Copy
View this email in your browser

Thursday, July 8, 2021

A selection of the top articles and videos from the last week on SecuritySenses.com. Don't forget to check back regularly for daily updates from around the globe.

If you like SecurityBuzz, why not forward it to some friends or share the online version?

Until Next Time! 👏

Tweet
Share
Share
Forward

Ways to prevent ransomware attacks: how to avoid becoming a victim

07-Jul-21   |   By Mark Stone   |   In AT&T Cybersecurity , Malware
AT&T Cybersecurity

The reason why ransomware is more rampant today is simple: it’s lucrative for hackers. As high-profile examples of ransomware continue to skyrocket concerning the amount of ransom paid, hackers will only continue to pursue it as a strategy.

Read More

Lookout Unearths Android Crypto Mining Scams

07-Jul-21   |   By Ioannis Gasparis   |   In Lookout , Blockchain
Lookout

Cryptocurrencies, once the exclusive domain of an idealistic fringe movement, have recently become attractive to mainstream retail investors. During the COVID-19 pandemic, the valuation of cryptocurrencies rose exponentially, reaching a market capitalization of over $2 trillion. Cybercriminals are always looking for the path of least resistance to make money and cryptocurrencies are now in their crosshairs.

Read More

7 Best Practices for Building a Baseline of User Behavior in Organizations

07-Jul-21   |   By Ekran   |   In Ekran , Insider Threats
Ekran

Securing an organization’s sensitive data is hard, especially when the danger comes from within. A careless coworker may insecurely share credentials, an intruder may compromise an account, or a malicious insider may misuse their access rights. According to the 2020 Cost of Insider Threats Report [PDF] by IBM, 60% of organizations experienced more than 20 insider-related incidents in 2019. One promising solution to prevent insider threats is user and entity behavior analytics (UEBA). Introducing a UEBA mechanism to your cybersecurity program can help you detect malicious activity before it harms your organization. In this article, we explain what UEBA is and how it works. We also offer seven best practices to build a behavioral baseline.

Read More

What is Asset Discovery? A Look Beneath the Surface

07-Jul-21   |   By Matthew Jerzewski   |   In Tripwire , Asset Management
Tripwire

The corporate network can be a busy place with devices connecting, reconnecting and disconnecting every day. With the ever-growing landscape of today’s corporate networks, the difficulty of knowing and understanding what is on an enterprise network has highlighted the importance of effective asset discovery. So what does asset discovery involve? Asset discovery involves keeping a check on the active and inactive assets on a network. For many modern corporations, this will now include cloud, virtual, and mobile devices in addition to the traditional on-premise workstations and servers. This can start to make gathering insight into devices more difficult.

Read More

Netskope Threat Coverage: REvil

07-Jul-21   |   By Gustavo Palazolo   |   In Netskope , Cloud
Netskope

The REvil ransomware (a.k.a Sodinokibi) is a threat group that operates in the RaaS (Ransomware-as-a-Service) model, where the infrastructure and the malware are supplied to affiliates, who use the malware to infect target organizations. On July 2, the REvil threat group launched a supply chain ransomware attack using an exploit in Kaseya’s VSA remote management software. REvil claims to have infected more than one million individual devices around the world.

Read More

Policy-based infrastructure guardrails with Terraform and OPA

07-Jul-21   |   By Styra   |   In Styra , Containers
Styra

Few things in recent years have changed the game plan of the tech organization as much as the infrastructure as code movement. With infrastructure itself largely having moved into the cloud, automating provisioning, upgrades and management of that infrastructure was a natural next step.

Read More

Protecting Your Online Privacy: Three Levels of Security

06-Jul-21   |   By Tripwire Guest Authors   |   In Tripwire , Data Security
Tripwire

Data leaks happen once every few months at least. Millions of users can have their phone number, address, and Social Security Number smeared across the internet in a matter of seconds. Your online browsing behavior is also sold legally by tech companies to the highest bidder. Ever seen an ad that is a little too specific? Most major tech companies rely on some form of data harvesting for revenue. As consumers, should we do anything? Can we do anything? The answer to both of these questions is resoundingly ‘yes.’ By using services geared towards privacy, we can jointly prevent both sources of danger to our private information – that is, data leaks and data harvesting.

Read More

Bringing Governance, Risk, and Compliance to Life

06-Jul-21   |   By Tripwire Guest Authors   |   In Tripwire , Compliance
Tripwire

I was recently asked to host a round table discussion on ‘Governance, Risk and Compliance‘ (GRC), and I have to admit I was more than a little excited. Why? Because the other people around the table were leading lights in the world of Cybersecurity, Risk and Resilience, and I was looking forward to exploring how a GRC framework can work across industries and learning some valuable lessons from those around our virtual table. I was not disappointed, and what follows are some of the key insights and takeaways that are now on my ‘To Do’ list. If you’re looking to implement a GRC framework, then I suggest they become yours, too.

Read More

Breaking Out of the NOC Box

06-Jul-21   |   By Mark Day   |   In Netskope , Networks
Netskope

When did you first see a network operations center (NOC)? For me, it was 1983 at BBN in Cambridge. With some whiteboards, a few terminals, and a handful of chairs, it was modest compared to ones I’ve seen since–but it was also the NOC for the whole internet at the time. Even then, that significance made it a pretty cool place. Of course, these days the idea of a NOC for the whole internet is mostly a quaint anachronism; today’s internet is too complex, both technically and politically, for a single NOC to manage. It would be a mistake to think about today’s internet in terms of that NOC.

Read More

Tips and best practices for building secure container images

06-Jul-21   |   By Matt Jarvis   |   In Snyk , Containers
Snyk

When you start scanning your container images, it can be disconcerting to discover that you have large numbers of vulnerabilities. Below is a scan I did last week on a vulnerable node image that I built. While a fairly extreme example, you can see that this image out of the box is showing as having over 800 vulnerabilities in it. Faced with this, many of us will just freeze like a deer in headlights when presented with a big list of CVE’s, particularly if our focus is on application development and not system administration. What am I supposed to do with this information, where do I start? I just wanted an image to run my node application in, and already I’m facing this gigantic task to make it secure.

Read More

Are Any of These Top Open Source Vulnerability Testing Tools in Your Program?

06-Jul-21   |   By ZeroNorth   |   In ZeroNorth , Security
ZeroNorth

Sorting out the differences and similarities among the various open source (OS) security tools is no easy task. In fact, many security practitioners today agree, it can be staggeringly complex. Although automated OS security scanning tools make it easier to find and patch existing vulnerabilities in web applications, thereby reducing the burden on security and development teams, they do require a good deal of management and oversight.

Read More

How to Prevent Man-In-The-Middle Attacks and Fight Financial Fraud

06-Jul-21   |   By Andrew Zola   |   In INETCO , Fraud
INETCO

You just started reading this blog post. But are you reading it alone? Or is there a “man in the middle” watching and recording everything you do online? While it may sound like a plot from a Hollywood blockbuster, the reality is far from amusing. A man-in-the-middle (MitM) attack can quickly occur when an unsuspecting victim joins the same public Wi-Fi network as a malicious attacker, for example, at a cafe. Once the victim joins the network, it only takes a few steps to compromise that device completely. If they work remotely, threat actors can use this device to penetrate enterprise networks. It also gets more complex and challenging in industries like finance and banking.

Read More

How to protect your site against lethal unauthorized code injections

06-Jul-21   |   By Theodoros Karasavvas   |   In AT&T Cybersecurity , Cyberattacks
AT&T Cybersecurity

Lethal unauthorized code injections like XXS (cross site scripting) attacks are some of the most dynamic cyber-attacks. They are often very difficult to detect and can result in credit card theft, fraud, and endpoint data breaches, having a huge impact on small to medium sized businesses. In a recent AT&T cybersecurity survey, 88% of respondents reported that they had experienced at least one security incident within the past year. A CSP (content security policy) can be a great solution for defending sites from lethal code injections, especially when used in conjunction with additional layers of security to protect users' most sensitive data.

Read More

How to Ensure Password Hygiene at Your Organization

06-Jul-21   |   By Kasey Hewitt   |   In SecurityScorecard , Risk Management
SecurityScorecard

In a SecureAuth survey, 62% of respondents claimed to use the same password across three to seven different accounts. It begs the question: If passwords play an integral role in cybersecurity performance, why are people so remiss when it comes to practicing good password hygiene? Practicing good password hygiene is a security measure that organizations must take to protect against cyber threats. With concerns rising over data breaches, organizations must teach employees to take the necessary password protection measures to avoid attacks and compliance headaches.

Read More

Updated Cyber Security Fundamentals for Financial Services Organizations

06-Jul-21   |   By Terry Mason   |   In Kroll , Data Breaches
Kroll

The recent slate of breaches and regulatory actions has prompted many companies who had been doing the minimum in terms of proactive cyber risk management to rethink their approach. In the U.S., new regulations are emerging (for states like Virginia, Colorado, Massachusetts and many others), and existing regulators are increasing their enforcement, as we’ve seen by the NY Dept of Financial Services (NYDFS) and the SEC. Security professionals have been saying this for years, but financial institutions of all sizes need to take cyber security seriously or risk significant fines and reputational damage.

Read More

Internal vs External Vulnerability Scans: Understanding the Difference

05-Jul-21   |   By Harshit Agarwal   |   In Appknox , Mobile
Appknox

When it comes to establishing a robust mobile application security posture, vulnerability scanning is certainly the go-to option. But given the complex cybersecurity challenges of modern times, it might be complicated and challenging to implement vulnerability scanning properly. According to the 2020 Edgescan Vulnerability Statistics Report, around 35% of the vulnerabilities discovered in external-facing apps were of critical or high risk. Given such levels of security risk, organizations must roll up their sleeves and turn to mature security practices like vulnerability scans to mitigate the underlying security risks and strengthen their security infrastructure.

Read More

What Is RegTech and Why Does It Matter?

05-Jul-21   |   By Reciprocity Labs   |   In Reciprocity , Compliance
Reciprocity

Financial institutions lost $16.9 billion to account takeover and identity fraud in 2019 alone, and the shift to online financial services during the pandemic only exacerbated the problem. At the same time, the 60 percent jump in compliance costs and risk management spending since the 2008 financial crisis has left retail and corporate banks with little discretionary funding. New technology to alleviate those compliance burdens — commonly known as “RegTech” — has emerged as one compliance solution financial firms might consider. And since Deloitte reports that the industry has grown from 150 RegTech firms to more than 400 in the last four years, clearly the financial sector is considering it quite a bit.

Read More

The Aviation Industry Needs to Move Towards Cyber Resilience

05-Jul-21   |   By Anastasios Arampatzis   |   In Tripwire , Security
Tripwire

2021 is a significant year for aviation. It marks the 20th anniversary of the 9/11 attacks, the worst acts of unlawful interference in the history of aviation. It is also the Year of Security Culture for the ICAO community, which aims to enhance security awareness and foster a security culture throughout the industry. The importance of understanding the threat to aviation and promoting best practices in security throughout all aviation operations is imperative considering that the air transport sector continues to modernize and digitize.

Read More

Difference between hashing and encryption and salting explained with examples

05-Jul-21   |   By Editor   |   In Cyphere , Security
Cyphere

Hashing is a one-way function that outputs a fixed-length string, where it’s impossible to decipher back into the original input. Encryption is a reversible process used to scramble data so that it can’t be read. So, if you’re looking for a way to keep your passwords safe and secure, look no further than hashing! But there is a slight catch here that relates to the term salting. We will dig into these terminologies, examples and the difference between hashing and encryption and salting in this blog.

Read More

Agent REvil Unveiled in Kaseya VSA Ransomware Attack

05-Jul-21   |   By Ryan Sherstobitoff   |   In SecurityScorecard , Cyberattacks
SecurityScorecard

In the world of cybersecurity, there are no holidays and days off as proven by the ransomware attacks that began during the Fourth of July weekend, impacting users of the Kaseya VSA remote management and monitoring software. Managed service providers (MSPs) were targeted by the REvil hacker group, in a novel approach to distributing ransomware that involved compromising on-prem Kaseya VSA servers and distributing malicious software that is still encrypting thousands of servers and workstations across industries worldwide.

Read More

MSPs Targeted in Ransomware Attack

04-Jul-21   |   By Cyberint Research   |   In Cyberint , Cyberattacks
Cyberint

News has been surfacing throughout the day on July 3, 2021, of a seemingly large ransomware attack affecting hundreds of organizations following a software supply chain compromise at the supplier of software to managed service providers (MSPs). This incident is thought to have commenced with the compromise of 'Kaseya', a US-based software developer that supplies MSPs, and it is understood that their network management software, VSA, was used to deploy a ransomware threat to other organizations in a situation somewhat reminiscent of the SolarWinds supply chain attack.

Read More

Networking with a Service Mesh: Use Cases, Best Practices, and Comparison of Top Mesh Options

04-Jul-21   |   By Amir Kaushansky   |   In ARMO , DevOps
ARMO

Service mesh technology emerged with the popularization of microservice architectures. Because service mesh facilitates the separation of networking from the business logic, it enables you to focus on your application’s core competency. Microservice applications are distributed over multiple servers, data centers, or continents, making them highly network dependent. Service mesh manages network traffic between services by controlling traffic with routing rules and the dynamic direction of packages between services. In this blog, we will look at use cases, compare top mesh options, and go over best practices. Let us start with the most common scenarios where service meshes are used.

Read More

Top 5 Scam Techniques: What You Need to Know

02-Jul-21   |   By Martina Dove   |   In Tripwire , Fraud
Tripwire

Scammers are increasingly resourceful when coming up with scam techniques. But they often rely on long-standing persuasion techniques for the scam to work. So, you may hear about a new scam that uses a novel narrative, but there is a good chance that the scam relies on proven scam techniques once the narrative is stripped away. These scam techniques often exploit our characteristics and heuristics, or things that make us human and fallible. In this blog post, I will cover some of the most common scam techniques and explain how they work.

Read More

The Buyer's Guide to Scalable Application Security

02-Jul-21   |   By Jocelyn Chan   |   In Detectify , Application Security
Detectify

Detectify is helping tech organizations bring safer web products to market by providing crowdsourced, cloud-based, continuous web app security. Here’s a buyer’s guide on how you can get scaleable application security in 2021 and beyond. There are so many appsec tools out there with the same features. It’s hard to see value clearly amongst all the noise. A valuable security tool will speed up product to market, scale out security responsibilities across the tech organization, and encourage collaboration internally and with external security experts to gain actionable insights.

Read More

What Is Privileged Access Management (PAM)?

02-Jul-21   |   By Martin Cannard   |   In Netwrix , Access Management
Netwrix

Users with privileged access to an organization’s systems and networks pose a special threat. External threat actors often target privileged accounts using phishing schemes and social engineering techniques, since gaining control over these credentials helps them move more freely inside the network. Moreover, people sometimes misuse their own privileged accounts; this type of cyberattack takes the longest to discover, according to the Verizon Data Breach Investigation Report. Privileged access management (PAM) tools help network administrators control privileged access to reduce the risk of accidental or deliberate misuse of these powerful accounts.

Read More

How Dockershim's Forthcoming Deprecation Affects Your Kubernetes

01-Jul-21   |   By Tripwire Guest Authors   |   In Tripwire , Containers
Tripwire

Container orchestration platform Kubernetes announced in December 2020 that its third and final release, Kubernetes v1.20, would deprecate dockershim and subsequently Docker as a container runtime. This deprecation has brought multiple changes that admins must be aware of and accordingly respond to. To best understand these changes and how dockershim’s deprecation affects admins and their work, let’s quickly dive into what dockershim is, its relevance to container security, and the reasons behind Kubernetes’ decision to deprecate it.

Read More

Optimizing Cloud Security Efficacy & Performance Through a Single-Pass Architecture

01-Jul-21   |   By Krishna Narayanaswamy   |   In Netskope , Cloud
Netskope

Cybersecurity has a bad rap for getting in the way of business. Many CIOs & CISOs dedicate a lot of time to minimizing security solutions’ performance drag on their network traffic while ensuring that the solutions continue to do their job keeping the network secure. The move to the cloud exacerbates this challenge.

Read More

What Is Penetration Testing? A Detailed Guide

01-Jul-21   |   By Patricia Johnson   |   In WhiteSource , DevOps
WhiteSource

Penetration testing is a common technique used to analyze the security posture of IT infrastructure. Web application penetration testing can assist you in identifying the potential security weaknesses in your web-based applications so that they can be fixed before attackers exploit them.

Read More

How much does penetration testing cost?

01-Jul-21   |   By The Redscan Team   |   In Redscan , Penetration Testing
Redscan

Commissioning a penetration test is an important step in helping to enhance your organisation’s cyber security resilience. Pen testing costs vary from a few thousand pounds to several thousand more, so it’s essential to ensure that the pen testing you select enables you to achieve the best security outcomes from your budget. Every organisation has its own testing requirements and penetration testing pricing varies according to the type of test performed, as well as its overall objectives and duration. Penetration testing costs ultimately depend on the issues and requirements identified during the initial scoping phase.

Read More
Copyright © 2021 OpsMatters, All rights reserved.


Want to change how you receive these emails?
You can update your preferences or unsubscribe from this list.

Email Marketing Powered by Mailchimp