Tag

cybersecurity

Browsing

Spring is in full bloom and so is the tech industry: sprouting innovations, branching into new markets, and as per usual dealing with some bugs and worms here and there. This month we saw Google and Shopify turn a new leaf with a partnership to enable global growth, important security articles, and how AI and automation can help in new ways.

We’ve done all the reading for you, so here’s the May Tech News Roundup!

Every fifth corporate network faced a crypto mining malware attack in 2020 

Cryptocurrency mining is a whole deal on its own and many attackers are now increasingly taking advantage of emerging malware like crypto mining to target and attack corporates. According to this blog by the fine people of Crypto Parrot, mining malware “accounted for the second-largest corporate network attacks at 21% between January 1, 2020, and December 31” read the full story here

Google Cloud Launches Datashare for Financial Services, helping the Capital Markets Industry Share Market Data More Securely and Easily

This launch builds on Google Cloud’s recent momentum in working with exchanges and market data aggregators to make it easier to access and share their data with investment banks, asset managers, hedge funds, and other data consumers. With Datashare, data publishers can onboard their licensed datasets to Google Cloud securely, quickly, and easily, while data consumers can access that data in tools like BigQuery.

Shopify Expands Partnership with Google Cloud to Enable Global Growth

Google announced it’s partnering with Shopify, and even though the company didn’t offer many details about the integration when it was announced during Google’s I/O Developer event, the news follows a series of updates to Google Shopping resulting from Amazon’s increased investment in its own advertising business.

The integration will allow merchants to sign up in just a few clicks to have their products appear across Google’s 1 billion “shopping journeys” that take place every day through Search, Maps, Images, Lens and YouTube.

Top GitHub Project Home Assistant Builds on CodeNotary to Secure Software Supply Chain at Scale

Home Assistant is the world’s largest home automation platform controlling over 1,700 different devices and services without storing any data in the cloud. With CodeNotary, it is now for the first time possible for Home Assistant to ensure that only approved code runs on the hundred of thousands of homes using their project and to fulfill its mission to put local control and privacy first.

Altair Future.AI Global Event to Demonstrate How Artificial Intelligence and Analytics Accelerate Digital Transformation

Altair is a global technology company that provides software and cloud solutions in the areas of simulation, high-performance computing (HPC), and artificial intelligence (AI). Their global event will connect scientists, engineers, business teams, and creative thinkers who are harnessing the power of data analytics and AI to gain competitive advantages and drive better business results.

Fasthosts, the web hosting specialists, share their top five suggestions for keeping clients safe online, as a projection forecasts an 18% increase in e-commerce fraud.

As an online provider of products and services, your main concern should be the safety of your shoppers. If a consumer’s information is not safe, then it may be used to commit fraud and identity theft. In that case, your company’s reputation might be at risk.

1. Prioritize Passwords with a High Level of Security

A hacker will decode a weak password in many cases, regardless of how effective your on-site security measures are. Encourage users to use an intricate combination that contains capital case, number, lowercase, and special characters to get around this.

2. Keep up with the Main Security Updates

Third-party applications may help create a more absorptive and appealing online experience, but they’re also a refuge for hackers who are always looking for flaws. App developers release security upgrades on a regular basis, but it’s frequently up to e-commerce business owners to implement them.

3. Stop Hoarding Personal Information

Deleting outdated data regularly is the easiest approach to increase your site’s cyber protection. This entails developing a system for deleting clients’ personal and financial information as soon as possible after a transaction is completed. By deleting data when it’s no longer needed, you’re reducing the risk of a data breach right away.

4. Take it a Step Further and Encrypt your Info

Encrypting your site ensures that, even if it is hacked, the information stolen, frequently, becomes worthless. Secure Sockets Layer (SSL) is a 256-bit encryption technique that safeguards you and your clients’ information. If a site is SSL certificated, you’ll see a padlock in the address bar and the URL will start with ‘https://’ instead of  ‘http://’.

5. Ensure PCI Compliance is Mandatory

The Payment Card Industry Data Security Standards, or PCI DSS, are a set of data security standards that organizations should follow to keep passwords and payment information safe. Following these guidelines goes a long way toward guaranteeing consumer security. PCI compliance is required of all firms that process even one credit card transaction.

A Trustworthy Server will Help you Safeguard your Customer’s Information

Safe servers are the key to keeping your customer’s data away from hackers. Serverpronto offers you several security solutions for your company’s and shopper’s information, like the following ones: McAfee Server Security, Idera (R1Soft), Managed Backup Solutions, Cisco, and SonicWall Firewall Options, among others.

If you want to make sure your data is protected, don’t hesitate on contacting ServerPronto. They are ready to listen to your security needs and to provide your company with reliable and affordable hosting solutions.

According to information obtained by Crypto Parrot, a trading simulator for cryptocurrency, it was found that 21% of attacks toward corporate networks involved crypto-mining malware, making it the second-highest cause of these attacks.

Botnet led the ranking, making up a total of 28% of attacks within the same timeframe. Infostealer came in third place with a 16% rate, succeeded by mobile with 15%. Banking malware cyberattacks placed fifth with a total of 14%. Ransomware was the most uncommon type of attack at 5%.

As far as the geographic distribution, the American continent saw 19% of corporate malware cyberattacks performed by crypto miners. On the other hand, European, Middle Eastern, and African nations received 21% of these cyberattacks. However, the highest amount of malware cyberattacks via crypto mining were found in Asia and the Pacific, coming to a total of 26%.

The increasing value of the crypto sector gives rise to crypto mining malware

The review goes over some of the factors that have given way for crypto miners to make up such a significant amount of corporate malware cyberattacks. According to the review of the investigation:

“In 2020, digital assets remained resilient amid the economic meltdown occasioned by the coronavirus pandemic. The value of cryptocurrency began rising from the third quarter of 2020, led by bitcoin in return bolstering the amount of money hackers can rake in. In general, attackers took advantage of the price trend and increasingly spread malware to exploit other people’s computer resources for illegal mining activities.”

Hackers who use crypto mining are furthering their efforts by concentrating on digital assets that are anonymous, such as Monero.

Overall, they are pursuing assets that do not disclose transaction amounts or parties that are not able to be associated with prior transactions and are made for mining on common computers.

Using a dedicated server can offer protection from these attacks

Using a dedicated server like those offered by ServerPronto can make you feel more at ease. Given that ServerPronto owns the network, facility, and infrastructure on which your servers run, security and reliability are guaranteed for your digital assets.

This means that you will have multiple security solutions for your digital assets, keeping your server secure and your data safe. Some of these solutions include:

  • McAfee Server Security
  • Idera (R1Soft) Managed Backup Solutions
  • Hardware RAID Configurations
  • Cisco and SonicWall Firewall Options
  • PCI Compliant Facility Security 

If you’re looking for a practical way to protect your network against crypto-mining malware attacks, take a look at the affordable and secure hosting services provided by ServerPronto.

Microsoft fixes a vulnerability detected in Windows Defender that has been present for 12 years
A security flaw was recently discovered in the Windows Defender antivirus, pre-installed by default in the Windows operating system that has gone unnoticed for 12 years. Last week the company announced a security patch to correct the bug.

According to the security company that discovered the flaw, SentinelOne, the security vulnerability allowed potential attackers to access Windows system security privileges, which are reserved exclusively for administrators. The vulnerability was found in Microsoft Defender, the antivirus pre-installed on Windows computers, and this means that the flaw was present in more than one billion devices worldwide.

As far as we have been able to learn, since 2009 this software had a driver known as BTR.sys, responsible for deleting the system file and other resources created by the malicious software on infected computers. The driver did not check in one of its processes whether the deleted and created files had been changed to a link, allowing an attacker to overwrite files on the device, an action exclusively reserved for the system administrator.

At the moment there is no evidence that the vulnerability has been exploited by cyber attackers and it may not have been detected in the 12 years that it has been present in the system.

It was just last Tuesday when the Redmond company released an update that put an end to the problem. It was dubbed CVE-2021-24092. The patch was automatically distributed to all Windows 10 users. However, devices with earlier versions such as Windows 7 remain vulnerable to potential attacks after the end of the company’s security support.

Amazon says its online cloud, which provides the infrastructure on which many websites rely, has fended off the most massive DDoS attack in history.

Distributed denial of service (DDoS) attacks are designed to knock a website offline by flooding it with huge amounts of requests until it crashes.

Amazon Web Services (AWS) said the February attack had fired 2.3Tbps. That is a little under half of all traffic BT sees on its entire UK network during a typical working day. The previous record, set in 2018, was 1.7Tbps.

“This is huge news for people in the industry,” said Lisa Forte, from Red Goat Cyber Security, warning it was “enormous” compared with the previous all-time high.

Biggest attack to date

“It is like comparing a moped to a super-car,” said Lisa “They are totally different beasts” she added, also stating that “These are outliers,” and reminded people that “as always with cyber-threats, we are in an arms race against attackers every day” and “This will definitely be an alarming revelation to many and could be a warning that we should not ignore.”

In a formal report about its DDoS protection service, AWS Shield, the company said the peak of the attack had been 44% larger than anything the service had seen before and resulted in a three-days of “elevated threat” status. Still, it did not identify what the attack had targeted website or online service.

Hard to track

DDoS attacks are relatively simple and rely on their sheer scale to be effective. They often utilize large numbers of machines compromised by malware to launch attacks, which can be purchased online from cyber-criminals relatively cheaply.

They have been used by groups such as the hacktivist collective Anonymous to target the websites of companies or local governments they disagree with.

However, protection services such as AWS Shield, Cloudflare, and Akamai, among others, have been used by many major online services in an attempt to limit their effectiveness.

Cloud hosting vulnerabilities

As a result of connectivity problems, billing issues, and more, developers are starting to retreat out of cloud environments and back to reliable dedicated hosting like ServerPronto.

There’s also the issue of security. The NSA says there are four classes of security vulnerabilities in the cloud, which include shared tenancy vulnerabilities, supply chain vulnerabilities, poor access controls, and misconfigurations. 

These just a few of the reasons web developers across the country are leaving cloud environments like AWS and jumping back to traditional computing resources.

Dedicated Servers: a More Reliable Option

Dedicated servers have become the norm for hosting many business-class websites, especially those that include a variety of data transfer and e-commerce functionalities. Dedicated servers remain popular because they tend to come with better cost-contained payment plans with rates set by ongoing competition in the marketplace.

Classic dedicated servers are a favorite of web administrators looking for consistency and predictability when it comes to operations and payments. They are still the best option for administrators who routinely create low-performance environments for testing and want to save money while doing so.

At ServerPronto, we offer several Dedicated Server options to fit any business need. Make sure to check them out!

Source: BBC

In their Annual cybernetic threats report, the cybersecurity firm Symantec says that they’ve blocked almost 4 million attacks of this type over the last year.

The Hijacking of data or Ransomware and Cryptojacking or use of a third party’s computer to mine cryptocurrencies, considered as the main cyber threats in the last years, a new one joins, Formjacking.

This modality comes into play when infected web servers remove the billing information of customers. In fact, during each month of 2018, more than 4.800 web sites were compromised by a Formjacking code. The cybersecurity firm Symantec says that they’ve blocked almost 4 million attacks of this type.

How does it work

In their Annual threats report, the company explains that formjacking has shown an exponential growth (and possibly big earnings for the delinquents), projecting a possible increase this year.

“By using third-party apps to infiltrate in the websites more frequently, formjacking also illustrates even further the dangers of the supply chain attacks, a growing weakness highlighted in last year’s report,” the firm indicated.

The crime operates with just a few simple lines of code loaded in a website, representing a significant threat for online retailers or anyone who collects personal identity information of their clients through their website.

Even though authorities and cybersecurity companies have strongly attacked modalities like ransomware and cryptojacking, these haven’t disappeared.

The report reflects that with cryptocurrencies devaluation, becoming rich through cryptojacking isn’t as easy as before, and some attackers have switched to more lucrative activities.

However, according to Symantec, the attacks are easy to instigate and manage, which means that those criminals who participate in the game in the long term can still make money. That firm claims to have blocked four times more cryptojacking attacks last year than in 2017 and stresses that it continues to be an active threat in 2019.

On the other hand, ransomware continues to offer the opportunity to generate large sums of money. The SamSam gang is estimated to have made $ 6 million from such attacks.

These criminals are increasingly targeting companies, a high-value target. Ransomware infections grew in business environments by 12%, while consumer infections decreased.

Consumers likely benefited from their increasing use of mobile devices, as criminals prefer Office attachments in email messages and PowerShell scripts, which do not work as well on mobile devices, to carry out their attacks. Ransomware.

“Despite these discoveries, the threat landscape is not just about crime and the search for money. Governments quickly adopted the internet for espionage and have used it for destructive purposes. At the end of last year, Shamoon re-emerged remarkably after a two-year absence, deploying file-deleting malware on computers in specific organizations in the Middle East,” Symantec explained.

Almost one in ten targeted attack groups already use malware to destroy and disrupt business operations, up 25% from the previous year.

“As attackers continue to use our tools against us, detection must evolve from identifying malware to determining intent. Solutions based on machine learning and advanced artificial intelligence, such as TAA, are increasingly crucial to detect attacks”, said Daryan Reinoso, Engineering Manager for Latin America at Symantec.

According to Reinoso, “it seems that no one would voluntarily carry a device that allows someone to spy on every thought, conversation, and movement. But today’s headlines indicate that we do. That device is our smartphone, and it’s not just about spymasters looking for information about us. Even legitimate applications are spying on us.”

Staying safe online

If you have any type of online shop or website that collects sensitive data from clients, a dedicated server is the safest option you have to keep your business and clients safe.

ServerPronto offers the best affordable and secure hosting service in all dedicated server packages.