Year

now browsing by tag

 
 

#parent | #kids | Looking for a new iPad game? These are the best ones we’ve played this year | #parenting | #parenting | #kids

Source: National Cyber Security – Produced By Gregory Evans

Life is Strange looks great on the iPad. GameSpot Searching for a new game to while away the weekend hours? Look no further than your beloved iPad, iPad Pro or […]

The post #parent | #kids | Looking for a new iPad game? These are the best ones we’ve played this year | #parenting | #parenting | #kids appeared first on National Cyber Security.

View full post on National Cyber Security

One year of love during the pandemic | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

There’s no doubt the COVID-19 pandemic has left many students feeling isolated and disconnected. But against all odds, some UNC students have been able to find love.  But navigating relationships […]

The post One year of love during the pandemic | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

Amateur to professional in a year: student photographer follows passion | #Education | #parenting | #parenting | #kids

Source: National Cyber Security – Produced By Gregory Evans

Junior Anthony Lupi is pur­suing a career in pho­tog­raphy.Courtesy | Anthony Lupi Feet shuffle, fans roar, and a man in Hillsdale blue-and-white leaps for an impressive dunk — Hillsdale is up two […]

The post Amateur to professional in a year: student photographer follows passion | #Education | #parenting | #parenting | #kids appeared first on National Cyber Security.

View full post on National Cyber Security

These Mumbai teenagers made Rs 4.5 lakh in a year with their customised gifting startup | #socialmedia | #children | #parenting | #parenting | #kids

Source: National Cyber Security – Produced By Gregory Evans

These Mumbai teenagers made Rs 4.5 lakh in a year with their customised gifting startup | #socialmedia | #children | Parent Security Online ✕ VIEW […]

The post These Mumbai teenagers made Rs 4.5 lakh in a year with their customised gifting startup | #socialmedia | #children | #parenting | #parenting | #kids appeared first on National Cyber Security.

View full post on National Cyber Security

#onlinedating | As if Thanksgiving Wasn’t Stressful Enough This Year | #bumble | #tinder | #pof | romancescams | #scams

Source: National Cyber Security – Produced By Gregory Evans

[ad_1] I was just informed that my sister’s boyfriend will be joining us for Thanksgiving. They’ve been going out for two years. I don’t like him and my other sibling downright hates him. Any other year, we could deal with this fairly easily; we have a big extended family. But this year, only immediate family […]

The post #onlinedating | As if Thanksgiving Wasn’t Stressful Enough This Year | #bumble | #tinder | #pof | romancescams | #scams appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | A Well-Equipped Security Team Could Save You Millions of Dollars a Year

Source: National Cyber Security – Produced By Gregory Evans

Data breaches are expensive. By now, most organizations are well aware of this fact. When it comes to resource planning, however, SecOps teams need concrete data to ensure adequate funding is available to handle a breach. 

Taking a look at recent breaches and industry analysis can help. 

The Financial Cost of a Data Breach Is Rising

IBM conducts an annual “Cost of a Data Breach” study as the basis for a global analysis of the cost impact of data breaches. According to the study, the average cost of a data breach in the U.S. is growing:

·  2017: $7.35 million

·  2018: $7.91 million

·  2019: $8.19 million

Between 2017 and 2019, the average financial impact of a data breach at a U.S. based company rose 10 percent. Companies that experience “mega breaches” involving millions of records can expect to pay anywhere from $40 million to $350 million to clean up the mess. 

IBM expects these figures to continue climbing in the coming year. 

What factors impact the cost of a data breach?

A data breach is not limited to a single incident to be mitigated in just a few days. IBM estimates that it takes companies an average of 280 days to fully recover from a breach. Responding to these breaches extends beyond addressing the root cause of the hack. 

Companies must satisfy notification requirements, preserve affected documents and logs, and address potential PR concerns. If the breach involved PHI (protected health information) or identifying information like Social Security Numbers, the response becomes even more complicated. Most companies will need to hire outside legal consultants to ensure a proper response has taken place.

Beyond these immediate issues, companies that experience a data breach will face “long-tail” costs, those occurring beyond a year year after a breach. These costs include class action lawsuits, regulatory fines, and the potential loss of customers who have lost trust in the company. IBM estimates that lost business accounts for 36 percent of the average total data breach cost.

Proactive Companies Fare Better

Not only will the cost of a data breach increase, so will the odds that a given company will experience a breach. 

Companies are more than 30 percent more likely to experience a breach in the coming years, according to IBM. The Herjavec Group estimates that a ransomware attack will affect a new business every 11 seconds by 2021. 

The risk of a data breach is not a vague threat intended to scare companies into investing more in backend security response. The risk is simply the reality companies must overcome to protect their clients’ data and their own future success. Bad actors are here to stay, unfortunately, and they are becoming savvier all the time. 

Still, companies can make proactive decisions to reduce the risk of a data breach. Key actions that can help include:

·  Establishing in-house incident response capabilities

·  Integrating advanced machine-learning AI into security platforms

·  Increased cybersecurity education for all employees

·  Creating DevSecOps teams who address data security from the start of the development process

IBM estimates that the presence of an in-house incident response team has a significant impact on reducing data breach costs. Using incident response teams can reduce the cost of a data breach by an average of 10.5 percent, a figure that can save companies hundreds of thousands of dollars. 

Next Steps

Don’t wait until you’re in response mode to come up with a data security strategy. MixMode’s third-wave, machine-learning AI detects vulnerabilities before they attract bad actors, giving our clients the upper hand when it comes to cybersecurity. 

Why is machine learning better?

Machine learning is a subset of AI that adds automation and intelligence to computer programs. A music platform that can predict which songs and artists a listener will likely enjoy is one example of machine learning at work.

MixMode takes the concept of machine-learning a few steps further. Not only could our context-aware AI make accurate song predictions, but it could also actually create original music compositions in the same vein. 

While today’s hackers and cybercriminals are often well-versed in typical machine-learning AI, MixMode’s unique context-aware AI is a world apart. 

Our platform takes a deep dive into your network to develop a baseline level of knowledge it will use to evaluate network anomalies. The result is at least a 12 percent reduction in the cost of detecting and responding to data breaches. That’s what happens when SecOps teams don’t have to wade through a mountain of false positives to address real issues. 

Learn how MixMode can ensure your organization won’t become the next company to make the news thanks to a data breach. Reach out to MixMode today to set up a demo. 

MixMode Articles You Might Like:

Network Data: The Best Source for Actionable Data in Cybersecurity

Using the MixMode query language to integrate with Splunk

3 Cyberthreats Facing Federal and State Governments in 2020

Staying CCPA Compliant with MixMode’s Unsupervised AI

5 Cybersecurity Threats That Will Dominate 2020

Wire Data: What is it Good For?

Yesterday’s SIEM Solutions Can’t Combat Today’s Cyberthreats

Source link

The post #cybersecurity | #hackerspace |<p> A Well-Equipped Security Team Could Save You Millions of Dollars a Year <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Emotet attacks— a spike to start the year…

Source: National Cyber Security – Produced By Gregory Evans

The Emotet malware is a very destructive banking Trojan that was first identified in 2014. Over the years it has evolved with new capabilities and functionalities, prompting cybersecurity agencies like the Australian Cyber Security Centre and US-CERT to issue advisories. Emotet malware generally spreads via malicious documents that drop a modular Trojan bot, which is used to download and install additional remote access tools. We wrote a blog post in January 2019 about how the malware had changed tactics, leading to a spike in the number of Emotet malware attacks. In the last week, we have observed a spike in the number of Emotet malware transactions across our customer base. US-CERT has also issued a fresh advisory regarding the recent spate of attacks. 

Our research has discovered that the Emotet malware is still very active and continues to be one of the most destructive malware attacks. The malware has evolved through the years, and the actors behind Emotet have used the infected endpoints to build out a formidable botnet that is used to distribute multiple malware families such as Trickbot and Dridex, as well as ransomware such as Ryuk.

 

After taking a break through the holiday season in 2019, Emotet malware attacks have restarted in 2020, this time targeting the financial services industry. Similar to previous versions, the Emotet malware is only just the initial attack vector used to launch the attack. The attack is initiated with a malicious Microsoft Word document that is designed to be downloaded and opened by the user. Once opened, the malicious macro executes and contact is made with the command-and-control server to initiate the next stage of the attack.  

 

Menlo Security Research analyzed the topics listed below to gain a better understanding of this most recent Emotet malware attack. Data for this analysis was obtained from the Menlo Security Cloud Platform, which supports millions of users across all industries, including financial services, educational institutions, and the military. In addition to analyzing the Emotet document macro and loader, the analysis breaks down the following for this most recent Emotet malware attack spike and shows the distribution of the industries affected.

  • Emotet Kill Chain
  • Industries targeted
  • Distribution of Emotet hosting domains
  • Emotet controller IP distribution

 

Background

Recent news shows that Emotet infections have crippled daily operations in a number of organizations. Emotet usually propagates in bursts, through delivery of malicious documents via mass compromised websites. Each infected host is then used to build out a botnet. The Menlo Security Research team noticed a spike in Emotet malware activity in January 2020. This spike was detected through our cloud isolation platform, which renders email attachments and websites visited from emailed links remotely, eliminating the possibility that malicious documents would reach an end user’s computer.  

 

The spike in activity occurred during January 14–22, affecting customers using our isolation service in the United States, Europe, and Asia. The following chart shows a spike in the number of Emotet document requests from January 14–22, 2020. 

 

The chart above shows a Spike in Emotet Malware Detected

 

The Emotet Kill Chain

Like other Emotet malware versions, this recent attack also used malicious macros in a Microsoft Word document. The emails were crafted to appear as legitimate banking or financial transactions. Some examples of the subject lines used in this most recent campaign are given below.

 

Picture 2

Picture 3

The January 2020 campaign appeared to follow the kill chain similar to the attacks observed in late 2019. The initial attack is used only to gain a foothold in the network and establish contact with the command-and-control server. Once in place, additional malware is downloaded and the malware attempts to spread to other computers on the same network.

 

Emotet Malware Kill Chain

Picture 4

 

From the above flow, we can divide the Emotet kill chain as follows:

  • Hosting of malicious documents via compromised websites.
  • Every malicious document has an embedded macro with a list of stage one URLs to try (usually three or four in the list, depending on the sample).
  • The Emotet loader establishes a command-and-control channel by selecting a server IP from a list of built-in C2 IP addresses.

 

Distribution and Infrastructure

Our data shows that the January 2020 campaign targeted financial services companies primarily in the United States. The following charts show the industry/vertical distribution and regions where these requests came from. Other industries and geographies were included in the attack, though to a far lesser degree.

Picture 5

 

One of the techniques that Emotet malware uses is to distribute itself through other compromised legitimate websites, essentially creating new zero-day attacks. This makes the malware particularly difficult to protect against since the source of the malware is constantly changing. The following chart categorizes the distribution of the initial delivery URLs that served the malicious documents. The data shows very clearly why Emotet malware continues to evade security defenses and wreak havoc: 76 percent of the URLs used to distribute Emotet malware are actually categorized as safe by the leading threat intelligence databases. Some of the compromised websites were from academic institutions. This means that security products would not block or prohibit users from accessing and downloading content from these sites. Fortunately, Menlo Security customers were fully protected, because these malicious sites would have been viewed in isolation—completely protecting the end user.

Picture 6

 

Malicious Document Macro

Once the embedded macro inside the document is enabled, it spawns PowerShell to try a list of URLs to fetch the initial Emotet loader. Some observations of the macro behavior:

  • The macro constructs the PowerShell command by decoding data from a user form.
  • The PowerShell code is stored as a “Tag” property of a frame in the user form, and this frame is used to mask the other elements in the user form.
  • The PowerShell code that finally gets executed is Base64 encoded, which tries to download the Emotet loader by trying a list of URLs.
  • Uses Net.WebClient.DownloadFile to download the URL and [Diagnostics.Process]::Start to start the process if the download was successful.

Picture 7

 

Current Emotet Loader and Controller Infrastructure

Further analysis shows that the January 2020 Emotet malware was a far-reaching campaign that was executed through multiple networks. A concentration of IP addresses occurred in certain countries with global financial centers.

Picture 8

 

The final Emotet bot that gets dropped is usually a modular Trojan that establishes a command-and-control channel by choosing an IP from a list of IP addresses in its config file. The Emotet loader is very well researched and documented, so we will not get into the inner workings of this bot here. Some of the variations we observed:

  • We noticed that the initial dropper copies itself to “SysWOW64” and is invoked with a parameter that looks like a random number (–94737736).
  • Other characteristics exhibited were typical of a standard Emotet loader:
    • Extract system information, enumerate running processes (CreateToolhelp32Snapshot), bundle it using protobuf, and encrypt using an AES key (which is secured with an embedded RSA public key).
  • The encrypted POST request to the C2 IP seems to use a randomly generated string param that is form-urlencoded, which seems to be a slight change from previous payload URL patterns.
  • In some of the controller IPs, we observed HTTP traffic being sent over port 443.
  • A sample encrypted C2 payload is shown below:

Picture 9

 

Conclusion

The Emotet malware has built a formidable infrastructure over time and can be destructive to an organization if not mitigated in a timely manner. Its techniques of leveraging multistage attacks and distributing malicious code through legitimate websites make the Emotet malware particularly hard to prevent with traditional security products that rely on signatures or threat intelligence.

 

To protect against Emotet malware attacks, enterprises should:

  • Be wary of macro-enabled, untrusted Office documents.
  • Vet PowerShell execution policies for Windows users in an organization.

For threat response teams: Keep a close watch on the techniques used by the Emotet actors; https://attack.mitre.org/software/S0367/ has a specific ATT&CK framework page for Emotet.

 

Email and web isolation can provide complete protection from Emotet malware by inserting a secure, logically air-gapped execution environment in the cloud between the user and the malware. By executing sessions away from the endpoint and delivering only safely rendered information to devices, users are protected from malware and malicious activity. The result is that Emotet malware cannot infect a device it cannot reach. Isolation eliminates the possibility of malware reaching user devices via compromised or malicious websites, email, or documents. This approach is not detection or classification; rather, the user’s web session and all active content (JavaScript, Flash, etc.)—whether it’s good or bad—is fully executed and contained in a remote web browser in the cloud. Menlo Security has helped hundreds of Global 2000 companies and major government agencies use isolation to protect against Emotet and other malware, as well as phishing attacks, drive-by exploits, and other web- and email-based attacks.

Contact Menlo Security today to learn more about the Menlo Security Secure Internet with an Isolation Core™.

 

Source link

The post #cybersecurity | #hackerspace |<p> Emotet attacks— a spike to start the year… <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#comptia | Samsung hopes 5G will save its slumping profits this year

Source: National Cyber Security – Produced By Gregory Evans

Samsung Electronics just released fourth-quarter earnings that told much the same story as the rest of 2019. Revenue was more or less flat year-on-year — up 1 percent to 59.9 trillion won ($50.7 billion) — while operating profit slid 34 percent to 7.1 trillion won ($6 billion).

The primary reason for the decline remains the fall in prices of memory chips, Samsung’s biggest profit driver in recent years. The display panel business also saw profits fall year-on-year due to weak demand. The mobile division, on the other hand, did better than a year ago, with Samsung calling out “solid” flagship sales and the profitability of phones like the Galaxy A series.

Samsung is hoping that the wider adoption of 5G in 2020 will improve its numbers more or less across the board. The 5G upgrade cycle is likely to help the mobile division, of course, but Samsung notes it should be able to increase memory sales to handset manufacturers and data center companies. The company also plans to develop integrated 5G chips for mass-market smartphones, and expects demand for its OLED displays and high-resolution phone camera sensors to increase.

Samsung cautions, however, that the “actual pace of 5G expansion … remains to be seen,” which probably isn’t the last time we’ll hear that in a tech company’s forecasts this year. How that shakes out in practice is going to have a major effect on Samsung in particular over the next year, since so many areas of its business are involved directly or indirectly.

Source link

The post #comptia | Samsung hopes 5G will save its slumping profits this year appeared first on National Cyber Security.

View full post on National Cyber Security

#nationalcybersecuritymonth | Job Growth Continues For 10th Consecutive Year

Source: National Cyber Security – Produced By Gregory Evans

The U.S. economy continues its upward trajectory with 145,000 jobs added in December. This makes for a decade of steady payroll growth, which is the longest stretch in 80 years, according to a report by The Wall Street Journal.

Unemployment remained at a 50-year-low level, at 3.5 percent, and wages in the private sector went up almost 3 percent from a year before, which is the smallest gain since July 2018.

Andrew Chamberlain, an economist at job search site Glassdoor Inc., said the slowing wage growth is a disappointing measurement because the job growth is “setting the stage for more robust hiring as we enter the 2020s.”

With all the bright spots, wage growth “remains the one aspect of the job market that hasn’t fully recovered during the decade since the Great Recession,” he said.

The data shows that while many Americans can find employment, the jobs don’t necessarily pay high wages. Some of the large growth in retail jobs can be attributed to the holiday shopping season.

Last year, employers added 2.11 million jobs, down from 2.68 in 2018, putting 2019 in eighth place over the last decade. The hiring slowdown was indicative of employers’ difficulty in finding enough workers, as well as worldwide economic trepidation and lingering effects of the 2018 tax cuts.

Non-farm payrolls for women exceeded those for men for the first time since 2010, which shows impressive growth in the healthcare and hospitality industries, fields that have larger numbers of female workers, and is indicative of future trends.

Retail locations added 41,200 jobs, which is the biggest jump in that sector since January 2017. Construction also had a good month, adding 20,000 workers. Warehousing, transportation and manufacturing all saw their numbers shrink.

The unemployment rate is at its lowest since 1969.

——————————–

Upcoming PYMNTS Virtual Event:

Join PYMNTS CEO, Karen Webster and Amy Parsons, SVP of Global Acceptance, Discover Financial Services on Monday, January 13, 2020 at 1:00 PM (ET) to learn the ways merchants can meet consumer expectations with payments technology available today — and how they can prepare for the future.

Source link

The post #nationalcybersecuritymonth | Job Growth Continues For 10th Consecutive Year appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | WFP Global Hotspots 2020: Potential flashpoints to look out for in New Year – World

Source: National Cyber Security – Produced By Gregory Evans

World Food Programme forecasts global hunger hotspots as a new decade dawns

Rome – Escalating hunger needs in sub-Saharan Africa dominate a World Food Programme (WFP) analysis of global hunger hotspots in the first half of 2020 with millions of people requiring life-saving food assistance in Zimbabwe, South Sudan, the Democratic Republic of Congo and the Central Sahel region in the coming months. The sheer scale and complexity of the challenges in Africa and other regions will stretch the resources and capacity of WFP and other agencies to the limit. Ramping up the humanitarian response will again require the generous support of donor governments to fund the assistance required to save lives and support development.

“WFP is fighting big and complex humanitarian battles on several fronts at the start of 2020,” said David Beasley, Executive Director of WFP. “In some countries, we are seeing conflict and instability combine with climate extremes to force people from their homes, farms and places of work. In others, climate shocks are occurring alongside economic collapse and leaving millions on the brink of destitution and hunger.”

The WFP 2020 Global Hotspots Report highlights grave challenges in sub-Saharan Africa over the next six months with Zimbabwe, South Sudan, the Democratic Republic of Congo and the Central Sahel region standing out when it comes to the needs of hungry children, women and men. The WFP report notes that amidst an imploding economy, the situation in Zimbabwe is increasingly precarious as the country enters the peak of its “lean season” when food is at its most scarce and the number of hungry people has reached its highest point in a decade. WFP is planning assistance for more than 4 million people in Zimbabwe as concerns grow that the impact of a regional drought could drag yet more countries down in the first months of the year.

“Last year, WFP was called upon to bring urgent large-scale relief to Yemen, Mozambique after Cyclone Idai, Burkina Faso and many other crises to avert famine,” said Margot Van Der Velden, WFP Director of Emergencies, “But the world is an unforgiving place and as we turn the page into 2020 WFP is confronting new, monumental humanitarian challenges that we need to address with real urgency.”

A rapidly evolving crisis in Haiti is of deep concern at the turn of the year as escalating unrest paralyzes the economy, driving food prices out of reach of many people (+40% between October 2018 and October 2019). According to a recent IPC survey on food insecurity, this has left 3.7 million people – or one-third of the population – in need of assistance

In Asia, Afghanistan faces insecurity combined with drought, leaving more than 11 million people – over a third of the country’s population – severely food insecure.

In the Middle East, WFP can look back on its success in Yemen where it scaled up by 50% from providing food assistance to 8 million people a month at the beginning of 2018 to 12 million by the end of the year. As it looks forward into 2020, WFP remains alert to growing food needs in Iraq and Lebanon, where civil unrest and macro-economic crisis are leading to an increase in food insecurity.

WFP estimates it will require more than US $10 billion to fully fund all its operations in more than 80 countries around the world in 2020.

“Every year at WFP we plan ahead for the next 12 months and ask for support from the generous governments, private sector institutions and members of the public who help us reach our humanitarian and development goals,” said Beasley. “As an agency that depends entirely on voluntary donations, we have a responsibility to show WFP can continue to be the most efficient and effective global organization delivering the kind of food assistance that saves lives and changes lives across the world.”

Photos of Hunger Hotspot countries available here

The United Nations World Food Programme is the world’s largest humanitarian organization, saving lives in emergencies, building prosperity and supporting a sustainable future for people recovering from conflict, natural disasters and the impact of climate change.

Follow us on Twitter @wfp_media

For more information please contact (email address: firstname.lastname@wfp.org):

Frances Kennedy, WFP/ Rome, Tel. +39 06 6513 3725, Mob. +39 346 7600 806

Anne Poulsen, WFP/Copenhagen Mob. +45 40 50 3993

Bettina Luescher WFP/ Geneva Berlin, Mob. +49 160. 9926 1730

Steve Taravella, WFP/Washington, Tel. +1 202 653 1149, Mob. +1 202 770 5993

Source link
——————————————————————————————————

The post #deepweb | <p> WFP Global Hotspots 2020: Potential flashpoints to look out for in New Year – World <p> appeared first on National Cyber Security.

View full post on National Cyber Security