15 Cybersecurity Pitfalls and Fixes for SMBs
We have obviously, the nation-state actor, which for a typical SMB would be
kinda hard to protect against. Especially now as some evidence suggests that
there were more than a thousand developers that contributed to the SolarWinds
attack and so forth. And, I think that that might be something that’s not in
the context of a typical SMB IT admin. But then you also have groups that are
teenagers that are hacking around from Mom’s basement, right? You have those
guys. You have legitimate criminal enterprises that are in a for-profit, that
have balance sheets that have accountants that are actually doing things for
profit and for their own revenue. And so when you look at the tools that are
available to these organizations, if you look at the black market, and if you
look at some of the things that are happening on the internet, you can
actually buy toolkits for exploitation. You can buy toolkits that will allow
some of these attacks to happen. And from the perspective of a malicious
actor, the idea is not necessarily to target a specific business and to get
their data. It’s kinda like fishing. You know, the larger net you cast, the
more fish you’re going to catch.
8 Security & Privacy Apps to Share With Family and Friends
Fifteen percent of consumers have left at least one online purchase process
because of perceived security issues in the retail website, one report found
last holiday season. Fourteen percent declined to purchase an item because of
fears over how their data would be handled. And adoption of good security
habits is on the uptick: Duo Lab's "2020 State of the Auth" report found more
than half (53%) of respondents had used two-factor authentication (2FA), an
increase from 28% two year prior. While most (71.5%) had experienced 2FA via
SMS, more than one-third (36%) had used an authenticator app. We live in a
time when most people spend hours a day on their mobile devices to do their
jobs, keep in touch with friends and family, schedule appointments, handle
their finances, and complete myriad other tasks. As smartphones handle more of
our data, the need to secure them grows. There are several kinds of mobile
apps to boost personal security and privacy, from password managers, to secure
messaging apps, to anti-theft apps, and more. As a security pro, you may have
your device locked down — but your family and friends may not know which steps
they should be taking.
Threat matrix for storage services
Within cloud storage services, we witness users sharing various file types,
such as Microsoft Office and Adobe files, and attackers taking advantage of
this to deliver malware through email. Moreover, use cases of cloud storage go
beyond internal interfaces, with business logic being shared with third
parties. Therefore, the Azure Defender for Storage security team has mapped
the attack surface undertaken by leveraging Storage service. This post
reflects our findings based on the MITRE ATT&CK® framework, which is a
knowledge base for tactics and techniques employed in cyberattacks. MITRE
matrices have become an industry standard and are embraced by organizations
aiming to understand potential attack vectors in their environments and to
ensure they have adequate detections and mitigations in place. While analyzing
the security landscape of storage, and applying the same methodology we
defined for Kubernetes, we noticed the resemblance and differences across
techniques. Whilst Kubernetes underlies an operating system, its threat matrix
is structured like MITRE matrices for Linux or Windows.
Visa Describes New Skimming Attack Tactics
Visa's Payment Fraud Disruption team reports that cybercriminals are
increasingly using web shells to establish command and control over retailers'
servers during payment card skimming attacks. "As a result, eSkimming, or
digital skimming, is among the top threats to the payments ecosystem,"
according to the Visa report. The web shells enable fraudsters conducting
digital skimming attacks on e-commerce sites to establish and maintain access
to compromised servers, deploy additional malicious files and payloads,
facilitate lateral movement within a victim's network and remotely execute
commands, Visa says. The most common methods for deploying a web shell are
malicious application plug-ins and PHP code, Visa reports. Visa reached its
conclusions after studying 45 digital skimming attacks in 2020. In February,
Microsoft reported spotting 140,000 web shells per month on servers from
August 2020 to January 2021, which it said is almost twice the number from the
same period the year before. These web shells, however, were not being used
for retail attacks. Visa notes attacks skimming payment card data from online
checkout functions of e-commerce sites have become more prevalent during the
COVID-19 pandemic as consumers have shifted to online shopping.
Dodge Adversarial AI Attacks Before It's Too Late!
In this tech-oriented world where a number of hackers and technological
advancements are emerging in parallel to each other, artificial intelligence
has made big strides recently in understanding languages. Contrary to this,
artificial intelligence can still suffer from potentially dangerous and
alarming sorts of algorithmic insight. Research depicts how AI algorithms that
parse and analyze algorithms can be tricked and deceived by precisely crafted
phrases. A sentence that might seem appropriate to you may have the strange
ability to dodge the AI algorithm. It is estimated by the expert community
that by the year 2040, artificial intelligence will reach the capability to
perform all the intellectual functions of human beings. This might seem
frightening but with the few techniques outlined in this teachable, you will
radically grow your possibilities of survival when encountering artificial
intelligence. Deceiving facial recognition features and tricking
speech-recognition features is child’s play for hackers and emerging
cybercriminals. Meanwhile, adversarial attacks invite more conceptual and
deeper speculation.
Digital transformation: 5 trends that could shift your strategy
Application development, modernization, and integration are central practices
in digital transformations that help organizations launch new business
capabilities, improve customer experiences, and drive business process
efficiencies. Until recently, CIOs and IT leaders considered implementations
as a build-vs.-buy decision or used an RPA platform to automate workflows.
Many invested in maturing agile and DevOps to continuously deliver
cloud-native microservices and applications when building applications. Then
COVID hit, and more IT leaders pursued low-code and no-code platforms to
accelerate application development. Having multiple approaches to develop and
support application development and integration is beneficial, but today, a
growing number of options provide a complete hyperautomation platform.
Hyperautomation app dev platforms have a mix of low-code, no-code, automation,
and machine learning capabilities, provide out-of-the-box DevOps capabilities,
and align the dev lifecycle to agile processes. Collectively, they can
accelerate the development process and improve the productivity and quality of
development efforts.
Using a schema registry to ensure data consistency between microservices
If Microservice A is holding data in a structure that is incongruent with
Microservice B’s schema, some mapping will need to be done. There’s no magic.
But, at the least, the developer writing the data exchange code will be aware
of the conditions to satisfy because Microservice B’s data schema is well
known. It’s not a question of reverse engineering some code in play and then
having to figure out the mapping. Having the reliability provided by a single
source of truth is a definite time-saver. Another area where a schema registry
provides significant value is around validation. In the world of data
management, there are few experiences more disappointing than writing a bunch
of data validation code based on a given example, only to have the code become
worthless because the underlying data schema you used was changed by a Data
Architect somewhere upstream in the development process. Using a schema
registry minimizes the problem. In some cases, using a schema registry makes
the issue goes away altogether. The way it works is that when it comes time to
validate some data, the developer will get the schema associated with the
submitted data from the domain’s schema registry.
US Blacklists 7 Chinese Supercomputer Entities
Citing national security concerns, the U.S. Department of Commerce this week
placed seven Chinese supercomputer organizations on the Entity List, which
effectively bars them from receiving supplies or components from American
companies. Commerce Secretary Gina M. Raimondo notes that the high-performance
computing technologies developed by these entities could be used in weapons of
mass destruction programs. "Supercomputing capabilities are vital for the
development of many - perhaps almost all - modern weapons and national
security systems, such as nuclear weapons and hypersonic weapons," Raimondo
says. "The Department of Commerce will use the full extent of its authorities
to prevent China from leveraging U.S. technologies to support these
destabilizing military modernization efforts." Now that these organizations
have been placed on the Entity List, the Commerce Department will require them
to apply for a special license to do business with U.S. companies or receive
supplies or components from American firms. The department's Bureau of
Industry and Security must review and then approve or deny all license
applications for organizations on the Entity List.
Crossing the Line: When Cyberattacks Become Acts of War
The Cold War concept isn’t outdated. In the decades since the fall of the
Soviet Union, the battleground has simply shifted from conflicts between
ideological proxy governments to cyberspace. And the opponents have grown from
a few primary nations into a broad range of sovereign threat actors. The
question is, when does a cyberattack cross the line between a criminal action
or mere prank, to an act of war? Is it the nature of the victim? The nature of
the attacker? The nature of the damage? Or a combination of them all? To be
sure, this is not a determination for cybersecurity professionals to make. Our
role is to defend IT assets for our organizations by reducing risk, mitigating
threats, remediating the situation after an attack, and generally trying to
keep everything running safely and smoothly. It doesn’t matter whether we are
facing a script kiddie trying to deface a website, a political hacktivist
trying to make a statement, a cybercriminal trying to steal or ransom our
data, or a state actor trying to steal confidential information. Our goal is
to keep them out, and minimize the damage when they do manage to get in. The
only thing that changes is how well-resourced and tenacious our opponents are.
4 Body Language Mistakes and How to Fix Them
When engaged in a difficult conversation, without empathizing with how the
other person might be feeling in the moment, we may appear cold, unemotional,
and downright rude. By adopting kindness and warmth in our body language, we
can convey the right message without necessarily making them feel bad. When
someone is passed up for a promotion, showing an attitude of indifference
without understanding the value it holds in their life can make them resent
you. Body language that shows presence and concern by giving them an
opportunity to express their feelings can build better relationships. When a
co-worker is grieving a personal loss, you may appear too intrusive in your
body language when all they need is space to let the feelings subside. It
could be a personal preference or a cultural nuance, but without understanding
their context you may actually do more harm than good. When dealing with
difficult people, your body language may switch to a fight-or-flight response.
But, if you take a moment to analyze the situation without being at the effect
of a fundamental attribution error, you may understand the rationale behind
their behavior.
Quote for the day:
“Prove your integrity day-by-day, by keeping promises.” --
S. Chris Edmonds
No comments:
Post a Comment