Cyber Daily Report

Related News

Nahamani.org

Cyber Security and Small Businesses: How to Set Your Brand Up for Long-Term Success

Kelsey
Published date: 2021-11-29 14:21:00

Learn about cyber security and how you can leverage your firm's efforts to protect your customer's non-public information.

If you are like most, you are wondering where to start. Recently, the Nahamani.org team sat down with Eku Williams, Senior Manager of Vulnerability & IT Audit at CyberSure LLC, to discuss cyber s… [+4352 chars]

bdnews24.com

A tech whistle-blower helps others speak out

None
Published date: 2021-11-29 09:20:15

Last month, Gov Gavin Newsom of California signed a bill to expand protections for people who speak up about discrimination in the workplace.

A new website arrived to offer tech workers advice on how to come forward about mistreatment by their employers. And Apple responded to a shareholder proposal that asked it to assess how it used con… [+8160 chars]

The Drum

National Computer Security Day: how can data help to deliver a better user journey? - The Drum

Natasha Kingdon
Published date: 2021-11-29 08:00:56

Privacy has never been more of a trending topic. Companies and individuals are demanding greater control over their privacy and navigating a new unknown with hybrid and flexible remote working, all while walking uncertain paths surrounding how trust and safet…

Yahoo Entertainment

iZafe Group Q3 Interim Report, July-September 2021

ACCESSWIRE
Published date: 2021-11-29 07:50:00

STOCKHOLM, SWEDEN / ACCESSWIRE / November 29, 2021 / iZafe Group (STO:IZAFE-B)Stockholm, Sweden - iZafe Group AB (publ.) (NASDAQ First North: IZAFE B...

STOCKHOLM, SWEDEN / ACCESSWIRE / November 29, 2021 / iZafe Group (STO:IZAFE-B) Stockholm, Sweden - iZafe Group AB (publ.) (NASDAQ First North: IZAFE B) - today November 29, releases its Q3 Interim R… [+10492 chars]

iTnews

Westpac rolls out new banking app to Android users

None
Published date: 2021-11-29 01:38:36

After iOS launch earlier this year.

Westpac is making the Android version of its new mobile banking app generally available following a successful trial that involved more than 20,000 customers. The upgraded app offer users a faster p… [+1247 chars]

Geeksaresexy.net

Cyber Monday Deals on Course Bundles – Learn Something New at a Ridiculously LOW price!

Geeks are Sexy
Published date: 2021-11-29 01:13:25

Looking to learn something new to end the year? We’re currently holding our Cyber Monday sale over at the Geeks are Sexy store and we’re offering an EXTRA 70% off (with promo code CMSAVE70) on all our online course bundles! Learn all about computer security, …

securityboulevard.com

Crypto Mining Hackers vs. Cloud Computing—Google States the Obvious

Richi Jennings
Published date: 2021-11-29 00:00:00

None

Google’s new Cybersecurity Action Team (CAT) would like you to know that insecure cloud instances can be hijacked by hackers. And the #1 workload they use to steal your CPU time is cryptocurrency mining.

securityboulevard.com

Monitor Privilege Escalation Risk of Identities from AWS Security Hub, with Integration from Sonrai

None
Published date: 2021-11-29 00:00:00

None

AWS Security Hub is a cloud security posture management service that performs automated, continuous security best practice checks against your AWS resources. It aggregates your security alerts (findings) in a standardized format so that you can easily take action. Security Hub makes it simple to understand and improve your security posture with automated integrations to AWS partner products.

securityboulevard.com

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

None
Published date: 2021-11-29 00:00:00

None

Mental health at work is undergoing a rapid transformation. Even before the COVID-19 pandemic, which has caused an increase in feelings of loneliness and isolation, workers’ mental health was under pressure.

securityboulevard.com

5 High-Risk Vulnerabilities In E-Commerce Applications

None
Published date: 2021-11-29 00:00:00

None

securityboulevard.com

Debunking Myths About CMMC 2.0

Ed Bassett
Published date: 2021-11-29 00:00:00

None

The cybersecurity world remains dynamic. On November 4, 2021, the <a href="https://www.defense.gov/News/Releases/Release/Article/2833006/strategic-direction-for-cybersecurity-maturity-model-certification-cmmc-program/" target="_blank" rel="noopener">Department of Defense (DoD) posted an update to its Cybersecurity Maturity Model Certification (CMMC) initiative</a>, announcing program changes dubbed CMMC 2.0. These changes were driven by a tremendous amount of industry input; taken into consideration during the DoD’s review of the program over the past six months. The announced changes will impact the actions of DoD contractors as well as the service provider and vendor ecosystem that supports the defense industrial base (DIB).

securityboulevard.com

Securing Corporate Philanthropy on Giving Tuesday

Christopher Burgess
Published date: 2021-11-29 00:00:00

None

Tomorrow, November 30, is Giving Tuesday, a day of emphasis on charitable giving both by individuals and organizations and enterprises. The <a href="https://www.givingtuesday.org/about/" target="_blank" rel="noopener">Giving Tuesday movement came into being in 2012</a> to encourage generosity and charitable giving year-round; the Tuesday after the U.S. Thanksgiving holiday is officially designated Giving Tuesday. You’ve no doubt encountered myriad nonprofit organizations clamoring for your donated dollars. In 2020, Americans contributed more than $471 billion to charities, according to the Giving USA Foundation’s annual report on philanthropy.

securityboulevard.com

Réduisez les coûts de stockage des données en vous débarrassant des données obsolètes [Estimateur d’économies]

None
Published date: 2021-11-29 00:00:00

None

securityboulevard.com

Cyber Security Predictions for 2022

None
Published date: 2021-11-29 00:00:00

None

<div class="bt_bb_wrapper"> <a href="https://www.k2io.com/wp-content/uploads/2021/11/closeup-developing-programming-coding-technologies-developer-working-web-sites-codes-office.jpg"><img loading="lazy" class="alignright size-full wp-image-3796" src="https://www.k2io.com/wp-content/uploads/2021/11/closeup-developing-programming-coding-technologies-developer-working-web-sites-codes-office.jpg" alt="" width="400" height="266" srcset="https://www.k2io.com/wp-content/uploads/2021/11/closeup-developing-programming-coding-technologies-developer-working-web-sites-codes-office.jpg 400w, https://www.k2io.com/wp-content/uploads/2021/11/closeup-developing-programming-coding-technologies-developer-working-web-sites-codes-office-320x213.jpg 320w" sizes="(max-width: 400px) 100vw, 400px"></a> As we approach the end of 2021, all of us at K2 Cyber Security want to wish you and your families the best holiday season and new year, especially after the almost two years of living with the COVID-19 pandemic. This last year was especially challenging as we finally developed a vaccine and thought things were getting back to normal, only to have repeated lockdowns and restrictions on travel. On the IT front, organizations that were forced to <a href="https://www.k2io.com/consumption-of-public-cloud-is-way-ahead-of-ability-to-secure-it/">accelerate their digital transformation in 2020</a>, found they had to continue to rely on their cloud infrastructure as many of their employees continued to adapt and move to a hybrid work model. Many organizations found that the cyber criminals were working from home as diligently as they expected of their own employees. All types of <a href="https://www.k2io.com/more-cyberattacks-in-the-first-half-of-2020-than-in-all-of-2019/">cyber attacks increased during the pandemic</a>. With that backdrop, as we approach the end of 2021, we’d like to present our predictions for 2022 for the application security community. It would be easy to just predict that cyber attacks will continue to increase, that we’ll find more vulnerabilities in production code (<a href="https://www.k2io.com/on-track-for-fifth-record-year-in-a-row-for-vulnerabilities/">after four record years and probably a fifth</a>), and that ransomware will exact a record-setting payment from an organization in the coming year. Instead, we’ll focus on three predictions that are probably a little less likely, but ones we may still actually see come to pass in the coming year. Prediction #1: Even as attacks get more sophisticated, some of the worst breaches in 2022 are going to come from simpler, well-known vulnerability attack vectors. We’ve seen well-known vulnerabilities continue to be exploited by attacks. It’s why in the most recent <a href="https://www.k2io.com/owasp-working-group-releases-draft-of-top-10-web-application-risks-for-2021/">2021 revision of the OWASP Top 10 Web Application Risks</a>, common vulnerabilities like <a href="https://www.k2io.com/learning-more-about-sql-injection/">SQL Injection</a>, <a href="https://www.k2io.com/sql-injection-xss-and-rce-top-list-of-vulnerabilities-in-internet-facing-applications/">Remote Code Execution</a>, and <a href="https://www.k2io.com/learning-more-about-cross-site-scripting/">Cross Site Scripting</a> continue to be part of the list (even if they’ve been lumped into broader categories). It’s the simple vulnerabilities that seem to continue to persist in code writing, and why organizations need to focus both on improving <a href="https://www.k2io.com/devops-vs-devsecops-what-is-the-difference/">DevSecOps</a> and <a href="https://www.k2io.com/what-is-rasp-and-why-should-you-care/">runtime application security</a>. Prediction #2: With the rise of popularity of cryptocurrency, the major breach of 2022 will not be of data, but instead involve the loss of cryptocurrency. With the rise of the popularity of cryptocurrency we’ve seen a number of new trading platforms launched, and the associated applications developed and released to support trading of cryptocurrency, payment by cryptocurrency, and savings accounts for cryptocurrency. This rush to cash in on the fad of cryptocurrency almost guarantees that some corners were cut in application development, meaning there are bound to be some vulnerabilities out there waiting to be exploited. We’ll be bold and predict that one of these applications will get exploited, leading to a major loss of cryptocurrency. Prediction #3: We’ve seen the move to shift left, in the coming year we’ll see a move to shift right, where there will be an increased spend in securing applications running in production. Many organizations rushed to “shift left” as that phrase gained popularity, moving security testing and secure coding earlier into application development. Even as money poured into these areas, it was obvious that the focus on security for applications running in production seemed to wane in the past couple of years. As attacks continue to increase, we predict that we’ll see an increase in spend on application security for applications running in production, essentially a shift back to the right. Looking Forward to 2022 To sum up our predictions, 2022 will be the year that security comes back into focus (since some companies previously switched their IT personnel from security to enabling work-from-home) as a priority for organizations. Protecting the attack surface will regain attention, as attacks continue to increase. With the increase in attacks, the continued need for a hybrid worker, and the ongoing digital transformation of organizations around the world, application security will become a key focus in the coming year. To learn more about how to make your organization’s applications more secure for the coming year, <a href="https://www.k2io.com/~k2csecur/schedule-a-demo">request a demo</a>, or <a href="https://www.k2io.com/contact/">contact us for a meeting</a> <header> <hr> </header> <a href="https://k2io.com/schedule-a-demo/"><img loading="lazy" class="alignright wp-image-1300" src="https://www.k2io.com/wp-content/uploads/2020/03/Schedule-A-Demo.png" alt="" width="300" height="78" srcset="https://www.k2io.com/wp-content/uploads/2020/03/Schedule-A-Demo.png 510w, https://www.k2io.com/wp-content/uploads/2020/03/Schedule-A-Demo-320x83.png 320w" sizes="(max-width: 300px) 100vw, 300px"></a><a href="https://www.k2io.com/free-trial"><img loading="lazy" class="alignleft wp-image-1299" src="https://www.k2io.com/wp-content/uploads/2020/03/Get-A-Free-Trial.png" alt="" width="298" height="78" srcset="https://www.k2io.com/wp-content/uploads/2020/03/Get-A-Free-Trial.png 508w, https://www.k2io.com/wp-content/uploads/2020/03/Get-A-Free-Trial-320x84.png 320w" sizes="(max-width: 298px) 100vw, 298px"></a> </div>

therecord.media

Tencent bows to Beijing’s pressure, opens WeChat groups to social media rivals

Dina Temple-Raston
Published date: 2021-11-29 00:00:00

None

Chinese internet giant Tencent <a href="https://mp.weixin.qq.com/s?__biz=MzU5NDYyMTk4NQ==&mid=2247484326&idx=1&sn=54571ce962580bd7ea5032ffac170cac&chksm=fe7f20e8c908a9fea2d61d5995e2abe22afcbb72332c419250001d62feddda119859034e1b93&mpshare=1&scene=1&srcid=1129ycnNQDrnFo5uy5f9fUJJ&sharer_sharetime=1638181431820&sharer_shareid=f4509c08721c31a03942f05303e13fe2&exportkey=A786rRFKYNX1EoAbPgVsNgE%3D&pass_ticket=M8axzX3Ux7voMFQr5nTZGw2WiKtunzS2bZSykVtmZYyWKyqqa0Hg4Xfp7PV7L9ox&wx_header=0#rd" target="_blank" rel="noreferrer noopener nofollow">said on Monday</a> that it will allow more content from third-party social media rivals to open directly within its popular WeChat app, bowing to pressure from the central government, which has pushed for more interoperability among China’s Big Tech companies.

www.securitymagazine.com

CISA Office for Bombing Prevention provides counter-IED training

David Mussington
Published date: 2021-11-29 00:00:00

None

<div class="body gsd-paywall article-body"> November marks Infrastructure Security Month, a nationwide effort to recognize and remember the importance of infrastructure security. One of the most important critical infrastructure priorities today is preventing the use of improvised explosive devices (IEDs) and protecting facilities against IED attacks. Created in response to terrorism events around the globe, <a href="https://www.cisa.gov/office-bombing-prevention-obp" rel="noopener noreferrer" target="_blank">CISA’s</a> Office for Bombing Prevention (CISA OBP) plays a leading role in protecting the United States against bombing incidents by enhancing security and resilience at all levels of government, across the private sector and among the public. Central to CISA OBP’s strategy for building nationwide counter-IED security and resilience is its nationally accredited Counter-IED Training and Awareness Program, known simply as OBP Training.Training is an integral layer of security and resilience programs. Successful security and resilience programs all share a major, common trait: quality training that is designed and used to effectively prevent, protect against, respond to or otherwise mitigate impacts of harm. Since its establishment 15 years ago, CISA OBP’s counter-IED (C-IED) and risk mitigation training has been employed by emergency responders and receivers, security professionals, private sector corporations, as well as the public and has played a prominent role in preparations to protect many U.S. traditions and locations, including the Super Bowl, Boston Marathon and Macy’s Thanksgiving Day Parade, just to name a few. <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> CISA OBP develops and delivers a diverse curriculum of accredited training and decision-support tools to build nationwide C-IED capabilities across the preparedness spectrum — from prevention to response. The <a href="https://www.cisa.gov/bombing-prevention-training-courses" rel="noopener noreferrer" target="_blank">training courses</a> cover a wide range of topics, including IED Awareness, VBIED Detection, C-IED Suspicious Activity and Surveillance Detection, IED Protective Measures, Bomb Threat Management, IED Search Procedures and how to build Security and Resilience for Bombing Incidents.Training is conducted in-person (both residentially and via a Mobile Training Team), through distance learning options (virtual instructor-led and web-based independent study) via the internet, and train-the-trainer formats to meet stakeholder needs. Recipients include state and local law enforcement, first responders and first receivers, private sector stakeholders, U.S. Government departments and agencies and the general public. CISA OBP is accredited by the International Accreditors for Continuing Education and Training (IACET) and is authorized to issue IACET continuing education units (CEUs).Cumulatively, CISA OBP’s training programs have equipped more than 140,000 participants in more than 100 major U.S. cities across 53 states and territories with the tools they need to counter-IED threats. Mobile training teams travel the country every week delivering performance-based training, while live instructors conduct virtual training for hundreds/thousands of participants to build counter-IED preparedness in every corner of the nation. CISA OBP has also exported its domestic work globally, through information sharing, training and assistance to partners across the globe. <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> <div class="fr-img-space-wrap"> <img src="/ext/resources/2021/11/29/Screenshot-%28116%29.png" style="display: block; float: none; vertical-align: top; margin: 5px auto; text-align: center;" alt="CISA Bomb Prevention Training">CISA OBP trainings to public and private entities play a vital role in countering IEDs across the U.S. Image courtesy of CISA </div>Over the past 18 months, complex challenges, due in large part to COVID-19, have caused many in-person and resident training programs to close their doors. CISA adapted by providing virtual options for those needing to meet annual training requirements and advance their security needs.“We were able to rapidly respond to the changing landscape and stakeholder needs by accelerating and expanding the online distance learning programs we already had in place,” says David Williamson, the Deputy Associate Director of OBP. “We recognized the need for distance learning options early on to meet stakeholder demand for virtual environment and independent study and those capabilities have proven invaluable.” CISA OBP has again begun to see demand for its in-person trainings, so it is traveling the country to teach best practices in countering IEDs.CISA OBP partners with the public and private sectors to tighten security across the country and world. Key among OBP’s capability and capacity building efforts is its Train the Trainer (TtT) program, a congressionally funded initiative focused on building an enduring capability to deliver OBP counter-IED and risk mitigation training by developing and producing a training cadre at the state, local and private sector levels. With its TtT program, OBP provides accredited trainings for organizations to train others on CISA OBP’s curricula. Once trainees complete their training, they are certified to train their workforce, which exponentially increases the preparedness of CISA OBP partners — and their stakeholders. <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> Just one key private sector partner is the Contemporary Services Corporation (CSC), which has worked with CISA OBP since 2019. “CSC is honored to participate in the TtT program and support the mission of OBP,” says Jay Brock, CSC’s Senior VP of Operations and Training. “The ability to train our staff in a program of this quality gives them additional tools to enhance our services to both our clients and our guests, while making public assemblies safer.” CISA OBP recently achieved a major new distinction when its TtT program received Block Designation from the Department of Homeland Security’s Office of SAFETY Act Implementation. This gave CISA OBP’s TtT program the designation of being a qualified anti-terrorism technology, which can be a major benefit for the organizations that it partners with. “Taking CISA OBP trainings is one important way that private sector companies can illustrate that they are taking the steps they need to take to mitigate against potential terrorist attacks,” says Curtis Tilley, Chief of CISA OBP’s Counter-IED Training and Awareness Branch. Such private firms can use the CISA OBP Block designation to help get certified under the Safety Act. This agility to train partners in the manner most conducive to them is critical in a dynamic threat environment. In 2020 alone, there were more than 12,000 explosive-related incidents and more than a 70% increase in domestic bombings, according to Department of Justice's U.S. Bomb Data Center. CISA OBP Training has played a crucial role preparing the nation to deal with this threat by training first responders, private sector corporations and the public on the best practices in bombing prevention. “I think you saved my life,” said Ms. Hailey Harris of Cambridge, MA. A Boston Marathon bombing survivor and beneficiary of OBP counter-IED training was inside a restaurant near the Marathon finish line. Reacting to the first explosion, she recalled OBP training tips that cautioned against the threat of secondary IEDs. “I said we are all staying put until we are told it is safe to evacuate… I was so thankful I knew what do to.” Those who listened to her commands and remained inside were safe when the second bomb exploded nearby. “The training from Homeland Security saved our lives,” she says.During Infrastructure Security Month, it is more important than ever for us to all get involved and do our part to keep each other safe. Major bombings can cause mass casualties; lead to hundreds of millions of dollars in damage; and cause cascading damage across vital physical and cyber infrastructure. Even hoaxes and bomb threats impose costs by disrupting commerce and drawing on precious law enforcement and first responder resources.All CISA OBP courses are free and educate public safety officials and private sector stakeholders on key strategies to prevent, protect against, respond to and mitigate bombing incidents. OBP also provides a range of videos and other materials online to enable people to recognize and report suspicious activity and take other action. For more information about OBP’s C-IED training offerings, email <a href="mailto:[email protected]">[email protected]</a> or <a href="http://www.cisa.gov/bombing-prevention-training" rel="noopener noreferrer" target="_blank">click here</a>.</div>

www.securitymagazine.com

5 minutes with Tracy Reinhold: Critical event management for enterprise resilience

Maria Henriquez
Published date: 2021-11-29 00:00:00

None

<div class="body gsd-paywall article-body"> Security speaks to <a href="https://www.everbridge.com/about/leadership/tracy-reinhold/">Tracy Reinhold</a>, Chief Security Officer (CSO) at Everbridge, about the importance of critical event management and enterprise resilience. Security: What is your background, current role and responsibilities? <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> Reinhold: I received my BA in History from the University of Maryland after serving as a United States Marine. I then joined the Federal Bureau of Investigation (FBI), where I served for 22 years. During my tenure, I transitioned to working on National Security matters following the 9/11 attacks and was promoted into the Federal Government’s Senior Executive Service in 2004. In 2006, I served as the head of the FBI’s operations in Kentucky and then was promoted into the Intelligence Division at FBI headquarters in Washington, D.C. Afterward, I became the Assistant Director of the Intelligence Division and finished my career as the Associate Executive Assistant Director for National Security. After retiring from the FBI, I served as a corporate officer for the Walmart Corporation and established their global investigations teams in the U.S., Asia, India, Africa and South America. In 2015, I became the first CSO for Fannie Mae and continued in that role until accepting the challenge of being the first CSO for Everbridge. As CSO, I am responsible for advancing the company’s enterprise-level security strategy, as well as working closely with customers and partners to optimize their organizational approach to managing and responding to critical events. I focus on providing strategic guidance and thought leadership by examining the industry and the organization to identify needs, risks and opportunities that will lead to a more resilient enterprise. Security: How can enterprises evaluate and benchmark enterprise resilience and preparedness?Reinhold: While there are many metrics to consider, the ability to recover from a business disruption is the most critical. Organizations should prioritize having a comprehensive crisis management strategy that evaluates impacts from both the brand and reputation perspectives. If an organization cannot map a clear path to recovery, it will not be able to meet the needs of its customers. Detection and prevention are also critical. It’s not enough to be successful in business — you also have to be successful in preparing and executing a defensive strategy for your network, customers and upstream and downstream dependencies, such as vendors. We find many companies will be very careful inside the four walls, but they can create vulnerabilities by not conducting due diligence on their upstream and downstream dependencies, whether they’re vendors, suppliers, or other stakeholders that they regularly interface with. <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> An often-overlooked part of security is the education of the employees of the organization. They are the first and best line of defense through the use of good information security practices. While harder to measure, the cross-functional ability of a company to enable enterprise resilience is a key indicator of an organization’s capacity to ensure a return to revenue quickly after a disruption. Security: What are the benefits of evaluating and benchmarking enterprise resilience?Reinhold: You can get ahead of threats by being informed and having the technological capabilities to actually take action on that intelligence once you’ve acquired it. So if you’re consistently in a reactive mode, you will eventually fail. By proactively reducing risk and vulnerability, we can create an environment that allows a company to be successful. At the end of the day, that’s our job. If a company is not successful, then we don’t have a job. If you can’t protect the organization and allow it to succeed from a revenue, brand and reputation perspective, the company ceases to exist, and everybody is looking for a new job. We’re finding now that security is integrating more into organizations and becoming a stakeholder in the success of a company. <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> Security: How can a critical event management program help organizations make better strategic data-driven decisions?Reinhold: Critical event management programs and technology are security functions that must be integrated into the core business. Preventative techniques such as this will go a long way in making organizations resilient and sustainable into the future. It’s imperative for organizations to have a critical event checklist: Do you know where your assets are? Do you have critical infrastructure backup out of the region? These things help you navigate through the crisis. Having situational awareness adds to your organization’s toolbox when you are actually faced with a critical event. Ask yourself, what are you doing as a team, whether it’s business continuity, resilience, security, whether digital security or physical security, to ensure that the company has the best opportunity to generate revenue and to be successful? This often means that the security professionals have evolved to become “students of the business,” understanding what’s critical to the company so that they know what they’re trying to protect. Additionally, security is slowly evolving from a cost center to a value center. This is a huge transformation most successfully completed by thinking and acting outside of the normal confines of security. Whether it’s identifying potential loss, risk and vulnerability, and then mitigating that in a way that resonates with the business, recognize how security adds value to the organization. In my previous roles, “left of boom” was super important. It does not negate your responsibilities when an event happens, but it’s so much better if you can prevent or mitigate the impact before the actual critical event. You can do that by leveraging intelligence, using that intelligence to inform your workforce about potential risk vulnerabilities so that you can position them to be more successful.</div>

www.securitymagazine.com

Why the threat of wire fraud is particularly high for private capital markets – and what’s being done to address it

Brian Twibell
Published date: 2021-11-29 00:00:00

None

<div class="body gsd-paywall article-body"> Most businesses and consumers today prefer digital channels as their preferred method of communication. We rely on things like email so much for example, that when we hit “send”, the last thing we often think about is whether someone is trying to scam us on the other side. However, business email compromise (BEC) is one of the fastest-growing forms of cybercrime and <a href="https://www.ic3.gov/Media/Y2019/PSA190910">is now a $26 billion scam</a> that targets businesses and individuals who conduct wire transactions. Cyber-attacks are problematic for all businesses but hit the financial services industry<a href="https://www.bcg.com/publications/2019/global-wealth-reigniting-radical-growth"> 300 times harder than any other sector</a>. Private equity, venture capital, real estate, and other financial sectors that deal with large amounts of cash flow are at the most considerable risk when it comes to wire fraud. As fraudsters adapt to new technologies, they find more sophisticated ways to place themselves in the middle of high-value transactions. Unfortunately, most firms underestimate how easy it is to unknowingly compromise information and what the financial impact of impersonation actually is. <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> How Big Is The Issue?In 2020, the <a href="https://www.ic3.gov/Media/PDF/AnnualReport/2019_IC3Report.pdf">Internet Crime Complaint Center (IC3)</a> reported a 70% increase in cybercrime attacks from 2019, where complaints reported more than $4.1 billion in monetary losses. The most common cybercrime incidents reported were phishing, BEC, ransomware, and investment fraud, with BEC having the most significant impact. Importantly, the number of attacks and total monetary losses are likely much higher than what’s been reported, as there is a reputational incentive to keep these incidents private.BEC is the easiest method for fraudsters to scam businesses through “<a href="https://www.malvinfeinberg.com/2021/05/12/new-fbi-statistics-reveal-dramatic-increase-in-cybercrime/">social engineering or computer intrusion methods</a>.” For example, fraudsters target specific companies and their employees by email, impersonating trusted identities like the CFO or COO of organizations. Most cybercrime incidents begin with BEC, and payment requests not verified by parties in a transaction can result in money transferring into the wrong hands. Between 2016 to 2019, the impact of BEC cost financial enterprises over <a href="https://www.jpmorgan.com/content/dam/jpm/commercial-banking/documents/cybersecurity-fraud/protect-your-business-from-wire-fraud.pdf">$26 billion</a>, and the problem continues to grow, exacerbated by work-from-home and hybrid work policies. <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> The internet has made transactions between financial firms and clients more convenient and more accessible than ever. Email is the primary method of communication between parties involved in a financial transaction due to the ease, convenience, and speed it takes for a transaction to occur. However, providing sensitive information and personal data through email is risky as it is easier to compromise information communicated online than many firms realize. From the C-suite to directors, managers, and regular employees, all must take measures to protect corporate assets and prevent targeted wire fraud. The financial impact resulting from attacks like impersonation can be catastrophic. Once the money transfers into the wrong hands, liability remains unclear, while the fraudster takes the money and leaves the parties in a transaction empty-handed. The vulnerabilities that many experience from targeted wire fraud are often underestimated, which is an issue facing the financial services industry due to the uncertainty around liability. How Can Information Be Better Protected? <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> Transferring funds through wire and ACH is the primary method for bank and business transactions, as parties can quickly transfer funds with a few clicks. However, it is crucial to protect corporate accounts during these online transactions to avoid compromising sensitive financial and personal information. Otherwise, the impact of wire fraud could be catastrophic for all parties legally involved in the transaction. Many private equity and venture capital firms have adopted two-factor authentication (2-FA) to make online transactions safer. With 2-FA, parties in a transaction are sent a code to their mobile device, and users must verify their identity by inputting the code and their username and password. However, cybercriminals have discovered new ways to<a href="https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html"> bypass this security verification </a>with email impersonation tactics.According to a <a href="https://www.cnbc.com/2019/01/04/how-secure-is-your-account-two-factor-authentication-may-be-hackable.html">cybersecurity training firm, KnowBe4</a>, a cybercriminal can still impersonate a trusted identity and send a targeted email asking the recipient to click on a link. Once the user clicks the link, they are directed to a website that asks for their login information and the code sent to their mobile phone. The cybercriminal will then receive the login through the hacker’s server and obtain the session cookie, which is key to a successful cyber-attack. As cybercriminals increasingly bypass 2FA, businesses have come up with new security measures. Multi-factor authentication (MFA) and biometrics are innovative solutions that enhance the efficiency of digital processes while making them more secure. Unlike 2FA, which only requires two verification methods, MFA is a multi-layered framework that requires two or more authentication factors to grant access. It's Not What You Know, It’s Who You Are That MattersBiometrics provides an additional layer of security where the user provides unique biological or behavioral characteristics to verify their identity. While other authentication methods use passwords and codes, biometrics use unique attributes like voice recognition, fingerprints, photo recognition, and other inherent characteristics. Unlike 2FA or MFA, which alone are still vulnerable to social engineering, biometric authentication offers stronger security measures that prevent phishing attacks, account takeovers, and fraud. Biometric authentication and MFA are innovative cybersecurity solutions that help businesses ensure that only the right people can access portals and sensitive data. Many enterprises have already implemented biometrics, and most technology users utilize biometric or MFA verification daily. <a href="https://auth0.com/blog/3-critical-trends-in-biometric-authentication-in-2019/">Smartphones, laptops, and tablets</a> are the leading business technologies that use biometric authentication. Thanks to Apple, which first introduced <a href="https://www.macrumors.com/guide/touch-id/">Touch ID fingerprint verification in 2013</a> and later evolved it into facial recognition, most smart devices today require biometric verification for users to access their devices or online portals. Private equity and venture capital firms can integrate similar biometric and MFA authentication factors within their workflows to solve the cybercrime problems costing the industry billions of dollars each year. Although cybercriminals will always try to adapt to new security measures and insert themselves in the middle of a financial transaction, financial firms can prevent cyberattacks by using fingerprint, facial recognition, and other verification methods that cannot be stolen or faked. MFA and biometrics are solutions that can seamlessly integrate into existing workflows, enabling users to continue business functions in the same way but with increased security.</div>

www.securitymagazine.com

Will the convergence of IGA, PAM and AM fix the fractured identity landscape?

Chris Schueler
Published date: 2021-11-29 00:00:00

None

<div class="body gsd-paywall article-body"> Identity is fast becoming less of a tool and more of a strategic framework to secure digital assets and protect data privacy. As a result, when it comes to growing market-share, identity access management (IAM) vendors are looking to grab a larger percentage of the business. Identity protects digital assets, supports digital transformation initiatives, and bolsters Personal Identifiable Information (PII) privacy, using NIST-based security standards and best practices. It enables organizations to centrally manage their expanding perimeter of mobile and work from anywhere users, and on-premises, multi-cloud, and hybrid infrastructure environments. <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> A comprehensive identity platform allows for a common user experience across multiple applications and systems (both legacy and modern) and allows consumers and distributed workforces to use the same authentication method to access applications and resources across different enterprises. Converging the identity pillarsIdentity has three distinct pillars; identity governance administration (IGA), privileged access management (PAM), and access management (AM). There are dozens of vendors that offer one of these pillars. In the past, they referred to their products as identity tools. However, many now call their products identity platforms as they begin building more integrated capabilities. Albeit, these are vendor-specific platforms, and no vendor today offers an identity platform with complete IGA, PAM and AM capabilities. <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> Automation and interoperability of the three pillars are critical to ensure all applications, systems, APIs, policies, and processes are synergistic. Identity plays a pivotal role within an organization’s security stack. However, stakeholder roles are spread across IT infrastructure, security operations, and compliance to manage regulatory risk. Digital transformation, and the implementation of identity as part of that initiative, is a journey and each organization is at a different stage in that journey. Organizations with more mature identity infrastructure have typically accumulated many different and disparate identity tools. Most have created a complex infrastructure with limited integration, and they still have yet to implement identity throughout all their applications. They typically have legacy and modern identity tools that are on-premises and cloud-based. Organizations with less mature identity capabilities might only have cloud-based identity solutions. They often have limited policies and processes that are not fully thought out. In either case, the security and privacy risk associated with both is high. No matter where the organization is in their digital transformation, the identity platform needs to be adaptable and robust enough to support all situations and environments. Identity encompasses multiple senior executives, including leaders of IT (CIO), compliance (CCO), and security (CISO). Each stakeholder has their own specific goals and objectives, and the value that identity represents is different for each of them. <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> The identity platform impact on usersAn identity platform will not negatively impact users by adding friction to their experience. A vendor-agnostic converged platform will not lock an organization into any specific vendor. It will adapt to the customer needs and accommodate having their brand on the interface. This is important to many organizations because identity infrastructure is so intrinsic to their business operations and culture. Business leaders in charge of IT, compliance and security rely upon identity to ensure the right users have the appropriate access to digital resources. However, identity platform convergence means different things to different people. Because of the fractured identity landscape, vendors are looking to grow market share to increase their piece of the identity pie. Often, when one company buys another, they are eliminating their competition, which is not necessarily a good thing for customers. A converged identity platform helps make organizations more secure, compliant with regulations and provides a faster return on investment. It enables greater gains in efficiency for user and application on/off-boarding while supporting and enhancing the auditing process. It simplifies how users log into systems and apps and maximizes and optimizes existing identity tools, policies, and processes. The positives and negatives of convergenceIt is fair to say that convergence can be good for vendors but challenging for users. For many organizations, the prospect of any software platform conversion means more costs, more and possibly different licenses, and added usage. Convergence can also eliminate competition, potentially leading to higher prices and fewer choices. When a product goes through an upgrade, or its lifecycle is at an end-of-life stage, the customer usually pays the price. A vendor-agnostic identity platform should protect organizations from such an impact. In fact, the organization should be able to replace that product with a newer, better solution that may be more cost-effective. That is the beauty of a vendor-agnostic identity platform. Even within a mature market like IGA, new IGA vendors are bringing modern technology at competitive prices, encouraging pricing stability. IGA is the most mature identity technology, while PAM is the least mature, mainly because privileged access personnel tasked with implementing PAM are often resistant. This is due to the potential friction on both the administrative and end-user sides. This resistance is a challenge that identity platforms face if they have simply cobbled together various capabilities and critical functions without focusing on the user experience. The key is to have a user interface that remains consistent, even if the underlying technology changes. Managed identity service providers tend to be vendor agnostic. If a particular vendor needs to be swapped out, users are never impacted. All the changes are executed on the back-end, and the user experience and workflow processes remain consistent by having a common dashboard or interface separated from the underlying technologies. This is a key advantage of a comprehensive identity platform, as all the identity functions are integrated specifically to eliminate user friction. While today there is a fractured identity landscape, over the next 3-5 years, I expect there will be a convergence of the IGA, PAM and AM pillars. Identity vendors are beginning to expand their offerings, either through partnerships, by technology acquisitions, or vendor convergence; and from in-house development through organic expansion of capabilities.</div>

www.securitymagazine.com

Mitigating cyber threats within 5G cloud infrastructure

None
Published date: 2021-11-29 00:00:00

None

<div class="body gsd-paywall article-body"> As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published guidance to mitigate cyber threats within 5G cloud infrastructure. <a href="https://www.nsa.gov/Press-Room/Cybersecurity-Advisories-Guidance/" style="color: rgb(14, 16, 26); margin-top:0pt; margin-bottom:0pt; color: #4a6ee0;" target="_blank">Securely Isolate Network Resources</a> examines threats to 5G container-centric or hybrid container/virtual network, also known as Pods. The guidance provides several aspects of pod security, including limiting permissions on deployed containers, avoiding resource contention and denial of service attacks, and implementing real-time threat detection. <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> In Part I of the series, ESF discussed best practices on preventing and detecting malicious cyber actor activity in a 5G cloud infrastructure and recommended mitigations to prevent cybersecurity incidents. Part II of the series dives into Pod security and preventing a process that runs in a container from escaping the isolation boundaries of its container and gaining access to the underlying host. “5G changes the traditional mobile network operations architecture, allowing for the core network to be moved away from proprietary hardware and software to a modular cloud-native infrastructure,” said Jorge Laurel, NSA Project Director for ESF. “This is more flexible in its development and deployment, but also introduces new cybersecurity implications and risks that need to be mitigated.” “The deployment of 5G is built on an agile, highly configurable network architecture, a foundation of virtualization that can bring a wealth of benefits to our lives and work as well as greater security risks,” said Matt Hartman, Deputy Executive Assistant Director for Cybersecurity, CISA. “With our partners at NSA and ESF, CISA encourages the 5G community to review this guidance to ensure they achieve the necessary heightened level of Pod security in 5G cloud.” <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> Pods are the isolated environments used to execute 5G network functions in a 5G container-centric or hybrid container/virtual network function design and deployment. Pods provide highly configurable, flexible workloads that can be scaled and orchestrated from a central control plane while enforcing isolation of each workload. The scale and interoperability requirements of 5G cloud components makes securely configuring Pods a challenging but important ongoing effort. A strong Pod security posture leverages containerization technology to harden the deployed application, protect Pods’ interactions, and detect malicious/anomalous activity within the cluster. “5G changes communication capabilities and risks,” said Rob Joyce, NSA Cybersecurity Director. “This guidance document from ESF brings to light the need to secure Pods as an important aspect of securing 5G cloud environments.” 5G cloud providers, integrators and network operators share the responsibility to securely configure, deploy, and orchestrate Pods that provide services. <div id="div-gpt-ad-sidebar-mrect-mobile" class="advertisement"></div> The series has been published under the Enduring Security Framework (ESF), a public-private cross-sector working group led by NSA and CISA.</div>

www.securitymagazine.com

Chevron Salt Lake Refinery tests emergency response plans

None
Published date: 2021-11-29 00:00:00

None

<div class="body gsd-paywall article-body"> The <a href="https://www.cisa.gov/" style="color: rgb(14, 16, 26); margin-top:0pt; margin-bottom:0pt; color: #4a6ee0;" target="_blank">Cybersecurity and Infrastructure Security Agency (CISA)</a> held a tabletop exercise with the Chevron Salt Lake Refinery and other state and local partners to test plans for responding to a potential emergency at the refinery. “CISA routinely partners with industry and government to plan and practice a wide range of possible scenarios,” said CISA Regional Director for the Rocky Mountain region, Shawn Graff. “Our goal with <a href="https://www.cisa.gov/publication/cisa-tabletop-exercise-package" style="color: rgb(14, 16, 26); margin-top:0pt; margin-bottom:0pt; color: #4a6ee0;" target="_blank">tabletop exercises</a> is centered around uniting partners and stakeholders to practice how we as a community respond to an emergency. This is an important part of maintaining the security of our national infrastructure.” <div id="div-gpt-ad-article-body-sky-mobile" class="advertisement"></div> Critical infrastructure, which includes industry; government; and commercial operations and systems, like refineries and communications, forms the backbone of the American economy. The exercise, which was planned over the past two months, included several objectives related to response procedures at the refinery, including evacuation and shelter-in-place decision-making; roles and responsibilities during investigations; communication with first responders; and public messaging before and following an incident. “This type of training is a critical measure of how well we design and activate our emergency response and security plans. It evaluates our overall preparedness, highlighting both what we’ve done well and where we can do even better,” said Chevron Salt Lake Refinery General Manager, Bryon Stock. “We appreciate the opportunity to collaborate with national, regional and local leaders in public safety and security and to partner with CISA on this exercise.” The tabletop collaboration brought together operational leadership, security, and first responder teams from several groups in addition to CISA and Chevron. North Salt Lake Police Department, Davis County Sheriff’s Office, South Davis Metro Fire, Davis County Emergency Management, Utah Department of Public Safety, Utah Statewide Information and Analysis Center, Federal Bureau of Investigation also joined the exercise. <div id="div-gpt-ad-sidebar-sky-mobile" class="advertisement"></div> “We all dialed in virtually and talked through the progression of a fictional security incident,” said Chevron Salt Lake Refinery Emergency Services Team Lead, Jake Barlow. “It was a very valuable exercise, helping us all improve our emergency response, evacuation, and shelter-in-place plans and notification processes.” More than 40 participants and observers participated in the tabletop exercise over the course of several hours. The exercise demonstrates the commitment of CISA, Chevron, state and local partners to ensure a secure and safe environment for everyone. “The security and resilience of our national infrastructure is a responsibility shared across the public and private sectors,” said Graff. “When we practice together, we improve our ability to respond together. You can never be too prepared.”</div>

Tbsnews.net

Bangladesh Bank to form emergency response team to thwart cyber attack - The Business Standard

None
Published date: 2021-11-27 09:57:00

The Fin-Cert will build a threat intelligence platform and spell out security standards

Highlights: <ul><li>The Fin-Cert will<ul><li>Take measures to stave off cyber attacks on financial industry.</li><li>Monitor the banking sector's cyber security situation</li><li>Help banks to preve… [+6979 chars]

therecord.media

Group-IB helps Italian officials take down scammers selling COVID-19 docs via Telegram

Dina Temple-Raston
Published date: 2021-11-27 00:00:00

None

Just days after the Italian government announced that it would tighten restrictions linked to its COVID-19 health pass, Italian police announced that they had broken up a criminal gang selling hundreds of fake passes and certificates via Telegram.

Ilcorrieredellasicurezza.it

Computer Security Day 2021: i cinque consigli di Check Point Software Technologies

redazione
Published date: 2021-11-26 21:50:00

None

In occasione del 33esimo anniversario del Computer Security Day, che si svolgerà il prossimo 30 novembre, Check Point® Software Technologies Ltd. (NASDAQ: CHKP), il principale fornitore di soluzioni … [+4022 chars]

Mjtsai.com

New Rowhammer Techniques

Michael Tsai
Published date: 2021-11-26 20:00:55

Catalin Cimpanu (via Hacker News): Google says Rowhammer attacks are gaining range as RAM is getting smaller A team of Google security researchers said they discovered a new way to perform Rowhammer attacks against computer memory (RAM) cards that broaden the…

Technology

Related News

Cyber Security and Small Businesses: How to Set Your Brand Up for Long-Term Success

A tech whistle-blower helps others speak out

National Computer Security Day: how can data help to deliver a better user journey? - The Drum

iZafe Group Q3 Interim Report, July-September 2021

Westpac rolls out new banking app to Android users

Cyber Monday Deals on Course Bundles – Learn Something New at a Ridiculously LOW price!

Crypto Mining Hackers vs. Cloud Computing—Google States the Obvious

Monitor Privilege Escalation Risk of Identities from AWS Security Hub, with Integration from Sonrai

GUEST ESSAY: The shock waves of mental illness have begun exacerbating cybersecurity exposures

5 High-Risk Vulnerabilities In E-Commerce Applications

Debunking Myths About CMMC 2.0

Securing Corporate Philanthropy on Giving Tuesday

Réduisez les coûts de stockage des données en vous débarrassant des données obsolètes [Estimateur d’économies]

Cyber Security Predictions for 2022

Tencent bows to Beijing’s pressure, opens WeChat groups to social media rivals

CISA Office for Bombing Prevention provides counter-IED training

5 minutes with Tracy Reinhold: Critical event management for enterprise resilience

Why the threat of wire fraud is particularly high for private capital markets – and what’s being done to address it

Will the convergence of IGA, PAM and AM fix the fractured identity landscape?

Mitigating cyber threats within 5G cloud infrastructure

Chevron Salt Lake Refinery tests emergency response plans

Bangladesh Bank to form emergency response team to thwart cyber attack - The Business Standard

Group-IB helps Italian officials take down scammers selling COVID-19 docs via Telegram

Computer Security Day 2021: i cinque consigli di Check Point Software Technologies

New Rowhammer Techniques

Most Popular

Unpatched Windows Zero-Day Allows Privileged File Access

ScarCruft APT Mounts Desktop/Mobile Double-Pronged Spy Attacks

Shape-Shifting ‘Tardigrade’ Malware Hits Vaccine Makers

Cybercriminals: Frenemies China, Russia, North Korea

Cyber Security Predictions for 2022

Technology

Related News

Most Popular

Advertisements

Follow us

Recent Tweets