Category Archives: Internet Security
A ton of Ruckus wireless routers are vulnerable to hackers – TechCrunch
A security researcher has found several vulnerabilities in a number of Ruckus wireless routers, which the networking giant has since patched.
Gal Zror told TechCrunch that the vulnerabilities he found lie inside in the web user interface software that runs on the companys Unleashed line of routers.
The flaws can be exploited without needing a routers password, and can be used to take complete control of affected routers from over the internet.
Routers act as a gateway between a home or office network and the wider internet. Routers are also a major line of defense against unauthorized access to that network. But routers can be a single point of failure. If attackers find and take advantage of vulnerabilities in the routers software, they can control the device and gain access to the wider internal network, exposing computers and other devices to hacks and data theft.
Zror said his three vulnerabilities can be used to to gain root privileges on the router the highest level of access allowing the attacker unfettered access to the device and the network.
Although the three vulnerabilities vary by difficulty to exploit, the easiest of the vulnerabilities uses just a single line of code, Zror said.
With complete control of a router, an attacker can see all of the networks unencrypted internet traffic. An attacker also can silently re-route traffic from users on the network to malicious pages that are designed to steal usernames and passwords.
Zror said that because many of the routers are accessible from the internet, they make very good candidates for botnets. Thats when an attacker forcibly enlists a vulnerable router or any other internet-connected device into its own distributed network, controlled by a malicious actor, which can be collectively told to pummel websites and other networks with massive amounts of junk traffic, knocking them offline.
There are thousands of vulnerable Ruckus routers on the internet, said Zror. He revealed his findings at the annual Chaos Communication Congress conference in Germany.
Ruckus told TechCrunch it fixed the vulnerabilities in the 200.7.10.202.92 software update, but said that customers have to update their vulnerable devices themselves.
By design our devices do not fetch and install software automatically to ensure our customers can manage their networks appropriately, said Ruckus spokesperson Aharon Etengoff. We are strongly advising our customers and partners to deploy the latest firmware releases as soon as possible to mitigate these vulnerabilities, he said.
Ruckus confirmed its SmartZone-enabled devices and Ruckus Cloud access points are not vulnerable.
Its very important for the customers to know that if theyre running an old version [of the software], they might be super vulnerable to this very simple attack, said Zror.
Originally posted here:
A ton of Ruckus wireless routers are vulnerable to hackers - TechCrunch
4 Ways to Make Security Training A Priority in Your Healthcare Organization – HIT Consultant
Craig Smith, EVP of Operations at Absorb Software
cc
Healthcare finally made the shiftit went digital. Overdue, perhaps and maybe less rapid than the transition by other industries but nonetheless notable. The age of the Internet of Medical Things (IoMT) has dawned, and healthcare is riding the wave. You go, healthcare!
For healthcare organizations, the advent of IoMT means new technology tools like smart medical devices extending and streamlining care throughout the hospital. This gives clinicians more mobility and more efficiency in providing patient care. The shift to a completely digitized environment; however, gives the entire healthcare IT infrastructure something else to worry about: new cybersecurity risks.
Healthcare Cyber Threats Are Real
A recent study by Kaspersky confirms this cyber threat, with study data pointing to a significant lack of security awareness among healthcare organizations in both the U.S. and Canada. How big is this risk? Nearly one third (32%) of survey respondents said they had never received cybersecurity training from their employer, while 21% admitted they were not aware of the cybersecurity policy at their workplace.
This is a dangerously high level of exposure, especially when you consider the number of potential threats healthcare organizations face and the resulting impact on Personal Health Information (PHI) and associated data privacy regulations. Phishing attacks represent the biggest cybersecurity threat, cleverly disguised requests for login credentials to dupe unsuspecting employees into providing their usernames or passwords, which would then be used to gain unauthorized access to systems and data establishing an entry point into the target organization for data gathering and establishing an attack plan
Healthcare organizations urgently need a more proactive approach to security training.
Cybersecurity Isnt Just a Tech Problem
When it comes to cybersecurity, awareness matters. But business leaders need to think beyond their IT department and instead focus on training all employees on how to identify and address key risks. Everyone across the organizations regardless of his or her role needs to be equipped with knowledge and skills to protect against threats or attacks. And its not enough to just do the bare minimum to meet compliance or other regulatory requirements. Organizations need blended learning & development (L&D) and other training strategies that empower your employees to protect against cyber-attacks.
The following L&D guidance for cybersecurity training will help healthcare organizations overcome these hurdles and make security training more effective preventing untold costs in security incidents.
1. Make It Simple and Clear
People can be a powerful force when it comes to preventing cybercrime. But individuals often believe they are not a target, which exposes the organization to tremendous risk. Its important to address this misconception and explain the critical importance and benefits of leveraging a cybersecurity awareness and training program. Employee training should explain how threats work, and include recent examples of phishing messages. This will give learners a clear picture of how to detect possible threats, and respond accordingly. It is also recommended that organizations only focus on a single awareness and training topic per quarter to avoid overloading staff with too much information at one time.
2. Vary Your Training Techniques
Plan on using a blend of learning techniques to provide a combination of simulation and engagement. Why? This will build employee confidence in real-world security encounters. If you just lecture to your team, or more likely, have expert conduct the lecture, complete with ominous warnings about worst-case cybersecurity scenarios, your lesson may just backfire. Youll scare them about hackers, but not inspire any behavioral change. By blending the training techniques in your learning management system to include interactive components, videos, and a few real-life examples, you stand a much better chance of having the learning stick.
3. Keep a Steady Drumbeat of Learning
Continuous reinforcement of key lessons is more effective than long learning sessions that can be hard to digest. You can still perform annual cybersecurity training. But also assign microlessons and short quizzes throughout the year to keep learning fresh and top of mind. This way, when its test time everybodys ready to succeed. Thanks, coach!
4. Use Non-Experts
Perhaps the most important way to change employee behavior is by having the message about cybersecurity come from someone human and relatable. This approach can help employees build confidence in secure behaviors and avoid errors in real-world situations. Human behavior is more complex than just technical expertise. Including instructors with soft skills is crucial, according to a recent study of over 1,700 security pros from the SANS Institute. Enlist nontechnical staff members to create engaging learning modules, such as real-life examples your workforce can relate to.
The unique challenges of healthcare
Its been well established that healthcare is now more vulnerable to breaches than any other industry, and the implications of an attack go far beyond data privacy. Cyber incidents can potentially compromise patient safety and interfere with care delivery. Yet, healthcare workers are not getting the consistent education they need to keep organization and patient data safe. These vulnerabilities are exacerbated by the unique challenges healthcare presents, which makes training extremely difficult.
Unfortunately, there is no single, all-encompassing formula for ensuring that employees actually learn and apply the cybersecurity lessons theyre taught. Training can, however, go a long way in mitigating threats. By aligning with these tips, you can ensure your healthcare organization is taking the optimal steps to prepare your team for the new IoMT world, and its related cybersecurity risks.
About Craig Smith
Craig Smith serves as the Executive Vice President of Operations forAbsorb Software, acloud-based learning management system (LMS) engineered to inspire learning and fuel business productivity.Rising through the Absorb leadership ranks, Craig started as the Director of Technology before pivoting to lead Operations as its Vice President. Craig continues to leverage his IT roots to elevate the Absorb customer experience, drawing on his time as a developer at Honeywell International, building websites for clients at Autodata Solutions and leading a team of developers at AGAT Laboratories.
See the original post:
4 Ways to Make Security Training A Priority in Your Healthcare Organization - HIT Consultant
Discover Lafayette podcast with Rader Solutions’ security team: Here are 9 tips to prevent data breaches – The Advocate
Rader Cyber Security Team Discusses Threats to Small Businesses from Discover Lafayette on Vimeo.
The list of major security breaches keeps growing: Pensacola, Baltimore, the Texas Attorney General's Office, South Carolina Department of Revenue and the Louisiana Department of Motor Vehicles.
Success! An email has been sent with a link to confirm list signup.
Error! There was an error processing your request.
How do you protect your system from hackers? The cyber security team at Rader Solutions in Lafayette -- chief security officer Tim Fournet, head of security operations Sarah Bryson and cyber security analyst Tyler Robertson -- spoke about that with Jan Swift of the Discover Lafayette podcast.
You can listen to their conversation here.
Fournet, who has been with Rader for 14 years, said the company typically manages entire computer and telephone systems to prevent problems for businesses ranging in size from 10 to 1,000 employees.
With the increase of criminal activity over the internet, most of which is untraceable, Rader teachers clients to understand the risks that are out there and how to better protect themselves with security measures.
Here are Rader's nine computer safety tips:
1. Use strong passwords.
2. Dont email sensitive information.
3. Install computer and software updates.
4. When making payments online, make sure the website is using HTTPS.
5. Always secure your wireless network with a good password.
6. Dont write down passwords or store them in a MS Office document.
7. Be wary of email attachments from unknown senders.
8. Dont wire money based on an email request from a fellow employee without a verbal affirmation that the request is legitimate.
9. Lock your computer when you walk away.
Follow Adam Daigle on Twitter, @adamdaigleAdv.
See original here:
Discover Lafayette podcast with Rader Solutions' security team: Here are 9 tips to prevent data breaches - The Advocate
The MS-ISAC Helps State and Local Governments Boost Their Cybersecurity – StateTech Magazine
As ransomware attacks proliferate across state and local governments, agencies can turn to a key federally funded ally the Multi-State Information Sharing and Analysis Center.
The MS-ISAC and the Elections Infrastructure Information Sharing and Analysis Center are staffed and operated by the Center for Internet Security through a cooperative agreement with the U.S. Department of Homeland Security at the CIS Security Operations Center24 hours a day, 365 days a year.
DHS designated the MS-ISAC as the key cyberthreat resource for the prevention, protection, response, and recovery for the state, local, tribal and territorial (SLTT) community. Throughout the past year, for example, the MS-ISAC helped SLTT agencies fight ransomware such as RobbinHood and LockerGoga.
Leveraging the experience of the MS-ISAC, CIS established the EI-ISAC following the 2016 elections. The EI-ISAC is fully operational in all 50 states, with over 2,000 local election offices as members. Membership is free to all SLTT agencies. EI-ISACs 24/7 operations share and correlate information on cyberthreats affecting members, including threats against internet-connected voting systems.
MORE FROM STATETECH: Discover how vulnerability scans can help secure election systems.
Sounds impressive, but what does the MS-ISAC really provide for its members? As a membership organization working exclusively with the SLTT community, the MS-ISAC has unparalleled insight into the cybersecurity threats and challenges faced by state and local government entities. Whether an agency is a large state IT department or a one- person operation handling a local school district, the MS-ISAC can help defend an organization from cyberthreats.
The CIS SOC is the MS-ISACs front line in the battle against cyberthreat actors. Trained SOC analysts and intelligence professionals work tirelessly reviewing logs and threat vectors, responding to calls and helping members navigate the complex world of cybersecurity. In conjunction with the SOC, the MS-ISAC offers members access to a premier computer emergency response team. This team provides forensic services, malware and vector identification.
The SOC team reviews thousands of logs more precisely, 37 petabytes of data per month looking for indicators of compromise. The data about cybercrimes affecting SLTT governments comes from open sources and nonpublic threat information received from the federal government.
In addition, the MS-ISACs intrusion detection system, called Albert, has been deployed across the United States and its territories. This passive monitoring device resides just outside members networks, where internet traffic meets members systems. The signature-based device is not a firewall; rather, it monitors network traffic to find suspicious activity. If a signature fires, the SOC is notified. Analysts review the event and determine what the signal is.
If warranted, the SOC then notifies an entity of a possible issue. The CIS ensures a very low false positive result thanks to a user review.
MORE FROM STATETECH:Keep an eye on these4 IT trends in state and local government in 2020.
The MS-ISAC ties this information together to provide its membership with timely alerts about attacking addresses and domains to help keep firewalls current. Combined with the ISACs IP- and domain-monitoring services and port profiler, the CIS offers a diverse toolkit to bolster cyberdefenses for MS-ISAC and EI-ISAC members.
These are just a few of the services offered to the SLTT community absolutely free of charge by the MS-ISAC. There are many others, including CIS SecureSuite membership, awareness campaigns, newsletters for both the security professional and the layperson, web-based malicious code analysis platforms, threat stream assessments and more.
To join the MS-ISAC or EI-ISAC and begin taking advantage of its many benefits, visit the Center for Internet Security at cisecurity.org.
More here:
The MS-ISAC Helps State and Local Governments Boost Their Cybersecurity - StateTech Magazine
#SocialSec Hot takes on this week’s biggest cybersecurity news (Dec 27) – The Daily Swig
Russia clamps down on the internet; ToTok used for state spying; and a critical vulnerability impacts Citrix applications worldwide
Vladimir Putins latest attempts to isolate Russia from the global internet caused the computer systems at several airports in the country to crash this week, according to an independent Russian TV station.
On December 24 The BBC reported that Russia had taken a major step towards emulating Iran and China in internet control after road-testing a gigantic intranet, in the words of computer scientist Professor Alan Woodward.
The sovereign Runet would effectively turn Russias online realm into a government-controlled walled garden by blocking, or regulating, the undersea nodes through which data is transmitted between national communication networks.
But while the Ministry of Communications claimed the test of the system was a success, Dozhd, or TV Rain, reported that check-in, baggage handling, and other systems at five airports had promptly crashed as a result of the operation.
Russia, which stands accused of weaponizing the global internet to destabilize liberal Western democracies, is also creating its own Wikipedia to combat fake news.
The United Arab Emirates (UAE) government is undermining digital rights beyond its own borders via a free messaging app with millions of users, US officials believe.
Apple and Google removed ToTok, a popular Emirati chat app, from their app stores following a report in The New York Times (December 22) that claimed UAE intelligence agencies were using the platform to track users conversations, locations, and photos, among other data.
ToTok, which blamed the removal on a technical issue, has alerted would-be users to its continuing availability through its own website, or their phone manufacturer's app store.
Only a few months old, the app already has users in Europe, Asia, Africa, and North America, as well as the Middle East.
A 22-year-old man who dodged jail after blackmailing Apple has claimed his elaborate extortion bluff started out as a legitimate business idea.
According to the UKs National Crime Agency (NCA), whose investigation led to his arrest, Kerem Albayrak threatened in 2017 to hack 250 million iCloud accounts, reset iCloud passwords, and factory-reset users' devices if the tech giant didnt pay a $100,000 ransom.
But Albayrak told Forbes that his ostensible hacking group, Turkish Crime Family, was actually a marketing vehicle and that he originally sought to whip up a storm of press coverage before launching a database search engine that would enable people to secure their accounts.
However, operating in a community frequented by cybercriminals had fuelled his decision to do something stupid in a bid to make a bigger PR splash.
Despite purporting to show otherwise in a now-deleted YouTube video, Albaryak only had access to login details leaked through other data breaches, according to Apple.
Albayrak was sentenced to a two-year suspended jail term, 300 hours of unpaid work, and a six-month electronic curfew at a London court on December 21.
And nothing screams the holidays better than a critical vulnerability impacting 80,000 companies worldwide.
On Monday (December 23) Positive Technologies disclosed a bug in two prominent Citrix applications that, if exploited, could allow an attacker to perform arbitrary code execution and obtain access to a companys local network via the internet.
Citrix products are typically used so that employees can connect to their companys internal applications remotely.
All versions of Citrix Application Delivery Controller (ACD) and Citrix Gateway are vulnerable to the flaw, which has been assigned as CVE-2019-19781 and is said to be easy to exploit since no authentication is required. A PoC has not been publicly released.
Considering the high risk brought by the discovered vulnerability, and how widespread Citrix software is in the business community, we recommend information security professionals take immediate steps to mitigate the threat, said Dmitry Serebryannikov, director of the security audit department at Positive Technologies in its blog post.
Companies operating in the US, the UK, Germany, the Netherlands, and Australia are among those affected. Citrix has advised these mitigation steps in its initial security bulletin from December 17. A patch is expected to be published in the near future.
And finally; Britains foreign intelligence service, MI6, has had a somewhat stressful festive season after sources in The Sunreport that building plans for the agencys iconic Vauxhall Cross headquarters had gone missing in the midst of refurbishment work.
More than 100 documents, which were sensitive but not classified, were implicated in the security breach, which is believed to have been an accident that occurred two weeks ago.
The source told the newspaper: The whole building went into lockdown and all the construction workers were kept in isolation.
To lose such sensitive documents was grossly irresponsible.
They showed the layout of the building and specifically where alarms and other security measures were. The documents would be gold dust to any enemy agents or terrorists.
Most of the documents were later found. Balfour Beatty, the construction company in charge of the renovation, was subsequently sacked.
Designed by Sir Terry Farrell, the MI6 HQ building, one that has become synonymous with the James Bond film franchise, was completed in 1994 for 135 ($177) million.
On reviewing the new addition to the Thames Embankment, British writer and design critic Deyan Sudjic is reported to have said: It's a design which combines high seriousness in its classical composition with a possible unwitting sense of humour.
The building could be interpreted equally plausibly as a Mayan temple or a piece of clanking art deco machinery.
Additional reporting by Catherine Chapman.
See the rest here:
#SocialSec Hot takes on this week's biggest cybersecurity news (Dec 27) - The Daily Swig
Ookla Adds Free VPN To It’s Speedtest App For iOS And Android – Techworm
Speedtest.net is a popular web service around the worldthat provides free analysis ofinternet accessperformance metrics.
Now, Ookla, makers of the original Speedtest.net website, has launched a new free VPN service: Speedtest VPN, to spread its reach in the VPN market.
For those unaware, a Virtual Private Network (VPN) is an internet security toolthat encrypts your devices internet connection in order to secure your online privacy while browsing the internet.
A VPN also anonymizes your internet IP address and your geographic location.
Ookla has partnered with Seattle-based company NetProtect to offer this free VPN service. NetProtect already manages the infrastructure of major vendors including IPVanish, Encrypt.me, etc.
Like other VPN services, Ookla claims zero-logging policy and assignsshareableIP addressesfrom a collection of more than40,000 addressesto anonymize users identity.
In order to use Ooklas free VPN on your device, you need to use the latest version of the Speedtest app for Android or iOS.
Open the app and you will see the VPN option (with padlock icon) at the bottom of the Speedtest app. Tap on this to open VPN options. Here, you will see a toggle button, tap on this. Then follow the steps to create the Speedtest VPN profile on your device.
Currently, the Speedtest VPN service is in the beta phase and is being offered for free from within the Speedtest app.
Further, users get 2GB of free data to consume every month. However, once the VPN service comes out of beta, Ookla will offer paid plans to give users more bandwidth. Additionally, users who dont subscribe to the paid plans will still continue to get 2GB free data every month.
Currently, the Speedtest VPN service is only accessible to mobile users (Android and iOS). There is no option of VPN service for desktop clients.
If you are looking for a free VPN service to use, Speedtest can certainly be looked at as an option.
However, they are many other best free and paid VPN services available in the market. To know more, check out our article on The Best VPN Service For 2020.
Read the rest here:
Ookla Adds Free VPN To It's Speedtest App For iOS And Android - Techworm
How to Keep a Security Breach Out of your Internet-Connected Stocking this Christmas – Forbes
ID 63400131 Gstockstudio1 | Dreamstime.com
With every passing holiday season, the number of Internet-connected, electronic devices that fill our homes continues to grow, from smart assistants like Amazon Alexa and Google Home, to the video-doorbell Ring, to the now-ubiquitous Nest thermostat. These Internet-of-Things (IoT) devices have quickly changed our daily lifestyles, and we dont expect this trend to slow down anytime soon.
As the number of consumer-focused IoT devices continues to expand, businesses are quietly increasing their use of Internet-connected devices as well. These devices include broadly used technology such as printers, security cameras, Bluetooth keyboards and HVAC systems, as well as industry-specific devices such as manufacturing sensors, MRI machines, metal detectors and more. And as the use of all these devices grows, the potential security threats associated with them increase as well. Simply put, more Internet connections and endpoints in a business means more opportunities for hackers to exploitbut unfortunately, many businesses are not set up to deal with this issue.
Its a growing concern for businesses in a diverse set of industries. Gartner predicts that the overall enterprise and automotive IoT market will grow to 5.8 billion endpoints in 2020 (growing 21% year-over-year). Enterprises in sectors including healthcare, manufacturing, hospitality, retail and others have realized that the number of unmanagedand sometimes even unknownIoT devices in their facilities continues to grow, raising management and security concerns.
A recent Forrester survey of 403 technology decision-makers in business found that 69% of them estimated that half of all devices on their enterprise networks were IoT devices that could not be managed via traditional security tools. As a result, 79% of these executives were very to extremely concerned about device security.
This new, hyper-connected environment has already spawned high-profile security attacks. The WannaCry ransomware crypto-worm famously infected more than 230,000 computers in 150 countries and took down half of the hospitals in the UK, after malware infected out-of-date Windows XP devices. The U.S., U.K. and Australia publicly said North Korea was behind the attack. There also have been more pointed, and creative IoT-related security incidents: Hackers stole a reported 40 million customer credit-card numbers from Target due to a breach of a third-party HVAC system used by the company, and security company Darktrace said last year that hackers stole a casinos database of high-roller gamblers via a thermometer in a lobby aquarium.
Often, device manufacturers do not develop their products with security in mind, which increases the need for companies to deploy technology and policies to discover, manage and enforce the use of IoT devices. We think there is a sizable market for such solutionswhich is one reason were excited to announce our investment today in Ordr*.
Ordr, based in Santa Clara, Calif., has an innovative approach to securing managed and unmanaged IoT devices. Taking a network approach by focusing at the device packet-flow level, Ordrs technology can take inventory of devices, monitor their behavior and create a device flow snapshot to understand vulnerabilities in a network and provide protection against intruders. By doing so, Ordr allows security teams to write policies for firewalls and to micro-segment devices on networks so they only connect with other devices and networks that they need to. The technology also provides insight into all devices across a network in a single view.
The company is led by experienced network-and-security executives including CEO Greg Murphy, the former CEO of Zenreach who was previously the VP of business operations at Aruba Networks; Chief Product Officer Pandian Gnanaprakasam, previously the chief development officer and VP engineering at Aruba; and Chief Scientist Sheausong Yang, the former chief architect and VP technology at Aruba.
Ordrs products help security personnel address a top budget priority while supporting the rapid expansion in IoT devices, which are increasingly needed by companies becoming more software-centric in this age of digital transformation. We are excited to partner with the Ordr team to help promote a more connected, but also secure, business environment.
More here:
How to Keep a Security Breach Out of your Internet-Connected Stocking this Christmas - Forbes
Internet Security Market: Deep Analysis by Production Overview and Insights 2019-2025 – Drnewsindustry
The Report Titled on Global Internet Security Market Size, Status and Forecast 2025 firstly introduced the Internet Security basics: Definitions, Classifications, Applications And Market Overview; product specifications; manufacturing processes; cost structures, raw materials and so on. This Internet Security industry report also provide crucial insights that facilitate theInternet Security Market Trends, Drivers, Market Dynamics, Opportunities, Competitive Landscape, Share via Region, Price and Gross Margin, New Challenge Feasibility Evaluation, Analysis and Guidelines on New mission Investment. In the end, there are 4 key segments covered in this Internet Security market report: competitor segment, product type segment, end use/application segment and Internet Security industry geography segment.
Get Free Sample PDF (including full TOC, Tables and Figures)of Internet Security[emailprotected]https://www.researchmoz.us/enquiry.php?type=S&repid=1871684
Internet Security Market Analysis by Players: This report includes following top vendors in terms of company basic information, product category, sales (volume), revenue (Million USD), price and gross margin (%).
HPE IBM Intel Symantec AlienVault BlackStratus Check Point Software Technologies Cisco Cyren Fortinet F-Secure Gemalto Kaspersky Lab Microsoft Palo Alto Networks RSA Sophos Trend Micro Trustwave Holdings Wurldtech Security Technologies
Scope of Internet Security Market:Internet security is a branch of computer security specifically related to the Internet, often involving browser security but also network security on a more general level, as it applies to other applications or operating systems as a whole. Its objective is to establish rules and measures to use against attacks over the Internet.
Split by Product Types, with production, revenue, price, and market share and growth rate of Internet Security market in each type, can be divided into:
Malicious software Denial-of-service attacks Phishing Application vulnerabilities
Split by applications, this report focuses on consumption, market share and growth rate of Internet Security market in each application, can be divided into:
Government Banking financial services and insurance (BFSI) Manufacturing Information communication and technology (ICT) Retail Healthcare
Do You Have Any Query Or Specific Requirement? Ask to Our Industry[emailprotected]https://www.researchmoz.us/enquiry.php?type=E&repid=1871684
Geographically, the report includes the research on production, consumption, revenue, Internet Security market share and growth rate, and forecast (2019-2025) of the following regions:
Key highlights of Internet Security market report include:
Overview of Key Market Forces Propelling and Restraining Internet Security market growth.
Up-to-date analyses of Market Trends and Technological Improvements of Internet Security market.
Pin-point analyses of Internet Security market competition dynamics to offer you a competitive edge.
An analysis of Strategies of Major Competitors.
An array of graphics and SWOT analysis of major Internet Security market segments.
Detailed analyses of Internet Security industry trends.
Contact:
ResearchMozMr. Nachiket Ghumare,Tel: +1-518-621-2074USA-Canada Toll Free: 866-997-4948Email:[emailprotected]
Browse More Reports Visit @https://bit.ly/2Sepby2
View original post here:
Internet Security Market: Deep Analysis by Production Overview and Insights 2019-2025 - Drnewsindustry
The Great $50M African IP Address Heist – Krebs on Security
A top executive at the nonprofit entity responsible for doling out chunks of Internet addresses to businesses and other organizations in Africa has resigned his post following accusations that he secretly operated several companies which sold tens of millions of dollars worth of the increasingly scarce resource to online marketers. The allegations stemmed from a three-year investigation by a U.S.-based researcher whose findings shed light on a murky area of Internet governance that is all too often exploited by spammers and scammers alike.
There are fewer than four billion so-called Internet Protocol version 4 or IPv4 addresses available for use, but the vast majority of them have already been allocated. The global dearth of available IP addresses has turned them into a commodity wherein each IP can fetch between $15-$25 on the open market. This has led to boom times for those engaged in the acquisition and sale of IP address blocks, but it has likewise emboldened those who specialize in absconding with and spamming from dormant IP address blocks without permission from the rightful owners.
Perhaps the most dogged chronicler of this trend is California-based freelance researcher Ron Guilmette, who since 2016 has been tracking several large swaths of IP address blocks set aside for use by African entities that somehow found their way into the hands of Internet marketing firms based in other continents.
Over the course of his investigation, Guilmette unearthed records showing many of these IP addresses were quietly commandeered from African businesses that are no longer in existence or that were years ago acquired by other firms. Guilmette estimates the current market value of the purloined IPs hes documented in this case exceeds USD $50 million.
In collaboration with journalists based in South Africa, Guilmette discovered tens of thousands of these wayward IP addresses that appear to have been sold off by a handful of companies founded by the policy coordinator for The African Network Information Centre (AFRINIC), one of the worlds five regional Internet registries which handles IP address allocations for Africa and the Indian Ocean region.
That individual Ernest Byaruhanga was only the second person hired at AFRINIC back in 2004.Byaruhanga did not respond to requests for comment. However, he abruptly resigned from his position in October 2019 shortly after news of the IP address scheme was first detailed by Jan Vermeulen, a reporter for the South African tech news publication Mybroadband.co.za who assisted Guilmette in his research.
KrebsOnSecurity sought comment from AFRINICs new CEO Eddy Kayihura, who said the organization was aware of the allegations and is currently conducting an investigation into the matter.
Since the investigation is ongoing, you will understand that we prefer to complete it before we make a public statement, Kayihura said. Mr. Byauhangas resignation letter did not mention specific reasons, though no one would be blamed to think the two events are related.
Guilmette said the first clue he found suggesting someone at AFRINIC may have been involved came after he located records suggesting that official AFRINIC documents had been altered to change the ownership of IP address blocks once assigned to Infoplan (now Network and Information Technology Ltd), a South African company that was folded into the State IT Agency in 1998.
This guy was shoveling IP addresses out the backdoor and selling them on the streets, said Guilmette, whos been posting evidence of his findings for years to public discussion lists on Internet governance. To say that he had an evident conflict of interest would be a gross understatement.
For example, documents obtained from the government of Uganda by Guilmette and others show Byaruhanga registered a private company called ipv4leasingafter joining AFRINIC.Historic WHOIS records from domaintools.com [a former advertiser on this site] indicate Byaruhanga was the registrant of two domain names tied to this company ipv4leasing.org and .net back in 2013.
Guilmette and his journalist contacts in South Africa uncovered many instances of other companies tied to Byaruhanga and his immediate family members that appear to have been secretly selling AFRINIC IP address blocks to just about anyone willing to pay the asking price. But the activities of ipv4leasing are worth a closer look because they demonstrate how this type of shadowy commerce is critical to operations of spammers and scammers, who are constantly sullying swaths of IP addresses and seeking new ones to keep their operations afloat.
Historic AFRINIC record lookupsshow ipv4leasing.org tied to at least six sizable blocks of IP addresses that once belonged to a now defunct company from Cameroon called ITCthat also did business as Afriq*Access.
In 2013, Anti-spam group Spamhaus.org began tracking floods of junk email originating from this block of IPs that once belonged to Afriq*Access. Spamhaus says it ultimately traced the domains advertised in those spam emails back to Adconion Direct, a U.S. based email marketing company that employs several executives whoare now facing federal criminal charges for allegedly paying others to hijack large ranges of IP addressesused in wide-ranging spam campaigns.
Anyone interested in a deeper dive on Guilmettes years-long investigation including the various IP address blocks in question should check out MyBroadbands detailed Dec. 4 story, How Internet Resources Worth R800 Million (USD $54M) Were Stolen and Sold on the Black Market.
Tags: Adconion Direct, AFRINIC, Afriq*Access, Eddy Kayihura, Infoplan, ipv4leasing, ITC, Jan Vermeulen, Mybroadband.co.za, Ron Guilmette, The African Network Information Centre
This entry was posted on Wednesday, December 11th, 2019 at 5:31 pmand is filed under A Little Sunshine, Web Fraud 2.0.You can follow any comments to this entry through the RSS 2.0 feed.You can skip to the end and leave a comment. Pinging is currently not allowed.
See the original post here:
The Great $50M African IP Address Heist - Krebs on Security
Avast announces cybersecurity predictions for 2020, expects rise in mobile scams and IoT Malware – Gadgets Now
Internet security provider Avast has released its annual Threat Landscape Report with cybersecurity predictions list for the year 2020. According to the company, mobile scams, sophisticated mailspam, IoT malware and botnets will be major security threats in 2020. It anticipates that a greater focus will also be placed on data privacy in the field of Artificial Intelligence (AI) in the coming year. The report says that 2020 may see an advancements in terms of how malware is delivered to PCs with more sophisticated methods of spreading threats being deployed. Avasts head of the threat intelligence systems, Jakub Kroustek said, Cybercriminals are constantly innovating and looking for new ways to circumvent todays powerful personal and business security solutions. Not only is it harder for people to spot malicious emails or suspicious links and attachments, making attacks more likely to be successful, but the exploitation of RDP vulnerabilities to spread worm-like strains of threats could have significant impact.On the mobile side, Avast predicts that more subscription scams and fake apps will make their way onto official app store. More iOS vulnerabilities will be exposed by security researchers, it adds. Nikoloas Chrysaidos, Head of Mobile Threat Intelligence and Security at Avast, said Getting malicious apps onto the Google Play Store and the Apple App Store is not an easy task, which is why cybercriminals are shifting towards subscription scams, and fake apps integrated with aggressive adware to make money. According to the report, Internet of Things (IoT) devices will become an even greater target for hackers in the year 2020. As more and more smart devices will be used by vendors to collect more data about users in order to learn and predict their behavior, peoples control over their privacy will be limited. Security researcher Daniel Uhricek says that malware authors will continue to build upon older, already established malware families, expanding them with newly released exploits to widen their IoT attack surface. The year 2020 also expects to see practical applications of AI algorithms, including differential privacy, to profit from big data insights as we do today, but without exposing all the private details, says Rajarshi Gupta, Head of Artificial Intelligence at Avast.
Read more here:
Avast announces cybersecurity predictions for 2020, expects rise in mobile scams and IoT Malware - Gadgets Now