Archive for the ‘computer security software’ category

Cybrary raises Series A Funding

September 22nd, 2017

Cybrary raised $3.5 million in a Series A round of funding led by Arthur Ventures. Tenable Network Security’s founder, Ron Gula also got involved in a new round.

The Greenbelt, Md. provider of cybersecurity training services is planning to use the funds for content catalogue and grow its online learning and testing technology platform. Millions of people till date has acquired knowledge of cyber security on the Cybrary.

The offerings include web application penetration testing, Metasploit penetration testing software and ethical hacking.

There is growing number of data breaches which is amplified due to lack of skilled security experts. Last week Equifax disclosed a data breach which affected names, addresses, driver’s license numbers, birthdates and social security numbers—valuable personal identifiable information that can facilitate identity theft.

“Beyond addressing core cybersecurity and IT skills, the material available on Cybrary focuses in on specialized areas that are lacking across industries such as incident response, technical project management, malware analysis, and penetration testing,” said Ralph Sita, co-Founder and CEO.

“Cybrary brings together people, companies, content, and technology to create an ever-growing catalogue of online courses and experiential learning tools that provide IT and cyber security learning opportunities to anyone, anytime, anywhere, continued Sita.

“With free video courses, the platform works to bridge the skills gap by providing access to tools professionals need to be competent and confident,” he said. “The open-source model fosters this ecosystem of information sharing in order to create a frictionless environment where those professionals can learn at their own pace and assess their skills while interacting with the community of over 1.2 million users.”

There is more to the offerings.

“Cybrary’s course catalogue will be the world’s largest portfolio of courses and tutorials covering unique products, industry best practices, skills-based certifications, career-based learning paths, and more. We’ve seen a huge demand for topics like data science, secure coding, enterprise risk assessment, and software development,” said Sita. “Be on the lookout for those additions in the near future.”

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Kaspersky Software Banned in U.S. Government

September 19th, 2017

U.S. Acting Secretary of Homeland Security Elaine Duke issued a directive to Departments and agencies to stop using Kaspersky software in stipulated timeline citing security risks.

As per the Department of Homeland Security (DHS), “based on the information security risks presented by the use of Kaspersky products on federal information systems,” particularly since Kaspersky products generally provide broad access to files and elevated privileges on the computers on which they’re installed.

“The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” the DHS mentioned. 

“The risk that the Russian government, whether acting on its own or in collaboration with Kaspersky, could capitalize on access provided by Kaspersky products to compromise federal information and information systems directly implicates U.S. national security,” the DHS added.

Kapsersky replied that it has no inappropriate ties with any government, and said the DHS allegations regarding ties to Russian intelligence and other agencies are “completely unfounded.”

“Kaspersky Lab has never helped, nor will help, any government in the world with its cyberespionage or offensive cyber efforts, and it’s disconcerting that a private company can be considered guilty until proven innocent, due to geopolitical issues,” Kaspersky said. “The company looks forward to working with DHS, as Kaspersky Lab ardently believes a deeper examination of the company will substantiate that these allegations are without merit.”

Christopher Krebs, a senior DHS official asked Kaspersky to prove in 90 days that it do not possess any risk. “We’ve determined that [the software] poses an unacceptable amount of risk based on our assessment,” he said. “If they want to provide additional information or mitigation strategies, our door is open.”

Kaspersky Lab founder Eugene Kaspersky mentioned, “When they say we have strong ties with Russian espionage it’s not true.”

“We cooperate with many law enforcement agencies around the world — in the past with the U.S. as well,” Kaspersky added.

“U.S. government officials are pressuring software companies to implement encryption backdoors because they think it will help them catch potential terrorists,” Venafi CEO Jeff Hudson said.

“At the same time, they banned security software from a Russian company for use in the U.S. government because they are concerned about security backdoors,” Hudson added. “They want to have it both ways, which is understandable.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Cloud Security Error Affects Half a Million Voters

September 16th, 2017

Kromtech researchers recently found a misconfigured CouchDB database which affected information of 593,328 Alaskan voters.

“When the database was configured, administrators bypassed important security settings that were set to ‘public’ instead of ‘private,’ allowing anyone with an Internet connection to gain access [to] the repository,” Kromtech chief security communications officer Bob Diachenko wrote in a blog post analyzing the breach.

TargetSmart CEO Tom Bonier mentioned that the breach was due to the third party. “We’ve learned that Equals3, an AI software company based in Minnesota, appears to have failed to secure some of their data and some data they license from TargetSmart, and that a database approximately 593,000 Alaska voters appears to have been inadvertently exposed, but not accessed by anyone other than the security researchers on our team and the team that identified the exposure,” he said.

Kromtech vice president of strategic alliances Alex Kernishniuk said that system needs to be updated”This is yet another wakeup call for companies, governments, and political organizations to audit their networks, servers and storage devices and ensure they take the proper security precautions,” he said.

Kromtech also discovered another breach where it affected 3,065,805 WWE fans’ personal information and 48,000 Indian citizens’ personal data.

Dome9 co-founder and CEO Zohar Alon told eSecurity Planet by email that it’s more important than ever for companies to define strict controls and practices for the handling of sensitive data.

“Attackers are looking for two things: repositories with data of value to organizations, and weak security practices,” he said.

“As more data makes its way to the public cloud and security practices around CouchDB become more standardized and robust, attackers will shift their attention to other low-hanging fruit, and exploit commonly known security gaps such as misconfigurations,” Alon added.

“With 2017 having already set new records in terms of the magnitude of cyber attacks, boards should be aware that it’s only a matter of time until their organization will be breached since most still lack efficient security shields,” Bitdefender Senior eThreat Analyst Bogdan Botezatu said in a statement.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Office Workers Not Sure of Phishing Attack

September 12th, 2017

Intermedia recent survey of more than 1,000 U.S. office workers has astonishing results. Fourteen percent do not have detailed knowledge about phishing attack or they can’t differentiate phishing email. Twenty-one percent are a victim of a phishing attack.

Thirty-four percent are company owners or executive managers who are a victim. Twenty-five percent are IT, workers.

Intermedia vice president of security and privacy Ryan Barrett mentioned that it is required to talk to employees more than considering it as a threat — otherwise, traditional education can actually lead to a false sense of security.

“Instead, companies need to offer regular interactive IT security training, simulate security incidents to help employees detect and prevent cyber attacks, and talk about the risks when big data breaches are in the news,” Barrett mentioned.

A Bitglass survey of 129 hackers at Black Hat 2017 has below findings –  

Fifty-nine mentioned phishing is the best strategy for data exfiltration

Malware and ransomware ranking second at 27 percent

“Phishing and malware are threats made all the more potent by cloud adoption and the ease with which employees can share corporate data,” Bitglass vice president of product management Mike Schuricht said in a statement.

Other survey conducted by Bromium of 500 CIOs in the U.S., U.K. and Germany found that fully 99 percent of respondents see end users as “the last line of defense” against hackers, and are spending an average of $290,033 per large enterprise on employee education in response.

“While end-users are often the easiest target for hackers, the idea that they should be ‘the last line of defense’ for a business is simply ridiculous,” Bromium CTO Simon Crosby said in a statement. “The fact is, most employees are focused on getting their jobs done, and any training will go out the window if a deadline is looming.”

“Instead of wasting time on user education policies, protect your users,” Crosby suggested. “Let them click with confidence. If they get attacked, let it happen, but do so in a contained environment. By isolating applications in self-contained hardware-enforced environments, malware is completely trapped. Users are free to download attachments, browse websites and click on links without fear of causing a breach.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Equifax Web Application Vulnerability

September 9th, 2017

Equifax mentioned that there was Web application vulnerability in May to July which exposed data of 143 million U.S. consumers.

Affected data includes names, Social Security numbers, birthdates and addresses, as well as some driver’s license numbers. Credit card numbers for approximately 209,000 consumers and dispute documents with personally identifiable information for approximately 182,000 consumers were accessed.

As per the global security strategist at Absolute, Richard Henderson – “Many people are going to lose their jobs, including Equifax executives, people will be brought before Congress to explain what happened, and consumer trust in all of the credit reporting agencies will be eroded.”

“It may be time for us to reconsider exactly how we allow companies to store all of this data,” Henderson added. “It’s clear that these mega-databases are prime targets for attack, and we may need to take a hard look at legislative changes that will force data brokers and collectors to take security up a few levels.”

“I apologize to consumers and our business customers for the concern and frustration this causes,” Equifax chairman and CEO Richard F. Smith said in a statement. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.”

As per Illumio head of cybersecurity strategy Nathaniel Gleicher it is difficult to keep large data secure.

“Even large organizations struggle because it’s far too easy for intruders to slip across the perimeter and then bide their time inside compromised networks until they can get to the most valuable data,” Gleicher said. “If we want to stop breaches like this, we have to get much better at stopping lateral movement within compromised networks.”

As per chairman and founder of CyberScout, Adam Levin highlights the importance of implementing multi-factor authentication.

“While we don’t yet know the full dimensions of the Equifax breach, where the most sensitive information of over a third of the American population could have been exposed to cybercriminals, tens of millions of us are now forced to look over our shoulders for the rest of our lives because tons of Social Security numbers, the skeleton key to our lives, are out there for cybercriminals to steal and exploit,” Levin said.

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.

New Cyber Security Strategy – Deceiving the Deceivers

September 5th, 2017

New cyber security battle is fought in a new way. Deception is the old strategy used in business, warfare and politics. It is now implemented in IT security.

Cyber criminals are long using deception policy to gain information. Now, new generation start-ups are using the same idea to avoid them. They are confusing the attackers by masking the real system.

“The idea is to mask real high-value assets in a sea of fake attack surfaces,” said Ori Bach, VP of products and marketing at TrapX Security. “By doing so, attackers are disoriented.”

Once attackers enter the system through malicious ways, they are free to roam inside. As per the Gartner analyst Lawrence Pingree, attackers must “trust” the environment that they insert malware into.

“Deception exploits their trust and tempts the attacker toward alarms,” said Pingree. “Deception also can be used to move an attacker away from sensitive assets and focus their efforts on fake assets – burning their time and the attacker’s investment.”

The main aspect is to manage real user endpoint lures.

“Distributed deception platforms (DDP) are solutions that create faked systems (often real operating systems, but used as sacrificial machines), lures (such as fake drive maps and browser histories) and honeytokens (fake credentials) on real end-user systems to entice and mislead the attacker to faked assets in order to enhance detection and to delay their actions as they attack those decoy assets,” wrote Pingree.

Experts believe that deceptive technology must not only create honeypots but a whole system to make it real.

“Ideally, organizations can use DDP solutions to create ‘intimate threat intelligence’ and use that to enrich their other tools to enhance prevention at the network and other security defensive layers,” said Pingree.

“Since you never know where you might be attacked, the ideal deception strategy should cover as many layers of the network and as many types of assets as possible,” said Bach. “For a deception tool to be effective in an enterprise environment, it must be integrated with the infrastructure (e.g. Active Directory, the networking infrastructure) and the security ecosystem.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Attack on Critical Infrastructure

September 2nd, 2017

Symantec researchers recently investigated and published findings of new cyber attacks which targeted the energy sector in Europe and North America. Attack group is known as Dragonfly which is involved in such activities since 2011.

“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so,” the Symantec researchers wrote in a blog post.

Symantec cyber security researcher Eric Chien mentioned Reuters that many of companies have been targeted which few based in U.S.

“As it did in its prior campaign between 2011 and 2014, Dragonfly 2.0 uses a variety of infection vectors in an effort to gain access to a victim’s network, including malicious emails, watering hole attacks, and Trojanized software,” the researchers mentioned.

Attackers were trying to gain remote access to the system.

“Trojan.Heriplor is a backdoor that appears to be exclusively used by Dragonfly, and is one of the strongest indications that the group that targeted the western energy sector between 2011 and 2014 is the same group that is behind the more recent attacks,” the researchers wrote. “This custom malware is not available on the black market, and has not been observed being used by any other known attack groups.”

RiskVision CEO Joe Fantuzzi mentioned that there is a rise in the attack on the energy sector. “Critical infrastructure is clearly becoming more of a target for hackers as it provides access not only to sensitive information but the ability to dramatically impact and/or harm large numbers of people,” he said.

Fantuzzi added that energy sector company should do risk analysis. “Unfortunately, security defenses protecting these systems have often been neglected or routinely deprioritized, and as a result, are substandard or completely outdated, thus giving cyber criminals an easy entry into these networks,” he said.

 ___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Current State of IOT

August 30th, 2017

As per the recent reports, a list of IP addresses and login credentials for more than 8,000 telnet-accessible Internet of Things (IoT) devices was posted on Pastebin. GDI Foundation chairman Victor Gevers mentioned that out of 8,233 devices only 144 has different login credentials. He also mentioned that the common credentials are root:[blank] (782 instances), admin:admin (634), root:root (320), admin:default (21), and default:.

Varonis technical evangelist Brian Vecci told that a leak as big as this one opens the door to a wide variety of infections and exploits. “Not only do consumers need to be mindful of what they put on their network and do what they can to secure their devices, but manufacturers have an obligation to make security an essential part of the design with IoT products,” he said.

Vecci said that defaults settings is an open invitation for attackers.

“Device manufacturers need to build better security into the design of their products and services to ensure that even if a consumer doesn’t take the time to customize the device, it’s not accessible and inviting abuse,” Vecci added. “Some manufacturers, for example, are beginning to minimize the risk of devices being hacked by randomizing factory default credentials and disabling remote access by default.”

As per the recent Irdeto survey, 90 percent mentioned that the cyber security should be inbuilt in IOT devices.

“Today’s connected world needs consumers to be vigilant about security threats,” Irdeto director of IoT security Mark Hearn said in a statement. “On the device manufacturer side, there must be a better ‘defense-in-depth’ approach to cyber security that integrates multiple layers of security into a system. This approach, combined with ongoing security updates to protect against the latest threats, is critical to mitigate attacks targeting IoT technologies.”

New IoT Cybersecurity Improvement Act of 2017 was introduced in the US to tackle security issues.

“My hope is that this legislation will remedy the obvious market failure that has occurred and encourage device manufacturers to compete on the security of their products,” bill co-sponsor Sen. Mark Warner said at the time.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Data Breach at Tewksbury Hospital

August 23rd, 2017

Tewksbury Hospital which is based in Massachusetts recently found out that there was unauthorized EHR access. The incident may have potentially led to a data breach.

As per the statement by a former Tewksbury Hospital patient, the electronic medical record was accessed inappropriately by an unauthorized individual.  After the investigation, a hospital found out that an employee may have accessed the data without proper justification.

It also found out that 1,000 other current and former patients information was accessed. Affected information included patient names, addresses, phone numbers, dates of birth, gender, diagnoses, and other information regarding medical treatment.

The employee has been terminated by the facility. The person no longer has access to the hospital’s HER system. Tewksbury Hospital also mentioned that there is no evidence of information misuse.

Patients are notified of the current incident. The Massachusetts Attorney General’s Office, the Massachusetts Office for Consumer Affairs and Business Regulation, and OCR are also notified.

“To reduce the chance of future incidents like this occurring, we are reviewing our policies regarding access to the electronic medical records system,” read a statement on the Massachusetts Health and Human Services website. “We are also reassessing how we review our workforce members’ use of the electronic medical records system, and we will be reviewing the training we provide to all workforce members regarding the privacy and security of confidential information.”

Affected individuals are encouraged to call toll free number for any further information about the incident. They can also take following steps –

  • Request initial fraud alert
  • Order a Credit Report and review the account (look for inquiries listed on the credit report from businesses that accessed your credit without a request)
  • Request a security freeze

If you are affected by the data breach you have the right to file a police report and obtain a copy of it. Massachusetts law gives you right to obtain any police report filed in regards to the incident.

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. 

Staff Shortage for Cyber Security

August 15th, 2017

The findings of recent Tripwire survey of 108 people at Black Hat USA 2017 has below findings-

Eighty-five percent of cyber security pros mentioned that they need more people

Eighty four percent mentioned that they need new technology

Twenty-eight percent mentioned that they need vendor services

Seventy percent mentioned that hiring experienced professionals is on priority

Thirty percent mentioned that they are willing for on job training

“Tools alone can’t solve the challenges in cyber security,” Tripwire vice president Tim Erlin said in a statement. “Organizations need talented staff to drive process improvements, administer tools and push for continuous improvement.”

“If you think the answer to the problems that keep you up at night is a new cyber security tool, it’s time to reassess,” Erlin added. “Security is built on strong foundations, and the best practices need to adapt to the changing threat landscape, but the core of what’s necessary for defense remains consistent.”

As per the research firm Gartner,  information security spending will climb to $86.4 billion in 2017

“Rising awareness among CEOs and boards of directors about the business impact of security incidents and an evolving regulatory landscape have led to continued spending on security products and services,” Gartner principal research analyst Sid Deshpande mentioned in a statement.

Sid also mentioned that investing on new tech is not the complete solution “As seen in the recent spate of global security incidents, doing the basics right has never been more important,” he said.

“Organizations can improve their security posture significantly just by addressing basic security and risk related hygiene elements like threat centric vulnerability management, centralized log management, internal network segmentation, backups and system hardening.”

“Cyber attacks and data breaches are on the rise and being broadcast in the media, and with it a need for more security professionals, services and tools to protect organizations,” AsTech chief security strategist Nathan Wenzler said.

“Further, if we watch how the trend of attacks has gone over the past several years, we see more and more criminals moving away from targeting servers and workstations, and towards applications and people,” Wenzler added.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.