now browsing by tag


#comptia | Ikea and Teenage Engineering launch co-developed speakers and party products

Source: National Cyber Security – Produced By Gregory Evans

Two and a half years after Ikea first announced its collaboration with Swedish design collective Teenage Engineering, the products are going on sale. The Frekvens range (which translates to “frequency”) will be rolling out in US stores from today through February 1st, according to Ikea.

Teenage Engineering is best known for its music products like the iconic OP-1 synthesizer, so it’s no surprise that the Frekvens collection sees Ikea continue its expansion into the world of home audio. There are two speakers in the range, a $69.99 model and a more portable $19.99 option with a belt clip, along with a $149 subwoofer combo and a $10 light-up speaker base.

“The Items got narrowed down towards sound,” Teenage Engineering founder Jesper Kouthoofd says. “What we said was ‘why do you have to hide speakers. They are furniture in their own right.’ Sounds should not be hidden. So when you start to build a modular system and add fronts and accessories on, it’s a more fun way to think about sound.”

It’s just not a party until someone pours a martini on a table tennis racquet on the floor.

The rest of the range includes more traditional Ikea products and is designed to help you host a stylishly minimalist home party. There are various lights, furniture, crockery, and other somewhat incongruous items like a cajón and a reflective raincoat. Many of the lights and speakers are able to be connected together.

“We know that for younger people spontinuity is key,” Ikea creative design leader Michael Nikolic says. “The idea of gathering some friends could become a reality in minutes. What is needed to have a good party at home? That’s what we wanted to investigate with Frekvens. Together with Teenage Engineering, we have explored the possibilities of taking the party with us.”

Here are some selected items from the collection:

Speaker with subwoofer, $149

Portable speaker, $19.99

Cups, $9.99 for four

Side table, $29.99

Eating set, $17.99

Cajón drum, $29.99

LED multi-use light, $40

Blanket, $49.99

Raincoat, $24.99

Source link

The post #comptia | Ikea and Teenage Engineering launch co-developed speakers and party products appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Spike in Texas cyberattacks against municipalities has City of SA in constant defense mode

Source: National Cyber Security – Produced By Gregory Evans

SAN ANTONIO – Six months ago, cybercriminals attacked local government agencies in 23 Texas cities. The statewide attack brought the Lone Star State to the front and center of the discussion about cybercrime.

“Municipalities are always a target because we have very complex systems, broad responsibilities. Here in San Antonio, we have more than 40 departments and city services, almost 13,000 employees,” said City of San Antonio IT Director and Chief Information Officer Craig Hopkins.

Ransomware attacks in 23 Texas cities have officials taking preventive measures

Hopkins said he consistently prioritizes cybersecurity for those reasons and instead of training employees once a year, he sends out information once a month.

“Up to 95% of the incidents we have are usually driven by human error,” he said.

Hopkins teaches city employees about the main types of cyberattacks. He said “phishing” is the most common.

“Phishing basically says, ‘I want you to click on a link, and I want you to give up some information that you may not normally give. I can take over one account, and then I can impersonate you inside of your organization and move horizontally,’” Hopkins said.

He then explained a concept called “whaling.”

“Think of that as a big fish. People of a certain title, city manager, the chief financial officer — targeting them because if you can impersonate them, you can create influence over other people, so financial scams tend to come out,” Hopkins said.

Hopkins also warned about physical security, which can include people looking over your shoulder at confidential information, people calling your phone pretending to be someone else or people piggybacking into facilities where employees use an access card.

He said he could not go into specific technicalities of the city’s protective system, but he said all businesses should be taking preventive measures, especially agencies or companies with outdated systems.

Copyright 2020 by KSAT – All rights reserved.

Source link

The post #comptia | #ransomware | Spike in Texas cyberattacks against municipalities has City of SA in constant defense mode appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Check Point report highlights latest cyber-threats worldwide

Source: National Cyber Security – Produced By Gregory Evans

Check Point Research has published its 2020 Cyber Security Report.

The report highlights the main tactics cyber-criminals are using to attack organisations worldwide across all industries and gives cybersecurity professionals and C-Level executives the information they need to protect their organisations from today’s fifth-generation cyber-attacks and threats.

The 2020 Security Report reveals the key attack vectors and techniques observed by Check Point researchers during the past year.

Highlights include:

Cryptominers still dominate malware landscape – Even though cryptomining declined during 2019, linked to cryptocurrencies’ fall in value and the closure of the Coinhive operation in March, 38% of companies globally were impacted by crypto-miners in 2019, up from 37% in 2018.

This is because the use of cryptominers remains a low-risk, high-reward activity for criminals

Botnet armies surge in size – 28% of organisations globally were hit by botnet activity, an increase of over 50% compared with 2018.

Emotet was the most common bot malware used, primarily because of its versatility in enabling malware and spam distribution services.

Other botnet actions such as sextortion email activity and DDoS attacks also rose sharply in 2019.  

Targeted ransomware hits hard – While the number of impacted organisations is relatively low, the severity of the attack is much higher – as seen in 2019’s damaging attacks against US city administrations.

Criminals are choosing their ransomware targets carefully, with the aim of extorting the maximum revenue possible.

Mobile attacks decline – 27% of organisations worldwide were impacted by cyber-attacks that involved mobile devices in 2019, down from 33% in 2018.

While the mobile threat landscape is maturing, organisations are also increasingly aware of the threat, and are deploying more protection on mobiles.

The year Magecart attacks became an epidemic – These attacks which inject malicious code into e-commerce websites to steal customers’ payment data hit hundreds of sites in 2019, from hotel chains to from commerce giants to SMBs, across all platforms.

Rise in cloud attacks – Currently more than 90% of enterprises use cloud services and yet 67% of security teams complain about the lack of visibility into their cloud infrastructure, security, and compliance.

The magnitude of cloud attacks and breaches has continued to grow in 2019.

Misconfiguration of cloud resources is still the number one cause for cloud attacks, but now we also witness an increasing number of attacks aimed directly at cloud service providers. 

“2019 presented a complex threat landscape where nation states, cybercrime organisations and private contractors accelerated the cyber arms race, elevating each other’s capabilities at an alarming pace, and this will continue into 2020,” says Check Point Software Technologies major intelligence officer Lotem Finkelsteen.

“Even if an organisation is equipped with the most comprehensive, state-of-the-art security products, the risk of being breached cannot be completely eliminated. Beyond detection and remediation, organisations need to adopt a proactive plan to stay ahead of cybercriminals and prevent attacks.

“Detecting and automatically blocking the attack at an early stage can prevent damage. Check Point’s 2020 Security Report shares what organisations need to look out for, and how they can win the war against cyber-attacks through key best practices.”

Check Point’s 2020 Security Report is based on data from Check Point’s ThreatCloud intelligence, the largest collaborative network for fighting cybercrime which delivers threat data and attack trends from a global network of threat sensors; from Check Point’s research investigations over the last 12 months; and on a brand new survey of IT professionals and C-level executives that assesses their preparedness for today’s threats.

The report examines the latest emerging threats against various industry sectors, and gives a comprehensive overview of the trends observed in the malware landscape, in emerging data breach vectors, and in nation-state cyber-attacks.

It also includes analysis from Check Point’s thought leaders, to help organisations understand and prepare themselves for today’s and tomorrow’s complex threat landscape.

Source link

The post #comptia | #ransomware | Check Point report highlights latest cyber-threats worldwide appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Bill Would Make Possession Of Ransomware A Crime In Maryland – CBS Baltimore

Source: National Cyber Security – Produced By Gregory Evans CAPITAL NEWS SERVICE — State lawmakers heard arguments Tuesday on a bill that seeks to add criminal penalties for knowingly possessing ransomware with the intent to use it in a malicious way. Ransomware is a type of malware that can impede the use of a computer […] View full post on AmIHackerProof.com

#comptia | Lenovo is building another standalone VR headset

Source: National Cyber Security – Produced By Gregory Evans Lenovo hasn’t made the best bets in virtual reality so far, but it seems like the company’s about to try again — according to a new FCC filing for the “Lenovo VR3030S,” which company docs identify as an upcoming standalone VR headset. Standalone means that like […] View full post on AmIHackerProof.com

#comptia | Riding 27 mph downhill on a Dot electric skateboard

Source: National Cyber Security – Produced By Gregory Evans

I was quite literally riding into the sunset when I began calculating just how fast my legs would have to move in order to abandon the electric skateboard under my feet. The winding road from the High Point Lookout of Red Rock Canyon in Nevada to the bottom of the basin sounded like the perfect place for my first ride on Dot’s new electric board — until I looked down at the small screen on my board’s remote.

The speedometer read 27 mph. Since middle school, I have ridden longboards in both cities and suburbs, but never in my life had I gone this fast or been this stiff with fear.

Riding an electric skateboard gives you the false sense that hills don’t exist because you have battery-powered brakes — that is, until you are racing downhill without one. In theory, regenerative braking is a dream. But in reality, it makes braking on a full battery incredibly perilous. And when you’re standing on a 37-inch piece of wood that is propelling you down into a desert valley at top speed, and your brakes suddenly aren’t responding to the controller in your hand, you realize that hills do, in fact, exist.

Before speeding downhill on a fully charged Dot skateboard, I fell in love with the board’s traditional skateboard feel. All three Dot models — the Compact, the Cruiser, and the Transporter — are made from a composite of maple V-Ply and fiberglass. Powerful hub motors allow them to cruise without drag; you have to pump or get the wheels moving before the motors will engage.

Dot Boards is the brainchild of three Australian brothers and skateboarders, Matt, Stephen, and Pete Hill. Operating under the belief that most electric skateboards on the market didn’t have that true skateboarding feel, the bothers spend six years developing one of their own. Last year, they finally launched their own products, which are now available for purchase through the company’s website.

Both the Compact and Cruiser sport pinstripe decks with kicktails while the Transporter is a woodgrain drop-through. With each board, you have the option of adding additional battery modules. And on the two smaller boards, you can add an additional hub motor as well. One motor provides enough power for a 15 percent hill climb, while two motors double that to 30 percent. Each battery provides six miles of range and costs an extra $200 per module. And all of the boards have rear brake lights built in.

The Compact Dot Board starts at $1,279, and while the size and weight are great, the range leaves something to be desired. You have the option of one or two motors, with the latter costing an extra $170. The speed maxes out at 18 mph, which, on a small board like this, feels pretty damn fast. The Compact Dot Board whips and is easy to carry. It feels extremely similar to Boosted’s Mini.

For full speed, range, and comfort — but a lot more weight — there’s the Transporter. Starting at $1,599, this board is the Cadillac of Dot’s lineup. You can upgrade the wheels to 120 mm “stable-ride” versions for $100. These wheels make it feel like you’re riding on a cloud. I got comfortable going real fast, real quick. You can get up to 24 mph on this board, with a maximum 24 miles of range per charge. But you give up a lot of portability with the Transporter. The board is huge and heavy, and it’s definitely an A to B vehicle with little to no stops in between.

The Cruiser sits comfortably in between the Compact and the Transporter. It starts at $1,299 with a maximum speed of 18 mph and 18 miles of range. This is the sweet spot for electric board sizes. It’s light enough that if you had to hop on the subway, it wouldn’t be a hassle, but it still retains decent range and speed.

The Dot remote is a little different than Boosted’s. The acceleration and brake buttons are on the backside of the remote. I found myself using my pointer and middle fingers to accelerate and my ring finger and pinkie to brake. But it was a little tricky, and I was often spooked that I would hit accelerate when I meant to hit the brake. With its snappy braking and acceleration, a slip of your hand could leave you on the pavement.

There is, however, a very useful — and very tiny — screen on Dot’s remote. You can see a speedometer, distance traveled, and a range of settings. While the board is not waterproof, the screen on the remote will tell you if your motor is wet. It also has haptic feedback to alert you of certain messages. For example, if your board is vertical, and therefore the motors aren’t going to start, the remote will pulse. I appreciated being able to feel that something was wrong via the haptics.

We need to talk about the regenerative braking system and how I reached 27 mph going downhill on an electric skateboard. Dot claims it actually caps the power to just below 100 percent while you’re charging the board, leaving a bit of room for any additional power from the brakes to be sent back into the “full” battery. But when I took off on a fully charged Cruiser at the top of a lookout point in Red Rock Canyon, I began generating more power than I needed.

Once the battery hit full capacity, which happened to be in the middle of a large hill, the braking felt a lot like a speed wobble. There were real quick pulses that caused the back of my board to shake, then the brake would cut out. This is a huge problem for anyone riding these boards, and I hope to see Dot address this in a better way than capping the amount a battery can charge.

I reached out to the company about this issue, and Dot responded by saying the remote will alert you if you try to brake while the battery is full. The alert will be a repeating haptic signal and a “Low Brakes” message on the remote screen. Unfortunately, during my experience, I did not receive this message, and I worry that, for an inexperienced rider, this signal could be too little too late.

What Dot is doing right, though, is the modularity and customization. Motors are swappable via an Allen key that is stored in the front truck, and batteries are easy to unscrew and remove. In contrast, changing a wheel on a Boosted board requires taking motor caps off, relieving belt tension, and removing motor gears.

I was able to change out a wheel in about two minutes and put an additional motor on in one minute. I really like that you can buy the base model of any Dot Board and, in a few months or years, add batteries or extra motors. Of course, that relies on Dot staying afloat in a market that not only has the huge incumbent player, but also has seen companies come and go. Dot’s bet on DIY, customizable boards is refreshing, though.

Source link

The post #comptia | Riding 27 mph downhill on a Dot electric skateboard appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | Rancocas Valley High School students blocked from social media, but can stream music video – News – Burlington County Times

Source: National Cyber Security – Produced By Gregory Evans

Federal law requires schools to protect students from inappropriate content. Schools have different standards on what to block, records show.

MOUNT HOLLY — Facebook, Snapchat and Twitter are off-limits.

Apple TV, Amazon Prime and Hulu video are just fine.

At Rancocas Valley Regional High School, cybersecurity systems are set to block student access to social media but allow teens to stream music and video on classroom devices, according to records released after a legal appeal to the New Jersey Government Records Council.

Beginning Nov. 8, this news organization filed open records requests with all Burlington County school districts.

Four months later, on Jan. 10, district officials released the requested information while apologizing for the delay.

“I reviewed the District’s initial response which did not include all of the documents I advised them to produce,” said George M. Morris, attorney for the school district. “Not sure where there was a breakdown in communication.”

Public schools are required by federal law to protect students from inappropriate content.

The information released by area schools districts shows that they have different standards for filtering content, protecting students and staff as well as the equipment financed by taxpayers.

In October, Cherry Hill School District in Camden County discovered some of its computer systems had been locked down and some district computer screens displayed the word “Ryuk,” a term associated with ransomware attacks.

Rancocas Valley is home to some 2,100 students from Eastampton, Hainesport , Lumberton, Mount Holly and Westampton.

In addition to streaming audio and video, Rancocas Valley students are allowed to access shopping, news and media, sports and travel websites, records show. A long list of blocked content includes dating, gambling, pornographic materials, sex education, tobacco, “sports hunting” and “war games.”

So far, records were provided by Bordentown Regional, Burlington City, Burlington Township, Cinnaminson, Delanco, Eastampton, Florence, Lenape Regional, Lumberton, Maple Shade, Medford, Moorestown, Mount Laurel, North Hanover, Palmyra, Riverside, Riverton, Shamong, Southampton, Springfield and Westampton.

Similar records requests are pending with Beverly City, Chesterfield, Edgewater Park, Evesham, Mansfield, the Northern Burlington County Regional School District and Willingboro schools.

Appeals have been filed with the New Jersey Government Records Council.

Under New Jersey’s Open Public Records Act, government agency must respond within seven days after receiving a request. Government agencies “must ordinarily grant immediate access to budgets, bills, vouchers, contracts,” according to the records council.

Source link

The post #comptia | #ransomware | Rancocas Valley High School students blocked from social media, but can stream music video – News – Burlington County Times appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | High-Impact Windows 10 Security Threat Revealed As App-Killing Malware Evolves

Source: National Cyber Security – Produced By Gregory Evans New research reveals alarming Windows 10 ‘Clop’ app-killing threat Getty The Federal Bureau of Investigation (FBI) issued a high-impact threat warning to U.S. businesses and organizations on October 2, 2019. That threat was ransomware, and the FBI warned that cybercriminals “upgrade and change their techniques to […] View full post on AmIHackerProof.com

#comptia | #ransomware | Ransomware attacks several major cities worldwide in 2019 | Science/technology

Source: National Cyber Security – Produced By Gregory Evans

This figure means an increase of at least 60 percent compared to last year. In 2019, ransomware aims at giant and influential organizations.

Although the demanded payment of each ransomware normally comes up to US$5 million, the real damage is much more than that. Therefore, these kinds of attacks are a thorny issue of businesses in all the world.

According to researchers, the infected organizations are usually not capable of paying a large sum of ransom, yet they tend to agree with other just as dangerous requests as temporarily blocking a certain service in a city.

This obviously create an adverse impact of social welfare of citizens there, further leading to even more negative effects on finance as well as other sensitive social matters.

By KIM THANH – Translated by Huong Vuong

Source link

The post #comptia | #ransomware | Ransomware attacks several major cities worldwide in 2019 | Science/technology appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | #ransomware | What’s in store for cybersecurity as we head into the ’20s

Source: National Cyber Security – Produced By Gregory Evans

In 2020 we will see more and more sophisticated attacks perpetrated by a larger number of threat actors, including many who are backed by organised crime or nation-states. According to the 2019 Verizon Data Breach Investigations Report (DBIR), organised criminal groups were behind 39 per cent of breaches in 2019, and actors identified as nation-state or state-affiliated were involved in 23 per cent of breaches.

These attacks may leverage side-channel attack techniques (similar to Spectre, Meltdown and the slew of other discovered hardware-related vulnerabilities that are so hard to address purely through software fixes), attacks living in firmware and others going beyond a traditional file-based or even living-off-the-land (aka fileless) malware. While the industry is still struggling with old known malware, these types of attacks will proliferate mostly unchecked.

For the first time, we may see an attack that results in death(s). Internet of Things (IoT) devices incorporated into critical infrastructure systems (e.g. electric grid, water treatment, communications), as well as life-critical medical devices, will see a slew of new disclosed vulnerabilities that could prove deadly, particularly to the most vulnerable patients in intensive care units (ICU). Attackers will become more specialised in different areas of IoT device types.

The evolution of ransomware

Ransomware has been around since 1989, yet it will remain a very effective malware type for attackers in 2020. McAfee’s researchers found that ransomware attacks have more than doubled this year, including a Q1 increase of 118 per cent.

“After a periodic decrease in new families and developments at the end of 2018, the first quarter of 2019 was game on again for ransomware, with code innovations and a new, much more targeted approach,” said Christiaan Beek, lead scientist and senior principal engineer at McAfee.

To that point, we can not only expect the number of ransomware attacks to increase in 2020, but as the discovery of the RIPlace evasion technique demonstrates, they will become more difficult — if not impossible — to detect.

All organisations across all industries are potential targets, but healthcare and government organisations appear to have the biggest targets on their backs. CNN reports 140 attacks targeting public state and local governments and health care providers this year (and counting).

The attacks hit schools, local government offices and hospitals, wreaking havoc and costing victims hundreds of millions of dollars. The victims included:

A network of Alabama hospitals had to stop accepting new patients.

The city of Baltimore, which ended up spending more than $18 million recovering from an attack.

Louisiana schools – Governor John Bel Edwards was forced to activate a state of emergency after ransomware took down three school districts’ IT systems

Three Florida cities – Key Biscayne, Lake City and Riviera Beach – were unable to provide residents with access to many vital government services while officials scrambled to spend hundreds of thousands of dollars to bring downed IT systems back online. The attackers collected ransoms totaling over $1.1 million.

The most recent victim (as of this writing) was the city of Pensacola, Florida, was hit by ransomware that took phones, email, electronic “311” service requests, and electronic payment systems offline.

As Dave Hylender, a senior risk analyst at Verizon and one of the authors of the 2019 Verizon Data Breach Investigations Report said, “There’s an impression that ransomware has sort of run its course. It hasn’t. I don’t think ransomware is ‘back’ this year because I don’t think it ever left.”

Gone phishing

An organisation’s employees will continue to initiate some of the most devastating losses. Companies rely on awareness training to educate users on how to avoid falling victim to attacks,  but that cannot eliminate user error entirely.

Consider that nearly a third of all breaches in 2019 were the result of phishing attacks, according to the Verizon DBIR. Worse, it’s easy for attackers to secure and use well-built, off-the-shelf tools, lowering the skill required to launch a phishing campaign. According to the IDG Security Priorities Study, 44 per cent of companies will increase their security awareness programs and make staff training priorities is a top priority.

Attackers will respond by improving the quality of their phishing campaigns by minimising or hiding common signs of a phish. Expect greater use of business email compromise (BEC), too, where an attacker sends legitimate-looking phishing attempts through fraudulent or compromised internal or third-party accounts.

Organisations in 2020 need to prioritise strengthening the environment around users to reduce the opportunity for them to be presented with attacks, strengthening the technology around the user to ensure that users cannot initiate losses, and then proactively anticipating the losses that users can initiate and putting technologies in place to mitigate the resulting losses.

Look for both the bad and the good

The reason for ransomware and other malware so easily being able to inflict damage is our continued reliance on security tools that chase badness (rather than ensuring good). It is impossible to detect all badness with a high degree of confidence by relying on the enumeration of badness approach.

Organisations should complement their existing security layers with an approach that does the exact opposite – ensuring what’s good. The emphasis is on the word “complement.” Do not rip out your existing solutions. When you combine your existing tools focusing on the bad with ones that track the good, by applying a whitelisting-like approach, you create the most effective defense in depth posture.

Rene Kolga, CISSP, heads Product Management and Business Development for North America, Nyotron

Source link

The post #comptia | #ransomware | What’s in store for cybersecurity as we head into the ’20s appeared first on National Cyber Security.

View full post on National Cyber Security