Tag Archive for: Takeaways

IT Security Takeaways from the Wiseasy Hack

/in


Wiseasy Hack

Last month Tech Crunch reported that payment terminal manufacturer Wiseasy had been hacked. Although Wiseasy might not be well known in North America, their Android-based payment terminals are widely used in the Asia Pacific region and hackers managed to steal passwords for 140,000 payment terminals.

How Did the Wiseasy Hack Happen?

Wiseasy employees use a cloud-based dashboard for remotely managing payment terminals. This dashboard allows the company to perform a variety of configuration and management tasks such as managing payment terminal users, adding or removing apps, and even locking the terminal.

Hackers were able to gain access to the Wiseasy dashboard by infecting employee’s computers with malware. This allowed hackers to gain access to two different employee’s dashboards, ultimately leading to a massive harvesting of payment terminal credentials once they gained access.

Top Lessons Learned from the Wiseasy Hack

1 — Transparency isn’t always the best policy

While it is easy to simply dismiss the Wiseasy hack as stemming from an unavoidable malware infection, the truth is that Wiseasy made several mistakes (according to the Tech Crunch article) that allowed the hack to succeed.

For example, the dashboard itself likely exposed more information than it should have. According to Tech Crunch, the dashboard “allowed anyone to view names, phone numbers, email addresses, and access permissions”. Although the case could be made that such information is necessary for Wiseasy to manage terminals on their customers’ behalf, Tech Crunch goes on to say that a dashboard view revealed the Wi-Fi name and plain text password for the network that the payment terminal was connected to.

In a standard security environment, interface should never be designed to display passwords. The open display of customer information, without a secondary verification of the end-user, also goes against a zero-trust policy.

2 — Credentials alone won’t cut it

A second mistake that likely helped the hack to succeed was that Wiseasy did not require multifactor authentication to be used when accessing the dashboard. In the past, most systems were protected solely by authentication credentials. This…

Source…

3 key takeaways from our Consumer and Risk Report

/in


Cybersecurity professionals have had their work cut out for them during the pandemic.

In the second half of 2021, consumers flocked online to shop for the holidays, communicate with their banks, purchase event tickets, and more. In all of these online interactions, consumers expect both a streamlined user experience and high security standards. But the rapid rise in online traffic has made providing both elements a tall task.

DevOps Connect:DevSecOps @ RSAC 2022

To help businesses navigate these new expectations, our team used insights from our global platform to compile the Consumer and Risk Report. The report details how changes in digital customer experiences manifest in various industries and offers guidance on how companies can provide a seamless user experience while mitigating common cybersecurity risks in 2022 — and beyond.

To help build your knowledge of today’s top cybersecurity threats at all investment levels, here’s a breakdown of the types of fraud we see most often today — and what you can do about them.

Here are three of the report’s most important takeaways.

1. User experience is king (and that won’t change)

Consumers expected smooth digital experiences across all industries based on the data from the second half of 2021. More and more consumers digitized their day-to-day lives, with a 24% year-over-year increase in overall eCommerce traffic and a 12% year-over-year increase in digital banking traffic. For today’s users, the ease of online interactions is vital — more than three-quarters of consumers are more likely to recommend a brand because of the experience.

The challenge is providing an exceptional user experience while also improving online security since many traditional security measures create added friction. For example, adding authentication steps like a two-factor authentication (2FA) prompt or text code can turn trusted users away because it detracts from the user experience.

Achieving the right balance isn’t easy, but deploying device intelligence and collecting behavioral insights can help. These tools reduce friction for trusted users without jeopardizing customer security. More intelligent and layered security measures mean companies no longer have to choose…

Source…

The Conti Ransomware Leaks: Six Takeaways

/in


Information security, nation-state hacking, ransomware and malware have been front and center of the Russia-Ukraine conflict, with hackers on each side allegedly launching large-scale attacks against the infrastructure of their opponent.

Although Russia is infamous for its hacking activities and ransomware groups long believed to be protected by the country’s government, threat actors in other countries in eastern Europe are also involved in the ransomware-as-a-service industry. That apparently includes Ukraine, as a purportedly Ukrainian affiliate leaked multiple years of chat logs and files from the Conti ransomware group.

The Conti group is one of the most notorious ransomware actors in recent history, so the massive amount of data contained in the leaks gives us an unprecedented look into how the ransomware-as-a-service industry operates.

We spoke with Chester Wisniewski, a principal research scientist at Sophos, for more context on what we can learn from the Conti ransomware leaks.

Ransomware is very lucrative

The Conti ransomware leaks included information about just how lucrative ransomware can be, as the group’s primary Bitcoin wallet has had upwards of $2 billion deposited in the last two years.

The group is apparently so flush with cash that it was able to purchase a Zero Day exploit in Internet Explorer 11 to use as an attack vector in late 2020. This is relevant because Zero Day exploits are very expensive, with many going for several million dollars.

According to Wisniewski, this was always suspected, but there has never been confirmation that a ransomware group purchased zero day exploits.

“’These groups are really rich, so I wonder if they’re buying zero days, was always the narrative before this,” Wisniewski says. “We’ve never had confirmation of a zero day sale with a ransomware group, to my knowledge, so this was kind of interesting.”

Conti, Ryuk and Trickbot

It has long been thought that Conti was somehow affiliated with the Ryuk ransomware and the Trickbot malware operators, but there was never any proof.

The Conti ransomware leaks were being released via a Twitter account called @ContiLeaks, and a new account called @TrickbotLeaks also…

Source…

Key Takeaways from Federal R&D Workshop Focused on 5G Testing and Use Cases for Drones and Smart Warehouses | Wiley Rein LLP

/in


On April 27 and 28, 2021, the Networking & Information Technology Research-Development (NITRD), Advanced Wireless Test Platform (AWTP), and Federal Mobility Group (FMG) hosted a Workshop on the FMG’s Framework to Conduct 5G Testing (Framework), published last November. The purpose of the webinar was to “provide an overview of the process and the testing framework elements needed to conduct 5G testing for different use cases.” The workshop focused on two selected federal 5G use cases: unmanned aircraft systems (UAS or drones) and smart warehouses.

Below, we highlight several key takeaways from the workshop. 

First, the Framework aims to guide federal agencies in establishing 5G testing capabilities suited to their needs through either: (1) building or leasing a testbed from a carrier-grade equipment manufacturer; (2) using existing external labs and testbeds (e.g., a federal lab, university lab, or in coordination with DoD); or (3) through some combination of the two. 

Second, the National Science Foundation (NSF) is focused on how the Government is using both testbeds and data-driven research to support 5G use and innovation. NSF recently issued a Request For Information on dataset needs “to conduct research on computer and network systems,” with comments due by May 21.

Third, the FMG’s Mobile Security Working Group is focused on FISMA mobility metrics to drive key technologies like mobile threat defense, which aims to advance the overall security posture of the federal government on mobile platforms. 

Fourth, within NITRD and the AWTP there is a Wireless Spectrum R&D interagency working group (WSRD) that has been involved in the whole-of-government effort under the National Strategy to Secure 5G Implementation Plan’s Line of Effort 1.1, to assist with “[r]esearch, development, and testing to reach and maintain United States leadership in secure 5G and beyond.” WSRD’s work related to this Line of Effort remains ongoing.

5G Use Case: Drones

The workshop included several UAS use case panels, which discussed the use of cellular frequencies for drone operations and UAS Traffic Management (UTM) issues.

Christopher Nassif, from the Federal Aviation…

Source…