Posts

Showing posts from December, 2020

Black Hills InfoSec - Webcast: Discussing Implications of the SolarWinds Breach(es)

Does the news on SUNBURST and SUPERNOVA have you feeling like you’re flapping in the (Solar)Wind? Join John Strand, Jonathan Ham, and Jake Williams as they discuss the implications of the breaches in this no-FUD webcast. No, we won’t be discussing “cyber Pearl Harbor” – because lets be honest, that’s just hyperbole. Join us to […] The post Webcast: Discussing Implications of the SolarWinds Breach(es) appeared first on Black Hills Information Security . from Black Hills Information Security https://www.blackhillsinfosec.com/webcast-discussing-implications-of-the-solarwinds-breaches/

KnowBe4 - 2020 Top Phishing and Vishing Attacks And Trends

Image
It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack  – which possibly impacted up to 18,000 potential victims, including almost all of the Fortune 500 , involved a top-tier computer security vendor, at least a half-dozen top U.S. government agencies, and essentially brought the long feared, nation-state-sponsored, supply chain attack into reality. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/2020-top-phishing-vishing-attacks-and-trends

KnowBe4 - Securing Remote Employees is the Top 2021 Cybersecurity Challenge for Organizations

Image
Security vendor CheckPoint provides insight into what are the organizational cybersecurity priorities for next two years, as well as where cybersecurity is going to be challenging. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/securing-remote-employees-is-the-top-2021-cybersecurity-challenge-for-organizations

KnowBe4 - Phobos Ransomware Is Alive and Well, Targeting SMBs and Asking for Ransoms of $19K

Image
In celebrating its two-year birthday this month, experts take a look at the Phobos ransomware in detail and offer up suggestions on how to avoid infection. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/phobos-ransomware-is-alive-and-well-targeting-smbs-and-asking-for-ransoms-of-19k

KnowBe4 - Scammers Use a $100 Amazon Gift Card to Deliver the Banking Trojan Dridex to Their Victims

Image
It appears the holidays aren’t without a cyber-grinch, as attackers use the lure of free money in the form of a gift card as an easy means to trick victims into infecting their own computers. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/scammers-use-a-100-amazon-gift-card-to-deliver-the-banking-trojan-dridex-to-their-victims

KnowBe4 - 2020 Top Phishing and Vishing Attacks

Image
It’s an extra challenging year, harder than most, to choose the most impactful cybersecurity events. The year ended with a bang – the Solarwinds supply chain attack  – which possibly impacted up to 18,000 potential victims, including almost all of the Fortune 500 , involved a top-tier computer security vendor, at least a half-dozen top U.S. government agencies, and essentially brought the long feared, nation-state-sponsored, supply chain attack into reality. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/2020-top-phishes-and-vishes

Schneier - Brexit Deal Mandates Old Insecure Crypto Algorithms

In what is surely an unthinking cut-and-paste issue, page 921 of the Brexit deal mandates the use of SHA-1 and 1024-bit RSA: The open standard s/MIME as extension to de facto e-mail standard SMTP will be deployed to encrypt messages containing DNA profile information. The protocol s/MIME (V3) allows signed receipts, security labels, and secure mailing lists… The underlying certificate used by s/MIME mechanism has to be in compliance with X.509 standard…. The processing rules for s/MIME encryption operations… are as follows: the sequence of the operations is: first encryption and then signing, the encryption algorithm AES (Advanced Encryption Standard) with 256 bit key length and RSA with 1,024 bit key length shall be applied for symmetric and asymmetric encryption respectively, the hash algorithm SHA-1 shall be applied. s/MIME functionality is built into the vast majority of modern e-mail software packages including Outlook, Mozilla Mail as well as Netscape Communicator 4.x an...

SBS CyberSecurity - {Webinar} Security After SolarWinds: Time to Redesign Your Program

The SolarWinds incident highlights significant future risks. Undoubtedly the doors are now open for attacks of a similar nature. But where do you start? How do you incorporate the lessons learned from this attack? Which processes need to be reviewed? Which vendor relationships need to be scrutinized? With your questions in mind, we designed a 90-minute webinar in which we will guide you through a step-by-step action plan. Jumpstart the review and redesign of your Information Security Program and join us on January 7 at 1:00 PM CST! from SBS CyberSecurity https://sbscyber.com/resources/articleType/ArticleView/articleId/3781/webinar-security-after-solarwinds-time-to-redesign-your-program

Recorded Future - SolarWinds Attribution: Are We Getting Ahead of Ourselves?

Note: This blog is an abstract of an in-depth analysis on SolarWinds attribution. Download the complete analysis here . The recent expansive intrusion campaign of over half a dozen government agencies and as-yet unknown other organizations through malicious backdoors in the SolarWinds Orion platform is already one of the most significant acts of cyber espionage in history. This intrusion, dubbed SUNBURST/Solorigate, appears intended for information theft and espionage rather than destruction, placing this campaign within the realm of counterintelligence, not just incident response. Analyzing this incident within the realm of counterintelligence may fill the gap of descriptive language for this incident rather than bipolar descriptions of “sophisticated” or in-depth analysis which may add to confusion for network defenders. Additionally, only a handful of companies have direct access and the investigative resources to gain meaningful insights into the technical components of the backdo...

KnowBe4 - Beware of Puppy Scams

Image
Researchers at Anomali have discovered eighteen scam websites offering pets for sale. Most of the websites purport to be selling dogs, although some offer cats and birds as well. The sites are all operated by the same group of scammers that use similar social engineering tactics to lure people in. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/beware-of-puppy-scams

HACKMAGEDDON - Cloud-Native Threats in 2020

Among the various things that I have done in 2020, there is the collection of the main cyber attacks that have exploited cloud services in the kill chain. I have built a personal (and obviously incomplete) list using publicly available information. The complete timeline is available at the end of the post, while some statistics are summarized in the following charts... from HACKMAGEDDON https://www.hackmageddon.com/2020/12/30/cloud-native-threats-in-2020/

Schneier - On the Evolution of Ransomware

Good article on the evolution of ransomware : Though some researchers say that the scale and severity of ransomware attacks crossed a bright line in 2020, others describe this year as simply the next step in a gradual and, unfortunately, predictable devolution. After years spent honing their techniques, attackers are growing bolder. They’ve begun to incorporate other types of extortion like blackmail into their arsenals, by exfiltrating an organization’s data and then threatening to release it if the victim doesn’t pay an additional fee. Most significantly, ransomware attackers have transitioned from a model in which they hit lots of individuals and accumulated many small ransom payments to one where they carefully plan attacks against a smaller group of large targets from which they can demand massive ransoms. The antivirus firm Emsisoft found that the average requested fee has increased from about $5,000 in 2018 to about $200,000 this year. Ransomware is a decades-old idea. Toda...

Krebs - Happy 11th Birthday, KrebsOnSecurity!

Image
Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for your continued encouragement and support! With the ongoing disruption to life and livelihood wrought by the Covid-19 pandemic, 2020 has been a fairly horrid year by most accounts. And it’s perhaps fitting that this was also a leap year, piling on an extra day to a solar rotation that most of us probably can’t wait to see in the rearview mirror. But it was hardly a dull one for computer security news junkies. In almost every category — from epic breaches and ransomware to cybercrime justice and increasingly aggressive phishing and social engineering scams — 2020 was a year that truly went to eleven . Almost 150 stories here this past year generated nearly 9,000 responses from readers (although about 6 percent of those were on just one story ). Thank you all for your thoughtful engagement, wisdom, news tips and support. I’d like to reprise a note from last year’s anniversary post concerning ads. A ...

KnowBe4 - How to Start a Successful Security Awareness Training Program

Image
You did it - your organization has finally decided to take the first step in implementing security awareness training . But with starting something new there tends to be a 'deer in the headlights' moment  w and you ask yourself common questions - What now? Where do I begin? from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/how-to-kick-start-an-successful-security-awareness-training-program

SANS - Issue #101 - Volume XXII - SANS Newsbites - December 29th, 2020

from SANS Institute | Newsletters - Newsbites - RSS https://www.sans.org/newsletters/newsbites/xxii/101

KnowBe4 - What You Need to Know About DMARC

Image
It's true - not enough organizations utilize DMARC, SPF, and DKIM, global anti-domain-spoofing standards, which could significantly cut down on phishing attacks. But before you implement these protection standards, what are they and how can you effectively use them? from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/what-you-need-to-know-about-dmarc

KnowBe4 - CyberheistNews Vol 10 #53 [Heads Up] Here's Some Powerful Ammo to Grab More of Your Year-End InfoSec Budget

Image
from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cyberheistnews-vol-10-53-heads-up-heres-some-powerful-ammo-to-grab-more-of-your-year-end-infosec-budget

KnowBe4 - BEC Attacks Nearly Doubled in 2020

Image
A new report from Barracuda Networks found that business email compromise (BEC) attacks have nearly doubled over the past year. These attacks made up 12% of all spear phishing attacks in 2020, compared to 7% in 2019. While these might seem like low numbers, it’s worth keeping in mind that BEC attacks are far more devastating and require much more effort than normal phishing attacks. Attackers can spend months performing reconnaissance and setting up infrastructure before executing the attack, and successful BEC scams often result in multimillion-dollar losses for the victims. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/bec-attacks-nearly-doubled-in-2020

KnowBe4 - Cybercriminals Attempt to Exploit Australian Fears on COVID-19

Image
The bad guys are attempting to take advantage of Australian fears of COVID-19 in 2021. The National Identity and Cyber Support Service of Australia and New Zealand ID Care recently warned of COVID-19 phishing attacks using deepfakes that is set to launch in 2021. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/cybercriminals-attempt-to-exploit-australian-fears-on-covid-19

KnowBe4 - A Friend Needs Money Urgently? You're Probably Getting Scammed

Image
People need to be on the lookout for phishing attacks sent from legitimate but compromised social media accounts, according to Paul Ducklin at Naked Security. Ducklin describes a scam sent in by a reader who received an unexpected message from one of their Facebook friends. The message said, “Hi [name]. Hope you’re all well. Do you use online banking? I need help paying a bill.” The recipient recognized that it was a scam, but continued the conversation to find out what the scammer would say. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/a-friend-needs-money-urgently-youre-probably-getting-scammed

KnowBe4 - KnowBe4 Fresh Content Updates from December: Including New 2021 KnowBe4 Flagship Training Modules

Image
Here are important fresh content updates to share with you that happened in the month of December. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/knowbe4-fresh-content-updates-from-december-including-new-2021-knowbe4-flagship-training-modules

KnowBe4 - [Heads Up] Here's Some Powerful Ammo To Grab More Of Your End-Of-Year InfoSec Budget

Image
OK, let's sum up where we are, here at the end of December 2020. COVID has propelled IT from 2020 to 2030 in a matter of months. However, only a few of us were ready to have the large majority of our users to Work From Home. Your old firewall is useless. The hardware endpoint with its software security stack now sits in your user's bedroom. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/heads-up-heres-some-powerful-ammo-to-grab-more-of-your-end-of-year-infosec-budget

KnowBe4 - How Can You Be More at Risk With MFA?

Image
In my recent comment on the Solarwinds’ cyber attack , I made the claim that using multifactor authentication (MFA) can sometimes make you more at risk than using a simple login name and password. I wrote this: from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/how-you-can-be-more-at-risk-with-mfa

KnowBe4 - Private Online Shopping Risks Affect Businesses, Too

Image
Consumers aren’t the only ones who can be victimized by social engineering attacks while shopping online, according to Arab News . Employees who use work devices for personal shopping are at risk of falling for scams and potentially letting attackers into the company’s network. Arab News quotes Werno Gevers, regional manager at Mimecast Middle East, discussing the findings of Mimecast’s recent report on how employees use company-issued devices. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/private-online-shopping-risks-affect-businesses-too

KnowBe4 - FireEye's Mandia on SolarWinds hack: 'This was a sniper round'

Image
Joe Warminsky at Cyberscoop wrote: "The foreign espionage operation that breached several U.S. government agencies through SolarWinds software updates was unique in its methods and stealth, according to FireEye CEO Kevin Mandia, whose company discovered the activity. “This was not a drive-by shooting on the information highway. This was a sniper round from somebody a mile away from your house,” Mandia said Sunday morning on CBS’s “Face the Nation.” “This was special operations. And it was going to take special operations to detect this breach.” Mandia estimated that about “only about 50 companies or organizations” were the true targets of the operation, which is suspected to be the work of the Russian intelligence agency known as the SVR. Texas-based SolarWinds reportedly has about 300,000 customers overall in government and industry, and the malware in the spy campaign was pushed out to about 18,000 of those, including U.S. government agencies and major corporations. In th...

KnowBe4 - Just 8% of U.K. Firms Offer Regular Security Training

Image
A majority of UK businesses are failing to adequately train their remote working employees to spot security threats, according to new research from iomart. The cloud services company based its Cyber Security Insights Report on the views of 1167 UK workers at C-level, director, manager and employee level. It found that over a quarter (28%) of their employers offer no cybersecurity training for the distributed workforce, while a further 42% do but only to select employees. Of those who were offered training, 82% claimed that it was a short briefing rather than something more comprehensive. Less than a fifth (17%) said they had regular training sessions. That means, overall, just 8% of those surveyed receive regular security training. This comes at a time when threats are on the rise. A fifth (20%) of those surveyed reported seeing an increase in cyber-attacks as a result of working remotely. Cyber-criminals have been targeting remote workers with phishing emails often themed w...

KnowBe4 - Wedbush Analyst: "Cybersecurity spending will increase 20% in 2021 Due To SolarWinds."

Image
Wedbush senior tech analyst Dan Ives says cybersecurity spending will increase by 20% in 2021 as more companies ramp up protection following the SolarWinds hack that compromised state agencies and corporations including Microsoft. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/wedbush-analyst-cybersecurity-spending-will-increase-20-in-2021-due-to-solarwinds

KnowBe4 - [HACK ALERT] Here Is A Whole New Way Cyber Criminals Empty Out Your Bank Account

Image
Researchers at IBM discovered a brand new type of massive banking fraud campaign that raked in millions of dollars over the course of a few days before it was put to a stop. from KnowBe4 Security Awareness Training Blog http://blog.knowbe4.com/hack-alert-here-is-a-whole-new-way-cyber-criminals-empty-out-your-bank-account

Recorded Future - AI Enables Predictability and Better Business

Joining us this week is Aarti Borkar, vice president of product for IBM Security . She shares the story of her professional journey, starting out as a self-described data-geek through the path that led her to the leadership position she holds today. Aarti also shares her views on artificial intelligence , and how she believes it can be an enabler for security and the business itself. And we’ll get her thoughts on welcoming new and diverse talent to the field. This podcast was produced in partnership with the CyberWire . The post AI Enables Predictability and Better Business appeared first on Recorded Future . from Recorded Future https://www.recordedfuture.com/podcast-episode-190/

KnowBe4 - Cybercriminals Attempt to Exploit Australian Fears on COVID-19

Image
The bad guys are attempting to take advantage of Australian fears of COVID-19 in 2021. The National Identity and Cyber Support Service of Australia and New Zealand ID Care recently warned of COVID-19 phishing attacks using deepfakes that is set to launch in 2021. from KnowBe4 Security Awareness Training Blog https://blog.knowbe4.com/cybercriminals-attempt-to-exploit-australian-fears-on-covid-19

SBS CyberSecurity - In The Wild 203

Image
   In The Wild - CyberSecurity Newsletter Happy New Year and welcome to the 203 rd  issue of In The Wild, SBS' weekly CyberSecurity newsletter. The objective of this newsletter is to share threat intelligence, news articles that are relevant, new and updated guidance, and other information to help you make better cybersecurity decisions. Below, you will find some of the latest-and-greatest news stories, articles, videos, and links from the past week in cybersecurity. Some of the following stories have been shared by consultants, others by the SBS Institute, and others yet simply been found in the far corners of the internet. We hope you find the following stories relevant, interesting, and – most of all – useful. Enjoy. Follow SBS CyberSecurity on Social Media for more articles, stories, news, and resources!            {HACKER HOUR} ARE YOU PREPARED FOR AN INCIDENT? SBS Educational Resources Held Wednesday, December 30, 2020  ...