Tag Archive for: thousand

Jasson Casey, Beyond Identity: “malware doesn’t care if your password is four characters or four thousand characters long”


The increasing reliance on using the internet has businesses, governments, and individuals more aware of data security and identity protection. One of the primary concerns is password protection.

No matter how secure your passwords are, cybercriminals with the right malware will find a way to steal them. Even the leading VPN might be insufficient for full data protection and online security. Cybercriminals have access to the same advancing technology and software apps that the rest of the public does. That access resulted in an increase in cyberattacks by stealing passwords. Avoiding these risks means taking the time to learn more about preventative measures.

To discuss the issue in more detail, we spoke with Jasson Casey, the CTO at Beyond Identity – cybersecurity company advancing toward Zero Trust Authentication through constant risk assessment and continuous security validations.

How did Beyond Identity originate? What has the journey been like?

Two and a half decades ago, our founders – Jim Clark and Tom Jermoluk, made the World Wide Web accessible to all. They made it ready for business. Jim spearheaded the release of the Netscape browser along with SSL for secure Internet transactions. Tom focused on large-scale home broadband access with @Home Network. As businesses, governments, and individuals increasingly relied on the Internet, so too did bad actors. Bad actors eroded trust, stole intellectual property, and pilfered funds.

There are hundreds of billions of passwords in the world today. Yet, we continue to rely on this fundamentally insecure authentication model. Passwords are insecure because these “shared secrets” transit networks get stored in unprotected databases. They are also shared among friends and family. Ultimately, they’re reused across multiple apps. With the creation of Beyond Identity, the SaaS platform goes above and beyond FIDO standards. Our passwordless, invisible MFA supports broad authentication use cases. It turns all devices (including computers, tablets, and phones) into secure authenticators. Our platform validates the user and verifies the device is authorized. It checks the security posture of the device and executes an…

Source…

Private Indian hackers launched over a thousand cyberattacks on Pak military


SideWinder, aka Rattlesnake, has hijacked, stolen or modified content in the intended computer systems of Pakistan government, military and business cyber assets. Earlier, only Pakistan and China-based entities would indulge in cyber espionage and disruption of Indian critical assets.

 

New Delhi: Assets of critical Pakistan government agencies, some of which are affiliated to the military, have been facing persistent cyberattacks from a group, which domestic and international experts claim, is based in India.
The group, which observers and experts have named the “SideWinder”, aka Rattlesnake, has launched a staggering over-1,000 attacks since April 2020 on government, military and business cyber assets based in Pakistan and managed to hijack, steal or modify content in the intended computer systems.
Earlier, such India-based “nationalist” cyber groups, would, at the most, deface the websites, while Pakistan and China-based similar entities would indulge in cyber espionage and disruption of critical assets of organisations based in India. According to a report by California-headquartered Zscaler, a cybersecurity company, which has four offices in India, the people behind SideWinder, in one of their recent attacks, have now planted a new malware called “WarHawk”, which, as per the researchers, completely hijacks the system of the intended recipient.
“Once the victim is infected by the malware ‘WarHawk’, the malware starts sending system information to attackers, downloads and executes other different malwares on the infected system. It also gives remote access to the system by executing commands on it and starts sending across information like file name, file-size, date, etc. One interesting thing that we found is that the malware runs only if the system is in Pakistan Standard Time,” said Niraj Shivtarkar, who is a researcher with the ThreatLabz, the research team of Zscaler.
According to him, they had come across different versions of the same malware, which indicates that the people behind the cyber group were updating the malware with more advanced functionalities. The researchers have not been able to identify the exact targets…

Source…

Data Breach at Sears and Delta May Have Hit ‘Several Hundred Thousand’ Customers

  1. Data Breach at Sears and Delta May Have Hit ‘Several Hundred Thousand’ Customers  TIME
  2. Delta and Sears say data breach exposed hundreds of thousands of credit cards  The Verge
  3. Data breach at service provider hits thousands of Sears, Delta customers  USA TODAY
  4. Delta Air Lines, Inc. – DAL – Stock Price Today – Zacks  Zacks
  5. Full coverage

data breach – read more

Over a thousand spyware-infected Android apps discovered

Over a thousand spyware-infected Android apps discovered

A family of Android spyware has infected more than 1,000 apps, including some which infiltrated Google’s Play Store.

David Bisson reports.

Graham Cluley