Tag: Prevent | Page 2

CrowdStrike CEO says AI can help prevent ransomware attacks

November 29, 2023/in Internet Security

CrowdStrike CEO George Kurtz told CNBC’s Jim Cramer why AI can help companies fight against cybercrime.
“We can identify these pieces of ransomware without ever seeing them in the past. And that’s different than signature-based technologies that are out there today,” Kurtz said.

CrowdStrike CEO George Kurtz told CNBC’s Jim Cramer that using artificial intelligence is important in fighting increasingly sophisticated ransomware attacks.

“We can identify these pieces of ransomware without ever seeing them in the past. And that’s different than signature-based technologies that are out there today,” Kurtz said. “Right now, ransomware, on average is, $8.5 million per ransom event, which is double just over the last month.”

But as much as AI helps outfits like CrowdStrike, cybercriminals are also benefitting from it with “Dark AI” tools like FraudGPT. The new technology allows them to attack organizations without having a lot of knowledge in house, Kurtz said.

Kurtz stressed the importance of identity verification when it comes to preventing cybercrime, saying the biggest weakness is “between the keyboard and the chair,” or individuals. He said CrowdStrike’s technology gives extra identity challenges to adversaries, even if credentials have already been compromised, buying more time to stop them.

Publicly-traded companies are reassessing their cybersecurity measures since the Securities and Exchange Commission adopted new rules that require them to disclose breaches within four days. Kurtz said this has created more business for CrowdStrike.

“Those are tailwinds that we see in the business, and it’s something that every publicly traded company is going to have to deal with,” he said.

Jim Cramer’s Guide to Investing

Source…

5 cyber hygiene strategies to help prevent cyber attacks

September 14, 2023/in Internet Security

The world of cybersecurity is constantly inundated with news on the latest data breaches, cybercriminal attack trends, and security measures. And while that information is critical for adapting to the ever-changing nature of cybercrime, it’s also important to pay attention to foundational measures as well. Basic security hygiene still protects against 98% of attacks.

As companies become increasingly reliant on technology and online systems to conduct their business, meeting the minimum standards for cyber hygiene is essential for protecting against cyber threats, minimizing risk, and ensuring ongoing business viability.

Read on to learn what these standards are and how you can begin implementing them in your organization.

Increase your cyber hygiene in 5 steps

Require phishing-resistant MFA: Enabling multifactor authentication (MFA) can help prevent up to 99.9% of attacks. This is because MFA helps disrupt potential phishing attacks by requiring attacks to crack more than two factors of verification in order to gain access to your system.

However, in order for MFA to be effective, it must be frictionless. Options like device biometrics or FIDO2 compliant factors such as Feitan or Yubico security keys can help increase security without placing an additional burden on employees. Likewise, MFA should be strategically leveraged to help protect sensitive data and critical systems rather than applying it to every single interaction.

Finally, MFA should be easy for end users. Conditional access policies are a great solution here, as they can trigger two-step verification based on risk detections, as well as pass-through authentication and single sign on (SSO). This helps reduce the need for end users to navigate multiple sign-on sequences to access non-critical file shares or calendars on the corporate network as long as their devices are updated. It also eliminates the need for 90-day password resets.

Apply Zero Trust principles: Zero Trust acts as a proactive, integrated approach to security across all layers of the digital estate. Under the Zero Trust model, every transaction is explicitly and continuously verified; least-privilege access is enforced; and intelligence,…

Source…

TSMC, Apple’s Chipmaker, Hit with a Ransomware Attack, LockBit Asks for $70M to Prevent Leaks

June 30, 2023/in Internet Security

The famous technology company behind the Apple processors like the A-series Bionic chips and the M-series SoCs, was recently hit with a ransomware attack. The LockBit ransomware gang already took responsibility for the attack, notoriously known for its global activities and ties to Russia, having some of its members from the country.

It is demanding a $70 million ransom demand from the Taiwan Semiconductor Manufacturing Company (TSMC), or else it would leak all the stolen data it managed to steal from the company.

TSMC was Hit with Ransomware Attack, LockBit Demands $70M

(Photo : SAM YEH/AFP via Getty Images)
A security staff stands next to a logo of the Taiwan Semiconductor Manufacturing Co, (TSMC), during the investors conference in Taipei on July 16, 2014. TSMC, the world’s biggest contract microchip maker, was to release second-quarter earnings results at an online conference.

TechCrunch reported that TSMC’s partner was hit with a ransomware attack, more specifically, one of its IT hardware suppliers, Kinmax Technology, with LockBit already owning up to the attack. The ransomware group is demanding a ransom payment of $70 million to keep the stolen data from getting leaked to the public.

Kinmax made this known to TSMC, with the company’s services centering on setting up the server’s initial setup and configuration. The attacked company also said that several pieces of information were leaked last Thursday, but the reports did not expand more on how serious the attack was or how much was taken.

Other clients of Kinmax include Microsoft, Citrix, Cisco, VMWare, and HPE.

Stolen Sensitive Data Would be Leaked, is Apple Included?

As per 9to5 Mac, TSMC already confirmed that this attack did not affect its business operations and customer information, despite Kinmax Technology’s hand on its servers. This means that this should not be a massive cause of concern for TSMC’s customers, including Apple, one of its largest partners in the tech landscape.

TSMC and the LockBit Ransomware Gang

TSMC remains the top supplier of Apple for all chip…

Source…

WhatsApp Introduces New Device Verification Feature to Prevent Account Takeover Attacks

April 13, 2023/in Mobile Security

Apr 13, 2023Ravie LakshmananMobile Security / Privacy

Popular instant messaging app WhatsApp on Thursday announced a new account verification feature that ensures that malware running on a user’s mobile device doesn’t impact their account.

“Mobile device malware is one of the biggest threats to people’s privacy and security today because it can take advantage of your phone without your permission and use your WhatsApp to send unwanted messages,” the Meta-owned company said in an announcement.

Called Device Verification, the security measure is designed to help prevent account takeover (ATO) attacks by blocking the threat actor’s connection and allowing the target to use the app without any interruption.

In other words, the goal is to deter attackers’ use of malware to steal authentication keys and hijack victim accounts, and subsequently impersonate them to distribute spam and phishing links.

This, in turn, is achieved by introducing a security-token that’s stored locally on the device, a cryptographic nonce to identify if a WhatsApp client is contacting the server to retrieve incoming messages, and an authentication-challenge that acts as an “invisible ping” from the server to a user’s device.

The client is required to send the security-token every time it connects to the server. The security-token, for its part, is updated every time it fetches an offline message from the server.

An authentication-challenge is considered a failure when the client responds to the challenge from a different device, indicating an anomalous connection originating from an attacker. This causes the connection to be blocked.

Should there be no response from the client, the process is retried a “few more times,” after which the connection will be blocked if the client still doesn’t respond.

WhatsApp said Device Verification has been rolled out to all Android users and that it’s in the process of being rolled out to iOS users.

The feature is part of a broader set of new enhancements that are designed to authenticate and verify users’ identities, including displaying alerts when there is an attempt to migrate a WhatsApp account from one device to another.

Also launched by WhatsApp is a “Key…

Source…

Tag Archive for: Prevent

Jim Cramer’s Guide to Investing

TSMC was Hit with Ransomware Attack, LockBit Demands $70M

Stolen Sensitive Data Would be Leaked, is Apple Included?

TSMC and the LockBit Ransomware Gang