biggest

now browsing by tag

 
 

90 Day Fiancé: 10 Biggest Controversies | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

Content Warning: This article contains mentions of sexual assault and domestic violence. With 90 Day Fiancé, fans come for the chance to witness love conquering all, but stay for the vast amounts […]

The post 90 Day Fiancé: 10 Biggest Controversies | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

#computersecurity | #comptia | Ageing devices biggest threat to cybersecurity as work from home becomes norm – | #cybersecurity | #informationsecurity

Source: National Cyber Security – Produced By Gregory Evans

The IT companies are contemplating over extending this arrangement even after COVID-19 infections reduce. But, most companies agree to cybersecurity threat being a sword hanging over their heads

Rukmini Rao        Last Updated: June 10, 2020  | 18:54 IST

KEY HIGHLIGHTS:

  • In 2019, network infra assets of 47.9% businesses aged or turned obsolete
  • Ageing and obsolete devices in technology sector at 59.6%
  • Redirection of spend towards cloud services is resulting in decreased investment

Various sectors across the globe are slowing and in a staggered fashion opening up after nearly five months of lockdown, perhaps with the only exception of information technology sector, which adapted to a different working model to tide over the crisis. The IT companies are contemplating over extending this arrangement even after COVID-19 infections reduce. But, most companies agree to cybersecurity threat being a sword hanging over their heads. However, a recent report by NTT Ltd shows the root cause of cybersecurity threat having substantially increased is perhaps the obsolete or ageing devices.

“The assets of 47.9 per cent  organisations were ageing or turning obsolete as a weighted average, representing a significant surge from 2017, when this figure was just 13.1 per cent. Both connectivity and security are being compromised by enterprises leaving obsolete devices on the network,” the report  said. While the industry average in the use of obsolete and ageing devices is 47.9 per cent, public sector leads the way with 61.7 per cent, and surprisingly close second is the technology sector with 59.6 per cent of devices either ageing or turning obsolete. On an average, an obsolete device has twice as many vulnerabilities per device (42.2 per cent) compared to ageing (26.8 per cent) and current devices (19.4 per cent). Interestingly, the report says that around 2015-16,  businesses started investing and deploying new technology and spending on new devices peaked in 2017 when there were 86.9 per cent of organisations with current (latest) devices. Even as adoption of new wireless infrastructure is on the rise, with an average increase of over 13 per cent year-on-year, ageing and obsolete devices create security vulnerabilities and put businesses at risk of cyber attacks with people logging in from co-working spaces and remote work locations.

One of the biggest reasons behind the lower investment in  on-premises infrastructure, according to report, is the growth in cloud spend outpacing that in overall IT spend. This is what is leading to lower investments. Cloud adoption and spend were predicted to grow at a faster rate and in the region of 21-25 per cent CAGR until 2023. “The increase in on-premises, ageing and obsolete devices is partially due to a redirection of spend towards Software-as-a-Service (SaaS) and other cloud services, which results in a decrease in investment in on-premises infrastructure. However, we anticipate that there will be a significant increase in people working from home, even after pandemic reduction measures are lifted,” the report said.

Also Read: Coronavirus treatment cost: Tamil Nadu hospitals can’t charge above Rs 15,000 a day

Also Read: Vizag gas leak: Andhra govt forms committee to probe incident; seeks report by June 22

Source link

______________________________________________________________________________________________

Get your CompTIA A+, Network+ White Hat-Hacker, Certified Web Intelligence Analyst and more starting at $35 a month. Click here for more details.

Posted in Computer Security, Hacking, Network Security, News Wire

Source link
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

The post #computersecurity | #comptia | Ageing devices biggest threat to cybersecurity as work from home becomes norm – | #cybersecurity | #informationsecurity appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | #SocialSec – Hot takes on this week’s biggest cybersecurity news (Feb 7)

Source: National Cyber Security – Produced By Gregory Evans

Expired cert blamed on Microsoft Teams outage; rancor over Iowa caucus app; and an artist with 99 smartphones causes traffic mayhem in Berlin

This week didn’t get off to the smoothest of starts for Microsoft Teams users, as widespread reports surfaced on Monday that the collaboration software had ground to a halt.

From around 8:30 ET on February 3, users around the world were unable to log into Microsoft’s Slack-like group messaging service, leaving them with nothing else to do but post impromptu memes on Twitter.

At around 10:00 ET, Microsoft said it had discovered that the problem was due to an expired digital certificate.

The Teams service was restored later that day, although with a reported 20 million daily users being locked out of their accounts, the episode no doubt left the chat app’s devs more than a little red-faced.

In the US, social media feeds have been clogged with news of ‘The App That Broke the Iowa Caucus’.

Tech outlets were quick to jump onto reports that the results from Monday’s Democratic caucus in the midwestern state had been delayed because of problems with the smartphone app that was being used to report votes.

The confusion delayed the announcement of the winner in the first round for presidential hopefuls. Unsurprisingly, the fracas attracted no small amount of controversy, with many directing their ire towards the app developers.

Speaking to CNET, Irfan Asrar of cybersecurity company Blue Hexagon, said: “What we believe is, this is an oversight, and an example of the app being rushed into production.”

Offering their own take on the situation (and framing their article with a pointed reminder that “trust and transparency are core to the US elections”), Motherboard published the full .apk file of the app that malfunctioned and sent the caucus into a tailspin.

From unreliable apps to shady social media accounts, Twitter said it has suspended a large network of “fake accounts” that were being used to exploit its API in order to match usernames to phone numbers.

According to TechCrunch, a bug in the microblogging platform opened the door for an attacker to submit “millions of phone numbers” through an official API, which returned any associated user account.

The news comes as Indian website The Print reported allegations that “nearly 18,000 Twitter accounts” were spreading fake news on behalf of the right-wing Bharatiya Janata Party (BJP).

“Approached for comment, both the BJP and the Congress [a rival Indian party] denied the allegation that they supported accounts propagating misinformation,” the report reads.

And finally this week, an artist has shown how Google Maps could be abused to cause potential chaos on the roads, after he wheeled 99 smartphones in a wagon around Berlin in order to create a fake traffic jam.

In his ‘Google Maps Hacks’ performance piece, Simon Weckert demonstrated how it was possible to turn a ‘green street’ to ‘red’ on the popular online mapping service – showing how one small step for a man could have a giant impact on other road users, who would be directed into taking alternative routes from an actually clear road.

A video posted to Weckert’s YouTube account offers a real-time demonstration of what The Daily Swig is dubbing a ‘Distributed Denial-of-(Road) Surface’ attack. *bows*

Source link

The post #hacking | #SocialSec – Hot takes on this week’s biggest cybersecurity news (Feb 7) appeared first on National Cyber Security.

View full post on National Cyber Security

#hacking | #SocialSec – hot takes on this week’s biggest cybersecurity news (Jan 10)

Source: National Cyber Security – Produced By Gregory Evans

CES kicks off as Las Vegas tackles cyber-attack; British electronics retailer slapped with ICO fine; and nominations open for the top 10 web hacking techniques of 2019

CES 2020 opened its doors in Las Vegas this week, with tech enthusiasts from around the world getting a first look at hundreds of thousands of new gadgets and gizmos from more than 4,000 exhibiting companies.

With four conference sessions being dedicated to security and privacy this year, it’s good to see that infosec was not completely overshadowed by the invisible keyboards, next-gen wheelchairs, and other products of the (not too distant) future.

However, dominating Twitter this week was the organizers’ decision to bring in Ivanka Trump as CES keynote speaker.

Trump took to the stage to discuss the importance of government and industry collaboration for jobs creation, along with employer-led strategies to reskill workers.

Many, however, questioned the organizers’ choice of keynote speaker.

“Ivanka is not a woman in tech,” tweeted Brianna Wu, a software engineer who is running for Congress in Massachusetts.

“She’s not a CEO. She has no background. It’s a lazy attempt to emulate diversity, but like all emulation it’s not quite the real thing.”

Outside of the exhibition hall, Las Vegas officials said the city narrowly avoided a security incident on January 7.

Municipal officials confirmed that systems were attacked early on Tuesday morning, forcing government IT staff to take down a number of online services, including its public website.

A full-blown crisis was apparently averted thanks to swift action from those tasked with protecting Sin City’s digital infrastructure.

Elsewhere, the US Department of Homeland Security (DHS) issued a bulletin warning of a potential escalation of malicious cyber activity following the recent killing of Iranian military commander Qasem Soleimani.

Speaking to The Daily Swig this week, Suzanne Spaulding, advisor at Nozomi Networks and former DHS employee said the risk of retaliatory action by Iran is particularly high, given “that the ‘red lines’ are not clearly defined in cyberspace”.

Check out our coverage for more on the Iranian cyber threat.

Over in the UK, electronics retailer DSG Retail has been fined £500,000 ($655,000) after its point of sale system was compromised.

An investigation by the Information Commissioner’s Office (ICO) found that an attacker installed malware on nearly 5,400 checkout tills in Currys PC World and Dixons Travel stores between July 2017 and April 2018.

As previously reported by The Daily Swig, the breach impacted at least 14 million people and resulted in the payment card details of 5.6 million consumers being compromised.

“DSG breached the Data Protection Act 1998 by having poor security arrangements and failing to take adequate steps to protect personal data,” the ICO said.

“This included vulnerabilities such as inadequate software patching, absence of a local firewall, and lack of network segregation and routine security testing.”

Although £500,000 would be enough to make even the world’s biggest organizations sit up and pay attention, some noted that if the breach had taken place just one month later, DSG could have faced a far heftier, GDPR-induced fine.

And finally, nominations are open for the top 10 web hacking techniques of 2019.

Hosted annually by PortSwigger, this community-led initiative aims to seek out and honor the best hacking techniques of the past 12 months.

Caching exploits topped the 2018 web security hit list, and while it remains to be seen who will lead the pack this year, nominations in 2019 include developments in server-side request forgery, request smuggling, mutation cross-site scripting, and many other areas of research.

Check out the PortSwigger blog for full details.

Source link

The post #hacking | #SocialSec – hot takes on this week’s biggest cybersecurity news (Jan 10) appeared first on National Cyber Security.

View full post on National Cyber Security

#cyberfraud | #cybercriminals | Cloud, 5G and ‘wetware’ attacks — the 5 biggest cybersecurity threats of 2020

Source: National Cyber Security – Produced By Gregory Evans (Source: Giphy) Businesses are getting cosier with the cloud. As more data pours in, it makes sense to use a public cloud server rather than set up servers in-house. But just because they’re moving to a ‘cloud smart’ agenda doesn’t mean that they aren’t being ‘cloud […] View full post on AmIHackerProof.com

#nationalcybersecuritymonth | Tech 2019: Our biggest technology stories

Source: National Cyber Security – Produced By Gregory Evans As 2019 splutters to a close, it’s time for our annual lookback at our most-read tech stories, and to ask: “What happened next?”. Facebook and its family of apps dominates this year’s list with four entries – it probably won’t be a surprise that none of […] View full post on AmIHackerProof.com

What a decade! Our baddest stories and biggest lessons, year by year… – Naked Security

Source: National Cyber Security – Produced By Gregory Evans Here they are: the baddest stories and the biggest lessons, from 2010 to 2019. From a totally made-up hoax that shocked the world, through a social networking app that promised what it couldn’t deliver, to a larger-than life cybercelebrity who was busted in a military-scale takedown […] View full post on AmIHackerProof.com

#deepweb | Stocks making the biggest moves premarket: Home Depot, Boeing, Disney

Source: National Cyber Security – Produced By Gregory Evans Check out the companies making headlines in the premarket Tuesday: Home Depot — Home Depot shares dropped more than 5% in the premarket after the home improvement retailer reported disappointing same-store sales. The company said global same-store sales rose 3.6% in the previous quarter. Analysts polled […] View full post on AmIHackerProof.com

#city | #ransomware | 90pc of UK’s biggest law firms at risk of having confidential client data stolen

Source: National Cyber Security – Produced By Gregory Evans Around nine in 10 of the UK’s biggest law firms are at risk of being scammed or having their clients’ confidential data stolen or compromised due to sub-standard IT security. A new study of 200 of the country’s biggest law firms found more than 90pc are […] View full post on AmIHackerProof.com

#cybersecurity | Negligent Users are Biggest Cybersecurity Threat to German Organizations: Survey

Source: National Cyber Security – Produced By Gregory Evans

You are only as strong as your weakest link and the cybersecurity industry is no different. A recent survey by SolarWinds, a provider of IT management software, pointed out that negligent users are the biggest cybersecurity threat to German organizations. The company did the survey in a bid to highlight the threats the cybersecurity professionals are facing daily.

The research, which surveyed over 100 information technology professionals from Germany, stated that user errors constituted the largest share of cybersecurity incidents in the last 12 months, at a whopping 80 percent. The study stressed on the fact that internal factors are the most pressing cybersecurity threats. User errors were followed by exposures caused by poor network system or application security at 36 percent, and external actors infiltrating the company’s network at 31 percent.

To understand the factors contributing to the trend, the survey also found out that poor passwords were one of the major concerns for German techies. Nearly 45 percent of the respondents stated that poor and weak passwords were one of the biggest reasons for the breaches, while 42 percent of the respondents stated that sharing passwords is also another grave contributor. Other factors were accidental exposure, deletion, modification of critical data and even copying data into unsecured devices.

To top it all, it was also revealed that 89 percent of IT experts felt that they were unequipped to successfully implement and manage cybersecurity tasks today, with their current IT skillset.

“Our research shows once again that the biggest risk to the organization comes from the inside, aligning with research SolarWinds conducted in other regions earlier this year,” said Tim Brown, vice president of security, SolarWinds. “This underscores the continued need for organizations to address the human side of IT security and consistently educate users on how to avoid mistakes while encouraging an environment of learning and training. However, that alone is not enough; tech pros also need the best possible technology to effectively fight against both threats from the inside and potentially more sophisticated threats from the outside. SolarWinds is committed to helping IT and security teams by equipping them with powerful, affordable solutions that are easy to implement and manage. Good security should be within the reach of all organizations.”

It is not always an accidental error from insiders; sometimes these incidents are a part of a much larger scheme. Earlier this year, a recruiter from the telecommunications company AT&T Network was charged for paying insiders to upload malware on the company’s computer networks to unlock cell phones.

According to the United States Department of Justice (DOJ), the insiders, who worked in AT&T’s Bothell Customer Service Center, allegedly exploited AT&T’s proprietary locking software to remove millions of phones from the AT&T network system and payment plans, which incurred a loss of a million dollars to the company. It’s said that Fahd and his co-conspirators gave over $1 million in bribes to install malware and spying devices in the company.

Source link
____________________________________________________________________________________________________________________

#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
____________________________________________________________________________________________________________________

The post #cybersecurity | Negligent Users are Biggest Cybersecurity Threat to German Organizations: Survey appeared first on National Cyber Security.

View full post on National Cyber Security