Tag: winning | SpinSafe

Cyber Vendors or Cyber-Criminals: Who’s Winning the Race for the Brows

August 23, 2023/in Internet Security

From the rollout of text-to-image generation tools like DALL-E to natural language processing platforms such as ChatGPT, wowing in their ability to write resumes, scientific papers and more, it has been a breakthrough 12 months for artificial intelligence (AI).

Many industries are already embracing these advances. Market research, copywriting, time management, coding and customer service are all purposes for which ChatGPT, and its rival platforms, are being leveraged by businesses. However, it’s not just corporations tapping into AI’s potential.

With the emergence of ever more useful tools, threat actors have also become empowered to find and develop increasingly sophisticated threat campaigns designed to exploit common vulnerabilities facing enterprises in 2023.

At Menlo Security, we have seen a major uptick in the use of highly evasive attacks targeting the browser, in part driven by this increasingly easy access to AI tools that even amateur attackers can use to create malware or viruses.

It’s an adjustment that adversaries have made in response to the changing working norms. Where many organizations have continued to embrace remote and flexible policies post-Covid, employees are enjoying the freedom of working wherever, whenever and however it best suits them – be it from the office, at home or on the go, both within and outside of the traditional 9 to 5.

To facilitate this, enterprises have embraced cloud-based models – a dynamic in which the browser has become the central hub of operations. In fact, Google reports that the average employee spends as much as 75% of their working day using a web browser.

As threat actors have adapted, cultivating an increasingly expansive and sophisticated arsenal of browser-based attack methods in response, 80% of breaches are now estimated to come through the browser.

Adapting Security Strategies

The spike in browser-focused cyber-attacks is, of course, a problem and one that has seen a range of policies deployed to find a resolution.

Recently, it was reported that Google is running a pilot scheme to encourage selected staff members (around 2500) to work without access to the internet, the…

Source…

Ukraine’s cyber chief says Kyiv is winning ‘world’s first cyberwar’

August 4, 2023/in Internet Security

For Ukraine’s main cybersecurity agency, Russia’s full-scale war began over a month before Russian tanks rolled into Ukraine from all directions – with a large cyber attack on Jan. 14, 2022.

“It all started with an attack on state authorities, it was the largest attack in 17 years,” says Yurii Shchyhol, head of the State Special Communications Service, which is responsible for defending Ukraine’s cyberspace.

Shchyhol says over 90 government websites were targeted, about 20 of them were defaced, and some data was erased. It took Ukrainian authorities 2-3 days to get those websites back up.

“This was the first indication for us that (Russia) was planning something big,” he adds.

The month leading up to the full-scale invasion, Ukraine experienced several major cyberattacks – on Feb. 15 and Feb. 22.

By the time Russia launched its full-scale war, Ukraine was ready to face Kremlin’s cyberwarfare, taking place alongside the ground offensive.

The 7,500 employees of the Special Communications Service are now in charge of protecting Ukraine from cyberattacks, ensuring the military and political communication is secure, and conducting online operations to hamper Russia’s war effort.

The agency has also created a database of critical infrastructure, and coordinates its defense.

“There has never been such a war in history,” Shchyhol, who took charge of the agency in 2021, says. “It is the world’s first cyberwar in general, and there is no country in the world (except Ukraine) with this experience.”

He adds that Ukraine has faced around 20 cyberattacks per day since February 2022, with most of them deterred automatically, while some requiring timely intrusions by the agency.

In the 16 months since the start of the full–scale war, Shchyhol says Ukraine hasn’t lost any critical information, nor were any major systems downed.

Shchyhol says the agency is now drawing up a list of sanctions and laws required to stop Russia from being able to conduct cyberwarfare.

“Even after our victory on the ground, we understand that the cyberwar will not cease, and they will persist in attacking our systems,”…

Source…

The winning strategy for SMB ransomware protection

July 17, 2023/in Internet Security

It’s no secret that the threat of ransomware is showing no sign of slowing down, especially as organizations around the world come to terms with hybrid and remote working. The impact of an attack can be severe to say the least – according to the UK Government’s 2022 ‘Cyber Security Breaches Survey’ 39% of UK businesses identified a cyber-attack in the last 12 months. 83% of these businesses reported phishing attempts, and 26% identified a more sophisticated attack type such as a denial of service, malware, or a ransomware attack.

Unfortunately, businesses overestimate the role of technology in preventing attacks. Just as a manager of a sports team wouldn’t bank on their star forward to win every game, organizations should think about diversifying their approach to security.

Businesses cannot solely rely on technology

Given the growing volume and severity of these threats, smaller businesses are investing heavily in technology to protect against the risk of a devastating attack. Enter Endpoint Detection and Response (EDR) solutions, an increasingly popular automated technology that can be deployed to detect and help remediate possible threats before they become dangerous.

The trouble is, the majority of EDR detections are never investigated, throwing a spanner in the works for the notion that tech should support and augment human expertise. Alerts to threats are one thing, but finding a way to action them and prevent further intrusions is a whole other ball game.

This lack of response to alerts might not be as surprising as it sounds. In the same way that an onslaught of e-mails or phone calls at work can throw you off your stride, receiving too many EDR notifications can cause even the most experienced IT administrator to experience a kind of ‘decision paralysis’, ultimately leading to a failure to adequately address the problems the technology has identified. Pressure can ramp up to the point where turning off an EDR solution seems like the only play – a concerning trend whereby fatigued IT staff have simply reached their limit of cyberthreat tolerance.

Marcin Kleczynski

Founder and CEO, Malwarebytes.

Cultivate a ‘defense in depth’…

Source…

Cybersecurity Best Practice Is Critical for Winning the New Space Race

November 16, 2022/in Mobile Security

As the low Earth orbit market prepares to double over the next
five years, to the tune of around $20 billion, we sit on the edge of a new
space race. However, amid rapidly falling launch costs and a host of
technological advancements, it’s safe to say that this race is heading into new
territory.

These digitizations relate to the role of sensors and data
processing, and a plethora of applications that aid ground control and
observation operations.

One segment of the race that is still yet to pick up speed,
however, relates to cybersecurity. The implications of attacks on satellites
are self-evident, but the resilience and protection of these galactical systems
require further exploration and a mass team effort.

Familiarity in Space

The difficulties that come with protecting devices in space comprize
multiple complex systems within systems — each playing different roles and
being deployed by different players.

Satellites are effectively just platforms with embedded systems
and interfaces, including radio communications, telemetry tracking control
systems, and ground segment connections. These are all essentially enterprise
networks, but that also makes them avenues of opportunity for
cybercriminals.

These systems are underpinned by a complex supply chain — another
prime target for attackers, as we’ve seen on the ground through examples like
SolarWinds, where the supply chain served as a gateway to all other interfaces.

Not only does this make systems in space more familiar than you
might think, it also makes them more challenging to defend.

As such, the satellite door is potentially being left ajar to
hacktivists, financial crusaders, and state-acting spies who can use their significant resources to target other countries’ prized
space assets.

The “How” and “Why” of Space Attacks

Why attack space when there are systems on land?

The answer is twofold, based on how familiar these satellite
platforms actually are, and what attackers stand to gain by infiltrating them.

Addressing the former, “under the hood” of a satellite
is a platform. More often than not, the embedded system within that platform
may be as recognizable as a Linux operating system. And while the operations…

Source…

Tag Archive for: winning

Adapting Security Strategies

Businesses cannot solely rely on technology

Familiarity in Space

The “How” and “Why” of Space Attacks