Daily Tech Digest - April 10, 2021

15 Cybersecurity Pitfalls and Fixes for SMBs

We have obviously, the nation-state actor, which for a typical SMB would be kinda hard to protect against. Especially now as some evidence suggests that there were more than a thousand developers that contributed to the SolarWinds attack and so forth. And, I think that that might be something that’s not in the context of a typical SMB IT admin. But then you also have groups that are teenagers that are hacking around from Mom’s basement, right? You have those guys. You have legitimate criminal enterprises that are in a for-profit, that have balance sheets that have accountants that are actually doing things for profit and for their own revenue. And so when you look at the tools that are available to these organizations, if you look at the black market, and if you look at some of the things that are happening on the internet, you can actually buy toolkits for exploitation. You can buy toolkits that will allow some of these attacks to happen. And from the perspective of a malicious actor, the idea is not necessarily to target a specific business and to get their data. It’s kinda like fishing. You know, the larger net you cast, the more fish you’re going to catch. 

8 Security & Privacy Apps to Share With Family and Friends

Fifteen percent of consumers have left at least one online purchase process because of perceived security issues in the retail website, one report found last holiday season. Fourteen percent declined to purchase an item because of fears over how their data would be handled. And adoption of good security habits is on the uptick: Duo Lab's "2020 State of the Auth" report found more than half (53%) of respondents had used two-factor authentication (2FA), an increase from 28% two year prior. While most (71.5%) had experienced 2FA via SMS, more than one-third (36%) had used an authenticator app. We live in a time when most people spend hours a day on their mobile devices to do their jobs, keep in touch with friends and family, schedule appointments, handle their finances, and complete myriad other tasks. As smartphones handle more of our data, the need to secure them grows. There are several kinds of mobile apps to boost personal security and privacy, from password managers, to secure messaging apps, to anti-theft apps, and more. As a security pro, you may have your device locked down — but your family and friends may not know which steps they should be taking.

Threat matrix for storage services

Within cloud storage services, we witness users sharing various file types, such as Microsoft Office and Adobe files, and attackers taking advantage of this to deliver malware through email. Moreover, use cases of cloud storage go beyond internal interfaces, with business logic being shared with third parties. Therefore, the Azure Defender for Storage security team has mapped the attack surface undertaken by leveraging Storage service. This post reflects our findings based on the MITRE ATT&CK® framework, which is a knowledge base for tactics and techniques employed in cyberattacks. MITRE matrices have become an industry standard and are embraced by organizations aiming to understand potential attack vectors in their environments and to ensure they have adequate detections and mitigations in place. While analyzing the security landscape of storage, and applying the same methodology we defined for Kubernetes, we noticed the resemblance and differences across techniques. Whilst Kubernetes underlies an operating system, its threat matrix is structured like MITRE matrices for Linux or Windows.

Visa Describes New Skimming Attack Tactics

Visa's Payment Fraud Disruption team reports that cybercriminals are increasingly using web shells to establish command and control over retailers' servers during payment card skimming attacks. "As a result, eSkimming, or digital skimming, is among the top threats to the payments ecosystem," according to the Visa report. The web shells enable fraudsters conducting digital skimming attacks on e-commerce sites to establish and maintain access to compromised servers, deploy additional malicious files and payloads, facilitate lateral movement within a victim's network and remotely execute commands, Visa says. The most common methods for deploying a web shell are malicious application plug-ins and PHP code, Visa reports. Visa reached its conclusions after studying 45 digital skimming attacks in 2020. In February, Microsoft reported spotting 140,000 web shells per month on servers from August 2020 to January 2021, which it said is almost twice the number from the same period the year before. These web shells, however, were not being used for retail attacks. Visa notes attacks skimming payment card data from online checkout functions of e-commerce sites have become more prevalent during the COVID-19 pandemic as consumers have shifted to online shopping.

Dodge Adversarial AI Attacks Before It's Too Late!

In this tech-oriented world where a number of hackers and technological advancements are emerging in parallel to each other, artificial intelligence has made big strides recently in understanding languages. Contrary to this, artificial intelligence can still suffer from potentially dangerous and alarming sorts of algorithmic insight. Research depicts how AI algorithms that parse and analyze algorithms can be tricked and deceived by precisely crafted phrases. A sentence that might seem appropriate to you may have the strange ability to dodge the AI algorithm. It is estimated by the expert community that by the year 2040, artificial intelligence will reach the capability to perform all the intellectual functions of human beings. This might seem frightening but with the few techniques outlined in this teachable, you will radically grow your possibilities of survival when encountering artificial intelligence. Deceiving facial recognition features and tricking speech-recognition features is child’s play for hackers and emerging cybercriminals. Meanwhile, adversarial attacks invite more conceptual and deeper speculation.

Digital transformation: 5 trends that could shift your strategy

Application development, modernization, and integration are central practices in digital transformations that help organizations launch new business capabilities, improve customer experiences, and drive business process efficiencies. Until recently, CIOs and IT leaders considered implementations as a build-vs.-buy decision or used an RPA platform to automate workflows. Many invested in maturing agile and DevOps to continuously deliver cloud-native microservices and applications when building applications. Then COVID hit, and more IT leaders pursued low-code and no-code platforms to accelerate application development. Having multiple approaches to develop and support application development and integration is beneficial, but today, a growing number of options provide a complete hyperautomation platform. Hyperautomation app dev platforms have a mix of low-code, no-code, automation, and machine learning capabilities, provide out-of-the-box DevOps capabilities, and align the dev lifecycle to agile processes. Collectively, they can accelerate the development process and improve the productivity and quality of development efforts.

Using a schema registry to ensure data consistency between microservices

If Microservice A is holding data in a structure that is incongruent with Microservice B’s schema, some mapping will need to be done. There’s no magic. But, at the least, the developer writing the data exchange code will be aware of the conditions to satisfy because Microservice B’s data schema is well known. It’s not a question of reverse engineering some code in play and then having to figure out the mapping. Having the reliability provided by a single source of truth is a definite time-saver. Another area where a schema registry provides significant value is around validation. In the world of data management, there are few experiences more disappointing than writing a bunch of data validation code based on a given example, only to have the code become worthless because the underlying data schema you used was changed by a Data Architect somewhere upstream in the development process. Using a schema registry minimizes the problem. In some cases, using a schema registry makes the issue goes away altogether. The way it works is that when it comes time to validate some data, the developer will get the schema associated with the submitted data from the domain’s schema registry.

US Blacklists 7 Chinese Supercomputer Entities

Citing national security concerns, the U.S. Department of Commerce this week placed seven Chinese supercomputer organizations on the Entity List, which effectively bars them from receiving supplies or components from American companies. Commerce Secretary Gina M. Raimondo notes that the high-performance computing technologies developed by these entities could be used in weapons of mass destruction programs. "Supercomputing capabilities are vital for the development of many - perhaps almost all - modern weapons and national security systems, such as nuclear weapons and hypersonic weapons," Raimondo says. "The Department of Commerce will use the full extent of its authorities to prevent China from leveraging U.S. technologies to support these destabilizing military modernization efforts." Now that these organizations have been placed on the Entity List, the Commerce Department will require them to apply for a special license to do business with U.S. companies or receive supplies or components from American firms. The department's Bureau of Industry and Security must review and then approve or deny all license applications for organizations on the Entity List. 

Crossing the Line: When Cyberattacks Become Acts of War

The Cold War concept isn’t outdated. In the decades since the fall of the Soviet Union, the battleground has simply shifted from conflicts between ideological proxy governments to cyberspace. And the opponents have grown from a few primary nations into a broad range of sovereign threat actors. The question is, when does a cyberattack cross the line between a criminal action or mere prank, to an act of war? Is it the nature of the victim? The nature of the attacker? The nature of the damage? Or a combination of them all? To be sure, this is not a determination for cybersecurity professionals to make. Our role is to defend IT assets for our organizations by reducing risk, mitigating threats, remediating the situation after an attack, and generally trying to keep everything running safely and smoothly. It doesn’t matter whether we are facing a script kiddie trying to deface a website, a political hacktivist trying to make a statement, a cybercriminal trying to steal or ransom our data, or a state actor trying to steal confidential information. Our goal is to keep them out, and minimize the damage when they do manage to get in. The only thing that changes is how well-resourced and tenacious our opponents are.

4 Body Language Mistakes and How to Fix Them

When engaged in a difficult conversation, without empathizing with how the other person might be feeling in the moment, we may appear cold, unemotional, and downright rude. By adopting kindness and warmth in our body language, we can convey the right message without necessarily making them feel bad. When someone is passed up for a promotion, showing an attitude of indifference without understanding the value it holds in their life can make them resent you. Body language that shows presence and concern by giving them an opportunity to express their feelings can build better relationships. When a co-worker is grieving a personal loss, you may appear too intrusive in your body language when all they need is space to let the feelings subside. It could be a personal preference or a cultural nuance, but without understanding their context you may actually do more harm than good. When dealing with difficult people, your body language may switch to a fight-or-flight response. But, if you take a moment to analyze the situation without being at the effect of a fundamental attribution error, you may understand the rationale behind their behavior.

Quote for the day:

“Prove your integrity day-by-day, by keeping promises.” -- S. Chris Edmonds

No comments:

Post a Comment