Tag Archive for: security

Top 5 Global Cyber Security Trends of 2023, According to Google Report

/in


It is taking less time for organisations to detect attackers in their environment, a report by Mandiant Consulting, a part of Google Cloud, has found. This suggests that companies are strengthening their security posture.

The M-Trends 2024 report also highlighted that the top targeted industries of 2023 were financial services, business and professional services, tech, retail and hospitality, healthcare and government. This aligns with the fact that 52% of attackers were primarily motivated by financial gain, as these sectors often possess a wealth of sensitive — and therefore valuable — information.

Percentage of threat groups with different motivations in 2023.
Percentage of threat groups with different motivations in 2023. Image: Mandiant Consulting

Financially-motivated activity was found to have gone up by 8% since 2022, which is partially explained by the parallel rise in ransomware and extortion cases. The most common ways that threat actors gained access to a target network were through exploits, phishing, prior compromise and stolen credentials.

Dr Jamie Collier, Mandiant Threat Intelligence Advisor Lead for Europe, told TechRepublic in an email: “Despite the focus on ransomware and extortion operations within the security community, these attacks remain effective across a range of sectors and regions. Extortion campaigns therefore remain highly profitable for cyber criminals.

“As a result, many financially-motivated groups conducting other forms of cyber crime have transitioned to extortion operations in the last five years.”

TechRepublic takes a deeper look into the top five cyber security trends of 2023 and expert recommendations highlighted by the 15th annual M-Trends report:

  1. Global organisations are improving their cyber defences.
  2. Cyber criminals have an increased focus on evasion.
  3. Cloud environments are being targeted more often.
  4. Cyber criminals are changing tactics to bypass MFA.
  5. Red teams are using AI and large language models.

1. Global organisations are improving their cyber defences

According to the M-Trends report, the median dwell time of global organisations decreased from 16 days in 2022 to 10 days in 2023 and is now at its lowest point in more than a decade. The dwell time is the amount of time…

Source…

Microsoft uncovers a security vulnerability that could be a threat to billions of Android devices

/in


Android logo on smartphone stock photo (8)

Edgar Cervantes / Android Authority

TL;DR

  • Microsoft has uncovered a security vulnerability affecting Android apps named “Dirty Stream.”
  • This could allow attackers to execute malicious code within popular apps, potentially leading to data theft.
  • The flaw is widespread, with Microsoft identifying vulnerable apps that have billions of combined installations.

Microsoft has brought to light a critical security loophole, potentially affecting countless Android applications. Dubbed “Dirty Stream,” this vulnerability presents a serious threat that could grant someone the ability to take control of apps and steal valuable user information. (h/t: Bleeping Computer)

The heart of the “Dirty Stream” vulnerability lies in the potential for malicious Android apps to manipulate and abuse Android’s content provider system. This system is typically designed to facilitate secure data exchange between different applications on a device. It includes safeguards such as strict isolation of data, the use of permissions attached to specific URIs (Uniform Resource Identifiers), and thorough validation of file paths to ward off unauthorized access.

However, careless implementation of this system can open the door to exploitation. Microsoft’s researchers found that incorrect use of “custom intents” — the messaging system that allows Android app components to communicate — can expose sensitive areas of an app. For example, vulnerable apps may fail to adequately check file names or paths, granting a malicious app the chance to sneak in harmful code camouflaged as legitimate files.

What’s the threat?

By exploiting the Dirty Stream flaw, an attacker could trick a vulnerable app into overwriting critical files within its private storage space. Such an attack scenario could result in the attacker seizing total control over the app’s behavior, gaining unauthorized access to sensitive user data, or intercepting private login information.

Microsoft’s investigation revealed that this vulnerability is not an isolated issue, as the research found incorrect implementations of the content provider system prevalent across many popular Android apps. Two notable examples are Xiaomi’s File…

Source…

Taiwan Issues Travel Warnings as China Enacts Expanded Security Law – TaiwanPlus News | National

/in





Source…

Ripple effect: Local agencies ramp up security after state, national cyberattacks on water supplies | News, Sports, Jobs

/in


Razor wire tops the fence around the Altoona Water Authority Lake Altoona pump station along Veterans Memorial Highway in Logan Township.
Mirror photo by Patrick Waksmunski

Late last year, the public water system in Aliquippa was one of several across the U.S. that was attacked by Iran-affiliated hackers, who hit Israeli-made computer equipment used to control water system operations.

At the time, officials with the Municipal Water Authority of Aliquippa said the cyber group, known as Cyber Av3ngers, took control of one of their booster stations. An alarm went off as soon as the hack occurred, officials said.

The Aliquippa authority shut down its automated system and went to manual operations, maintaining service without interruption, it was reported.

That attack and others on critical infrastructure systems has led the federal government to develop a playbook to guard against the ever-increasing sophistication of hackers.

It’s a case of constant vigilance that includes common-sense “cyber 101” efforts, like creating strong passwords, firewalls and multi-factor authentication, according to David Hozza, assistant teaching professor for cybersecurity at Penn State’s College of Information Sciences & Technology.

A warning sign is posted on the gate at the Altoona Water Authority’s Mill Run Reservoir.
Mirror photo by Patrick Waksmunski

The need for such precautions “is not going to go away any time soon,” said Aaron Moyer, the Altoona Water Authority’s IT services coordinator.

‘Zero trust model’

The Altoona Water Authority “ramped things up,” starting about three years ago, after an incident in Florida that “was an eye-opener for everybody,” Moyer said some months ago.

The Florida incident involved hackers breaking into a system and attempting to increase the feed rate for a chemical, Hozza said, adding that an operator recognized the anomaly and shut the system down, preventing potential harm.

Since then, the Altoona authority has adopted a “zero trust model,” Moyer said.

That is an IT security regimen that requires strict identity verification for every person and device that tries to access resources, according to an online definition.

If the…

Source…