just

now browsing by tag

 
 

Cybersecurity should be a #strategic issue, not just an #IT #investment

Source: National Cyber Security – Produced By Gregory Evans

Part of the problem in managing cybersecurity challenges revolves around the fact that security isn’t seen as a critical business problem by senior executives and board members alike.

The recent 2017 global survey on the changing attitudes towards cybersecurity in business by Fortinet reveals that cybersecurity does not rank amongst the high focus areas for board members of organisations.

Surveying over 1,800 IT decision makers, Fortinet found that almost half of respondents believe that security is still not a top priority discussion for the board. At the same time, they also strongly contend that cybersecurity should become a top management priority, with 77% of respondents indicating that the board needs to put IT security under greater scrutiny, says Paul Williams, Country Manager for Southern Africa at Fortinet.

“One would assume there would have been a substantial uptick in interest by boards as a result of some of the most recent security attacks—and the dire implications they had on the targeted businesses,” says Williams. “However, even though boards do react when security attacks occur, their actions are generally reactive rather than prescriptive. Specifically, boards appear more involved in post-breach management than prevention.”

For example, the survey reveals that 77% of boards demand to know what happened after a security event occurs, and 67% review or increase security budgets. Security leaders obviously still have much work to do in up-levelling security to the board level.

Williams says findings from the survey corroborates the statement that no organisation is immune from the threat of breaches, ransomware attacks, or operational disruptions. Companies of all sizes and shapes as well as all industry segments are targets as 85% of respondents indicated that they suffered a security breach in the past two years, with almost half reporting a malware or ransomware attack.

There are a number of factors driving boards, executives, and IT decision makers to make cybersecurity a top priority in 2018.

According to Williams the more significant ones are:

Security Breaches and Global Attacks. The vast majority of organisations have experienced some type of security breach or attack in the past two years. 49% of survey respondents said their organisations increased their focus on security following a global attack such as WannaCry. Increased publicity and attention, along with implications on brand reputation and business operations makes these board-level issues rather than IT operational undertakings.

Attack Surface. The adoption of the cloud, emergence of IoT, and growth in big data expands both the circumference of the attack surface as well as its complexity. 74% of survey respondents indicate cloud security is a growing priority for their organisations. Half say their organisations plan cloud security investments over the next 12 months. IoT is just as big a factor when it comes to the ever-expanding attack surface. The number of connected IoT devices is predicted to balloon to more than 8.4 billion by yearend according to Gartner. Of these, 3.1 billion belong to businesses. As many IoT devices are difficult to protect, experts concurrently predict that more than 25% of all security attacks will target IoT devices by 2020.

Regulatory Compliance. New government and industry regulations are also increasing the importance of security. 34% of respondents indicated that these regulations heighten the awareness of security at the board level. Passage of the General Data Protection Regulation in the EU, which goes into effect in 2018, is one such example.

“These trends are forcing cybersecurity to be seen as a strategic issue, within an organisation’s broader risk management strategy, rather than a simple IT investment. To succeed in their digital transformation efforts, IT security leaders must rethink their cybersecurity approach with a view to extending visibility across the attack surface, shortening the window between time to detection and mitigation, delivering robust performance, and automating security intelligence and management.”

The post Cybersecurity should be a #strategic issue, not just an #IT #investment appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Hackers #Attack Global #Banks with Just Found ‘Silence’ #Banking #Trojan

Source: National Cyber Security – Produced By Gregory Evans

One fresh banker Trojan has been detected and found employing techniques resembling ones that the Carbanak employed. The Trojan has been targeting financial institutions mostly in Russia.

According to security researchers from Kaspersky Lab, the new Trojan called “Silence” is used for acquiring continuous access of certain online banking network even as it makes video recordings of computer operations by bank employees, identifies the software they use and the operational activities of the bank. Once equipped with all this knowledge, the attackers controlling the malware apply that knowledge for grabbing cash out of the banks’ customer accounts. Scmagazine.com posted this, November 1, 2017.

By monitoring victims’ activities in the bank, the attackers get all the necessary details from them for sniffing the bank’s networks while escape unnoticed with stolen money. The victims get an e-mail containing one malicious attachment masquerading as ‘Windows help.’ The attachment contains a CHM file with a JavaScript embedded that by default downloads one Visual Basic programmed script and runs it that thereafter pulls down the Trojan installer via its command-and-control (C&C) server.

The researchers state that the controllers of ‘Silence’ possibly are a Russian-speaking group that has targeted no less than ten financial institutions with some inside Malaysia and Armenia although the majority is inside Russia. This is unlike Russian cyber-criminals who usually spare attacking domestic targets.

Like Carbanak, first victims of Silence are duped with spoofed electronic mails that enable the hackers to gain entry inside the network. The hackers then hang around for as long as it needs them to get all the information for striking attack and stealing huge amounts of funds.

The spoofed e-mails are highly personalized to craft them as spear-phishing e-mails. Kaspersky researchers point out that the hackers had previously attacked to infect banking infrastructure so they could dispatch the malicious messages via the ids belonging to genuine bank employees thus making the e-mails appear inconspicuous while trapping the victims.

The Carbanak gang too was the discovery of Kaspersky Lab back during 2015. According to a particular report then, the infamous hackers managed filching a maximum of $1 billion from over a hundred banks globally.

The post Hackers #Attack Global #Banks with Just Found ‘Silence’ #Banking #Trojan appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Ethereum #heist: New #phishing scam sees #hackers rake in over $15,000 in just two hours

Source: National Cyber Security – Produced By Gregory Evans

Ethereum #heist: New #phishing scam sees #hackers rake in over $15,000 in just two hours

A new Ethereum phishing campaign, targeting users of the online Ethereum wallet website Myethereumwallet.com, has been uncovered. The scam saw hackers make away with over $15,000 (£11,308) in just two hours.

According to security researcher Wesley Neelen, who identified the campaign when he received a phishing email from the cybercriminals, the scam involved hackers sending out phishing emails purporting to be from the Myetherwallet.com website. The email was designed to trick victims into clicking on malicious links that would redirect them to a fake version of the website. The victims would then be prompted into divulging their account passwords, which the hackers would later use to transfer out all the coins in the victims’ wallet.

Although the fake Myetherwallet.com site was designed to look similar to the legitimate site, keen observers would likely notice that the fake site contained a small comma beneath the “t” in the site’s address. According to Neelen, the cybercriminals used a Unicode trick that allowed them to register domains that looked like Latin characters. This ploy in turn, allowed the hackers to create fake sites that can convincingly look like legitimate sites to unsuspecting users.

According to Neelen, some people have unfortunately already fallen victim to the scam. Neelen and his colleague Rik van Duijn, discovered a log file that contained a list of all the wallets stolen by the hackers. The security experts determined that the cybercriminals had stolen a total of $15,875.65 in Ethereum and had then proceeded to transfer the stolen coins to three different wallets operated by the hackers.

Ethereum’s growing popularity has made it an attractive target for cybercriminals. So far, there have been around four incidents involving hackers stealing millions of dollars worth of ether from various wallets. Oddly, in one such Ethereum heist, a hacker who stole nearly $7m of Ethereum from CoinDash later returned around $3m in stolen funds, sparking further mystery about the heist.

The post Ethereum #heist: New #phishing scam sees #hackers rake in over $15,000 in just two hours appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Cybersecurity Needs to be Seen as a Strategic Issue, Not Just an IT Investment

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans As organizations embark on their digital transformation journeys, they are seeking to tap new business opportunities, improve operational efficiencies, and deliver better services to customers. Digital transformation is driving businesses to embrace the cloud, the Internet of Things (IoT), big data, and other digital initiatives in […] View full post on AmIHackerProof.com | Can You Be Hacked?

Just because you want to be glamorous…..

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ Just because you want to be glamorous, don’t be a sheep about your eye makeup. Loretta Young The post Just because you want to be glamorous….. appeared first on Dating Scams 101. View full post on…

The post Just because you want to be glamorous….. appeared first on Become007.com.

View full post on Become007.com

Parents just don’t understand: Why kids love LaVar Ball

To Purchase This Product/Services, Go To The Store Link Above Or Go To http://www.become007.com/store/ LAS VEGAS — After Big Baller Brand’s 111-102 win over Play Hard Play Smart on Thursday afternoon at the Adidas Uprising Summer Championships ended, a brood of teens and tykes flooded a back hallway and waited…

The post Parents just don’t understand: Why kids love LaVar Ball appeared first on Become007.com.

View full post on Become007.com

Hackers have made just 3.7 bitcoin – or less than $10,000 – with the latest cyberattack

Source: National Cyber Security – Produced By Gregory Evans

Those behind the recent cyberattack affecting businesses around Europe have successful received a total of nearly 4 bitcoins, worth around $9621 at today’s price. On Tuesday, reports emerged of a ransomware virus affecting businesses and governments throughout Eastern Europe. Ukraine and Russia have been particularly affected. The malware, which has…

The post Hackers have made just 3.7 bitcoin – or less than $10,000 – with the latest cyberattack appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Christie just signed executive order to beef up N.J. cybersecurity. Here’s what it does.

Source: National Cyber Security – Produced By Gregory Evans

Christie just signed executive order to beef up N.J. cybersecurity. Here’s what it does.

TRENTON — Gov. Chris Christie appeared at the state’s information technology offices on Thursday to sign an executive order that takes authority over information technology away from bureaucrats and confers them on his handpicked tech guru. “I am tired of having each department have their own I.T. center,” said the…

The post Christie just signed executive order to beef up N.J. cybersecurity. Here’s what it does. appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Personal home computers, laptops are just as prone to get hacked by ransomware

Source: National Cyber Security – Produced By Gregory Evans

Personal home computers, laptops are just as prone to get hacked by ransomware

Just because the recent cyber attack is focusing on big corporations, tech companies say your home computer is just as prone to these attacks. “Without calling dooms day, this is the one that’s does make a large-scale impact,” Timothy Harris with Modern Technology in Cape Girardeau, Missouri said. Harris is talking about WannaCry Ransomware. It is the most recent hacking-attack …

The post Personal home computers, laptops are just as prone to get hacked by ransomware appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Trump Just Bullied A Child At The White House Easter Egg Roll

President Trump’s narcissistic self-absorption and shocking refusal to show even the smallest courtesy or compassion for others was on full display this morning at the annual White House Easter Egg Roll.

Meant to be a day for children to meet the leader of their nation and to have some fun, Trump inevitably made it about himself. When one child asked him to sign his hat, Trump happily did so… before flinging the hat far into the crowd, prompting a cry of rage from the disappointed child who just learned that hard way what kind of a man Donald Trump really is.

Read More

The post Trump Just Bullied A Child At The White House Easter Egg Roll appeared first on Parent Security Online.

View full post on Parent Security Online