Tag Archive for: Hybrid

Crypters in the C2C markets. Ransomware attacks continue. Canada will exclude Huawei from 5G. Notes from the hybrid war.

/in


Dateline Moscow, Kyiv, Berlin, Rome, Washington, Beijing: Russia reconstitutes its forces, under pressure.

Ukraine at D+85: Russian attempts to reconstitute its forces, under pressure. (The CyberWire) Russian forces appear to attempting to consolidate their positions in the Donbas and along the Azov coast while their government seeks to reconstitute the units that have taken severe personnel and equipment losses during the invasion of Ukraine. Cyber phases of the war continue to concentrate on disinformation and nuisance-level attacks, many of these conducted by nominal hacktivists.

Russia’s invasion of Ukraine: List of key events, day 86 (Al Jazeera) As the Russia-Ukraine war enters its 86th day, we take a look at the main developments.

Russia’s invasion of Ukraine: List of key events, day 85 (Al Jazeera) As the Russia-Ukraine war enters its 85th day, we take a look at the main developments.

Russia-Ukraine war: what we know on day 85 of the invasion (the Guardian) Russia says 1,730 fighters at Azovstal plant have surrendered since Monday; ‘culture of cover-ups’ in Russian military, says UK’s MoD

Russia could actually lose territory amid Ukraine war disaster (Newsweek) The U.S. ambassador to Ukraine said Russian troops could be expelled from more regions they had occupied, which raises the prospect of Moscow losing Crimea.

‘Now we get hit too’: Belgorod, the Russian city on the Ukraine frontline (the Guardian) Locals speak of a tense atmosphere after a number of attacks – and reports of Ukrainian saboteurs

Red Cross registers hundreds of Ukrainian POWs from Mariupol (AP NEWS) The Russian military said Thursday that more Ukrainian fighters who were making a last stand in Mariupol have surrendered, bringing the total who have left their stronghold to 1,730, while the Red Cross said it had registered hundreds of them as prisoners of war.

Ukrainian POWs Could Face Real Legal Jeopardy in Russia (World Politics Review) This week, speculation has been intense about the fate of the hundreds of Ukrainian soldiers who surrendered to Russia in Mariupol. While it is easy to dismiss Russia’s claims against the prisoners as propaganda, the Geneva Conventions would allow Russia to…

Source…

Pandemic Two Years On: The Security Challenge of Hybrid Working

/in


Two years ago, the Covid-19 pandemic forced millions of workers across the globe into remote working and turned the way we work on its head. Prior to the pandemic, flexible or remote working arrangements had been the exception in most organisations – yet overnight it became the norm.

Since then, you couldn’t move for endless (and varied) commentary about the ‘future of work’ – with predictions ranging from the complete abolition of offices, collapse of co-working spaces through to the return of full time office presence. Two years on and we’ve settled on a more middle ground – hybrid work.

The New Normal

As lockdown restrictions ease across the globe, we’ve witnessed many different approaches to hybrid working – whether a formal company policy, or a ‘choose how you work’ model. However, no matter the approach, one thing remains clear – flexibility is here to stay.

There have been many studies that reinforce this – and all of them put the onus on the employer. Global research from The Adecco Group found that 40% of workers are considering moving to jobs with more flexible options, 80% of employees said they’d be more loyal to their employer if they provided flexible working options according to Flexjobs, and the Gartner 2021 Digital Worker Experience Survey found that 43% said that flexible working hours helped them be more productive.

The benefits of a more hybrid model of working is therefore clear and resound – yet, as with any new trend, it brings with it a fresh and unique set of challenges from a security perspective.

Security Challenges of Hybrid Working

Risks in the connected home

IoT devices continue to grow in popularity – whether it’s smart assistants, fridges, doorbells, or thermostats. While they seem unconnected to working life, these devices create more entry points for cyber criminals. If a cybercriminal can hack a smart device (which aren’t always designed with safety in mind), they gain entry to any other device on the same network – including corporate devices. Luckily, many manufacturers are now taking IoT security a lot more seriously and adopting a security by design approach. For consumers, device security starts and…

Source…

Phases of Russia’s hybrid war. Stone Panda’s back. Bogus sites harvest credentials. Stone Panda’s back. CISA issues guidance.

/in


Dateline Moscow, Kyiv, Prague, Berlin, Brussels, London, New York, Washington: a lull in maneuver, but a continuation of fire (and cyber ops).

Ukraine at D+41: Russia reconstitutes maneuver forces; expect fire and cyber. (The CyberWire) Infantry and armor withdraw from the north of Ukraine, but Russian artillery continues its reduction of such Ukrainian cities as are within range. Cyber operations continue, and Ukraine is apparently getting some help from abroad (at least some defensive help).

Live Updates: U.N. Security Council to Meet as Evidence of War Crimes Mounts (New York Times) China and Russia are unlikely to support any measures that France, the U.S. and Britain propose. European leaders sought to impose more sanctions, but were divided on whether to ban Russian natural gas.

When It Comes to U.N. Diplomacy, Not All Abstentions Are Equal (World Politics Review) Abstentions at the U.N. may seem like a way to avoid hard choices on tough crises. But U.N. diplomacy is rarely that simple. In recent weeks, U.N. members from China to Burkina Faso have abstained on votes in U.N. forums on the war in Ukraine, or just not voted on them. What do such ambiguous votes and nonvotes mean?

Russia-Ukraine war: what we know on day 42 of the Russian invasion (the Guardian) Donetsk governor says Russian artillery has killed civilians at aid point, while Russian governor claims border guards were fired at

Russia’s invasion of Ukraine: List of key events on Day 42 (Al Jazeera) As the Russia-Ukraine war enters its 42nd day, here is a look at the main developments.

Russian military ‘weeks’ from being ready for new push as war takes its toll (The Telegraph) ‘Significant movement’ of troops away from Kyiv to regroup, rearm and resupply as Nato appeals to allies for weapons to reinforce Ukraine

Russia’s failure to take down Kyiv was a defeat for the ages (AP NEWS) Kyiv was a Russian defeat for the ages. The fight started poorly for the invaders and went downhill from there. When President Vladimir Putin launched his war on Feb. 24 after months of buildup on Ukraine’s borders, he sent hundreds of helicopter-borne commandos — the best of the best of Russia’s “spetsnaz” special forces…

Source…

Hybrid work trend ensures another year of online vulnerability

/in


Secon Cyber predicts 2022 will be another eventful year of vulnerability exploits, account takeover attacks, phishing, and ransomware. 

With the easing of Covid restrictions and much of the workforce back in the office, many people find themselves in the position of choosing between working remotely or splitting their time between the office and home. 

“This work-life shift means that businesses need to continue to be vigilant and address the multiple vulnerabilities that still linger,” says Secon chief security evangelist, Andrew Gogarty.

“Over the last two years, organisations have quickly pivoted to remote working and accelerated cloud adoption to support business continuity during the global pandemic. This anywhere access to business-critical data resulted in security gaps and created challenges in maintaining effective cybersecurity.”

He says that as reports of multiple breaches and ongoing ransomware threats continue, Secon has highlighted ten core security risks businesses need to address throughout 2022:

Ransomware: Ransomware continues to impact organisations and remains an ongoing concern. Many organisations have matured their backup and recovery approaches over the last few years with a view of being able to recover their data and environments should ransomware break through defences. Secon says this approach has helped affected organisations avoid paying ransom demands to recover their data. However, ransomware will continue to prevail as one of the most significant risks to organisations. 

Cloud Breaches: “The Cloud helps organisations improve agility through expedited application rollouts, leverage automation and integrations to simplify operations, and ultimately reduce costs to increase revenues,” says Gogarty.

“As cloud adoption continues to increase throughout 2022, we expect to see an increase in unauthorised access and data breaches due to avoidable security gaps presented by misconfigurations and human error.” 

Vulnerability exploits: The growth in zero-day exploits is likely to become a bigger problem for security operations teams to manage going forward. As a result, Secon expects to see increased adoption of Zero Trust in 2022 to help…

Source…