firm

now browsing by tag

 
 

US #cybersecurity firm #McAfee eyes #digital #wallets as users #pile in for #e-payments

US cybersecurity software-maker McAfee is now turning its attention to digital wallets as a new revenue stream, against the backdrop of more and more people signing up for these services, The Economic Times reported.

According to the report, McAfee, which has over 25% of its global workforce based in its Bengaluru office, is targeting the space as the number of digital wallet users spiked after the government’s demonetisation initiative.

“India has a large number of digital wallets compared to other countries. While these wallets are expanding to the nether regions of the country, the number of scams is also increasing by the day,” Anand Ramamoorthy, managing director, South Asia, McAfee, was quoted as saying.

“The scale is quite large and so building security features becomes difficult,” he said. “There are various issues a user faces starting from fake apps, fake transactions and a lot more, which are unique cases in India. Looking at all these cases, we are trying to build security that solves it all levels,” he added.

The Economic Times had earlier reported that several scammers were committing fraud by sending false payment confirmation messages to merchants.

Explaining digital wallet security, Ramamoorthy said that the company first tracks how apps are reading into personal data of users on the phone such as address book and photos and then secures that data. He said that in order to add another layer of security, McAfee tries to find the device on a map faster than usual and then backs up the data, locks the device and wipes out the data from the device.

The company is already working with mobile wallet companies but is now sharpening focus to secure the back-end as well as the front-end for consumers.

In another strategic move in March, the company had said that it was extending its cloud security platform to protect Microsoft’s Azure platform that provides cloud services.

Interestingly, this was McAfee’s first joint solution following its acquisition of Skyhigh Networks, a specialist in the cloud security, in November 2017. According to McAfee’s 2017 cloud adoption and security report, nearly 93% of organisations use some form of cloud services.

advertisement:

The post US #cybersecurity firm #McAfee eyes #digital #wallets as users #pile in for #e-payments appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Local #cyber-security #firm warns #voters of #clickbait links ahead of #GE14

A local cyber-security firm have warned voters to be prepared for a rise in clickbait phishing links that could potentially be a cybersecurity threat in the upcoming 14th General Election (GE14).

Quann Malaysia general manager, Ivan Wen, said in a statement that the internet could see a rise in clickbait phishing sites or emails with attachments and sensational titles that trick users to click links for “Exclusive” or “Shocking” stories.

“When a news sounds too good to be true, it is likely fake news,” he said.

Phishing sites are used to trick victims into giving their personal data such as email addresses, identity card numbers, and even credit card information.

These phishing emails can also launch ransomware attacks that encrypt important information on the device.

In a worst-case scenario, this can become a national threat, the firm said.

“Besides that, these phishing links could automatically be shared with your contacts once they have access to your device,” Wen said.

According to a report by Dynamic Business Technologies, 48 per cent of IT providers reported that phishing emails were behind ransomware attacks.

Quann cites two country elections where clickbait links resulted in cyber security threats.

In the 2016 US Elections, a phishing campaign by Russian Intelligence Agency was allegedly launched against a US company involved in developing election systems. Fake Google alert emails were sent to employees which when clicked took them to a legitimate looking Google site where hackers were able to steal their data.

Using information obtained in the attack, the hackers sent 122 phishing emails containing Microsoft Word document attachments to local government agencies offering ‘election related products and services’.

These documents had been ‘trojanised’ with a Visual Basic script that once connected to the internet, downloaded an unknown payload to the device, to steal and access the victim’s information, the company said.

Wen said in UK last year, several parliament MPs were targeted in a phishing campaign. While the report said parliament sites and addresses were not compromised, several individual’s personal emails were being compromised with key information leaks.

To prevent being infected by malware via clickbait links, the company advised users to take the following precautions:

• Key in the address of a legitimate news site instead of directly clicking links sent to you

• Before clicking, hover your mouse pointer over the link to view the link address. Do not click website links that are unfamiliar, even if they came from someone you know. Their accounts could have been compromised.

• Install an Anti-Phishing Toolbar and Antivirus that run quick checks on sites you visit to ensure they are safe to visit.

• Only access secure sites that begin with “https” with a closed lock icon near the address bar.

• Regularly monitor your online accounts to ensure they have not been hacked. Use strong passwords and regularly change them.

• Regularly update your browsers with the necessary security patches.

• Beware of pop-up windows masquadering as legitimate extensions of a website as they are often used to target users visiting a website that has been compromised.

advertisement:

The post Local #cyber-security #firm warns #voters of #clickbait links ahead of #GE14 appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Accounting #firm introduces #cybersecurity #practice for #mortgage #lenders

Accounting and advisory firm Richey May has introduced a cybersecurity services practice aimed at mortgage lenders and services.

The firm said it launched Richey May Technology Solutions to address the increasing risk of online fraud and data attacks in the financial services and real estate industries.

Through the practice, Richey May offers IT infrastructure and controls assessment, recommendations, and implementation assistance. Additionally, lenders and servicers that do not have information security professionals on staff can hire Richey May to act as a chief information security officer on a contract basis.

The firm has appointed John-Thomas Gaietto as executive director of the practice. He joined the firm last fall, bringing more than 18 years of experience providing enterprise information security and risk-management services.

“No industry works with as much sensitive consumer data than the mortgage industry,” Gaietto said. “They have everything about a borrower’s finances, from paystubs to tax returns to the Social Security numbers of their children. They’re also required to retain this data for years, which compounds the challenges of storing it securely and keeping it out of the hands of cyber criminals.

“Since a growing number of lenders now use loan origination systems and other software over the Internet, and are migrating IT infrastructure to the cloud, they are often unaware of how their borrowers’ data is being protected, let alone where the data is physically located,” he added.

Read More….

advertisement:

The post Accounting #firm introduces #cybersecurity #practice for #mortgage #lenders appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Private #Equity Giants Buy #Cybersecurity #Firm for $400 #Million

Source: National Cyber Security News

The trend of private equity firms snapping up cybersecurity businesses continues.

BlackRock and Pamplona Capital Management have jointly acquired PhishMe, a cybersecurity company based in Leesburg, Va., in a deal that valued the firm at $400 million.

Pamplona has purchased a two-thirds stake in the business, while BlackRock has bought the remainder, a person familiar with the terms of the deal told Fortune.

In addition to the change in ownership, PhishMe on Monday rebranded itself as “Cofense.” The new name derives from a combination of “collaborative” (or “collective”) and “defense.”

Rohyt Belani, CEO and cofounder of the company now called Cofense, said the executive team decided to sell the business to allow “early investors to cash out, and for employees and common stock holders to partake in the spoils.” The company was last privately valued at roughly $200 million after its most recent fundraising round in July 2016, according to Pitchbook, a database that tracks venture capital deals.

The cybersecurity industry benefited from a flurry of VC activity as big data breaches made headlines over the past few years. A recent pullback in funding, however, has left a glut of companies struggling to find new means of financing.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Cyber security #firm warns of #rising #QR code #scams

Source: National Cyber Security – Produced By Gregory Evans

A leading regional cyber security services provider, Quann Malaysia (formerly known as e-Cop Malaysia), has warned of scammers starting to use fake ‘quick response’ (QR) codes to steal data and money from users.

Quann Malaysia, in a statement, said the black-and-white squares were often seen on websites, restaurants, advertisements, rental bikes and retail outlets — to enable users to quickly scan to unlock, or retrieve information related to a business.

Read More….

The post Cyber security #firm warns of #rising #QR code #scams appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #steal $64 #million from #cryptocurrency firm #NiceHash

A Slovenian cryptocurrency mining marketplace, NiceHash, said it lost about $64 million worth of bitcoin in a hack of its payment system, the latest incident to highlight risks that uneven oversight and security pose to booming digital currencies.

NiceHash matches people looking to sell processing time on computers in exchange for bitcoin.

There have been at least three dozen heists on exchanges that buy and sell digital currencies since 2011, including one that led to the 2014 collapse of Mt. Gox, once the world’s largest bitcoin market.

More than 980,000 bitcoins have been stolen from exchanges, which would be worth more than $15 billion at current exchange rates. Few have been recovered, leaving some investors without any compensation.

The hacks have not kept demand for digital currencies from soaring. Bitcoin’s value has climbed more than 15-fold so far this year, closing at a record $16,000 on the Luxembourg-based Bitstamp exchange on Thursday, ahead of this weekend’s launch of bitcoin futures by CBOE.

Security experts said they expect the cyber-crime spree to pick up as the rising valuations attract interest from cyber criminals looking for victims that lack experience defending against hacks.

“These exchanges are not in my opinion secure,” said Gartner security analyst Avivah Litan. “You don’t know what their security is like behind the scenes.”

NiceHash executive Andrej P. Škraba told Reuters that his firm was the victim of “a highly professional” heist that yielded about 4,700 bitcoin, worth around $64 million.

Sophisticated criminal groups are increasingly targeting the cryptocurrency industry, focusing on exchanges and other types of firms in the sector, said Noam Jolles, a senior intelligence specialist with Israeli cyber-security company Diskin Advanced Technologies.

“The most sophisticated groups are going into this area,” she said.

NiceHash, which advised users to change online passwords after it halted operations on Wednesday, has provided few other details about the attack on its payment system.

“We ask for patience and understanding while we investigate the causes and find the appropriate solutions for the future of the service,” it said on its website.

It was unclear whether customers faced any losses from the hack.

Slovenian police said they were looking into the hack, but declined to elaborate.

View full post on National Cyber Security Ventures

Iranian #Hackers Have Set Up a #News Outlet to #Court Possible #Targets, #Security Firm Says

Iranian #Hackers Have Set Up a #News Outlet to #Court Possible #Targets, #Security Firm SaysAn Iranian cyber espionage group known as Charming Kitten is believed to be behind a campaign targeting academic researchers, human rights activists, media outlets and political advisors focusing on Iran, according to a report published earlier this week by Israel-based threat intelligence company ClearSky Cyber Security. The group has also set up a news outlet […] View full post on AmIHackerProof.com | Can You Be Hacked?

Equifax Announces Cybersecurity Firm Has Concluded Forensic Investigation Of Cybersecurity Incident

Source: National Cyber Security – Produced By Gregory Evans

Equifax Inc. (NYSE: EFX) announced today that the cybersecurity firm Mandiant has completed the forensic portion of its investigation of the cybersecurity incident disclosed on September 7 to finalize the consumers potentially impacted. “I was advised Sunday that the analysis of the number of consumers potentially impacted by the cybersecurity…

The post Equifax Announces Cybersecurity Firm Has Concluded Forensic Investigation Of Cybersecurity Incident appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity firm Symantec says hackers infiltrated power grid controls in America and abroad

Source: National Cyber Security – Produced By Gregory Evans

Attempts by hackers to break into the energy sector in the US and abroad have made headlines in recent months. According to a report by the cybersecurity firm Symantec, hackers have now successfully infiltrated power grid controls in the US and Turkey, and gained access to systems “that could provide…

The post Cybersecurity firm Symantec says hackers infiltrated power grid controls in America and abroad appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Mayweather vs McGregor fight: 239 illegal streams detected, says cybersecurity firm

Source: National Cyber Security – Produced By Gregory Evans

The much-hyped megafight between Floyd Mayweather and Irishman Conor McGregor may be over, but it has sparked a fierce battle outside the ring over piracy. According to data collected by cybersecurity firm Irdeto, a total of 239 illegal streams were found to have redistributed the boxing match this past weekend,…

The post Mayweather vs McGregor fight: 239 illegal streams detected, says cybersecurity firm appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures