This blog was written by an independent guest blogger.

Over the past several years, cyberattacks have become increasingly more prevalent. As such, understanding cybersecurity has become increasingly important. 

Digital marketing has now become an entire industry, and as a result, there are more opportunities than before for malicious actors to carry out attacks. Marketers are now equally as vulnerable to cyber-attacks as other online professions. Therefore, marketers need to be aware of these areas where threats continue to emerge.

Here are the top five most prevalent digital marketing cybersecurity concerns that you need to watch out for:

1 – Phishing and email marketing

Email marketing campaigns are one of the most common ways marketers reach out to customers. However, email is also one of the most common tools used by bad actors to acquire data and to attack Internet users. Marketers themselves use email too, so they are also vulnerable to these types of attacks.

Recently, $1.7M worth of NFTs was stolen in a phishing attack, highlighting the need for awareness and training surrounding phishing. Many companies are reporting a rise in phishing attacks compared to before the pandemic. Phishing attacks typically involve some type of social engineering to work. Scammers usually request sensitive information while posing as a legitimate source. 

Training your team, including marketers, to scrutinize requests for information and verify the legitimacy of a request can help reduce the potential for phishing attacks to be effective. Additionally, reporting suspicious activity to the correct manager can allow your IT department to swiftly respond.

By introducing training programs and educating marketers, you can cut down on the potential for phishing attacks to target your marketing team.

2 – Fraud and social media marketing

Today, the average person spends 1 hour and 23 minutes per day on social media. That’s why companies looking for ways to recruit employees often turn to social media marketing. However, social media can also be used for fraud and deception.

Like phishing scams, social media fraud often involves people posing as someone that they are not, and then tricking users into giving up information. In many cases, users will be asked to download software which is then used to load ransomware onto the user’s machine.

Marketers are often on social media, either for personal use or for professional reasons. In either case, marketers are just as vulnerable to social media scams as anyone else. Marketers should always use strict judgment when responding to requests for information online. 

Additionally, avoiding downloading anything from social media onto business machines can be a simple, yet effective, way to protect your data. Remember to protect your privacy online when using social media.

3 – eCommerce Remote Code Execution Attacks and Other Vulnerabilities

Marketers should also be aware of potential vulnerabilities involving eCommerce platforms. This past month Adobe found itself scrambling to issue multiple patches for a vulnerability that impacted Magento Open Source and Adobe Commerce. The exploit required two different patches in order to resolve the vulnerability. 

The vulnerabilities allowed hackers to run remote code on platforms without authentication or administrative privileges. This attack underlines how eCommerce can be a particularly vulnerable area for marketers. Adobe isn’t the only platform that has run into trouble either. Shopify also experienced its own share of cyberattacks in 2020.

Marketers should consider utilizing multi-layer protection on their content delivery network (CDN). This will help prevent denial of service-type attacks. Additional monitoring of potential software vulnerabilities will also enable security holes to be patched when they become known. 

Lastly, like other areas that this article has discussed, educating marketers and users themselves can help prevent security breaches. Educating teams about two-factor authentication and stronger password policies can prevent other types of attacks from occurring on your eCommerce platforms.

4 – Brute force attacks, password vulnerabilities, and content marketing

Strong passwords and two-factor authentication are not just for eCommerce platforms. Content management systems (CMSs) are also vulnerable to brute force-type attacks. For example, WordPress has experienced a number of attacks and vulnerabilities over the years. Marketers should be aware of these vulnerabilities because they frequently have to work with CMS systems. Developing a business plan that involves how to respond to cyberattacks on your CMS systems is crucial to protecting yourself.

Outdated plugins that haven’t been kept up-to-date should be removed. Unneeded plugins should also be removed. This will help limit your potential attack vectors. WordPress has security plugins available too that can also help mitigate attacks. As discussed earlier, best password practices should be embraced. Also, you can consider investing in software that offers endpoint protection.

Develop a plan and strategy for how to protect your data. Picking the right tools and staying educated are the best ways for marketers to make sure their content management systems stay safe and protected. Remember to implement best-password practices and leverage two-factor authentication to protect logins.

5 – Customer relationship management (CRM) software and malware attacks

CRM systems can also be another potential attack vector. Customer relationship management software is essential in most businesses today. Marketers often have access to these systems for a variety of reasons. Last year, US Cellular experienced a CRM data breach that occurred because employees had downloaded malware onto their computers, which then allowed hackers to access US Cellular’s CRM system.

This attack illustrates how cybersecurity impacts marketers because marketers often have access to sensitive personal data. Unauthorized data access isn’t the only thing marketers should be worried about when it comes to CRMs. Companies looking to recruit new employees should make sure that they are trained on how to properly and securely handle sensitive customer data before beginning work.

Another major problem with malware is that it can cause you to lose access to your data. Hackers can steal your data and then erase it using malware or they can hold it hostage and require you to pay a ransom. A data backup solution can help prevent losing access to important digitally-stored information.

A good way to address the risks associated with CRM platforms is to increase security protocols. Like with other vulnerabilities, marketers need to be educated and they should avoid downloading programs from untrustworthy places. Any computing devices that are used for work should have their software installations limited. These types of protocols can help prevent unauthorized access from occurring and can prevent malware from infecting your system.

Conclusion

The most widely applicable information is that marketers need to be cognizant of where they download programs from. Hackers and other bad actors frequently utilize social engineering to trick individuals into downloading malware and ransomware. Once hackers have entered into a system using these tools they can quickly access data from across an organization. By being aware of these attack vectors and undergoing training, marketers can become more experienced in cybersecurity and can help keep their data safe.

Read More

DSbD initiative aims to put more responsibility in the hands of those who build it, creating a culture of secure by default

Read More

Law firm says clients have been left in the dark for over six months

Read More

A SANS Institute webcast about Russian cyberattack escalations in Ukraine presented a couple of takeaways. The first: Don’t panic. Too often with security issues we think the worse; we may overreact and make the situation worse. Instead, focus on the basics. The second is that we need to pay more attention to network traffic.

Take care of security basics first

When reviewing your network for potential cyber threats, don’t make things worse by making misconfigurations that will create more problems. Spend time on the basics and on other projects that you probably should have worked on earlier.

To read this article in full, please click here

Read More

Group exploited Log4Shell “within hours,” says Mandiant

Read More

None were reported as being exploited in the wild

Read More

Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider Cogent, and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukraine.

Monroe, La. based Lumen [NYSE: LUMN] (formerly CenturyLink) initially said it would halt all new business with organizations based in Russia, leaving open the possibility of continuing to serve existing clients there. But on Tuesday the company said it could no longer justify that stance.

“Life has taken a turn in Russia and Lumen is unable to continue to operate in this market,” Lumen said in a published statement. “The business services we provide are extremely small and very limited as is our physical presence. However, we are taking steps to immediately stop business in the region.”

“We decided to disconnect the network due to increased security risk inside Russia,” the statement continues. “We have not yet experienced network disruptions but given the increasingly uncertain environment and the heightened risk of state action, we took this move to ensure the security of our and our customers’ networks, as well as the ongoing integrity of the global Internet.”

According to Internet infrastructure monitoring firm Kentik, Lumen is the top international transit provider to Russia, with customers including Russian telecom giants Rostelecom and TTK, as well as all three major mobile operators (MTS, Megafon and VEON).

“A backbone carrier disconnecting its customers in a country the size of Russia is without precedent in the history of the internet and reflects the intense global reaction that the world has had over the invasion of Ukraine,” wrote Doug Madory, Kentik’s director of Internet analysis.

It’s not clear whether any other Internet backbone providers — some of which are based outside of the United States — will follow the lead of Lumen and Cogent. But Madory notes that as economic sanctions continue to exact a toll on Russia’s economy, its own telecommunications firms may have difficulty paying foreign transit providers for service.

Ukrainian leaders petitioned the Internet Corporation for Assigned Names and Numbers (ICANN) — the nonprofit organization charged with overseeing the global domain name system — to disconnect Russia’s top-level domain (.ru) from the Internet. ICANN respectfully declined that request, but many technology giants, including Amazon, Apple and Microsoft, have moved on their own to suspend new business in the country.

Meanwhile, Russia recently cracked down on the last remaining vestiges of a free press within its borders, passing a new law that threatens up to 15 years in jail for anyone who publishes content that refers to the conflict in Ukraine as a “war” or “invasion.”

As Neil MacFarquhar writes for The New York Times, what little coverage there is on Russian television networks about the invasion does not include any footage of the devastation wrought by Russian troops on the Ukrainian citizenry. At the same time, the Russian government has blocked Facebook and partly blocked Twitter, while other platforms like TikTok have suspended services in the country.

“To spend several days watching news broadcasts on the main state channels, as well as surveying state-controlled newspapers, is to witness the extent of the Kremlin’s efforts to sanitize its war with the Orwellian term ‘special military operation’ — and to make all news coverage align with that message,” MacFarquhar wrote.

The Washington Post, which was the first to report on Cogent’s decision last week, wrote that these independent actions by private tech companies collectively “will leave Russians more dependent than ever on government propaganda that already dominates the nation’s newspapers and broadcast stations, leaving few ways to access independent sources of news at a time when the country has entered a severe political crisis.”

In a blog post titled “Why the World Must Resist Calls to Undermine the Internet,” Internet Society President Andrew Sullivan said cutting a whole population off the Internet will stop disinformation coming from that population — but it also stops the flow of truth.

“Without the Internet, the rest of the world would not know of atrocities happening in other places,” Sullivan wrote. “And without the Internet, ordinary citizens of many countries wouldn’t know what was being carried out in their name. Our best hope, however dim, is that those supporting an aggressive regime will change their support. More information can help, even as disinformation circulates. We need a better understanding of what is and is not disinformation.”

There is another — perhaps less popular — camp, which holds that isolating Russia from the rest of the Internet might be THE thing that encourages more Russians to protest the war in Ukraine, and ultimately to take back control of their own country from its autocratic and kleptocratic leaders.

Not long after Russia invaded Ukraine, I heard from an old pen-pal in Ukraine: Sergey Vovnenko, a.k.a. “Flycracker,” a.k.a the convicted Ukrainian cybercriminal who once executed a plot to have me framed for heroin possession. Vovnenko did his time in a U.S. prison, left Fly behind, and we have since buried the hatchet. He’s now hunkered down in Lviv, Ukraine, which is serving as a major artery for refugees seeking shelter outside Ukraine’s borders.

These days, Vovnenko says he is working with many sympathetic hackers to fight the Russians online. Asked what he thought about the idea of Russia being isolated from the rest of the Internet, Vovnenko said it couldn’t happen soon enough given the Russian government’s new media blitz to cast the war in a patriotic light.

“I think they should be disconnected, maybe Russian people will rebel against Putin after that,” he said.

Read More

What is Ransomware?

Over the past year, you may have seen the term ransomware popping up frequently. There’s good reason for that as ransomware is responsible for 21% of all cyberattacks, according to a new report. For enterprising hackers, this tactic has become standard operating procedure because it’s effective and organizations are willing to pay. But what does that mean for you and living a confident life online? Fortunately, there are a number of things individuals can do to avoid ransomware. But first, let’s start with the basics.  

Ransomware is malware that employs encryption to hold a victim’s information at ransom. The hacker uses it to encrypt a user or organization’s critical data so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses for businesses and governmental organizations.  

Why should I care?

McAfee Labs counted a 60% increase in attacks from Q4 2019 to Q1 2020 in the United States alone. Unfortunately, the attacks targeting organizations also impact the consumers who buy from them, as the company’s data consists of its customers’ personal and financial information. That means your data if you’ve done business with the affected company. Fortunately, there are many ways you can protect yourself from ransomware attacks.

How do I know if my information is vulnerable?

When a company is hit with a ransomware attack, they typically are quick to report the incident, even though a full analysis of what was affected and how extensive the breach may have been may take much longer. Once they have the necessary details they may reach out to their customers via email, through updates on their site, social media, or even the press to report what customer data may be at risk. Paying attention to official communications through these various channels is the best way to know if you’ve been affected by a ransomware attack.  

The connection between phishing and ransomware 

The top ransomware infection vectors – a fancy term for the way you get ransomware on your device – are phishing and vulnerability exploits. Of these two, phishing is responsible for a full 41% of ransomware infections. Ironically, this is good news, because phishing is something we can learn to spot and avoid by educating ourselves about how scammers work. Before we get into specific tips, know that phishing can take the form of many types of communications including emails, texts, and voicemails. Also know that scammers are convincingly imitating some of the biggest brands in the world to get you to surrender your credentials or install malware on your device. With that in mind, here are several tips to avoid getting phished. 

1. Be cautious of emails asking you to act  

If you receive an email, call, or text asking you to download software or pay a certain amount of money, don’t click on anything or take any direct action from the message. Instead, go straight to the organization’s website. This will prevent you from downloading malicious content from phishing links or forking over money unnecessarily. 

2. Hover over links to see and verify the URL 

If someone sends you a message with a link, hover over the link without clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the message altogether. 

3. Go directly to the source 

Instead of clicking on a link in an email or text message, it’s always best to check directly with the source to verify an offer, request, or link. 

4. Browse with caution 

McAfee offers the free McAfee WebAdvisor, which can help identify malicious websites and suspect links that may be associated with phishing schemes. 

Put ransomware fears in your rearview mirror with these tips: 

If you do get ransomware, the story isn’t over. Below are 8 remediation tips that can help get your data back, along with your peace of mind. 

1. Back up your data  

If you get ransomware, you’ll want to immediately disconnect any infected devices from your networks to prevent the spread of it. This means you’ll be locked out of your files by ransomware and be unable to move the infected files. Therefore, it’s crucial that you always have backup copies of them, preferably in the cloud and on an external hard drive. This way, if you do get a ransomware infection, you can wipe your computer or device free and reinstall your files from backup.  Backups protect your data, and you won’t be tempted to reward the malware authors by paying a ransom. Backups won’t prevent ransomware, but they can mitigate the risks.

2. Change your credentials 

If you discover that a data leak or a ransomware attack has compromised a company you’ve interacted with, act immediately and change your passwords for all your accounts. And while you’re at it, go the extra mile and create passwords that are seriously hard to crack with this next tip.

3. Take password protection seriously 

When updating your credentials, you should always ensure that your password is strong and unique. Many users utilize the same password or variations of it across all their accounts. Therefore, be sure to diversify your passcodes to ensure hackers cannot obtain access to all your accounts at once, should one password be compromised. You can also employ a password manager to keep track of your credentials and generate secure login keys.   

4. Enable two-factor or multi-factor authentication 

Two or multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification. For instance, you’ll be asked to verify your identity through another device, such as a phone. This reduces the risk of successful impersonation by hackers.   

5. Browse safely online 

Be careful where you click. Don’t respond to emails and text messages from people you don’t know, and only download applications from trusted sources. This is important since malware authors often use social engineering to get you to install dangerous files. Using a security extension on your web browser is one way to browse more safely.

6. Only use secure networks 

Avoid using public Wi-Fi networks, since many of them are not secure, and cybercriminals can snoop on your internet usage. Instead, consider installing a VPN, which provides you with a secure connection to the internet no matter where you go.    

7. Never pay the ransom 

While it is often large organizations that fall prey to ransomware attacks, you can also be targeted by a ransomware campaign. If this happens, don’t pay the ransom. Although you may feel that this is the only way to get your encrypted files back, there is no guarantee that the ransomware developers will send a decryption tool once they receive the payment. Paying the ransom also contributes to the development of more ransomware families, so it’s best to hold off on making any payments. Thankfully there are free resources devoted to helping you like McAfee’s No More Ransomware initiative McAfee, along with other organizations, created www.nomoreransom.org/ to educate the public about ransomware and, more importantly, to provide decryption tools to help people recover files that have been locked by ransomware. On the site you’ll find decryption tools for many types of ransomware, including the Shade ransomware.

7. Use a comprehensive security solution 

Adding an extra layer of security with a solution such as McAfee® Total Protection, which includes Ransom Guard, can help protect your devices from these cyber threats. In addition, make sure you update your devices’ software (including security software!) early and often, as patches for flaws are typically included in each update. Comprehensive security solutions also include many of the tools we mentioned above and are simply the easiest way to ensure digital wellness online.  

The post 8 Tips for Staying Safe from Ransomware Attacks appeared first on McAfee Blog.

Read More

What is Ransomware?

Over the past year, you may have seen the term ransomware popping up frequently. There’s good reason for that as ransomware is responsible for 21% of all cyberattacks, according to a new report. For enterprising hackers, this tactic has become standard operating procedure because it’s effective and organizations are willing to pay. But what does that mean for you and living a confident life online? Fortunately, there are a number of things individuals can do to avoid ransomware. But first, let’s start with the basics.  

Ransomware is malware that employs encryption to hold a victim’s information at ransom. The hacker uses it to encrypt a user or organization’s critical data so that they cannot access files, databases, or applications. A ransom is then demanded to provide access. It is a growing threat, generating billions of dollars in payments to cybercriminals and inflicting significant damage and expenses for businesses and governmental organizations.  

Why should I care?

McAfee Labs counted a 60% increase in attacks from Q4 2019 to Q1 2020 in the United States alone. Unfortunately, the attacks targeting organizations also impact the consumers who buy from them, as the company’s data consists of its customers’ personal and financial information. That means your data if you’ve done business with the affected company. Fortunately, there are many ways you can protect yourself from ransomware attacks.

How do I know if my information is vulnerable?

When a company is hit with a ransomware attack, they typically are quick to report the incident, even though a full analysis of what was affected and how extensive the breach may have been may take much longer. Once they have the necessary details they may reach out to their customers via email, through updates on their site, social media, or even the press to report what customer data may be at risk. Paying attention to official communications through these various channels is the best way to know if you’ve been affected by a ransomware attack.  

The connection between phishing and ransomware 

The top ransomware infection vectors – a fancy term for the way you get ransomware on your device – are phishing and vulnerability exploits. Of these two, phishing is responsible for a full 41% of ransomware infections. Ironically, this is good news, because phishing is something we can learn to spot and avoid by educating ourselves about how scammers work. Before we get into specific tips, know that phishing can take the form of many types of communications including emails, texts, and voicemails. Also know that scammers are convincingly imitating some of the biggest brands in the world to get you to surrender your credentials or install malware on your device. With that in mind, here are several tips to avoid getting phished. 

1. Be cautious of emails asking you to act  

If you receive an email, call, or text asking you to download software or pay a certain amount of money, don’t click on anything or take any direct action from the message. Instead, go straight to the organization’s website. This will prevent you from downloading malicious content from phishing links or forking over money unnecessarily. 

2. Hover over links to see and verify the URL 

If someone sends you a message with a link, hover over the link without clicking on it. This will allow you to see a link preview. If the URL looks suspicious, don’t interact with it and delete the message altogether. 

3. Go directly to the source 

Instead of clicking on a link in an email or text message, it’s always best to check directly with the source to verify an offer, request, or link. 

4. Browse with caution 

McAfee offers the free McAfee WebAdvisor, which can help identify malicious websites and suspect links that may be associated with phishing schemes. 

Put ransomware fears in your rearview mirror with these tips: 

If you do get ransomware, the story isn’t over. Below are 8 remediation tips that can help get your data back, along with your peace of mind. 

1. Back up your data  

If you get ransomware, you’ll want to immediately disconnect any infected devices from your networks to prevent the spread of it. This means you’ll be locked out of your files by ransomware and be unable to move the infected files. Therefore, it’s crucial that you always have backup copies of them, preferably in the cloud and on an external hard drive. This way, if you do get a ransomware infection, you can wipe your computer or device free and reinstall your files from backup.  Backups protect your data, and you won’t be tempted to reward the malware authors by paying a ransom. Backups won’t prevent ransomware, but they can mitigate the risks.

2. Change your credentials 

If you discover that a data leak or a ransomware attack has compromised a company you’ve interacted with, act immediately and change your passwords for all your accounts. And while you’re at it, go the extra mile and create passwords that are seriously hard to crack with this next tip.

3. Take password protection seriously 

When updating your credentials, you should always ensure that your password is strong and unique. Many users utilize the same password or variations of it across all their accounts. Therefore, be sure to diversify your passcodes to ensure hackers cannot obtain access to all your accounts at once, should one password be compromised. You can also employ a password manager to keep track of your credentials and generate secure login keys.   

4. Enable two-factor or multi-factor authentication 

Two or multi-factor authentication provides an extra layer of security, as it requires multiple forms of verification. For instance, you’ll be asked to verify your identity through another device, such as a phone. This reduces the risk of successful impersonation by hackers.   

5. Browse safely online 

Be careful where you click. Don’t respond to emails and text messages from people you don’t know, and only download applications from trusted sources. This is important since malware authors often use social engineering to get you to install dangerous files. Using a security extension on your web browser is one way to browse more safely.

6. Only use secure networks 

Avoid using public Wi-Fi networks, since many of them are not secure, and cybercriminals can snoop on your internet usage. Instead, consider installing a VPN, which provides you with a secure connection to the internet no matter where you go.    

7. Never pay the ransom 

While it is often large organizations that fall prey to ransomware attacks, you can also be targeted by a ransomware campaign. If this happens, don’t pay the ransom. Although you may feel that this is the only way to get your encrypted files back, there is no guarantee that the ransomware developers will send a decryption tool once they receive the payment. Paying the ransom also contributes to the development of more ransomware families, so it’s best to hold off on making any payments. Thankfully there are free resources devoted to helping you like McAfee’s No More Ransomware initiative McAfee, along with other organizations, created www.nomoreransom.org/ to educate the public about ransomware and, more importantly, to provide decryption tools to help people recover files that have been locked by ransomware. On the site you’ll find decryption tools for many types of ransomware, including the Shade ransomware.

7. Use a comprehensive security solution 

Adding an extra layer of security with a solution such as McAfee® Total Protection, which includes Ransom Guard, can help protect your devices from these cyber threats. In addition, make sure you update your devices’ software (including security software!) early and often, as patches for flaws are typically included in each update. Comprehensive security solutions also include many of the tools we mentioned above and are simply the easiest way to ensure digital wellness online.  

The post 8 Tips for Staying Safe from Ransomware Attacks appeared first on McAfee Blog.

Read More

The hardware-based mitigations introduced in Intel and ARM CPUs over the past few years to fix a serious flaw called Spectre are not as strong as believed. Researchers have devised a new attack method that can defeat the defenses, but exploitation is not as easy as with the original flaw.

The new attack, discovered by researchers from the Systems and Network Security Group at VU Amsterdam (VUSec) is called Spectre-BHI, for Branch History Injection, or Spectre-BHB, for Branch History Buffer, because Intel and ARM assigned different names to it. According to the research team, it is an extension of the 2017 Spectre version 2 attack, also known as Spectre-BTI (Branch Target Injection) and, similarly to Spectre v2, can result in the leak of sensitive information from the privileged kernel memory space.

To read this article in full, please click here

Read More