Tag: adoption | SpinSafe

India Braces Against Phishing, Ransomware Surge and Alert Fatigue, Urging Swift Adoption of AI, and Automation for Security Operations

March 12, 2024/in Internet Security

Fortinet^®, the global cybersecurity leader driving the convergence of networking and security, has revealed the outcomes of a new survey conducted by IDC on the state of Security Operations (SecOps) in the Asia-Pacific region. The survey, commissioned by Fortinet, provides valuable insights into the current SecOps landscape, emphasizing the role of Artificial Intelligence (AI) and automation. It explores various aspects, including prevalent security practices, attack frequency and impact, detection and response times, alert fatigue, the status, and impact of automation in SecOps workflows, and challenges related to skill development within the SecOps domain. Key findings from India include:

Current Security Challenges: Threats and Team Readiness

Most Common Cyber Threats: Phishing and Insider threats are the most predominant cyber threat in India, with Approximately 50% of organizations ranking them as their top concerns. The top five threats include phishing, insider threats, ransomware, unpatched vulnerabilities, and identity theft.

Ransomware Surge: Ransomware incidents have doubled across India, with 70% of organizations reporting at least a 2X increase in 2023, compared to 2022. Phishing and malware are the primary attack vectors. Other significant vectors include social engineering attacks, insider threats, and zero-day exploits.

Insider Threats and Remote Work: 88% of the respondents feel that Remote work has led to an increase in insider threat incidents. Insufficient training, lack of employee care, and inadequate communication contribute to this surge, emphasizing the need to address human factors in cybersecurity.

Resourcing IT Security Teams: Only 44% of businesses have dedicated IT resources for security teams. This augments the challenges faced by organizations in strengthening their security measures.

Impact of Emerging Technologies: Hybrid work, AI, and IT/OT system convergence pose significant challenges. Cloud technology adoption emerges as a primary challenge, impacting organizational vulnerability to cyber threats.

SecOps SOS: Struggles with Alert Fatigue and Threat Containment

Threat Containment and Preparedness: Approximately one out of three…

Source…

NCC urges adoption of two-factor authentication to protect telegram accounts against attack – The Sun Nigeria

November 22, 2022/in Computer Security

From Adanna Nnamani, Abuja

The Nigerian Communications Commission’s Computer Security Incident Response Team (NCC-CSIRT) has advised users to adopt two-factor authentication to protect their Telegram accounts and to avoid downloading unauthorized Advanced IP Scanner Software.

This, the NCC says is in response to the discovery of a new attack that compromises victims’ VPN (Virtual Private Network) accounts to compromise messaging app, Telegram.

According to a statement from the Commission, Ukrainian cyber experts discovered the attack, which uses Vidar Malware (Vidar Stealer) to steal Telegram session data, which in the absence of configured two-factor authentication and a passcode, allows unauthorized access to the victim’s telegram account and corporate account or network.

“The malware, which exploits unauthorized access to users’ Telegram accounts and corporate accounts to steal data, targets platforms across iOS, Android, Linux, Mac and Windows Operating Systems.

“The Ukrainian CERT alleged that a Somnia Ransomware was created to be used on Telegram that tricks users to download an installer that mimics ‘Advanced IP Scanner’ software, which contains Vidar Malware. The installer infects the system with the Vidar stealer, which steals the victim’s Telegram session data to take control of their account.

“The threat actors abuse the victim’s Telegram account in some unspecified manner to steal VPN connection data (authentication and certificates). If the VPN account is not protected by two-factor authentication passcode, the hackers use it to gain unauthorized access to the victim’s employer’s corporate network”, the alert and advisory states.

“Once inside, the intruders conduct reconnaissance work using tools like Netscan, Rclone, Anydesk, and Ngrok, to perform various surveillance and remote access activities, and then deploy a Cobalt Strike beacon, exfiltrating data using the Rclone program,” the report stated.

“The CSIRT is the telecom sector’s cyber security incidence centre set up by the NCC to focus on incidents in the telecom sector and as they may affect telecom consumers and citizens at large. The CSIRT also works collaboratively with…

Source…

Zero trust security adoption sees a rise 27% in just two years, says TeleGeography

July 8, 2022/in Internet Security

Global telecommunications market research and consulting firm, TeleGeography, revealed that 35% of Wide Area Network (WAN) managers implemented one or more elements of zero trust security (ZTS) and Secure Access Service Edge (SASE) on some of their company’s networks in 2021.

TeleGeography’s latest WAN Manager Survey says that this is an increase from 8% in 2019.

TeleGeography’s latest survey analysed 185 companies and revealed that almost 100% of respondents who adopted ZTS had multi-factor authentication in place.

Other popular ZTS policies were single sign-on, privileged access management, and remote user and device access policies. User behavior analytics was not adopted much.

“An increase in remote work is a big factor. It’s definitely driving up demand for zero trust solutions. With many companies making remote work a permanent structure, we expect zero trust adoption to continue to grow,” said Greg Bryan, Senior Manager at TeleGeography. “Cloud adoption and local internet breakouts have also been long-standing drivers of zero trust, in addition to SD-WAN.”

The survey also mentions the top security vendors that WAN managers use to protect their networks. One third respondents are leveraging a mix of security vendors for their network security sourcing strategy. The most used security vendors for hardware-based internet security, as per the survey, are Palo Alto, Cisco, and Fortinet.

“It’s worth noting that, as adoption grows, we’re seeing the knowledge gap narrow. Just 8% of respondents were unfamiliar with zero trust in 2021, compared to one in five in 2019. We also see fewer respondents who either had not started or were just beginning their implementation journey when asked about their deployment pipeline,” Bryan added. “Without a doubt, zero trust has not just progressed in awareness, but in adoption.”

TeleGeography’s WAN Manager Survey represented companies with a median revenue of $10 billion. IT managers designing, sourcing, and managing U.S. national, regional, and global corporate WANs have rendered their responses for this survey. This latest report comprises 60 new responses across various industries collected in 2021.

Click here to…

Source…

Cyber Security Today, April 15, 2022 – A new botnet discovered, low MFA adoption and a Struts bug finally patched

April 15, 2022/in Internet Security

A new botnet discovered, low MFA adoption and a Struts bug finally patched.

Welcome to Cyber Security Today. It’s Friday April 15th, 2022. I’m Howard Solomon, contributing reporter on cybersecurity for ITWorldCanada.com. Thanks for taking the time to tune in if this is a holiday Friday for you.

&nbsp

A new denial of service botnet has been discovered by security researchers in China. Called Fodcha, it’s adding 100 new infected devices to the estimated 62,000 enslaved devices already on the network. Most are in China. Devices are being compromised by Fodcha malware either through known vulnerabilities or weak passwords on Android servers, GitLab accounts and certain brands of routers. Some are made by Totolink. Last week I reported that another botnet was also compromised of certain unpatched models of Totolink routers.

I regularly quote cybersecurity experts saying implementing multifactor authentication is one of the best things IT leaders can do to lower the risk of a successful cyberattack through compromised passwords. So, here are some disturbing numbers from a report released this week by Trellix: Less than half of U.S. government agency respondents to a survey said their organization has fully developed MFA. At least that’s better than the critical infrastructure sector — which includes banks, transportation companies and utilities. Only 37 per cent of American firms in that sector had implemented MFA. Guest commentator Terry Cutler and I will talk about MFA and other identity management technologies in the Week in Review podcast later today.

Apache has admitted a fix for the Struts Java web application development platform issued two years ago didn’t do the job. It has now put out what it says is a patch that solves the problem. It’s serious enough that the U.S. Cybersecurity and Infrastructure Security Agency is urging users to upgrade to version 2.5.30.

Attention hospital IT administrators: If your facility uses the Aethon TUG wireless smart robot cart for delivering medicine or maintenance supplies, the Homebase server needs to be patched. Researchers at Cynerio have discovered five vulnerabilities that could allow an attacker to take remote…

Source…

Tag Archive for: adoption