The post 2021-05-20 – Hancitor with Ficker Stealer, Cobalt Strike, and netping tool appeared first on Malware Devil.
In the fallout of a successful ransomware attack on a pipeline that supplies nearly half the East Coast’s gasoline, President Biden signed an executive order placing strict new standards on the cybersecurity of any software sold to federal agencies. U.S. government officials made a point of calling out Colonial Pipeline’s poor cyber defenses—and specifically, that they had no way to monitor for an adversary who successfully made it inside the network perimeter.
The post President Biden’s Executive Order: Secure the Software Supply Chain appeared first on Security Boulevard.
The post President Biden’s Executive Order: Secure the Software Supply Chain appeared first on Malware Devil.
However, senior technology managers express concerns about whether their current infrastructure can properly safeguard them.
Nearly 60% of senior technology managers said they would adopt emerging technologies, such as artificial intelligence (AI), blockchain, cloud, edge and quantum computing, Internet of Things (IoT), and robotics, for improved cybersecurity.
The new research from ISACA also shows 73% or respondents cited anticipated cost savings as a driver for adopting these emerging technologies.
ISACA’s “The Pulse: Emerging Technology 2021” report focuses on 13 emerging technologies. Some 53% of respondents said they run cloud-enabled technologies, while the other categories trailed far behind. For example, 22% deploy AI, 21%, deploy IoT, and 20% deploy robotics.
Cost savings will loom large in the C-suite for some time, especially as it pertains to stockholders, says Dustin Brewer, ISACA’s senior director of emerging technologies and innovation. While he sees cybersecurity shifting to become a bigger part of enterprises’ budget, it will fall on security teams to convince board members that spending on cyber is the right thing to do.
“We have to bring every employee, every endpoint on the network into the conversation on how cyber will save money because if we don’t have to pay a $4 million ransom to an entity that put ransomware on our computers, then that saves us $4 million,” Brewer says.
Source: “The Pulse: Emerging Technology 2021” report, ISACA
ISACA’s study also found 82% of respondents are at least somewhat concerned about the ability of their current infrastructure to safeguard emerging technologies. In regard to AI and machine learning (ML) systems, 46% said they are only somewhat confident in their enterprises’ ability to assess the security of these systems, 28% said they are extremely or very confident, and 26% said they are not confident. When asked about security concerns related to quantum computing, 68% said quantum computing will likely break encryption standards within the next five to seven years.
Survey respondents sent somewhat of a mixed message about deploying emerging technologies: While the vast majority said they would do so because it would improve cybersecurity, 44% also said cybersecurity risk would contribute to their overall resistance to deploying the new technology. In addition, 72% said they are concerned that emerging technologies would cost too much.
Much of this comes back to the need for security pros to convince the board to focus more on cyber, Brewer says. But he points out that all the technologies covered in the study, with the exception of quantum computing, are all classical computing technologies built on the same systems the industry has used since the 1970s.
“When the Internet was created, it wasn’t built with security in mind. It was built for communications and data sharing,” Brewer says. “Every time we build something new, we are building on an insecure infrastructure. And while we are creating new protocols like HTTPS, every time you plug in a new system, your network gets bigger, and that’s one thing you have to secure. So if you introduce AI and machine learning, that adds more complexity and cyber-risk.”
Frank Dickson, program vice president with IDC’s cybersecurity products research practice, notes that whether new devices make a network vulnerable just depends on the technology and the company’s environment. In some environments, he says, emerging technologies may replace devices with old and antiquated operating systems that are incredibly vulnerable. Emerging technologies today are built with much greater attention to the cyber integrity of the device, he says. In contrast, some technologies may skip steps to capture first-mover advantages in the market, not slowing to consider security.
“Realistically, whether we are concerned or not, emerging technologies will happen,” Dickson said. “Some 50% of IT spend is now made by line-of-business buyers in the name of digital transformation. Get on the train or get run over by the train; digital transformation does not mind. Emerging technologies will happen though.”
Steve Zurier has more than 30 years of journalism and publishing experience and has covered networking, security, and IT as a writer and editor since 1992. Steve is based in Columbia, Md. View Full Bio
Recommended Reading:
Comment |
Print |
More Insights
The post Cost Savings, Better Security Drive Adoption of Emerging Technologies appeared first on Malware Devil.
Anyone following the court case between Epic and Apple is undoubtedly already aware of the “bombshell” dropped by Apple’s Craig Federighi yesterday. For those not in the know, Federighi, as part of his testimony relating to the security of Apple’s mobile device operating system, iOS, stated that “we have a level of malware on the Mac that we don’t find acceptable.”
This, of course, broke the internet.
Years ago, Apple promoted the idea that Macs don’t get viruses, as part of a flashy series of Get a Mac ads featuring Justin Long as a Mac and John Hodgman as a PC.
The irony of this 180 degree turnaround has caused a huge amount of snide commentary. Of course, these ads last played more than a decade ago, and things have changed significantly between then and now, so this isn’t exactly a sudden change of heart.
On the contrary, we should not be surprised by this. Apple’s actions over the last ten years speak volumes. It has implemented increasingly strict code signing requirements as a means for controlling some malware. It implemented Notarization requirements as a means of checking apps distributed outside the App Store for malware. (One could argue about the efficacy of these measures, but the intent is clear.)
Another recent addition is a series of access restrictions that must be approved on a per-app basis, such as access to the Documents or Desktop folders. (Ironically, there was a similar security feature in Windows that Apple mocked in another of the Get a Mac ads.) Admittedly, Apple really only talks about the privacy aspect of these restrictions, but the security aspect is pretty obvious.
Apple also implemented a new EndpointSecurity framework in macOS 10.15 (Catalina), in order to better support third-party antivirus software that—until then—was reliant on ageing, deprecated functionality provided by macOS. This was essentially an official acknowledgement from Apple that Macs get malware, and that there is a need for third-party antivirus software for the Mac.
It has also recently started adding information to its security update information disclosing when its aware of a fixed bug being actively exploited in the wild by malware.
All this and more shows very clearly that Apple has been aware of the malware issue for a long time. It may not make a lot of public statements acknowledging the malware problem, but actions speak louder than words. In the end, this all boils down to mocking Apple for publicly acknowledging something it has been mocked for years for not acknowledging. The irony!
Not all of the hot takes out there have to do with mocking Apple. Others are taking Federighi’s words in a different light. By pointing out the weaknesses in macOS as a means for illustrating the security of iOS, some fear this is a sign that Apple intends to lock down the Mac in the same way that it has iOS.
However, this also isn’t indicated by Apple’s actions. First, consider Notarization, which is intended to curb distribution of malicious apps outside the App Store. Its efficacy can be called into question, since many pieces of malware have managed to get a clean bill of health from the Notarization process, but that’s not the question here. If Apple’s intent were to shove all developers into the App Store, why would they spend time, effort, and money on an attempt to improve the user experience with apps distributed outside the App Store?
Another point to consider is the EndpointSecurity framework. Apple has put a lot of effort into this. It had conversations with security companies to find out what they needed. It did a great job of implementing something that was able to deliver what was requested, and it spent time bringing antivirus developers to Apple HQ to teach them how to use the new framework.
Antivirus software on iOS is impossible, due to Apple restrictions. So, if it had plans to lock down macOS in the same way, why would it spend all that time, effort, and money on better supporting antivirus software? It doesn’t make sense.
If you still need convincing, just consider Federighi’s own words during his testimony. He said that an iOS device was something that anyone—even an infant—could operate safely. He compared the Mac to a car, something that could be operated safely but that required caution, saying, “You can take it off road if you want, and you can drive wherever you want.”
This, to me, embodies what I perceive to be Apple’s stance on macOS and iOS. The Mac is the workhorse, used to really get things done and “go off road.” It’s the only platform it supports for writing both Mac and iOS apps. There would be no iOS if not for the Mac. The Mac is for those who “think different,” while the nature of iOS does not encourage that.
Obviously, I don’t represent Apple and all I can do is speculate based on evidence at hand. That said, I don’t see any reason to think that macOS is going down exactly the same road as iOS. That also means that we will likely continue to have problems with malware on macOS. As long as there is money to be made from increasing numbers of Macs, creators of malware will continue to target Macs.
The post Apple confirms Macs get malware appeared first on Malwarebytes Labs.
The post Apple confirms Macs get malware appeared first on Malware Devil.
Data. We create a lot of it. At the end of 2020, the digital universe was compromised of 44 zettabytes of data and forecasted to grow to over 200 zettabytes by 2025. I have no idea how much a zettabyte is; I lost track counting the zeros. But it is a bunch. Guess what? The […]
The post Hit Fraudsters Where it Hurts: Their Wallets appeared first on Security Boulevard.
The post Hit Fraudsters Where it Hurts: Their Wallets appeared first on Malware Devil.
The post QUAC-TRNG: High-Throughput True Random Number Generation Using Quadruple Row Activation in Commodity DRAM Chips appeared first on Malware Devil.
Before diving into cyber security and how the industry is using AI at this point, let’s define the term AI first. Artificial Intelligence (AI), as the term is used today, is the overarching concept covering machine learning (supervised, including Deep Learning, and unsupervised), as well as other algorithmic approaches that are more than just simple […]
The post Taking Inventory – Where Do We Stand With AI and ML in Cyber Security? appeared first on Security Boulevard.
The post Taking Inventory – Where Do We Stand With AI and ML in Cyber Security? appeared first on Malware Devil.
Adobe. Yahoo!. The US Department of Energy (DoE). The New York Times.
What these names have in common is that they have all experienced at least one breach in 2013—the year when threat actors started targeting organizations across industries to either steal data for profit or leak them to “teach companies a lesson about cybersecurity.”
The majority of the data breached are credential information, such as usernames and passwords, with the former usually being an email address. Some personally identifiable information (PII) and other sensitive organization-centric data was added into the mix as well.
With so many breaches going on that year, plus the observed ramping up of such attacks a few years before it, one may be led to think: How can people keep up with checking whether they’re affected by these breaches or not? Do they even know they have been breached?
This prevalence of data breaches coupled with his analysis on the Adobe attack have led Troy Hunt, an Australian cybersecurity expert, blogger, and speaker, to create Have I Been Pwned (HIBP), a website that allows internet users to check whether their personal data has been compromised or is part of a trove of leaked data following company breaches.
Feeling security fatigue? Listen to Troy Hunt with other cybersecurity experts Chloé Messdaghi and Tanya Janca in this episode of Lock and Code on how to beat it.
Yes, it is.
To date, HIBP has been around for almost a decade, and through the years, it has only proven itself to be an essential tool for everyday internet users, governments, and organizations alike.
Yes, you read that right: governments. HIBP has been assisting governments, such as the UK, Australia, and Romania (to name a few), in monitoring for breaches in government domains. Note that centralized monitoring is done by the cybersecurity arms of these governments, such as the National Cyber Security Centre (NCSC) for the UK, the Australian Cyber Security Centre (ACSC) for Australia, and CERT-RO for Romania. These organizations, of course, cannot query other websites beyond government domains.
“The only access they have is to domains that their people working in those departments could query anyway via the existing free domain search model, we’re just consolidating it all into a unified service,” Hunt wrote in a 2018 blog post about this matter. If you’re interested in reading more about this, there is in-depth detail here.
HIBP is also single-handedly handled and maintained by Hunt himself, not a team. And Hunt is a well-known and very trusted name within the cybersecurity circle. On top of that, he runs the service “with maximum transparency.”
If you’re more of a privacy-centric person who never likes websites snooping on your queries whenever you use their search feature, it is understandable to be concerned about whether HIBP can actually snoop or, worse, record every query you make.
According to HIBP’s FAQ page: “Nothing is explicitly logged by the website. The only logging of any kind is via Google Analytics, Application Insights performance monitoring and any diagnostic data implicitly collected if an exception occurs in the system.”
Below are other storage-related questions covered in this page:
How is the data stored?
The breached accounts sit in Windows Azure table storage which contains nothing more than the email address or username and a list of sites it appeared in breaches on. If you’re interested in the details, it’s all described in Working with 154 million records on Azure Table Storage – the story of Have I Been Pwned
Does the notification service store email addresses?
Yes, it has to in order to track who to contact should they be caught up in a subsequent data breach. Only the email address, the date they subscribed on and a random token for verification is stored.
How do I know the site isn’t just harvesting searched email addresses?
You don’t, but it’s not. The site is simply intended to be a free service for people to assess risk in relation to their account being caught up in a breach. As with any website, if you’re concerned about the intent or security, don’t use it.
In 2019, Hunt opened up to his readers about Project Svalbard, a name he associated with the future of Have I Been Pwned. In a nutshell, Hunt had planned to hand over the management of HIBP to a “better-resourced and better-funded structure” when he realized that he will burn out one day. The news could have raised alarm bells for those who have trusted the site all these years as there is always fear of either having the service monetized or misuse of data by whoever will be acquiring HIBP.
At the time, Hunt penned a long and thoughtful post on Project Svalbard, including his 7-point commitments to the future of HIBP, which you can read here. Here’s the tl;dr version of that:
Freely available consumer searches should remain freely available.I (Troy Hunt) will remain a part of HIBP.I want to build out much, much more capabilities wise. I want to reach a much larger audience than I do at present.There’s much more that can be done to change consumer behaviour. Organisations can benefit much more from HIBP.There should be more disclosure – and more data.
But in March 2020, something changed. According to last-minute, unforeseen developments, the sale of HaveIBeenPwned had been stopped. As Hunt wrote:
“Have I Been Pwned is no longer being sold and I will continue running it independently. “
While it is important to know if your personal details or credentials have been leaked, it is significantly more important to act on it. What do you do now, knowing that your account has been compromised?
For starters, change your password. Make it longer. It doesn’t have to be a complex string of uppercase and lowercase characters, symbols, and numbers. Length is enough, according to a 2021 NIST guideline. You can formulate your own long password, or you can enlist the help of a password manager.
Lastly, use two-factor authentication (2FA) to add a layer of protection to your account. We strongly suggest using a one-time password (OTP) app, or if you have a physical hardware key, such as a Yubikey, all the better. Take note that some big-name companies like Facebook already have started giving their users the option to use a hardware key. So if you want to do that, check if your online service provider offers it, too, and take advantage of it.
Stay safe!
The post “Have I been pwnd?”– What is it and what to do when you *are* pwned appeared first on Malwarebytes Labs.
The post “Have I been pwnd?”– What is it and what to do when you *are* pwned appeared first on Malware Devil.
Earlier this week the Biden Administration issued an executive order to strengthen the federal government’s cybersecurity and oversight …
The post Parsing Biden’s Cybersecurity Order appeared first on Hyperproof.
The post Parsing Biden’s Cybersecurity Order appeared first on Security Boulevard.
The post Parsing Biden’s Cybersecurity Order appeared first on Malware Devil.
Earlier this week the Biden Administration issued an executive order to strengthen the federal government’s cybersecurity and oversight …
The post Parsing Biden’s Cybersecurity Order appeared first on Hyperproof.
The post Parsing Biden’s Cybersecurity Order appeared first on Security Boulevard.
The post Parsing Biden’s Cybersecurity Order appeared first on Malware Devil.
Earlier this week the Biden Administration issued an executive order to strengthen the federal government’s cybersecurity and oversight …
The post Parsing Biden’s Cybersecurity Order appeared first on Hyperproof.
The post Parsing Biden’s Cybersecurity Order appeared first on Security Boulevard.
The post Parsing Biden’s Cybersecurity Order appeared first on Malware Devil.
Work’s being done with uber-lightweight nanoagents on every IoT device to stop malicious behavior, such as a scourge of botnet attacks, among other threats.
Read More
The post Can Nanotech Secure IoT Devices From the Inside-Out? appeared first on Malware Devil.
Why is third-party risk still such a challenge? Are companies using recent risk events (pandemic, solar winds, Colonial pipeline) as an opportunity to get better at risk management? How can firms better prepare for attacks to their third-party ecosystem?
Segment Resources:
https://go.forrester.com/blogs/make-covid-19-the-supply-chains-final-cautionary-tale/
The post Third-Party Risk / Supply Chain Risk – Alla Valente – RSA21 appeared first on Malware Devil.
Os provedores de serviços gerenciados (MSPs) estão se tornando cada vez mais importantes no setor de gerenciamento de TI. A função de um MSP não se limita a monitorar, gerenciar e manter os serviços de seus clientes; ele se estende …
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on ManageEngine Blog.
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on Security Boulevard.
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on Malware Devil.
Os provedores de serviços gerenciados (MSPs) estão se tornando cada vez mais importantes no setor de gerenciamento de TI. A função de um MSP não se limita a monitorar, gerenciar e manter os serviços de seus clientes; ele se estende …
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on ManageEngine Blog.
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on Security Boulevard.
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on Malware Devil.
Os provedores de serviços gerenciados (MSPs) estão se tornando cada vez mais importantes no setor de gerenciamento de TI. A função de um MSP não se limita a monitorar, gerenciar e manter os serviços de seus clientes; ele se estende …
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on ManageEngine Blog.
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on Security Boulevard.
The post 5 fatores para avaliar em uma ferramenta RMM para o MSP moderno appeared first on Malware Devil.
As organizações hoje são desafiadas por uma maior exposição a ameaças cibernéticas. Os invasores costumam ter como alvo tecnologias emergentes, pois a nova tecnologia costuma estar mal equipada para lidar com um ataque. Além disso, a Internet está repleta de …
The post 10 dicas de cibersegurança pra iniciantes appeared first on ManageEngine Blog.
The post 10 dicas de cibersegurança pra iniciantes appeared first on Security Boulevard.
The post 10 dicas de cibersegurança pra iniciantes appeared first on Malware Devil.
One of the most important things you can do to protect yourself online is to ensure you are using strong, unique passwords for each and every one of your accounts. It’s true that memorizing dozens of passwords can be quite the challenge, but reusing passwords is not the solution, either. Doing so can be dangerous, as attackers these days are able to hack accounts by exploiting those reused passwords very often.
The post Cyber Awareness: Password Manager appeared first on Security Boulevard.
The post Cyber Awareness: Password Manager appeared first on Malware Devil.
A project to look at potential cybersecurity threats in a decade sees hackers and marketers sending spam directly to our vision, while attackers’ automated systems adapt faster than defenses.
RSA CONFERENCE 2021 – Business processes managed by machines. A national digital fiat currency. Pervasive connected devices in clothing fabric and as implants. Augmented reality displayed directly onto people’s contact lenses.
This is the technological landscape that nations, citizens, and businesses will have to contend with — and secure — in a decade, according to Project 2030, a future-looking effort to predict the future landscape for cybersecurity presented at the RSA Conference this week by researchers at software security firm Trend Micro and Oxford University.
Using a fictional nation, New San Joban, as the setting, the project maintains that the classes of cyber threats we know today — such as unauthorized access, data manipulation, denial of service — will not change but will pose a significantly different impact on a more pervasive and connected landscape. People will find themselves locked out of their houses by hackers, citizens will fight to keep their data and digital selves protected, businesses will use blockchain technology to detect anomalies in automated processes, and pervasive marketing and influence operations will appear right in front of people’s eyes.
Predicting the future is difficult, and the report is not intended as a precise picture of the next decade but to highlight the three major trends in the future — automation, connectedness, and pervasive integration — and how people, businesses, and nations should think about securing the technologies, says Victoria Baines, a visiting research fellow at Oxford University.
“It is possible to anticipate the evolution of cybercrime by mapping what we already know about criminals and other hostile actors against plausible developments in emerging technologies,” she says. “Even though we can all agree that the future is uncertain, uncertainty is no longer a good reason for failing to prepare for future cyber threats.”
The Project 2030 report and a series of future blog posts are spearheaded by Baines and Rik Ferguson, vice president of research at Trend Micro. The research is based on a similar project launched in 2012 to predict the future cybersecurity landscape in 2020. A review of the previous report found that 9 out of 19 predictions for technology became mainstream in 2020, and 17 predictions had become true to some extent.
For 2030, the main cybersecurity threats include disinformation delivered to more pervasive devices by more targeted algorithms — SEO on steroids — while tampering with supply chains could become the next ransomware epidemic. With technology even further ingrained in people’s lives, social engineering, aggressive marketing, and information operations will have a greater impact. Finally, the report predicts the use of automation and machine learning will become pervasive among cybercriminals and bad actors.
A survey helped guide the predictions, with 63% of respondents agreeing with the statement that by 2030 “cybersecurity will largely consist of AI offense and defense” and that “every day will be zero-day.”
“[I]t is reasonable to assume that highly automated reconnaissance, target selection, penetration testing and delivery will be attractive to cybercriminals, and that they will seek to maximize the effectiveness and efficiency of their efforts by using tools that are capable of unsupervised learning,” the report states. “Based on what we already know of criminal markets for Crime as a Service (CaaS), we may expect to see illicit retail of AI-enabled tools that offer individuals with little or no specialist technical skill the opportunity to run a cybercriminal enterprise.”
Quantum computing and the power to decrypt data encrypted with current algorithms also pose a threat, but one that will highlight the differences between countries with deep technological roots and those without.
“It is unrealistic in the extreme to assume that the advances described in the narratives will be evenly distributed in all parts of the world,” Baines says. “Taking quantum computing as just one example — the world’s largest technology companies and the best resourced research institutes are the pioneers in this space … so the balance of quantum power will be held in a small number of geographical locations.”
Privacy is one future that looks positive. Project 2030 estimates that, within 10 years, technologies like the Solid specification developed by Tim Berners-Lee and the Massachusetts Institute of Technology, which protect a person’s data and only allow companies temporary access, will become the rule rather than the exception. T
“There is no reason to expect that the world’s population will be desensitized to these issues in the coming decade,” Baines says.
How well will the report’s predictions stand up? The authors cite the well-worn axiom — often attributed to Stanford Research Institute’s Roy Amara — that technology’s impact is overestimated in the short term and underestimated in the long term, but even so, the narrative scenarios cited in the report span the spectrum from probably to science fiction.
Take neural implants that allow programmable feeling and senses, which the narrative discusses in terms of a teenager begging his mother to allow him for gaming. While Elon Musk’s Neuralink is advancing the technology of brain-machine interfaces, the idea has slowly evolved over decades, particularly because of the current invasiveness of the surgery. The late author Michael Crichton used fears of a similar technology as the key technological plot device in his book The Terminal Man, published nearly 50 years ago.
Ubiquitous augmented reality in contact lenses is more likely to happen but unlikely to become a reality in a decade.
Yet, even so, the threats — if not addressed by stakeholders — are real. Project 2030 is a warning that for companies and businesses, a little science fiction can go a long way.
Veteran technology journalist of more than 20 years. Former research engineer. Written for more than two dozen publications, including CNET News.com, Dark Reading, MIT’s Technology Review, Popular Science, and Wired News. Five awards for journalism, including Best Deadline … View Full Bio
Recommended Reading:
Comment |
Print |
More Insights
The post Automation & Pervasive, Connected Technology to Pose Cyber Threats in 2030 appeared first on Malware Devil.
As organizações hoje são desafiadas por uma maior exposição a ameaças cibernéticas. Os invasores costumam ter como alvo tecnologias emergentes, pois a nova tecnologia costuma estar mal equipada para lidar com um ataque. Além disso, a Internet está repleta de …
The post 10 dicas de cibersegurança pra iniciantes appeared first on ManageEngine Blog.
The post 10 dicas de cibersegurança pra iniciantes appeared first on Security Boulevard.
The post 10 dicas de cibersegurança pra iniciantes appeared first on Malware Devil.
In 1801, the United States had a small Navy. Thomas Jefferson deployed almost half that Navy—three frigates and a schooner—to the Barbary C...
