now browsing by tag
So, you’re working from home …
For a while.
You’ve probably worked remotely before, and you’re thinking, “I’ve got this!”
Odds are, you’re mistaken. You don’t have this. That’s OK; this is an opportunity to learn new skills.
You can think of working from home much like someone moving into an entirely new environment. Your patterns of work might be optimized for working in an office, and they might not quite fit at home. You can think of this post as moving you from accommodating yourself to including yourself — reducing the friction that misspends your energy just to exist.
Now it’s time to adapt. You need to adapt, your workday needs to adapt, and your environment needs to be adapted. So what can you do? Below is some advice — take it in the spirit of unsolicited advice on self-improvement. Some of these things will work for you; some of them won’t. Many of these ideas work for me or people near me; they might or might not work for you. Give them a try, and be willing to learn and adapt.
Maybe you’ve been getting by with sitting on the couch or on the floor in the corner of your bedroom. Those might be all the choices you have, but you should consider some changes:
- Use an external monitor. One of the biggest productivity gains comes from useful screen real estate, so finding a way to get more is incredibly helpful to you. Paired with an external keyboard and mouse, you’re also on your way to better ergonomics.
- Use a desk and a chair. Sitting on a couch for a long period is probably not healthy in a lot of ways. Can you fit in a sit/stand desk? Maybe you do need a different ergonomic choice, but make it deliberately.
- If you can dedicate a workspace, that’s ideal. If you can’t, consider a space that you can set up at the start of the workday, then tear it back down in the evening — so you have clearly delineated boundaries of when you’re “in the office” instead of just chilling.
- Even if you can’t dedicate a workspace, make a conscious effort to not take a meal (be it lunch, dinner, etc.) from where you are working. If you have a dedicated workspace, leave it and go to your kitchen, another room, or, if possible, outside for your meal. This should be time to mentally recharge as much as physically recharge. If you don’t have a dedicated space, still take the time to close your laptop and do something that is not work. Your brain (and your similarly stressed co-workers) will thank you.
- Do you have a headset with a microphone to take meetings with? Gaming headsets can be an affordable and high-quality solution, or possibly Bluetooth earbuds. Anything is an improvement over just using your laptop’s speakers. But also think about how your ears might feel after multiple hours using a device you’re not familiar with. Maybe change between earbuds and a headset … or even just take a long break from videoconferencing.
- Wired Ethernet makes an enormous difference for videoconferencing — and for many of our other tools. Even if the cable has to get unplugged when you roll up your desk at the end of the day, this can be worth the trouble.
There’s a good chance you’re sharing your space with other people — a partner, some children, maybe roommates. Their needs will matter, too, and it’s better for you to plan ahead with your schedules so that no one is disappointed.
- Do you have to homeschool small children? What does your plan look like for that, and how are you trading it off with your partner?
- Do you need to add daily household meetings to identify any issues?
You might be really excited about not having to waste time getting to the office because you can just hit work running. But take a moment to think about what you also do during your commute. Are you thinking about your schedule for the day? Working on a hard problem? Thinking about your kids? That’s valuable mental time, which you should consider how to keep in your day so that you can gracefully transition between parts of your life.
- Can you go for a walk around the block (or further)?
- Can you set aside quiet time at the start and end of your day, before you dive into email?
- Make sure you take time for lunch. This might make a good time to check in with your colleagues in your co-working space or take quiet time for yourself. You might want to think about planning for those lunches to make sure you’re making healthy choices rather than just grabbing whatever is available.
- Make a hard break. “Bye, kids, I’m headed to work!” can be a really powerful boundary to set.
Meeting culture is very location-centric, especially when that location is your headquarters. Some of that is a product of enterprise tools (many video solutions makes it hard to see more than a few participants at once, and the slight added latency over the Internet interacts with the human desire to jump in as the next speaker), some is a product of our organizations (meetings where 80% of the attendees are physically in one place), and some is a product of habit (sitting in a circle, which then excludes the video participants). This is an opportunity to work on more-inclusive meeting structures.
- Consider nonverbal cues for meeting participants to use to call for attention. If everyone is visible, that can be a raised hand; if that’s not the case, then a chat backchannel can help.
- Work more on pauses between speakers. There is rarely a need to jump in instantly, and that’s often seen as a behavior that is exclusionary anyway, so this is a good opportunity to evaluate it. Past three people, a moderator helps enormously — perhaps defaulting to whomever called the meeting or wrote the agenda.
- Consider working off a shared document with an agenda and notes so that some information flows can be faster-than-verbal. This might rely on everyone having more screen real estate.
- Think about the lighting. You should be able to clearly see your face, which generally means lights and windows should be in front of you, not behind you. It’s always possible to learn from one call and revise or improve for the next one.
- Thirty-minute blocks are not fundamental to the universe. You can meet for 5 minutes or 15 — and jumping from chat to a video call for 5 minutes can unlock great work for you or your colleagues.
- As a last resort, disabling video can improve audio distortions, jitter, and latency in meetings.
Your Physical Wellness
When working from home, it can be really easy to fall into a rut with no physical activity. Perhaps you roll out of bed, grab a quick bite, and hop on a call. For a day, that’s only a little bad, but that’s a bad long-term pattern. Schedule your exercise time.
- Maybe take that long walk at the start of your day or after lunch.
- If you’re fortunate enough to have a treadmill or stationary cycle in your house, maybe you take a walking meeting with a colleague.
- Look at how you can keep your body from stiffening from a lack of movement or poor ergonomics. Take stretch breaks. Take a 20-second break every 20 minutes and look out at something at least 20 feet away to prevent eyestrain. Consider how to incorporate physical wellness into your everyday routine.
(Story continues on next page.)
Andy Ellis is Akamai’s chief security officer and his mission is “making the Internet suck less.” Governing security, compliance, and safety for the planetary-scale cloud platform since 2000, he has designed many of its security products. Andy has also guided Akamai’s IT … View Full Bio
1 of 2
View full post on National Cyber Security
#cyberfraud | #cybercriminals | These Are The Most Rampant Windows And Mac Malware Threats For 2020: Here’s What That Means
Seven weeks into 2020, and we are deep into the season for cybersecurity reporting. You can expect a wide range of summaries of the threat landscape from 2019 and forecasts as to what to expect this year. As threat actors from China, Russia, Iran and North Korea continue to probe network and system security around the world, we also have the rising threat of ever more sophisticated malware hitting individuals and the companies they work for, all fuelled by the scourge of social engineering to make every malicious campaign more dangerous and more likely to hit its mark.
BlackBerry Cylance has published its “2020 Threat Report” today, February 19, and its theme is the blurring lines between state actors and the criminal networks that develop their own exploits or lease “malware as a service,” pushing threats out via email and messaging campaigns, targeting industries or territories. This year, 2020, will be seminal in the world of threat reporting and defense—IoT’s acceleration is a game changer in cyber, with the emergence of a vast array of endpoints and the adoption of faster networking and pervasive “always connected” services.
The challenge with IoT is the limited control of the security layers within those endpoints—it’s all very well having smart lightbulbs, smart toys and smart fridges. But if every connected technology you allow into your home is given your WiFi code and a connection to the internet, then it is near impossible to assure yourself of the security of those devices. Current best practice—however impractical that sounds—is to air-gap the networks in your home: trusted devices—your phones, computers and tablets, and then everything else. If one family of devices can’t see the other, then you are much better protected from malicious actors exploiting casual vulnerabilities.
I have warned on this before, and the market now needs the makers of networking equipment to develop simple one-click multiple networking options, so we can introduce the concept of a separated IoT network and core network into all our homes—something akin to the guest networks we now have but never use on our routers, but simpler, more of a default, and therefore better used.
According to Cylance’s Eric Milam, the geopolitical climate will also “influence attacks” this year. There are two points behind this. First, mass market campaigns from state-sponsored threat actors in Iran and North Korea, from organized groups in Russia and China, and from criminal networks leveraging the same techniques, targeting individuals at “targeted scale.” And, second, as nation-states find ever more devious ways to exploit network defenses, those same tools and techniques ultimately find their way into the wider threat market.
The real threats haven’t changed much: Phishing attacks, ranging from the most basic spoofs to more sophisticated and socially engineered targeting; headline-grabbing ransomware and virus epidemics; the blurring between nation-state and criminal lines, accompanied by various flavors of government warnings. And then, of course, we have the online execution of crimes that would otherwise take place in the physical world—non-payment and non-delivery, romance scams, harassment, extortion, identity theft, all manner of financial and investment fraud.
But, we do also have a rising tide of malware. Some of that rising tide is prevalence, and some is sophistication. We also have criminal business models where malware is bought and sold or even rented on the web’s darker markets.
In the Cylance report, there is a useful summary of the “top malware threats” for Windows and Mac users. Cylance says that it complied its most dangerous list by using an “in-house tooling framework to monitor the threat landscape for attacks across different operating systems.” Essentially that means detecting malware in the wild across the endpoints monitored by its software and systems. It’s a volume list.
For cyber-guru Ian Thornton-Trump, the real concerns for individuals and companies around the world remain Business Email Compromise, “the fastest growing and most lucrative cyber-criminal enterprise.” He also points out that doing the basics better goes a long way—“there is little if any mention of account compromises due to poor password hygiene or password reuse and the lack of identifying poorly or misconfigured cloud hosting platforms leading to some of the largest data breaches” in many of the reports now coming out.
So here are Cylance’s fifteen most rampant threats. This is their own volume-based list compiled from what their own endpoints detected. There are missing names—Trickbot, Sodinokibi/REvil, Ryuk, but they’re implied. Trickbot as a secondary Emotet payload, for example, or Cylance’s observation that “the threat actors behind Ryuk are teaming with Emotet and Trickbot groups to exfiltrate sensitive data prior to encryption and blackmail victims, with the threat of proprietary data leakage should they fail to pay the ransom in a timely manner.”
There are a lot of legacy malware variants listed—hardly a surprise, these have evolved and now act as droppers for more recent threats. We also now see multiple malware variants combine, each with a specific purpose. Ten of the malware variants target Windows and five target Macs—the day-to-day risks to Windows users remain more prevalent given the scale and variety of the user base, especially within industry.
- Emotet: This is the big one—a banking trojan hat has been plaguing users in various guises since 2014. The malware has morphed from credential theft to acting as a “delivery mechanism” for other malware. The malware is viral—once it gets hold of your system, it will set about infecting your contact with equally compelling, socially engineered subterfuges.
- Kovter: This fileless malware targets the computer’s registry, as such it makes it more difficult to detect. The malware began life hiding behind spoofed warnings over illegal downloads or file sharing. Now it has joined the mass ad-fraud market, generating fraudulent clicks which quickly turn to revenue for the malware’s operators.
- Poison Ivy: A malicious “build you own” remote access trojan toolkit, providing a client-server setup that can be tailed to enable different threat actors to compile various campaigns. the malware infects target machines with various types of espionage, data exfiltration and credential theft. Again the malware is usually spread by emailed Microsoft Office attachments.
- Qakbot: Another legacy malware, dating back a decade, bit which has evolved with time into something more dangerous that its origins. The more recent variants are better adapted to avoiding detection and to spreading across networks from infected machines. The malware can lock user and administrator accounts, making remove more difficult.
- Ramnit: A “parasitic virus” with “worming capabilities,” designed to infect removable storage media, aiding replication and the persistence of an attack. The malware can also infect HTML files, infecting machines where those files are opened. The malware will steal credentials and can also enable a remote system takeover.
- Sakurel (aka. Sakula and VIPER): Another remote access trojan, “typically used in targeted attacks.” The delivery mechanism is through malicious URLs, dropping code on the machine when the URL is accessed. The malware can also act as a monitor on user browsing behavior, with other targeted attacks as more malware is pulled onto the machine.
- Upatre: A more niche, albeit still viable threat, according to Cylance. Infection usually results from emails which attach spoof voicemails or invoices, but Cylance warns that users can also be infected by visiting malicious websites. As is becoming much more prevalent now, this established legacy malware acts as a dropper for other threats.
- Ursnif: This is another evolved banking trojan, which infects machines that visit malicious websites, planting code in the process. The malware can adapt web content to increase the chances of infection. The malware remains a baking trojan in the main, but also acts as a dropper and can pull screenshots and crypto wallets from infected machines.
- Vercuse: This malware can be delivered by casual online downloads, but also through infected removable storage drives. The malware has adapted various methods of detection avoidance, including terminating processes if tools are detected. The primary threat from this malware now is as a dropper for other threats.
- Zegost: This malware is designed to identify useful information on infected machines and exfiltrate this back to its operators. That data can include activity logging, which includes credential theft. The malware can also be used for an offensive denial of service attack, essentially harnessing infected machines at scale to hit targets.
- CallMe: This is a legacy malware for the Mac world, opening a backdoor onto infected systems that can be exploited by its command and control server. Dropped through malicious Microsoft Office attachments, usually Word, the vulnerability has been patched for contemporary versions of MacOS and Office software. Users on those setups are protected.
- KeRanger: One of the first ransomware within the Mac world, the malware started life with a valid Mac Developer ID, since revoked. The malware will encrypt multiple file types and includes a process for pushing the ransom README file to the targeted user. Mitigation includes updates systems, but also offline backups as per all ransomware defenses.
- LaoShu: A remote access trojan that uses infected PDF files too spread its payload. The malware will look for specific file types, compressing those into an exfiltration zip file that can be pulled from the machine. While keeping systems updated, this malware also calls for good user training and email bevavior, including avoidance of unknown attachments.
- NetWiredRC: A favourite of the Iranian state-sponsored APT33, this malware is a remote access trojan that will operate across both Windows and Mac platforms. The malware focuses on exfiltrating “sensitive information” and credentials—the latter providing routes in for state attackers. Cylances advises administrators to block 212[.]7[.]208[.]65 in firewalls and monitor for “%home%/WIFIADAPT.app” on systems.
- XcodeGhost: Targeting both Mac and iOS, this compiler malware is considered “the first large-scale attack on Apple’s App Store.” Again with espionage and wider attacks in minds, the malware targets, captures and pulls strategic information from an infected machine. its infection of “secure apps” servers as a wider warning as to taking care when pulling apps from relatively unknown sources.
In reality, the list itself is largely informational as mitigation is much the same: Some combination of AV tools, user training, email filtering, attachment/macro controls, perhaps some network monitoring—especially for known IP addresses. The use of accredited VPNs, avoiding public WiFi, backups. Cylance also advises Windows administrators to watch for unusual registry mods and system boot executions.
Thornton-Trump warns that we need constant reminding that cyber security is about “people, process and technology.” Looking just at the technology side inevitably gives a skewed view. For him, any vendor reports inevitably “overstate the case for anti-malware defences in contrast to upgrade and improvement of other defensive mechanisms, including awareness training and vulnerability management.”
And so, ultimately, user training and keeping everything updated resolves a material proportion of these threats. Along with some basic precautions around backups and use of cloud or detached storage which provides some redundancy. Common sense, inevitably, also features highly—whatever platform you may be using.
View full post on National Cyber Security
#cyberfraud | #cybercriminals | Cyber Security Today – Oscar movie scams, and make sure you update these products
Source: National Cyber Security – Produced By Gregory Evans Movie scams, and make sure you update Windows, WhatsApp and Cisco products Welcome to Cyber Security Today. It’s Friday February 7th. I’m Howard Solomon, contributing reporter on cyber security for ITWorldCanada.com. To hear the podcast click on the arrow below: On Monday’s podcast I warned […] View full post on AmIHackerProof.com
Understanding the Security Gap
According to a recent report by the Advanced Cyber Security Center, 91% of organizations…
The post These 4 Tips Will Make You Fluent in Cyber Risk appeared first on ZeroNorth.
*** This is a Security Bloggers Network syndicated blog from Blog | ZeroNorth authored by ZeroNorth. Read the original post at: https://www.zeronorth.io/blog/these-4-tips-will-make-you-fluent-in-cyber-risk/
The post #cybersecurity | #hackerspace |<p> These 4 Tips Will Make You Fluent in Cyber Risk <p> appeared first on National Cyber Security.
View full post on National Cyber Security
#nationalcybersecuritymonth | Don’t let these scary cyber safety risks creep up on you | Features/Entertainment
Source: National Cyber Security – Produced By Gregory Evans THE CONCERN: October is National Cybersecurity Awareness Month, and the Better Business Bureau is scaring up the latest on cyber security risks and ways to avoid them. Watch out for these spooky dangers lurking in the corners of our everyday digital lives. HOW THE SCAM WORKS: […] View full post on AmIHackerProof.com
Apple iPhone users are being warned to check their devices against a list of malicious apps disclosed in a new report. The exposure of such dangers on Google’s Play Store has become a theme this year, with apps laced with adware, subscription fraud and worse exposed and removed. Now Apple is taking its turn in the spotlight. A new report from the research team at Wandera claims that 17 apps from one developer load a malicious clicker trojan module on an iOS device.
Apple says that the apps in question have been removed from the App Store, and upon examination did not contain the trojan malware as claimed. Instead, the apps were removed for including code that enabled the artificial click-through of ads. A spokesperson for Apple confirmed the removal of the apps and that the App Store’s protective tools have been updated to detect similar apps in the future.
According to Wandera, the trojan focused on ad fraud, but also sent data from the infected device to an external command and control server. Wandera told me that an even more worrying element of the malware, one not included in the write-up, is a set of devious techniques to evade detection. The malware triggered only when loaded with an active SIM and left running for two days. We have seen this before on Android—an attempt to hide from security researchers in lab conditions.
“We were amazed with this one,” Wandera VP Michael Covington told me ahead of the report’s release. “We’ve seen a couple of issues creep into the Apple App Store over the last few months—and it always seems to be the network element.” In his view, Apple misses the runtime element of an app’s behaviour when scanned before approval. “They don’t have a deep threat research expertise,” he explained, “but to find malicious network traffic, you have to watch live apps and see how they perform.”
When I talked with Wandera ahead of the report being released, they provided links and said the apps were still available to install. Apple has since confirmed their removal. The fact they gained access to the store remains a concern. Wandera says it discovered the malicious apps when its monitoring platform detected network traffic back to the external C&C server. “That forced us to work backwards,” Covington told me, “we found one of those apps, and from there we found the developer and then the other indicators of compromise that led to the other apps.”
Each of the apps contain the “malicious” clicker trojan module. “Malicious,” Covington claimed, because the module can do more than just generate fraudulent ads. “It could potentially steal information, or open a backdoor,” he said. “Any time I see an app opening a connection to the outside, I think we may have more than just bad ads, we have some malicious functionality that’s being introduced.”
All of the apps will “carry out ad fraud-related tasks in the background,” the report claims, “such as continuously opening web pages or clicking links without any user interaction.” The module generated revenue for the operators “on a pay-per-click basis by inflating website traffic.” The evasive behaviour, which is not in the report, points to a level of sophistication beyond simple ad fraud. To design malware specifically to outwit a security research lab is a level beyond.
Covington takes the view that an outside connection means a high risk of data compromise—at least to some extent. The malware sends device and location information, some user data as well potentially. The apps are not games. “One managed contacts, another travel information, another had access to accelerometer and location—even without special permissions for the camera or microphone, the apps likely accessed contacts and location, with privacy implications.”
For its part, Apple disputes that any such compromise took place here—there was no danger beyond isolated click fraud, it says, emphasising that the company patrols the App Store to identify and remove any apps that represent a danger to users.
Any C&C server clearly represents some form of risk, though—an external link opens a door to further threats. “Certain information about the device and the user is used to determine what ads to deliver,” Covington said. “But we have seen C&C servers deliver other types of commands—to change configurations or trigger phishing attacks, to deliver legitimate-looking login pages to steal credentials. Or to deliver malicious payloads to bulk ups apps or install others. Once you open a connection to the outside, bad things can happen.”
In this instance, Wandera says it has seen performance degradation, battery drain, heavy bandwidth use—one ad runs a video stream for more than five minutes, others contain large images. The same C&C server was disclosed by Dr. Web as part of an Android malware campaign. Dr. Web reported that the server could target ads, load websites, alter the configuration of devices, fraudulently subscribe users to premium content. None of these additional issues have been claimed for the iOS malware.
The developer is AppAspect Technologies, based in India, an operator with apps for both iOS and Android. Wandera says it examined the Android apps—none contained the clicker trojan module, but they used to, they were pulled from the store, the module removed, the apps republished. Perhaps the heat being turned up on the Play Store forced a retreat? Perhaps the operator turned its focus to iOS where there is less expectation of such compromises? Covington thinks this is a real possibility.
Apple has confirmed that the apps have been removed, and the good news is that deleting the apps solve any problems, no remnants are left behind. “There is no access to special frameworks that might have left something behind,” Covington explained.
For Apple, in light of other security challenges in recent months, including a targeted WhatsApp hack, the Chinese malware attack on the Uighurs, new jailbreak options, this is an awkward story. The fast removal of the apps is to be applauded, as it the enhancement of protective tools, but the fact that harmful apps found their way onto the store obviously remains a worry.
Here is the list of infected apps:
- RTO Vehicle Information
- EMI Calculator & Loan Planner
- File Manager – Documents
- Smart GPS Speedometer
- CrickOne – Live Cricket Scores
- Daily Fitness – Yoga Poses
- FM Radio PRO – Internet Radio
- My Train Info – IRCTC & PNR (not listed under developer profile)
- Around Me Place Finder
- Easy Contacts Backup Manager
- Ramadan Times 2019 Pro
- Restaurant Finder – Find Food
- BMI Calculator PRO – BMR Calc
- Dual Accounts Pro
- Video Editor – Mute Video
- Islamic World PRO – Qibla
- Smart Video Compressor
Updated later on October 24 with feedback from Apple, including confirmation of removal of the apps.
The post #deepweb | <p> These 17 ‘Trojan’ Apps May Be On Your Device—Delete Them Now <p> appeared first on National Cyber Security.
View full post on National Cyber Security
Online hackers made out like true bandits in 2017, stealing over $172 billion from people in 20 countries around the world, a new report said.
Norton Cyber Security released its annual insights report and found that 44% of consumers were affected by a cybercrime in the last 12 months with an average victim losing $142.
The post Hackers #stole $172 #billion last #year: #Consumers should #avoid these #mistakes appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Tight Inventory Continues To Dog Housing Market Steve starts his Real Estat Roundup segment by asking Terry how long a typical For Sale house stays on the market before it gets a confirmed buyer. Terry says the national average was 27 days for the month of May 2017, well below…
The post Be Alert! Hackers Are Stealing Millions From Buyers By Using These Real Estate Scams appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
In a new survey by Netsparker Ltd., a provider of web applications security, developers agreed that the government and financial services are the two sectors most vulnerable to hacking and that smart home IoT is the most vulnerable technology. Propeller Insights conducted the recent survey of U.S.-based software developers for…
The post Developers are most wary of these technologies being hacked appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures
Small and mid-sized businesses are targeted by cyber-criminals more often than ever before. That is because automation makes it easy to attack them by the thousands, and many of them are easy targets because they don’t put up a good fight. It’s time to improve the defense. Does the size…
The post Protect Your Small Business with These Cyber Security Pro Tips appeared first on National Cyber Security Ventures.
View full post on National Cyber Security Ventures