Tuesday, 22 August 2017

Spam email remains a potent threat tool for hackers

Online criminals are keeping the faith with http://www.itproportal.com/news/unsafe-emails-are-still-squeezing-through/, with more and more nuisance messages being sent today than ever before. Figures from IBM have shown that spam email remains a key tool for hackers, with the volume of such messages increasing 400 per cent in the past year.

View Full Story

ORIGINAL SOURCE: ITProPortal

The post Spam email remains a potent threat tool for hackers appeared first on IT SECURITY GURU.



from Spam email remains a potent threat tool for hackers

Expert of Malware Blow the Whistle on Russian Hacking

A Ukrainian author of malware who built the PAS Web shell- a PHP based imbed used to remotely execute commands on hacked systems – has turned himself in to Ukrainian authorities. He has been cooperating with the probe by Federal Bureau of Investigation into the seeming Russian hacking of the Democratic National Committee.
View Full Story

ORIGINAL SOURCE: SpamFighter

The post Expert of Malware Blow the Whistle on Russian Hacking appeared first on IT SECURITY GURU.



from Expert of Malware Blow the Whistle on Russian Hacking

Ad Trackers on E-Commerce Sites Can Unmask Bitcoin Transactions

Research published last week reveals that cookies and other data collected by ad trackers on e-commerce sites can be used to de-anonymize Bitcoin transactions. The idea is that despite how careful users are to hide their identity behind a random Bitcoin address when purchasing products, the same assumption of privacy and anonymity cannot be expected from the online platform where the transaction takes place.
View Full Story

ORIGINAL SOURCE: Bleeping Computer

The post Ad Trackers on E-Commerce Sites Can Unmask Bitcoin Transactions appeared first on IT SECURITY GURU.



from Ad Trackers on E-Commerce Sites Can Unmask Bitcoin Transactions

Security and privacy are critical to deliver safety for the next generation vehicle

Automobiles today have powerful computers interacting with one another, receiving volumes of data from a complex network of sensors. As the industry is moving to more automated driving, more powerful computers are added to the mix for real time vision processing.

View Full Story

ORIGINAL SOURCE: Information Age

The post Security and privacy are critical to deliver safety for the next generation vehicle appeared first on IT SECURITY GURU.



from Security and privacy are critical to deliver safety for the next generation vehicle

Game of Thrones: HBO hackers threaten leak of season finale

The hackers who compromised HBO’s network systems in July have threatened to leak the final two episodes of Game of Thrones. The “Mr Smith group” of hackers told tech site Mashable that it has access to “many HBO platforms” and that HBO should be “ready” for the leak of episode six, which aired on Sunday, and episode seven of its biggest hit immediately ahead of the show’s finale at the end of the week.

View Full Story

ORIGINAL SOURCE: The Guardian

The post Game of Thrones: HBO hackers threaten leak of season finale appeared first on IT SECURITY GURU.



from Game of Thrones: HBO hackers threaten leak of season finale

Organisations risk hefty government fines as new research shows continuing failure to prepare for cyber-attacks

Almost a third (31 per cent) of organisations have been affected by cyber-crime in the past 12 months, according to new research from Databarracks. In light of this, the business continuity expert suggests that organisations must look to invest in ongoing cyber awareness training, especially following the government’s proposed fines for firms who fall victim to cyber-attacks.

 

As part of the Network and Information Systems (NIS) directive, which becomes law across the EU next May and is separate from the General Data Protection Regulation (GDPR), the government has warned that organisations could face fines of up to £17million or 4 per cent of global turnover if they fail to protect against hackers. The crackdown is aimed at making sure essential services such as water, energy, transport and health firms are safeguarded against hacking attempts.

 

According to the government, the fines will be a last resort and they will not apply to organisations who have put the appropriate safeguards in place but have still suffered a breach. However, findings from Databarracks’ seventh Data Health Check report, which surveyed over 400 IT decision makers in the UK about their IT security and continuity practices, shows:

 

  • 41 per cent of organisations have not invested in any safeguards over the last 12 months;
  • Only 34 per cent of organisations have invested in cyber awareness training;
  • Only 11 per cent of organisations have certified to a cyber security framework.

 

Peter Groucutt, managing director at Databarracks, outlines the importance of ongoing cyber awareness training for staff, as well as the need to ensure that firms are continuously communicating risks throughout the business:

 

“Ongoing cyber awareness training is an integral element in an organisation’s defence against cyber-attacks. However, our research indicates that this has not been a focal point for many organisations over the past 12 months. This is concerning, especially in light of the NIS directive and therefore immediate action is needed to address it.

 

“Firstly, for organisations who only carry out awareness training once a year – typically as part of an initial employee induction – we’d recommend increasing this to at least twice annually as well as providing employees with frequent security refreshers. The rate of change in cyber-threats means that we all need to constantly adapt our methods of protection. It’s no longer acceptable for cyber awareness training to be a five-minute warning given to new starters, the entire workforce needs to be informed and up to date on new threats.

 

“Additionally, this approach needs to be supported by the IT department who, when an incident occurs, needs to communicate this to the entire business, providing insight as to why an incident took place, what the implications were and, most importantly, what can be done to prevent this from happening again.

 

“Protecting your organisation from threats in not just about preventative technology, it’s also about building a culture of information security. An employee’s understanding of security is one of the most important and effective security measures that organisations should be investing in, not least because unwitting employees are often the unknowing accomplice within an attack. While good security habits take time, effort and repetition, it’s better to invest in good practices now than pay the price later,” concludes Peter.

The post Organisations risk hefty government fines as new research shows continuing failure to prepare for cyber-attacks appeared first on IT SECURITY GURU.



from Organisations risk hefty government fines as new research shows continuing failure to prepare for cyber-attacks

Fortinet Threat Landscape Report Reveals Poor Security Hygiene and Risky Applications Enable Destructive Cyberattacks to Spread Infection at Record Pace

Fortinet, the global leader in high-performance cybersecurity solutions, today announced the findings of its latest Global Threat Landscape Report. The research reveals that poor cybersecurity hygiene and risky application usage enables destructive worm-like attacks to take advantage of hot exploits at record speed. Adversaries are spending less time developing ways to break in, and instead are focusing on leveraging automated and intent-based tools to infiltrate with more impact to business continuity. For a detailed view of the findings and some important takeaways for CISOs read our blog. Research highlights are as follows:

 

Effective Cyber Hygiene is Critical to Fight Worm-like Attacks

Crime-as-a-Service infrastructure and autonomous attack tools enable adversaries to easily operate on a global scale. Threats like WannaCry were remarkable for how fast they spread and for their ability to target a wide range of industries. Yet, they could have been largely prevented if more organizations practiced consistent cyber hygiene. Unfortunately, adversaries are still seeing a lot of success in using hot exploits for their attacks that have not been patched or updated. To complicate matters more, once a particular threat is automated, attackers are no longer limited to targeting specific industries, therefore, their impact and leverage only increases over time.

 

  • Ransomworms on the Rise: Both WannaCry and NotPetya targeted a vulnerability that only had a patch available for a couple of months. Organizations who were spared from these attacks tended to have one of two things in common. They had either deployed security tools that had been updated to detect attacks targeting this vulnerability, and/or they applied the patch when it became available. Prior to WannaCry and NotPetya, network worms had taken a hiatus over the last decade.

 

  • Critical-severity of Attacks: More than two-thirds of firms experienced high or critical exploits in Q2 2017. 90% of organizations recorded exploits for vulnerabilities that were three or more years old. Even ten or more years after a flaw’s release, 60% of firms still experienced related attacks. Q2 data overall quantified 184 billion total exploit detections, 62 million malware detections, and 2.9 billion botnet communications attempts.

 

  • Active During Downtime: Automated threats do not take weekends or nights off. Nearly 44% of all exploit attempts occurred on either Saturday or Sunday. The average daily volume on weekends was twice that of weekdays.

 

Technology Use Foreshadows Threat Risk

Speed and efficiency are business critical in the digital economy, which means that there is zero tolerance for any device or system downtime. As usage and configuration of technology such as applications, networks, and devices evolves, so do the exploit, malware, and botnet tactics of cybercriminals. Cybercriminals are ready and able to exploit weakness or opportunities in these new technologies or services. In particular, business-questionable software usage and the vulnerable IoT devices of hyperconnected networks represent potential risk because they are not being consistently managed, updated, or replaced. In addition, while good for Internet privacy and security, encrypted Web traffic also presents a challenge to many defensive tools that have poor visibility into encrypted communications.

 

  • Application Usage: Risky applications create risk vectors, which open the door for threats. Organizations allowing a large amount of peer-to-peer (P2P) applications report seven times as many botnets and malware as those that don’t allow P2P applications. Similarly, organizations allowing a lot of proxy applications report almost nine times as many botnets and malware as those that don’t allow proxy applications. Surprisingly, there was no evidence that higher usage of cloud-based or social media applications leads to increased numbers of malware and botnet infections.

 

  • Sector Analysis: The education sector led in nearly every measure of infrastructure and application usage when grouped by element type and industry. The energy sector exhibited the most conservative approach with all others falling in between.

 

  • IoT Devices: Almost one in five organizations reported malware targeting mobile devices. IoT devices continue to present a challenge because they don’t have the level of control, visibility, and protection that traditional systems receive.

 

  • Encrypted Web Traffic: Data shows the second straight record high this quarter for encrypted communications on the web. The percentage of HTTPS traffic increased over HTTP to 57%. This continues to be an important trend because threats are known to use encrypted communications for cover.

Phil Quade, chief information security officer, Fortinet

“The technology innovation that powers our digital economy creates opportunity for good and bad in cybersecurity. Yet, something we don’t talk about often enough is the opportunity everyone has to limit bad consequences by employing consistent and effective cybersecurity hygiene. Cybercriminals aren’t breaking into systems using new zero day attacks, they are primarily exploiting already discovered vulnerabilities. This means they can spend more of their resources on technical innovations making their exploits difficult to detect. Newer worm-like capabilities spread infections at a rapid pace and can scale more easily across platforms or vectors. Intent-based security approaches that leverage the power of automation and integration are critical to combat this new ‘normal’.”

 

The post Fortinet Threat Landscape Report Reveals Poor Security Hygiene and Risky Applications Enable Destructive Cyberattacks to Spread Infection at Record Pace appeared first on IT SECURITY GURU.



from Fortinet Threat Landscape Report Reveals Poor Security Hygiene and Risky Applications Enable Destructive Cyberattacks to Spread Infection at Record Pace