Tag Archive for: IMPORTANT

Survey reveals the important role of ‘malicious insiders’ in successful ransomware attacks

/in


Details
Published: Thursday, 28 July 2022 09:11

Gigamon has published the State of Ransomware 2022 and Beyond report, aimed at providing valuable insights on how the ransomware threatscape is evolving. According to the global survey of IT and security leaders across the US, EMEA, and APAC, nearly one-third of organizations have suffered a ransomware attack enabled by a malicious insider – a threat seen as commonly as the accidental insider (35 percent). Furthermore, 59 percent of organizations believe ransomware has worsened in the last three months, with phishing (58 percent), malware/computer viruses (56 percent) and cloud applications (42 percent) cited as other common threat vectors.

As the ransomware crisis worsens, threat actors like Lapsus$ group are now well-known for preying on disgruntled employees to gain access to corporate networks – 95 percent (and 99 percent of CISOs/CIOs) view the malicious insider as a significant risk. 66 percent of these respondents now have a strategy for addressing both types of insider threats. However, the report says that it’s clear that many organizations lack the visibility required to distinguish which type of insider threat is endangering their business, which makes it significantly harder to mitigate risk.

Additional key findings include:

Ransomware is seen as a board-level priority
89 percent of global boardrooms see ransomware as a priority concern, a number that rises in the UK (93 percent), Australia (94 percent) and Singapore (94 percent). When asked how this cyber threat is viewed, the leading perception across all regions was that it is a ‘reputational issue’ (33 percent).

Cyber insurance is causing concern
57 percent of those surveyed agreed that the cyber insurance market is exacerbating the ransomware crisis. In APAC, where cyber insurance is most commonly employed, this concern is felt by 66 percent of Australian respondents and 68 percent of those in Singapore.

The US is leading the way with zero trust
While EMEA may have lost some confidence in implementing zero trust, 59 percent in the US agree that this framework is attainable.

More details.

Source…

Is Stopping a Ransomware Attack More Important than Preventing One?

/in


The sophistication and frequency of ransomware attacks is growing. According to Akamai CTO Robert Blumofe, ransomware has become “a repeatable, scalable, money-making business model that has completely changed the cyberattack landscape.” Conti, for example, the cybercrime giant that operates much like the businesses it targets – with an HR department and employee of the month – not only aims to make money but to carry out politically motivated attacks. (Learn more in our Ransomware Threat Report H1 2022.)

And although ransomware is still mostly targeted at large organizations, small to medium sized organizations are increasingly falling victim. Lincoln College in Illinois announced in May that it will close its doors after 157 years, citing a ransomware attack as a contributing cause.

How to avert a ransomware disaster

It makes sound security sense for organizations to put strong measures in place to stop ransomware from gaining access to their IT environments (often referred to as north-south movement). But our increasingly complex traffic flows coupled with distributed workforces have left many security organizations playing catch up and making tough decisions on tradeoffs. In this post-breach world, focusing on implementing microsegmentation to ensure the organization can stop a ransomware attack – rather than trying to prevent one – can be the best way to ensure there are no disasters.

Microsegmentation accomplishes two things organizations desperately need. The first is visibility. Enforcing a zero trust policy – which is the ultimate goal – begins with understanding the assets that are being protected and how they are (and should be) communicating with each other. Microsegmentation helps accomplish this using artificial intelligence (AI) and machine-learning (ML), which classifies traffic flows and labels data. Security teams then write rules with the confidence that those rules will do what’s needed: prevent malicious actions without disrupting the business.

Second, microsegmentation enables granular policies that restrict lateral movement to precisely prohibit malicious behavior without false positives. This is the coup de grace…

Source…

Important security tips for safe online banking

/in


Online Banking

Photo : iStock

New Delhi: Internet banking allows you to do transactions in a fast and convenient way. Internet banking has made all banking functions accessible through a few clicks. However, this facility needs to be used very carefully due to the risk of phishing – fraudulent means of attaining your confidential banking information. Here are the tips for safe online banking by SBI:

* Access your bank website only by typing the URL in the address bar of your browser.

* Be aware of downloading any malicious application from mobile application stores (Google Playstore, Apple App Store, Blackberry App World, Ovi Store, Windows Marketplace etc) that are offering Online Banking. Kindly check their authenticity before downloading, by contacting your Bank.

Related News

An increase of 164 per cent counterfeit notes Here is how to identify fake currency

An increase of 16.4 per cent counterfeit notes; Here is how to identify fake currency

Family pension from 2 sources Centre issues clarification regarding eligibility Check here

Family pension from 2 sources: Centre issues clarification regarding eligibility. Check here

* Do not click on any links in any e-mail message to access the site.

* SBI or any of its representatives never sends you email/SMS or calls you over phone to get your personal information, password or one time SMS (high security) password. Any such e-mail/SMS or phone call is an attempt to fraudulently withdraw money from your account through Internet Banking. Never respond to such email/SMS or phone call. Please report immediately on report dot phishing at sbi dot co dot in if you receive any such e-mail/SMS or Phone call. Please lock your user access immediately, if you have accidentally revealed your credentials. Click here to lock.

* Do not be lured if you receive an e-mail/SMS/phone call promising reward for providing your personal information or for updating your account details in the bank site.

* Having the following will improve your internet security:

* Newer version of Operating System with latest security patches.

* Latest version of Browsers (IE 7.0 and above , Mozilla Firefox 3.1 and above, Opera 9.5 and above, Safari 3.5 and above, Google chrome,etc.)

* Antivirus signatures applied

* Scan your computer regularly with Antivirus to ensure that the system is Virus/Trojan free.

* Change your Internet Banking password at periodical intervals.

*…

Source…

ROSEN, A TOP RANKED LAW FIRM, Encourages International Business Machines Corporation Investors with Losses Exceeding $100K to Secure Counsel Before Important Deadline in Securities Class Action – IBM | News

/in


NEW YORK, May 15, 2022 /PRNewswire/ —

WHY: Rosen Law Firm, a global investor rights law firm, reminds purchasers of the securities of International Business Machines Corporation (NYSE: IBM) between April 4, 2017 and October 20, 2021, inclusive (the “Class Period”), of the important June 6, 2022 lead plaintiff deadline.

SO WHAT: If you purchased IBM securities during the Class Period you may be entitled to compensation without payment of any out of pocket fees or costs through a contingency fee arrangement.

WHAT TO DO NEXT: To join the IBM class action, go to https://rosenlegal.com/submit-form/?case_id=5104 or call Phillip Kim, Esq. toll-free at 866-767-3653 or email [email protected] or [email protected] for information on the class action. A class action lawsuit has already been filed. If you wish to serve as lead plaintiff, you must move the Court no later than June 6, 2022. A lead plaintiff is a representative party acting on behalf of other class members in directing the litigation.

WHY ROSEN LAW: We encourage investors to select qualified counsel with a track record of success in leadership roles. Often, firms issuing notices do not have comparable experience, resources, or any meaningful peer recognition. Many of these firms do not actually handle securities class actions, but are merely middlemen that refer clients or partner with law firms that actually litigate the cases. Be wise in selecting counsel. The Rosen Law Firm represents investors throughout the globe, concentrating its practice in securities class actions and shareholder derivative litigation. Rosen Law Firm has achieved the largest ever securities class action settlement against a Chinese Company. Rosen Law Firm was Ranked No. 1 by ISS Securities Class Action Services for number of securities class action settlements in 2017. The firm has been ranked in the top 4 each year since 2013 and has recovered hundreds of millions of dollars for investors. In 2019 alone the firm secured over $438 million for investors. In 2020, founding partner Laurence Rosen was named by law360 as a Titan of Plaintiffs’ Bar. Many of the firm’s attorneys have been recognized by Lawdragon and Super…

Source…