now browsing by tag


Bucks County COVID-19 Recovery Fund Awards Grants To Help Navigate Remote Learning | #covid19 | #kids | #childern | #parenting | #parenting | #kids

A student partaking in remote learning in spring. File photo. The Bucks County COVID-19 Recovery Fund has distributed funds to assist school-aged kids experiencing homelessness navigate remote learning. The United […] View full post on National Cyber Security

Konica Minolta’s IT Services Division Supporting Customers with End-to-end Remote Workforce Offering | #corporatesecurity | #businesssecurity | #

All Covered Home Assurance Ecosystem Ramsey, NJ, July 21, 2020 (GLOBE NEWSWIRE) — Konica Minolta Business Solutions U.S.A., Inc. (Konica Minolta), together with its IT Services division, All Covered, today […] View full post on National Cyber Security

#cybersecurity | #hackerspace | K-12 Remote Learning Checklist: Securing Data in a Remote Learning Environment

Source: National Cyber Security – Produced By Gregory Evans

12-Step Remote Learning Checklist to Help District IT Protect Student and Staff Data

K-12 school districts across the country are shutting down to increase “social distancing” and help slow down the outbreak of COVID-19—the disease caused by exposure to the new coronavirus. Many are either considering or preparing for a shift to remote learning for the remainder of the year.

Technologies focused on learning management, online teaching, collaboration, and video conferencing will help districts provide students and staff with the tools needed to move forward with remote learning. This shift requires a lot of time and effort for district IT teams to vet, implement, and support in the coming weeks.

But K-12 IT teams must also plan for the adjustments in cyber safety and security this shift will require.

Students and staff will be accessing their Google and/or Microsoft accounts from locations outside of the school’s networks. They will also be using new, often OAuth-enabled, EdTech SaaS for a variety of learning and student management purposes. Both of these trends expose district information systems to data security and student data privacy risks.

G Suite & Office 365 Data Security & Student Safety Remote Learning Checklist

What is G Suite and Office 365 security and student safety? It is the district’s ability to have visibility and control into the activity taking place in collaborative cloud software as a service (SaaS) applications—such as Google G Suite and Microsoft Office 365—commonly used by districts today.

If or when your district moves to remote learning, traditional perimeter security safeguards, such as firewalls and content filters, become less effective. This is especially true if your district doesn’t have 1:1 device capabilities. Students will be accessing their school account from an unmanaged device without all the security measures a district device would have.



To help K-12 IT teams securely transition to remote learning and working, we’ve developed this 12-step remote learning checklist focused specifically on cybersecurity and safety protections.

1. Document remote work security policies

Your district’s staff and students are likely not used to working in a remote environment, and may not realize that security tools like firewalls and web content filters are less effective outside your district’s network. If your district hasn’t done so already, now is the time to create and document remote work security policies.

Start by developing a document outlining a list of approved cloud applications to be used for remote learning purposes. If your district doesn’t have a learning management system (LMS) or other remote learning tools already available, consider looking into tools such as BrainPop, Discovery Education, Agilix, Edmentum, and more. Other cloud applications your district’s IT team may want include Zoom, Google Hangouts, Cisco’s Webex, or another popular video conferencing tool that your district is comfortable with using.

Once your team has decided which cloud apps are approved, make sure to include the list in your district’s remote work security policy document. You may also consider including a list of apps that shouldn’t be downloaded and installed.

If your district isn’t 1:1, this will be tougher to enforce due to the fact that students will be accessing their school accounts from an unmanaged device. However, having a guide in place will prove useful in helping students and staff protect their devices, and sensitive data, when logging in to use these apps from home.

2. Create employee cybersecurity training & testing

Simple human error is the number one reason cybersecurity incidents happen in any organization. Educate your district’s staff, students, and parents on common cybersecurity best practices and what to look for in terms of possible red flags.

Create guidelines that encourage students, staff, and parents to look at who emails are coming from. Does the email domain match your district? If there are any links within an email, does the redirect URL match the destination the email claims?

Same goes for file attachments. Are they coming from a trusted source and do the documents pertain to any lessons or assignments students and staff are working with?

You may also want to consider testing your users’ ability to recognize a suspicious email.

One common tool to send out phishing email tests to see how prepared and educated your district stakeholders are regarding cybersecurity is KnowBe4. With this tool, your IT team can conduct phishing tests, password strength tests, email exposure and domain tests, and more. This way, your team has a better picture of where your weaknesses lie and what you need to educate further on during this hectic time.

3. Monitor student and staff account logins

Students and staff will be logging into their school accounts from outside of your district’s security perimeter—and from an unmanaged device if your district isn’t 1:1.

Your IT team must monitor account logins and look for anomalous behavior that may indicate an account takeover attack. Anomalous behavior might include multiple unsuccessful logins, failed multi-factor authentication checks, and successful logins from an unapproved location such as another country.




4. Check for unsanctioned 3rd party SaaS apps

Now that students will be using their school device—or a personal device—outside of school, monitoring for risky 3rd party apps is especially important. This is because malicious apps and apps with insufficient infrastructure security pose far-reaching risks to your district’s information systems.

Additionally, the flood of “free” teaching and learning apps on the market creates openings for serious OAuth security risks. Teachers and students alike may take advantage of these tools with the best intentions, but EdTech that hasn’t been properly vetted can lead to a variety of cybersecurity risks.

Your IT team should monitor which apps are granted OAuth access to district Google and/or Microsoft accounts, check what permissions are granted, and be able to remove the apps that don’t meet your infrastructure security, data security, and/or student data privacy policies.

5. Monitor for improper file sharing and access

Student data privacy laws still apply when your district transitions to remote learning, and keeping track of data becomes more difficult when students and staff access everything remotely.

To help prevent any financial, staff, and/or student data from leaving your district’s G Suite or Office 365 environment, look for drives, folders and files that have given external accounts access to view and/or edit. If any external shares are found, make sure to break them and set up policies to automatically remediate when a future external share is granted.

6. Secure personally identifiable information (PII) and create data loss prevention policies

Data loss prevention is a strategy to ensure the sensitive information of students and staff are protected and don’t inadvertently leave the network. Have your IT team start by checking email and files for PII, such as social security numbers, W2s, and bank account information. Then, delete, quarantine, or revoke access to any information that is being improperly shared.

Once complete, set up automatic policies to remediate all PII that leaves your district’s network to ensure FERPA requirements are met.

7. Create student safety monitoring & policies

Just because your district’s students are distanced from one another as a result of school closures and self-isolation, doesn’t mean that they aren’t communicating via their school Google or Microsoft accounts.

Students may be using their school accounts to send emails or use Google Docs as a chat board. It’s important for your IT team to continue monitoring for signals of cyberbullying, self-harm, inappropriate content, abuse, and other forms of student safety threats. Unfortunately, it may be easier for these issues to go undetected during this time.

8. Enable anti-phishing and anti-malware protection

With dispersed students and staff, cybersecurity risks in your district are going to increase. Your IT team will need to ensure they have anti-phishing and anti-malware protection enabled.

Students and staff will be logging in from their home networks and maybe from a personal device, which means school firewalls, web content filters and endpoint security may not be effective for the time being.

The best option for your team at the moment is to start with configuring your district’s G Suite and Office 365 anti-phishing and anti-malware capabilities, and layer additional safeguards to ensure district cloud applications are protected—regardless of the device or the location.

9. Monitor for lateral phishing activity

In the event a student or staff member at your district does fall victim to a phishing scheme, it’s important for your IT team to be monitoring the activity that is taking place within district cloud apps.

This means not only monitoring the email traffic coming from external sources, but also monitoring and analyzing emails sent from internal accounts to others. Doing so is critical to reveal signs of an account takeover and lateral phishing attack.



Are you getting phishing email alerts from an internal email address? Is a student or staff member sending an unusual number of emails to other school accounts that they don’t usually interact with? Is an account suddenly sharing and/or downloading more files than usual? These are a couple of examples of trends your team will need to look for more often in a remote learning environment.

10. Make multi-factor authentication mandatory

Multi-factor authentication requires your district’s students and staff to take a second step, after entering the correct password, to prove they have authorized access. Students and staff will be logging in from unrecognized devices, which makes this security tool a critical one for your district to have enabled during this time.

It’s also incredibly quick and easy to set up through your Google and/or Microsoft admin portal.

Multi-factor authentication typically includes entering a code that is sent to their phone via SMS. It can also include phone calls, answering security questions, mobile app prompts, and more.

11. Reset passwords across all accounts and set a password strength policy

Set policies and standards for your district’s cloud app passwords now that students and staff are accessing remotely.

At a minimum, enable your system’s “require a strong password” feature. You can also set minimum and maximum password lengths, password expiration, and more.

If your district already has policies in place, now is a good time to check current passwords to see if there are any passwords that are out of compliance and force password changes through your admin console.

12. Run a G Suite & Office 365 data security & student safety audit

With this checklist, now is an opportune time to run a cloud security audit of your district’s G Suite and/or Office 365 environment. An audit will check for any configuration errors, sharing risks, files containing sensitive information, risky 3rd party SaaS apps, and more.

It’s also important to run an audit on a periodic basis more frequently now that districts are closing or moving to remote learning. Weekly reports can be automated and provide you with detailed information into the security health of your cloud applications, and the activity taking place between students, staff, and external environments.

If your district uses SaaS applications such as G Suite and Office 365, protecting the data and accounts in these apps is a critical layer in your cybersecurity infrastructure.

Without it, monitoring and controlling behavior happening on the inside is impossible. This blind spot creates critical vulnerabilities in your district stakeholders’ sensitive information and is now a much bigger blind spot given the current circumstances.

The post K-12 Remote Learning Checklist: Securing Data in a Remote Learning Environment appeared first on ManagedMethods.

*** This is a Security Bloggers Network syndicated blog from ManagedMethods authored by Jake Kasowski. Read the original post at:

Source link

The post #cybersecurity | #hackerspace |<p> K-12 Remote Learning Checklist: Securing Data in a Remote Learning Environment <p> appeared first on National Cyber Security.

View full post on National Cyber Security

High-Stakes Security Setups Are Making Remote Work Impossible

Source: National Cyber Security – Produced By Gregory Evans

It’s a rule of thumb in cybersecurity that the more sensitive your system, the less you want it to touch the internet. But as the US hunkers down to limit the spread of Covid-19, cybersecurity measures presents a difficult technical challenge to working remotely for employees at critical infrastructure, intelligence agencies, and anywhere else with high-security networks. In some cases, working from home isn’t an option at all.

Companies with especially sensitive data or operations often limit remote connections, segment networks to limit a hacker’s access if they do get in, and sometimes even disconnect their most important machines from the internet altogether. Late last week, the US government’s Cybersecurity and Infrastructure Security Agency issued an advisory to critical infrastructure companies to prepare for remote work scenarios as Covid-19 spreads. That means checking that their virtual private networks are patched, implementing multi-factor authentication, and testing out remote access scenarios.

But cybersecurity consultants who actually work with those high-stakes clients—including electric utilities, oil and gas firms, and manufacturing companies—say that it’s not always so simple. For many of their most critical customers, and even more so for intelligence agencies, remote work and security don’t mix.

“Organizations are realizing that work-from-home would be very difficult to execute,” says Joe Slowik, who previously led the computer emergency response team at the Department of Energy before joining the critical-infrastructure-focused security firm Dragos. “This should be a fairly good wake-up call. You need to figure out a way that if individuals cannot physically access the control system environment for a service that cannot stop, like electricity, water, and wastewater or similar services, you ensure continuous operation—even in the face of an environment where you might be risking your employees’ lives if they continue to commute into the office.”

For many industrial networks, the highest standard of security is an “air gap,” a physical disconnect between the inner sanctum of software connected to physical equipment and the less sensitive, internet-connected IT systems. But very few private-sector firms, with the exception of highly regulated nuclear power utilities, have implemented actual air gaps. Many companies have instead attempted to restrict the connections between their IT networks and their so-called OT or operational technology networks—the industrial control systems where the compromise of digital computers could have dangerous effects, such as giving hackers access to an electric utility’s circuit breakers or a manufacturing floor’s robots.

Those restricted connections create chokepoints for hackers, but also for remote workers. Rendition InfoSec founder and security consultant Jake Williams describes one manufacturing client that carefully separated its IT and OT systems. Only “jump boxes,” servers that bridge the divide between sensitive manufacturing control systems and non-sensitive IT systems, connected them. Those jump boxes run very limited software to prevent them from serving as in-roads for hackers. But they also only support one connection at a time, which means the company’s IT administrators have found themselves vying for access.

“Administrators are bumping each other off as they try to work and log in,” says Williams. “These jump boxes that were built to facilitate secure remote access in emergency situations weren’t built to support this situation where everyone is performing routine maintenance and operations remotely.”

For the most critical of critical infrastructure, however, like power plants and oil refineries, remote work isn’t just leading to technical snafus. It’s often impossible for many staffers, says Chris Sistrunk, a security consultant for FireEye who formerly worked as an electrical engineer for power utility Entergy. “There’s no way to fully remotely run some of those plants,” Sistrunk says. “You don’t work from home. Essential engineers and operators will always be there 24/7.”

In those scenarios, Dragos’ Slowik says, companies have to instead try to limit the biological exposure of their most critical operations teams to prevent them from being quarantined—which is often easier said than done, given that they’re free to mingle with potentially infected people during their off-hours. “It’s a real touchy subject,” says Slowik. “You need them available at the office, and you can only restrict them to a certain extent—because we’re not China–so how does that balance out?”

The Original Source For This Story: Source link

The post High-Stakes Security Setups Are Making Remote Work Impossible appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Rethinking Endpoint and Mobile Security for Remote Workers

Source: National Cyber Security – Produced By Gregory Evans

With growing enterprise mobility requirements plus higher
numbers of remote workers, properly securing mobile and remote users is causing
IT security teams to rethink their endpoint security strategies.

VPN tunneling enables remote users to benefit from most
perimeter protections. However, full-time VPN enforcement can be difficult.
Users may not always follow VPN usage guidelines. And in mobile BYOD
environments, it can be even more challenging. Personal devices may not even be
set-up for VPN access, users may use unsecured WiFi networks, and they typically
use mobile devices for both corporate and personal purposes.

Special “secure” web proxies are another option for
protecting remote workers. But most organizations find deployment and
enforcement challenging for similar reasons as for VPN tunneling, especially on
BYOD mobile devices. Web proxies also bring their own set of security, user
privacy, and latency concerns.

The most commonly deployed security option for remote
workers has traditionally been endpoint anti-virus or NextGen AV (NGAV)
solutions. But endpoint security for laptops is focused on malware protection
and offers little in the form of anti-phishing protection; that is, protection
from file-less social engineering attacks designed to exploit users rather than
the devices themselves. For the latter, most organizations use a variety of
email security solutions. These certainly help reduce the number of phishing
emails remote users see in their inboxes, but they do nothing to protect users
from targeted phishing attacks in personal email, social media, ads, rogue
browser extensions, messaging platforms, and more.

For users on mobile iOS and Android devices, the
situation is worse. The vast majority of mobile devices have no special
security protection other than the protections natively built into iOS and Android,
along with their respective app store vetting processes. Safe browsing
protections on mobile are also just a fraction of those on desktop browsers.
Fortunately, truly malicious mobile malware is still quite rare. Unfortunately,
mobile phishing is rampant. According to at least one mobile threat defense
vendor, mobile users are 18x more likely to encounter a phishing threat than
malware. There are also additional phishing attack vectors such as SMiShing
which are largely unprotected. And with smaller screens and information
layouts, important clues such as full URLs are typically hidden, making it
easier to phish mobile users.

Protecting Remote Users from Phishing

So, if traditional endpoint and email security solutions,
network access, and built-in safe browsing protections aren’t enough to protect
remote workers, what now? Time to get purpose-built, remote user
phishing protection onto mobile and remote workers’ machines.

Recently, we introduced new solutions to address these
key security issues. Our Mobile Phishing
Protection solution comes if the form of lightweight, cloud-powered
apps that protect iOS and Android users. And for Windows, MacOS, Chrome OS, and
Linux users, we offer Browser Phishing
Protection for Chrome, FireFox, Safari, and Edge browsers. These lightweight,
cloud-powered browser extensions augment endpoint security solutions to provide
multi-vector, multi-payload phishing protection. These endpoint and mobile
security products are easily deployed and managed with leading Unified Endpoint
Management (UEM) solutions or with SlashNext’s own Endpoint Management System.

To find out how you can protect your remote workforce
from the growing number of sophisticated phishing and social engineering threats,
contact us and request a demo

*** This is a Security Bloggers Network syndicated blog from SlashNext authored by Lisa O’Reilly. Read the original post at:

Source link

The post #cybersecurity | #hackerspace |<p> Rethinking Endpoint and Mobile Security for Remote Workers <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Security First: The Double-Edged Sword of Remote Collaboration

Source: National Cyber Security – Produced By Gregory Evans

For the better part of the past decade, online tech support scams have been on the rise as hackers find new ways to trick consumers into providing remote access to their computers in order to steal information. This tried-and-true phishing scam today relies on sophisticated social engineering fueled with detailed information on the user that can trick even the most savvy or skeptical user into keeping the scam going.

In fact, in 2017 alone, 2.7 million Americans reported some form of fraud to the Federal Trade Commission. And there were almost certainly many more who were either too embarrassed or too jaded to report what they experienced.

What essentially all online and email scams share is that they attempt to impersonate someone or some institution that seems credible. They attempt to capitalize on the recipient’s cultural norms of trust, courtesy, and professionalism to hear out their pitch. They usually attempt to play into the listener’s sense of fear over losing something, like a valuable service or, alternatively, appeal to the listener’s opportunism for getting something valuable for nothing.

Phishing scams today often involve someone pretending to be from a company you already do business with such as Apple, Microsoft, or Amazon, sending out a text or email that says you have a problem with your account, or perhaps a delivery issue, a refund, or some other plausible-sounding matter. You are then directed to a link and told that unless you provide confirmation of your account information, that account will be suspended, and legal action will follow.

The phisher almost certainly doesn’t have either your username or password. If they did, they wouldn’t have to bother using an elaborate ruse to gain access your computer network. Instead, claiming that it’s a matter of great urgency, they use deceit to trick you into providing access to data, images, text files, or money.

One particularly damaging form of trickery may not involve email at all. It could start with a phone call from someone pretending to be your helpdesk or IT service organization needing to remotely access your computer to update or fix something. “All you need to do is download this maintenance patch I’ll send you and let me do the rest,” the user is told. Of course, it’s a scam for someone to access the network. Here are some common tips.

Security Tips: Cutting Back on Phish

With so much toxic angling, a low-phish diet will be good for you and your business. Sooner or later, everyone is likely to receive a deceptive phone call or email. But like any diet, this one requires awareness, education, and discipline. Essentially, all phishing scams require the recipient to open or click on something that’s malicious. Educating yourself and your employees about how to recognize, avoid, and report phishing attempts is essential to the effort. Vigilance and skepticism online are the mantras of digital living.

  • Many phishing messages share certain elements in common. One of the most frequent is a sense of urgency saying that the recipient needs to do something immediately – either to send money to verify certain information, or to update their credit card on file. That’s a red flag. Banks, government agencies, and most business organizations still use snail mail to collect funds and personal data.
  • When you do receive an email from your bank that requires action, log on to its website by keying in the bank’s URL yourself. Don’t use the link in the message to visit the bank’s website; it could actually be a malware attack on your computer. By hovering over a link in the message without clicking on it, a balloon will appear with the sender’s real address. If it looks phishy and doesn’t contain the official domain of your bank, pick up the phone and call your bank.
  • Many scams originate overseas from countries where English is not the native language. As a result, there might be awkward phrasing, archaic terms, or misspelled words that a professionally written email or website from an authentic U.S. organization would never use. That’s another red flag.

To help train employees, IT personnel can periodically send fake “phishing” emails, which helps identify vulnerable staff members who could benefit from more guidance. They can teach users to recognize malicious messages.

But scams continue to evolve. Ongoing education and awareness efforts, together with prompt reporting of suspicious emails, are essential to maintaining the first line of defense against phishing scams–alert company employees and wary business executives. Remote collaboration may be a double-edged sword but, using the right defense, the user can properly yield its power.

Source link

The post #cybersecurity | #hackerspace |<p> Security First: The Double-Edged Sword of Remote Collaboration <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Car GPS Tracker GSM/GPRS Tracking Device Remote Control Auto Vehicle

To Purchase This Product/Services, Go To The Store Link Above Or Go To Source: National Cyber Security – Produced By Gregory Evans Specifications: Feature:– Support both GPS / GSM station positioning ways.– Support SMS / GPRS / Internet network data transfer– Support GPRS on-line … View full post on

US NSA hacking tools were reportedly left unprotected on remote computer


Source: National Cyber Security – Produced By Gregory Evans

US NSA hacking tools were reportedly left unprotected on remote computer

A U.S. investigation into a leak of hacking tools used by the National Security Agency is focusing on a theory that one of its operatives carelessly left them available on a remote computer and Russian hackers found them, four people

The post US NSA hacking tools were reportedly left unprotected on remote computer appeared first on National Cyber Security.

View full post on National Cyber Security

Hackers find a way into your computer through remote access program

Source: National Cyber Security – Produced By Gregory Evans

What if having a password to log onto your computer couldn’t stop a hacker from getting in? What if the one thing you overlooked, is leaving the door to your personal or business files wide open? There’s a remote access program that’s allowing hackers right into computers because of a lack of password protection on the user’s end. Documents with industrial information, plans for power plants, even confidential patient data, are all screens the computer user thought were only visible to them. “This is me live on their system,” said WPTV Internet Security Expert Alan Crowetz, “I had full access as if I was sitting in South Korea in front of that computer.” The program, VNC, is one that many businesses and computer users have. It allows tech support to gain access to their computers and troubleshoot technical problems. ‘What VNC is, is a remote control program designed to put you in front of the computer,” added Crowetz. It’s a free and useful program, problem is, users are not protecting their remote access with passwords. Crowetz showed us how easy it is to look at someone else’s screen remotely. He downloaded VNC viewer, typed in an IP address and […]

The post Hackers find a way into your computer through remote access program appeared first on National Cyber Security.

View full post on National Cyber Security

Arab hactivist use remote access Trojan to hack 24,000 machines worldwide

Symantec threat lab researchers say Arab Hackers based in Middle East are targeting the computers world wide using remote access Trojan njRAT. There are 487 groups involved in certain hacking campaign. 

Symantec says, “Symantec has identified 487 groups of attackers mounting attacks using njRAT. These attacks appear to have different motivations, which can be broadly classed as hacktivism, information theft and botnet building,” njRAT is a fairly simple malware widely available in Black Markets. 

The malware grants hackers basic powers, such as the ability to download and execute additional malware on infected systems, execute shell commands, read and write registry keys, capture screenshots, log keystrokes and hijack control of webcams. 

Researchers say these attacks originate from Middle East and nearly 80% of CnC base located in Egypt, Palestine and Lebiya.


The post Arab hactivist use remote access Trojan to hack 24,000 machines worldwide appeared first on Am I Hacker Proof.

View full post on Am I Hacker Proof