Category Archives: Internet Security
Stolen identity can happen to anyone at any time.
In fact, a new report finds two-thirds of people will experience life-changing digital abuse.
There are a few simple things you can do to keep your personal information safe.
From widespread cyber attacks to fraudulent emails and texts, the web has many ways to grab what it needs from you. About 79% of internet users feel they have completely lost control of their personal data.
As we evolve in technology it has become more and more of an issue, said Regine Bonneau, CEO of RB Advisory and cyber security consultant.
How can you protect yourself?
First, download an identity protection system. Identity Guard, Identity Force and ID Shield rank in the top three, according to U.S. News and World Report.
Next, check your apps.
They can be used to bombard you with spam.
Some popular ones have come under fire for sharing your information.
Beware of opening weird emails to avoid phishing scams.
Finally, a simple step to keep you safe online is to update your devices regularly.
For more information:
Report identity theft and get a recovery plan Federal Trade Commission
USA.gov on identity theft
Federal Trade Commission Consumer Information
By Christopher Bing | Reuters
A cyber surveillance company based in Israel has developed a tool that can break into Apple iPhones with a never-before-seen technique used at least since February, internet security watchdog group Citizen Lab said on Monday.
The discovery is important because of the critical nature of the vulnerability, which affects all versions of Apples iOS, OSX, and watchOS, except for those updated on Monday.
The vulnerability exploited by the Israeli firm, named NSO Group, defeats security systems designed by Apple in recent years.
Apple said it fixed the vulnerability in Mondays software update, confirming Citizen Labs finding. However, an Apple spokesperson declined to comment regarding whether the hacking technique came from NSO Group.
Citizen Lab said it found the malware on the phone of an unnamed Saudi activist, which had been infected with spyware in February. It is unknown how many other users may have been infected.
The vulnerability comes from a flaw in how iMessage automatically renders images. IMessage has been repeatedly targeted by NSO, as well as other cyber arms dealers, prompting Apple to update its architecture. But that upgrade has not fully protected the system.
The security of devices is increasingly challenged by attackers, said Citizen Lab researcher Bill Marczak.
The U.S. Cybersecurity and Infrastructure Security Agency had no immediate comment.
Internet of Things (IoT) security is a growing concern for retailers. IoT is one of the biggest trends in the market today, said Itzik Feiglevitch, product manager for Check Point Software Technologies at the RSA Conference in May 2021. Huge numbers of devices are expected to be added in the coming years to company networks.
And while Feiglevitch said theyre greatthey increase operational efficiency and move companies into the digital worlda retailer also needs to take into consideration that all of those IoT devices are now part of our networks, and they bring with them lots of security risks.
According to Check Points research, a typical enterprise of 5,000 employees could have as many as 20,000 IoT devices. I know it seems like a huge number, but think of all the IP TVs, printers, surveillance cameras, or the sensors inside the buildings, the smart elevators, smart lightingeverything is connected to the enterprise network.
IoT sensors are increasingly being used in retail to enhance the customer experience, such as with smart mirrors and digital signage; for insight into customer preferences and behavior; and for loyalty and promotionusing sensors to identify the time and place of the customer to better target assistance or incentives. Connected sensors are being used for managing energy and detecting equipment problems, especially in grocery, and in warehouses and stores to optimize supply and fulfillment, as with RFID and smart shelves.
The global internet of things in retail was valued at $31.99 billion in 2020 and is expected to expand at a compound annual growth rate of 26 percent from 2021 to 2028, according to market analysis by Grand View Research. IoT is expected to revamp the retail industry, transforming traditional brick and mortar shops into advanced digital stores, according to the report.
The surge in the number of interconnected devices in retail outlets and the decreasing prices of IoT sensors are expected to propel the growth. Retailers commitment to IoT innovation is contributing to the growth of connected devices, including both RFID tags and beacons and the proliferation of smartphones and the use of mobile applications are driving the retail software segment growth.
Problematically, many IoT devices are unmanaged. They are connected to our network, but we dont have any way to control those devices, to view them, and define what those devices can and cannot do inside our network, said Feiglevitch. If we go and search for those devices inside our security management system, we will not find those devices.
Most company-connected IoT devices are, in turn, connected to the wider internetto allow vendors to deliver updates, for example. Attackers, using standard scanning tools, can find those devices. They know what to look for, said Feiglevitch, noting that there are even search tools to help thema Google for IoT hackers, he said. A casual Shodan search will turn up nearly 300,000 surveillance cameras connected to the internet.
Once found, connecting to those devices, and hacking into them, tends to be quite easy, Feiglevitch warned. They often have no built-in Internet of Things security, run on legacy operating systems, have weak default passwords, and are difficult to patch. Many dont have basic security capabilities, he said. When many of those devices were developed, no one thought about that.
By accessing a device, hackers can manipulate itto view a camera, for exampleor use it, for crypto mining or as a bot for a botnet attack. It also can provide hackers a backdoor into the network because of an insecure connection. Users may not have the right knowledge about how to connect those devices, said Feiglevitch. Theyre using the wrong protocols and insecure applications, so through those devices, hackers can get into the network.
In exploitation tests, researchers have found it possible to create untold havoc, from taking over entire smart building systems to tricking medical devices to deliver incorrect doses of medicine, and while vendors typically issue patches, Feiglevitch says those often dont get implemented. Legacy, insecure devices are ubiquitous, he warned.
There are four pillars to address the risks that IoT devices pose to an organizations network, according to Justin Sowder, a security architect for Check Point.
In terms of solution design, Sowder advised that it should consist of three things: an IoT discovery engine; a solution that extracts information and ties it to security protocols; and a security gateway that enforces the security policies.
This flow should be completely automated: from a new device being connected or an existing device being discovered, to this Internet of Things security management that will extrapolate relevant data and tags to your security policies, and then down to an enforcement point, he said. It should be invisible to users, but discovery, protection, and enforcement in the security realm should nonetheless be happening, he said.
An automated solution is preferable, he believes, to a slower, more heavy-handed cyber security approach in which all new devices are assigned a ticket and vetted and managed. That only encourages shadow IT, he warned.
The need for retailers to have a robust process for gaining control over IoT devices is only growing, as IoT devices proliferate and there is increasing reliance on field devices that communicate back to network data centers. That the infrastructure used to enable IoT devices is beyond the control of both the user and the IT department underscores that risk.
Research indicates that some organizations fail to define exactly who are the leaders in charge of assessing and mitigating risk. Experts suggests that retail organizations may want to consider appointing a Chief IoT Officer since many projects lie outside of the domain of a CIO and IT department.
IoT isnt an IT project. Its a business project that uses IT, noted one panelist at an IoT session at a LiveWorx tech conference. Another agreed, saying that IT security professionals should be prepared to share Internet of Things security responsibility with other divisions across the enterprise, including physical security teams.
TiECON East’s Track-1 to Focus on Cyber Security, Internet of Things and AI With Respect to 5G – India New England
BOSTON TiE Boston, one of the regions largest and oldest organizations supporting the Massachusetts entrepreneurial ecosystem and connecting entrepreneurs, executives, and venture capitalists, unveiled names of speakers and topics for Track-1 of its annual TiECON East conference.
Track-1 will focus on Cyber Security, Internet of Things and AI With Respect to 5G. INDIA New England News will bring info on other three tracks during upcoming weeks. The annual TiECON East conference, which is organized by TiE Boston and scheduled for Oct. 1, 2021 at the Westin Hotel in Waltham, MA, is the largest conference of and for entrepreneurs and business executives in the Northeast.
Major sponsors of the conference are Amazon, Microsoft, Vertex Pharmaceuticals, Arent Fox, Converge, Sittercity, Innospark, Thread Research, Progress and Embark.
Details on Track-1:
IoT (Internet of Things)
In the past decade, there has been an explosion of connected devices forming the IoT, which has promised to transform entire industries via digital twins, preventative maintenance, and new data sets. And yet, the IoT isnt as ubiquitous as we may think. Significant barriers to adoption persist. Hear from panelists at the forefront of deploying IoT systems at scale. Learn how theyre handling the technical challenges and justifying the RoI to these deployments.
From cities going offline and gas lines shutting down to data leaks and health system breaches you have likely heard of the impact cyber has had across the public, private and social sectors. No industry has been immune to its effects, and it has only increased in importance over time. In fact, recent reports show that hackers attack a computer in the U.S. every 39 seconds. Given we are all dealing with new cyber-attacks every day from the dark web, our panel will focus on hearing from the experts on cyber who spend most of their waking hours (and nightmares) thinking about how to protect data, technology, processes and people from cyber risks. We will hear about how traditional cybersecurity models put sand in the gears of digital programs and enterprises.
ML in 5G
The intersection of AI and 5G is ripe with opportunity. As more data at higher volumes becomes accessible, entirely new AI use-cases, trends, and business models will emerge. In this session, well explore the topics of 5G and AI, and discuss potential use-cases and business impacts. In addition, the panelists will discuss the potential business and ethical risks of these new applications.
Here is the list the speakers and moderators of Track-1:
For more information about TiECON East, please click here.
To buy ticket for the day-long conference, please click here.
I started this year with a deceptively simple question: What does the internet know about me? I wanted to do a deep dive into the privacy policies and data collection practices of the digital products that I use the most, in order to figure out what pieces of myself Ive been unwittingly giving away in the 25 years Ive been online. And, perhaps more importantly, I wanted to know if there was anything I could do about it.
What I found over these past eight months was both shocking and not. Shocking, because I think its important that we all keep being at least a little bit shocked at what companies get away with when it comes to privacy-violating data collection. Shocking, because its scary to realize that the internet essentially knows everything about me, from my heartbeat to my address to who walks up to my front door. Not shocking, because as my friend who sparked this idea for me said I kind of just assume everything I do online is tracked.
While most of what the internet knows about me feels fairly mild, there were some slightly salacious bits of info that I realized. For example, I use an Oura ring as a fitness tracker and because it tracks body temperature, it could theoretically know if I was pregnant, had Covid, or even had too much to drink one night. (Same goes for my Eight bed, which also tracks body temperature.)
Theres no guarantee that they do know those things, but there are cases of apps and services knowing about pregnancies and serving related ads, for example, before the person experiencing the pregnancy was ready to share. So its a fair bet that they could figure it out if they wanted to.
I also realized something kind of surprising about myself: Im willing to give up more personal information than I realized. As my conversations with my friend illustrated, theres a certain normalization around online data tracking and collection, at least in the US. Weve been trained to accept this model of the internet as inevitable and our general apathy toward data collection and protection reflects that.
But that doesnt mean Im wrapping up What Does the Internet Know About Me? by throwing my hands up in the air and releasing all of my personal information into the Dark Web myself. Because despite the negatives I came across, there were also a lot of positive signs that the tide is turning when it comes to online privacy.
For example, the vast majority of privacy policies that I read (and I read a lot), were surprisingly clear and comprehensive. They were written in plain English, had clear sections, and utilized a minimum of tricky legal language. I appreciate that a lot and also know that it hasnt always been the case.
I also saw firsthand how legislation can make a huge difference when it comes to how much or how little that were asked to give up in exchange for access to sites and services. I live in California but Avast is based in Europe, so I made a point to look at companies policies for the California Consumer Privacy Act (CCPA), General Protection Regulation (GDPR) in Europe and everyone else.
I found that many sites and companies have multiple sets of rules, based on where you live. That means I have more rights than my colleagues who live in North Carolina, for example, and my colleagues in the EU and the UK have even more than I do. So while the internet has no borders, the laws we enact for it certainly do.
That plus the fact that many of these companies have ways to easily delete your data (or limit their collection) gives me some hope. I think were in the midst of a massive shift away from this data-sucking model to which weve all become accustomed. I dont know where that shift will leave us but Im hopeful that its going to be somewhere better than where we are today.
See the original post:
Wrapping Up What Does The Internet Know About Me? | Avast - Security Boulevard
Over the past year, Russia and the Peoples Republic of China conducted successful cyber espionage campaigns against federal agencies, compromising some of the United States most sensitive information.
The American public may wonder why federal networks remain vulnerable to serious data breaches despite the government spending billions on cybersecurity programs. But new reports from key congressional committees reveal lawmakers apparent concerns that the Department of Homeland Securitys key cybersecurity technologies are insufficient to guard against nation-state attacks.
The House Appropriations Committee included alarming language in its report accompanying the fiscal year 2022 funding bill for the Department of Homeland Security, which passed the committee last month. The Committee is increasingly concerned with the ability of adversaries to circumvent and use existing cybersecurity solutions to gain access to critical systems and data, the report notes. The appropriators requested more information from Homeland Security about the departments main cybersecurity technology programs to understand if they are working as well as an examination of emerging technologies that could improve the governments data security and protection."
In August, the Senate Homeland Security and Governmental Affairs Committee, led by Sens. Gary Peters and Rob Portman, issued a bipartisan staff report reviewing the state of the federal governments cybersecurity. The news wasnt good. Across the federal government, the committee found that large agencies were earning a grade of C- and that agencies had made little progress since 2019. The Senate panel also detailed major weaknesses in the Department of Homeland Securitys technology programs. [The departments] flagship cybersecurity program for Federal agenciesthe National Cybersecurity Protection System (NCPS), operationally known as EINSTEINsuffers from significant limitations in detecting and preventing intrusions, committee staff warned.
These congressional committees and panels, which are responsible for funding and overseeing federal cybersecurity, are raising serious concerns that should be a wake-up call to the American public. The federal governments secrets and the publics data remain at risk. A closer look at the Department of Homeland Securitys cybersecurity technology projects shows that taxpayers have been spending billions on insufficient cybersecurity technologies despite long-standing concerns.
A Closer Look at Homeland Securitys Cybersecurity Technology Programs
The Department of Homeland Security operates two main technology programs intended to help secure federal civilian agencies.
Launched in 2012, the Continuous Diagnostics and Mitigation (CDM) program is aimed to help federal civilian agencies and the administration improve cybersecurity by supplying tools that provide visibility across agency networks, reduce threat surfaces, and modernize compliance with federal information security rules and reporting to the Office of Management and Budget. Through the CDM program, the Department of Homeland Security helps agencies deploy these tools, including agency dashboards, by using shared services through federal contract opportunities coordinated by the General Services Administration. The Government Accountability Office (GAO) estimates that the program has cost more than $10 billion to date.
The Einstein program, which began in 2003, is an intrusion detection and prevention system intended to filter traffic entering federal civilian agency networks and block potential attacks. Homeland Security uses information about potential threat actors, including from classified sources, and partners with internet service providers to provide a basic perimeter defense for civilian agencies. Despite an estimated lifecycle cost of more than $6 billion, the Department of Homeland Security warns that the Einstein program is not a silver bullet and will never be able to block every cyber attack.
One reason why Einstein provides only a basic filter of perimeter defense is that it is currently designed to spot and block known threats. Just as the police would not have fingerprints to identify a burglar they had never seen before, [the Einstein program] generally cannot detect a hacker no one has seen before, the Senate committee warns. Even known hackers can take easy steps to disguise their fingerprintschanging their tactics, techniques, and procedures as easily as a burglar might don gloves.
Congress has been concerned about these weaknesses in the Einstein program for years. In 2015, Congress passed a law requiring the Department of Homeland Security to test and update the Einstein programs technologies to improve its detection capabilities. But as of 2018, the GAO found that the department was still years away from having the ability to assess agency network activity and identify any anomalies that may indicate a cybersecurity compromise as Congress required back in 2015.
The costly CDM program also has a mixed track record. A 2020 GAO audit of three agencies attempts to deploy CDM found that the agencies had only partly deployed the technology tool. As a result, the information on their agencies dashboards was incomplete. A recent Office of the Inspector General review of Homeland Securitys own implementation of CDM identified big problems, despite the department spending $180 million on the project and being in charge of managing the program for other civilian agencies. The watchdog found that Homeland Security components were not using CDM services effectively. Until these capabilities are complete, the inspector general warned, the Department cannot leverage intended benefits of the dashboard to manage, prioritize, and respond to cyber risks in real time.
Even the Department of Homeland Security has acknowledged these key cybersecurity technologies may need to be updated. A Cybersecurity and Infrastructure Security Agency (CISA) official recently testified that Einsteins technology, which was designed a decade ago has grown somewhat stale over time and does not provide the visibility that CISA needs.In January, Homeland Security Secretary Alejandro Mayorkas committed to reviewing both the CDM and Einstein programs to determine if they are the right technologies to protect against current threats.
Looking Forward and Lessons Learned
If there is any good news in these developments, its that theres growing bipartisan focus on updating the federal governments apparently outdated cybersecurity technologies.
The recent congressional reports provide clues about what technologies and strategies may be coming next. The House Appropriations Committees report directs the Department of Homeland Security to study emerging technologies such as data shielding and immutable logging of suspect activity, instant threat and anomaly detection, and user behavior analytics as options to improve federal data security. The Senate Homeland Security and Governmental Affairs Committee report recommends that the department present a plan to update the Einstein program and justify its costs, while also recommending that the department help federal agencies use commercial off-the-shelf products and services for endpoint detection and other cybersecurity needs.
But the federal governments long-standing challenges to acquire the necessary technology to improve its cybersecurity posture or to comply with basic federal information security laws highlights bigger, strategic questions for Congress.
For starters, is the federal governments current organizational approach to cybersecurity appropriate? Responsibilities for securing federal data are decentralized with no single agency or office in charge. CISA has been assigned growing operational responsibilities over the past decade. But the agency also has many competing responsibilities and remains a component within the Department of Homeland Security, where cybersecurity remains just one of several pressing national security missions. National Cyber Director Chris Inglis, who was recently confirmed to lead the newly formed office, is well positioned to set governmentwide strategy and policy. But his office currently has limited funding and staffing. Congress should consider whether his office needs greater authority and resources to lead.
Congress should also consider whether the federal governments laws and policies for managing major technology acquisitions programs allow agencies to appropriately adapt and keep pace with dynamic security challenges. At the same time, Congress and the administration must redouble ongoing efforts to attract the right talent and personnel into federal agencies and congressional offices to better inform policymakers about how to manage cyber risks and appropriately oversee these complicated issues.
Whats apparent from recent major data breaches and the federal governments ongoing challenges to defend its own networks is that the current approach isnt working. Addressing the immediate technological vulnerabilities should be the top priority. But lawmakers shouldnt delay answering the larger strategic questions about why the federal government has struggled with cybersecurity for so long.
Former head of the U.S. Cyber Command and Director of the NSA Michael Rogers Joins NetAbstraction as Chairman of Advisory Board – Johnson City Press…
CHANTILLY, Va, Sept. 8, 2021 /PRNewswire/ --NetAbstraction, the security by obfuscation company, today announced that retired Admiral Michael Rogers, former head of the U.S. Cyber Command and director of the National Security Agency has been appointed Chairman of the company's Board of Advisors. Admiral Rogers will provide oversight to the company's advisors on matters of product, technology and corporate strategy.
"NetAbstraction has developed unique defensive technology that enables organizations to evade many forms of attack from both financially motivated criminals and more sophisticated adversaries," said retired Admiral Michael Rogers. "I look forward to working with the company's board of advisors and management team to help make their obfuscation products a mainstay for security conscious companies."
Michael S. Rogers, a former United States Navy admiral, served as the second commander of the United States Cyber Command(USCYBERCOM). He also served as directorof the National Security Agency (NSA) and as chief of the Central Security Service(CSS). Previously, Rogers was Commander of the Tenth Fleet and Commander of the United States Fleet Cyber Command. During his tenure, he helped transform and unify the U.S. Cyber Command, and bolster the DoD's cyberspace capabilities and expertise.
"Admiral Rogers has been one of the most influential figures in the history of the US Cyber Command and helped reshape the country's cyber defense capabilities," said Gordon Lawson, CEO of NetAbstraction. "It's a privilege and an honor to welcome him as Chairman of our Board of Advisors. His career experiences fighting the world's most sophisticated cyber adversaries will be invaluable as we drive adoption among businesses and government agencies for NetAbstraction's obfuscation technology."
NetAbstraction enables organizations to protect the privacy and security of identities and systems by intelligently selecting and obscuring global network pathways on the Internet.The company's founders previously designed, created and implemented clandestine telecommunication networks for the NSA and CIA. NetAbstraction is used by Fortune 500 organizations globally to ensure their cyber operations remain secure, anonymous, and non-attributable. For more information visit https://netabstraction.com/, and follow us on LinkedInand Twitter.
View original content to download multimedia:https://www.prnewswire.com/news-releases/former-head-of-the-us-cyber-command-and-director-of-the-nsa-michael-rogers-joins-netabstraction-as-chairman-of-advisory-board-301370680.html
On May 13, Verizon released its Data Breach Investigations Report (DBIR) 2021. This annual publication serves many purposes. It yields context into what security analysts are seeing, for instance. But it also affects organizations security postures at an even higher level.
Heres Anthony Israel-Davis, research and development manager at Tripwire, with more:
One thing that the DBIR does is it takes the things that are going on in the cybersecurity space, particularly with breaches and incidents, and breaks them down into something that is both interesting to look at from a statistics standpoint but then actionable to various industries or people who are actually doing the work to defend the enterprise. At a very high level, if you are a cybersecurity analyst and youre in the trenches, this might be old news, but if you are doing strategy, if youre trying to determine what to do in your space, this is a great report to understand whats going on out thereespecially year to year.
Of course, there are only so many initiatives that organizations can take on each year. Organizations therefore need to be strategic about what security priorities they elect to pursue. This reality raises some interesting questions. What if they dont know which security objectives to take up? What if theyre looking to maximize the latest DBIRs findings for the year ahead?
If organizations find themselves in that position, they can develop a multi-part strategy that focuses on some or all of the following five objectives.
In its DBIR 2021, Verizon explained that phishing continued its reign as one of the top Action varieties in breaches. But it also noted that phishing was more prevalent in 2020, accounting for 36% of breaches. Thats up from 25% a year prior, an increase which reflects the influx of pandemic-related phishing lures in the first half of 2020.
Acknowledging this growth of phishing, CISOs and other security professionals need to prioritize the creation of an anti-phishing program. Phishing attempts regularly target non-IT staff with convincing messages using psychological techniques to create a sense of urgency that motivates recipients to click. They thus need to invest in educating their personnel about phishing, making sure that everyone within their organization from HR to legal to R&D understands red flags to look for, how to report suspicious messages, and what to do if they clicked a link or opened a file contained within a phishing email.
At one point in its report, Verizon stated that doing the basics will help against the vast majority of the problem space that is most likely to affect your organization. Not every organization knows what the basics consist of. Fortunately, they can look to the CIS Controls.
A prioritized list of best practices maintained by the Center for Internet Security, the CIS Controls constitute a free, highly respected framework that organizations can use to ensure that they have the most important security controls in place. One way they can look at the fundamental security imparted by aligning with the CIS Controls is to think of their organizations digital environment as a house. Without basic security in place, anyone can enter. Adhering to fundamental security controlsespecially those listed in Implementation Group 1 of the CIS Controls v8can help to close the windows, lock the doors, and put a standard security system in place. While nothing can completely eradicate the possibility of a break-in, implementing the CIS Controls can help to decrease the likelihood and impact of a breach.
Verizon found in its DBIR 2021 that breaches involving older vulnerabilities were more common than those exploiting more recent weaknesses. Part of the reason for this trend is that organizations dont always approach patching as a priority. In the absence of diligent patching practices, attackers can use the same exploits against the same vulnerabilities for years on end.
Organizations can do their part to address this trend by emphasizing vulnerability management (VM), the process of scanning networks for known vulnerabilities (often referring to a list of CVEs or common vulnerabilities and exposures) before prioritizing and remediating those vulnerabilities based on risk severity. Admittedly, one of the more difficult aspects of running a successful VM program is understanding which vulnerabilities to work on mitigating first. When vulnerabilities pile up, it can be a challenge to tell which ones are the most serious and potentially damaging. Organizations can therefore elect to work with advanced VM solutions that provide flexible, granular scoring systems for prioritizing known flaws.
In this years publication, Verizon relayed that external cloud assets were more common than on-premises assets in both breaches and incidents. This observation highlights the need for organizations to understand their cloud security responsibilities. While their cloud security provider will safeguard the cloud infrastructure they are utilizing, its their responsibility to ensure that all their company data and processes added to the cloud are secure.
How do they do that? Advanced cloud account monitoring cybersecurity tools can scan their cloud accounts for the misconfigurations that could serve as open windows for attackers. For example, cloud monitoring tools can prioritize cloud account misconfigurations in order of risk level so they can address the most critical issues first. This will help them to keep their assets secure as their presence in the cloud continues to evolve and grow.
Verizon witnessed threat actors preying on industrial environments, particularly those in the manufacturing sector. Indeed, researchers documented a 61.2% increase of ransomwares part in malware-associated breaches involving manufacturing organizations over previous years. They also learned that personal data was the most compromised data type in those breaches.
Organizations can respond by prioritizing their industrial cybersecurity. In addition to educating their teams about the importance of cybersecurity for increasingly connected operational technology (OT) environments, for instance, one of the most important things they can do to secure the OT side of their organization is to implement an industrial visibility solution. Visibility starts with holistic asset inventory, so they can use a tool that shows them exactly whats on their network via a complete inventory of hardware and software assets. They need to know who these devices are communicating to, know if their configurations are changing, know what vulnerabilities are applicable, and know what their logs are telling them. Once they achieve real-time visibility, they can then implement protective security controls and continuously monitor their environment.
For more information about where to spend your time in the DBIR 2021, check out this resource published on the State of Security.
The Domain Name System (DNS) is the index of the internet. When you browse to domain names like facebook.com or twitter.com, your device uses DNS to look up the IP addresses (e.g. 126.96.36.199) it needs to load those resources.
It's a simple idea, but one that has a huge effect on many areas of your internet life. In this article we'll talk more about how DNS works, and why it's important to your internet speeds, privacy, security and more.
Connect to the internet and your ISP normally assigns you at least two DNS servers (there's a spare in case the primary server fails). Every time you enter a new domain in your browser, your device sends a query to the primary DNS server, which translates it to the IP address you need.
Although this looks simple from your point of view, your ISP's DNS server (technically, a DNS recursor) must work with several other servers to make this happen.
The recursor first sends a request to a DNS root server. This looks at the extension of the domain (.com, .net, .org and so on) and returns the address of a Top Level Domain (TLD) nameserver which handles that domain type.
Your ISP's recursor then sends your query to the TLD nameserver, which passes back the authoritative nameserver for that domain.
Finally, the recursor sends your query to the authoritative nameserver, the one holding the actual record for this website.
This final DNS server returns the domain IP address to the recursor, which passes it back to your device. Finally, your browser can connect to it and begin accessing the site.
DNS queries are surprisingly fast, even though there's so much happening under the hood. Smart optimization and minimal bandwidth use means that a fast server close to you can return an IP in under 10 milliseconds.
Other DNS servers might take more than 100 milliseconds, though, and that's when DNS speed begins to make a noticeable difference. Especially as a single website might load resources from many domains.
If you access bigsite.com, for instance, it might load images from one server, scripts from another, adverts from several providers, social networking buttons for various platforms, and who knows what else. Every new domain requires another DNS query before you can access that resource... and they all add up.
Apps and devices reduce the impact of DNS queries by storing the IP addresses in a cache, and using them again for future connections.
On PCs, for example, DNS query results are stored by the browser and the operating system. You might wait a whole second for DNS queries on your first visit to bigsite.com, but visit another page on the site and your device uses the logged IP addresses for a near instant response.
DNS caches are normally lost when an app closes or your device restarts, so any DNS query delay will be back in your next session, just for the first visit to a site. But caching is still a worthwhile scheme which makes websites feel snappier and more responsive.
DNS servers are hugely powerful, as they have full control over the websites you can access. If a server doesn't want you to access a domain, it can filter out that request: return an error rather than an IP address, and you won't be able to browse the site.
DNS filtering is often a very good idea. It can block malicious or phishing websites, maybe restrict access to adult or other child-unfriendly sites (so great as part of a parental controls setup).
Other DNS filtering uses range from irritating to seriously scary. Your school Wi-Fi might block access to social media or streaming websites, for example, leaving you working out ways to unblock YouTube and others. And at the more worrying end of the scale, repressive governments can use DNS and other network trickery to keep their populations away from information they'd prefer to hide - it's no wonder guides to using WhatsApp in China are so well searched.
There are privacy and security concerns, too. If whoever runs the DNS server knows who you are (your ISP, say), it could log all the sites you visit to build a browsing history. A malicious hotspot operator might even detect users visiting a banking site, then redirect them to a fake site and steal their details.
Fortunately, there is a way to fight back. Connect to a VPN and your DNS queries are redirected through an encrypted tunnel to the VPN server, and handled there. With no way to see what you're doing, the network can't block you, and you're free to browse as normal.
Switching DNS servers isn't just for countries where you go to prison for registering thegovernmentsucks.com. Changing to another DNS provider can bring real benefits to everyone.
Some servers are optimized for speed. As we write, for instance, Benchmarking site DNSPerf lists 10 public DNS resolvers with average query times ranging from 14ms to almost 140ms. If your server is at the bottom end of that list, switching to something better could make a real difference.
As we've mentioned, other DNS servers can filter content to block ads, trackers, malicious, phishing or family-unfriendly sites, depending on your needs. This can be a really effective idea as it automatically protects all your apps, with no need to install any other software.
Switching DNS isn't a good idea for everyone. Some parental controls, antivirus and internet security apps already replace your DNS servers with their own, and switching to something else means you'll lose at least some of their protection.
If you're interested, though, some of the fastest DNS servers around are available for free. Check our best DNS server guide for more.
Today's best overall VPNs in full:
See the original post:
What is DNS and how does it work? - TechRadar
Elibomi, an Android malware, has targetted Indian taxpayers by stealing their financial information in a phishing attack, according to a blog post by McAfees Mobile Research team. The antivirus company disclosed that the attackers lure in unsuspecting users by pretending to be a fake tax-filing application.The company picked out two campaigns in November 2020, and May 2021, which relied on phony tax-filing themes to target users.
Cyber attacks have increased exponentially since the pandemic as lockdowns caused by COVID-19 triggered a rapid adoption of digital tech. The surge in digitisation has also invited the attention of hackers and scammers who see this as an opportunity ripe for the taking. Phishing is a cyber attack that uses disguised email as a weapon and is notoriously difficult to sniff out, given its sophistication.
It is also the reason why it is one of the most common types of cyber attacks. Phishing constituted almost one-third of all cyber attacks in 2019 as per Security Intelligence. The attacks have increased by 600% during the pandemic. The consequences can be damaging in most cases as it results in severe financial losses.
McAfee explained that the delivery of malware takes place through an SMS text.
The SMS message pretends to be from the Income Tax Department in India and uses the name of the targeted user to make the SMS phishing attack more credible and increase the chances of infecting the device. The fake app is designed to capture and steal the victims sensitive personal and financial information by tricking the user into believing that it is a legitimate tax-filing app, the post read.
Heres how cybercriminals display the original logo to trick users into installing the fake iMobile app:
Image credits: McAfee
The stolen data includes e-mail addresses, phone numbers, SMS/MMS messages among other financial and personal identifiable information. McAfee added that the malware exposes stolen information to anyone on the Internet.
McAfee advised users to follow these steps:
Elibomi has been able to gather sensitive information from affected users which could be used to perform identity and/or financial fraud. Even more worryingly, the information was not only in cybercriminals hands, but it was also unexpectedly exposed on the internet which could have a greater impact on the victims, the company informed.
February 2021: Hindustan Times reported that a number of senior government officials, including those from the ministries of defence and external affairs, were targetted in a phishing campaign with attackers using compromised government domain email accounts to launch their hacking attempts. The National Informatics Centre (NIC) issued an alert soon after the attack but there was no confirmation whether any targetted computers were compromised.
March 2021: A response to a parliamentary question revealed that CERT-In, Indias nodal cyber security agency, was working with the Reserve Bank of India (RBI) and other banks to track and disable phishing websites in an effort to thwart online frauds.
July 2021: Researchers at Seqrite, the cybersecurity arm of Quick Heal Technologies, claimed that they found sophisticated phishing attempts targetting Indian critical infrastructure PSUs across sectors of finance, power, and telecom by a Pakistan-linked group. The PSUs were targetted to get access to sensitive information including screenshots, keystrokes, & files from the affected system.
July 2021: Kaspersky Internet Security found that India was among the top three countries facing phishing attacks primarily via instant mobile messaging apps like Facebook-owned WhatsApp and Telegram. Countries experiencing the highest number of phishing attacks were Russia (46 percent), Brazil (15 percent), and India (7 percent).
August 2021:CERT-Inwarned that scammers were targetting banking customers in India with a new type of phishing attack to collect sensitive information such as internet banking credentials, mobile numbers, and OTP to carry out fraudulent transactions. It said that the malicious activity is carried out using the ngrok platform (cross-platform application).
Have something to add? Post your comment and gift someone a MediaNama subscription.