threats, according to Continuum. Security shortcomings The report found significant shortcomings in how MSPs offer cybersecurity, emphasizing the need for both MSPs and their SMB customers to reevaluate their cybersecurity strategies and identify effective solutions to bridge the widening IT skills gap. Conducted by Vanson Bourne, the study surveyed 200 MSPs … More

The post MSPs face increased risks and opportunities to rethink cybersecurity appeared first on Help Net Security.

WAV files spotted delivering malicious code

Attackers have embedded crypto-mining and Metasploit code into WAV audio files to stymie threat detection solutions. “All WAV files discovered adhere to the format of a legitimate WAV file (i.e., they are all playable by a standard audio player),” Josh Lemos, VP of Research and Intelligence at BlackBerry Cylance, told Help Net Security. “One WAV file contained music with no indication of distortion or corruption and the others contained white noise. One of the WAV … More

The post WAV files spotted delivering malicious code appeared first on Help Net Security.

5 things security executives need to know about insider threat

Insider threat is, unfortunately, an issue that has not yet received sufficient priority. According to the 2018 Deloitte-NASCIO Cybersecurity Study, CISOs’ top challenges remain “budget, talent and increasing cyber threats,” and to some, insider threat doesn’t even make the list of top-ten priorities. Considering what’s at stake – and our 21st-century ability to see signs of, and ultimately prevent, insider threat – this is a phenomenon security executives can no longer afford to ignore. Specifically, … More

The post 5 things security executives need to know about insider threat appeared first on Help Net Security.

ICS cybersecurity investment should be a priority in protecting operations from disruption

93% of ICS security professionals are concerned about cyberattacks causing operational shutdown or customer-impacting downtime, according to a Tripwire survey. In an effort to prepare against such threats, 77% have made ICS cybersecurity investments over the past two years, but 50% still feel that current investments are not enough. The survey was conducted by Dimensional Research and its respondents included 263 ICS security professionals at energy, manufacturing, chemical, dam, nuclear, water, food, automotive and transportation … More

The post ICS cybersecurity investment should be a priority in protecting operations from disruption appeared first on Help Net Security.

Cybercrime is maturing, shifting its focus to larger and more profitable targets

Cybercrime is continuing to mature and becoming more and more bold, shifting its focus to larger and more profitable targets as well as new technologies. Data is the key element in cybercrime, both from a crime and an investigate perspective. These key threats demonstrate the complexity of countering cybercrime and highlight that criminals only innovate their criminal behavior when existing modi operandi have become unsuccessful or more profitable opportunities emerge. In essence, new threats do … More

The post Cybercrime is maturing, shifting its focus to larger and more profitable targets appeared first on Help Net Security.

Internal user mistakes create large percentage of cybersecurity incidents

Internal user mistakes created the largest percentage of cybersecurity incidents over the past twelve months (80%), followed by exposures caused by poor network system or application security (36%), and external threat actors infiltrating the organization’s network or systems (31%), SolarWinds research reveals. Poor password management ranked as the leading cause of concern for German IT professionals regarding insider threats. Forty-five percent of tech pros surveyed indicated poor password management or weak passwords as the most … More

The post Internal user mistakes create large percentage of cybersecurity incidents appeared first on Help Net Security.

The 5 biggest examples of executive threats and how to prevent them

Many executives focus their security efforts and budgets solely on physical threats, but attacks targeting an executive’s digital presence can be just as dangerous. Criminals are looking to exploit the wealth of high-profile and high net-worth individuals—or cause them embarrassment or personal harm—at an unprecedented rate. And, as the most abundant source of company secrets and IP, they’re a primary attack vector of their businesses too. Attacks on VIPs involve attempts at accessing their sensitive … More

The post The 5 biggest examples of executive threats and how to prevent them appeared first on Help Net Security.

Cyber risks are the top concern among businesses of all sizes

Cyber risks are the top concern among businesses of all sizes for the first time since the Travelers Companies’ survey began in 2014. Of the 1,200 business leaders who participated in the survey, 55% said they worry some or a great deal about cyber risks, ahead of medical cost inflation (54%), employee benefit costs (53%), the ability to attract and retain talent (46%) and legal liability (44%). As concerns about cyber threats have grown, a … More

The post Cyber risks are the top concern among businesses of all sizes appeared first on Help Net Security.

How important is packet capture for cyber defense?

Organizations using full packet capture are better prepared to battle cyber threats, according to an Enterprise Management Associates (EMA) report. Visibility and accuracy of packet capture The report highlights that the visibility and accuracy of packet capture data provides the best source of certainty for threat detection, and notes that the adoption of full packet capture has accelerated over the past 12 months. The report concludes that “…it is clear that those using packet capture … More

The post How important is packet capture for cyber defense? appeared first on Help Net Security.

Old Magecart domains are finding new life in fresh threat campaigns

Magecart has so radically changed the threat landscape, victimizing hundreds of thousands of sites and millions of users, that other cybercriminals are building campaigns to monetize their handiwork, a RiskIQ research reveals. These secondary actors know that websites breached by Magecart are likely still making calls to domains once used for skimming and exfiltrating credit card data. Once registrars bring these campaigns back online after they were sinkholed or otherwise deactivated, these scavengers buy them … More

The post Old Magecart domains are finding new life in fresh threat campaigns appeared first on Help Net Security.

What Is Advanced Threat Protection?

Advanced Threat Protection, or ATP, is a type of security solution specifically designed to defend a network or system from sophisticated hacking or malware attacks that target sensitive data. ATP is usually available as a software or managed security service. Advanced Threat Protection solutions differ in terms of approach and components, but most include endpoint agents, email gateways, network devices, malware protection systems, and a centralized management console in order to manage defenses and correlate alerts.

How Advanced Threat Protection Works

Advanced Threat Protection has three primary objectives:

  1. Detecting threats before they have any opportunity to access critical data or breach any system.
  2. Having adequate protection to defend against any and all detected threats.
  3. Responding to and mitigating threats and other security events.

In order to achieve this, there are several components that are important to Advanced Threat Protection solutions. These include:

Real-Time Visibility

Having real-time visibility with whatever is happening allows threats to be detected before they do any damage.

Context

Threat alerts should contain context for true security efficiency. This allows the security teams to prioritize threats and organize a proper response.

Data Awareness

There is a need for Advanced Threat Protection to have a deep understanding of enterprise data, its sensitivity, value, and other factors contributing to the formulation of a proper response.

After a threat is detected, analysis on what happened is needed. Advanced Threat Protection teams typically handle the threat analysis, which enables the enterprise to continue business as usual while monitoring, analysis, and response happens behind the scenes. Threats are then prioritized based on their potential to cause damage and the data at risk. Advanced Threat Protection should be able to address three key areas:

  1. Stopping attacks in progress or mitigating the threats before they are able to breach the system.
  2. Disrupting the activity or countering the actions that have been done by a breach.
  3. Interrupting the lifecycle of the attack and ensuring that the threat is unable to proceed.

Benefits of Advanced Threat Protection Services

The main benefit of having Advanced Threat Protection service is to be able to prevent, detect, and respond to any sophisticated or new types of attacks designed to pass traditional security solutions like firewalls, IPS/IDS, and antivirus software. As attacks continue to become targeted and persistent, Advanced Threat Protection solutions provide a proactive approach to security in identifying and removing threats before any data is compromised.

Advanced Threat Protection solutions provide access to a global community of professionals dedicated to cybersecurity. This allows for sharing and augmenting threat intelligence and analysis using information from third parties, which in turn, allows for fast and easy updating of defenses against new threats detected by the global community.

Organizations that use Advanced Threat Protection are better prepared to detect threats and remove them in order to minimize the damage. A good provider focuses on the lifecycle of attacks to manage threats in real time. They also notify the organization regarding attacks that have occurred and what happened due to them and how they were stopped.

Either managed within the organization or offered as a service, Advanced Threat Protection solutions provide critical defense against major and potentially damaging attacks.

Also Read,

Microsoft’s Windows 7, 8.1 To Have Defender Advanced Threat Protection

Advanced Persistent Threat: What You Need to Know

Google’s Advanced Protection Program For Cloud Services Released As Beta

The post What Is Advanced Threat Protection? appeared first on .

Threat visibility is imperative, but it’s even more essential to act

Cyberthreats are escalating faster than many organizations can identify, block and mitigate them. Visibility into the expanding threat landscape is imperative, but according to a new threat report released by CenturyLink, it is even more essential to act. “As companies focus on digital innovation, they are entering a world of unprecedented threat and risk,” said Mike Benjamin, head of CenturyLink’s threat research and operations division, Black Lotus Labs. “Threats continue to evolve, as do bad … More

The post Threat visibility is imperative, but it’s even more essential to act appeared first on Help Net Security.

Exploitation of IoT devices and Windows SMB attacks continue to escalate

Cybercriminals upped the intensity of IoT and SMB-related attacks in the first half of 2019, according to a new F-Secure report. The report underscores the threats IoT devices face if not properly secured when online, as well as the continued popularity of Eternal Blue and related exploits two years after WannaCry. F-Secure’s honeypots – decoy servers that are set up to lure in attackers for the purpose of collecting information – measured a twelvefold increase … More

The post Exploitation of IoT devices and Windows SMB attacks continue to escalate appeared first on Help Net Security.

Only one quarter of retail banks have adopted an integrated approach to financial crime systems

Most banks plan to integrate their fraud and financial crime compliance systems and activities in response to new criminal threats and punishing fines, with the U.K. leading the pack, according to a survey by Ovum, on behalf of FICO. Responses show that U.S. systems are less integrated than Canada’s – only 25 percent of U.S. banks have a common reporting line for both fraud and compliance, versus 60 percent for Canada. The survey also found … More

The post Only one quarter of retail banks have adopted an integrated approach to financial crime systems appeared first on Help Net Security.

Security leaders lack confidence in the supply chain, fear third-party attacks

An overwhelming number of cybersecurity professionals (89%) have expressed concerns about the third-party managed service providers (MSPs) they partner with being hacked, according to new research from the Neustar International Security Council. Survey participants in July 2019 comprise 314 professionals from across six EMEA and US markets. While most organizations reported working with an average of two to three MSPs, less than a quarter (24%) admitted to feeling very confident in the safety barriers they … More

The post Security leaders lack confidence in the supply chain, fear third-party attacks appeared first on Help Net Security.

Four cyber security myths affecting British businesses

Businesses need to take their cyber security seriously. There are huge financial implications for being hacked, not just from the perspective of lost revenue and weakened reputation, but also in the form of stricter regulations from laws such as the General Data Protection Regulation (GDPR). However, there are a number of myths about cyber security that make it difficult for companies to know what the best course of action is. Here are four myths about cyber security that are still affecting British businesses.

Myth #1: Cyber security is purely dealt with by the IT department

One commonly held myth that can actually put businesses at risk is the idea that cyber security is something that the IT department (and only the IT department needs to be concerned about). Of course, it is necessary to provide your IT team with the budget and resources to defend your business against the risk of a cyber-attack.

The nature of cyber crime means that it is something that the whole of the company needs to be aware of, and understand how to respond to it. For example, directors and senior staff need to understand the risk of them being targeted with business email compromise (BEC) attacks. And all employees need to be aware of the dangers of phishing schemes.

Ensure that your IT department is provided with the resources to provide the relevant training to all members of the team. It is also a good idea to make cyber security an important company-wide issue so that responsibilities are fully understood.

Myth #2: Small businesses don’t get targeted by cyber criminals

It can be easy to look at the cyber criminals and hackers making headlines and believe that cyber attacks only occur against large businesses and huge organisations. Yes, it is common to read about well-known brands losing significant quantities of data, and that can lull small businesses into an assumption that it is only those large businesses that are the targets of cybercrime.

However, this couldn’t be further from the case. In fact, recent statistics show that around 60 per cent of small businesses suffer some form of hacking attempt every year. Small businesses can be considered easy targets by hackers because they may not have the money to invest in powerful cyber security. So, if you are a small business owner, don’t discount the possibility of being attacked just because you aren’t large. If you appear to be a quick win for hackers, they will target you.

Myth #3: Antivirus and firewall software is enough

Some businesses still believe that they can simply rely on their antivirus and firewall software in order to keep their business IT system secure. But the truth is that modern cyber criminals are too advanced and sophisticated to simply use these sorts of security.

To defend against skilled hackers, businesses need to invest in similarly advanced defences. This could include everything from ethical hacking and penetration testing to round-the-clock system monitoring and endpoint protection. It’s worth speaking to cyber security experts who will be able to provide you with advice and guidance on the kind of defences that your system needs.

 

Myth #4: Digital security and physical security are separate issues

Plenty of businesses understand that cyber security is a serious issue with hackers and criminals becoming more and more sophisticated and resourceful. This has seen them organisations invest in the kind of skills and software required to keep the business IT system safe, and clearly that is a good thing.

However, it can also lead to organisations overlooking the dangers of physical security breaches. If cyber criminals can gain access to your building or easily carry out surveillance, it can make it much easier for them to gain access to your system. So, it is essential that you should consider that your physical security is an important aspect of your cyber security, and invest in it in the same way.

Leading physical security provider Maltaward recommends a full range of security measures in order to keep your site secure in this blog, which includes CCTV across the property, security doors and even the use of concrete barriers to prevent unauthorised access to the company carpark or other areas of your working premises.

The post Four cyber security myths affecting British businesses appeared first on CyberDB.