Category Archives: News

CIS Risk Assessment Method (RAM) v2.1 for CIS Controls v8

Read Time:20 Second

CIS recently released the CIS Risk Assessment Method (RAM) v2.1, a risk assessment method designed to help enterprises justify investments for implementing the CIS Critical Security Controls (CIS Controls). This version supersedes CIS RAM v2.0, which was first released in October 2021. CIS RAM helps enterprises define their acceptable level of risk, and then manage that risk once the CIS Controls have been implemented.

Read More

How to Protect Your Social Media Accounts

Read Time:5 Minute, 3 Second

Social media is part of our social fabric. So much so that nearly 50% of the global population are social media users to some degree or other. With all that sharing, conversing, and information passing between family and friends, social media can be a distinct digital extension of ourselves—making it important to know how you can protect your social media accounts from hacks and attacks.

Beyond the sheer number of people who’re on social media, there’s also the amount of time we spend on it.  People worldwide spend an average of 145 minutes a day on social media. With users in the U.S. spending just over two hours on social media a day and users in the Philippines spending nearly four hours a day, that figure can vary widely. Yet it’s safe to say that a good portion of our day features time scrolling and thumbing through our social media feeds. 

Given how much we enjoy and rely on social media, now’s a fine time to give your social media settings and habits a closer look so that you can get the most out of it with less fuss and worry. Whether you’re using Facebook, Instagram, TikTok, or whatnot, here are several things you can do that can help keep you safe and secure out there: 

1. Set strong, unique passwords

Passwords mark square one in your protection, with strong and unique passwords across all your accounts forming primary line of defense. Yet with all the accounts we have floating around, juggling dozens of strong and unique passwords can feel like a task—thus the temptation to use (and re-use) simpler passwords. Hackers love this because one password can be the key to several accounts. Instead, try a password manager that can create those passwords for you and safely store them as well. Comprehensive security software will include one. 

2. Go private

Social media platforms like Facebook, Instagram, and others give you the option of making your profile and posts visible to friends only. Choosing this setting keeps the broader internet from seeing what you’re doing, saying, and posting, which can help protect your privacy. 

3. Say “no” to strangers bearing friend requests

Be critical of the invitations you receive. Out-and-out strangers could be more than just a stranger, they could be a fake account designed to gather information on users for purposes of cybercrime, or they can be an account designed to spread false information. There are plenty of them too. In fact, in Q3 of 2021 alone, Facebook took action on 1.8 billion fake accounts. Reject such requests. 

4. Think twice before checking in

Nothing says “there’s nobody at home right now” like that post of you on vacation or sharing your location while you’re out on the town. In effect, such posts announce your whereabouts to a broad audience of followers (even a global audience, if you’re not posting privately, as called out above). Consider sharing photos and stories of your adventures once you’ve returned.  

5. The internet is forever

It’s a famous saying for a reason. Whether your profile is set to private or if you are using an app with “disappearing” messages and posts (like Snapchat), what you post can indeed be saved and shared again. It’s as simple as taking a screenshot. If you don’t want it out there, forever or otherwise, simply don’t post it. 

6. Watch out for phishing scams

We’re increasingly accustomed to the warnings about phishing emails, yet phishing attacks happen plenty on social media. The same rules apply. Don’t follow any links you get from strangers by way of instant or direct messengers. And keep your personal information close. Don’t pass out your email, address, or other info as well. Even those so-called “quiz” posts and websites can be ruses designed to steal bits and pieces of personal info that can be used as the basis of an attack. 

7. Also keep an eye out for scams of all kinds

Sadly, social media can also be a place where people pull a fast one. Get-rich-quick schemes, romance cons, and all kinds of imposters can set up shop in ads, posts, and even direct messages—typically designed to separate you from your personal information, money, or both. This is an entire topic to itself, and you can learn plenty more about quizzes and other identity theft scams to avoid on social media 

8. Review your tags

Some platforms such as Facebook allow users to review posts that are tagged with their profile names. Check your account settings and give yourself the highest degree of control over how and where your tags are used by others. This will help keep you aware of where you’re being mentioned by others and in what way. 

9. Protect yourself and your devices

Security software can protect you from clicking on malicious links while on social media while steering you clear of other threats like viruses, ransomware, and phishing attacks. It can look out for you as well, by protecting your privacy and monitoring your email, SSN, bank accounts, credit cards, and other personal information. With identity theft a rather commonplace occurrence today, security software is really a must. 

10. Check your Protection Score and see how safe you are

Now you can point to a number that shows you just how safe you are with our Protection Score. It’s an industry first, and it works by taking stock of your overall security and grading it on a scale of 0 to 1,000. From there, it calls out any weak spots and then walks you through the steps to shore it up with personalized guidance. This way, you’re always in the know about your security, privacy, and personal identity on social media and practically wherever else your travels take you online.

The post How to Protect Your Social Media Accounts appeared first on McAfee Blogs.

Read More

McAfee Wins Product of the Year for Best Online Protection

Read Time:1 Minute, 41 Second

You can feel even more confident that you’ll enjoy life online with us at your side. AV-Comparatives has awarded McAfee as its 2021 Product of the Year.

McAfee makes staying safe simple, and now this endorsement by an independent lab says we protect you best.

Over the course of 2021, AV-Comparatives subjected 17 different online protection products to a series of rigorous tests. Their labs investigated each product’s ability to protect against real-world Internet threats, such as thousands of emerging malicious programs and advanced targeted attacks, along with the ability to provide protection without slowing down the computer.

McAfee topped the field, taking home the award for AV-Comparatives’ Product of the Year thanks to our highest overall scores across the seven different testing periods throughout the year. McAfee further took a Gold Award for the Malware Protection Test, in addition to recognition for its clean, modern, and touch-friendly design and for the way that McAfee Firewall coordinates perfectly with Windows.

“We’re honored by the recognition,” says Chief Technology Officer, Steve Grobman. “The strong reputation that AV-Comparatives carries in the industry cements our place as a leader in online protection.” He goes on to say, “Our work continues. The internet is evolving to be integral to every part of our lives. This creates new opportunities for cyber criminals and drives the evolution of the threat landscape. McAfee is committed to staying one step ahead of these sophisticated threats, ensuring customers can safely utilize the full value of our online world.”

Read the full AV-Comparatives annual report and protect yourself and your family with the year’s top-rated antivirus. Give it a look for yourself with a free 30-day trial of McAfee Total Protection, which includes McAfee’s award-winning anti-malware technology plus identity monitoring, Secure VPN, and safe browsing for an all-in-one online protection.

The post McAfee Wins Product of the Year for Best Online Protection appeared first on McAfee Blogs.

Read More

UK Government to Launch PR Campaign Undermining End-to-End Encryption

Read Time:23 Second

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” rhetoric we’re seeing in this current wave of the crypto wars. The technical eavesdropping mechanisms have shifted to client-side scanning, which won’t actually help — but since that’s not really the point, it’s not argued on its merits.

Read More

When It comes to Cybersecurity – An ounce of prevention

Read Time:5 Minute, 11 Second

Benjamin Franklin advised fire-threatened Philadelphians in 1736 that, “An ounce of prevention is worth a pound of cure. Clearly, preventing fires is better than fighting them……”

So, to what extent are we able to protect ourselves from Cybersecurity events? With the alphabet soup of acronyms out there such as NIST, ISO, SOC, CISA, DevSecOps, etc…… protecting your business from Cybersecurity threats can be overwhelming. Making Cybersecurity a priority can save your business down the road.

Threat Actors, once in, may lay dormant for months much like a human virus. The hacker with the persistent access in place will sit in the background infecting as much as possible and gathering as much data as they can. Like a cold, you may feel fine, but you’ll notice things are off a bit. You get tired easier; seem a little sluggish.

The same symptoms will occur in your IT environment as the malware spreads downloading data and expanding across your global network corrupting backups and leaving little options. Once the actor has embedded themselves, they will strike. Ransomware and stolen customer data can put an enterprise out of business for months.

Social engineering

Social engineering is the most prevalent way threat actors find their way into your environment. Disguising themselves as legitimate web sites, email, and customer service entities they depend on people’s kindness, willingness to help and urgency to resolve perceived threats/problems. Training your employees on recognizing these threats is both simple and critical in preventing an intrusion.

Verifying the URL on a link is the quickest and easiest way to determine validity. The safest bet; is if you don’t know who sent it don’t click it. Look up the phone number for the company on an independent site and call them to verify the request. Do not use the number that was embedded in the email. Many businesses or government entities will never call or email you. Getting an unexpected call from the Social Security administration or the IRS will never happen. Instead, they will use traditional mail.

Network design and architecture

Architecting a robust network with multiple layers of firewall protection, redundant pathways for both external and internal and isolating critical data is paramount in limiting the damage done by a threat actor. In the first layer all client data should be completely isolated from external facing equipment. Access to these environment’s should be heavily restricted to a limited number of people and applications.

The next layer is the application layer and should be divided into those applications accessing the data and those processing it. Lastly is the customer facing layers. These will sit on the public internet or companies’ intranet and be most exposed to threats. Utilizing a simple three-layer approach can prevent most leakage points from being exposed. More complex architectures may be needed depending on the industry or the data.

Asset inventory/patches

All assets on the network must be identified and tracked. Assets that are not in the inventory or patched can be Trojan horses themselves. Sitting on the network these assets are easy targets for Threat Actors. Knowing the age of the assets and patch levels is critical. Older assets may be out of maintenance; therefore, they may no longer have patches available and can be easily exploited.

Newer assets may sit unpatched due to the application utilizing them not being able to support the most recent patches. These machines must be isolated and scrutinized more closely. Lastly, having an active patching process of N-1 or better as well as subscribing to the latest threat alerts with your vendors is paramount to making sure you are safely secured.

Backups

Backups of data and applications are necessary to restoring your operations in the event of a ransomware or other intrusions. Since Threat Actors may have been lurking in your environment for months prior to being identified, your backups may be corrupted. If this occurs, once you restore, the Threat Actor will simply shut you down again. It’s imperative to keep the restoration environment isolated until you can scan all restored systems and verify that they are clean prior to going back online.

Budgets

Some intrusions occur due to carelessness or lack of processes and procedures. In others, it is a lack of budgetary foresight creating cyber risk. Technology debt occurs quickly when finances are tight, and decisions are made to put off upgrades and maintenance to save money. “We’ll take care of it next year when things are better”, so they say.

One year quickly becomes three. As long as mission critical applications are functioning as expected, long range planning for them are overlooked. Proper budgetary planning for equipment maintenance & replacements, software patching and application upgrades are an imperative. It must be an integral part of every company’s financial planning process.

Preparedness

Just like with home protection; running fire drills, having home escape plans, regularly testing your security system and maintaining your smoke detectors; you need to do the same with your IT environments. Have a certified third party review your infrastructure and application architecture to ensure it has solid protective layers in place and all sensitive data is isolated. Conduct a review of all security policies, procedures, and training.

Run external and internal penetration tests to see if any holes exist and quickly execute remediation plans. Have a ransomware playbook in place and run preparedness drills. Regularly scan your backups for known malware. Maintain an active asset inventory list and perform quarterly audits of move, adds and changes to ensure nothing is on the network that shouldn’t be there. 

An ounce of prevention

Even with proper grounding, installing smoke detectors, and sprinkler systems; fires still occur. Setting up and maintaining safety and security measures ensures that damage is avoided, minimized, and contained.

To the Threat Actor, data theft, ransomware, and denial of service attacks are a very profitable game. They are patient and will continue to probe until they find a way in. Companies that have fallen behind with updates and upgrades will become easy marks. As an IT leader you must stay one step ahead of them with proper planning and maintenance of your total environment.

Read More

Three recent events prove the need for an insider risk playbook

Read Time:53 Second

Every company, regardless of size, should have an insider risk management playbook in place to address the insider threat. The human factor is always in play, mistakes will happen that inadvertently place the company at risk. The other side of the human factor are the malevolent individuals who opt to break trust and willingly push aside their NDAs and in-place IT data handling processes and procedures to knowingly abscond with sensitive data.

Three recent incidents underscore the importance of having an insider risk management playbook:

Ubiquiti’s insider risk mitigation plan pays off

Malicious insider Nikolas Sharp of Ubiquiti stole his company’s data and then attempted to maneuver the post-investigation efforts away from his own actions and to extort from his employer $2 million. While the Ubiquiti team did not stop the exfiltration of the data, once an anomalous activity was discovered, they executed on their mitigation plan, and eventually brought in the FBI to address the criminal aspects of their insider incident.

To read this article in full, please click here

Read More

An Examination of the Bug Bounty Marketplace

Read Time:1 Minute, 2 Second

Here’s a fascinating report: “Bounty Everything: Hackers and the Making of the Global Bug Marketplace.” From a summary:

…researchers Ryan Ellis and Yuan Stevens provide a window into the working lives of hackers who participate in “bug bounty” programs­ — programs that hire hackers to discover and report bugs or other vulnerabilities in their systems. This report illuminates the risks and insecurities for hackers as gig workers, and how bounty programs rely on vulnerable workers to fix their vulnerable systems.

Ellis and Stevens’s research offers a historical overview of bounty programs and an analysis of contemporary bug bounty platforms — ­the new intermediaries that now structure the vast majority of bounty work. The report draws directly from interviews with hackers, who recount that bounty programs seem willing to integrate a diverse workforce in their practices, but only on terms that deny them the job security and access enjoyed by core security workforces. These inequities go far beyond the difference experienced by temporary and permanent employees at companies such as Google and Apple, contend the authors. The global bug bounty workforce is doing piecework — they are paid for each bug, and the conditions under which a bug is paid vary greatly from one company to the next.

Read More