Analysis

now browsing by tag

 
 

#mobilesecurity | #android | #iphone | Trusted Platform Module (TPM) Market Growth Insight Analysis 2020-2026 – Cole Reports | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

The “Trusted Platform Module (TPM) Market” research report enhanced worldwide Coronavirus COVID19 impact analysis on the market size (Value, Production and Consumption), splits the breakdown (Data Status 2014-2020 and 6 Year Forecast From 2020 to 2026), by region, manufacturers, type and End User/application. This Trusted Platform Module (TPM) market report…

The post #mobilesecurity | #android | #iphone | Trusted Platform Module (TPM) Market Growth Insight Analysis 2020-2026 – Cole Reports appeared first on .

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #mobilesecurity | #android | #iphone | Trusted Platform Module (TPM) Market Growth Insight Analysis 2020-2026 – Cole Reports | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | The Deep and Dark Web Analysis

Source: National Cyber Security – Produced By Gregory Evans

Dark Web Analysis By Anna Chung, Principal Researcher at Unit 42, Palo Alto Networks

 

Within the Deep and Dark Web, ransomware attacks are expected to continue in 2020. This year, my team and I came across an increasing number of threat actors selling ransomware, ransomware-as-a-service, and ransomware tutorials. Underground products and services like these enable malicious threat actors who are not technically savvy to enter the game.

Threat actors will continue exploring new methods to monetise compromised IoT devices, beyond IoT botnets and IoT-based VPNs, due to the uncapped profit potential. IoT devices remain a popular target among hackers, mostly because IoT security awareness and education is not as prevalent as it should be, and the number of IoT devices will continue to grow at an exponential rate as 5G develops and becomes mainstream.

We’re continuing to see instances where the failure to configure containers properly is leading to the loss of sensitive information and as a result, default configurations are posing significant security risks to organisations.

Misconfigurations, such as using default container names and leaving default service ports exposed to the public, leave organisations vulnerable to targeted reconnaissance. The implications can vary greatly, as we’ve already seen simple misconfigurations within cloud services lead to severe impacts on organisations.

Dark Web Analysis: Authentication Mechanism

When a company is beginning to address or prepare for these types of attacks, it’s important they never expose a Docker daemon to the internet without a proper authentication mechanism. Note that by default the Docker Engine (CE) is not exposed to the internet. Key recommendations include:

  • Incorporate Unix sockets – Using these allow you to communicate with Docker daemon locally or use SSH to connect to a remote docker daemon.
  • Leverage the firewall – Whitelist incoming traffic to a small sets of sources against firewall rules to provide an extra added layer of security.
  • Caution against the unknown – Never pull Docker images from unknown registries or unknown user namespaces.
  • Employ always-on searches – Frequently check for any unknown containers or images in your system.
  • Identify malicious containers and prevent cryptojacking activities – When a new vulnerability in the internal container environments is revealed, it is critical to patch it up quickly as attackers will be on a race to exploit any systems they can access. Having tools that actively scan your environment for known vulnerabilities and provide alerts on dangerous configurations can help to maintain the security of all container components consistently and over time.
  • Integrate security into DevOps workflows – This will allow for your security teams to scale their efforts in an automated way. Developers have a lot of power in the cloud, and your security needs to be able to keep up.
  • Maintain runtime protection – As your organisation’s cloud footprint grows, being able to automatically model and whitelist application behavior becomes a powerful tool for securing cloud workloads against attacks and compromises.

Many data breaches today are driven by financially motivated cyber threat actors, and this type of attack prefers targets that have rich personal identifiable information (PII), including financial institutes, hospitals, hotels, airlines, and almost all e-commerce sites.

From an underground economic perspective, this is data that can be quickly monetised and resold multiple times. Different data has different buyers, but overall speaking in regard to PII, payment information is preferred due to the card-not-present type of fraud. Therefore, sites that process and collect individual payment information typically are more attractive to attackers in this instance.

While we have seen a certain amount of cyber-offensive behavior using AI, such as identity impersonation by using deep faking, we are still in the very early stages of seeing the full potential of AI-enabled attacks. On the flipside, we are seeing an increase in cyber defenders using AI to detect and mitigate threats.

Dark Web Training

Businesses and CSOs should prioritise security awareness training for all employees, going beyond just explaining how cyber-attacks occur and how they may impact an organisation as a whole, but educating their workforce at individual level  on proactive steps they can take to identify and prevent security attacks. Simple exercises like issuing phishing email detection tests or software update reminders, help raise security awareness among employees to make for more secure daily operations and help reduce the success rate of attacks.

One of the major security challenges facing today’s digital age is the fact that there are too many devices and security policies in place, making it difficult to monitor and maintain. Prioritising highly-automated security solutions that cover multiple environments will increase visibility and control over the entire operational environment by simplifying the management process, reducing costs and freeing up more time to identify the existing pain points and future roadmaps.

 

Source link
——————————————————————————————————

The post #deepweb | <p> The Deep and Dark Web Analysis <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | VERT Threat Alert: January 2020 Patch Tuesday Analysis

Source: National Cyber Security – Produced By Gregory Evans

Today’s VERT Alert addresses Microsoft’s January 2020 Security Updates. VERT is actively working on coverage for these vulnerabilities and expects to ship ASPL-866 on Wednesday, January 15th. 

In-The-Wild & Disclosed CVEs

CVE-2020-0601

While there are no in-the-wild and disclosed CVEs in the January patch drop, there is a lot of discussion around CVE-2020-0601. The vulnerability allows for Elliptic Curve Cryptography (ECC) spoofing due to the way these certificates are validated. This vulnerability was reported to Microsoft by the NSA and rumors in various publications indicate that certain government agencies and enterprises were given advance notice of this vulnerability.

Microsoft has rated this as a 1 (Exploitation More Likely) on the latest software release on the Exploitability Index.

CVE Breakdown by Tag

While historical Microsoft Security Bulletin groupings are gone, Microsoft vulnerabilities are tagged with an identifier. This list provides a breakdown of the CVEs on a per tag basis.

Tag
CVE Count
CVEs
Windows Update Stack
1
CVE-2020-0638
Windows Hyper-V
1
CVE-2020-0617
Windows Subsystem for Linux
1
CVE-2020-0636
ASP.NET
2
CVE-2020-0602, CVE-2020-0603
Microsoft Windows
8
CVE-2020-0601, CVE-2020-0608, CVE-2020-0616, CVE-2020-0620, CVE-2020-0621, CVE-2020-0624, CVE-2020-0635, CVE-2020-0644
Apps
1
CVE-2020-0654
.NET Framework
3
CVE-2020-0605, CVE-2020-0606, CVE-2020-0646
Microsoft Graphics Component
4
CVE-2020-0607, CVE-2020-0622, CVE-2020-0642, CVE-2020-0643
Microsoft Scripting Engine
1
CVE-2020-0640
Common Log File System Driver
3
CVE-2020-0615, CVE-2020-0639, CVE-2020-0634
Microsoft Dynamics
1
CVE-2020-0656
Windows Media
1
CVE-2020-0641
Microsoft Windows Search Component
12
CVE-2020-0613, CVE-2020-0614, CVE-2020-0623, CVE-2020-0625, CVE-2020-0626, CVE-2020-0627, CVE-2020-0628, CVE-2020-0629, CVE-2020-0630, CVE-2020-0631, CVE-2020-0632, CVE-2020-0633
Microsoft Office
5
CVE-2020-0647, CVE-2020-0650, CVE-2020-0651, CVE-2020-0652, CVE-2020-0653
Windows RDP
5
CVE-2020-0609, CVE-2020-0610, CVE-2020-0611, CVE-2020-0612, CVE-2020-0637

 

Other Information

There were no new advisories released today. However, it is worth mentioning that today marks the final day of support for Windows 7, Windows Server 2008, and Windows Server 2008 R2. These platforms are now considered end of life and (Read more…)

Source link

The post #cybersecurity | #hackerspace |<p> VERT Threat Alert: January 2020 Patch Tuesday Analysis <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Information Technology Specialist (Systems Analysis)

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Department of the Treasury – New Carrollton, MD $119,285 – $161,900 a year – Full-time, Part-time The U.S. Department of the Treasury has a distinguished history dating back to the founding of our nation. As the steward of U.S. economic and financial systems, Treasury is a […] View full post on AmIHackerProof.com | Can You Be Hacked?

Analysis reveals racial disparities in school arrests

The presence of police in schools, advocates say, makes arrests and referrals more likely, with results that can derail students’ lives. Photo by Alan Levine/Flickr

In 43 states and the District of Columbia, black students are arrested at school at disproportionately high levels, an analysis of federal data by the Education Week Research Center finds.

And one reason may be that black students are more likely than students in any other racial or ethnic group to attend schools with police, according to the analysis of 2013-14 civil rights data, the most recent collected by the U.S. Department of Education.

In most of the jurisdictions with disproportionate arrests of black students, the disparities are significant.

Read More

The post Analysis reveals racial disparities in school arrests appeared first on Parent Security Online.

View full post on Parent Security Online

Cyber Attacks On US Companies In 2016 – Analysis

cybersecurity-2

Source: National Cyber Security – Produced By Gregory Evans

Cyber Attacks On US Companies In 2016 – Analysis

This article is a continuation of a series of papers on cyber attacks against U.S. companies since 2014[1] and 2015.[2] While the means of cyber attacks vary, the pattern of targets has been relatively consistent. Large databases, as well as

The post Cyber Attacks On US Companies In 2016 – Analysis appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Media, Malware, and Analysis Analyst Job

new3

Source: National Cyber Security – Produced By Gregory Evans

Media, Malware, and Analysis Analyst Job

Description:
SAIC currently has a contingency position for a Media, Malware and Analysis Analyst to support the United States Cyber Command (USCYBERCOM) at Fort Meade, Maryland.
JOB DESCRIPTION:
Media, Malware and Analysis (MMA) is the forensic analysis of media and

The post Media, Malware, and Analysis Analyst Job appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Correcting the Record on 38 North’s Analysis of North Korea’s Possible Fifth Nuclear Test

Source: National Cyber Security – Produced By Gregory Evans

The recent article, “What’s behind North Korea’s attempts for dialogue?” by Cha Du-Hyeogn, published by NK News calls 38 North to task as “falling for Pyongyang’s trickery” and reporting on “omens” of an imminent fifth nuclear test. Normally, we wouldn’t respond to such comments, but 38 North takes a great deal of pride in its […]

The post Correcting the Record on 38 North’s Analysis of North Korea’s Possible Fifth Nuclear Test appeared first on National Cyber Security.

View full post on National Cyber Security

Department of Homeland Security’s Science & Technology Directorate Announces New Cybersecurity Risk Analysis Tool

Source: National Cyber Security – Produced By Gregory Evans

WASHINGTON, D.C. – The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced that a fifth cybersecurity technology has been licensed for commercialization as a part of the Cyber Security Division’s Transition to Practice (TTP) program. The TTP program builds on the S&T process of funding projects through the full research and development lifecycle through to the commercial marketplace. The Physical and Cyber Risk Analysis Tool (PACRAT) technology, developed by researchers at Pacific Northwest National Laboratory (PNNL), assesses cyber risks simultaneously with physical risks. RhinoCorps, a small business and vulnerability assessment tool developer in Albuquerque, New Mexico, is licensing the tool and plans to integrate PACRAT’s capabilities into their physical vulnerability assessment tool called Simajin. The resulting assessment tool will enable users to examine how their cyber security and physical security postures impact one another. “S&T’s TTP program is leading the way in assisting the transition of government funded technology into the marketplace,” said DHS Under Secretary for Science and Technology Dr. Reginald Brothers. “Some of the most innovative technologies have been developed by our national lab partners and it’s essential we help them provide a positive impact on the nation’s cybersecurity posture.” In 2013, the TTP program […]

The post Department of Homeland Security’s Science & Technology Directorate Announces New Cybersecurity Risk Analysis Tool appeared first on National Cyber Security.

View full post on National Cyber Security