Thursday, January 16, 2025
Home Blog Page 66

No sign of reprieve from Ransomware attacks for companies leading into 2022

By
RiSec.General
-
1
4534726
4534726

Supply chain attacks and software exploitations are set to continue next year, and remote or hybrid work may complicate cyber-preparedness, cybersecurity professionals say.

Ransomware attacks show no signs of slowing down in 2022, posing legal, reputational, and regulatory risks for businesses. These types of hits grew alongside an uptick in attacks related to remote work during the covid pandemic.

“These are sophisticated attacks, and it’s scary the amount of damage these groups can do,” said Iliana Peters, shareholder at Polsinelli PC in Washington, D.C. “What we’re seeing now is that there’s no indication that that’s going to drop off next year.”

Ongoing Ransomware Attacks

Supply chain attacks, including hits to Kaseya Ltd. and Microsoft Corp.’s Exchange software, made big headlines in 2021, and those types of hits could bring more companies unwanted press attention in 2022, attorneys and cybersecurity professionals say.

Software supply chain vulnerabilities are particularly insidious because they can be leveraged to “magnify” the impact of a cyberattack, said Alex Iftimie, a partner at Morrison & Foerster LLP in San Francisco.

“We’re seeing as a trend in 2021 and into 2022 the targeting of software and IT tools that are being used across industries and across companies to allow the hackers and malicious actors to get into not one or two systems, but thousands of systems in fairly short order,” Iftimie said.

Exploits used in the first quarter of 2021 are still being used today, nearly a year later, underscoring the need for robust patching, said Keith Wojcieszek, managing director of cyber risk at Kroll in Washington.

Despite such high-profile attacks, however, it’s important to not forget about phishing, which remains one of the highest-volume types of vulnerabilities, he said.

“Phishing training, especially with the workforce at home, is crucial,” Wojcieszek said.

Hits against critical infrastructure in the vein of attacks on meat supplier JBS SA and Colonial Pipeline Co. are also probably going to continue, Wojcieszek added. Both cyberattacks were traced back to hacking groups based in Russia.

President Joe Biden warned Russian President Vladimir Putin in July that 16 critical infrastructure sectors ranging from transportation to agriculture were off-limits. After the warning, hacks stemming from overseas still occurred, including one on Iowa corn and soybean producer New Cooperative in September traced to Russia-linked ransomware group BlackMatter.

The Cybersecurity and Infrastructure Security Agency in November mandated that federal civilian agencies remediate known vulnerabilities within specific time frames.

The Biden administration is likely to continue its push to beef up cybersecurity among the federal government, contractors, and other key ransomware targets, said Veronica Glick, a partner at Mayer Brown in Washington.

“I think there will be heightened cyber standards and more reporting requirements,” Glick said. “More broadly, I think critical infrastructure entities, their suppliers, and tech companies with broad supply chain reach can expect increased scrutiny.”

Sector-specific regulations are likely to continue to increase , and businesses will likely have to work more aggressively to meet standards imposed by the federal government and other entities, Iftimie said.

“Companies need to focus on the fact that requirements they have that relate to cybersecurity are only going to become more complicated than they have been today,” he said.

Being Prepared

Attacks may happen overnight, but that doesn’t mean a company’s plan of action needs to spring up that way, said Kristin Hadgis, a partner at Morgan Lewis & Bockius LLP in Philadelphia. A good incident response plan enables businesses to act nimbly and allows key players from information technology, legal, human resources, and customer support, among other teams, to remediate an intrusion effectively, she said.

“Make sure people on those teams are regularly meeting,” Hadgis said. “That might seem simple, but in the event of an incident, you have your team and you know what the roles are.”

It also helps to line outside counsel up before a cyber event so that they can jump into action in a crisis, she said.

Companies should limit access controls, institute patching programs that are “aggressively implemented and enforced,” and employ multi-factor authentication, said Michael Gold, a Los Angeles-based partner and co-chair of the cybersecurity and privacy group at Jeffer Mangels Butler & Mitchell LLP.

Moving data and systems to the cloud is a good step to take as well, but companies should use rising cybercrime as an opportunity to reevaluate what their network security looks like and what’s covered—and what’s not—by current operations, he added.

“Until you start thinking about your network in an expansive way, you’ll never be able to protect it effectively,” Gold said.

Bookmark
Please login to bookmarkClose

NEW Android Malware Targeting Brazil’s Itaú Unibanco Bank Customers

By
Steven Black (n0tst3)
-
0
droiid
droiid

As if December has not been inundated with non-stop malware attacks… Just over a week ago on realinfosec.net, we were able to confirm that 500,000+ Android Users Downloaded a New Joker Malware App from Play Store.

Researchers have discovered a new Android banking malware that targets Brazil’s Itaú Unibanco with the help of lookalike Google Play Store pages to carry out fraudulent financial transactions on victim devices without their knowledge.

“This application has a similar icon and name that could trick users into thinking it is a legitimate app related to Itaú Unibanco,” Cyble researchers said in a report published last week. “The [threat actor] has created a fake Google Play Store page and hosted the malware that targets Itaú Unibanco on it under the name ‘sincronizador.apk.'”

The tactic of leveraging fake app store pages as a lure is not new. In March, Meta (previously Facebook) disclosed details of an attack campaign that used its platform as part of a broader operation to spy on Uyghur Muslims using rogue third-party websites that used replica domains for popular news portals and websites designed to resemble third-party Android app stores, where attackers put fake keyboard, prayer, and dictionary apps that might appeal to the targets.

In the latest instance observed by Cyble, the fake URL not only impersonates the official Android app marketplace but also hosts the malware-laced Itaú Unibanco application, in addition to claiming that the app has had 1,895,897 downloads.

Users who install and launch the imposter app from the supposed Google Play Store page are subsequently prompted to enable accessibility services as well as other intrusive permissions that allow the malware to access notifications, retrieve window content, and perform tap and swipe gestures.

The goal of the trojan, per the researchers, is to perform fraudulent financial transactions on the legitimate Itaú Unibanco application by tampering with the user’s input fields, joining a long list of banking malware that abuse the accessibility API. Google, for its part, has begun imposing new limitations to restrict the use of such permissions that allow apps to capture sensitive information from Android devices.

This is far from the first time the Sao Paulo-based financial services company has come under the radar of financially-motivated threat groups. Earlier this April, ESET revealed a new banking trojan dubbed Janeleiro that was observed striking corporate users in Brazil at least since 2019 across various sectors such as engineering, healthcare, retail, manufacturing, finance, transportation, and government.

“Threat Actors constantly adapt their methods to avoid detection and find new ways to target users through increasingly sophisticated techniques. Such malicious applications often masquerade as legitimate applications to trick users into installing them,” the researchers said.

“Users should install applications only after verifying their authenticity and install them exclusively from the official Google Play Store and other trusted portals to avoid such attacks.”

Bookmark
Please login to bookmarkClose

Spider-Man: No Way Home, Pirated, Downloads Crypto-Mining Malware

By
Steven Black (n0tst3)
-
0
spidert
spidert

Using a Mask: Tricking Users into Downloading the Malware

Peter Parker might not be a mastermind cryptocurrency criminal, but the name Spiderman is quickly becoming more associated with the mining landscape. ReasonLabs, a leading provider of cybersecurity prevention and detection software, recently discovered a new form of malware hacking into customer computers in the guise of the latest Spiderman movie.

As perhaps the most talked-about movie for some time, Spiderman: No Way Home represents an excellent opportunity for hackers. It’s a chance to connect with millions of potential targets and hack into computers all around the globe. All today’s malicious actors need to do is promise their victims access to the latest movie, and they get an all-access pass to their PC.

The cryptocurrency mining malware discovered by ReasonLabs disguises itself as a torrent for the Spiderman: No Way Home movie, encouraging viewers around the world to download the file and open the computer to criminals.

Cybersecurity issues are on the rise in today’s digital world. There were around 714 million attempted ransomware attacks reported for 2021 – a 134% rise from 2020. As people spend more of their time online, both for work and entertainment, criminals are discovering new opportunities to pinpoint easy targets. One of the easiest ways for criminals to find their victims – is with the right lure.

With many viewers still unable to attend physical cinemas due to lockdown restrictions, fans of the Spiderman franchise have been keen to get their hands on the movie elsewhere. This might be why so many people chose to download the “leaked” file, identified as: spiderman_net_putidomoi.torrent.exe, when it first emerged.

According to ReasonLabs, however, this is far from the first-time criminals have tried to trick users by convincing them they’re downloading something they want.

While most people are aware of the threats associated with unknown files, criminals are excellent at making their downloads look legitimate. This specific cryptocurrency mining malware may have been around in a number of different disguises before donning the Spiderman outfit. ReasonLabs believes it has also been circulating as apps like Discord or Windows Updater.

What Does the Spiderman Malware Do?

The malware baked into the Spiderman: No Way Home torrent is not listed by VirusTotal at this time, but ReasonLabs believes it has been around for quite some time, affecting numerous users.

ReasonLabs noted they frequently see miners deploying in the disguise of common programs and files. Crypto-mining tools hidden in the files has grown increasingly popular in recent years, because they offer easy access to cash. Hiding a crypto miner in a file sure to attract a lot of attention, like a Spiderman movie, makes it easy to target as many victims as possible.

Crypto-Mining Malware

When a user downloads the file, the code adds exclusions to Windows Defender to stop you from tracking its actions, spawns watchdogs for protection and creates persistence. The overall purpose of the malware is to mine a kind of cryptocurrency called Monero (XMR) – one of the more untraceable and anonymous cryptocurrencies used frequently in the dark web.

Users afflicted by the malware may not immediately notice any change to their computer. However, as the technology draws on your CPU power, you may begin to see a reduction in speed, and problems with your overall computer functionality. Additionally, the damage is likely to eventually show up in the electricity bill too, as devices need to draw extra power for mining.

Even Spiderman Isn’t Safe

As consumers continue to spend more of their time online, malicious individuals are actively looking for new and improved ways to trick their users into downloading suspicious files. The Spiderman torrent malware is just one excellent example of this.

ReasonLabs found the malware during a routine search of the files in their substantial database. The company has collected a lot of malware data over the years, and routinely checks any files that may be identified as suspicious. After one of ReasonLabs’ users downloaded the Spiderman file, it was immediately flagged as suspicious and marked for investigation.

Currently, ReasonLabs are still in the process of actively researching where this malware came from and hope to provide some additional insights soon. In the meantime, be cautious about which spiders you trust.

The complete report by ReasonLabs

Bookmark
Please login to bookmarkClose

How to tell if someone is stealing your home WiFi

By
Steven Black (n0tst3)
-
0
2655807
2655807

Is your home WiFi sluggish? If you suspect someone is stealing your WiFi, here’s how you can detect and block unknown devices to ensure your home network is fully secure.

It’s Friday night. You’ve just finished a long week working from home. You decide to kick back on the couch and start binge-watching the latest Netflix series. After grabbing a couple of snacks and some drinks, you’re settled in and cosy

You contemplate downloading a movie, then you think how slow your internet is of late.. Thinking of it now, you’re net has been performing up for a while. What gives? You pay for top-tier speeds, however, you’re without a doubt now no longer getting them.

Is there a neighbour stealing your Wifi?

A double-edged sword

Pretty much all of us have WiFi in our homes, and many of us probably use WiFi extenders to increase our network’s range, notes Trend Micro.

On one hand, it’s great — you can access the internet from any of your devices, from anywhere in your home. On the other hand, it’s not so great — if your WiFi network is unsecured, your neighbours or those nearby can access it, too. When they’re sharing your connection, your speeds are going to be considerably slower.

What’s much worse, is that if your network isn’t secured, your data could be hacked. Your shared folders can be accessed and your personal information can be stolen. This could mean usernames, passwords, financial information, medical records, anything stored on your devices is at risk.

How to check who is connected to my WiFi – is someone using my wifi?

There is a number of ways you can identify users on your internet, let’s run through the basics. The first is fairly complicated for most, so if you’re not too tech-savvy, consider skipping to the second option.

1. Check your router’s web-based admin control panel — a little bit challenging

There are far too many router manufacturers to be able to make a detailed guide for them all, but the instructions below will be similar across the board:

  1. Find your router’s IP address.
  2. Open a web browser and access your router’s web-based admin control panel. Click here for instructions on how to do this. You’ll need to know the administrative username and password to log in.
  3. Navigate through the control panel and view the DHCP clients table (depending on which brand of router you have it may be called something slightly different). This will show you a list of all the devices connected to your network.

2. HouseCall for Home Networks — the easier option

Trend Micro’s completely free utility, HouseCall for Home Networks, lets you scan your home network and connected devices using your computer or mobile device so you can see exactly who is connected.

Here’s how it works:

  1. Download and install HouseCall for Home Networks for free.
  2. Open the app.
  3. Click “Scan Now”
  4. After the scan has finished, you will see all the devices connected to your home network.

If you see any suspicious devices or any devices that you don’t recognize, it’s a good idea to take action. Unknown devices detected? Here’s how to remove suspicious devices from your Wi-Fi router

  • Reset your WiFi password: Resetting your password will remove all connected devices from your network. This will kick whoever is accessing it without your permission off, but you’ll also need to re-connect all of your devices too. Click here for instructions.
  • Encrypt your network: Encrypting your network is an important step in ensuring that it is as secure as possible. Click here for a full explanation of how to do so.
  • Disable your router’s WPS, remote management, and UPnP features: Without getting overly technical, these features offer convenience, but they also potentially lower the security of your network. If optimum security levels are desired, disable all these features. Access to the features can be found in your router’s web-based control panel.

3. Nmap (Network map tool)

Nmap is an open-source tool for network exploration and security auditing, and its developers are still updating it, over 20 years after its launch. It’s built to rapidly scan large networks, though it also works against single hosts. According to the NMap website, the scanner uses raw IP packets to determine what hosts are available on the network, which services those hosts are offering, what operating systems they are running, what types of packet filters/firewalls are in use, and dozens of other characteristics.

Read more about nmap in the post below.
20+ best free security tools
Bookmark
Please login to bookmarkClose

Dangerous new malware strain creeps quietly past Windows defences

By
Steven Black (n0tst3)
-
0
2655822 1
2655822 1

Security specialists have recognized a dangerous new malware that creeps quietly past windows defences.

Security specialists have recognized a new malware crusade that use code marking declarations and different methods to assist it with staying away from recognition by antivirus programming.

As indicated by another blog entry from Elastic Security, the online protection company’s analysts distinguished a bunch of noxious movements subsequent to looking into its danger avoidance telemetry.

The cybercriminals behind this new mission are utilizing substantial code marking declarations to sign malware to assist them with staying under the radar of the security local area. Notwithstanding, Elastic Security additionally found a new malware loader utilized in the mission that it has named Blister.

Because of the utilization of substantial code marking declarations and different measures taken to stay away from identification, the cybercriminals capable have been running this new mission for somewhere around 90 days.

Dangerous new malware creeps quietly past windows defences.


The cybercriminals are utilizing a code marking endorsement given by the advanced personality firm Sectigo for an organization called Blist LLC which is the reason Elastic Security gave their malware loader the name Blister. They may likewise be working out of Russia as they are involving Mail.Ru as their email administration.

As well as utilizing a substantial code marking testament, the cybercriminals likewise depended on different methods to stay undetected including implanting the Blister malware into a genuine library. In the wake of being executed with raised advantages by utilizing the rundll32 order, the malware interprets bootstrapping code that is vigorously muddled and put away in the asset area. From here, the code stays torpid for ten minutes to dodge sandbox investigation.

When enough time has elapsed, the malware fires up and starts decoding inserted payloads that permit it to get to a Windows framework from a distance and move along the side across a casualty’s organization. Rankle additionally accomplishes ingenuity on a tainted machine by putting away a duplicate in the ProgramData envelope just as one more acting like rundll32.exe. To exacerbate the situation, the malware is added to a framework’s startup area so it dispatches each time a machine boots.

Versatile Security has told Sectigo to have Blister’s code marking declaration repudiated however the firm has additionally made a Yara rule to assist association’s with distinguishing the new malware.

We’ve additionally included the best malware expulsion programming, best antivirus and best endpoint insurance programming

What is malware ?

Malware is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, deprive users access to information or which unknowingly interferes with the user’s computer security and privacy. Wikipedia

Want more cybersecurity news ?

Sign up to our newsletter today

Bookmark
Please login to bookmarkClose

What is the difference between Cybersecurity & Information Security

By
Steven Black (n0tst3)
-
0
cyber and information security 2048x1536 1
cyber and information security 2048x1536 1

The Difference Between Cybersecurity & Information Security


Both the terms, cybersecurity and information security, are associated with the security of computer systems and are often used as synonyms. For those who are not aware of the difference — the definition and understanding of the terms vary a lot and should not be interchangeable as it is done often. Putting it in a single line, one deals with the defending of data in cyberspace, while the other one deals with the security of data in general. Simple yet complicated for beginners to grasp.

In this article, we will begin with the definition of both the terms and then will dive into explaining the differences between them.

What is Cybersecurity ?

The activity can be defined as the defending of computers, servers, mobile devices, electronic systems, networks and data from malicious attacks which range from business organisations to personal devices. The attacks are divided into different categories such as network security, application security, information security, operational security, and disaster recovery along with business continuity. Network security and application security focuses on securing computer networks, along with software and device free from threats and vulnerabilities, respectively. Disaster recovery is associated with the reaction of an organisation in case a loss of data takes place and tries to restore its operational capabilities in order to continue the functioning of the organisation.

Understanding the definition of cybersecurity will not suffice unless the different types of attacks are known to a certain extent. Attacks can be divided into four categories, such as cybercrime (targeting financial gain), cyber-attacks (mostly political attacks) and cyberterrorism. These attacks are often regulated through the use of different mediums such as malware which includes viruses, trojans, spyware, ransomware, adware and botnets. Moving forward, SQL injection, phishing and denial-of-service attacks are some other ways to be named.

According to a report, cyber threats have increased rapidly in the last few years, stating a data breach of more than 7.9 billion records in the year 2019. The threats are increasing every day; as per another report, the world will spend close to $133.7 billion by the year 2022 on cybersecurity solutions and services. 

With this, the basic ins and outs of cybersecurity have been covered, let’s take a look at information security, shall we?

What is Information security

Information security in a simplified manner can be described as the prevention of unauthorised access or alteration during the time of storing data or transferring it from one machine to another. The information can be biometrics, social media profile, data on mobile phones etc. due to which, the research for information security covers various sectors such as cryptocurrency and online forensics. 

Information security is created to cover three objectives of confidentiality, integrity and availability or as commonly known as CIA. Data, including personal information or information of high value, has to be kept confidential, and it is important to block all unauthorised access. Moving on to integrity, the stored data needs to be kept in the correct order, and hence, any unorderly modification by an unauthorised person needs to be cancelled out immediately. Lastly, it is imperative that the data stored can be accessed anytime by authorised personnel. A denial-of-service attack is likely to jeopardise that action.

To ensure efficient operation of information security, organisations put in several policies such as access control policy, password policy along with data support and operation plans. Measures can also include mantraps, network intrusion detection systems and regulatory compliance, to name a few. 

Differences

Cybersecurity is meant to protect against attacks in cyberspace such as data, storage sources, devices, etc. In contrast, information security is intended to protect data from any form of threat regardless of being analogue or digital. Cybersecurity usually deals with cybercrimes, cyber frauds and law enforcement. On the contrary, information security deals with unauthorised access, disclosure modification and disruption. 

Cybersecurity is handled by professionals who are trained to deal with advanced persistent threats (APT) specifically. Information security, on the other hand, lays the foundation of data security and are trained to prioritise resources first before eradicating the threats or attacks. 

Outlook

In an era when online threats are lurking over organisations every second, the culmination of information security and cybersecurity is a must to ensure a secure environment. Due to growth in threats and attacks, the need for security professionals has increased as well as the US Bureau of Labor Statistics reports that a growth of 28% in the cybersecurity and information security space. One with interest in the domain can also have a look at different job roles present in the industry such as information security analyst, information security officer, cryptographer and penetrations testers.

Enjoyed this post?

Why not subscribe to our weekly cybersecurity newsletter

Bookmark
Please login to bookmarkClose

UK publishes ‘comprehensive’ cyber security strategy

By
Steven Black (n0tst3)
-
0
westminster
westminster

Plans to become a leading global cyber power in which both businesses and citizens can participate have been published by the UK government.

The new national cyber security strategy is based on balancing how to maximise the economic benefits of digital technology with the need for proactive management of cyber risks. It incorporates a programme of digital skills targeted at individuals and significant roles for the private sector and academia, and is backed by £2.6 billion investment set aside by the government in its autumn spending review.

Cyber risk expert Laura Gillespie of Pinsent Masons said that the government’s plans called for “a ‘whole society’ approach” to cyber security.

“The national cyber strategy sets out a comprehensive framework to enable the UK to protect and promote its interests in cyberspace,” she said. “Its vision is that, by 2030, the UK will continue to be a leading cyber power.”

“Success, it seems, will best be achieved when bringing together people, skills and technology to identify, manage and address the challenges we face,” she said.

The strategy is based around five ‘pillars’: investing in people and skills and closer collaboration between the government, academia and industry; building resilience and reducing cyber risk; building the UK’s industrial capacity on technologies vital to cyber power; global leadership and influence; and enhancing national cyber security and countering threats.

It proposes “more integrated, creative and routine” use of powers to tackle ransomware and cyber crime targeting the UK’s national security, including by expanding the cross-agency National Cyber Force. The unit, which brings together military and intelligence personnel under a single command structure, will shortly move to a custom-built headquarters in Samlesbury, Lancashire.

The strategy proposes the formation of a new ‘national cyber advisory board’ to the government, consisting of senior leaders from the private and third sectors; along with a new ‘national laboratory for operational technology security’ which will be charged with testing and providing training on critical industrial technologies. The government will also invest in expanding the research capabilities of the National Cyber Security Centre (NCSC), part of GCHQ, including its new applied research hub in Manchester.

The government will seek to build UK expertise in existing and emerging technologies “vital to cyber power”. It lists as potential priority areas 5G, 6G and other emerging forms of data transmission technology; artificial intelligence (AI), particularly the cyber security applications of AI; blockchain and its applications; semiconductors and microprocessor chips; cryptographic authentication; ‘internet of things’ and connected technologies; and quantum technologies. The strategy also proposes action to mitigate the cyber security risks of dependence on global markets, including through minimum security standards for all new consumer connectable products sold in the UK.

The government recognises that significant progress has been made in the last decade, including the establishment of the NCSC and the implementation of legislation, such as the Network & Information Systems Regulations (NIS regulations). However, due to the increasing number of cyber breaches that affect government, businesses, organisations and individuals, all UK businesses and organisations will be expected to develop a “better understanding” of cyber risks and their responsibilities to manage those risks as part of the strategy. The strategy places an emphasis on the requirement for businesses to scale up and work on prevention of attacks, through building in basic protections.

The government intends to work with “market influencers”, including insurers and investors, to incentivise good cyber security practices and promote take-up of accreditations and standards. The government also intends to toughen up corporate reporting requirements, aimed at giving investors and shareholders better insight into how companies are managing and mitigating material risks to their businesses, to include cyber risks.

Public sector cyber security will also be overhauled, with the government pledging to “significantly harden” its critical functions against cyber attacks by 2025. It intends to adopt the NCSC’s Cyber Assessment Framework as the assurance framework for all government departments, enabling it to “lead by example” in its understanding of cyber risk.

The strategy also devotes significant space to improving individual cyber skills, starting in classrooms with a new ‘Cyber Explorers’ online training platform for children. The government will also expand post-16 cyber security training opportunities, bootcamps and apprenticeships. In addition, the UK Cyber Security Council will be granted ‘Royal Charter’ status, bringing cyber security professionals into line with those in other professional occupations such as engineering.

Bookmark
Please login to bookmarkClose

Top reasons why good cyber security will help you win business

By
Steven Black (n0tst3)
-
0
cef131419d91f0f5369b283c7db888f5
cef131419d91f0f5369b283c7db888f5

Cyber security is no longer just about protecting your own company from attacks – it is a marketable asset that can also be very good for business.

Getting your cyber security and protocols in good shape will not only help protect your company, but it will also help you retain and win business.

With firms increasingly aware of just how interconnected they have become, being able to prove your business has the right security and policies in place will make it an even more attractive partner.

The first step of course, is finding the right cyber security expert to help you achieve just that.

1. Handle data with care

Studies show the majority of customers are uncomfortable with how businesses use their personal or company data.

While that data can be an asset to your business, ethical and security considerations should be paramount. Get this wrong and you risk customers and partners taking their business elsewhere.

The biggest risk to the data under your care is your business falling victim to a cyber security breach. While experts will tell you a breach is inevitable, you need to do everything in your power to minimise the chance of it happening – and to let everyone know that.

You also need to be clear what you would do in the event of such an emergency. Achieve all that, and you will give confidence to everyone who deals with you.

2. Trust is hard won and easily lost

No matter how strong your brand, how great your product, how good your delivery and how brilliant your services and people, a potential Achilles heel is your digital reputation.

Trust in a digital world is hard won, and there are few better representations of how trustworthy a business is than how it deals with safeguarding customer’s data.

While many chief executives will agree with the above apparently only a quarter are confident their business is handling sensitive data responsibly. Which means there is work to be done.

A study by digital security experts Gemalto of 10,000 consumers found 70 percent would stop doing business with a company if it experienced a data breach.

Remember, caring about your customers’ data and privacy is a marketable asset.

3. If you are pro-active, you can prosper where others fail

As we said above, caring about your customers’ data and privacy is a marketable asset that can help you win trust and keep it.

If you are doing all the right things, tell your supply chain and tell your customers. Cyber security is not just a defensive measure.

You must be able to walk the walk, before you start talking the talk about how seriously you take your digital space and the data within it.

But when you are sure, be aware it is an increasingly powerful tool in winning contracts with cyber-aware customers and especially government organisations.

It could be the difference in landing a deal.

Think about cyber security accreditation like a kite mark. Start seeing cyber security not as a cost but an investment that will provide a return.

4. What to do now?

Find a cyber security expert that can understand your business, that has a track record of delivering, that can develop a strategy for your business and has a reputation that will benefit your business.

If you find an expert who can get under the skin of your business, they will help identify where its cyber weaknesses are, where your staff need training, what aspects of what you do are most vulnerable.

As you move forward your business intelligence will grow and you will be able to work together as a team and mitigating risk will be part of what you do.

A good cyber security expert will also be able to help you identify the weaknesses in your supply chain and advise on what to do about them. One bad link could impact on all your hard work, and a little advice to a client could help further cement a valuable relationship.

Remember, if your business is looking at its supply chain like this, they will also be looking at you.

If you can give them all the right answers, your relationships will get stronger and confidence in your business will spread.

Bookmark
Please login to bookmarkClose

Sensitive UK police data leaked by ‘Russian hackers’ – media

By
Steven Black (n0tst3)
-
0
How to Protect your Public Data with Open Source Intelligence
How to Protect your Public Data with Open Source Intelligence

A cache of sensitive information has been reportedly stolen and leaked by a group of cyber criminals, described by the media as ‘Russian hackers’, from a tech provider working with British law enforcement.

The breach took place in October when tech provider Dacoll came under a phishing attack, the Daily Mail on Sunday reported. The IT company is contracted to handle highly-sensitive material, including access to the police national computer (PNC).

The cyber-criminal group Clop is believed to have gained access to the PNC data, holding records and personal data of some 13 million people, according to the outlet. The hacker group, believed to be of Russian origins, has attacked multiple high-profile targets lately, with Canada-based aircraft maker Bombardier and US-based tech company Accellion believed to be among its victims.

The data stolen from Dacoll includes images of motorists, apparently taken from the National Automatic Number Plate Recognition (ANPR) system, namely close-up images of speeding drivers. It was not immediately clear what other data might have been stolen by the hackers.

After the breach, Clop is said to have demanded ransom from the company. The demand was apparently refused, with the group reportedly leaking some of the data it obtained onto the dark web, as well as threatening to leak more if their demands were not met. The tech provider refused to reveal the scale of ransom demanded, trying to downplay the scale of the breach.

“We can confirm we were the victims of a cyber incident on October 5,” Dacoll said in a statement as quoted by the Daily Mail. “We were able to quickly return to our normal operational levels. The incident was limited to an internal network not linked to any of our clients’ networks or services.”

The breach has been also acknowledged by the British authorities, with the National Crime Agency stating that it has been aiding its investigation. “The agency is aware of an incident affecting Dacoll and we are supporting the investigation,” the agency stated.

Another government body, the National Cyber Security Centre confirmed the incident as well, stating that it has been working to “fully understand and mitigate any potential impact” of the data breach.

Bookmark
Please login to bookmarkClose

Data leak of all Albanians 600k+ profiles

By
Steven Black (n0tst3)
-
0
data1
data1

The Prosecutor’s Office of Tirana is investigating the alleged leak of the fiscal data of some 637,138 people employed in Albania including Albanians, foreign residents and EU citizens.
Local media report that an Excel file containing the data of 637,138 people is circulating online, mostly through WhatsApp. They have also been published on several media portals.
The file contains the names, ID numbers, monthly salaries, positions, and employer names for hundreds of thousands of people. It is believed to have originated from the offices of the Albanian Internal Revenue Services.
The Prosecutor’s Office will investigate the authenticity of the leaked data and its source.
This is the second time this year that Albania has suffered a major data breach. In April, the data of some 910,000 Albanians were leaked to the public domain. This data was allegedly taken from the Civil Registry and provided to the Socialist Party for use in the electoral campaign.
The data provided included their ID number, name, father’s name, surname, date of birth, voting center, place of birth, residence code, list number, phone number, birthplace, employer, and whether they are likely to vote for the Socialist Party.

Fjalë kyçe:   data breach, data leak
Hyni ose Rregjistroni për të komentuar
Duhet të keni hyrë në llogari që të komentoni.
Do you have information relevant to the public? Here are some ways through which you can contact us while preserving any confidential information.

source

Bookmark

Please login to bookmarkClose
1...656667...79Page 66 of 79

Editor Picks

Featured

Cyber Academy

ABOUT US

RiSec represents an autonomous, non-profit alliance comprising of individuals dedicated to enhancing cybersecurity awareness and education. Read more

Contact us: security@realinfosec.net

Social

Subscribe for weekly updates

Copyright © RiSec 2023 All rights reserved.
All trademarks, logos, images and brand names are the property of their respective owners.