Archive for the ‘Password’ category

North Korea Hackers Hit US Companies

October 14th, 2017

FireEye researchers recently mentioned that spear phishing emails were sent to U.S. electric companies which can be traced back to North Korea.

The emails contained fake invitations to a fundraiser. Anyone who opened attachment will get malware.

The researchers mentioned that the attack is early-stage reconnaissance.

“Nation-states often conduct cyber espionage operations to gather intelligence and prepare for contingencies, especially at times of high tension,” the researchers wrote.

Two years ago North Korean hackers has released sensitive data on South Korean nuclear power plants.

Researchers mentioned that North Korea linked hackers are bold and “likely remain committed to pursuing targets in the energy sector, especially in South Korea and among the U.S. and its allies, as a means of deterring potential war or sowing disorder during a time of armed conflict.”

“North Korea linked hackers are among the most profilic nation-state threats, targeting not only the U.S. and South Korea but the global financial system and nations worldwide,” the researchers wrote. “Their motivations vary from economic enrichment to traditional espionage to sabotage, but all share the hallmark of an ascendant cyber power willing to violate international norms with little regard for potential blowback.”

Eddie Habibi, CEO of PAS Global mentioned that with the growing tension between US and North Korea the frequency of the attack will rise.

And while critical infrastructure is as prepared as it has ever been for phishing attacks, Habibi said, it’s not well prepared for the consequences of attacks that provide the attackers with “access to the process control networks where you find systems that control volatile processes or ensure worker safety.”

“These systems are often 15 or 20 years old and consequently do not adhere to today’s secure by design principles,” Habibi said. “They are also not visible to security personnel, which makes detecting and reacting sufficiently to compromise difficult at best. Exploiting these systems can lead to loss of production, shareholder value, and even life under certain circumstances.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology. It is designed to enforce that devices are encrypted before access to a network is granted. Encrypted devices secure your data in case a device is lost or stolen. AlertSec ACCESS checks all computers and smartphones and detects all encryption types.

Outsourcing Solution for Skill Gap?

October 5th, 2017

A recent survey shows that there is huge skill gap in security staff. Three hundred and fifteen IT security professionals participated. Seventy two percent mentioned that it is difficult to hire skilled staff.

Ninety percent of the participants believe that technology vendors can help to address the skills gap. Ninety six percent believe automation can solve skill gap.

Tripwire sponsored the survey and was conducted by Dimensional Research. Forty seven percent of respondents are worried about losing security capabilities due to skill gap.

Other findings include –

Fifty two percent mentioned that they’re concerned about coping up with vulnerabilities

Twenty nine percent are concerned about keeping track of devices and software on the network

Twenty four percent are concerned about identifying and responding to issues in a timely manner

“Considering the recent high-profile threats that have been attributed to unpatched systems, it’s no wonder respondents are concerned that a technical skills gap could leave their organizations exposed to new vulnerabilities,” Tripwire vice president of product management and strategy Tim Erlin said in a statement.

Eight percent believe they need expertise in the cloud.

“Growing adoption of cloud, IoT and DevOps brings about new challenges that security teams with need to keep up with, and if organizations want to bridge a technical skills gap they should look to work with security vendors and managed security providers who can help them address today’s major attack types, while also offering training to their existing IT teams,” Erlin said.

“As security continues to become an even bigger challenge for organizations, we can expect to see more and more businesses outsourcing to gain security expertise in the future,” he added.

Another (ISC)2 survey of more than 3,300 IT professionals stated that there is no adequate  resources for security training.

Only thirty five percent said that there is active action taken on security issues.

“Security is a shared responsibility across any enterprise or government agency,” (ISC)2 CEO David Shearer said in a statement. “Unless IT is adequately trained and enabled to apply best practices across all systems, even the best security plan is vulnerable to failure.”

____________________________________________________________________________________________

AlertSec ACCESS is a patent pending technology designed to check that devices are encrypted before access to a network is granted. Encrypted devices secure your data even if they are lost or stolen.

New Anti-Malware Engine by BullGuard

September 30th, 2017

London cybersecurity software provider BullGuard launched new anti-malware engine to detect and block advanced threats.

“The new engine is specifically designed to protect against zero-day threats or threats, such as polymorphic malware and file-less attacks, for which traditional signature-based engines are insufficient. The engine monitors a wide array of behaviours across the device and utilizes a comprehensive set of rules to discriminate bad behaviour from good,” explained Paul Lipman, CEO of BullGuard.

“The client-side engine is supported by a cloud-based machine learning system that continually learns from data across our customer base, and from our automated malware research systems, so the ruleset and engine functionality improve on an on-going basis,” continued Lipman.

The company is further branching out from its consumer antivirus roots with a real-time Home Network Scanner feature in BullGuard Premium Protection that continually scans a home’s Wi-Fi networks for internal threats. It also enlists the cloud to scan home networks using external vectors, a similar tactic to that used by security professionals to perform penetration testing.

Home Network Scanner finds cybersecurity problems. There is a rise in the attack on IoT devices.

“Earlier this year BullGuard released an IoT scanner that checks whether your home network is accessible from the open internet. We found that approximately five percent of people using our scanner had open ports that could potentially be compromised by attackers,” revealed Lipman.

“Consumer routers are notoriously hackable, as we’ve seen this year in multiple news stories (most notably the Wikileaks revelation about how the CIA has been pwning consumer routers for over a decade),” he added. “The new home network scanner offered in BullGuard Premium Protection takes this scanning to the next level, utilizing a deeper scan from multiple locations in the cloud, and coupling this with internal network scanning capabilities to ensure that our customers are immediately aware of potential vulnerabilities.”

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.

Equifax Web Application Vulnerability

September 9th, 2017

Equifax mentioned that there was Web application vulnerability in May to July which exposed data of 143 million U.S. consumers.

Affected data includes names, Social Security numbers, birthdates and addresses, as well as some driver’s license numbers. Credit card numbers for approximately 209,000 consumers and dispute documents with personally identifiable information for approximately 182,000 consumers were accessed.

As per the global security strategist at Absolute, Richard Henderson – “Many people are going to lose their jobs, including Equifax executives, people will be brought before Congress to explain what happened, and consumer trust in all of the credit reporting agencies will be eroded.”

“It may be time for us to reconsider exactly how we allow companies to store all of this data,” Henderson added. “It’s clear that these mega-databases are prime targets for attack, and we may need to take a hard look at legislative changes that will force data brokers and collectors to take security up a few levels.”

“I apologize to consumers and our business customers for the concern and frustration this causes,” Equifax chairman and CEO Richard F. Smith said in a statement. “We pride ourselves on being a leader in managing and protecting data, and we are conducting a thorough review of our overall security operations.”

As per Illumio head of cybersecurity strategy Nathaniel Gleicher it is difficult to keep large data secure.

“Even large organizations struggle because it’s far too easy for intruders to slip across the perimeter and then bide their time inside compromised networks until they can get to the most valuable data,” Gleicher said. “If we want to stop breaches like this, we have to get much better at stopping lateral movement within compromised networks.”

As per chairman and founder of CyberScout, Adam Levin highlights the importance of implementing multi-factor authentication.

“While we don’t yet know the full dimensions of the Equifax breach, where the most sensitive information of over a third of the American population could have been exposed to cybercriminals, tens of millions of us are now forced to look over our shoulders for the rest of our lives because tons of Social Security numbers, the skeleton key to our lives, are out there for cybercriminals to steal and exploit,” Levin said.

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.

New Cyber Security Strategy – Deceiving the Deceivers

September 5th, 2017

New cyber security battle is fought in a new way. Deception is the old strategy used in business, warfare and politics. It is now implemented in IT security.

Cyber criminals are long using deception policy to gain information. Now, new generation start-ups are using the same idea to avoid them. They are confusing the attackers by masking the real system.

“The idea is to mask real high-value assets in a sea of fake attack surfaces,” said Ori Bach, VP of products and marketing at TrapX Security. “By doing so, attackers are disoriented.”

Once attackers enter the system through malicious ways, they are free to roam inside. As per the Gartner analyst Lawrence Pingree, attackers must “trust” the environment that they insert malware into.

“Deception exploits their trust and tempts the attacker toward alarms,” said Pingree. “Deception also can be used to move an attacker away from sensitive assets and focus their efforts on fake assets – burning their time and the attacker’s investment.”

The main aspect is to manage real user endpoint lures.

“Distributed deception platforms (DDP) are solutions that create faked systems (often real operating systems, but used as sacrificial machines), lures (such as fake drive maps and browser histories) and honeytokens (fake credentials) on real end-user systems to entice and mislead the attacker to faked assets in order to enhance detection and to delay their actions as they attack those decoy assets,” wrote Pingree.

Experts believe that deceptive technology must not only create honeypots but a whole system to make it real.

“Ideally, organizations can use DDP solutions to create ‘intimate threat intelligence’ and use that to enrich their other tools to enhance prevention at the network and other security defensive layers,” said Pingree.

“Since you never know where you might be attacked, the ideal deception strategy should cover as many layers of the network and as many types of assets as possible,” said Bach. “For a deception tool to be effective in an enterprise environment, it must be integrated with the infrastructure (e.g. Active Directory, the networking infrastructure) and the security ecosystem.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

IoT Security Bill

August 2nd, 2017

This week the Internet of Things Cybersecurity Improvement Act of 2017 was introduced by a bipartisan group of U.S. senators. The rules sets minimum conditions and requirements for the security of Internet-connected devices purchased by the U.S. government. It also provides legal protections to security researchers.

Features:

(1) Devices which are connected to the internet should be patchable

(2) Industry standard protocols should be implemented

(3) Hard-coded passwords that can’t be changed should be leveraged

(4) Security vulnerabilities should not be present

It also asked the Office of Management and Budget to create alternative security conditions for devices with limited data processing and software functionality.

As per the bill, the definition of an Internet-connected device “is capable of connecting to and is in regular connection with the Internet,” and “has computer processing capabilities that can collect, send, or receive data.”

“While I’m tremendously excited about the innovation and productivity that Internet of Things devices will unleash, I have long been concerned that too many Internet-connected devices are being sold without appropriate safeguards and protections in place,” Sen. Mark Warner said in a statement.

“This legislation would establish thorough, yet flexible, guidelines for Federal Government procurements of connected devices,” Warner added. “My hope is that this legislation will remedy the obvious market failure that has occurred and encourage device manufacturers to compete on the security of their products.”

Arxan Technologies VP EMEA Mark Noctor hopes that other government will also follow “While there has been useful work in the area from bodies such as ENISA in Europe, it appears that an act of law is the best way to get vendors to ensure security,” he said.

“While the focus on basic measures such as password management is a good starting point, we’d also like to see future legislation build on this to require more advanced security measures, such as using code hardening to protect a connected device’s software from being broken into and reverse engineered for malicious purposes,” Doctor said.

Security research is also provided legal protections.

“I’ve long been making the case for reforms to the outdated and overly broad Computer Fraud and Abuse Act and the Digital Millennium Copyright Act,” Sen. Ron Wyden said in a statement.

“This bill is a bipartisan, common-sense step in the right direction.”

“This bill is designed to let researchers look for critical vulnerabilities in devices purchased by the government without fear of prosecution or being dragged to court by an irritated company,” Wyden added. “Enacting this bill would also help stop botnets that take advantage of Internet-connected devices that are currently ludicrously easy prey for criminals.”

____________________________________________________________________________________________

No server, IT knowledge or training is needed as everything is included in an Alertsec subscription.

U.S Election Systems Attacked by Russian Hackers

June 22nd, 2017

Thirty-nine states were hit by Russian hackers prior to the 2016 U.S. election. In Illinois, hackers got access to the database and tried to delete or alter voters data. A software was also accessed which was used by poll workers on Election Day.

“Last year, as we detected intrusions into websites managed by election officials around the country, the administration worked relentlessly to protect our election infrastructure,” Eric Schultz, spokesman for former President Barack Obama, told Bloomberg.

“Given that our election systems are so decentralized, that effort meant working with Democratic and Republican election administrators from all across the country to bolster their cyber defenses.”

A former senior U.S official mentioned that Russians now possess knowledge of U.S. election systems prior to the next presidential election.

“The U.S. must start putting precautions in place today that assures voter data and election systems are protected, or else history is bound to repeat itself.”Seclore CEO Vishal Gupta said.

Federal agents found traces of hacking into the database. Many states refused to cooperate with the agency.

“It’s laughable how systems we thought were immune to attack were so woefully under-secured.” Venafi chief security strategist Kevin Bocek said.

“We’ve seen this with ATMs and POS systems,” Bocek added. “The finance and retail industries have effectively responded to their own deep vulnerabilities, and now state, local and federal governments need to respond in the same way to protect voting systems.”

“Without a record of who is accessing, changing or deleting data, it’s virtually impossible to detect the compromise,” he said. “It’s not hard to imagine a scenario where voter data has been compromised but has gone undetected due to lack of auditing or evidence of a breach.”Varonis vice president of field engineering Ken Spinner said

“It’s more important than ever to monitor file activity and user behaviour, so that if an outside party is attempting to manipulate or delete information — as happened in Illinois — that activity is able to be flagged and investigated right away,” Spinner added.

“Whether you’re a small company or a national government, the best risk reduction is to limit access to those who need it the most, keeping sensitive data locked down, and to monitor data access so that when something suspicious happens, you can catch it before it turns into global headlines,” Spinner said.

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc. Perhaps, most importantly, your login credentials to cloud applications are protected. 

Data breach trends in 2016

April 5th, 2017

As per the IBM report, data breach increased 566 percent in 2016 from 600 million to more than 4 billion. The report also mentioned that healthcare in no longer the most attacked sector. Most of the attack was carried out on financial services industry.

In 2016, 12 million records were affected in healthcare. In previous year, the breach was 100 million records which counts to eighty eight percent drop. IBM surveyed 8000 security clients in 100 countries.

IBM Security Vice President of Threat Intelligence Caleb Barlow mentioned that the cyber attacks was carried out with innovative techniques.

“While the volume of records compromised last year reached historic highs, we see this shift to unstructured data as a seminal moment,” Barlow said in a statement. “The value of structured data to cyber-criminals is beginning to wane as the supply outstrips the demand. Unstructured data is big-game hunting for hackers and we expect to see them monetize it this year in new ways.”

IBM mentioned that for ransomware attacks, 70 percent of the companies paid more that $10,000 to regain the access to data. According to the FBI, cyber-criminals were paid $209 million in first three months of 2016.

Ransomware attacks are on the rise with 400 percent increase. In the coming time healthcare will do many reforms which includes increase in internet of things (IoT) technology. This will increase the attacks.

“Retail and financial services have battened down their hatches,” IDC Health Insights Research President Lynne Dunbrack told HealthITSecurity.com in a 2016 interview. “Now the cyber criminals might still be nipping at those heels, but they are looking at other targets, healthcare being one of them.”

CynergisTek Vice President Dan Berger mentioned that attacks against healthcare are carried out with sophistication.

“The dramatic increase in hacking attacks in 2016, coupled with the large number of patient records compromised in those incidents, points to a pressing need for providers to take a much more proactive and comprehensive approach to protecting their information assets in 2017 and beyond,” Berger stated.

___________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Insider security breach at KY

April 2nd, 2017

Kentucky-based Med Center Health mentioned that a former employee accessed certain patient billing information without permission. As per the reports, facility found out that on two instances the person “obtained certain billing information by creating the appearance that they needed the information to carry out their job duties for Med Center Health.”

“The evidence we have gathered to date suggests that the former employee intended to use these records to assist in the development of a computer-based tool for an outside business interest which had never been disclosed to Med Center Health officials,” Med Center Health explained in its letter, signed by CEO Connie Smith.

Person accessed the data and copied it on encrypted CD and encrypted USB drive. Facility mentioned that the data is not related to work responsibilities of the employee. Affected information included Social Security numbers, health insurance information, diagnoses and procedure codes, and charges for medical services. Patients medical records were not copied.

Patients who were treated at The Medical Center Bowling Green, The Medical Center Scottsville, The Medical Center Franklin, Commonwealth Regional Specialty Hospital, Cal Turner Rehab and Specialty Care and Medical Center EMS between 2011 and 2014 got impacted.

Law enforcement asked the facility to delay its data breach notification process.

“We sincerely apologize for any concern and inconvenience this incident may cause you,” the letter read. “We continue to review the incident and to take steps aimed at preventing similar actions in the future. Those actions include re-enforcing education with our staff regarding our strict policies and procedures in maintaining the confidentiality of patient information.”

Facility did not mention the number of individuals affected. It has established a dedicated call center to answer patients’ queries.

As per the statement, “We are offering credit monitoring and identity protection services to eligible patients and enrollment instructions are contained in the letters sent to the patients. We also recommend that you review the explanation of benefits that you receive from your health insurer. If you see services that you did not receive, please contact your health insurer immediately.”

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

iCloud hacking incident

March 27th, 2017

“Turkish Crime Family”, the group of hacker is threatening to reset millions of iCloud accounts and delete all data from iPhones if ransom of $75,000 in crypto currency or $100,000 in iTunes gift cards is not paid.

Apple mentioned that its systems are not hacked.

“There have not been any breaches in any of Apple’s systems including iCloud and Apple ID,” the company mentioned. “The alleged list of email addresses and passwords appears to have been obtained from previously compromised third-party services.”

“To protect against these types of attacks, we always recommend that users always use strong passwords, not use those same passwords across sites and turn on two-factor authentication,” the company added.

As per the reports, passwords and email addresses matched to data from the linkedin breach that was disclosed last year.

John Bambenek, threat systems manager at Fidelis Cybersecurity, said the threat ultimately sounds like a stunt. “There are always people who make unfounded threats to organizations in the hope of an easy payday — in this case, the hackers want $100,000 in iTunes gift cards,” he said.

“Companies must take due diligence but assess the adversary before paying to see if the threat is real,” Bambenek added. “As in the physical world, the odds are that paying a ransom, especially in a public manner, means the threats only increase.”

Still, Lamar Bailey, director of security research and development for Tripwire mentioned that iPhones can be wiped remotely if hacker posses the data.

“The hackers cannot remove backups for Apple devices from the cloud, but changing the passwords will make it hard for the legitimate users to reset and recover their devices,” Bailey said.

In recent survey of 1001 iPhone users, forty seven percent said that they are not comfortable in storing sensitive data in icloud.

“The worst thing in the world would be if someone thought they backed something up, deleted it, and found that it wasn’t on the cloud,” Network Remedy business development manager Aaron Mangal told Clutch.

___________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by CheckPoint and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.