Category Archives: News

News

From Reactive to Proactive: Shifting Your Cybersecurity Strategy

Read Time:4 Minute, 45 Second

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article.

Most companies have some cybersecurity protocols in place in case of a breach. They could be anything from antivirus software to spam filters. Those are considered reactive security measures because they tell you once a threat has already become a reality. By then, the damage may already be done, and your company could be in hot water.

Instead, your business needs to pair those reactive strategies with proactive ideas. These are plans you can put in place to keep an eye on trends and your potential vulnerabilities so you can catch and prevent a threat before it comes to fruition. Here are a few strategies to set your company on the right path.

Know And Anticipate The Threats

As technology evolves, the risk of cybercrime continues to elevate to all new levels. If you’re a business owner, you need only to see cybersecurity by the numbers to see that you must take proactive action.

A survey in 2023 found that ransomware attacks, where a hacker takes control of your systems until you pay a ransom, continue to be one of the primary threats to medium-sized businesses. They found that one ransomware attack occurs every 10 seconds. Remember, you don’t need to be a major corporation to be on the radar of cybercriminals. Almost every business has data that can be used maliciously by hackers.

Possibly even more alarming is that a hacker can break into your network in less than five hours. That means, if you aren’t being proactive, you could find out about a threat after the hacker gains access and the damage has been done.

Staying Ahead Of The Curve

In addition to watching out for known threats, your company must proactively protect against future threats. You need to be ahead of the curve, especially during the age of artificial intelligence. The rise of programs like ChatGPT and generative AI means that hackers have many new avenues to hack your systems. At this point, less than 10% of companies are prepared to tackle generative AI risks. Because of this lack of understanding and proactive security, there’s been a spike in cybersecurity events.

If your company needs to be well-versed in the proactive measures that can protect against these upcoming threats, then you need to be. You can try several proactive cybersecurity tactics, including penetration testing, which is the process of bringing in skilled hackers to do their best to breach your company’s defenses. The best hackers will know the newest tricks, from AI techniques to vishing attacks, so you can get ahead of the game. You can also use advanced analytics to detect issues, such as predictive modeling, which will analyze past transactions and look for unusual behavior and characteristics to find potential threats so you can take action.

Cybersecurity Training Is A Must

The best way to be proactive against potential cyber threats is to have as many eyes on your systems and processes as possible. So, you need to get all of your employees in on the act. It’s essential to create an effective cybersecurity training program. Ideally, this training would occur during the new hire orientation so everyone is on the same page from day one. Then, have ongoing supplementary training each year.

During this training, teach your team about the common cyber attacks, from password hacking to phishing scams. A phishing email is typically only successful if your employee takes the bait and clicks the included link or attachment. So, teach them about the red flags of phishing emails and to look closely at the sender. If they detect an issue, provide an easy route for them to report their concerns so your IT team can take over.

Then, teach them about other proactive approaches they can take, such as creating complex passwords. Pair those passwords with multi-factor authentication so only they can log into their computers. Since many of these training sessions can be a bit dry, add some gamification into the lessons that keep their attention, which can include puzzles, simulations, and cartoons.

Implement Safeguards and Keep On Guard

The final step in a solid, proactive approach is to put the proper safeguards in place and then monitor all activity, so your IT and network teams can catch the first sign of a scam. Install strong firewalls, update your software and patches regularly, and ensure your data is encrypted, but don’t set it and forget it.

Instead, you need to actively watch these safeguards to ensure that they’re as strong as possible while also monitoring for potential threats. Regular network monitoring is critical. This is often an automated process that continuously tracks all devices and web traffic. You’ll be alerted of suspicious activity so you can take the proper steps to eliminate your vulnerabilities.

These days, cybersecurity is often a full-time job. If you don’t have the time to learn about and pay attention to the threats, then you may need to look into a cybersecurity CaaS model, where you outsource your needs to a third-party provider. They can perform the necessary risk management duties while ensuring your company complies with regulations.

Conclusion

There are far too many cybersecurity risks for you to trust only in the basic security principles. You must take a more proactive approach to stay ahead of the risks and not have to deal with the chaos after the fact. The tips here will put you on the right path.

Read More

News

Perfectl Malware

Read Time:2 Minute, 17 Second

Perfectl in an impressive piece of malware:

The malware has been circulating since at least 2021. It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. It can also exploit CVE-2023-33246, a vulnerability with a severity rating of 10 out of 10 that was patched last year in Apache RocketMQ, a messaging and streaming platform that’s found on many Linux machines.

The researchers are calling the malware Perfctl, the name of a malicious component that surreptitiously mines cryptocurrency. The unknown developers of the malware gave the process a name that combines the perf Linux monitoring tool and ctl, an abbreviation commonly used with command line tools. A signature characteristic of Perfctl is its use of process and file names that are identical or similar to those commonly found in Linux environments. The naming convention is one of the many ways the malware attempts to escape notice of infected users.

Perfctl further cloaks itself using a host of other tricks. One is that it installs many of its components as rootkits, a special class of malware that hides its presence from the operating system and administrative tools. Other stealth mechanisms include:

Stopping activities that are easy to detect when a new user logs in
Using a Unix socket over TOR for external communications
Deleting its installation binary after execution and running as a background service thereafter
Manipulating the Linux process pcap_loop through a technique known as hooking to prevent admin tools from recording the malicious traffic
Suppressing mesg errors to avoid any visible warnings during execution.

The malware is designed to ensure persistence, meaning the ability to remain on the infected machine after reboots or attempts to delete core components. Two such techniques are (1) modifying the ~/.profile script, which sets up the environment during user login so the malware loads ahead of legitimate workloads expected to run on the server and (2) copying itself from memory to multiple disk locations. The hooking of pcap_loop can also provide persistence by allowing malicious activities to continue even after primary payloads are detected and removed.

Besides using the machine resources to mine cryptocurrency, Perfctl also turns the machine into a profit-making proxy that paying customers use to relay their Internet traffic. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware.

Something this complex and impressive implies that a government is behind this. North Korea is the government we know that hacks cryptocurrency in order to fund its operations. But this feels too complex for that. I have no idea how to attribute this.

Read More

News

Snapping Safely: The Fun and Risks of Snapchat for Teens

Read Time:5 Minute, 2 Second

The content of this post is solely the responsibility of the author.  LevelBlue does not adopt or endorse any of the views, positions, or information provided by the author in this article. 

No, I am not taking a photo of my nose hair! I am Snapping and sharing for my Snapgroup to keep my Snapstreak active while I see where they are on my Snapmap.

If by now, you have not figured I am talking about Snapchat, you are probably not a tween/teen or a parent of a tween/teen. Which means, either you are super excited by snapchat, or super confused!! There are good reasons for both! My parents hate it-so I love it. I guess it could be as simple as that. 

First things first-its not Facebook, its not owned by Facebook, and likely if you use Facebook, you will not use Snapchat. You have to be 13 to sign up, but no one is checking and more importantly, its probably more age appropriate closer to 16-I started using it around 15. The app does collect data-both by itself and allows third party access.

It’s a photo-messaging app-hence the name ‘snap’. The photo-messages also disappear-hence the logo looks like a ‘ghost’. You start with a few bits of basic information and add a few friends by taking a picture of their Snapcode (qrcode) and start sending Snapping with them. After 24 hours the messages automatically delete. No words, just snaps. Well, a snap edited with fancy, funny, silly photo filters, lenses and effects that are mainly lighthearted. There are other non-photo stuff like games, entertainment, quizzes and videos, but lets face it-its the silly goofy photos that will soon be deleted that are the attraction. It’s the surety that anything you do on snap will not come back and haunt you…like a ghost.

See what I did there.

The pressure of keeping in touch with your friends consistently day after day to maintain your “streak”, making “stories” from your chats, or endlessly “discovering” new sources of information in Snap are all huge investments of time and energy that may well be spent in other areas of your life. But these pale in comparison to some more serious concerns.

Yes, snap photos don’t get saved on your phone and do get deleted after being seen and in 24 hours. If the user “screenshots” them, you are notified. But that is all the protection you are getting-which is about the same as an umbrella in the deep end of a swimming pool. Your data is used by snap and others to collect information about you and send you targeted messages that, in some cases are malware, spam, and viruses disguised as friend requests or Snapawards. Users that you may think you know and accept as friends may send you inappropriate messages or request inappropriate information leading to identity theft, or worse. Snapmap, which allows you to see where your friends are in real time is great, especially when you feel ‘alone’. But, this also puts a fairly easy digital target on your back in case someone in your user group has had their account hacked or taken over. 

Even amongst friends that you know and trust, your photos can be screenshot and saved. Yes, you will receive a notification, but beyond that, not much else can be done. There are software out there that can take photos without triggering Snap’s notifications. What’s the big deal, you may ask? Assuming that your friend remains, a friend and don’t use your photos negatively against you ever (like you never heard that before!), these photos are now living in their phones and can then be uploaded/forwarded/shared without your knowledge or permission-you now have no knowledge, access, or control.  

 All of this may be just fine for the photo of rainbows coming out of your eyes expressing your happiness on seeing your friend on the first day of school,  but screenshot and used under a caption of “I shed fake tears”, sends a very different message, with potentially serious unintended consequences, especially for someone who may not have your best interest at heart or who may not know you at all and is a “fake user” in the true sense of the word.

I keep coming back to this idea of fake user account again and again because creating a Snap account, especially a fake one, is fairly easy.  There are some valid and real concerns to using Snap and other similar messaging services that imply anonymity, privacy and security to enable you to be free and open. Privacy and safety, especially on an app like Snap that seems so innocuous on the surface, can hide a sinister underbelly. Social media companies take a lot of effort to keep their own names out of bad publicity (the irony of privacy), yet very little to protect their users-this article which talks about one such sad story, does not even mention the social media site for anyone to be aware of! The implication here is that somehow the 17yr who is named is expected to have more responsibility than an unnamed corporation.

 To get the best experience from the app, do these few simple things-

Don’t lie about your age-it helps stop ads and messages that are not appropriate for your maturity and understanding. It also stops Snap and third parties from legally collecting data from you.

Don’t randomly accept friends or follow people-you don’t do that in real life, do you?

Set the settings-I hate to say this, but for once, involve your parents. Sit down and adjust the settings like location, and who can view our story and most importantly understand that once you hit “send” you cant “undo”. But if they start asking you to explain how Shazam works, you have my permission to do the “eye roll” and walk away!!

Stay safe!

I’m outta here!

Read More