Tag Archive for: Reports

Akamai Reports Massive Spike in Malicious Domain Activity

/in


Akamai reported today it identified nearly 79 million malicious domains in the first half of 2022, which collectively represent a little more than 20% of all the newly observed domains (NODs) accessed via its content delivery network (CDN) and other services the company provides.

That roughly equates to 13 million malicious domains per month, the report noted. Akamai researchers also noted that two weeks before Russia’s invasion of Ukraine, a spike in activity led to the identification of nearly 40,000 malicious NODs per day before reaching a peak of more than 250,000 unique malicious .ru domain names per day created in the second half of March.

Gregorio Ferreira, a data scientist for Akamai, said it’s difficult to assess just how many malicious domains there are in the world but it’s apparent the web is increasingly being overwhelmed. On a typical day, Akamai researchers observed approximately 12 million new NODs, of which slightly more than two million successfully resolved a DNS query.

Instances of Akamai CacheServe currently process more than 80 million DNS queries per second, or approximately seven trillion requests per day, from all over the world. Malicious actors often register thousands of domain names in bulk because if one or more of their domains are flagged and blocked, they can simply switch to one of the other domains they own. Most of those domain names are created programmatically using a domain generation algorithm (DGA). Many names in the NOD dataset look like names you’d never type into a browser window. Digits, for example, are often inserted into domain names to reduce the odds an automatically-generated domain has already been registered.

It’s not clear how all these malicious NODs will be operationalized, but it’s apparent that the level of scale at which malicious domains are created is part of a larger, unprecedented cyberwarfare strategy. While the number of malicious NODs being created is going to be a major concern for governments around the world, it’s usually businesses that wind up suffering the most collateral damage. The days when organizations could rely solely on a firewall and endpoint protection software to protect themselves from…

Source…

NAF, Inc. Reports Data Breach Following Unauthorized Access to the Organization’s Computer Systems | Console and Associates, P.C.

/in


On August 10, 2022, NAF, Inc. reported a data breach with the various state attorney generals’ offices. While these filings do not indicate which type of information was compromised as a result of the incident, based on state data breach reporting requirements, it is likely that the incident affected one or more of the following: Social Security numbers, protected health information, or financial account information. After confirming the breach and identifying all affected parties, NAF began sending out data breach letters to all affected parties.

If you received a data breach notification, it is essential you understand what is at risk and what you can do about it. To learn more about how to protect yourself from becoming a victim of fraud or identity theft and what your legal options are in the wake of the NAF data breach, please see our recent piece on the topic here.

What We Know About the NAF Data Breach

The information about the NAF, Inc. data breach comes from an official filing with the office of the Vermont Attorney General. According to the most current information, on March 30, 2022, NAF detected unusual activity within its computer network. In response, the organization secured its systems and contacted outside cybersecurity professionals to assist with the company’s investigation.

The NAF investigation confirmed that an unauthorized party gained access to the company’s computer network on March 19, 2022, which lasted until the company discovered the breach on March 30, 2022. The investigation also revealed that the unauthorized party had access to files on the NAF system that potentially contained sensitive consumer information.

Upon discovering that sensitive consumer data was accessible to an unauthorized party, NAF began the process of reviewing all affected files to determine what information was compromised and which consumers were impacted by the incident. In the organization’s most recent filings, it does not disclose the data elements that were compromised as a result of the breach. However, because organizations only need to report incidents that affect highly sensitive and personal information, there is a reasonable probability that the NAF data…

Source…

SPHINX Real-time Cyber Risk Assessment

/in



Open-source software risks persist, according to new reports

/in


Open-source software (OSS) has become a mainstay of most applications, but it has also created security challenges for developers and security teams, challenges that may be overcome by the growing “shift left” movement, according to two studies released this week.

More than four out of five organizations (41%) don’t have high confidence in their open-source security, researchers at Snyk, a developer security company, and The Linux Foundation reveal in their The State of Open Source Security report.

It also notes that the time to fix vulnerabilities in open-source projects has steadily increased over the last three years, more than doubling from 49 days in 2018 to 110 days in 2021.

The open-source debate: Productivity vs security

The report, based on survey of more than 550 respondents, also notes that the average application development project has 49 vulnerabilities and 80 direct dependencies where a project calls open-source code. What’s more, the report found that less than half of organizations (49%) have a security policy for OSS development or usage. That number is worse for medium- to large-sized companies: 27%.

“Software developers today have their own supply chains,” Snyk Director of Developer Relations Matt Jarvis explains in a statement. “Instead of assembling car parts, they are assembling code by patching together existing open-source components with their unique code. While this leads to increased productivity and innovation, it has also created significant security concerns.”

Shifting security left reveals vulnerabilities sooner

Another survey—the AppSec Shift Left Progress Report—suggests better OSS security can be achieved by moving security “left” or closer to the beginning of the software development lifecycle. The report, based on the users’ experience of ShiftLeft’s Core product, found that 76% of new vulnerabilities were fixed within two sprints.

Source…