Millions are at serious risk of being hacked without even knowing it, with fitness trackers, smart TVs and even children’s toys among the most vulnerable items, according to new research from consumer security firm, BullGuard. IT security experts commented below. Ben Hertzberg, Research Group Manager at Imperva: “The main threat with the Internet of Things (IoT) is that there are billions of internet-connected devices where basic security standards are not enforced. Devices are shipped with default credentials (sometimes without the ability to change them), vulnerabilities in their web interfaces, remote update procedures and more. With Gartner estimating that over 20 billion of these devices will be in use by 2020,…
ISBuzz Team
The ransomware is definitely spreading via EternalBlue exploit just like WannaCry. People have found the code in the malware and have seen the EternalBlue exploit traffic on the network. There are additional spreading vectors that use harvested credentials from machines compromised with EternalBlue. These are used to connect to and run the malware on fully patched machines. The easiest and best way to prevent the EternalBlue exploit from working is to run Windows Update. Because WannaCry kill switch worked, the pain stopped, and many orgs did not complete patching their Windows. This shows the day to day fire drill that…
Petya and WannaCry are the tip of the iceberg in a new era of global, distributed cyberattacks that are affecting all industries and geographies. If organizations are not preparing for this new reality, they’ll likely soon be stung by it. The good news is that most distributed cybercrime attacks can be prevented or disrupted with good cyber–hygiene and vulnerability and threat management practices that consider what is happening in the wild. The challenge, though, is doing that across an enterprise–scale network with limited resources. IT security experts from Skybox Security commented below. Marina Kidron, Head of Skybox Security’s Research Lab: “If…
Despite heightened awareness of ‘fake news’ in recent months, 86% of Brits claim they would not be able to tell the difference between real and fake news. The research, developed by cyber security expert McAfee also uncovered that the majority of Britons aged 18 and over do not completely trust the information they read online. This is perhaps unsurprising, given that over the past year commentators have called out fake news for impacting the outcome of the EU referendum, the US election, and the recent UK election. Worryingly, this does not appear to stop people from spreading potential fake news or manipulated data. 70% of…
With the breaking news of a global ransomware attack hitting organisations across Europe and the US, Paul Edon, Director at Tripwire commented below. Paul Edon, Director at Tripwire: “Tuesdays cyber-attacks that caused disruption to Ukrainian Banks, Ukrenergo Power Distribution and other Ukrainian commercial business appears to have gained initial entry via a phishing attack and then spread across systems by means of the EternalBlue exploit. “Phishing attacks are common-place and currently represent the most successful entry point leading to a successful breach. Foundational Controls such as Email and Web filtering combined with comprehensive workforce education will greatly reduce the success of these attacks.…
STEALTHbits Technologies executives believe that attacks such as Petya will continue to use Mimikatz to move laterally within organizations, and offer the following quote to on protecting the enterprise. Jeff Warren, Senior Vice President, Technical Product Management, STEALTHbits Technologies commented below. Jeff Warren, Senior Vice President, Technical Product Management at STEALTHbits Technologies: “Petya, like other modern ransomware attacks, leverages a Mimikatz variant to spread through organizations after the initial compromise. This can be expected to continue for future attacks, as Mimikatz is a very effective and easily packaged method for extracting Active Directory credentials and performing lateral movements. Every security professional should be familiar…
Update: We’ve discovered a vaccination that disables the NotPetya ransomware. Cybereason Principal Security Researcher Amit Serper discovered a work around solution that disables the NotPetya ransomware that wreaked havoc in Europe on Tuesday. To activate the vaccination mechanisms users must locate the C:\Windows\ folder and create a file named perfc, with no extension name. This should kill the application before it begins encrypting files. When first run, the NotPetya ransomware searches for its own filename in the C:\windows\ folder, and if it is found, will cease operating. Once the original file name was found and verified by two different sources, Amit was able to piece together a kill switch…
News broken that HMS Elizabeth May Be Operating On Windows XP, Dr. Malcolm Murphy, Technology Director at Infoblox commented below. Dr. Malcolm Murphy, Technology Director at Infoblox: “This is a good example of a situation where it’s not necessarily feasible or practical to be running the absolute latest software or patches. The lifecycle of something like a warship isn’t going to be in sync with the rapid rate at which the IT industry discovers vulnerabilities and issues patches. We see the same challenges with embedded operating systems in medical devices, industrial plant and critical national infrastructure control systems, ATMs, and so on.…
Earlier this week, UpGaurd announced their discovery of the RNC’s contracted voter research vendor Deep Root Analyics’ (DRA) 12-day data exposure of nearly 200 million American voters’ information. While leaks of contact details are detrimental enough, both to the individual and the responsible organization, this particular exposure also left the door open to voter preferences on sensitive partisan topics, such as gun ownership and control – a serious privacy violation. The fact that these confidential files were left on a publicly accessible server should not be a surprise. An organization’s greatest threat is usually not an outside attacker, it’s the…
Survey reveals the damage of attacks against ERP system is estimated at $10m, but organizations lag for security It is a commonplace that new trends (be it the cloud, mobile, big data or Internet of Things) widen the attack surface. However, sometimes even widely-known technologies can be a security pitfall, if come into hackers’ focus. For enterprises, ERP systems – the backbone of all key business processes and data – can pose a hidden danger. Just 7 years ago ERP Security was viewed as a segregation of duties only. It means that organizations worried about preventing cases than an employee…
