Archive for the ‘data encryption’ category

Device Theft Incidents

November 20th, 2017

Brevard Physician Associates

Brevard Physician Associates mentioned that it was burglarized which possibly affected health data for 7,976 patients. The incident came to notice when the company saw tripped security alarm. An employee of the company found that three computers were missing.

Affected information included patient names, the names of patients’ insurance providers, the amount charged for the services provided, and the CPT codes of the services provided. However, patient addresses, dates of birth, telephone numbers, Social Security numbers, insurance ID numbers, and financial information were not included.

“We believe that the information contained on the stolen computers presents a minimal risk of future identity theft or financial fraud,” Brevard stated. “All three computers were password protected with strong passwords. Additionally, all of the data from all three computers will be automatically deleted upon their connection to the internet.”

Brevard also mentioned that it has “enhanced the security” at its office. Additional policies are in place to ensure it is “appropriately secured in the future.”

Martinsville Henry County

Martinsville Henry County (MHC) Coalition for Health and Wellness recently suffered data breach at Bassett Family Practice. The incident involved stolen laptop from the Bassett employee’s car.

Facility believe that the thief was after the laptop and not the information. As per the OCR data breach reporting tool, total 5,806 individuals may have been impacted.

Affected information includes patient names, dates of birth, account numbers, identity of providers, and/or details about patient visits with the practice. There is currently no indication that Social Security numbers or financial information was on the device.

“We are currently upgrading our IT security policies, procedures and related equipment to prevent future information from being stored on a laptop in an unencrypted manner,” Bassett said. “Please understand we value our relationship with you and take the security of your personal information very seriously. We have taken immediate steps and we will continue to evaluate our technology, policies and procedures in our efforts to prevent another occurrence such as this from happening in the future.”

 ___________________________________________________________________________________

AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted. Encrypted devices secure your data in case a device is lost or stolen. AlertSec ACCESS checks all computers and smartphones and detects all encryption types.

Ransomware Attack and Phony Websites

November 17th, 2017

ECKAAA

East Central Kansas Area Agency on Aging (ECKAAA) mentioned that they were affected by the ransomware attack.The incident left files encrypted and inaccessible to the company. Cybersecurity company is hired to investigate.

“The ransomware only affected portions of ECKAAA’s server; not every file stored on the server was encrypted,” the statement read. “Although not every file was encrypted, the ransomware perpetrators would have had access to every file stored on the attacked server. Based on its investigation, the company does not believe any data was removed from ECKAAA’s servers.”

Affected information includes names, addresses, and telephone numbers. They also may have contained names, addresses, telephone numbers, dates of birth, Social Security numbers and/or Medicaid numbers.

Facility mentioned that they have backups and the services are not hampered. As per the OCR data breach reporting tool, total 8,750 individuals possibly got affected by this incident.

“ECKAAA has also provided education to its workforce regarding ransomware, including, but not limited to, the importance of using robust passwords,” ECKAAA continued. “All passwords were changed following the ransomware incident. ECKAAA also intends to update its cybersecurity policies and procedures as necessary to prevent similar incidents in the future. As of October 30, 2017, no malicious activity has been detected.”

PHONY WEBSITES

The Recovery Institute of the South East, P.A. (RISE Therapeutic Services) mentioned that it was victim of cyber attack.

Organization said that certain individuals may have been contacted by websites that were claiming to be connected to RISE

“As of now we know that it was used to redirect any contact through the website, email, and also the phone number,” RISE stated. “Through Psychology Today it was confirmed that approximately 200 plus calls and 75 plus emails through their site were rerouted to an unauthorized individual who has yet to be identified.”

 ___________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running iOS and Android are encrypted before access is granted.

Government of Canada Plans to Set CyberSecurity Policy

November 14th, 2017

The growing trend of attacks is worrying every corner of the world. Like other parts, Canadians are also at risk from cyber attack. The Government of Canada plans to fight this battle. They are implementing various measures to stop the attacks. At the SecTor conference here, Colleen Merchant, Director General for National Cyber Security at Public Safety Canada, explained the steps taken.

Merchant mentioned that government agencies will have different responsibilities for cyber security. The Royal Canadian Mounted Police (RCMP) is tasked to handle law enforcement and related investigations. Public Safety Canada handles the Canadian Cyber Incident Response Center (CCIRC).

“CCIRC also has a responsibility for coordinating the overall national response to significant cyber events affecting critical systems in Canada,” she said.

Public Safety Canada also provides helping hands to set policy for cyber security. Merchant mentioned that the role of policy is to help assess challenges and help to formulate overall approaches that work at a national level.

The Government of Canada has released its Cyber Security Strategy manifesto in 2010 which consists of  three core pillars including: securing government systems, partnering to secure vital system outside of the federal government, and helping Canadians to be more secure online.

“From 2010 and going up to 2020 we have committed $431.5 million for investment and improvement into cyber security,” Merchant said.

Government of Canada has taken views from various entities while drafting policy for cybersecurity. Merchant said that there was the need for more privacy, collaboration and skilled cyber security personnel.

“We are recognizing that cyber-security has become a source for economic prosperity,” Merchant said.

“The Government can’t solve all problems but we can find ways to force-multiply, by providing all partners with direction and to set out national-level objectives that we can all work toward,” she said.

____________________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running iOS and Android are encrypted before access is granted.

Data Breach at Forever 21

November 12th, 2017

Retailer Forever 21 recently suffered data breach. Affected information includes credit and debit card information at some Forever 21 locations. Third party notified the company about the breach.

“We immediately began an investigation of our payment card systems and engaged a leading security and forensics firm to assist us,” the company mentioned.

Forever 21 has encryption and tokenization solutions. It mentioned that only some point of sale (PoS) devices where affected. The company do not  know the affected location.

Obsidian Security CTO Ben Johnson mentioned that the breach is a reminder that every retailer is a target. “Holiday shoppers should be diligent in monitoring their account activity, and should consider Apple Pay or cash if they are feeling less confident about the security of the retailers’ systems,” he said.

“Retailers should understand that any areas of weakness, such as those few systems without multi-factor authentication or encryption, will eventually find themselves victim of compromise,” Johnson added. “In some ways things are improving on the defensive side, but we cannot forget that the attackers often innovate faster.”

Recent survey by SiteLock shows that there is growing concern for online shopping. The findings are as below –

Twenty seven percent worry about the information being compromised

Sixty-five percent mentioned that they will not return to the website after it got hacked

Fifty two percent say a store  which provides a secure payment network makes them confident

Another survey conducted by Paysafe has below findings –

Fifty nine percent of U.S. consumers believe fraud is an inevitable part of shopping online

Fifty eight percent said that they are willing to accept any security measures needed to eradicate fraud

Thirty nine percent of US businesses believe their customers would prefer increased security

“For years, consumers have had to overcome the apprehension that businesses know too much about them — from shoe sizes to food preferences,” Paysafe CEO Todd Linden said in a statement. “But as the payment world evolves, it is this knowledge that will make individuals more secure.”

“The evolution of big data will make payments smarter and easier and help to redress the balance between security and convenience,” Linden added. “Big data will be the ultimate key to tightening up security at PoS, online and in brick and mortar environments.”

 ___________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

Managing Privileged Passwords

November 11th, 2017

Recent survey conducted by One Identity of 913 IT security pros shows that 86 percent of IT security professionals face challenges managing privileged passwords.

As per the One Identity website – “We believe that security is much more than the practice of denial and restriction. That’s why One Identity’s design and integration philosophy is that our solutions must add agility and efficiency to an organization – regardless of size or market – as well as secure its digital assets.”

Other findings of the survey include –

Eighteen percent use a paper logbook for privileged password management

Thirty six percent manage passwords in Excel or another spreadsheet

Twenty two percent are not able to monitor or record activity performed with admin credentials

Forty percent do not change the default admin password

“Over and over again, breaches from hacked privileged accounts have resulted in astronomical mitigation costs, as well as data theft and tarnished brands,” One Identity president and general manager John Milburn said in a statement. “These survey results indicate that there are an alarmingly high percentage of companies that don’t have proper procedures in place.”

LastPass research survey shows that the average security employee is managing 191 passwords.

Twenty six and half percent of businesses has multi-factor authentication to protect their password vaults.

“While we’re seeing that a significant portion of businesses are investing in multi-factor authentication, it is not yet adopted widely enough to compensate for the shortcomings of passwords,” the report states.

Duo Labs conducted survey of 443 individuals has below findings –

Twenty eight percent of respondents use two-factor authentication (2FA)

Fifty six percent of respondents had never heard of it

Forty-five percent of those who use 2FA said they do so on all services that offer it

“This survey underscores the reality that we as a security community still have a long way to go when it comes to educating the everyday person about proper security behaviors in general and 2FA in particular,” the researchers wrote.

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

Deception Technology

October 31st, 2017

Symantec’s endpoint security product suite has latest update which uses deception technology to keep devices secured. Deception technology is first step towards this efforts in the industry.

It unveiled Endpoint Security for the Cloud Generation along with this new technology. It is used by the companies to trick hackers which makes them believe that they had gained access to the systems.

“Deception technology is a direct result of Symantec’s innovation strategy paired with more than 15 years of endpoint security expertise,” Sri Sundaralingam, head of product marketing for Enterprise Security Products at Symantec.

The technique makes hackers to waste their efforts, time and energy breaking into fake servers.

“With deception on the endpoint, customers can now utilize the threat intelligence and deception capabilities of the largest security company in the world to expose stealthy attack tactics, delay attackers, and determine attacker intent beyond what’s available through purely network-based deception technologies – all at a scale like no other in the market,” continued Sundaralingam.

SEP 14.1 also had a new add-on entity which is called Hardening. It isolates suspicious activity at applications.  It also provides behavioral analysis and machine learning to identify malware.

Symantec Advanced Threat Protection (ATP): Endpoint 3.0 employs SEP’s endpoint detection and response features combined with threat intelligence and machine learning to stop attacks.

Company also launched Skycure’s AI-enabled mobile threat defense software. Skycure was acquired by Symantec for an undisclosed amount.

“One of the most dangerous assumptions in today’s world is that iOS and other mobile devices that employees bring into the office are safe, but the apps and data on these devices are under increasing attack,” stated Symantec CEO Greg Clark at the time. “We believe that tomorrow’s workforce will be completely mobile and will demand a cyber defense solution that travels with them.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen

Bad Rabbit Ransomware

October 29th, 2017

The United State Computer Emergency Readiness Team (US-CERT) has issued a warning against a campaign called Bad Rabbit which seams to be a variant of the Petya ransomware.

”US-CERT discourages individuals and organizations from paying the ransom, as this does not guarantee that access will be restored,” US-CERT stated in an alert. “Using unpatched and unsupported software may increase the risk of proliferation of cyber security threats, such as ransomware.”

Ukraine and Russia appears to be leading target. The affected entities includes Russian media groups Interfax and Fontanka, the Kiev Metro, Odessa International Airport and Ukraine’s Ministry of Infrastructure.

As per Sophos researchers, Bad Rabbit ransomware is distributed through media websites asking users to install fake Adobe Flash.

“Once it infects a computer, the ransomware attempts to move laterally using a list of hardcoded credentials, featuring predictable user names such as root, guest and administrator, and passwords straight out of a worst passwords list,” Sophos’ Bill Brenner wrote. “Another reminder, if one were needed, that all of your passwords need to be strong, even the ones you use behind the safety of a corporate firewall.”

STEALTHbits Technologies vice president of product strategy Gabriel Gumbs mentioned that this ransomware uses open source tool Mimikatz to harvest credentials.

“This could simply be to widen its reach internally for the purpose of further encrypting the files of users with elevated privileges, it may be used to hide inside compromised networks, or the ransom itself could be a decoy from the attack’s real purpose,” Gumbs said. “What we can definitively say today is the only reason you would package Mimikatz with ransomware is for the purpose of further exploiting internal networks — not simply to ransom files.”

VASCO Data Security CISO Christian Vezina mentioned, it’s important to keep in mind that Bad Rabbit uses social engineering tactics to spread. “By teaching your users not to simply click on any link that is presented to them, you may be able to limit your exposure,” he added.

David Zahn, general manager of the cybersecurity business unit at PAS mentioned that it is serious threat to important facilities. “The engineers who manage the industrial control systems that are at the heart of critical infrastructure — namely power generation, oil and gas, and more — are chiefly concerned with maintaining reliability and process safety,” he said. “Ransomware presents a particular risk to both as encrypted systems in a facility can mean loss of view into volatile processes or production disruptions.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted.

Funding for Averon

October 25th, 2017

San Francisco-based company Averon recently secured $8.3 million in an Avalon Ventures-led Series A round of funding. The firm is a mobile authentication startup.

Direct Autonomous Authentication (DAA) mobile identity verification standard is the brainchild of Averon. It allows smartphone users seamlessly and securely interact with services and devices. The technology allows users to interact with devices like smart locks which involves no download of dedicated app.

“Averon leverages real-time mobile network signaling and the SIM/eSIM (eUICC) chips already found in the world’s seven billion smartphones, requiring no installation, no apps, and no user involvement whatsoever,” the company explained in an Oct. 24 media advisory. “Working seamlessly in the background, it is the easiest, fastest and most secure way to provide instant, frictionless authentication.”

Wendell Brown, Averion’s CEO mentioned that his company is the solution to large scale breaches in current time.

“As we see in the news every day, cybersecurity breaches continue to grow in size and frequency, and the world is in desperate need of the next generation of online identity authentication,” said Brown, in a statement. “Averon offers a uniquely superior solution that authenticates users while relying on zero personally identifiable data and requiring zero effort on the part of consumers – Averon is the new gold standard in cybersecurity, and we’re rapidly taking it to scale.”

Many cyber security startups are getting funded. The partial list can be mentioned as below who got funding in recent times –

KnowBe4 secured a $30 million Series B round of financing the company

Contrast Security mentioned that it had completed a Series C round worth $30 million

ShiftLeft’s secured $9.3 million

Attivo Networks secured  $21 million Series C round of funding

Duo Security raised $70 million

 ___________________________________________________________________________________

AlertSec ACCESS checks for full disk encryption on PCs running Windows 7, 8, and 10 Home, Pro and Enterprise as well as Mac OS El Capitan and Sierra. AlertSec ACCESS will also verify that all smartphones running iOS and Android are encrypted before access is granted.

New Funding for Contrast Security

October 20th, 2017

Contrast Security raised $30 million in a Series C round of financing which was led by Battery Ventures along with venture capital (VC) firms Acero Capital and General Catalyst. The total money raised till date is $54 million.

Company deals in technology that enables enterprises to develop and deploy “self-protecting” software. Contrast Assess and Contrast Protect are two products which integrates security elements into software development process.

“Contrast doesn’t treat the symptoms like a scanner, sandbox, or firewall.  Instead, Contrast infuses both security testing and protection directly into the application, like an immune system for applications that inoculates against vulnerabilities and attacks,” explained Williams. “Simply add Contrast to your application environment, and it starts working immediately without any code or process changes, and without needing security experts.”

Contrast takes two approaches for security.

“Contrast Assess focuses on vulnerabilities, and instantly alerts development teams so they can fix code without disrupting software development. Contrast Protect identifies and blocks attacks, rendering them ineffective,” said Williams. “Together, Contrast Assess and Protect provide organizations with a comprehensive self-protecting software solution that works in data center, cloud, and container [environments], throughout an application’s development and deployment.”

The company’s approach combines DevOps and security without affecting performance, Williams added. In terms of threats and attacks, Contrast’s technology protects against the Open Web Application Security Project (OWASP) top 10 vulnerabilities and much more.

“Contrast invented a way to combine multiple different analysis techniques in a single component that measures vulnerabilities and attacks directly from the running application. This provides an almost unfair information advantage that allows Contrast to protect against a broader range of security problems than other tools and to do it more accurately,” Williams added.

Security risks blocked by company product includes Command Injection, Cross-Site Scripting (XSS), Hard-coded Password, Insecure Encryption Algorithms, Java Reflection Injection, NoSQL Injection, SQL Injection, Weak Random Number Generation among many more. “Contrast also includes a powerful rule language that allow definition of both positive (behavior pattern is required) and negative (behavior pattern is disallowed) security rules,” Williams concluded.

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

Increase in Ransomware Sales

October 16th, 2017

There was increase in sales of ransomware on the dark web by 2,502 percent. It raised to 6.2 million dollar from $250,000.

“This increase is largely due to a simple economic principle — supply and demand,” the report states. “Cyber criminals are increasingly seeing opportunities to enter the market and looking to make a quick buck via one of the many ransomware offerings available via illicit economies.”

There are around 6300 dark web marketplaces which sells ransomware. The listing includes 45,000 product which are priced in the range of $0.50 to $3,000.

“Based on our research, ransomware can no longer be perceived as petty criminals performing stick-ups and kidnappings,” Carbon Black security strategist Rick McElroy said in a statement. “Instead, ransomware has become a rapidly growing, cloud-based black market economy focused on destruction and profit.”

“Today, legitimate enterprises avoid heavy investments in infrastruture — and hackers are no different,” McElroy added. “In fact, with ransomware, hackers have set a model for a cloud-based, high-profit and effective turnkey service economy.”

Survey conducted by Crowd Research Partners of 516 cyber security professionals shows that –

Eighty percent view ransomware a moderate or extreme threat

Small fraction of respondents say they will pay ransom

It also found out that most successful insertion of malware is through email attachments.

“In many respects, ransomware is a game changer,” Cybersecurity Insiders founder and CEO Holger Schulze said in a statement. “It is incredibly easy and inexpensive for cyber criminals to execute highly profitable attacks on a global scale.”

Survey conducted by Magnet Networks of 205 shows that 48 percent do not have cyber security policy.

“We found that only 13 percent of respondents think that their business is very secure — and in the absolute world of cyber attacks you are either totally secure or you are vulnerable in some way,” Magnet Networks cyber security expert James Canty said in a statement.

In seventy percent of the companies under 10 employees, the security aspect is handled by business owner or office manager.

That means that as many as 171,000 Irish businesses, Canty said, “have no one qualified looking after their network security and may not be protected against a ransomware and cybercrime industry which is growing at a rapid rate.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.