Tag: Susceptible | SpinSafe

Why containers are susceptible to ransomware and what to do about it

May 4, 2023/in Internet Security

Details: Published: Thursday, 04 May 2023 09:25

What are the key vulnerabilities that make containers susceptible to ransomware attacks and how can organizations effectively mitigate these weaknesses? Anthony Dutra looks at these questions.

With the demand for data being higher than ever, vulnerabilities and risks to data integrity are increasing – particularly for organizations that are refactoring their applications for Kubernetes. As attacks continue to rise exponentially, organizations need to come to terms with the fact that no application is safe from ransomware.

Though Kubernetes and containers allow for a variety of benefits, including the refactoring of key legacy applications, those adopting these containers often quickly realise that data protection and security concerns are a significant challenge for operations – with the security risks they pose proving to be a stumbling block for organizations.

When it comes to ensuring that containerized applications are protected against ransomware and other potential security threats, those responsible for refactoring applications should specifically be addressing the top container security risks by both working with native features and seeking out necessary integrations.

Pods open entry points for malicious actors

Refactored containerized applications often originate from legacy code and are typically already running on bare metal servers or virtual machines. However, the process of refactoring is not without challenges, as it may require modifications to existing application elements to support containerization. This can hinder organizations from fully realising the anticipated benefits of containerization, particularly in terms of improved security, which is often cited as a key objective.

These challenges can have a significant impact on security in various ways. For instance, Pods are critical components of Kubernetes deployments, responsible for hosting containers for each application process. Each Pod is assigned its own IP address and can communicate directly with other Pods. However, the recommended practice is to use Services, which are sets of Pods accessible through a single, fixed DNS name or IP address. Many…

Source…

Defense Contractors Highly Susceptible to Ransomware

November 19, 2021/in Mobile Security

Even as cybercriminals take aim at critical infrastructure, many of the United States’ top 100 federal contractors are inadequately prepared to repel ransomware attacks.

These were among the findings of a report from Black Kite, which assessed the cybersecurity risk posture of U.S. defense contractors and found 20% of the country’s largest 100 contractors were highly susceptible to a ransomware attack.

The study found 42% of defense contractors have had at least one compromised credential within the past 90 days, and 40 contractors received an “F” grade in credential management.

Overall, the top 100 federal contractors averaged a “ransomware susceptibility index” score of 0.39, but 20% scored above the critical threshold of 0.6, according to the report.

Crossing the Threshold

By comparison, earlier Black Kite reports showed that 10% of pharmaceutical manufacturers and 49% of automobile manufacturers were above what Black Kite considered a critical threshold, indicating they were highly susceptible to ransomware attacks.

“We’re continuing to see the exact same issues pop up through industries—issues that should be addressed by basic cybersecurity hygiene,” said Bob Maley, chief security officer at Black Kite. “These are defense contractors that should be taking advice from the Department of Homeland Security. The attack vectors for ransomware aren’t new.”

He pointed out that Homeland Security has been issuing alerts on what people should be doing to protect themselves in these particular areas over the past decade.

“So, it’s not that bad actors are finding new things to exploit to make ransomware effective,” he said. “They’re exploiting issues that have been around for a long time that people just aren’t paying attention to.”

Maley explained there is no single category of malicious actor perpetuating threats against federal contractors: Generally speaking, the types of actors that are a threat here are the people that may not necessarily target defense contractors specifically because they may not even know that they are doing so.

“They’re bad actors that will target a company that is vulnerable and that looks like they have enough financials to…

Source…

Half of Android Handsets Susceptible to Clever SMS Phishing Attack

September 4, 2019/in Mobile Security

Researchers say an attacker could send a rogue over-the-air provisioning message to susceptible phones and route all internet traffic through a hacker-controlled proxy.
Mobile Security – Threatpost