Category Archives: Internet Security
Security Think Tank: Identify, assess and monitor to understand attack paths – ComputerWeekly.com
Maintaining digital risk management in todays connected world requires updating security processes and procedures to identify the levels of risk that the more traditional approaches fail to identify. This means understanding your applications and the interconnection between technologies across your supply chain/alliances and/or partners. You also need to understand the data processes.
That means data flow mapping knowing your data; who has got access to what; how do they access it and how often; and the physical locations that could be under different local regulation and legislation. This should be accompanied by work to build mature commercial obligations between you and your suppliers to achieve the levels of risk mitigation you require.
The source of threats and inherent risk can be identified through several means, including threat intelligence mapping of the organisations digital footprint or attack surface and the threat actors targeting your organisation or sector.
Threat hunting exercises should be carried out regularly, for example looking for subdomain takeover opportunities or attackers that are targeting organisations by purchasing typo-squatting domains.
Penetration testing can set out specific risks to systems, but remember this is at a specific point in time, networks and applications and these risks should be mapped to key regulations and good practice standards, including GDPR, NCSC Cloud Security Principles, NIST and ISO 27001.
However, we should also consider what continuous proactive measures are available to reinforce this activity.
Advances in technology provide the opportunity to address risk across wide, complex IT ecosystems. Combining a blended mix of threat intelligence and attack surface protection measures allows organisations to discover, evaluate, and provide actionable intelligence. This will tell them what they dont know, rather than focusing on what they already know.
These platforms can provide scalable analytical frameworks that enable organisations to quickly and efficiently find unusual attributes across bulk unstructured data and across internal and exposed internet-facing infrastructure.
These new technologies provide the ability to quickly identify assets that require more security attention than others across the IT domain. This provides a way to prioritise threats that need to be addressed in the immediate, medium and long term, enabling a more efficient and effective use of pressed resources.
Advances in artificial intelligence (AI) are also helping to build in prediction and the ability to rationalise better and take appropriate action in response to risk. This technology is now available as a business-wide solution to monitor key systems and data to protect business operations, revenue, reputation and profits from cyber and digital risk 24/7.
It is also important to carry out cyber incident exercises to establish how resilient organisations are to cyber attacks and practise their response in a safe environment. Exercises also help to create a culture of learning within an organisation and provide an opportunity for relevant teams and individuals to maximise their effectiveness during an incident.
Creating bespoke exercises is a way to tailor them to reflect the organisations values, and the unique challenges, constraints and threats it faces.
One example of this is CBEST, which was developed by the Bank of England as an approach to operational resilience testing and compliance. It differs from other types of security testing because it is threat intelligence-based and is less constrained as it takes a holistic view of the entire organisation, rather than a narrow focused penetration test of a specific system. It also focuses on the more sophisticated and persistent attacks against critical systems and essential services.
The inclusion of specific cyber threat intelligence ensures that the tests replicate, as closely as possible, the evolving threat landscape and therefore remain relevant and up to date. The feedback from the test then outlines actions that can be taken to improve defence capabilities and increase operational resilience.
This type of adversarial testing is generally referred to as Red Team testing, with the penetration test company simulating the attackers who are then pitched against the organisations detect-and-respond capability the Blue Team. A more collaborative approach between attackers and defenders is commonly referred to as a Purple Team exercise, which is generally carried out iteratively to provide continuous improvement of the detect-and-respond capability. Attacks either real or simulated through testing should be detected and an adequate and timely response set in motion.
Given the complexities and interconnection of modern business technology, it is critical that IT teams deploy the full range of defences to understand and monitor their vulnerabilities and put actions in place to minimise the risks they identify.
Rob McElvanney is a cyber security expert at PA Consulting
Read more:
Security Think Tank: Identify, assess and monitor to understand attack paths - ComputerWeekly.com
Parks Associates: US Annual Spending Across Home Phone, Internet, Mobile, Security, and Video Services, Including Pay TV and OTT, is $340 billion – PR…
CONNECTIONS brings connected home leaders to Frisco, Texas, May 17-19
DALLAS, May 5, 2022 /PRNewswire/ -- International research firm Parks Associates announced today annual spending among US internet households for home phone, internet, mobile, security, and video services totals $340 billion.
The firm is hosting the 26th annual CONNECTIONS Conference on May 17-19 at the Omni Frisco Hotel in Texas, with sessions addressing the future of the connected home and keynotes from Alarm.com, Comcast, Cox Communities, Nice North America, and Sunnova.
The conference is sponsored by Alarm.com, Calix, Cox Communities, F-Secure, Homebase, Plume, Airties, Bitdefender, Johnson Controls, Nice, Notion, Rapid Response Monitoring, Resideo, Schneider Electric, STRATIS, AmTrust Specialty Risk, Gadgeon, Ivani, Cooktop Safety, Iris Powered by Generali, and Assurant.
"Home security and smart home ownership are both pushing 40% of all US internet households, creating new opportunities for interactive services and a whole-home experience," said Elizabeth Parks, President and CMO, Parks Associates. "The networking opportunities and discussions at CONNECTIONS become even more significant as these industries converge, creating a variety of solutions and new consumer experiences centered on the safety and security value propositions."
The opening session on May 17, Services, Choice, and Trust Consumers and Modern Living, examines the position of service providers, the role of choice and trust, and strategies to expand the smart home market, followed by keynote speaker Vickie Rodgers, VP and GM, Cox Communities, Cox Communications. Emerging strategies to serve consumers aged 50+ and family caregivers are featured on May 18, during the special session Seniors, Caregivers, and Tech Services: A Growing Opportunity.
On May 19, the session Smart Apartments: Broadband, Platforms, and Value follows a keynote by David Puckett, VP, Connectivity & Home Products, Comcast, and highlights the growth of connected services and products in MDU properties, including the top value propositions and prioritization for property technologies.
Speakers for the sessions:
To register, visit http://www.connectionsconference.com. For request data or press pass, contact Rosey Sera.
About CONNECTIONS Parks Associates' 26th annual CONNECTIONS: The Premier Connected Home Conference features multiple virtual sessions hosted throughout 2022 focused on the adoption of technology including smart home, security, connected health, energy, home automation, and entertainment solutions.
Bringing together more than 1,500 senior executives, CONNECTIONS provides networking opportunities combined with visionary keynotes and virtual sessions. The Parks Associates analyst team leads all conference sessions, which are focused on technology innovations, consumer adoption and trends, product and service forecasts, and the evaluation of new business strategies, partnerships, monetization opportunities, and value-added service design.
Throughout the event, sponsors offer demos during virtual networking events, spotlighting new technology innovations and services for the entertainment, mobile, and smart home market segments.
CONNECTIONS 2022 features an in-person conference on May 17-19, 2022, at the Omni Frisco Hotel. Register now. For more information, contact [emailprotected], call 972-490-1113, and visit http://www.connectionsconference.com.
Contact:Rosey SeraParks Associates972-996-0202[emailprotected]
SOURCE Parks Associates
Go here to read the rest:
Parks Associates: US Annual Spending Across Home Phone, Internet, Mobile, Security, and Video Services, Including Pay TV and OTT, is $340 billion - PR...
Eastern Upper Peninsula Rural Communities To Receive High Speed Broadband Internet – PR Newswire
$3 Million CARES Grant Awarded to Merit Network
ANN ARBOR, Mich., May 5, 2022 /PRNewswire/ -- Merit Network was awarded a $2.99 million Economic Development Administration (EDA) grant under the Coronavirus Aid, Relief, and Economic Security (CARES) Act Recovery Assistance Grant to support construction of 70 miles of middle-mile fiber optic infrastructure in the Upper Peninsula.
The infrastructure corridor project, named Leveraging Infrastructure for Transforming the Upper Peninsula (LIFT-UP) will pass through Chippewa, Luce and Mackinac counties. This fiber will enable local internet service providers to interconnect with Merit's middle-mile backhaul to bring reliable, high-speed broadband internet to rural and remote communities in Michigan's Eastern Upper Peninsula.
The EUPConnect Collaborative, led by the Easter Upper Peninsula Intermediate School District (EUPISD) and the Eastern Upper Peninsula Regional Planning and Development Commission (EUPRPDC) will collaborate with Merit on the project. They have collaborated with Merit's Michigan Moonshot initiative and the Quello Center for Media and Information Policy at Michigan State University for several years on citizen-scientist crowdsourced research to identify and map broadband access and adoption statistics regionally. An understanding of the prevalence and impact of the digital divide for the region was a first step in developing a blueprint for equitable access.
"The Eastern UP Regional Planning and Development Commission is excited to see this significant EDA investment in broadband for the region. Broadband availability and accessibility has long been the highest priority in our region's Comprehensive Economic Development Strategy. The MERIT LIFT-UP project will provide much needed investment to move the needle on this issue and make the region more economically competitive on the national and global stage," said Jeff Hagan, CEO of EUP Regional Planning.
"Every community deserves access to modern digital infrastructure to support education, telemedicine, public safety, workforce needs and economic development, regardless of geographic location. This new federal investment in the Eastern UP helps advance this goal, and was made possible by constructive collaboration and local leadership," said Joe Sawasky, Merit's president and CEO.
Last-mile internet service providers, community anchor institutions, municipal entities, and others penned letters of support for Merit's grant application. Many signaled their intention to leverage this new infrastructure to enable last mile connectivity within the community, including Highline-Michigan.
"Support of Merit's grant application was important to Highline's relentless effort to reduce the digital divide," echoed Bruce Moore, CEO of Highline-Michigan. "Highline is focused on the efficient and sustainable creation of a world class fiber network. This network now delivers a real high speed internet connection to the doorsteps of households long suffering with inadequate service. Working with Merit is critical to our success."
About Merit Network:Merit Network, Inc. is an independent nonprofit corporation governed by Michigan's public universities. Merit owns and operates America's longest-running regional research and education network. In 1966, Michigan's public universities created Merit as a shared resource to help meet their common need for networking assistance. Since its formation, Merit Network has remained at the forefront of research and education networking expertise and services. Merit provides high-performance networking and IT solutions to Michigan's public universities, colleges, K-12 organizations, libraries, state government, healthcare, and other non-profit organizations. For more information:www.merit.edu.
Merit Network Media Contact:Pierrette Dagg(937) 212-0631[emailprotected]
SOURCE Merit Network
Read the original here:
Eastern Upper Peninsula Rural Communities To Receive High Speed Broadband Internet - PR Newswire
AV-Comparatives reveals top-performing consumer antivirus products in latest Malware Protection Test and Real-World Protection Test results – PR…
The Real-World Protection Test report can be found here:https://www.av-comparatives.org/tests/real-world-protection-test-feb-mar-2022-factsheet/
These tests examined the performance of leading antivirus solutions in order to assess their capabilities in conditions experienced every day by users around the world.
"As we see time and time again, the importance of reliable tests and trust in the products we use every day, and to keep users safe online, is imperative," said Andreas Clementi, Founder and CEO of AV-Comparatives. "As threat tactics evolve and change, and the sheer number of threats that consumers must protect against continues to rise dramatically, we find the need for product testing ever more important. Users need to have full confidence that they have the right protections in place."
"Our rigorous process is designed to provide consumers with the information they need to make the most informed decisions on the best protection for their needs."
The antivirus products used in the test are installed on individual fully patched Microsoft Windows 10 64-Bit computers, which are connected to the internet and updated each day as well as before every single test.
Real-World Protection Test
The interim results of this the Real-World Protection Test are based on a set of 362 live test cases (malicious URLs found in the field). The full report, covering four months of testing, will be released in June.
The following products (latest version available at time of testing) were tested: Avast Free Antivirus, AVG Free Antivirus, Avira Prime, Bitdefender Internet Security, ESET Internet Security, G Data Total Security, K7 Total Security, Kaspersky Internet Security, Malwarebytes Premium, McAfee Total Security, Microsoft Defender, Panda Free Antivirus, NortonLifeLock Norton 360 Deluxe, TotalAV Antivirus Pro, Total Defense Essential Anti-Virus, Trend Micro Internet Security and VIPRE Advanced Security.
The test results showed that:
While all products in the test are unanimously viewed as successful participants, AV-Comparatives does issue caution to the products with a higher rate of false positives as it can lead to a less thorough and more time-consuming user experience.
Malware Protection Test
As part of AV-Comparatives ongoing Consumer Main-Test Series, the Malware Protection Test for consumer security solutions evaluated 17 popular anti-malware programs to assess their ability to detect and block malicious files before, during or after execution. This test examines a product's ability to prevent a malicious program from making any changes to the system. The test set used for this test consisted of 10,040 malware samples, assembled after consulting telemetry data with the aim of including recent, prevalent samples that are endangering users in the field. To ensure that the tested programs do not protect the system at the expense of high false-alarm rates, a false-positive test was also run.
The products tested by AV-Comparatives were: Avast Free Antivirus, AVG AntiVirus Free, Avira Prime, Bitdefender Internet Security, ESET Internet Security, G Data Total Security, K7 Total Security, Kaspersky Internet Security, Malwarebytes premium, McAfee Total Protection, Microsoft Defender Antivirus, NortonLifeLock Norton 360 Deluxe, Panda Free Antivirus, TotalAV Antivirus Pro, Total Defense Essential Antivirus, Trend Micro Internet Security and VIPRE Advanced Security.
A total of 11 products reached the highest award level, Advanced+. These products were: NortonLifeLock, Bitdefender, Avast, AVG, Kaspersky, Total Defense, VIPRE, McAfee, Avira, Microsoft and TotalAV.
About AV-Comparatives
AV-Comparatives is an independent organisation offering systematic testing to examine the efficacy of security software products and mobile security solutions. Using one of the largest sample collection systems worldwide, it has created a real-world environment for truly accurate testing.AV-Comparatives offers freely accessible av-test results to individuals, news organisations and scientific institutions. Certification by AV-Comparatives provides a globally recognised official seal of approval for software performance.
Media Contact: Peter Stelzhammer e-mail: [emailprotected]phone: +43 720115542
Infographic - https://mma.prnewswire.com/media/1808876/AV_Comparatives_1_Infographic.jpg Infographic - https://mma.prnewswire.com/media/1808878/AV_Comparatives_2_Infographic.jpg Logo - https://mma.prnewswire.com/media/1732277/AV_Comparatives_Logo.jpg
SOURCE AV-Comparatives
Ideas & Reality: Protecting your organizations IT systems, networks & infrastructure in a real-world way – JD Supra
How can law firms and companies best protect their most critical infrastructure: the IT systems and networks that are the backbone of those organizations?
Today, law firms and companies are subject to an array of cybersecurity risks, some predictable and some not, which can sharply impact their value, reputation, and functionality. In some cases, cyber-attacks can threaten the Information Technology (IT) infrastructure of an organization with an outright collapse.
Strengthening cybersecurity is difficult, and advanced technologies such as the internet of things and the metaverse will inevitably make things worse. Indeed, a world in which more objects are computerized and digitized is a world with more targets for cyber-criminals. Even more concerning is the unpredictability of cyber-attacks that can trigger cascading network and system failures that are well beyond existing cybersecurity policies or strategies. Not surprisingly then, the Securities and Exchange Commission proposed in March rules for companies to periodically disclose their cybersecurity risk management policies and strategy.
However, as T.S. Eliot wrote, Between the idea and the reality falls the shadow. In other words, the gap between theory and practice can be wide.
Law firms and companies do not lack strategies or ideas for strengthening their cybersecurity policies; however, many lack practical guidance on how to effectively implement these policies and put them into practice. Strengthening cybersecurity standards extends beyond installing firewalls. Indeed, one of the most effective countermeasures with which to avert cyber-threats is to implement robust strategies, procedures, and standards that can protect an organizations critical IT infrastructure while aligning with its business objectives or operational mission.
As cyber-attacks have become more sophisticated, the need to create a resilient cybersecurity framework has grown. Indeed, according to the UKs Cyber Security Breaches Survey 2022, 39% of UK businesses said they were victims of cyber-attacks within the past 12 months.
Faced with this picture, it is natural to worry most about the range of risks caused by cyber-attacks. Yet, despite these worries, these risks can be managed. In this sense, a law firm or company must broaden its cybersecurity strategy by implementing effective countermeasures in order to create a resilient cybersecurity framework. This involves a thorough analysis of the critical components of an organizations virtual ecosystem as well as identifying what could happen if any of the critical components failed or became compromised.
A law firm or company also should consider and identify the critical components of its overall computing environment and consider how each component interacts with one another. The aim is to ensure that it can identify the weakest link in its current computing environment framework by locating a weak component at an early stage and building an effective response to manage and mitigate potential attacks to its overall digital infrastructure.
Once a weak component is located and identified, it is paramount to assess what relevant cybersecurity policies and strategies need to be implemented in order the strengthen the weak component and achieve an overall secure computing environment framework. Equally important, organizations should establish which of their professionals is responsible for paying attention to the operation and security of the organizations essential components and this demands a top-down management approach. Senior managers and decision-makers should understand the driving force behind the development of an enhanced cybersecurity framework and establish a strong information security program that aligns with the organizations business objectives.
One such measure would be for the organization to create a cybersecurity strategy that captures the conditions that are required for creating a cyber resilient environment. Demonstrating strength in some of the following areas is one way of creating effective countermeasures:
Further, implementing the type of cybersecurity standards defined by the International Organization for Standardization can also be an effective tool with which to protect an organizations IT systems and sensitive data and mitigate the risks of cyber-attacks. For example, one such standard can form a blueprint for organizations to implement the necessary procedures, policies, and framework to manage a law firms or a companys information security, cybersecurity, and privacy protection; another allows organizations to protect its storage, processing, and transmission of cardholder data. In fact, that standard specifies 12 operational and technical requirements that can help organizations prevent credit card fraud and maintain a secure environment for its customers.
In todays increasingly interconnected world, where people, goods, and services move across borders, it is paramount that organizations respond to cyber-threats in a timely and effective fashion in order to protect their most critical components and to contain, prevent, and shield their most important data from being attacked, stolen, or compromised. In order to best protect their IT systems, networks, and infrastructure, law firms and companies must define, develop, and implement robust cybersecurity strategies and procedures that can achieve the right balance between concern and action.
[View source.]
Read more from the original source:
Ideas & Reality: Protecting your organizations IT systems, networks & infrastructure in a real-world way - JD Supra
Plainfield cyber attack: What’s been recovered and what’s still lost, thanks to hackers? – Norwich Bulletin
PLAINFIELD The towns police department has regained access to an online state and national law enforcement database that was blocked by a crippling March cyber attack.
Deputy Chief Will Wolfburg said on Monday the department can now tap back into the Connecticut On-Line Law Enforcement Communications Teleprocessing, or COLLECT, system.
More than 180 local, state and federal agencies feed information into that system, which allows police departments to retrieve information from apair ofin-state and two national databases: the National Crime Information Center (NCIC) and International Justice and Public Safety Information Sharing Network (NLETS).
Locally, the COLLECT and NCIC systems are regularly used by police to check the status of individuals and vehicles during the course of a call, Wolfburg said.
We run a vehicle to see if its been stolen and the status of a driver, like if there are any active warrants or protective orders issued for people in a vehicle, he said. Since the (cyber attack), weve had to rely on Putnam and state police to do those kind of informational searches for us, but now were back to being self-sufficient in that area.
Putnam police Chief Christopher Ferace said helping out Plainfield didnt entail a lot of extra work for his folks.
But it doesnt matter if it did, he said. No matter how much work it takes, you do what you have to help out a neighboring department.
In mid-March, hackers gained access to police and town hall computer systems, encrypting files and holding the data hostage as part of a demand for $199,000 in bit coin. The ransomware attack affected phone lines, laptops, records systems and a host of other components.
Wolfburg said all the departments phone lines are back up, as is its email system and officer body camera capabilities. There was concern those cameras would be rendered useless as they filled up with footage without aplace to store it.
We still cant do electronic fingerprinting which mainly affects our ability to conduct pistol permit and employee hiring requests and our records system is still inaccessible, he said.
The department was poised to shift to a newrecords system when the attack occurred. The incursion and subsequent data encryption means years of report data and contact and call information including if a resident has a history of mental health issues or not cooperating with officers - is essentially lost and will have to be re-addedfrom the ground up.
Wolfburg said detectives were also forced to revisit several open investigations as computer-stored statements, reports and other information garnered during the normal course of a criminal inquiry are still inaccessible.
In some cases that meant conducting new interviews and retyping reports, he said. So, instead of six open cases, that means there are 12 now to handle.
Even though no ransom is expected to be paid to the hackers, officials said theres not much more damage that can be done going forward as the encrypted data was not exported.
First Selectman Kevin Cunningham previously said it will cost about $300,000 to upgrade 65 affected computers, as well as to add new security measures - including anti-virus protection and dual-authorization for email access - and to conduct internet security training sessions for employees.
Cunningham said several off-site departments highway, sewer and animal control were slated by end-of-day Monday to be fully back online. He said a punch-list of various recovery tasks was rapidly shrinking at town hall.
We have two outside companies helping us out and the finance department, which had a lot of back-filling of files to do, has been staying late and coming in on weekends to get that work done, he said. Were still working to re-establish connectivity to the states network.
Cunningham said an engineering firm the town works closely with had a trove of town maps on file they were able to forward.
We thought wed lost all that, he said.
Officials have not said how exactly the hackers slipped into the municipal system.
We dont think the hackers knew they were hitting a town or police department in the first place, Wolfburg said. They hit hundreds of systems and dont check in daily to see whats being done at any particular place. Theyre looking to make a quick buck and want to know yes or no if theyre going to get paid.
John Penney can be reached at jpenney@norwichbulletin.com or at(860) 857-6965
over 11% Ransomware Hits Are Targeted At Healthcare | Mint – Mint
NEW DELHI :Though the pandemic led to rapid digital transformation in the healthcare sector, it also increased the sectors vulnerability to cybercrimes. Hospitals, pharma, healthcare and insurers companies have faced increasing attacks, since healthcare data can fetch handsome sums on the dark web. In an interview, Aimee Cardwell, chief information security officer, United Health Group, explained how vulnerable the sector is and what it needs to do to prevent cyber threats. Edited excerpts:
Do you see a major gap in the security preparedness of companies in India compared to those in the US?
The difference is not just between the US and India, but also between South America and many other different markets. It is incumbent upon each company that holds data of patients or partners to keep it secure, no matter which market they are in. Sometimes it is safer to have data in pen and paper, but then you are not serving patients as well. It is complicated, but it is important for us to ensure that we are bringing best practices to protect data in every market we are operating.
How to fight increasing instances of ransomware attacks?
More than 11% of ransomware attacks are targeted at healthcare. It depends on where the attack happens. If it happens on an individual's computer, which is often the case, those are not hard to defend. It requires us to filter emails before it comes in. More than 90% of emails that come to our servers get discarded as most of it is malware or ransomware. It reduces the burden on individuals to not click on the wrong link. But that burden on individuals is also important as sometimes that filter may miss some emails. Education is an important aspect of it. It's also important to watch the system so that we can isolate something once we detect. We want to keep the blast radius as small as possible because lateral movement is one of the things that makes it worse.
Do you think companies should pay the ransom when they fall victim to such attacks?
Most companies do pay the ransom, but most of them don't get their data back. It's like negotiating with terrorists. You can't trust them. Even if you give them the money, most systems will not get restored. Only 60% of them are restored in most instances. Many companies are attacked again by the same groups. Companies should think about what would happen if they are caught in that situation and spend money on preventive measures instead of paying the ransom.
How can healthcare companies minimize disruption after a ransomware attack?
The best way is to back up more frequently. We are talking about backing up (data) on an hourly basis and not months or weeks. The more regularly you are backing up your data, the less likely disruption will be. We used to think, the best way for disaster recovery is to have two nodes: active-active. If one node goes down, you switch over to the other one. The problem is if one of them is hit by ransomware, since they are talking all the time they both go down. So now, we are thinking about having a second node that is ready but not active. In case of an attack, we isolate the first one to limit the attack and bring up the second one.
Is the need for cyber security professionals growing? Are enough domain experts available?
Unfortunately, there are not enough cybersecurity professionals in the world. There are more than 3.5 million open roles globally right now and it is only projected to grow. It is one of the reasons why our team is global. But imagine if you are running a small hospital you may not have access to the same talent.
What about Internet of Things (IoT) devices used in healthcare? We know they can be vulnerable, doesnt that increase threats?
It is not difficult to secure IoT devices. It is just not done. It is important to know where all the devices are. There are all sorts of software that can look at all the network traffic and which device is sending traffic. We also know that IoT companies are not updating their software. Knowing where the devices are can help in preventing something bad from happening. So, if a glucose monitor is suddenly sending something different from what it usually does, it is a red flag and our systems alert us instantly about it.
Subscribe to Mint Newsletters
* Enter a valid email
* Thank you for subscribing to our newsletter.
Read the rest here:
over 11% Ransomware Hits Are Targeted At Healthcare | Mint - Mint
Norton Consumer Cyber Safety Pulse Report: Deception Scams On The Rise | Scoop News – Scoop
Thursday, 28 April 2022, 10:27 amPress Release: NortonLifeLock
AUCKLAND, New Zealand 28 April 2022 NortonLifeLocks global research team, Norton Labs,today published its quarterly Consumer CyberSafety Pulse Report sharing the top consumercybersecurity insights and takeaways from January throughMarch 2022, including how cybercriminals are deceivingvictims with deepfakes and crypto scams to access financialor personal information.
In New Zealand,between January and March 2022, Norton thwarted over5,708,083 threats, an average of around 62,044 threats perday.
Deepfakesare being utilised by bad actors to scam consumers andspread disinformation. The Norton Labs team has spotteddeepfakes used to create fake social media profiles, fuelcharity scams and other fraudulent ploys, and spreadpropaganda relating to the ongoing war in Ukraine, inaddition to deepfakes used simply to make funnyvideos.
Crypto scams are also trending ascryptocurrency becomes more widely adopted. Norton Labstracked over $29 million in bitcoin stolen in 2021. Itexpects this figure to continue to rise in 2022 as thecrypto markets value increases and scammers capitalise onworld events, including the humanitarian crisis in Ukraineto steal donations from philanthropic crypto investors. Newthreats emerge as cybercriminals combine tactics. Bypresenting realistic disinformation via deepfakes in aphishing scam that collects payment in cryptocurrency, aconsumer would have little to no recourse.
Scammersare always evolving their tactics to make their attacks lookmore believable, says Darren Shou, Head of Technology,NortonLifeLock. Cybercriminals are masters at profitingfrom deception, so its crucial for consumers to be awareof the latest scams and to critically analyse anythingsuspicious they encounter on the internet, whether on socialmedia or in their inbox. We are here to help consumersnavigate a changing digital world where you cant alwaysbelieve what you are seeing.
For more informationand Cyber Safety guidance, visit theNortonInternet Security Center.
AboutNortonLifeLock Inc.
NortonLifeLock Inc.(NASDAQ: NLOK) is a global leader in consumer Cyber Safety,protecting and empowering people to live their digital livessafely. We are the consumers trusted ally in anincreasingly complex and connected world. Learn more abouthow were transforming Cyber Safety at http://www.NortonLifeLock.com.
Scoop Media
Become a member Get our free pnui
The rest is here:
Norton Consumer Cyber Safety Pulse Report: Deception Scams On The Rise | Scoop News - Scoop
Overview of Internet Security and Protection – Social Telecast
People use different ways to protect themselves. You lock your car to ensure your cars safety or lock your room to keep you protected. The internet is a wider global phenomenon and people spend much time online. Providers like Xfinity have given us safe access to the internet, but even the best of the best provider cannot erase the chance of your internet security being risked, because internet crime has advanced to high grounds.
There is something that needs protection, especially in todays world. That is your online identity. Cybercrime is very much common nowadays and to protect yourself online, you need to take some steps. You will be given a brief overview of those steps in this article.
Cyber-security refers to the safeguarding of web servers, computers, networks, and any persons identity against data leakage, theft, or damage to the equipment, software, or electronic data. Cyber-security can also involve information leakage, for example, you sign up for the Xfinity Package Deals because you heard it is better than your provider now, so you input your credentials to pay and it gets hacked. This is entirely possible because of a poorly protected and non-encrypted internet connection giving access to everyone out there for your information.
Learning and understanding cyber-security can be a little complex because you have togo through quite a lot of technical terms and buzzwords. Following are listed some basic terms for you to understand to know about cyber-security:
A data breach is a technical term for an occurrence when any personal data of a person or information of any office or bank is stolen by hacking. Hackers frequently try to steal the personal information of different corporate or authorities to steal their money and important resources.
Back-up is a term used for storing data somewhere safe in a different file or a different device in case of any theft or misplacement. iCloud is the most common application used as a backup.
A device thatis designed to interrupt a devices operations is known as Malware. Since technology is so advanced today, there are several date malware. Some malware is so strong that they even grant access to the hackers from afar. Hence, we need to install anti-virus software to protect our devices from hackers.
The term cloud simply refers to online networks. It has a significant difference from the local storage systems that just contain the hard drive of a PC. Cloud helps you store your important data and files on several other servers and keep it safe from malware and hackers.
Hacking is not just a mere threat to sensitive information today. In a world where everything is linked with technology, hacking can cause major destruction to a company or an individual. Hacking can sabotage a companys relationship with its customers and put a company in serious trouble. The threats of cybercrime are becoming even more serious as new technology emerges. It is important to protect our online identity as well. Hackers can take advantage of our personal information.
Parenting filters are something that was designed through advanced technology. Parenting filters can help with your childs security on the internet as well. Parents can use these and install filters on their kids devices so they can view informational and beneficial content only. Even some smartphones have come up with the feature that lets parents control what their child views so they can just have access to limited content.
It is no secret that there are all sorts of content on the internet and not all of them are appropriate for the children to view. But hackers have come up with such malware that even resist parents to do so too. Parents should have a keen eye and teach their children not to talk to random strangers on the internet.
Teenage is the peak age that can teach children a lot of things. Not all of those things can be appropriate and safe for them. Parents should spread awareness among their children and let them know about the dos and donts of the internet. Some steps can be taken to avoid any inconvenience among teens:
Instead of providing each child with a solo device, you can just keep a single device for every use. Usage of the internet among the children will now be easier to monitor. Ground rules can be set for the whole family and implemented. Request that your children charge their gadgets in one room and set up a space for internet use. Allowing your children to use devices before going to bed can disrupt their sleep cycle.
Allow your children to use technology in a very limited way as it can waste their time as well. Instead, encourage your children to do something productive. Once they get addicted to technology, it will be harder to stop them.
Spreading awareness among your children can be very effective too. They should know why they are being restricted to the unlimited use of technology. They should be aware of the dangers ad threats on the internet. Educate them about the disadvantages and the steps for protection.
You should prepare your kids for the future and make them knowledgeable. For protection, children rely on their parents. You must make certain that they have a thorough perception of self-defense. Inform them of the benefits of internet banking and data transfer. Check to see if theyre doing something lawful.
Hackers find senior citizens the most easier to exploit. Many of them have a lifetimes worth of savings, a home, and other valuable assets so it is easier for them to take advantage of them. Senior citizens are more vulnerable to online ruses and deceptions. Since they may not know how to report a trick or maybe be humiliated about being the victim of a trick, there are very low chances of them reporting such cases. Make sure elders, as well as their friends, family, and parental figures are aware of standard network security best practices and ways to stay secure online for them to stay protected from hackers and con artists.
In todays world, internet security is critical. We must adapt to evolving technology and continue to learn as much as possible about cyber security. Online security is important for keeping hackers and cyber stealers of information from accessing sensitive information. Without an active security strategy, businesses risk the spread and continuous rise of malware, attacks on other websites, networks, and other IT Infrastructures leading to vulnerabilities in the virtual world.
The rest is here:
Overview of Internet Security and Protection - Social Telecast
The Air Force is trusting the internet to name its ridiculous new cybersecurity mascot – Task & Purpose
Cybersecurity. Its important stuff. Theres a lot of critical data out there that you dont want bad actors snooping on.
That is why the Air Force apparently needs a cybersecurity mascot. A caped robot with a shield and lightning bolt adorned helmet, here to ask you if youve tried turning your computer off and on again and presumably solving the myriad of technical issues that come with the territory when youre using decades-old software.
He is mighty, strong and here to fight our cyber problems away, says the Air Force.
He is just he for now, and like any good mascot, he needs a catchy name. And its up to the proud men and women of the Air Force to come up with one.
We will be integrating this character with the Department of Air Force cyber awareness marketing material, campaigns and announcements to help support brand awareness, reads the website for the Air Forces chief information security officer, along with instructions for how to send in your name suggestions via email.
Will this become another Boaty McBoatface situation? Surely not.
After all, the Air Force is supposed to be the smart branch. Marines just trip balls at Camp Lejeune, but airmen do it while guarding nuclear weapons. When the Navy draws a sky penis, pilots lament that the balls are going to be a little lopsided. The Air Force does the same thing with some of the most expensive jets to ever take to the sky. And who wouldnt want to use a C-130 Hercules for a brief excursion to Marthas Vineyard to pick up your motorcycle?
Once given a name, this robot, whether its named Cyber McCyberface or any other proposed monikers, might have a lot on its cyber plate. Especially when its going to be operating in computers that struggle to even turn on.
So airmen, dont let us down. Comeup with a namefor this new keyboard warrior! You can find the email to submit your suggestions and more information about the mascothere.
Want to write for Task & Purpose? Click here. Or check out the latest stories on our homepage.