Advertisement

Expert Reacted On Microsoft Says Iranian Hackers “Phosphorus” Targeted Conference Attendees | Information Security Buzz

expert reacted on microsoft says iranian hackers “phosphorus” targeted conference attendees | information security buzz

BEGIN ARTICLE PREVIEW:

Microsoft says it detected and worked to stop a series of cyberattacks from the threat actor Phosphorous masquerading as conference organizers to target more than 100 high-profile individuals. Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia. The Munich Security Conference is the most important gathering on the topic of security for heads of state and other world leaders, and it has been held annually for nearly 60 years. Likewise, T20 is a highly visible event that shapes policy ideas for the G20 nations and informs their critical discussions. Based on current analysis, Microsoft does not believe this activity is tied to the U.S. elections in any way.
More information: https://blogs.microsoft.com/on-the-issues/2020/10/28/cyberattacks-phosphorus-t20-munich-security-conference/

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE

Reaching the breaking point:” UM-Flint professor on Internet-of-Things security %

reaching the breaking point:” um-flint professor on internet-of-things security %

BEGIN ARTICLE PREVIEW:

Even if you haven’t heard the term before, you’re probably familiar with the “Internet-of-Things.” It refers to the increasing number of everyday objects that are connected to the web— fitness trackers, doorbells, washing machines, even your vehicle. The connected nature of these items can create significant convenience for consumers, sending you real-time updates when the laundry is finished or when Amazon left a package at your door. Unfortunately, that same connectivity that makes your day-to-day life easier can also put your home at risk for cyber attacks.

Suleyman Uludag, an associate professor of computer science at UM-Flint, researches IoT security. His two most recent publications focus on quickly detecting attacks on the IoT and a survey of attacks on the “smart grid”—the smart grid being a more networked, decentralized electrical grid used to power cities. This expertise puts Uludag in high demand as a consultant and speaker. On October 7, he spoke at the North American International Cyber Summit, an event hosted by Gov. Gretchen Whitmer that brought together cybersecurity professionals from government, business, and academia. There he outlined why IoT attacks are increasing and what public policy can do to help.

Uludag was connected to the North …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Reaching the breaking point:” UM-Flint professor on Internet-of-Things security %”

OpenText Introduces Enfuse On Air: A new digital conference format for Cyber Resilience and Investigation Experts

opentext introduces enfuse on air: a new digital conference format for cyber resilience and investigation experts

BEGIN ARTICLE PREVIEW:

OpenText will deliver four weeks of digital content on information security, data discovery, and forensic investigations
WATERLOO, ON, Oct. 29, 2020 /PRNewswire/ — OpenText™ (NASDAQ: OTEX) (TSX: OTEX), today announced the agenda and keynote speakers for OpenText Enfuse On Air 2020. The premier security conference focused on the prevention, detection, and investigation of threats will be hosted digitally from November 10 – December 1. New content exploring emerging trends and scalable solutions will be released live and on-demand every Tuesday over the course of four weeks.
“In a year of unprecedented change, work from anywhere and digital acceleration, cyber-crimes are increasing faster than ever,” said OpenText CEO & CTO Mark J. Barrenechea. “OpenText Enfuse On Air will bring together a community of experts to help organizations build cyber resilience and protect against the current and next generation of vulnerabilities.”
At Enfuse, practitioners and industry experts in cybersecurity and data protection will come together to review best practices and find new opportunities with OpenText solutions. Attendees will be able to access keynote presentations, live and on-demand sessions from OpenText experts and industry leaders, and interactive virtual labs and CPE accredited training sessions. Each week will have a specific theme and provide opportunities for attendees to hear from law …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “OpenText Introduces Enfuse On Air: A new digital conference format for Cyber Resilience and Investigation Experts”

Enel Group Hit Again By Ransomware And Netwalker Demands $14 Million | Information Security Buzz

enel group hit again by ransomware and netwalker demands $14 million | information security buzz

BEGIN ARTICLE PREVIEW:

The multinational energy company Enel Group has been hit by a ransomware attack for the second time this year. This time by Netwalker, who is asking a $14 million ransom for the decryption key and to not release several terabytes of stolen data. Enel is one of the largest players in the European energy sector, with more than 61 million customers in 40 countries. As of August 10, it ranks 87 in Fortune Global 500, with a revenue of almost $90 billion in 2019.

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Enel Group Hit Again By Ransomware And Netwalker Demands $14 Million | Information Security Buzz”

Remote Working – Malware Is NOT Spread By People | Information Security Buzz

remote working – malware is not spread by people | information security buzz

BEGIN ARTICLE PREVIEW:

As of October 2020, we would seem to be dug in even deeper into the pit of the global Pandemic with no end game in our forward vision. Thus, those Remote Working, Out of Office forced conditions would not seem to be something that will be going away anytime soon – so time to adapt – not on a Tactical basis, but with long-term Strategy at the forefront of our minds-eye.
On the 27th of October I ran a Webinar which showcased the serious plight businesses are finding themselves in – picking up on the massive exposure that multiples of soft-belly SME’s (Small Medium Business) already face outside of the conditions of the pandemic, which have been reported by Cisco that 53% of such small businesses suffered a security breach in 2018 – with 4,500 of that SME grouping accounting for UK based organisations! Add to the Cisco findings a report published by NFU, who concluded that no less than 45% of businesses have lacklustre cyber defences in place, and one only may conclude that the size of the bigger picture in which unknown unknowns exist (unreported) will increase the number significantly!
The Webinar (see link below) which aired to a global audience of subscribers covered key areas …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Remote Working – Malware Is NOT Spread By People | Information Security Buzz”

Iran-linked Threat Actor Targets T20 Summit Attendees | Information Security Buzz

iran-linked threat actor targets t20 summit attendees | information security buzz

BEGIN ARTICLE PREVIEW:

It has been reported that an Iranian threat actor has successfully compromised attendees of two global conferences – including ambassadors and senior policy experts –  in an effort to steal their email credentials. Microsoft linked the attack, which targeted more than 100 conference attendees, to Phosphorus, which it said is operating from Iran. The group – also known as APT 35, Charming Kitten, and Ajax Security Team – has been known to use phishing as an attack vector.

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Iran-linked Threat Actor Targets T20 Summit Attendees | Information Security Buzz”

Businesses struggle with data security practices – Help Net Security

businesses struggle with data security practices – help net security

BEGIN ARTICLE PREVIEW:

43% of C-suite executives and 12% of small business owners (SBOs) have experienced a data breach, according to Shred-it.

While businesses are getting better at protecting their customers’ personal and sensitive information, their focus on security training and protocols has declined in the last year. This decline could pose issues for businesses, as 83% of consumers say they prefer to do business with companies who prioritize protecting their physical and digital data.
The findings reinforce the need for business owners to have data protection policies in place as threats to data security, both physical (including paper documents, laptop computers or external hard drives) and digital (including malware, ransomware and phishing scams), have outpaced efforts and investments to combat them.
The report, which was completed prior to COVID-19, also exposes that more focus is needed around information security in the home, where C-suites and SBOs feel the risk of a data breach is higher.
While advancements in technology have allowed businesses to move their information to the cloud, only 7% of C-suites and 18% of SBOs operate in a paperless environment. Businesses still consume vast amounts of paper, dispelling the myth of offices going digital and signaling a need for oversight of physical information and data …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Businesses struggle with data security practices – Help Net Security”

Most companies have high-risk vulnerabilities on their network perimeter – Help Net Security

most companies have high-risk vulnerabilities on their network perimeter – help net security

BEGIN ARTICLE PREVIEW:

Positive Technologies performed instrumental scanning of the network perimeter of selected corporate information systems. A total of 3,514 hosts were scanned, including network devices, servers, and workstations.

The results show the presence of high-risk vulnerabilities at most companies. However, half of these vulnerabilities can be eliminated by installing the latest software updates.
The research shows high-risk vulnerabilities at 84% of companies across finance, manufacturing, IT, retail, government, telecoms and advertising. One or more hosts with a high-risk vulnerability having a publicly available exploit are present at 58% of companies.
Publicly available exploits exist for 10% of the vulnerabilities found, which means attackers can exploit them even if they don’t have professional programming skills or experience in reverse engineering. However, half of the vulnerabilities can be eliminated by installing the latest software updates.
The detected vulnerabilities are caused by the absence of recent software updates, outdated algorithms and protocols, configuration flaws, mistakes in web application code, and accounts with weak and default passwords.
Vulnerabilities can be fixed by installing the latest software versions
As part of the automated security assessment of the network perimeter, 47% of detected vulnerabilities can be fixed by installing the latest software versions.
All companies had problems with keeping software up …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Most companies have high-risk vulnerabilities on their network perimeter – Help Net Security”

LEFT TO MY OWN DEVICES: Security and privacy because of our greatness

left to my own devices: security and privacy because of our greatness

BEGIN ARTICLE PREVIEW:


Let me begin this week’s column, seven days in advance of a pivotal day in modern American history, by stating the premise that information security and privacy relies on a solid foundation before the topic of the internet comes into play. That’s not to say that the web spanning the wide world isn’t as important a factor as this foundation. That global reach of connectivity is another premise to understand on top of its underpinnings. The foundation, these underpinnings, includes the rule of law, democracy, the protections found in the Bill of Rights, and America’s place amongst its 194 fellow countries. The final factor–part of a community of nations–points to the foundation as well as the second premise, which relates to the global network of billions of connected devices all interconnected.During my life the U.S. has held a special place in our peer, nation-states’ perceptions. Our constitution, its rights, and the system of jurisprudence (one stemming from England’s common law system) have been mirrored across the globe. We’ve been revered as innovators. Our commercial freedoms and opportunities attract talented millions from all points. Much of our culture, especially film, music, and television, inspires artists from all walks. Most of …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “LEFT TO MY OWN DEVICES: Security and privacy because of our greatness”

Terranova Security Announces New Program Tiers, Special Offers, and an Enhanced Portal Experience for Cyber Security Partners Globally

terranova security announces new program tiers, special offers, and an enhanced portal experience for cyber security partners globally

BEGIN ARTICLE PREVIEW:

LAVAL, QC, Oct. 28, 2020 /PRNewswire/ – Today, Terranova Security, a global security awareness partner of choice, announced various enhancements available to MSSPs, OEMs, distributors, resellers, and technology partners worldwide, as well as existing members of their partner program.
These enrichments include expanded partner program tier options, a host of special offers to bolster revenue generation opportunities, and an enhanced, easy to use partner portal interface
The Terranova Security Partner Program offers its community of security awareness leaders a simple but powerful ecosystem that supports long-term business and portfolio growth.
Participants enjoy access to:

Comprehensive online training and certification that establishes them as a trusted information security awareness advisor.
Special incentives and offers that drive new sales opportunities and facilitate new account acquisition and portfolio expansion.
Sales and marketing resources that promote continuous business growth.
Reliable, engaging security awareness solutions that leverage Terranova Security’s proven training material and phishing simulations.
A transparent, mutually beneficial program structure where all sales engagement is conducted with the utmost attentiveness.

“The Terranova Security Partner Program enhancements represent an exciting new chapter for our organization,” said Mathieu Ouellette, VP of Sales at Terranova Security. “We’re happy to welcome new partners into a thriving community of cyber security …

END ARTICLE PREVIEW

READ MORE FROM SOURCE ARTICLE Continue reading “Terranova Security Announces New Program Tiers, Special Offers, and an Enhanced Portal Experience for Cyber Security Partners Globally”