Category Archives: News

(ISC)2 Appoints its First CISO

Read Time:1 Minute, 24 Second

(ISC)2 Appoints its First CISO

(ISC)2 has announced the appointment of Jon France, CISSP, as its first chief information security officer (CISO).

The non-profit association of certified cybersecurity professionals said France will lead all of its cybersecurity operations. This includes providing regular risk assessments and strategic insights to (ISC)2’s senior management and the board of directors and ensuring security is ingrained in all aspects of the organization’s strategy.

In addition, he will advocate best security practices for members around the world, publicly representing the body in this respect. He will report directly to (ISC)2 CEO Clar Rosso.

France’s new role follows more than 25 years of experience building and leading diverse technology and security teams. His primary focus has been on raising the resilience of the broader technology ecosystem and the information that flows through, protecting organizations and consumers.

Before his new post, France was head of industry security for GSMA, a global organization representing the mobile ecosystem. Here, he led GSMA’s fraud and security function and served on the company’s leadership team. He previously served as deputy IT director and business continuity manager LexisNexis.

Commenting on the appointment, Clar Rosso, CEO of (ISC)², said: “The role of CISO at (ISC)² is a unique one, and Jon provides us with the experience and passion to lead our security operations and serve as an advocate for our members around the world.

“Jon has a strong track record of managing multi-disciplinary international teams and delivering results, and he will help (ISC)² to continue our rapid growth and global expansion while ensuring security is always a primary consideration.”

Read More

McAfee, FireEye merger yields Trellix, a unified XDR security company

Read Time:35 Second

Trellix, a new company formed from the merger of cybersecurity giants McAfee Enterprise and FireEye, is intent on becoming the leader in XDR (extended detection and response) technology by combining applications from both of the formerly separate companies into an interoperable suite of products for threat prevention, detection and response.

The strategy and the new company name were revealed this week by corporate parent Symphony Technology Group (STG), which acquired and merged McAfee Enterprise and FireEye last year. The new suite of products will cover endpoint and network infrastructure security, offer programs tailored for SOCs (security operations centers) and increasingly incorporate machine learning and automation, company officials said.

To read this article in full, please click here

Read More

Two-Fifths of Ransomware Victims Still Paying Up

Read Time:1 Minute, 55 Second

Two-Fifths of Ransomware Victims Still Paying Up

Two-fifths (39%) of ransomware victims paid their extorters over the past three years, with the majority of these spending at least $100,000, according to new Anomali research.

The security vendor hired The Harris Poll to complete its Cyber Resiliency Survey  interviewing 800 security decision-makers in the US, Canada, the UK, Australia, Singapore, Hong Kong, India, New Zealand, the UAE, Mexico and Brazil.

Some 87% said their organization had been the victim of a successful attack resulting in damage, disruption, or a breach since 2019. However, 83% said they’d experienced more attacks since the start of the pandemic.

Over half (52%) were ransomware victims, with 39% paying up. Of these, 58% gave their attackers between $100,000 and $1m, while 7% handed over more than $1m.

This will have helped increase the total figure for cybercrime losses over the period. In 2019, just 15% of responding organizations reported losses of $500,000 or more, but this figure almost doubled to 28% by the following year. Figures for 2021 weren’t available.

Part of the challenge appears to be the inability of organizations to quickly detect and respond to any suspicious activity on their networks. Less than half (46%) said they strongly agree current solutions can evolve to detect new globally identified threats.

This is born out in response times: organizations take several days to detect known attacks from adversaries, including cybercrime organizations (3.6 days), individual hackers (3.5 days), APTs (3.3 days) and nation-states (2.9 days), the research claimed.

“We’ve known that cyberattacks have been increasing over the course of the pandemic, but we didn’t know to what degree global enterprises as a whole were being impacted,” said Anomali president Hugh Njemanze.

“This research reveals that adversaries have not only stepped up the number of attacks they have started launching since COVID-19 first struck the world, but have also greatly improved their success rates.”

It will remain frustrating for industry watchers that many organizations are still paying their extorters.

Research has revealed that even those who do so find their stolen data is leaked or monetized by their attackers in any case. A separate study claimed that paying might actually double the cost of recovery.

Read More

#COVID19 Phishing Emails Surge 500% on Omicron Concerns

Read Time:2 Minute, 4 Second

#COVID19 Phishing Emails Surge 500% on Omicron Concerns

The latest COVID-19 variant has led to a 521% increase in phishing attacks using the virus as a lure to trick users into clicking, according to Barracuda Networks.

Cyber-criminals often use newsworthy events in their social engineering attacks, and COVID-19 provided a bumper opportunity when it emerged in 2020.

The security vendor observed a 667% month-on-month surge in COVID-19 phishing emails from February to March that year. It recorded another significant increase when new vaccines were released at the start of 2021.

Now public concern over the highly transmissible Omicron variant is catching the eye of phishers.

Among the tactics used to trick users into clicking on malicious links and/or entering personal details are offers of counterfeit or unauthorized COVID-19 tests and protective equipment such as masks or gloves.

Some impersonate testing labs and providers, or even employees sharing their results, said Barracuda.

In other phishing emails, the user may receive a fake notification for an unpaid order of tests and is urged to provide their PayPal details to complete delivery of the kit, the vendor claimed.

Barracuda Networks CTO, Fleming Shi, said the answer lies in improving employee phishing awareness training and plugging in advanced email security.

“Capitalizing on the chaos of the pandemic is not a new trend in the world of cybercrime. Yet with constantly evolving tactics, and new trends to latch on to, it’s easy to see why scammers are not giving up on this trick,” he added.

“Just like the threat of COVID-19, pandemic-themed scams are not going to disappear overnight, but fortunately, there are a number of tactics that businesses and consumers can employ to ensure they remain protected.”

In related news, a Comparitech study this week claimed that unscrupulous healthcare workers are enabling a massive black market in COVID-19 digital vaccination certificates and passes.

The researchers found dark web adverts looking for any such workers who empathize with the anti-vaxxers buying these passes.

“When someone buys a fraudulent certificate, they must first sign up for their country’s respective COVID vaccination database. They send their name, PIN number and other necessary info to the vendor,” Comparitech explained.

“A doctor or other healthcare worker marks that person’s record with confirmed vaccination. The buyer’s QR code then becomes valid. It takes just a few hours for the process to complete once a purchase is made.”

Read More

Security hygiene and posture management: A 2022 priority

Read Time:29 Second

While cybersecurity is complex and multifaceted, security certifications (i.e., CISSP common body of knowledge 8 domains), regulations (i.e., HIPAA, PCI DSS, etc.), and best practices (i.e., CIS critical security controls) all recommend starting cybersecurity programs at the same place: security hygiene and posture management.  Experts agree that strong cybersecurity starts with the basics, like knowing about all IT assets deployed, establishing secure configurations, monitoring “drift” from these secure configurations, prioritizing remediation actions based on risk scores, and validating that everything is working as it should.

To read this article in full, please click here

Read More

Security hygiene and posture management: A 2022 priority

Read Time:29 Second

While cybersecurity is complex and multifaceted, security certifications (i.e., CISSP common body of knowledge 8 domains), regulations (i.e., HIPAA, PCI DSS, etc.), and best practices (i.e., CIS critical security controls) all recommend starting cybersecurity programs at the same place: security hygiene and posture management.  Experts agree that strong cybersecurity starts with the basics, like knowing about all IT assets deployed, establishing secure configurations, monitoring “drift” from these secure configurations, prioritizing remediation actions based on risk scores, and validating that everything is working as it should.

To read this article in full, please click here

Read More

Merck Wins $1.4bn NotPetya Payout from Insurer

Read Time:1 Minute, 57 Second

Merck Wins $1.4bn NotPetya Payout from Insurer

Merck has won a long-running legal battle to force its insurer to cover the costs of damages caused by the NotPetya ‘ransomware’ attacks.

The pharma giant was one of many big-name multinationals hit by the destructive malware, disguised as ransomware by Russian attackers targeting Ukrainian organizations back in 2017, as they are again today.

However, the malware soon spread globally, causing potentially billions of dollars of damage.

Many companies, including Merck and confectionary giant Mondelez, found their insurer refusing to pay because of an exclusion in their policy for “acts of war.”

However, a New Jersey superior court judge has now ruled that the language therein implies armed conflict rather than the cyber kind.

Although Merck was claiming under an “all-risk” property insurance policy, both these and more specific cyber policies often contain such exclusions.

However, the ruling may not be beneficial to other policyholders in the long run, as insurers are in general becoming much more prescriptive about coverage for cyber-incidents.

Lloyds of London last November released a new set of clauses that broadened act of war exclusions to “cyber-operations between states which are not excluded by the definition of war, cyber-war or cyber-operations which have a major detrimental impact on a state.”

Peter Groucutt, co-founder of Databarracks, said the new clauses would favor insurers going forward.

“Attribution is another challenge because it is not always clear who was responsible for an attack. There is understandably a lot of deception in cyber-warfare, with attackers leaving misleading breadcrumbs pointing to different attackers or nations. These clauses allow the insurer to determine attribution if the government does not or ‘takes an unreasonable length of time to.’ That seems to be a dangerous case of checking one’s own homework,” he argued.

“There is another challenge of attribution in that cyber groups are often loosely affiliated with a government. It is not always clear if they are directly controlled by or sponsored by the government. Previously, that distinction would be more important. Again, these new clauses widen the net with ‘those acting on its behalf’ working as a catch-all for these kinds of relationships.”

Ultimately the “parameters for payout” are narrowing, shifting more emphasis onto organizations to improve baseline protections, Groucutt concluded.

Read More

Cyberbullying: Words do Hurt When it Comes to Social Media

Read Time:5 Minute, 13 Second

Most parents may find it difficult to relate to today’s form of cyberbullying. That’s because, for many of us, bullying might have come in a series of isolated, fleeting moments such as an overheard rumor, a nasty note passed in class, or a few brief hallway confrontations. 

Fast forward a few dozen decades, and the picture is spectacularly different and a world few adults today would eagerly step into.  

Cyberbullying includes targeting that is non-stop. It’s delivered digitally in an environment that is often anonymous. It’s a far-reaching, esteem-shattering, emotional assault. And the most traumatic component? The perpetual nature of the internet adds the ever-present threat of unlimited accessibility—kids know bullying can happen to anyone, at any time, and spread like wildfire.   

The nature of cyberbullying can make a young victim feel hopeless and powerless. Skipping school doesn’t stop it. Summer vacation doesn’t diminish it. That’s because the internet is ever-present.   

According to a 2020 Ditch the Label Cyberbullying Study, youth today reveal that carrying the emotional weight of being “connected all the time” is anything but fun and games. Here’s a snapshot. 

Bullying has increased by 25% each year since the survey’s inception in 2006.   
46 % of the respondents reported being bullied more than once, and 20% reported bullying others on social networking sites. 
33% of young people surveyed said that they believe the behavior of politicians influences how people treat each other at school. 
25% of those surveyed say they feel “lonely all of the time.” (Executive commentary added that since the onset of the pandemic onset, those numbers have increased).  
50% of those bullied felt targeted because of attitudes towards their physical appearance.  
14% of respondents said they never like themselves; 24% said they do but rarely. 
42% of youth respondents revealed they have battled with anxiety. 
25% said they deal with depression; 21% with suicidal thoughts. 
Leading mental health stressors include school pressures, exams, body image, feelings of loneliness, and grief.  

Who Is Most Vulnerable? 

While all kids are at risk for cyberbullying, studies reveal that some are more vulnerable than others.  

According to the Pew Research Center, females experience more cyberbullying than their male counterparts; 38% of girls compared to 26% of boys. Those most likely to receive a threatening or aggressive text, IM, or email: Girls ages 15-17.  

More data from the CDC and American University reveals that more than 28.1 % of LGBTQ teens were cyberbullied in 2019, compared to 14.1% of their heterosexual peers. In addition, Black LGTBQ youth are more likely to face mental health issues linked to cyberbullying and other forms of bullying as compared to non-Black LGTBQ and heterosexual youth.  

Another community that can experience high cyberbullying is gamers. If your child spends a lot of time playing online games, consider paying close attention to the tone of conversations, the language used, your child’s demeanor during and after gaming, and, as always, stay aware of the risks. In a competitive gaming environment that often includes a variety of age groups, cyberbullying can quickly get out of control.  

Lastly, the reality no parent wants to confront—but one that is critical to the conversation—is that cyberbullying and suicide may be linked in some ways. According to JAMA Pediatrics, approximately 80% of young people who commit suicide have depressive thoughts, and in today’s online environment, cyberbullying often leads to more suicidal thoughts than traditional bullying.  

5 Things Parents Can Do 

Be a Plugged-In Parent. If you haven’t already, make 2022 the year you double up your attention to your kids’ online activities and how they might be impacting them emotionally. Kids connect with new people online all the time through gaming platforms, group chats, and apps. Engage them. Understand what they like to do online and why. Be aware of shifts in behavior, grades, and sleeping patterns. Know the signs that they may be experiencing online bullying.   
Layer Up Your Power. Kids need help with limits in a world of unlimited content and parents get busy. One remedy for that? Consider allowing technology to be your parenting partner—additional eyes and ears if your will—to help reduce the risk your kids face online. Parental controls on family devices can help you pay closer attention to your child’s social media use and assist you in filtering the content that’s rolling across their screens. Having the insight to connect your child’s mood to the time they spend on specific apps may provide a critical shortcut to improving their overall wellbeing.  
Prioritize Community. Feeling supported and part of a solid offline community can make a significant difference in a child’s life. One survey of teens aged 12-17 found that social connectedness played a substantial role in reducing the impact of cyberbullying. 
Don’t prohibit, limit. If you know your child is having a tough time online, it’s important not to overreact and restrict device use. They need peer connection. It’s their culture. Consider helping them balance their time and content online. Please talk about the pros and cons of specific apps, role play, teach them how to handle conflict, and encourage hobbies and meetups that are not technology dependent.  
Provide Mental Health Support. We are living in unique times. The digital, cultural, social, political, and health concerns encircling our kids remain unmatched. Not all signs of emotional distress will be outward; some will be subtle, and some, even non-existent. That’s why it’s essential to consistently take the time to assess how your child is doing. Talk with your kids daily, and when you notice they may need additional help, be prepared to find resources to help 

Conclusion 

Each new year represents 365 new days and 365 new chances to do things a little bit better than we’ve done them in the past. And while it’s impossible to stop our kids from wandering into the crossfire of hurtful words online, we can do everything possible to reduce their vulnerability and protect their self-esteem.  

The post Cyberbullying: Words do Hurt When it Comes to Social Media appeared first on McAfee Blogs.

Read More

Biden Signs Memo to Boost National Cybersecurity

Read Time:1 Minute, 52 Second

Biden Signs Memo to Boost National Cybersecurity

United States President Joe Biden has signed a National Security Memorandum (NSM) requiring national security systems to implement network cybersecurity measures that are at least as good as those required of federal civilian networks.

The requirements for federal civilian networks were laid out in Biden’s Executive Order 14028 (EO 14028) issued May 12 2021. The new memo, signed Wednesday, specifies how the provisions of EO 14028 apply to national security systems. 

The NSM establishes timelines and guidance for how cybersecurity requirements, including multi-factor authentication, encryption, cloud technologies and endpoint detection services, will be implemented.

It also requires agencies to identify their national security systems and report cyber incidents that occur on them to the National Security Agency (NSA). 

Commenting on this particular requirement of the NSM, Mark Manglicmot, vice president of security services at Arctic Wolf, said: “To defend something, you need to have an asset inventory to know what your most critical systems and data are. This directive mandates this best practice.”  

The NSM further authorizes the NSA to create Binding Operational Directives that require agencies to take specific actions against known or suspected cyber-threats and vulnerabilities. In addition, it requires the NSA and the Department of Homeland Security to share BODs and “learn from each other to determine if any of the requirements from one agency’s directive should be adopted by the other.” 

Under the new memo, agencies are required to secure tools known as cross-domain solutions that transfer data between classified and unclassified systems. 

In a statement released Wednesday, the White House said: Modernizing our cybersecurity defenses and protecting all federal networks is a priority for the Biden Administration, and this National Security Memorandum raises the bar for the cybersecurity of our most sensitive systems.”

James McQuiggan, security awareness advocate at KnowBe4, noted that the memo omitted any requirements around cybersecurity education or creating a security culture among users. 

He said: “When users can spot social engineering attacks, have the necessary training to work in Network or Security Operations Centers and understand the importance of developing secure code, it can strengthen the resiliency of the organization or government systems and significantly reduce the risk of a cyber-attack.”

Read More

11:11 Systems Acquires iland

Read Time:1 Minute, 49 Second

11:11 Systems Acquires iland

Managed infrastructure solutions company, 11:11 Systems, has acquired Texas-based cloud services provider, iland

The completion of the acquisition was announced on Thursday. The terms of the deal were not disclosed. 

Headquartered in Houston with regional offices in London and Sydney, iland delivers cloud services including Disaster-Recovery-as-a-Service (DRaaS), Infrastructure-as-a-Service (IaaS) and Backup-as-a-Service (BaaS) from its cloud regions throughout North America, Europe, Australia and Asia.

11:11 Systems said it intends to leverage iland’s award-winning Secure Cloud Console, which natively combines deep layered security, predictive analytics and compliance to deliver visibility and easy management for iland’s cloud services.

The deal follows 11:11 Systems’ recent acquisition of Green Cloud Defense, a channel-only, cloud Infrastructure-as-a-Service (IaaS) provider. 

“By adding iland’s steady 25% YOY momentum to 11:11 Systems’ expanding national network of MSPs, VARs and IT consultants, a hyper-growth pathway has been created,” said 11:11 Systems in a statement.

Brett Diamond, CEO of 11:11 Systems, said his company’s recent acquisitions were motivated by making cybersecurity more straightforward for its customers. 

“CIOs and IT leaders are being pushed to address increasing numbers of security threats, application vulnerabilities and network weaknesses that can leave organizations exposed to data breaches; at the same time, they are tasked with laying the right foundation within their infrastructure to embrace hybrid cloud, navigate sophisticated application requirements, artificial intelligence and more while data and devices continue to multiply exponentially,” said Diamond.

He added: “11:11 Systems is focused on significantly simplifying our customers’ approach to cloud, security and connectivity to drive greater security, innovation, and responsiveness and adding iland and Green Cloud as core ingredient platforms substantively advances this mission.”

For iland, the deal brings an opportunity for expansion and innovation, according to the company’s CTO, Justin Giardina. 

“Joining 11:11 Systems, which now includes Green Cloud, will open up the doors of innovation even wider with new opportunities to expand services across the iland platform, which will further enhance our customers’ ability to manage and monitor their hybrid environments,” said Giardina.

Read More