Enterprise Data Security: It’s Time to Flip the Established Approach

The Threatpost published an article on enterprise data security by Rob Junker.

There’s an old saying when it comes to big undertakings: Don’t boil the ocean. Well, there’s hardly any bigger project in information security than trying to protect corporate data. But the reality is that too many organizations today are, in fact, “boiling the ocean” when it comes to their data-security program. In fact, they have their entire data-security approach backward – especially when it comes to managing data risk within today’s highly collaborative and remote workforce.

Read more on the Threatpost...

Active Malware Campaign Using HTML Smuggling

The Threatpost reported on ongoing malware campaign based on HTML smuggling.

Krishnan Subramanian, security researcher with Menlo Security, told Threatpost that the campaign uncovered on Tuesday, dubbed “Duri,” has been ongoing since July.

It works like this: The attackers send victims a malicious link. Once they click on that link, a JavaScript blob technique is being used to smuggle malicious files via the browser to the user’s endpoint (i.e., HTML smuggling). Blobs, which mean “Binary Large Objects” and are responsible for holding data, are implemented by web browsers.

Read more on the Threatpost

Corporate VPNs in danger as vishing attacks target home workers

SC Media published a report on current situation with cyberattack on remote workers using VPNs to connect to corporate networks.

Multiple hacking gangs are preying on remote workforces and corporate VPNs through vishing attacks that are more efficient, dangerous and ubiquitous than ever, prompting the U.S. government to issue both a warning and advice on how to thwart them.

“The news has spread throughout the hacker community and multiple groups are now doing this,” said Allison Nixon, chief research officer at Unit 221b.

Read more on SC Media

Casualties and Damages of Global Cybersecurity War or Some Examples of Astronomical Values

There is quite a lot of statistics giving not just alarming but truly intimidating figures from global cybersecurity battlefield. For too many businesses it is not about winning, it’s about survival. See the figures and make your conclusions:

1. New hacker attack happens every 39 seconds

According to a Clark School study held at the University of Maryland there occur hacker attacks of computers with Internet access every 39 seconds on average. This alone should be a sufficient reason for making secure logins and passwords to be taken seriously.

2. Small businesses became target of nearly every second attack

According to study by Symantec, 43% of all cyberattacks are launched against small businesses. Of those small businesses 64% have experienced web-based attacks, 62% underwent phishing & social engineering attacks and 51% experienced denial of service attacks.

To understand why this is a problem, learn the figure below:

3. 60% of those hacked small businesses go out of business within six months

Once again. According to study by Fundera, 60% of small businesses which were subjected to cybercrimes, go out of business due to attack consequences: customers’ data loss, financial data corruption, litigations etc. Kill ratio too high to be ignored, don’t you think so? Why it happens, you will understand from the stats below:

4. Global average cost of a data breach for SMB is 3.4 million

This figure by Varonis explains why successful cyberattacks against SMB are so lethal. 3.5 million is too much for vast majority of SMBs. Even if company copes with financial damages, every cyberattack is not just about financial losses, but about reputation as well. Still, that’s almost nothing compared to possible outcomes for publicly traded companies, which should beware infinitely more.

5. Global average cost of a data breach for public company is 100 million

According to a report by Audit Analytics, the average cost a data breach for a publicly-traded company will reach or even surpass 100 million. A hundred million euros. That’s near the total annual revenue which makes it reasonable for a business to go public. Once again: a hundred million euros of damages. Enjoy and indulge in memories of how you screwed your cybersecurity system.

5. Year 2020 brought about a 300% increase in reported cybercrimes

People sit at home, spend more money online and, most importantly heavily rely on remote collaboration and communication tools. Convenience for businesses which turned Bonanza for cybercriminals. 300% increase in cybercrimes since March 2020 reported by FBI might be a shocking indicator, but we will easily make it even more shocking. These are REPORTED cybercrimes. So, actual growth might very well have been even higher. Why so? It’s because:

6. On average 6 months pass before data breach is detected, even in major companies

Even such giants like Capital One or Facebook were subjected to successful cybersecurity breaches, which were discovered long after users’ passwords, credit card details and other sensitive data had been compromised. And this is despite the fact, that funds spent on cybersecurity globally have long ago reached astronomical values:

7. Near $900 billion will be spent globally on cybersecurity by 2021

According to recent Cybersecurity Ventures report, organizations and businesses globally make fundamental changes in their approach to cybersecurity and reprioritize budgets to align with new realities. And still the total cost of cybercrimes is expected to be times higher:

8. Global cost of cybersecurity crimes will surpass 5,25 trillion by 2021

According to the same above report by Cybersecurity Ventures, global business and economy will sustain near 5,5 trillion of damages in 2021 because of cybercrimes. Again, why these truly enormous expenses on cybersecurity do not stop these staggering cybersecurity losses? Why? That’s because:

9. 95% of cybersecurity breaches occur through human error

Criminals and hackers will infiltrate your company’s IT infrastructure or data through your weakest link which is your employees! (not an IT or security team, btw). Good on-board security team, or outsourced one (which is even better, says MSSP) will dramatically improve chances for successful cybersecurity protection. But if you have neither, at least you need a good Cyber Security Incident Response plan to minimize incident losses. Still…

10. 77% of organizations do NOT have a Cyber Security Incident Response plan

Really, why should you need it… You will never be hacked, because Americans never landed on the Moon and the Earth is flat and all hackers, if there are any, will fall over its edge, sooner or later. Still, if you do not want to wait for this cybercrime incident, order a Plan from us, as a bonus to an affordable package of managed security services.

SMBs assaulted by DeathStalker APT espionage campaigns

The hacker collective known as DeathStalker has recently widened its footprint to include small to medium-sized business (SMB) targets in the financial sector throughout Europe, Middle East, Asia and Latin America.

Deathstalker’s tactics, techniques and procedures aren’t different from when it first emerged as a hacker-for-hire, according to Kaspersky, which tracked Deathstalker’s activities for the past three years.

Read more on SC Media

9 Applications Boosting Phone's Security and Privacy

David Nield of WIRED offered a selection of efficient applications developed to boost iPhones' and Androids' security beyond standard levels.

iOS and Android are both constantly evolving to be more secure and protect your privacy, but that doesn't mean they can't use a little help here and there. We've rounded up 9 great security apps for your phone right here, eschewing the standard antivirus and VPN options to bring you some lesser-known utilities that can really make a difference to how well protected your phone and all the data on it is.

By the way, we are aware that this list is a little Android-heavy, but that's due to the nature of Android and iOS. Apple takes more control over the security of iOS, whereas Google is more willing to let third-party apps step in—iOS apps simply aren't allowed to scan for viruses, analyze networks in detail, reconfigure user permissions, or access any of the other deep hooks in the software that a serious security app would need.

Read further on WIRED

Several Zoom Vulnerabilities Demonstrated at DEF CON 28

The Hacker News published the news on several new vulnerabilities discovered in Zoom.

Popular video conferencing app Zoom has addressed several security vulnerabilities, two of which affect its Linux client that could have allowed an attacker with access to a compromised system to read and exfiltrate Zoom user data—and even run stealthy malware as a sub-process of a trusted application.

According to cybersecurity researcher Mazin Ahmed, who presented his findings at DEF CON 2020 yesterday, the company also left a misconfigured development instance exposed that wasn't updated since September 2019, indicating the server could be susceptible to flaws that were left unpatched.

Read more at Hacker News

What are the biggest data breach fines, penalties and settlements?

Digital edition CSO published a short yet convincing study of the biggest data breach consequences in modern history.

Sizable fines assessed for data breaches in 2019 suggest that regulators are getting more serious about organizations that don’t properly protect consumer data. In the UK British Airways was hit with a record $230 million penalty, followed shortly by a $124 million fine for Marriott, while in the US Equifax agreed to pay a minimum of $575 million for its 2017 breach...

Read further on CSO

Instagram Ignored GDPR Rules and Retained Deleted User Data

The Threatpost offered a report on serious violation of GDPR rules by Instagram

Instagram kept copies of deleted pictures and private direct messages on its servers even after someone removed them from their account. The Facebook-owned service acknowledged the slipup and awarded a security researcher $6,000 for finding the bug.

Researcher Saugat Pokharel discovered the vulnerability when he downloaded his data last year from the photo-sharing app, according to a report on TechCrunch. The data included photos and private messages that he’d previously deleted, alerting him to a problem, he said.

Read more on Threatpost

Amazon Alexa Bugs as a Gift for Hackers

The Hacker News published a news on possible ways of using Amazon's Alexa as a tool for cybercriminals to spy on you.

Attention! If you use Amazon's voice assistant Alexa in you smart speakers, just opening an innocent-looking web-link could let attackers install hacking skills on it and spy on your activities remotely.

Check Point cybersecurity researchers—Dikla Barda, Roman Zaikin and Yaara Shriki—today disclosed severe security vulnerabilities in Amazon's Alexa virtual assistant that could render it vulnerable to a number of malicious attacks...

Read more on the hackernews.com