close

Internet Security

Internet Security

Cybersecurity Awareness 101

Cybersecurity Awareness 101

Mark Twain once observed that if a cat jumps onto a hot stove, it will quickly jump off and will subsequently use that experience to avoid jumping onto stoves again. This observation suggests two further conclusions. First, if that cat had known that the stove was hot, it likely would not have jumped onto it in the first instance. Second, the cat may well avoid all stoves after its first experience, regardless of whether those stoves are hot.

Analogously, an employee in an organization might click on a malicious link in an email or take some other action that exposes the organization to a cyberattack. Perhaps the employee did not know or appreciate the risks of clicking on that link. Thereafter, the employee might refrain from clicking on any link as overcompensation for the initial misstep. Lack of training and awareness of cybersecurity risks creates an atmosphere of responses that are either inadequate or that exaggerate those risks.

The inadequacy of cybersecurity awareness is made apparent by employee failures to follow good cybersecurity practices. This is widely acknowledged by  information security experts and overwhelming data on the topic.

This is all too easy to imagine: A worker clicks on malicious links in email messages from unknown senders. They share passwords to corporate networks and log into those networks from public Wi-Fi locations. They disclose personal and confidential information about an organization’s employees in response to queries from hackers posing as company executives and insiders. It happens all the time. And that’s the problem!

Data breaches may not be completely preventable, but incidents of successful cyberattacks can be substantially reduced by improving awareness of cybersecurity risks.

Raising Awareness

Cybersecurity experts suggest a number of methods to accomplish great cybersecurity awareness. For example, organization can conduct a “phishing” test in which an anonymous email is sent to all employees with instructions to click on an embedded link. The test will reveal which employees are susceptible to phishing messages. These folks can be given additional training to help them overcome their click-happy habits. It will also raise awareness of what a typical phishing email looks like for the workers than avoid bad clicks.

Cybersecurity audits that start with top-level management will also impress the importance of cybersecurity awareness on employees. Management should review the results of the audit to determine where improvements might be needed. These audits should be regular events, with management impressing the importance of cybersecurity awareness on all employees after the results of each audit are publicized.

Management should also seek other custom methods for regularly engaging employees in the administration and maintenance of cyber security within an organization. An employee that is burned one time with a ‘hot stove’ cyberattack will avoid the specific pattern of that attack going forward. Still, they may not be aware of new methods and techniques that hackers are employing to breach an organization’s data networks. Hacking techniques that challenge a cyber security environment change frequently. For this reason, one-time cyber security awareness training will not be an adequate and sufficient response to new techniques.

Organizations that are at a loss regarding how to increase cybersecurity awareness can generally get additional tips from cyber insurance providers. These services offer coverage for losses and third-party liabilities associated with a successful data breach.

In addition to offering this coverage, those providers consult with their clients to help them reduce the cyberattack risks that they face every day. They understand not only global data breach risks that apply to businesses in all industry sectors. They alsolook at specific forms of attacks that are common to certain industries, such as healthcare or accounting.

Even with greater cybersecurity awareness, organizations can still fall prey to a cyberattack. This results in lost customer confidence. That’s why it is so important to emphasize cybersecurity awareness in your workplace. Stay cyber smart to stay cyber safe!

read more
Internet Security

Android.DoubleHidden: DoubleHidden Malware Found Hiding on Google Play

Android.DoubleHidden: DoubleHidden Malware Found Hiding on Google Play

Google Play Store is sick with a dubious Android.DoubleHidden Malware

Google Play Store isn’t a highly secure app marketplace but over the Google has boosted his steps to enhance the security on the same. A new Trojan has been unearthed in the Google Play Store which makes use of some sophisticated techniques to hide it securely on the devices. This malicious app is Android.DoubleHidden Malware which exclusively collects device information and displays advertisements. The worst thing about this Android.DoubleHidden is that its capability can be enlarged by the hackers to use it for other malicious purposes.

The fascinating alternating personality Android.DoubleHidden

This Android.DoubleHidden malware comes within malicious app called ‘Photograph by Fiery’ as translated in English from its Persian origin. It package name is com.aseee.apptec.treeapp. The way this app is being made available to the customers is such that it the author doesn’t come under the Google’s radar. Within last two months of October and November this app has already been updated more than five times.

Android.DoubleHidden _1

The author smartly ensures that this malicious Android.DoubleHidden app keeps alternating between working as the normal legitimate photo editing app and a self-hiding malicious non-app. The way it alternates between its two personalities is quite fascinating for the security researchers. The developer or author of this app goes by the name ‘i.r.r developers’ who is known to publish a larger of number of apps which are completely legitimate.

Android.DoubleHidden dupes you in every manner

This Android.DoubleHidden app showcases itself just like any other photo editing app but soon it hides itself just after the installation leaving the users distraught. Upon launch Android.Doublehidden specifically asks users to provide Device Administrator permissions which help it in gaining a strong control over the device. After taking permissions for all the controls the screen will light with a messages stating that this app can’t work on the given phone device. The notoriously aspect of this message is that it in the second line it states that after exiting this application will be deleted.

The dangerous part of this app is that not just it closes but it remains hidden with all its malicious functionality intact though users feel that the app has been uninstalled from the device. It remains hidden on the mobile device by placing a transparent image without any app name. If you go into the ‘Settings’ to search for the app then you will find a blank entry wherever it is displayed. Android.Doublehidden makes use of set

ComponentEnableSetting()code which allows app to disappear after it launched from the app launcher. In other words no icon can be seen on the homes screen or in the Settings of the mobile. This

Android.DoubleHidden malware specifically collects user’s data and works on the basis of advertising revenue. It also actively collects user information and actively sends to the malware authors. The information collected by this malware includes IMEI number, device model, Mac address, device brand, device screen, network connectivity, location along with the applications running right in the foreground as well as other all accounts listed with the Account Service.

read more
Internet Security

Firewalls vs. CASB Which is Better?

Firewalls vs. CASB Which is Better?

Both firewalls and cloud access security brokers (CASB) work to protect your online information from threats. Instead of considering one better than the other, you should consider them different components of your security system. Learn the differences between the two, including how each one works, so you can set up the right online security system for your small business.

Firewalls Protect From Some Attacks

For people accessing websites and information at work, a cloud firewall is a good thing to have in your security arsenal. Firewalls help prevent malicious websites from probing into your cloud or stealing your data. Firewalls allow you to create lists of programs that are allowed to access the cloud, and programs that are not. You can also extend firewall protection to people accessing your cloud remotely because the firewall applies to the cloud itself from any access point.

CASB Is Not a Firewall Replacement

People often wonder if CASB replaces firewalls. The answer is no. These are two different security measures, both of which you should have. CASB fills in a lot of the gaps that a firewall cannot cover. Gaps in security caused by new programs and human behavior can be devastating to a cloud account if you have no way to protect against them. A firewall can’t recognize when a user account is behaving strangely or give you detailed control over cloud access. CASB can.

CASB Monitors Human Behavior

One major threat to cloud systems is personnel access points. If black hats outside your business get a hold of login information, they can enter your cloud and steal your data or set up malware. A major way CASB works to protect you is monitoring what people do once logged they enter into the cloud. CASBs also monitor how long people are logged in for and how many login attempts someone has made.

If an employee is using shadow IT, which is IT that your company has not authorized, a CASB will find it and notify you. Not all shadow IT is malicious or causes a security threat, but you need to know it’s there so you can take steps to speak to employees and get rid of it if you need to. Remember, employees can be security threats too, whether they intend to be or not.

CASB Offers Encryption and Management

For significant encryption and tokenization, you need a CASB. As you upload files to your cloud, the CASB will encrypt those files to your specifications. When you have sensitive data within the cloud, you can set rights management protection up in case people try to download those files. Allowing only specific people access, or getting a list of those who try to download specific information, can prevent your files from falling into hacker’s hands.

Both firewalls and CASB are necessary to protect your cloud. They have specific strengths that offer a web of protection. If you only have a firewall right now, then you need to add CASB protection. Your data is too important, and your business needs CASB encryption and monitoring to protect that data.

 

read more
Internet SecuritySocial Media

An Instagram Hack Hit Millions of Accounts Victims Phone Numbers for Sale

An Instagram Hack Hit Millions of Accounts Victims Phone Numbers for Sale

Instagram suffered the hacking of six million accounts

Illustrious figures of the sports, artists, and celebrities of Hollywood are the victims of Instagram HACK.

It seems that computer attacks become very normal nowadays. A few weeks ago the objective of the hackers was HBO. Now they turn their eyes into the Instagram.

The Instagram, the social network under the shield of Facebook suffered a breach of security few days ago. It was solved but resulted in the infringement of millions of profiles.

According to reports , the group of hackers who attacked Instagram, known as ‘Doxagram’, took to steal information from millions of accounts. At first, it was thought that the affected profiles were only those that were verified with the blue insignia, but from ‘Doxagram’ confirmed to the portal The Daily Beast that they had in their power data of six million of them.

The hackers further detailed that they possess data of 50 of the Instagram  accounts with more followers in Instagram. Among them are celebrities and athletes, and even detailed that the account of the President of the United States was also a victim.

In the material collected there would be telephone numbers and email accounts, all of which was put up for sale on the Dark Web.

Instagram co-founder Mike Krieger noted that the bug was fixed quickly. However, he advised users to be alert to any suspicious activity.

We recommend people to modify their password as soon as possible. Also, enable 2-step authentication to prevent them from entering the profile from an unauthorized device.

An Instagram vulnerability allowed hackers to seize the profiles of millions of users, including Selena Gomez, phone numbers, and email accounts.

Although the hacking happened on Tuesday 29 August, the social network of images revealed today that there were six million affected accounts, out of a total of 700 million users who are currently registered. From the company said they have solved the vulnerability.

“After further analysis, we determined that this problem also affected some unverified accounts,” said Instagram co-founder and technical director Mike Krieger on the official blog.

“While we can not determine which specific accounts may have been affected, we believe it was a low percentage,” he said.

According to the source, the list of profiles of celebrities comprises of personages of the sport, artists, and celebrities. Emma Watson, Emilia Clarke, Zac Efron, Leonardo Di Caprio, Beyonce, Lady Gaga, Rihanna, Floyd Mayweather, Zinedine Zidane, Neymar and Ronaldinho, among others, are among the 1,000 people affected by the hackers.

To make matters worse, hackers published the private data of the victims in the database of the site Doxagram – now it is not available – and they offered for the modest sum of 10 dollars.

In this regard, Instagram confirmed that it is “working with the police” to combat the sale of stolen information by the hackers. “We encourage people to be vigilant about the security of their account and be careful if they encounter any suspicious activity, such as calls, texts, and unacknowledged emails,” Krieger concluded.

read more
Internet Security

What is WannaCry and How Does Ransomware Work?

What is WannaCry and How Does Ransomware Work?

Ransomware is a type of a cyber-attack that has affects a computer system allowing hackers to take control of it and blocks all access to it until a ransom is paid by the users. To gain access to the system, the cyber criminals have to download harmful software onto the device that’s in the network and they often do this by tricking the users in clicking a link that downloads it onto the system. Learn python for network engineers is a must  for handle this type of ransomeware cyber attack effectively.

Through the downloaded software already on the system, the hackers can Ransomeware attack all of the user’s files that it can find within a network and lock it. This is usually a gradual process where the files are encrypted one by one.

Big companies with elaborate security systems are able to identify this occurring and can single out documents to reduce the damage. However, individual users may have a hard time due to lack of such security systems which could result in losing out on all of their data.

Once all the files are locked, cyber criminals demand for a payment to be made in order to unlock the files on the victim’s computer. The payment is usually asked to be made in the form bitcoin which is the online cryptocurrency.

WannaDecryptor – What is it?

WannaDecryptor is also known as WannaCry or wcry for short and is a specific ransomware program that locks all the files and data on a system and only leaves two files for the user. One being the set of instructions on what to do next and the other, the WannaDecryptor program itself.

When opened, the ransomware software tells the user that all their files have been encrypted and gives them a few days’ time to make a payment failing which their files will be deleted. Ransomware asks for the payment in Bitcoin, giving instructions on how to purchase it and also provides a Bitcoin address to send the payment to.

Most of the computer security companies can bypass the ransomware software with the help of ransomware decryption tools that they have. This was used in a wide-scale cyber-attack that affected many big organisations across the world, a few being the NHS and the Telefonica in Spain.

Protection against Ransomware

In order to be immune to the ransomware attack, one must back up all the files in a completely separate system. Hence, in the future, in case of an ransomware attack, no information or data will be lost.

It is difficult to stop the hackers before they launch a ransomware attack but a few precautionary measures could be taken. The cyber criminals need to download the harmful software onto the user’s computer, phone or any other connected device. Very often, the hackers install the virus through infected emails and websites.

For example, the attackers could send a phishing email to an employee posing as if it’s a mail from their boss, asking them to check out a link. But it actually links them to a malicious website that secretly downloads the virus onto the system. A device can also get infected by downloading a harmful program or application or just by visiting a website that contains infected advertisements too.

The best approach to prevent such ransomware mishaps is to be cautious of unsolicited emails and rather than clicking on the link. The website can be checked out by typing out the web address in another window.Another precaution is to make use of antivirus programs that can scan a file before it is downloaded, block secret background installations and search for malware that may already be present on the computer.

Sophisticated and elaborate defences have been developed by cyber security companies which include machines that fight against the hackers once spotted on a system. The Antivirus should be updated on all the systems and the latest software patches from Microsoft should be downloaded.

One can also ensure that smart screen (in Internet Explorer) is left turned on which assists in spotting reported phishing and harmful websites, thus helping the user make reconsider before making any downloads. A pop-up blocker is also useful as it automatically blocks unwanted websites from opening automatically. For higher security, the security tools available on the IT ministry website can be used.

What Should Ransomware Victims Do?

Though there is no permanent solution to the problem, there are a few blind spots that one could take advantage of to either control the damage or prevent it from spreading.

According to Cert-In, the system’s user should immediately disconnect it from the internet to prevent it from spreading to other systems. Since the ransomware encryption is done one file at a time, the user should immediately make an attempt to back up the remaining files in order to try and salvage as much data as one can.

If all the files are found to be locked, it is advisable for the victims to refrain from paying the ransom as it will further encourage the hackers. Even if the payment is made, there is no surety that the files will be returned to them intact. The best thing to do in such a situation is to restore all the files from the backup that was created. If that is not possible, there are some tools available that help recover a part of the lost information.

What is Bitcoin?

Often hackers demand payment in the form of Bitcoins usually between 0.3 and 1 Bitcoins, which is £400 – 1,375, but there is a possibility that they can demand a payment in dollars but made via Bitcoin. Cyber criminals usually demand payments through this digital currency since it is unregulated and practically untraceable. Although it is impossible to trace, the amount of the payment made is however public information. The amount may seem small to charge, but these ransomware attacks are wide-spread, so the payments altogether can be a huge amount.

Kill Switch

To prevent the spread of WannaCry, a Cyber-security researcher discovered a “kill-switch”, which was in fact by accident. The researcher, a twitter user,tweeted that the registering of a domain name that was by the malware, stopped itsspread. However, it did not help the computer systems that were already affected by this ransomware attack. He also warned that the threat was not yet fully averted as the culprits behind this ransomware attack could come up with a new way by changing the code and trying again. He warned users to update the patches on their systems since the attackers would definitely try again.

read more
1 2
Page 1 of 2