Tips, Expertise, Articles and Advice from the Pro's for Your Website or Blog to Succeed
Malware is a growing threat to our computer systems and personal information. It can be difficult to tell when you have contracted malicious software, as it can often remain undetected until it is too late....
The post How You Get Malware: 5 Ways Malware Creeps Onto Your Device appeared first on 85ideas.com.
In this report, The State of Ransomware in 2020, research suggests that every eleven seconds, some business is being attacked by a cybercriminal. The frequency of attacks is up year over a year along with the diversity of business types being attacked. In the same report, you can see details of various organizations being attacked.
Couple this with Cybersecurity Talent Crunch to Create 350 Million Unfilled Jobs Globally by 2021, and it is apparent that many companies will have to rely on existing worker talent to combat an ever-increasing threat. Of course, high-tech companies have high-tech talent, but what about all the other types of organizations like government, education, service industry, and manufacturing. We all like to think we have skilled workers regardless of our industry. Still, under this new growing threat, our current in-house cybersecurity skills might not be at the level needed to provide maximum safeguard.
The report late last year from FireEye of a state-sponsored attack targeting SolarWinds’ Orion software sent a shockwave through the industry and the reverberations from the discovery are continuing to ripple. As many as 18,000 SolarWinds customers — including at least nine U.S. government agencies — were infected via the SunBurst breach of the network monitoring and management solution. Moreover, according to a recent study from IronNet, the average financial impact of that attack was 11% of annual revenue or about $12 million per company.
U.S. intelligence has put the blame for the attack on Russian-sponsored hackers, who compromised multiple Orion software updates that were released between March and June 2020, giving bad actors a backdoor into exploited systems. Our research found that the Orion software build and code-signing infrastructure was compromised, with the source code of the affected library directly modified to include malicious backdoor code that was compiled, signed, and delivered via the existing patch release management system.
A web filtering appliance is an internet content filter that obstructs web-borne threats such as malware, ransomware, and phishing from impacting a database. It also allows network administrators control over what online content can be viewed by network users. Therefore, as well as keeping networks and the devices that link to them safe from viruses, a web filtering appliance can also help enhance productivity in the workplace.
Every time a network user visits a link or enters a URL into a browser bar, the web filtering appliance compares the request to open a web page against blacklists of websites and IP addresses. The blacklists are kept up to date with details of websites and IP addresses known to store malware or linked with spam emails, spam emails being a high-risk vector for phishing attacks.
Six cybersecurity vulnerabilities in mission-critical SAP applications are being actively exploited by threat actors according to cybersecurity firm Onapsis. Exploitation of the flaws could result in the theft of sensitive data, financial fraud, and disruption of mission-critical systems, including malware and ransomware attacks. Researchers at Onapsis have recorded more than 300 successful attacks exploiting the flaws from mid-2020 until April 2021.
SAP systems are used by many organizations for managing critical business processes, including product lifecycle management, customer relationship management, enterprise resource planning, and supply chain management. SAP issued a warning to organizations using SAP systems on April 6, 2021 in coordination with Onapsis to alert them to the risk of attack.
Malware actors are increasingly setting their sights on Docker. Docker, as a PaaS platform, enables OS, firmware, and apps to run within a container. This enclosed environment benefits developers when they’re looking to try out code. However, it also grants nefarious individuals a way to spawn a malware infection within an organization.
It’s therefore no surprise that malicious actors have abused Docker containers over the past several years. Here are just a few malware incidents that stand out.
It doesn’t matter how small or big your organization is, you can potentially be the victim of the next phishing attack. Serious financial implications and a dent in reputation and customer base are just a few consequences any organization can face. Phishing attacks can cost your company confidential data through emails, malware, VoIP, text, and other communication channels available.
Statistics prove that phishing is real, and organizations are falling prey to it. Verizon’s 2019 Data Breach Investigations Report shows that almost one-third of the data breaches in 2018 were cases of phishing. Email is the carrier of 90% of infectious software and malware. Every month almost 1.5 million spoof websites are created by phishers.
SSL Inspection or HTTPS Inspection is the process of intercepting SSL encrypted internet communication between the client and the server. The interception can be done between the server and the client and vice-versa.
We know that SSL encryption helps keep our data safe. Every bit of data is encrypted, such that data tampering or 3rd party intervention is not possible. However, that is not the case now. SSL can now be used to hide malware.
One of the most popular photo-scanning apps with OCR capabilities, CamScanner was recently found out to be riddled with nasty malware.
An estimated 100 million of CamScanner users may be affected as a result of this threat. After a series of negative reviews on the Google Play Store by users who observed suspicious behavior on the app, Kaspersky researchers investigated and discovered the malicious components of the application. Reportedly, one of the app’s advertising libraries contained the malware component.
Since mid-May, Microsoft has been warning Windows admins of a potentially catastrophic vulnerability: Now known as BlueKeep, this "critical" vulnerability exists within the Remote Desktop Protocol used by older Windows operating systems, including 2000, Vista, XP, 7, Server 2003 (including R2), and Server 2008 (including R2).
As the company explained in a security update guide last month:
Google Cloud Platform security features cover a range of Google’s products and services, such as the popular G Suite applications. These products and services are built on one of the most secure data infrastructures in the world. But, it’s still your responsibility to make sure your Google apps security settings are set up properly. This is where these five Google Cloud security best practices come in handy.
When you first log in to your Google Admin console, everything will be grouped into a single organizational unit. Any settings you apply to this group will apply to all the users and devices in the organization. Planning out how you want to organize your organizational units and hierarchy before diving in will help you save time and create a more structured security strategy.
Photo credit by Unsplash/Robin Sommer
There is no denying that with the rise of smart factories, we’re entering a new era of manufacturing.
Reuters wrote an interesting group of articles on Karma (a rootkit for iOS) and Project Raven (a group of ex-NSA contractors and employees who worked for the UAE). There are a couple of interesting features in this story, not the least of which is that this is the first time we've seen tradecraft migrate from tier-one cyber groups to other countries in this way. And from the looks of things, none of this was, at least initially, illegal. I expect we'll see some repercussions though, at least in the US, and likely in other countries with advanced cyber capabilities as they try to more strongly manage these capabilities.
There was one detail though, a small one, that I personally found very interesting that I thought I'd point out. In "Inside the Villa" section, Reuters goes over the process Raven used for targeting and exploitation. Step two of that process was: