close

Internet Security

Internet Security

Firewalls vs. CASB Which is Better?

Firewalls vs. CASB Which is Better?

Both firewalls and cloud access security brokers (CASB) work to protect your online information from threats. Instead of considering one better than the other, you should consider them different components of your security system. Learn the differences between the two, including how each one works, so you can set up the right online security system for your small business.

Firewalls Protect From Some Attacks

For people accessing websites and information at work, a cloud firewall is a good thing to have in your security arsenal. Firewalls help prevent malicious websites from probing into your cloud or stealing your data. Firewalls allow you to create lists of programs that are allowed to access the cloud, and programs that are not. You can also extend firewall protection to people accessing your cloud remotely because the firewall applies to the cloud itself from any access point.

CASB Is Not a Firewall Replacement

People often wonder if CASB replaces firewalls. The answer is no. These are two different security measures, both of which you should have. CASB fills in a lot of the gaps that a firewall cannot cover. Gaps in security caused by new programs and human behavior can be devastating to a cloud account if you have no way to protect against them. A firewall can’t recognize when a user account is behaving strangely or give you detailed control over cloud access. CASB can.

CASB Monitors Human Behavior

One major threat to cloud systems is personnel access points. If black hats outside your business get a hold of login information, they can enter your cloud and steal your data or set up malware. A major way CASB works to protect you is monitoring what people do once logged they enter into the cloud. CASBs also monitor how long people are logged in for and how many login attempts someone has made.

If an employee is using shadow IT, which is IT that your company has not authorized, a CASB will find it and notify you. Not all shadow IT is malicious or causes a security threat, but you need to know it’s there so you can take steps to speak to employees and get rid of it if you need to. Remember, employees can be security threats too, whether they intend to be or not.

CASB Offers Encryption and Management

For significant encryption and tokenization, you need a CASB. As you upload files to your cloud, the CASB will encrypt those files to your specifications. When you have sensitive data within the cloud, you can set rights management protection up in case people try to download those files. Allowing only specific people access, or getting a list of those who try to download specific information, can prevent your files from falling into hacker’s hands.

Both firewalls and CASB are necessary to protect your cloud. They have specific strengths that offer a web of protection. If you only have a firewall right now, then you need to add CASB protection. Your data is too important, and your business needs CASB encryption and monitoring to protect that data.

 

read more
Internet SecuritySocial Media

An Instagram Hack Hit Millions of Accounts Victims Phone Numbers for Sale

An Instagram Hack Hit Millions of Accounts Victims Phone Numbers for Sale

Instagram suffered the hacking of six million accounts

Illustrious figures of the sports, artists, and celebrities of Hollywood are the victims of Instagram HACK.

It seems that computer attacks become very normal nowadays. A few weeks ago the objective of the hackers was HBO. Now they turn their eyes into the Instagram.

The Instagram, the social network under the shield of Facebook suffered a breach of security few days ago. It was solved but resulted in the infringement of millions of profiles.

According to reports , the group of hackers who attacked Instagram, known as ‘Doxagram’, took to steal information from millions of accounts. At first, it was thought that the affected profiles were only those that were verified with the blue insignia, but from ‘Doxagram’ confirmed to the portal The Daily Beast that they had in their power data of six million of them.

The hackers further detailed that they possess data of 50 of the Instagram  accounts with more followers in Instagram. Among them are celebrities and athletes, and even detailed that the account of the President of the United States was also a victim.

In the material collected there would be telephone numbers and email accounts, all of which was put up for sale on the Dark Web.

Instagram co-founder Mike Krieger noted that the bug was fixed quickly. However, he advised users to be alert to any suspicious activity.

We recommend people to modify their password as soon as possible. Also, enable 2-step authentication to prevent them from entering the profile from an unauthorized device.

An Instagram vulnerability allowed hackers to seize the profiles of millions of users, including Selena Gomez, phone numbers, and email accounts.

Although the hacking happened on Tuesday 29 August, the social network of images revealed today that there were six million affected accounts, out of a total of 700 million users who are currently registered. From the company said they have solved the vulnerability.

“After further analysis, we determined that this problem also affected some unverified accounts,” said Instagram co-founder and technical director Mike Krieger on the official blog.

“While we can not determine which specific accounts may have been affected, we believe it was a low percentage,” he said.

According to the source, the list of profiles of celebrities comprises of personages of the sport, artists, and celebrities. Emma Watson, Emilia Clarke, Zac Efron, Leonardo Di Caprio, Beyonce, Lady Gaga, Rihanna, Floyd Mayweather, Zinedine Zidane, Neymar and Ronaldinho, among others, are among the 1,000 people affected by the hackers.

To make matters worse, hackers published the private data of the victims in the database of the site Doxagram – now it is not available – and they offered for the modest sum of 10 dollars.

In this regard, Instagram confirmed that it is “working with the police” to combat the sale of stolen information by the hackers. “We encourage people to be vigilant about the security of their account and be careful if they encounter any suspicious activity, such as calls, texts, and unacknowledged emails,” Krieger concluded.

read more
Internet Security

What is WannaCry and How Does Ransomware Work?

What is WannaCry and How Does Ransomware Work?

Ransomware is a type of a cyber-attack that has affects a computer system allowing hackers to take control of it and blocks all access to it until a ransom is paid by the users. To gain access to the system, the cyber criminals have to download harmful software onto the device that’s in the network and they often do this by tricking the users in clicking a link that downloads it onto the system.

Through the downloaded software already on the system, the hackers can Ransomeware attack all of the user’s files that it can find within a network and lock it. This is usually a gradual process where the files are encrypted one by one.

Big companies with elaborate security systems are able to identify this occurring and can single out documents to reduce the damage. However, individual users may have a hard time due to lack of such security systems which could result in losing out on all of their data.

Once all the files are locked, cyber criminals demand for a payment to be made in order to unlock the files on the victim’s computer. The payment is usually asked to be made in the form bitcoin which is the online cryptocurrency.

WannaDecryptor – What is it?

WannaDecryptor is also known as WannaCry or wcry for short and is a specific ransomware program that locks all the files and data on a system and only leaves two files for the user. One being the set of instructions on what to do next and the other, the WannaDecryptor program itself.

When opened, the ransomware software tells the user that all their files have been encrypted and gives them a few days’ time to make a payment failing which their files will be deleted. Ransomware asks for the payment in Bitcoin, giving instructions on how to purchase it and also provides a Bitcoin address to send the payment to.

Most of the computer security companies can bypass the ransomware software with the help of ransomware decryption tools that they have. This was used in a wide-scale cyber-attack that affected many big organisations across the world, a few being the NHS and the Telefonica in Spain.

Protection against Ransomware

In order to be immune to the ransomware attack, one must back up all the files in a completely separate system. Hence, in the future, in case of an ransomware attack, no information or data will be lost.

It is difficult to stop the hackers before they launch a ransomware attack but a few precautionary measures could be taken. The cyber criminals need to download the harmful software onto the user’s computer, phone or any other connected device. Very often, the hackers install the virus through infected emails and websites.

For example, the attackers could send a phishing email to an employee posing as if it’s a mail from their boss, asking them to check out a link. But it actually links them to a malicious website that secretly downloads the virus onto the system. A device can also get infected by downloading a harmful program or application or just by visiting a website that contains infected advertisements too.

The best approach to prevent such ransomware mishaps is to be cautious of unsolicited emails and rather than clicking on the link. The website can be checked out by typing out the web address in another window.Another precaution is to make use of antivirus programs that can scan a file before it is downloaded, block secret background installations and search for malware that may already be present on the computer.

Sophisticated and elaborate defences have been developed by cyber security companies which include machines that fight against the hackers once spotted on a system. The Antivirus should be updated on all the systems and the latest software patches from Microsoft should be downloaded.

One can also ensure that smart screen (in Internet Explorer) is left turned on which assists in spotting reported phishing and harmful websites, thus helping the user make reconsider before making any downloads. A pop-up blocker is also useful as it automatically blocks unwanted websites from opening automatically. For higher security, the security tools available on the IT ministry website can be used.

What Should Ransomware Victims Do?

Though there is no permanent solution to the problem, there are a few blind spots that one could take advantage of to either control the damage or prevent it from spreading.

According to Cert-In, the system’s user should immediately disconnect it from the internet to prevent it from spreading to other systems. Since the ransomware encryption is done one file at a time, the user should immediately make an attempt to back up the remaining files in order to try and salvage as much data as one can.

If all the files are found to be locked, it is advisable for the victims to refrain from paying the ransom as it will further encourage the hackers. Even if the payment is made, there is no surety that the files will be returned to them intact. The best thing to do in such a situation is to restore all the files from the backup that was created. If that is not possible, there are some tools available that help recover a part of the lost information.

What is Bitcoin?

Often hackers demand payment in the form of Bitcoins usually between 0.3 and 1 Bitcoins, which is £400 – 1,375, but there is a possibility that they can demand a payment in dollars but made via Bitcoin. Cyber criminals usually demand payments through this digital currency since it is unregulated and practically untraceable. Although it is impossible to trace, the amount of the payment made is however public information. The amount may seem small to charge, but these ransomware attacks are wide-spread, so the payments altogether can be a huge amount.

Kill Switch

To prevent the spread of WannaCry, a Cyber-security researcher discovered a “kill-switch”, which was in fact by accident. The researcher, a twitter user,tweeted that the registering of a domain name that was by the malware, stopped itsspread. However, it did not help the computer systems that were already affected by this ransomware attack. He also warned that the threat was not yet fully averted as the culprits behind this ransomware attack could come up with a new way by changing the code and trying again. He warned users to update the patches on their systems since the attackers would definitely try again.

read more
Internet Security

Don’t fall for This Computer Virus Scam!

Don’t fall for This Computer Virus Scam!

Undoing the menace of online fraud  Scam

Scams have become a menace these days, affecting millions of computers worldwide. This has also resulted in unnecessary fear amongst people with panic gripping many of the internet users. Taking advantage of the turmoil, scammers have found a new way to swindle off money by luring people into buying fraudulent anti-virus software.Frequent spam emails, adware pop-ups and high pressure sales tactics is the new modus operandi of fraudsters operating online. Very often, users are tricked into sharing confidential information which is then used to loot money from people’s bank accounts.

Unveiling the latest tricks to Scam People

There’s a new trend in market which is catching people off guard is the use of sudden pop-up advertisements.  These ads pop up whenever someone visits a website or scrolling through a webpage, showing a fake warning that the user’s computer has been affected by malware and needs immediate repair. The fraudsters design the whole procedure in such a manner that one cannot hardly differentiate them from the legitimate ones.

These advertisements prompt the user to call some servicemen to deal with the virus issue. Most of the time, novice users fall prey to such social engineering tactics and gets convinced by scamsters that their computer is infected by malicious software. Once the user grants access of their computer to these conmen, they install certain spyware and adware instead of legitimate anti-virus software and gains access to all of user’s personal information and financial transaction.  Aged people and inexperienced users are usually the soft targets of these scam.

FTC in action

The US government have started their operation against such scams/fraudsters after noticing large increase in internet fraud. The Federal Trade Commission which the chief regulatory body in this regard, is doing all in its capability to book the culprits behind the scam. Pam Bondi, the attorney general of Florida who is known to be operating closely with the Federal Trade Commission has told users to remain alert and report such crimes whenever they occur.

About 16 new enforcement actions by the FTC are said to be in the process of implementation to nab the conmen. Till now, the commission has received more than 96,000 complaints in this regard with people getting conned for a total amount of $24.6 million.

The FTC is working closely with internet giants like Apple and Microsoft to device ways to protect people from such internet scams and frame charges against the scamsters.  Whenever users call numbers given in the pop-up advertisements, they are usually greeted by telemarketers who tries to convince that they are certified servicemen from legitimate companies like Apple and Microsoft. In this way, it’s easy for them to gain trust of the internet users.  FTC warns people not fall for such social engineering tricks and instead call up service centers of Microsoft and Apple directly. It has also warned against replying to spam emails pretending to be from authentic sources.

read more
Internet Security

Should You Pay the WannaCry Ransom?

Should You Pay the WannaCry Ransom?

Is it right to pay the WannaCry Ransomware to get data back?

Last Friday a major ransomware based cyberattack was launched on global scale which left hundreds of computers infected with the WannaCry. Security experts had advised the users to update their Windows in order to minimize the threat of the ransomware. However the major question which is being tackled by the infected users is ‘whether to pay up the ransom or not’?

Most of the security experts had put forward the advice that one shouldn’t pay the ransom in any given scenario. For a number of users paying a sum of $300 isn’t too much to get back their encrypted data stored back to its original state. But paying ransom will only made the attackers resolve stronger and they will be compelled to bring much higher level of threats which can lead massive financial and other losses.

Paying isn’t the right course of action

The people behind the WannaCry ransomware has set up a number of digital wallets to track the Bitcoin payments made for the ransom and it shows quite a number of people are willing to part with their money in order to get their data back. A number of security experts have stated that these people are dealing with the criminals and they shouldn’t expect the honest transaction. The reason behind such statement is that on analyzing the WannaCry it was found that its design doesn’t offer any promises of regaining the access to the files in any way even after paying the ransom.

A UK security firm called Hacker House experts has stated that a usual ransomware works by encrypting all the data present on the computer then asks for a ransom. When the ransom is paid then hackers tend to provide the key which helps in decrypting the data but in case of the WannaCry it requires a manual human operator to activate the decryption process.

 

In simple words paying the ransom will not result in getting back the encrypted data to its original form in any manner in WannaCry hacking. Security researchers had tried to get in touch with the people behind the WannaCry ransomware but they had remained silent. Therefore when the victims try to contact the WannaCry hackers in order to get the key for unlocking the files then it’s doubtful that someone will heed to them.

What you should be doing instead?

WannaCry has mainly targeted the business networks on the global scale by exploiting the vulnerability present in the Windows operating system. All those users who had been affected by this WannaCry ransomware should note that they are not likely to get their data back unless they had backed their data on a spate device earlier.

Therefore people should make a habit of backing up their files on a spate device or a different machine on a regular basis. It is also possible to get rid of this WannaCry ransomware from the device or system but the process is certainly isn’t a straightforward one. A technical support website called Bleeping Computer has set down a guideline for removing the ransomware but it involves downloading of some specific programs.

read more
1 2
Page 1 of 2