[From the desk of Paul Davis – his opinions and no-one else’s]
Apart from the reporter’s opinions 😉
So onto the news:
KnowBe4 Phishing Research Shows Men 225% More Prone to Give up the Goods
In an analysis done by KnowBe4 of 201,755 phishing emails sent over the past 30 days, it was found men appear to be more prone to clicking on a phishing email than women.
In further analysis, when tested over a 120 -day period with simulated phishing emails that lead to a data entry landing page and ask for some input of credentials, men were found to provide data and give up credentials over twice as much as females.
According to a study from Osterman Research, 5 out of 6 of the most serious concerns of security-focused decision makers are directly related to phishing or its aftermath.
The study suggests companies implement a variety of best practices to address the security gaps that have been identified and notes.
The study stated: “It is important to invest sufficiently in employee training so that the “human “firewall” can provide the best possible initial line of defense against increasingly sophisticated phishing and other social engineering attacks.”
Small to Medium businesses are selected by cyber criminals as a primary focus for attacks like ransomware using phishing emails as a ploy to get in and gain access.
These companies often lack an effective backup or more sophisticated technical solutions but can afford to pay a $500-$700 ransom fee.
It is very often these employees that click on emails with malicious attachments.
Trend Micro analyzed June-July 2015 time frame with clicks on links of CryptoWall ransomware.
A whopping 67% of the links were opened by SMB’s. large enterprise followed with 17%, and third came consumers with just 13%.
Sjouwerman offered, “Security Awareness Training is really needed for every employee in any organization.
It allows you to put in place a more effective human firewall and protect your corporate and financial assets and is now very affordable.”
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=3ad091fcf0&e=20056c7556
Wifatch Router Virus May Fight Malware
Wifatch was first described in November in a two-part post on a blog called “Loot Myself: Malware Analysis and Botnet tracking.” It is a “sophisticated piece of code” that connects infected routers to a peer-to-peer network of other infected devices, according to Mario Ballano, a senior security response engineer at Symantec.
Unlike other malware, however, Wifatch doesn’t appear to be used for malicious purposes, he said.
Instead, the unusual malware apparently works to prevent further infections and sometimes even delivers a message telling device owners to change their Telnet passwords and/or update their firmware.
Another aspect is that the source code contains a line of text famously used as an e-mail signature by software freedom activist and GNU Project founder Richard Stallman.
When it first learned of Wifatch, Symantec assumed the malware was just another example of such IoT threats.
However, “The further we dug into Wifatch’s code the more we had the feeling that there was something unusual about this threat,” Ballano said. “For all intents and purposes, it appeared like the author was trying to secure infected devices instead of using them for malicious activities.”
Link: http://paulgdavis.us3.list-manage2.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d2dc9f0811&e=20056c7556
ASEAN, Japan to Boost Fight Against Terrorism, Cybercrime
On October 1, ASEAN and Japan convened the second ASEAN Plus Japan ministerial meeting on transnational crime (AMMTC + Japan) in Kuala Lumpur.
Two issues that were of particular concern were terrorism and cyber crime.
According to the joint statement issued following this meeting in Kuala Lumpur, the two sides focused on countering terrorism and cyber crime.
The focus on these issues is not surprising considering the rise of the Islamic State threat, which has spooked some ASEAN states, as well as cyber attacks that have exposed the vulnerability of the subregion in recent years.
On the former, the statement reaffirmed the importance of strengthening counterterrorism capacity and cooperation as well as the sharing of experience, knowledge and information including through the ASEAN-Japan Counter Terrorism Dialogue.
On the latter, the emphasis was on expediting initiatives to enhance counter-cybercrime capacity, including through the ASEAN-Japan Cybercrime Dialogue inaugurated in May last year which they hope will become the foundation of cooperation.
The reference to the threat as “grave and imminent” gives a sense of how urgent the issue is to the countries of concern.
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=d6482b61a7&e=20056c7556
Planning in an attack-ridden landscape: Continuity planning
As a best practice, predictive models should be deployed, says Gene Fredriksen, CISO for PSCU, a Saint Petersburg, Fla.-based provider of PCI transaction clearance for more than 800 credit unions.“Rather than running around with your pants on fire playing Whack-A-Mole, [you] at least have an idea on what your emphasis should be.” Too often organizations just focus on warding off inbound attacks, Fredriksen says, “getting only half the picture.” Potential inside threats within your infrastructure must be vigilantly monitored.
For example, an unauthorized connection from a company computer to a command-and-control server in China is a pretty huge red flag that the machine needs to be shut down. “Once you understand where the bad guys are coming from, you can start to be proactive,” he says.
Poor asset management is usually at the core of most IT security incidences, points out Ron Gula, CEO & CTO of Tenable Network Security, a Columbia, Md.-based provider of continuous network monitoring to identify vulnerabilities.
A byproduct of the recent deluge of breaches is that some organizations are “unfortunately doubling down on maybe ineffective practices – just buying security defensive products,” Gula (left) says.
They’re stuck in a “vulnerability treadmill,” doing some sort of periodic security audit, getting a big report of vulnerabilities.
And, when assessing vulnerabilities, just don’t rely on technology, Coleman points out. “Organizations have to get their staff really dedicated to actively hunt for anomalies for things that aren’t right,” he says. “Humans need to question information flows, asking such questions as: Who is the organization talking to in the public internet.
Should this transaction happen.
Does this really make sense?”
Link: http://paulgdavis.us3.list-manage1.com/track/click?u=45bf3caf699abf9904ddc00e3&id=ea304a0a05&e=20056c7556
Are These Four Security Technologies on the Verge of Becoming Obsolete?
One recent survey showed that more than half of all enterprises admit to using security technology that was at least three years old, while 11 percent say they’re using technology that’s 10 or more years old.
With outdated security technology, companies are much less capable of handling today’s security challenges, let alone what’s to come tomorrow.
Here are just a few examples of technologies that are either outdated already or may soon become obsolete:
– BIOMETRIC SCANNING
– PASSWORD SYSTEMS
– ANTIVIRUS SOFTWARE
– FIREWALLS
Hackers change up their tactics with incredible frequency, and companies need to be on top of that by adopting better security technology.
There’s no reason to hold onto a ten year old server when converged infrastructure is a reality, and there’s no reason to think passwords are the best way to keep cyber attackers out when better measures are available.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=cfd67b8df7&e=20056c7556
Experian T-Mobile hack shows encryption no ‘panacea’ for security, warns Tor co-founder
The theft of 15 million sets of T-Mobile customer data following a breach at credit agency Experian demonstrates that encrypting data isn’t a “panacea” for keeping information secure from hackers, David Goldschlag, co-creator of the Tor secure browser, has warned.
But while Experian is thought to have encrypted some data, Goldschlag told VentureBeat that the incident shows how encrypting data isn’t a cure-all, as hackers can get around it.
“It is likely that the hackers were able to decrypt the encrypted information too.
So storing information in an encrypted form may not be the panacea that people expect,” he warned.
“This morning they saw listings go up for ‘FULLZ’ data that matches the same types of information that just came out of the Experian hack,” the company said in a statement.
“FULLZ” is a term used within the hacker community to describe a full package of an individual’s personal information, including name, date of birth, account numbers and other data.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=6d820bf4c6&e=20056c7556
44% of Companies Believe They Can Keep Attackers Off the Network
Despite report after report and one high-profile incident after another, executives and IT professionals are still naïve about security: 55% believe they can detect an attacker on the network within minutes, hours or a few days.
Even more shocking, 44% believe they can keep attackers off a network entirely.
Wherefore this magical thinking.
CyberArk’s 9th Annual Global Advanced Threat Landscape Survey found that one of the problems is that execs place blame where it doesn’t belong: 48% blame poor employee security habits for breaches, while 29% believe that only the most sophisticated attackers could break through.
And indeed, a full 61% believe that privileged account takeover is the most difficult stage of an attack to stop—up from 44% last year.
The concern is now three times more common than those who thought stopping the advancement of malware installed on a network was the most challenging stage (21%) and almost five times more than the 12% that cited the reconnaissance phase by the attackers being the most difficult to mitigate.
Link: http://paulgdavis.us3.list-manage.com/track/click?u=45bf3caf699abf9904ddc00e3&id=71feb48a09&e=20056c7556
============================================================
Feedback, questions? Our mailing address is: ** dailynews@paulgdavis.com (mailto:dailynews@paulgdavis.com)
If you know someone else who would be interested in this Newsalert, please forwarded this email.
If you want to be added to the distribution list, please click this: ** Subscribe to this list (http://paulgdavis.us3.list-manage2.com/subscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a)
** Unsubscribe from this list (http://paulgdavis.us3.list-manage.com/unsubscribe?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556&c=d7c31e140b)
** Update subscription preferences (http://paulgdavis.us3.list-manage.com/profile?u=45bf3caf699abf9904ddc00e3&id=e09452545a&e=20056c7556)