2020

now browsing by tag

 
 

#nationalcybersecuritymonth | 4 cyberthreats and trends to watch in 2020 — Tuesday, January 21, 2020 — www.eenews.net

Source: National Cyber Security – Produced By Gregory Evans

Last year saw ransomware run rampant over state and local governments, a relentless string of data breaches at major corporations, and a first-of-its-kind cyber disruption to the U.S. power grid.

Less than a month into 2020, experts are warning that another long year of hacking risks lies ahead for U.S. energy companies and federal agencies. It’s also an election year, a fact keeping homeland security officials on high alert.

Iran, China and Russia top the list of nation-states poised to test U.S. cyberdefenses in 2020, according to acting Homeland Security Secretary Chad Wolf.

“Each of these countries has a different motivation and end goal, but all attempt to undermine our interests and international standing,” including through “cyber-enabled attacks,” Wolf said at a Homeland Security Experts Group event Friday.

Here’s a look at four cybersecurity issues to watch in 2020:

Advertisement

After the U.S. killed top Iranian Gen. Qassem Soleimani early this month, tensions between the two countries quickly escalated and fears spread of a cyberattack on U.S. electric utilities or oil and gas companies (Energywire, Jan. 6). The worry was not unfounded, as Iran-linked hackers are showing an increasing interest in electric utilities, according to a report out last week from cybersecurity firm Dragos Inc. Iran is also believed to have deployed computer-wiping malware against Saudi state-owned oil giant Saudi Arabian Oil Co. in 2012.

Several U.S. lawmakers have called for more information on Iran’s cyber capabilities following the drone strike on Soleimani. Rep. Bennie Thompson (D-Miss.), chairman of the House Homeland Security Committee, urged the Trump administration to share its strategy for dealing with potential retaliation, saying that he is concerned over Iran’s capabilities “against state and local governments and critical infrastructure to exact revenge for the death of Soleimani.”

Reps. Frank Pallone (D-N.J.), chairman of the Energy and Commerce Committee, and Mike Doyle (D-Pa.), chairman of the Communications and Technology Subcommittee, called on the Department of Homeland Security and the Federal Communications Commission to brief Congress on the danger Iran presents to telecommunications networks.

Iran is not the only country to have shown interest in hacking energy companies. Russia looms large in many cybersecurity threat assessments after being tied to sophisticated malware that shut down a petrochemical plant in Saudi Arabia in 2017. The Triton malware targeted Schneider Electric SE safety systems, and the hackers behind that potentially deadly tool were seen targeting U.S. facilities in 2018. When it comes to hacking industrial control systems, Russia is still the more experienced, older sibling, according to many experts.

Hacking critical infrastructure doesn’t always bring destructive or disruptive dangers. Cyberespionage is a large problem inside the energy sector, and China is one of the leading culprits, having been accused of leading hacks into managed service providers that oversee huge amounts of proprietary data from a variety of industries in the “cloud” (E&E News PM, Dec. 20, 2018).

That’s not to say China can’t wreak even more havoc. In last year’s Worldwide Threat Assessment by then-Director of National Intelligence Dan Coats, China was called out as having the ability to cause a “disruption of a natural gas pipeline for days to weeks.”

Many analysts see that sort of crippling attack as highly unlikely to occur in practice. Less impactful, but more probable, is the threat posed by ransomware — malware that holds victims’ computer files hostage by encrypting them and demanding payment for the key. Analysts have warned that ransomware can have unintended consequences by infecting operational technology (OT) in industrial control systems like those that run the power grid. The line between information technology and OT is beginning to blur in dangerous ways, and an infected IT system can quickly lead to an infected control pump or circuit breaker.

OT networks are “a really rich environment for ransomware to spread into, and usually unintentionally,” said Greg Young, vice president of cybersecurity at cyberdefense firm Trend Micro.

Many OT systems are susceptible to ransomware because they are old and unpatched, Young said. That makes them perfect fodder for ransomware attacks that use common and previously documented vulnerabilities.

This year marks the first U.S. presidential election since Russia-linked hacking groups interfered in the 2016 race. The big question is: To what degree will suspected Russian operatives try to do so again?

Last week, a report by Area 1 Security Inc. alleged that Russian hackers breached the Ukrainian gas company Burisma Holdings Ltd., a company tied to the impeachment of President Trump (Energywire, Jan. 15). The cybersecurity firm’s report did not detail exactly what information was gained, if any, but history may repeat itself if hackers dig up dirt on one of the leading Democratic presidential contenders, Joe Biden, to sway U.S. voters.

In 2016, the Russian government hacked Democratic National Committee and Democratic Congressional Campaign Committee networks, stealing files during the runup to the election before leaking them to WikiLeaks and DCLeaks, according to multiple U.S. intelligence agencies. WikiLeaks posted troves of politically damaging emails days before the 2016 Democratic National Convention.

The efforts by alleged Russian agents during the last general election, and continued online disinformation campaigns since then, have shifted focus to the social media companies where vast numbers of Americans get their news.

“Finally, this year we’re going to see disinformation become more on the agenda for some of the social media platforms,” Young said, rather than see them “duck” the issue by invoking freedom of speech.

Russia isn’t the only player in the election interference game, the U.S. intelligence community has warned. “Russia, China, Iran, and other foreign malicious actors all will seek to interfere in the voting process or influence voter perceptions” in the upcoming November elections, according to a recent joint statement from seven agencies.

Last October, Microsoft Corp. revealed that Iranian-linked hackers have targeted the email accounts of a presidential campaign. Reuters later reported that it was Trump’s reelection campaign, a case that served as a warning for other presidential candidates of the threats posed by nation-state hackers.

Days before the Iowa primary, Pete Buttigieg lost the only staffer who was working on cybersecurity full time, The Wall Street Journal reported. Mick Baccio quit due to differences over handling of Buttigieg’s “information security program.”

Some candidates, like Sens. Bernie Sanders (I-Vt.) and Elizabeth Warren (D-Mass.), have been largely quiet on how they are handling cybersecurity in their campaign, but others have opened up about steps they are taking.

The most recent candidate to join the Democratic field — billionaire and former New York Mayor Michael Bloomberg — recently announced that his campaign is hiring a team dedicated to cybersecurity.

The first reported cyberattack that disrupted the U.S. grid occurred in 2019. Will 2020 see another?

Last March, a cyberattack on Cisco Systems Inc. equipment installed at renewable energy giant sPower briefly blinded communications between grid control centers and several wind and solar generation sites in Utah, Wyoming and California. The attack didn’t seem to be intentional and the signals were lost for less than five minutes, but the blips served as a reminder of utilities’ increased exposure to attacks as they embrace digitization (Energywire, Sept. 6, 2019).

The North American Electric Reliability Corp. is wagering that information sharing will be at the heart of ensuring similar cyber events don’t happen again. This year, NERC’s Electricity Information Sharing and Analysis Center (E-ISAC) increased its budget to just over $31 million and plans to add at least nine new employees.

The investment is part of its long-term strategic plan to make E-ISAC “a world-class intelligence collecting and analytical capability for the electricity industry.”

E-ISAC spreads the word on the latest cyberthreats and vulnerabilities to registered utilities and other subscribers to its private portal, raising the question: Will members of the public even know if another grid cyberattack happens?

The March incident — a distributed-denial-of-service attack that overwhelms its target with traffic — was only mentioned publicly in a single line on an obscure Department of Energy “electric disturbance” form. Officials at DOE, NERC, DHS, the Federal Energy Regulatory Commission and the Western Electricity Coordinating Council all declined to share more details at the time.

2020 could pose other challenges for cybersecurity transparency as federal regulators puzzle over whether to reveal the names of utilities found to have broken mandatory cybersecurity requirements.

NERC and FERC, the two organizations responsible for setting and enforcing rules for grid cyberdefense, submitted a joint proposal last year that advocated for revealing the names of companies that have violated cybersecurity regulations, along with the general nature of the violation and the penalty amount. The change was aimed at balancing “confidentiality, transparency, security and efficiency concerns” and wouldn’t reveal technical details that could benefit malicious actors.

This proposal was lauded by consumer advocates, but others worried that even revealing the names of rule-breaking companies could put grid reliability at risk. In a comment on the proposal, DOE said that disclosing any identities would be shining a beacon to malicious actors while also discouraging self-reporting by those companies.

“Despite the consequences for transparency, withholding violator identities is the only reasonable way to avoid this undesirable result,” DOE wrote in its comments, signed by Assistant Secretaries Bruce Walker and Karen Evans.

If the last few years saw supply chain security grow in the public consciousness, experts say 2020 will be when action finally occurs. Well, maybe.

FERC’s enforcement of new supply chain regulations for the bulk power grid are set to begin this July. The new standard requires utilities to create a “security risk management plan.” Large power companies must also keep track of remote network access by vendors and verify that software installed in the power grid is not modified or counterfeit.

The impact of the new standards remains to be seen. Patrick Miller, managing partner at Archer Energy Solutions LLC and a former NERC auditor, said that although the regulation does have good sections — such as software verification — it was created too quickly and resulted in a vague and bare-bones supply chain standard.

“Fast regulation is usually not good regulation, and this one is no different,” Miller said.

Supply chain security is one of the five cybersecurity priorities that FERC staff laid out in a presentation in November.

FERC has also created a cybersecurity division under the Office of Electric Reliability, and supply chain security is going to be a “top priority,” FERC Chairman Neil Chatterjee wrote in a letter this month addressing concerns around U.S. power-sector use of equipment from China-based telecommunications giant Huawei Technologies Co.

“My colleagues and I at the Commission will continue to work with the North American Electric Reliability Corporation and our federal partners including the Department of Energy and the Department of Homeland Security to assess the threat posed by Huawei and take additional action as appropriate,” Chatterjee wrote.

The White House and Congress view Huawei as a security threat and have effectively blocked many U.S. companies and manufacturers from using the company’s products in any infrastructure for fifth-generation (5G) wireless technology. The fear is that using Huawei equipment would allow China to spy on Americans or hijack vital equipment during a conflict. Chris Krebs, who leads the Cybersecurity and Infrastructure Security Agency at DHS, told Politico last year that his top priority through 2021 is “China, supply chain and 5G.”

Huawei has countered that there is no firm evidence of its equipment being linked to any Chinese spying and has slammed U.S. restrictions as a baseless attempt to judge companies’ security based on the geography of their headquarters.

The debate over supply chain security is only likely to intensify in 2020, as NERC shares results of a power-sector survey of Huawei’s prevalence in the U.S. power grid.

Source link

The post #nationalcybersecuritymonth | 4 cyberthreats and trends to watch in 2020 — Tuesday, January 21, 2020 — www.eenews.net appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Why Cyber risk is the number one business risk in 2020

Source: National Cyber Security – Produced By Gregory Evans

In January the Information Commissioner’s Office (ICO) fined DSG Retail Limited (DSG) £500,000 after a ‘point of sale’ computer system was compromised as a result of a cyber-attack, affecting at least 14 million people.

An ICO investigation found that an attacker installed malware on 5,390 tills at DSG’s Currys PC World and Dixons Travel stores between July 2017 and April 2018, collecting personal data during the nine-month period before the attack was detected.

The company’s failure to secure the system allowed unauthorised access to 5.6 million payment card details used in transactions and the personal information of approximately 14 million people, including full names, postcodes, email addresses and failed credit checks from internal servers.

Because the data breach occurred before the General Data Protection Regulation (GDPR) came into effect, DSG were found to have breached the earlier Data Protection Act 1998.

The ICO cited poor security arrangements and a failure to take adequate steps to protect personal data. This included vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing.

The ICO said that the contraventions in this case were so serious that they imposed the maximum penalty under the previous law, but the fine would inevitably have been much higher under the GDPR.

The ICO considered that the personal data involved would significantly affect individuals’ privacy, leaving affected customers vulnerable to financial theft and identity fraud. The ICO received 158 complaints between June 2018 and November 2018 from DSG’s customers. As of March 2019, the company reported that nearly 3,300 customers had contacted them directly in relation to this data breach.

The ICO stressed that while cyber-attacks are becoming more frequent, organisations still have responsibilities under the law to take serious security steps to protect systems, and most importantly, people’s personal data.

This incident will have cost DSG a great deal, both in direct costs to deal with the breach, and also in terms of its reputation.  DSG  may also face claims from its customers – especially given the ICO’s findings of poor security.

Given such incidents  it’s unsurprising that the threat of cyber attacks is keeping many business leaders up at night and sadly, if business leaders aren’t worried, then they aren’t paying attention. In fact, the latest Allianz Risk Barometer 2020 from insurers Allianz – which identifies the top corporate risks for 2020 – highlights cyber risk as the number one business risk for 2020.  Seven years ago cyber risk was ranked just 15th.

A top priority for all businesses in 2020 must be to take all reasonable and practicable steps to make their businesses as cyber risk proof and as resilient as possible.  There’s plenty of guidance and support available – the National Cyber Security Centre (NCSC) promotes cyber essentials which should be a first port of call for any SME (https://www.cyberessentials.ncsc.gov.uk/about).

Businesses should also consider whether they should take out cyber insurance.  It should not be assumed cyber risks are covered in your existing insurance policies.

A number of cyber policies are now available and a specialist insurance broker should be able to assist you and help explain what’s available and what is and what is not covered.   Such policies can help protect against financial losses (including for business interruption, privacy breach costs, cyber extortion, hacker damage, and media liability) but many also offer assistance at the time of an incident e.g. by providing cyber forensic support.

Such policies do pay out – last year the Association of British Insurers revealed that 99% of claims made (207) on ABI-member cyber insurance policies in 2018 were paid – this is one of the highest claims acceptance rates across all insurance products.

As the NCSC advise:

“Organisations that are considering cyber insurance should understand that it will not protect you from an attack, but it may provide you with additional resources during and after an incident. So cyber insurance can be considered as an additional risk management tool, but do take time to:

  • understand the scope and scale of the cover provided
  • ensure that you are able to meet any operational requirements placed on you by the insurer”

As always when buying insurance you need to read the fine print of the cover. Crucially you must also ensure you meet any security or other IT requirements placed on you by the insurer.  If you have pre-existing IT issues you knew or ought to have known about and these lead to a breach of security you are unlikely to be covered.

Insurance is not a panacea, of course. You need to implement appropriate technical and organisational measures to ensure a level of security appropriate to the risks your organisation faces.  This is required by the General Data Protection Regulation (GDPR) in any event where you process personal data.

Ensuring your business is protected against cyber security risks should be a recurring New Year’s resolution, no matter what type of business you run.


Simon Stokes

Simon Stokes is a Partner with law firm Blake Morgan . He leads the firm’s technology practice in London and specialises in information technology law.

Source link

The post #nationalcybersecuritymonth | Why Cyber risk is the number one business risk in 2020 appeared first on National Cyber Security.

View full post on National Cyber Security

The State of Security Breach Protection 2020 Survey Results

Source: National Cyber Security – Produced By Gregory Evans What are the key considerations security decision-makers should take into account when designing their 2020 breach protection? To answer this, we polled 1,536 cybersecurity professionals in The State of Breach Protection 2020 survey (Download the full survey here) to understand the common practices, prioritization, and preferences […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Who Should the CISO Report To in 2020?

Source: National Cyber Security – Produced By Gregory Evans The debate over who the CISO should report to is a hot topic among security professionals, and that shows no sign of changing soon. That’s because there is still no standard or clear-cut answer. Ask CISOs themselves for their opinion, and you will get a variety […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | 2020 And Beyond: Idaptive’s Predictions and Expectations for the New Decade

Source: National Cyber Security – Produced By Gregory Evans

The close of a year is a natural time for reflection, and when it also means turning the page on a new decade people are inspired to speculate on what the next ten years might hold. At Idaptive, of course, we’ve always got our minds on what’s new, what’s next, and what nascent idea is going to shake up and redefine our industry.

We expect to see so many of the seeds planted over the past few years sprout and bear fruit in the next decade, and old, antiquated systems finally replaced with more efficient, more secure, and more user-friendly ways of operating. Passwords will finally become as obsolete as CD-ROMs, and artificial intelligence, machine learning, and analytics will blossom to make security more nimble, automated and adaptable.

As we welcome in 2020, Idaptive has identified what we believe will be the primary catalysts for life-changing innovation, laying the groundwork for a period in which we collectively learn to think more holistically about digital identity, and come to understand that unchecked trust has no place in our online security.

Prediction: Identity, analytics, and passwords evolve.

Fittingly, for the year 2020, identity and access management will finally begin to feel as advanced and sophisticated as the sci-fi-worthy date suggests. Increased adoption of tools like on-device biometric authenticators and the FIDO2 standard will fold behavior patterns, contextual data, and even user idiosyncrasies into an enhanced authentication system that will eliminate passwords from applications and endpoints. You will be the key that unlocks your devices and apps, and password sharing, resetting, or hacking will be significantly less of a security threat.

Just as passwords will no longer be the dominant access management tool, so, too, will the IT world move towards reducing and even eliminating the concept of policies that govern identity and access management altogether. They will begin to more broadly leverage AI, machine learning, and contextual data of users, locations, and networks to drive more identity use cases in the next three to five years.

We’ve watched carefully over the past few years as point solution vendors have reached scale and become market leaders, thanks to the increased popularity of the cloud and mobile devices. This year we anticipate a consolidation of these point vendors, products, and technologies in the various sub-market segments of identity and access management to produce the next generation identity platform. At the same time, the next several years will see a wider proliferation of use cases related to identity that leverages blockchain technology such as self-sovereign identity for the purpose of identity verification and management, and for managing credentials, consents, and preferences.

Prediction: Zero Trust and multi-cloud environments become commonplace.

As for what we expect to see ripple across the identity and access management industry in the coming decade, it all comes down to Zero Trust.

We see 2020 as the year when investment in Zero Trust technologies (which has been slowly sown over the past few years) begins to bear real fruit. Conventional security systems like firewalls are disappearing, and more and more organizations are adopting technologies that allow them to access on-premises data center resources like apps, servers, and the cloud anytime, from anywhere.

On-premises user directories will be another technology that will find itself phased out and made obsolete in the new year, as more companies shift to the cloud. Being faster, more efficient, and more agile (not to mention more secure) will kick off a swell of momentum around quantum computing. IBM, Google, D-Wave and even AWS will push each other to bring commercial quantum computing to market, and its impact on cybersecurity will rise in line with that conversation.

As we at Idaptive raise a glass to the new year, we prepare for a decade of massive, impactful change in our industry, in technology, and in our collective understanding of all that cybersecurity is and can be. So cheers, and Happy New Year to you and yours! 

 

Looking for more predictions? Check out the following:

Blog: Five Identity and Access Management Predictions for 2020 and Beyond

20 Predictions for 2020 @IdaptiveHQ on Twitter

Source link

The post #cybersecurity | #hackerspace |<p> 2020 And Beyond: Idaptive’s Predictions and Expectations for the New Decade <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Ohio Chief Information Officer Shares 2020 IT Strategies

Source: National Cyber Security – Produced By Gregory Evans When Ohio Attorney General Mike DeWine was elected as the 70th governor of Ohio in November, 2018, he appointed Ervan Rodgers II as the State’s chief information officer (CIO). Rodgers, who served as CIO at the Ohio Attorney General’s Office for more than four years under […] View full post on AmIHackerProof.com

#deepweb | 3 Experts Share Mobile Marketing Strategies for 2020

Source: National Cyber Security – Produced By Gregory Evans The 2020 marketer is a new breed of marketer that drives teamwork and devours data. 123rf A rigorous analysis of the reams of mobile and marketing predictions for the new year suggests 2020 will be remembered as the year mobile-first marketing finally grew up. The obsession […] View full post on AmIHackerProof.com

#cybersecurity | #hackerspace | Businesses Will Buy Down Risk With Defense-in-Depth – 2020 Trend #5

Source: National Cyber Security – Produced By Gregory Evans

As 2019 came to an end, Imperva CTO Kunal Anand began working with our global research team, Imperva Labs, to put together a list of the most important cybersecurity issues security leaders should be prepared for in 2020. He published his list in the blog, “Top 5 Cybersecurity Trends to Prepare for in 2020.” Since then, we’ve been digging deeper into each of his five trends in blogs that examine risk and security strategies that can keep your business safe. Today, we’ve arrived at the fifth and final trend to prepare for in 2020:  defense-in-depth. 

Digital Transformation is a Driver

We know that digital transformation is definitely having an impact on every aspect of our business life. Increased efficiencies, higher revenue and improved communication are just a few of the benefits we are starting to see.  But the urge to be online all the time via smartphones, laptops, tablets, smart speaker systems and even IoT devices, is putting a strain on the enterprise. The lines between corporate and personal become blurred as employees use personal devices to access corporate apps in the cloud, check email one last time before going to bed, or log onto the business intranet. And everyone – customers and employees alike – wants consistent, high-speed access to all the websites and applications they need, always and everywhere. 

Unexpected Consequences

Digital transformation has an unexpected side as well, with serious implications for security and performance. 

There is a new weakest link to be aware of: the point at which the enterprise-owned network connects to a third-party network – typically at major Internet hubs. Connections to potentially vulnerable API backends, weak security or older, vulnerable versions of operating systems on personal devices, password re-use, and increasingly sophisticated cyberattacks can spell danger for even the most security-savvy organization. 

DDoS attacks remain attractive to hackers: In 2019 our team saw the largest-ever attacks, five times bigger than any previously seen. At the same time, spear phishing attacks are increasingly successful. They impersonate executives through business email compromise (BEC) to execute unauthorized wire transfers and use publicly available information to trick employees into giving up their credentials. It’s easier than ever to attack mobile devices that connect to corporate assets, converting them into vectors to attack resources, steal data, and slow down access to websites and apps. 

In Search of Comprehensive Security and Efficiency

Traditional defense mechanisms are not able to keep up with the increasing power and agility of cyberattacks. That’s why it’s important to keep attacks as far away as possible from the corporate network and data center. In practice, that means mitigating them close to the point of attack – at the edge. Not only is this more efficient, it can have a positive impact on the user experience as well. This approach requires us to push strong security all the way to the edge, encompassing all devices – especially mobile devices, which are often the target of attacks.  

Still, edge security is not enough. We need to take a much more efficient and comprehensive risk-reduction approach than we have in the past. Traditional approaches involved separate edge security solutions to combat DDoS attacks, provide protection for web applications, detect and deter malicious account takeover attempts, etc. Even worse, there were separate providers and solutions for protecting against external threats, bad bots, hackers, and insiders who have become internal threats. And separate solutions for protecting assets that live on-premises, in the cloud, and in mixed cloud environments – at a time when many organizations are in the process of migrating from one environment to the other. Different platforms, user interfaces, and management consoles lead to inefficient operations, bombarding security analysts with massive amounts of uncoordinated alerts and increasing the management burden. 

A Better Way

Businesses need security solutions that protect applications regardless of where they live, that are integrated to share important data, that can analyze complex attacks and find patterns, and that make life easier for scarce talent like security analysts. Solutions that reconcile the often-conflicting requirements for speed, performance, scalability, and protection. 

The best way to accomplish this is through security that provides true defense-in-depth from the edge to inside the application itself. The ideal scenario is a“layered” security model where malicious actors must pass through multiple gates in order to execute an attack, without introducing latency or jeopardizing essential business processes.

Imperva Application Security

At Imperva, we take a security-first approach that ensures an optimal user experience while managing risk. Our global network of full-stack PoPs ensures protection at the edge while guaranteeing optimal performance and speed. 

The Imperva WAF inspects all traffic destined for customer websites and mitigates malicious traffic at the nearest PoP, allowing legitimate traffic to continue on its way. Our powerful DDoS protection stops attacks of any size in three seconds or less – an industry first (and best) SLA. Our content delivery network optimizes website delivery, improving performance while reducing bandwidth costs. Our bot management provides protection against all OWASP automated threats. Our Runtime Application Self-Protection (RASP) offers security by default against known and zero-day vulnerabilities. And Attack Analytics gives analysts a prioritized set of actionable security insights to improve productivity.  

The Imperva Application Security suite delivers all this in a simple, flexible, and predictable licensing approach that lets you deploy regardless of whether your devices are in the cloud, on-premises or in a hybrid model.  

Featured Webinar: Take on 2020 with Vision. Imperva CMO David Gee sits down with Imperva CTO Kunal Anand to discuss all the trends you should watch for in 2020. Watch here.

 

The post Businesses Will Buy Down Risk With Defense-in-Depth – 2020 Trend #5 appeared first on Blog.

*** This is a Security Bloggers Network syndicated blog from Blog authored by Kim Lambert. Read the original post at: https://www.imperva.com/blog/buy-down-risk-2020-trend-5/

Source link

The post #cybersecurity | #hackerspace |<p> Businesses Will Buy Down Risk With Defense-in-Depth – 2020 Trend #5 <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | VERT Threat Alert: January 2020 Patch Tuesday Analysis

Source: National Cyber Security – Produced By Gregory Evans

Today’s VERT Alert addresses Microsoft’s January 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-866 on Wednesday, January 15th. 

In-The-Wild & Disclosed CVEs

CVE-2020-0601

While there are no in-the-wild and disclosed CVEs in the January patch drop, there is a lot of discussion around CVE-2020-0601. The vulnerability allows for Elliptic Curve Cryptography (ECC) spoofing due to the way these certificates are validated. This vulnerability was reported to Microsoft by the NSA and rumors in various publications indicate that certain government agencies and enterprises were given advance notice of this vulnerability.

Microsoft has rated this as a 1 (Exploitation More Likely) on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag
CVE Count
CVEs
Windows Update Stack
1
CVE-2020-0638
Windows Hyper-V
1
CVE-2020-0617
Windows Subsystem for Linux
1
CVE-2020-0636
ASP.NET
2
CVE-2020-0602, CVE-2020-0603
Microsoft Windows
8
CVE-2020-0601, CVE-2020-0608, CVE-2020-0616, CVE-2020-0620, CVE-2020-0621, CVE-2020-0624, CVE-2020-0635, CVE-2020-0644
Apps
1
CVE-2020-0654
.NET Framework
3
CVE-2020-0605, CVE-2020-0606, CVE-2020-0646
Microsoft Graphics Component
4
CVE-2020-0607, CVE-2020-0622, CVE-2020-0642, CVE-2020-0643
Microsoft Scripting Engine
1
CVE-2020-0640
Common Log File System Driver
3
CVE-2020-0615, CVE-2020-0639, CVE-2020-0634
Microsoft Dynamics
1
CVE-2020-0656
Windows Media
1
CVE-2020-0641
Microsoft Windows Search Component
12
CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633
Microsoft Office
5
CVE-2020-0647, CVE-2020-0650, CVE-2020-0651, CVE-2020-0652, CVE-2020-0653
Windows RDP
5
CVE-2020-0609, CVE-2020-0610, CVE-2020-0611, CVE-2020-0612, CVE-2020-0637

 

Other Information

There were no new advisories released today. However, it is worth mentioning that today marks the final day of support for Windows 7, Windows Server 2008, and Windows Server 2008 R2. These platforms are now considered end of life and (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> VERT Threat Alert: January 2020 Patch Tuesday Analysis <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | API Security a Top Concern for Cybersecurity in 2020

Source: National Cyber Security – Produced By Gregory Evans

The role of the application programmable interface (API) keeps rising in prominence within the enterprise. And as that happens, so does the risk of APIs as an enterprise attack surface. According to security experts, API security will be a top concern for many cybersecurity organizations in the coming year.

The post API Security a Top Concern for Cybersecurity in 2020 appeared first on Security Boulevard.

Source link

The post #cybersecurity | #hackerspace |<p> API Security a Top Concern for Cybersecurity in 2020 <p> appeared first on National Cyber Security.

View full post on National Cyber Security