The advisory issues recommendations for developers and end users on reducing the prevalence of access control vulnerabilities

Read More

Critical security vulnerabilities in a WordPress plugin used on around 900,000 websites, allow malicious hackers to steal sensitive information entered on forms.

Read more in my article on the Hot for Security blog.

Read More

Interesting research: “(Ab)using Images and Sounds for Indirect Instruction Injection in Multi-Modal LLMs“:

Abstract: We demonstrate how images and sounds can be used for indirect prompt and instruction injection in multi-modal LLMs. An attacker generates an adversarial perturbation corresponding to the prompt and blends it into an image or audio recording. When the user asks the (unmodified, benign) model about the perturbed image or audio, the perturbation steers the model to output the attacker-chosen text and/or make the subsequent dialog follow the attacker’s instruction. We illustrate this attack with several proof-of-concept examples targeting LLaVa and PandaGPT.

Read More

After a ransomware attack which saw the personal information of 28,000 individuals stolen by hackers, Hawaii Community College has confirmed that it has paid a ransom.

Read More

The content of this post is solely the responsibility of the author.  AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

More mobile devices, more problems. The business landscape has shifted dramatically, as more endpoints connect to corporate networks from a wider variety of locations and are transmitting massive amounts of data. Economic forces and a lengthy pandemic have caused a decentralization of the workforce and increased adoption of a hybrid workplace model.

Today, employees are more mobile than ever.

The modern workforce and workplace have experienced a significant increase in endpoints, or devices connecting to the network, and managing these diverse endpoints across various geographic locations has grown in complexity.

Here’s an analogy: imagine a bustling city, with its many roads, highways, and intersections. Each road represents a different endpoint, and the city itself symbolizes your corporate network. As the city grows and expands, more roads are built, connecting new neighborhoods and districts. Our corporate networks are like expanding cities.

But along with digital transformation and a distributional shift of the workforce, the cybersecurity landscape is evolving at an equal pace. The multitude of endpoints that connect to the network is widening the attack surface that bad actors with malicious intent can exploit.

From a cybersecurity perspective, more endpoints represent a significant business risk. Organizations need to understand the importance of managing and securing their endpoints and how these variables are intertwined for a complete endpoint security strategy.

The evolution of Mobile Device Management

Traditional Mobile Device Management has existed in some form since the early 2000s, when smartphones entered the marketplace. MDM has evolved over the last few decades, and in some way, Unified Endpoint Management (UEM) represents this modern evolution. Today, unified endpoint management has become a prominent solution for modern IT departments looking to secure their expanding attack surfaces.

UEM is more than just managing endpoints. The “unified” represents one console for deploying, managing, and helping to secure corporate endpoints and applications. UEM offers provisioning, detection, deployment, troubleshooting, and updating abilities. UEM software gives IT and security departments visibility and control over their devices as well as their end-users, delivered through a centralized management console.

For a more detailed discussion of mobile device security, check out this article.

What is the difference between MDM and UEM?

Unified Endpoint Management (UEM) and Mobile Device Management (MDM) are both solutions used to manage and secure an organization’s devices, but their scope and capabilities differ.

Mobile Device Management (MDM) is a type of security software used by an IT department to monitor, manage, and secure employees’ mobile devices deployed across multiple mobile service providers and across multiple mobile operating systems being used in the organization. MDM is primarily concerned with device security, allowing organizations to enforce policies, manage device settings, monitor device status, and secure devices if lost or stolen.

On the other hand, Unified Endpoint Management (UEM) is a more comprehensive solution that manages and secures not just mobile devices but all endpoints within an organization. This includes PCs, laptops, smartphones, tablets, and IoT devices. UEM solutions provide a single management console from which IT can control all these devices, regardless of their type or operating system.

The need for comprehensive endpoint protection

As the number of endpoints increase with the rise of a mobile workforce, so does the need for comprehensive endpoint protection. This includes the use of encryption, secure configurations, and secure communication channels.

Encryption is a critical security measure that helps protect data in transit and at rest. By encrypting data, you can ensure that even if a device is lost or stolen, the data on it remains secure and inaccessible to unauthorized users.

Secure configurations are another crucial aspect of endpoint protection, which involves setting up devices to minimize vulnerabilities and reduce the attack surface. For example, this could include disabling unnecessary services, limiting user privileges, or implementing secure settings for network connections.

For protecting data in transit, secure communication channels are essential. This can be achieved by leveraging Virtual Private Networks (VPNs), which encrypt the data being transmitted and provide a secure tunnel for communication.

The role of MDM in enforcing security measures

Mobile Device Management (MDM) solutions play a key role in enforcing these security measures consistently across all devices. MDM allows organizations to manage and control device settings, ensuring that all devices adhere to the organization’s security policies.

For example, MDM solutions can enforce encryption policies, ensuring that all data stored on the device is encrypted. They can also enforce secure configurations, such as requiring devices to have a passcode or biometric authentication, and disabling features that pose a security risk, such as USB debugging on Android devices.

Check out this infographic for a visual representation of mobile security.

Data Loss Prevention (DLP) policies are another crucial aspect of endpoint protection. These policies help prevent unauthorized data exfiltration, whether intentional or accidental.

MDM solutions can help enforce DLP policies by controlling what data can be accessed on the device, and how it can be shared. For example, MDM solutions can prevent sensitive data from being copied to the clipboard or shared via unsecured communication channels.

Security benefits of MDM and UEM

Mobile Device Management (and by extension, Unified Endpoint Management) delivers many benefits for organizations, with the most appealing being reduced costs across multiple departments. By comprehensively automating many IT tasks and processing, UEM often lowers overhead costs and hardware expenditures.

Other key benefits are as follows:

Offers endpoint management integration with multiple platforms: One of the major selling points of UEM software is its ability to integrate with a variety of platforms, including Windows 10, macOS, Linux, Chrome OS, iOS, and Android, among others. With UEM, your business can configure, control, and monitor devices on these platforms from a single management console.

Provides data and app protection across the attack surface: UEM protects corporate data and applications, reducing cybersecurity threats. This protection is accomplished by providing conditional user access, enforcing automated rules, enforcing compliance guidelines, providing safeguards for data loss, and empowering IT administrators to identify jailbreaks and OS rooting on devices.

Helps establish a modern Bring Your Own Device (BYOD) security stance: An effective UEM deployment can go a long way in maintaining the user experience for employees, regardless of who owns the device. UEM can be an effective tool for patching vulnerable applications, updating to the latest OS version, and enforcing the use of endpoint security software that actively protects BYOD devices from network-based attacks, malware, and vulnerability exploits.

Authentication: With the increase in cyber threats, implementing robust authentication measures has become more important than ever. This includes multi-factor authentication, biometric authentication, and other advanced authentication methods.

Enhanced mobile security: As the use of mobile devices for work purposes increases, so does the need for enhanced mobile security. This includes leveraging advanced security measures such as encryption, secure containers, and mobile threat defense solutions.

Remote data wiping: In the event of a device being lost or stolen, or if an employee leaves the company, it’s crucial to ensure that sensitive corporate data doesn’t fall into (or stay in) the wrong hands. UEM solutions provide the capability to remotely wipe data from devices — which can be a full wipe, removing all data, or a selective wipe, removing only corporate data while leaving personal data intact. This feature provides an essential safety net for protecting corporate data.

Application whitelisting: With the vast number of available applications, it is important to control which apps can be installed on corporate devices. UEM solutions allow for application whitelisting, where only approved applications can be installed on the devices, which helps to prevent the installation of malicious apps or apps that have not been vetted for security. It also ensures that employees are using approved and supported software for their work tasks.

Strategies for deploying MDM and UEM

Before rolling out any MDM or UEM solution, an organization must lay the foundation for effective deployment. By embracing a few key strategies, you can dramatically improve the chances of a successful implementation.

Establish a robust endpoint management policy: With BYOD and work from home (WFH), the risk of company data being compromised increases. Before implementing a UEM solution, an endpoint management policy is essential to ensure that all of your endpoint devices meet specific requirements.

Adopt automation: The future of enterprise device management is automation. From deployment to updates to reporting, an automated device fleet is the optimal solution. Automation helps reduce the manual effort and time spent on managing the devices, thereby increasing efficiency. Automation in Mobile Device Management (MDM) brings numerous benefits and has a variety of use cases. By automating tasks such as device enrolment, configuration, and updates, you can significantly reduce the time and effort required to manage mobile devices. This not only increases efficiency but also reduces the risk of human error, which can lead to security vulnerabilities.

Embrace 5G: The advent of 5G is already transforming the importance of mobile devices. The increased speed and reduced latency offered by 5G will enable more devices to be connected and managed efficiently. The increased speed offered by 5G means data can be transferred between devices and the MDM server much faster, enabling quicker updates, faster deployment of applications, and more efficient data synchronization. For instance, large software updates or security patches can be pushed to devices more quickly, reducing downtime and ensuring devices are protected against the latest threats. Reduced latency means that commands issued from the MDM server to the devices are executed almost in real-time — particularly beneficial in situations where immediate action is required, such as remotely locking or wiping a lost or stolen device.

Outsourcing enterprise mobility management: As the complexity of managing a mobile workforce increases, many organizations are considering outsourcing their enterprise mobility management, allowing them to leverage the expertise of specialized providers and focus on their core business functions.

By incorporating these trends and strategies into your mobile device management plan, you can ensure that your organization is well-equipped to handle the challenges of a mobile, hybrid and WFH workforce.

How AT&T Cybersecurity can help with MDM and UEM

In today’s digital landscape, securing your organization’s endpoints is more crucial than ever. AT&T Cybersecurity offers a range of endpoint security products and services designed to help you protect your laptops, desktops, servers, and mobile devices. AT&T’s unified approach to managing and securing endpoint devices provides better visibility and closes security gaps that may have been overlooked. With AT&T Cybersecurity, you can protect your organization’s reputation, safeguard against key threat vectors, simplify management, and maintain control with Zero Trust.

Don’t wait for a security breach to happen. Take a proactive approach to your organization’s cybersecurity by exploring AT&T’s endpoint security offerings. Whether you need advanced forensic mapping and automated response with SentinelOne, unparalleled visibility into IoT and connected medical devices with Ivanti Neurons for Healthcare, or high-level, end-to-end mobile security across devices, apps, content, and users with IBM MaaS360, AT&T Cybersecurity has a solution tailored to your needs.

Read More

Site was used to trade stolen data

Read More

Two new breaches traced back to prolific Lazarus group

Read More

It’s not all funny limericks, bizarre portraits, and hilarious viral skits. ChatGPT, Bard, DALL-E, Craiyon, Voice.ai, and a whole host of other mainstream artificial intelligence tools are great for whiling away an afternoon or helping you with your latest school or work assignment; however, cybercriminals are bending AI tools like these to aid in their schemes, adding a whole new dimension to phishing, vishing, malware, and social engineering.  

Here are some recent reports of AI’s use in scams plus a few pointers that might tip you off should any of these happen to you. 

1. AI Voice Scams

Vishing – or phishing over the phone – is not a new scheme; however, AI voice mimickers are making these scamming phone calls more believable than ever. In Arizona, a fake kidnapping phone call caused several minutes of panic for one family, as a mother received a demand for ransom to release her alleged kidnapped daughter. On the phone, the mother heard a voice that sounded exactly like her child’s, but it turned out to be an AI-generated facsimile.    

In reality, the daughter was not kidnapped. She was safe and sound. The family didn’t lose any money because they did the right thing: They contacted law enforcement and kept the scammer on the phone while they located the daughter.1 

Imposter scams accounted for a loss of $2.6 billion in the U.S. in 2022. Emerging AI scams could increase that staggering total. Globally, about 25% of people have either experienced an AI voice scam or know someone who has, according to McAfee’s Beware the Artificial Imposter report. Additionally, the study discovered that 77% of voice scam targets lost money as a result.  

How to hear the difference 

No doubt about it, it’s frightening to hear a loved one in distress, but try to stay as calm as possible if you receive a phone call claiming to be someone in trouble. Do your best to really listen to the “voice” of your loved one. AI voice technology is incredible, but there are still some kinks in the technology. For example, does the voice have unnatural hitches? Do words cut off just a little too early? Does the tone of certain words not quite match your loved one’s accent? To pick up on these small details, a level head is necessary. 

What you can do as a family today to avoid falling for an AI vishing scam is to agree on a family password. This can be an obscure word or phrase that is meaningful to you. Keep this password to yourselves and never post about it on social media. This way, if a scammer ever calls you claiming to have or be a family member, this password could determine a fake emergency from a real one. 

2. Deepfake Ransom and Fake Advertisements

Deepfake, or the digital manipulation of an authentic image, video, or audio clip, is an AI capability that unsettles a lot of people. It challenges the long-held axiom that “seeing is believing.” If you can’t quite believe what you see, then what’s real? What’s not? 

The FBI is warning the public against a new scheme where cybercriminals are editing explicit footage and then blackmailing innocent people into sending money or gift cards in exchange for not posting the compromising content.2 

Deepfake technology was also at the center of an incident involving a fake ad. A scammer created a fake ad depicting Martin Lewis, a trusted finance expert, advocating for an investment venture. The Facebook ad attempted to add legitimacy to its nefarious endeavor by including the deepfaked Lewis.3  

How to respond to ransom demands and questionable online ads 

No response is the best response to a ransom demand. You’re dealing with a criminal. Who’s to say they won’t release their fake documents even if you give in to the ransom? Involve law enforcement as soon as a scammer approaches you, and they can help you resolve the issue. 

Just because a reputable social media platform hosts an advertisement doesn’t mean that the advertiser is a legitimate business. Before buying anything or investing your money with a business you found through an advertisement, conduct your own background research on the company. All it takes is five minutes to look up its Better Business Bureau rating and other online reviews to determine if the company is reputable. 

To identify a deepfake video or image, check for inconsistent shadows and lighting, face distortions, and people’s hands. That’s where you’ll most likely spot small details that aren’t quite right. Like AI voices, deepfake technology is often accurate, but it’s not perfect. 

3. AI-generated Malware and Phishing Emails

Content generation tools have some safeguards in place to prevent them from creating text that could be used illegally; however, some cybercriminals have found ways around those rules and are using ChatGPT and Bard to assist in their malware and phishing operations. For example, if a criminal asked ChatGPT to write a key-logging malware, it would refuse. But if they rephrased and asked it to compose code that captures keystrokes, it may comply with that request. One researcher demonstrated that even someone with little knowledge of coding could use ChatGPT, thus making malware creation simpler and more available than ever.4 Similarly, AI text generation tools can create convincing phishing emails and create them quickly. In theory, this could speed up a phisher’s operation and widen their reach. 

How to avoid AI-written malware and phishing attempts 

You can avoid AI-generated malware and phishing correspondences the same way you deal with the human-written variety: Be careful and distrust anything that seems suspicious. To steer clear of malware, stick to websites you know you can trust. A safe browsing tool like McAfee web protection – which is included in McAfee+ – can doublecheck that you stay off of sketchy websites. 

As for phishing, when you see emails or texts that demand a quick response or seem out of the ordinary, be on alert. Traditional phishing correspondences are usually riddled with typos, misspellings, and poor grammar. AI-written lures are often written well and rarely contain errors. This means that you must be diligent in vetting every message in your inbox. 

Slow Down, Keep Calm, and Be Confident 

While the debate about regulating AI heats up, the best thing you can do is to use AI responsibly. Be transparent when you use it. And if you suspect you’re encountering a malicious use of AI, slow down and try your best to evaluate the situation with a clear mind. AI can create some convincing content, but trust your instincts and follow the above best practices to keep your money and personal information out of the hands of cybercriminals. 

1CNN, “‘Mom, these bad men have me’: She believes scammers cloned her daughter’s voice in a fake kidnapping” 

2NBC News, “FBI warns about deepfake porn scams” 

3BBC, “Martin Lewis felt ‘sick’ seeing deepfake scam ad on Facebook” 

4Dark Reading, “Researcher Tricks ChatGPT Into Building Undetectable Steganoraphy Malware” 

The post AI in the Wild: Malicious Applications of Mainstream AI Tools appeared first on McAfee Blog.

Read More

US government services firm is latest to reveal compromise

Read More