Tag Archive for: SUPPORTS

Chrome Supports Key Pinning on Android to Improve Security


Key pinning, a technique used to prevent an attacker from tricking a vulnerable certificate authority (CA) into issuing an apparently valid certificate for a server, is now used in Chrome for Android, version 106. This helps preventing man-in-the-middle attacks against Google services.

As Chrome security engineers David Adrian, Joe DeBlasio, and Carlos Joan Rafael Ibarra Lopez explain, key pinning was devised at Google as a response to real attacks seen in the wild, specifically an attack that targeted Google services in 2011.

Key pinning was born as an extension to the HTTP protocol, later deprecated, that enabled sending an HTTP header that tells user agents to “pin” cryptographic identities over a period of time.

During that time, user agents (UAs) will require that the host presents a certificate chain including at least one Subject Public Key Info structure whose fingerprint matches one of the pinned fingerprints for that host.

This effectively reduces the number of CAs that can authenticate the domain while the identity is pinned. While effective, key pinning has its own drawbacks. For example, if pins get out of date, there’s a risk of locking users out of a service, which leads to a number of good practices:

Whenever pinning, it’s important to have safety-valves such as not enforcing pinning (i.e. failing open) when the pins haven’t been updated recently, including a “backup” key pin, and having fallback mechanisms for bootstrapping.

These mechanisms are hard for individual sites to manage, say Google engineers, which, as mentioned, led to the RFC being deprecated. As a matter of fact, Google removed public key pinning from Chrome in 2017. But key pinning may still have its own use cases, including web browsers, automatic software updates, and package managers, where client and server are operated by the same entity.

Specifically, in Google’s case, thanks to the control that the company has on its browser, Chrome embeds pinned certificates (pins) for all Google properties. This means every HTTPS access is only authenticated through a key belonging to the embedded set of pins.

To fully understand what role key pinning plays into Chrome…

Source…

New CyberSense 8.0 supports intelligent ransomware recovery


Index Engines has released a major update to its CyberSense software, including new a new post-attack dashboard that provides an intuitive analysis of data corrupted by ransomware.

With this completely revamped user experience, alerts are organized by severity and include a detailed explanation of why the machine learning algorithms generated the alert. Interactive charts can drill down to confirm which files were infected. Detailed reports can be generated and downloaded.

CyberSense is a data integrity platform that integrates with customers’ data protection systems, detects signs of ransomware corruption in backups or snapshots within one copy cycle, and identifies the last clean copy of data post attack to minimize downtime.

“Ransomware attacks are alarming and time sensitive,” said Jim McGann, vice president of Index Engines. “When an organization gets an alert from CyberSense, our new dashboard tells you which hosts were attacked, and what backups or snapshots are needed to recover quickly.  No extended downtime. No paying ransoms. This new dashboard really helps us deliver that experience.”

https://indexengines.com

Source…

How EDR Security Supports Defenders in a Data Breach


The cost of a data breach has reached an all-time high. It averaged $4.35 million in 2022, according to the newly published IBM Cost of a Data Breach Report. What’s more, 83% of organizations have faced more than one data breach, with just 17% saying this was their first data breach.

What can organizations do about this? One solution is endpoint detection and response (EDR) software. Take a look at how an effective EDR solution can help your security teams. 

What is a Data Breach?

A data breach is a cyberattack where a threat actor infiltrates a data source and exposes sensitive, confidential and protected data. This can occur as a result of ransomware attacks, phishing or malware attacks or other types of data theft. Whatever the source of the breach, it always leads to a loss of trust and damages the victim’s good name. It leaves many questions. How did the attack begin? How many devices did it strike? Have attackers stolen data? If yes, how much and from where?

Sharing an example of how threat actors might launch a phishing attack, Stephanie Carruthers, chief people hacker for IBM X-Force recounts:

“We had a client that wanted us to launch a phishing campaign against a hundred of their employees. We started to look through the company’s website and blogs, and we found a website where employees can post reviews about their employer. One common issue that we saw, which a lot of people complained about, was the parking at their job. So, we crafted a phishing campaign that actually explained how starting Monday, it was going to be assigned parking, and they just had to view the map to see their space, or else they would get towed. And that was one of our successful campaigns because we saw what people absolutely hated, and we tried to fix it in a way. And just by that website where we found all that information, it made our campaign extremely successful.”

What to Do After a Data Breach

After a breach, cyber defenders or blue teams work under a lot of pressure to find answers quickly. Often there is a state of temporary shutdown, resulting in loss of revenue and critical data, which threatens business continuity. After the attack, defenders try to find the…

Source…

Biometrics Experts and New Study Highlight How Behavioral Biometrics Supports Strict Regulation and Offers Better Data Privacy Protections



News and research before you hear about it on CNBC and others. Claim your 1-week free trial to StreetInsider Premium here.


New report from Biometrics expert, Goode Intelligence draws insights from BehavioSec and law firm Osborne Clarke to analyze how behavioral biometrics technology can be successfully implemented in compliance with GDPR, CCPA, and similar regulations

SAN FRANCISCO–(BUSINESS WIRE)–
BehavioSec, the industry pioneer and technology leader for behavioral biometrics and continuous authentication, today announced new findings that organizations and consumers can feel more comfortable with wider use of behavioral biometrics to safeguard their online digital experiences and identities.

Following a year of digital transformation on a societal level, the demand for better online user experience and a stronger level of digital identity protection has become essential. With a year when the world has seen a combination of personal data theft with new rulings and proposed legislation, like the EU Schrems II in July 2020 and the US National Biometrics Information Privacy Act in August [US Senators Merkley, D-OR and Sanders, I-VT], the need for expert guidance has never been higher. BehavioSec shares this research and a company milestone to highlight how behavioral biometrics can be adopted transparently with clear benefits, and in compliant fashion with comprehensive data protection laws. These include measures like the European General Data Protection Regulation (GDPR), the European Commission’s PSD2/SCA and its Open Banking mandate, the US California Consumer Privacy Act (CCPA) and similar, anticipated requirements of regulations proposed in other regions.

To validate the safe use of behavioral biometrics at a time when headlines are full of allegations about technologies like facial recognition and “deep fake” simulations being abused, BehavioSec sponsored the report, “2021 Global Data Privacy Regulation of Physical & Behavioral Biometrics” by respected industry research firm Goode Intelligence. In the report, Chief Analyst Alan Goode dives into the relevance of current and proposed global privacy and data protection legislation on the successful and…

Source…