Vulnerable

now browsing by tag

 
 

State #institutions in #Denmark #vulnerable to #hacking, expert #reveals

Source: National Cyber Security News

Last summer one of Denmark’s biggest companies, Maersk, was hit by a hacking attack that paralysed its computer systems and ended up costing the firm an estimated 1.9 billion kroner.

And the shipper is not the only one. Twice in 2017, the Southern Denmark region experienced ransomware attacks that locked users out of their accounts and databases.

A survey of state institutions undertaken by the national auditor, Rigsrevisionen, has shown that the Foreign Ministry, health service databank Sundhedsdatastyrelsen, state railway track owner Banedanmark and the emergency response service Beredskabsstyrelsen are all potentially vulnerable to similar attacks, reports DR Nyheder.

Update your security systems!
The auditors noted that security to prevent ransomware attacks was not sufficient and that none of the institutions have fully ensured that their programs all have the latest security updates.

IT security expert Christian Dinesen from the consultancy firm NNIT feels that these institutions are making it much too easy for cyber criminals.

“It is critical, because all these institutions perform vital functions in our society,” said Dinesen.

“What the report shows unfortunately is an immaturity that is also found in other places. Things like local administrators’ rights and security programs not being updated have been in the spotlight for the last 15 years.

Read More….

advertisement:

View full post on National Cyber Security Ventures

Is our #smart home #growing more #vulnerable to #hacks?

Source: National Cyber Security – Produced By Gregory Evans

As more of our cameras, speakers, thermostats and locks connect online, they’re increasingly open to meeting up with hackers.

Hackers have come up with new ways to break into your data — sending attacks through our appliances, locks, blinds and anything that connects to the internet. These are part of the so-called Internet of Things (IoT), and hacking attacks sent through these devices “became the preferred weapon of choice,” for starting denial of service attacks last year, says a new report from Arbor Networks, a security software company.

Read More….

The post Is our #smart home #growing more #vulnerable to #hacks? appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

90% of #world’s #Gmail accounts ‘#vulnerable to #hackers

Despite the growth of sophisticated cyber threats globally, Google has said that less than 10 per cent of active Gmail users have enabled two-factor authentication making the remaining 90 per cent more vulnerable to cyber attacks.
According to Google engineers, compromised passwords are the top way hackers gain access to accounts and all users — especially those in the enterprises — should implement two-factor authentication immediately.

“Further, only 12 per cent of Americans use a password manager to protect their accounts,” US-based news website Techrepublic quoted Google engineer Grzegorz Milka as saying in a presentation at the Usenix Enigma 2018 security conference in California late on Saturday.

Two-factor authentication is one of the most effective ways to protect online accounts given that compromised passwords are the top way attackers gain access to accounts.

In the enterprise, if a hacker can break into the email of even one employee, it gives them not only access to company data but also ammunition for future phishing attacks — making it even more important for firms to ensure all employees have enabled two-factor authentication and gone through cybersecurity training.
The feature, which Google calls 2-step verification, requires using a second step-often a single-use key or password-along with the account password to verify a user’s identity and allow them into their account.
With Google, the second step can come in the form of a text message, a phone popup, through a Google Authenticator app or from a number of printed single-use codes.
Google first rolled out its two-factor authentication feature back in 2011, yet users have failed to adopt the safety measure in large numbers. The feature adds a few seconds to the login time but is claimed to be the best option to stay away from cyber attacks.
Milka said that Google did not make two-factor authentication mandatory for all users due to usability.
“It’s about how many people would we drive out if we force them to use additional security,” he was quoted as saying.
Google has made a number of other efforts to improve security for its users.
In January 2017, the company announced new layers of enterprise-grade security controls for “G Suite” to give users more control and visibility over sensitive information.
In October last year, it rolled out the “Advanced Protection Programme” that offers better defenses against phishing, accidental data sharing and fraudulent account access for executives and professionals in fields where confidential information is shared online.
For the latest news, tech news, breaking news headlines and live updates checkout Gadgetsnow.com

View full post on National Cyber Security Ventures

Apple #HomeKit #bug made #smart locks #vulnerable to #hacking

Apple #HomeKit #bug made #smart locks #vulnerable to #hacking

The software bug in HomeKit can apparently allow bad actors to control accessories in smart homes.

Following the news of Apple’s recent security flaw in High Sierra OS for Macs, news has broken of a zero-day vulnerability in the firm’s HomeKit.

According to 9to5Mac, a flaw in the current version of iOS 11.2 could theoretically allow unauthorised individuals access to smart accessories such as smart locks and garage doors, using the home automation platform. 9to5Mac described the vulnerability as “difficult to reproduce” and said it also affected other smart accessories such as lights and thermostats.

The issue was not with the smart accessories, but with the HomeKit framework itself, which connects products from a broad range of companies together in a single interface. The details of the vulnerability itself are scant, but it required at least one iPhone or iPad running iOS 11.2 connected to the HomeKit user’s iCloud account.

Apple quick to remedy the HomeKit issue
Apple has released a temporary server-side fix that remedies the issue. On the user end, nothing needs to be done, but they will notice that the ‘remote access to shared users’ feature for HomeKit-connected devices has been disabled temporarily.

A full patch that completely solves the issue will arrive early next week along with the next iOS update.

The discovery of this vulnerability highlights existing concerns around smart home devices, and the general need for more robust protocols in terms of IoT, particularly in a domestic setting.

It also raises questions for Apple in terms of its own security-auditing process for its operating systems and products, especially considering its otherwise positive reputation as a technology vendor and innovator. Bugs are not uncommon in the development process but when it comes to home security, a certain level of trust is required in order to get customers on board.

More than 50 brands worldwide are compatible with HomeKit, including some models of Honeywell thermostats, the August smart lock and Chamberlain MyQ Home Bridge, a garage-door opener.

View full post on National Cyber Security Ventures

Michigan among #states most #vulnerable to #identity theft, fraud

Source: National Cyber Security – Produced By Gregory Evans

Michigan among #states most #vulnerable to #identity theft, fraud

Michigan ranks among the worst states for identity theft and fraud, a new analysis by a personal finance website shows.

The report by WalletHub put Michigan at No. 6, behind California, Rhode Island, Washington D.C., Florida and Georgia, and just ahead of Nevada, Texas, New York and Connecticut.

The Michigan attorney general’s office, which is charged with protecting consumers, suggested that identity theft and fraud is likely not as bad in the state as the report suggests.

“It could be underreported in other states,” Andrea Bitely, a spokeswoman for the attorney general’s office, said, challenging the report’s results. “The more people in a state, the more likely you are to be up at the top.”

“But,” she added, “the attorney general is not taking this lightly.”

October has been designated National Cyber Security Awareness Month by the U.S. Department of Homeland Security.

WalletHub, which is based in Washington D.C., compared all 50 states and the nation’s capital this week using a data that looked at identity theft, fraud and public policy aimed at keeping personal information out of the hands of thieves.

While Michigan ranked No. 6 overall, it was No. 8 specifically for identity theft, No. 12 for fraud, and No. 10 for public policy.

Michigan was No. 2 for the most identity theft complaints per capita, behind Washington D.C., and ahead of Florida, and No. 4 for the most fraud complaints per capita, behind, Washington D.C., Florida, and Georgia and ahead of Texas.

“Equifax has proven that absolutely no one is immune to cybercrime,” the report said. “In September 2017, the credit bureau announced that it had fallen victim to one of the biggest data breaches in recent history.”

Moreover, the WalletHub report said: “Even credit bureaus, government agencies, and financial institutions — the organizations consumers trust and expect to treat their confidential information with utmost care and security — cannot take enough precautions to prevent such attacks.”

Earlier this month, Equifax announced that 2.5 million more consumers were impacted by the breach than originally thought, bringing the total number of Michiganders with potentially compromised information to 4.6 million.

To raise awareness of identity theft, the state attorney general’s office is holding two free seminars:

  • From 12:05 to 12:50 p.m. Friday at 525 West Ottawa Street, Lansing, in the G. Mennen Williams Auditorium.
  • From 12:05 to 12:50 p.m. Wednesday at 3068 West Grand Blvd., Detroit, in Room L150.

Still, the WalletHub report warned:

“While the federal government and various businesses in recent years have taken more aggressive measures to build up our defenses, criminal strategies continue to evolve and grow in sophistication, keeping consumers vulnerable to identity theft and fraud.”

The post Michigan among #states most #vulnerable to #identity theft, fraud appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

9 Everyday Habits That Leave You Vulnerable Online

Source: National Cyber Security – Produced By Gregory Evans

Whether you read email, check social media, or do most anything online, your internet behavior may put you at risk. Hackers and scammers can take advantage of your online movements to get your financial data and other sensitive information. To stay safe and protect your identity, make sure you avoid…

The post 9 Everyday Habits That Leave You Vulnerable Online appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Public bodies are vulnerable to hacking – government needs to step up to protect them

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Barely a month passes in 2017 without some kind of IT failure hitting the headlines, but the hacks, leaks and breaches that make the news may represent just the tip of the iceberg. An investigation by the i newspaper has revealed that public bodies such as […] View full post on AmIHackerProof.com | Can You Be Hacked?

Immigration Department lax on cyber security and vulnerable to attacks, experts say

Source: National Cyber Security – Produced By Gregory Evans

Cyber security experts fear the Immigration Department is dragging its feet on internet security in the wake of global ransomware attacks and may be vulnerable. The department has failed to comply with the Australian Signals Directorate’s (ASD) top four security measures — including patching — for years, despite repeatedly promising…

The post Immigration Department lax on cyber security and vulnerable to attacks, experts say appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

Massachusetts voting system not vulnerable to hacking, officials say

Source: National Cyber Security – Produced By Gregory Evans

Massachusetts voting system not vulnerable to hacking, officials say

From inside a vault, Northboro town clerk Andy Dowd pulled out a vote-counting machine. It has buttons and a screen like a computer, but no connectivity cables. “Right now, (with) our option there’s no way to connect this to the internet,” Dowd told WCVB. As with all voting-counting machines in…

The post Massachusetts voting system not vulnerable to hacking, officials say appeared first on National Cyber Security Ventures.

View full post on National Cyber Security Ventures

The Weird Loophole That Leaves Even Well-Secured Facebook Accounts Vulnerable

more information on sonyhack from leading cyber security expertsSource: National Cyber Security – Produced By Gregory Evans Facebook’s security team does its best to protect users. But not all of those users have the same ideas about how to be protected. Facebook serves almost 2 billion users, more than a billion of them on a daily basis. Those users are spread out all […] View full post on AmIHackerProof.com | Can You Be Hacked?