alertsec

Series B funding for Trusona

June 17th, 2017

Before four months, Ariz.-based Trusona has Series A funding of $8 million. Now, they have got additional funding of $10 million in a Series B round. This new round was led by Microsoft Ventures along with existing investor Kleiner Perkins.

“Trusona offers businesses the ability to replace a static username and password combination (which can always be lost, stolen or compromised) with a more dynamic way to prove authentication online,” explained Ori Eisen, CEO and founder of Trusona. “With the Trusona app, users can log in with a single tap without typing any username or passwords.”

Trusona is expert in authentication and federated identity technologies for companies. TruToken is the patented technology of the company. It analyzes the physical magnetic signature of a card and the way of swiping the card by the user to determine fraud. It also offers two-step authentication process which involves TruVerify for logins and TruFidelity, which helps combat attacks during online transactions.

Cloud Security Alliance survey which was sponsored by Centrify mentioned that 22 percent of breaches in last year was caused due to stolen user and password. Other survey conducted by SailPoint Market Pulse mentioned that the stolen passwords are also sold.

“All you need is to register with the free Trusona app and the relying party (such as banks, healthcare providers, WordPress, streaming media, Salesforce, a company’s network, etc.) sends you a prompt,” added Eisen.

Trusona continuously tries to look for fraud transactions.

“What sets Trusona apart is its patented technology that uses the unique nature of each authentication to assure the transmission is authentic and not a session replay,” Eisen said. “Trusona’s patented anti-replay technology, infused in every solution, protects from malware that can replay static usernames and passwords to compromise any online account. This assures the right person is behind every digital interaction.”

Microsofts is impressed with this new technology.

“Identity management is a critically important and growing space,” said Nagraj Kashyap, corporate vice president of Microsoft Ventures, in prepared remarks. “Helping businesses and consumers move toward a safer and more secure digital world is a priority for Microsoft. We believe in the work Trusona is doing to give their enterprise clients peace of mind when it comes to data protection.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Half of the third party softwares are outdated

June 13th, 2017

Synopsys conducted a study of 128,782 software applications which shows that almost fifty percent are old.

“Over time, vulnerabilities in third-party components are discovered and disclosed, leaving a previously secure software package open to exploits,” Synopsys Software Integrity Group general manager Andreas Kuehlmann said in a statement. “The message to the software industry should not be whether to use open source software, but whether you are vigilant about keeping it updated to prevent attacks.”

The survey also showed that some of the vulnerability dates back to 1999.

“Coming on the heels of last month’s WannaCry outbreak, the insights in the report serve as a wake-up call that not everyone is using the most secure version of the available software,” Synopsys security strategist Robert Vamosi said. “The update process does not end at the time of software release, and an ongoing pattern of software updates must be implemented throughout the product lifecycle.”

“As new CVEs are disclosed against open source software components, developers need to know whether their products are affected, and organizations need to prevent the exploit of vulnerabilities with the latest versions when they become available,” Vamosi added.

Vanson Bourne survey mentioned that companies are not up to date considering patches and new versions. Half of the user mentioned that they have to bring a team for patches or to deal with a security issue.

“We can see with the recent WannaCry outbreak — where an emergency patch was issued to stop the spread of the worm — that enterprises are still having to paper over the cracks in order to secure their systems,” Bromium CTO and co-founder Simon Crosby said in a statement. “The fact that these patches have to be issued right away can be hugely disruptive to security teams, and often very costly to businesses, but not doing so can have dire consequences.”

“WannaCry has certainly shined a spotlight on a problem that has plagued enterprises for years,” Crosby added. “It is simply impractical to expect enterprise organizations to continually upgrade — even when they have licenses, the actual deployment creates huge disruption, or in some instances would require an entire hardware refresh and result in huge upfront capital costs.”

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. 

Huge Gap in Demand and Supply for CyberSecurity Workforce

June 11th, 2017

The 2017 Global Information Workforce Study (GISWS) conducted a survey which showed that cybersecurity workforce gap will rise to 1.8 million by 2022. Another study conducted by Frost & Sullivan for (ISC)2’s Center for Cyber Safety and Education also mentioned that there is scarcity of skilled CyberSecurity workforce.

Average information security worker in North America get $120,000 per year.

The survey shows that the main reason behind the shortage are –

Forty-nine percent  – Difficult to find qualified personnel

Forty-two percent – Leadership fails to understand requirements

Thirty-one percent – Difficult to retain talent

Thirty-one percent – There is no clear security expert career path

Due to above, seventy percent of companies plan to increase the size of the security team. Operations & Security Management is the most sought after positions.

“It is clear, as evidenced by the growing number of professionals who feel that there are too few workers in their field, that traditional recruitment channels are not meeting the demand for cybersecurity workers around the world,” the report states. “Hiring managers must therefore begin to explore new recruitment channels and find unconventional strategies and techniques to fill the worker gap.”

Herjavec Group survey shows that there will be even greater workforce gap.

“Unfortunately, the pipeline of security talent isn’t where it needs to be top help curb the cybercrime epidemic,” Herjavec Group founder and CEO Robert Herjavec said. “Until we can rectify the quality of education and training that our new cyber experts receive, we will continue to be outpaced by the black hats.”

“There is a zero-percent unemployment rate in cyber security, and the opportunities in this field are endless,” Herjavec added. “Gone are the days of siloed IT and security teams. All IT professionals need to know security — full stop.”

____________________________________________________________________________________________

Alertsec helps you comply with HIPAA, PCI and SOX requirements. The implemented encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Kmart Attacked by Hackers Again

June 9th, 2017

Kmart suffered another data breach when its server was attacked by hackers.

“Our Kmart store payment data systems were infected with a form of malicious code that was undetectable by current anti-virus systems and application controls,” a Kmart FAQ on the data breach states. “Once aware of the new malicious code, we quickly removed it and contained the event.”

Sears Holdings owns Kmart. It has not mentioned the number of affected card holder in the statement. Also, the location impact is also not disclosed. But it mentioned that only card information got breached.

“All Kmart stores were EMV ‘Chip and Pin’ technology enabled during the time that the breach had occurred and we believe the exposure to cardholder data that can be used to create counterfeit cards is limited,” the company stated. “There is no evidence that kmart.com or Sears customers were impacted nor that debit PIN numbers were compromised.” 

This is the second breach in three years. Security of the card is crucial and online shops are finding it difficult to secure.

“Consumers should monitor the transactions on any account linked to credit or debit cards they have used in a Kmart store and report any fraudulent transactions to their bank as soon as they are identified,” Capps said. “Given the brisk migration to a chip-and-pin system, we are unlikely to see the stolen credentials used for in-person payments, but they can be used for online transactions. “

 In 2014, Kmart was affected by malware.

 “We will likely find that this attack started with a stolen credential, used to inject the malware into Kmart’s networks,” Nir Polak, CEO of security vendor Exabeam mentioned. “In this modern operating environment, better behavioural analysis — focused on both use of credentials and on the system processes that are spawned from malware — is the best way to detect and shut down these attacks.”

____________________________________________________________________________________________

 Alertsec encryption is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

IoT Security

June 6th, 2017

The Internet of Things (IoT) is seeing the rapid rise but it seems to repeat the history of technology evolution. The pace of growth is not matched with security requirements. IoT helps automation as well as real-time synchronization of business processes. The implementation helps for precise response in real time.

 “IoT devices assist businesses in real-time responses to supply-and-demand market effects, they empower patients and healthcare professionals to continuously monitor conditions, and they enable electric grid operators to adjust the production, flow, and cost of electricity according to real-time market demands to ensure the most efficient, resilient, and cost-effective solution,” says James Scott, senior fellow at the Institute for Critical Infrastructure Technology, a Washington DC-based cybersecurity think tank.

 Hundreds of companies now provide IoT solutions. But security aspect is lagging behind.

 “As was shown in the Dyn attack, we appear doomed to repeat the mistakes we made with PCs and mobile devices in IoT,” says Tom Byrnes, founder and CTO of ThreatSTOP. “Once again, cost reduction has made security an afterthought, if a consideration at all, with predictably disastrous consequences.”

It is different than other systems as threat involved is higher due to many connection points. As per the Intel, 200 billion IoT devices will be online by 2020.

“Most IoT devices and sensors lack any form of security or security-by-design,” says Scott.

 “Without the layered security of the IoT microcosms, hacktivists can disrupt business operations, cyber-criminals can compromise and ransom pacemakers, and cyber-jihadists or nation-state sponsored threats can compromise and control the grid,” to name just a few of the potential IoT security attack scenarios.

“Every IoT device has inherent vulnerabilities and exploitable weaknesses resulting from a culture that sacrifices security in the design process in favour of meagre savings and in the rush to market,” says Scott. “The overwhelming preponderance of insecure IoT devices in the future will render security an impossibility in the future.”

Most of IoT devices do not have computational power or battery life to have security applications.

“We need to develop cost-effective IoT devices that incorporate security-by-design rather than cheaper and less secure alternatives,” says Scott. “While that may save a few dollars in the short-term, it puts the public and critical infrastructure at risk of losing millions of dollars and valuable data in the long-term.” 

Also, there is a lack of platform standards.  

“With old devices lasting longer than ever before, there are many devices currently in use that do not support new standards,” says Sam Rehman, Chief Technology Officer of Arxan. “Hackers will always see legacy devices as a prime choice of the entry.”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Healthcare Industry Most Affected by Data Breach

June 2nd, 2017

As per reports, healthcare industry was frequently attacked by cyber hackers. Vectra Networks survey suggests that 164 threats were detected per 1,000 host devices. The education industry has 145 threat detections per 1,000 host devices.

“The data shows that healthcare and education are consistently targeted and attackers can easily evade perimeter defences,” the report mentions.

There is a rise of 265 percent in the average number of reconnaissance, lateral movement and exfiltration detections. Also, 333 percent rise was recorded for reconnaissance detections. Finance and technology received below-average threat detection rates mainly due to stronger policies and good response. Media companies has highest rates of exfiltration.

Healthcare industry now has a significant number of IoT.

“These unsecured devices are easy targets for cybercriminals,” the report mentions.

As per Synopsys survey, sixty percent of manufacturers and 49 percent of HDOs said that usage of mobile devices in hospitals and other healthcare organizations increase data risk. But only 17 percent are employing steps to prevent attacks.

“The security of medical devices is truly a life or death issue for both device manufacturers and healthcare delivery organizations,” Ponemon Institute chairman and founder Dr Larry Ponemon said in a statement. “According to the findings of the research, attacks on devices are likely and can put patients at risk. Consequently, it is urgent that the medical device industry makes the security of its devices a high priority.”

Medical devices are difficult to secure as per the eighty percent of respondents.

“These findings underscore the cyber security gaps that the healthcare industry desperately needs to address to safeguard the wellbeing of patients in an increasingly connected and software-driven world,” Synopsys global director of critical systems security Mike Ahmadi said in a statement.

“The industry needs to undergo a fundamental shift, building security into the software development lifecycle and across the software supply chain to ensure medical devices are not only safe but also secure,” Ahmadi added.

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Records available online due to flaw in the system

May 29th, 2017

Molina Healthcare had patients’ medical claims online. The duration of the breach is not clear. Also, the reason behind the leak is also not available. Investigative reporter Brian Krebs received tip about the breach.

According to the reports, customer could see other customers’ medical claims only by changing a single number in the URL. There was no requirement of the authentication.

“It’s unconscionable that such a basic, Security 101 flaw could still exist at a major healthcare provider today,” Krebs wrote. “However, the more I write about these lame but otherwise very serious vulnerabilities at healthcare firms the more I hear about how common they are from individual readers.”

Records did not include Social Security numbers. Affected information included patient names, addresses and birthdates, as well as diagnosis, medication and medical procedure information. Molina said that it has fixed the problem.

“Because protecting our members’ information is of utmost importance to Molina and out of an abundance of caution, we are taking our ePortal temporarily offline to perform additional testing of our system security,” the company said. “Molina has also engaged Mandiant to assist the company in continuing to strengthen our system security.”

World focus remains on cyber threats like WannaCry but many organizations lack basic security, Bitglass CEO Nat Kausik mentioned. “This is especially true in the heavily regulated healthcare industry,” he said. “Molina Healthcare is just one example of an IT oversight that led to massive exposure of PHI.”

“Healthcare organizations are major targets and will see any and all flaws exploited by malicious individuals,” Kausik added. “As healthcare organizations make patient data more accessible to individuals and new systems, they must make information security their top priority.”

There is increase in data breach this year.

“Unauthorized disclosures continue to tick up and are now the leading cause of breaches as data moves to cloud and mobile and as external sharing becomes easier. Unauthorized disclosures includes all non-privileged access to PII or PHI,” the report states. “Hacking and IT-related incidents doubled year-over-year, an indication that malicious actors are not letting up and are increasingly aware of PHI’s high long-term value.”

____________________________________________________________________________________________

Alertsec is powered by Check Point and has the highest security certifications: FIPS 140-2, Common Criteria EAL4 and BITS.

Increase in DDoS Attacks

May 26th, 2017

Verisign recent report shows that 59 percent of distributed denial of service attacks peaked over 1 Gbps. Also, 23 percent peaked over 10 Gbps. The average peak attack size was 14.1 Gbps which is 26 percent increase over the last quarter.

The biggest attack included 60 Gbps for more than 15 hours.

“The attackers were very persistent in their attempts to disrupt the victim’s network by sending attack traffic on a daily basis for over two weeks.”

Survey also mentioned that IT services/cloud/SaaS industry was the prime target.

“In Q1 2017, Verisign observed that DDoS attacks remain unpredictable and persistent, and vary widely in terms of volume, speed and complexity,” the report mentioned. “To combat these attacks, it is becoming increasingly important to constantly monitor attacks for changes in order to optimize the mitigation strategy.”

Imperva’s Global DDoS Threat Landscape mentioned that 74 percent of DDoS attack victims were repeated.

“In the most extreme case, an established U.S.-based science news website was hit 1,046 times by low-volume bursts lasting 10 minutes or less,” Igal Zeifman, Incapsula security evangelist at Imperva, told eSecurity Planet by email. “This attack, and many other repeat assaults, fit the pattern of online harassment.”

“These attacks are a sign of the times — launching a DDoS assault has become as simple as downloading an attack script or paying a few dollars for a DDoS-for-hire service,” Zeifman added.

“Using these, non-professionals can take a website offline over a personal grievance or just as an act of cyber vandalism in what is essentially a form of Internet trolling.”

It also mentioned that the U.S. was the most targeted country and majority of attacks came from China.

Neustar’s Worldwide DDoS Attacks and Cyber Insights Research Report mentioned that the average cost of a DDoS attack amounts to $2.5 million in lost revenue.

“The question organizations must ask now is how they are prepared to manage these highly disruptive events,” Neustar head of research and development Barrett Lyon mentioned in a statement.

“Are they prepared for the bad day where they customers call and ask why the website is down?”

____________________________________________________________________________________________

Alertsec’s cloud-based information security service provides an easy and convenient way to protect information on your organization’s laptops and computers.

Security Patch at Twitter

May 24th, 2017

One can send message to anyone using ‘@‘ from any given account in Twitter platform. But this arrangement is challenged by a security bug. Security researcher who goes by alias ‘Kedrisch’ reported this bug to the twitter through Twitter’s bug bounty program run by Hackerone.

“The reporter discovered a flaw in the handling of Twitter Ads Studio requests which allowed an attacker to tweet as any user,” the Hackerone bug report states. “By sharing media with a victim user and then modifying the post request with the victim’s account ID, the media in question would be posted from the victim’s account.”

Kedrisch also provided detailed writeup on the flaw and the steps to discover the vulnerability. The process involves intercepting the owner_id and user_id parameters and using it as a part of the GET and POST actions.

The bug allowed hackers to publish post through any user. Twitter mentioned that the vulnerability was not exploited.

“As former appsec tech lead for twitter, I’ll just say I’m not shocked this was in code from the ads team,” security researcher Charlie Miller wrote in a Twitter message.

Miller has won the famous Pwn2own hacking competition. He is also one who hacked iPhone first time.

Miller responded to one of his team mate, “if a team is responsible for the vast majority of security issues, maybe they should feel not awesome?”

Twitter awarded Kedrisch with $7,560 for the disclosure of the bug. Kedrisch has also disclosed the bug in the twitter platform in December 2016. He got $1,120 for a low severity bug. The ethical hacker also got $1,260 in Oct 2016 for reporting disclosure flaw in the publish.twitter.com. This particular bug was rated as medium security issue.

Kedrisch received three other bounties totaling $1,540 which was not publicly disclosed.

____________________________________________________________________________________________

The Alertsec service protects everything stored on the computer such as Word, PowerPoint, Excel, Outlook, Gmail, Photos, Credit Card data files etc.

IoT Threat Defense Platform of Cisco

May 22nd, 2017

Cisco has created new IoT Threat Defense Platform to tackle growing threats. It consists of integrated security technologies which protects enterprise IoT deployment from hackers. It uses the network segmentation capabilities. Its’ AnyConnect provides remote access functionality.

Marc Blackmer, product marketing manager of Industrial Solution at Cisco’s Security Business Group said that it’s best not to leave any stone unturned given the scale and complexity of IoT implementations.

“A characteristic of the IoT is that it opens a multitude of attack vectors,” Blackmer mentioned. “Now, organizations need to be aware of, not just what servers and workstations are online, but whether their HVAC system or connected lighting have been mistakenly connected to the Internet.”

Researchers at Dalhousie University in Canada and Weizmann Institute of Science in Israel conducted a test. It demonstrated a citywide bricking attack using smart bulbs. Companies are connecting their IoT devices to internet and hackers are looking for loopholes.

“A simple Shodan search can turn up medical devices and industrial equipment connected to the Internet, as well,” Blackmer said. “With this in mind, we selected the technologies in our portfolio that would, first, segment IoT devices, to protect them from external attacks, as well as protect the business should one of those devices be compromised, and then those that provide broad, complementary coverage across a range of attack vectors.”

Connecting virtual local area networks (VLANs) to the scale of the IoT can overwhelm even the most efficient IT teams. Cisco products and team is also helping companies to secure their networks from stealthier threats.

“We are inspecting the traffic throughout the organization (with Stealthwatch, Advanced Malware Protection, and our NGIPS [Next-Generation Intrusion Prevention System], which is included with our NGFW [Next-Generation Firewall]), as well as that attempting to exit the organization (with Umbrella and Cognitive Threat Analytics).”

____________________________________________________________________________________________

Alertsec is powered by Check Point Endpoint Security products, which are positioned in the leader’s quadrant in Gartner’s Magic Quadrant for Mobile Data Protection.