Tag: channel | SpinSafe

Three channel partner considerations for tackling ransomware

February 7, 2024/in Internet Security

The public cloud has become a major focus of ransomware operators, who are always quick to seek out new opportunities for pay off.

Originally intended to spread quickly throughout on-premises settings, cyber criminals are now retooling ransomware to function on cloud native architectures and infect containers.

As a result, ransomware is now better able to propagate throughout and steal data from the public cloud. According to research from Veeam Software, 45% of production data was encrypted or affected during a ransomware attack and the latest Crowdstrike threat report found cloud exploitation incidents increased by 95% in 2022.

Candida Valois

Candida Valois is field CTO for Scality. She’s an IT specialist with more than 20 years of IT experience in architecture, software development, services and sales for various industries. She is passionate about technology and delivering valuable solutions.

These threats have some companies reconsidering whether the public cloud is the best fit for their organization, or whether they should adopt a hybrid approach.

By staying updated on the latest storage options and how storage contributes to security, you’ll be adding value in your consultative role and offering technologies that help customers create a multifaceted data storage and security approach to stay ahead of change and vulnerabilities – with the flexibility they need.

Start with zero trust at the core

A multi-pronged strategy is necessary for ransomware prevention. This entails safeguarding typical ransomware infection pathways through the maintenance of strict authentication and access policies; routine analysis and immediate patching of internet-exposed software vulnerabilities; and network and endpoint security monitoring.

It’s also critical to use automation and administrator training to prevent cloud misconfigurations.

Core to this approach is a zero trust security architectural design. This enables you to prevent unauthorized access to data and services, and enforce access control in a granular way.

No matter how distributed a network becomes, or what mix of hybrid or cloud infrastructure is used, an organization can…

Source…

Twitter glitch allows CIA informant channel to be hijacked

October 17, 2023/in Internet Security

By Joe Tidy
Cyber correspondent

8 minutes ago

Image source, Getty Images

A cyber-security researcher has exploited a glitch on the CIA’s official Twitter account, to hijack a channel used for recruiting spies.

The US Central Intelligence Agency (CIA) account on X, formerly known as Twitter, displays a link to a Telegram channel for informants.

But Kevin McSheehan was able to redirect potential CIA contacts to his own Telegram channel.

“The CIA really dropped the ball here,” the ethical hacker said.

The CIA is a US government organisation known for gathering secret intelligence information, often over the internet, from a vast network of spies and tipsters around the world

Its official X account, with nearly 3.5 million followers, is used to promote the agency and encourage people to get in touch to protect US national security.

Biggest fear

Mr McSheehan, 37, who lives in Maine, in the US, said he had discovered the security mistake earlier on Tuesday.

“My immediate thought was panic,” he said.

“I saw that the official Telegram link they were sharing could be hijacked – and my biggest fear was that a country like Russia, China or North Korea could easily intercept Western intelligence.”

At some point after 27 September, the CIA had added to its X profile page a link – https://t.me/securelycontactingcia – to its Telegram channel containing information about contacting the organisation on the dark net and through other secretive means.

The channel said, in Russian: “Our global mission demands that individuals be able to reach out to CIA securely from anywhere,” while warning potential recruits to “be wary of any channels that claim to represent the CIA”.

Image caption,

Anyone clicking on the link was directed to Mr McSheehan’s Telegram channel

But a flaw in how X displays some links meant the full web address had been truncated to https://t.me/securelycont – an unused Telegram username.

As soon as Mr McSheehan noticed the issue, he registered the username so anyone clicking on the link was directed to his own channel, which warned them not to share any secret or sensitive information.

“I did it as a security precaution,” he said.

“It’s a problem with the X site that I’ve seen before – but I was…

Source…

Death of the computer password is just around the corner, tech experts say – WSB-TV Channel 2

June 6, 2023/in Computer Security

If you don’t count hackers, phishers and pirates, most computer users hate passwords.

>> Read more trending news

Tech giants have been predicting the death of passwords since 2004 when Bill Gates foretold of their inevitable demise, according to a new story in Insider.

The author, Shubham Agerwal, said he tried out a beta system a few weeks ago that could be a “game changer.” It’s as easy as “signing into an iPhone” with nothing to remember or manage, he said.

Agerwal said that we’re still a long way from a password-free future, but it’s getting closer, experts agree.

The system was developed by FIDO Alliance (Fast Identity Online), formed in 2013 when Apple, Amazon, Google and other big tech companies joined forces to eliminate the antiquated password system with a system called “passkeys,” according to Insider.

Passkeys are a “replacement for passwords that provide faster, easier and more secure sign-ins to websites and apps across a user’s devices.” Passkeys are always strong, resistant to phishing, and will simplify the registration of devices, according to the FIDO alliance. They will also work on most of a user’s devices and even other devices within physical proximity, according to the group’s website.

FIDO’s mission is to shift security to technology and not users, Insider reported. Right now, it’s becoming ever more evident that passwords alone don’t work.

According to Insider, something that millions of computer users already know: passwords are ridiculously easy to crack. Hacker technology has become so sophisticated that it’s far ahead of even the latest, more complex, algorithm-driven security systems.

Users must rely only on their memory. Even the computer-generated long, complex passwords that Google and other operating systems and sites create are not totally secure.

Most humans, many of whom have dozens of sites to log onto at work, will use one password over multiple sites to save time. This leads to a domino effect when one of those passwords is compromised — all the other sites using that password can crack in a split second.

And simple, vulnerable passwords like “Password4Me” and “ABC123″ are far more prevalent than one…

Source…

Thousands of parcels stuck in limbo after ransomware cyber attack – Channel 4 News

January 14, 2023/in Internet Security

More than half a million letters and parcels destined for overseas destinations are stuck in limbo – after a ransomware cyber attack on the Royal Mail.

The Lockbit gang, which is understood to have close links to Russia, said it had infected the company’s computer files, and threatened to publish stolen data on the dark web.

Source…

Tag Archive for: channel

Biggest fear