Tag Archive for: time

It's Time to Improve Cybersecurity Awareness Amongst Discord Users – devmio

/in



It’s Time to Improve Cybersecurity Awareness Amongst Discord Users  devmio

Source…

No federal privacy law? After the 23andMe hack, it’s time to take action

/in


This is a guest post by Kate Krauss, a digital rights advocate based in Philadelphia.

On Oct. 6, 23andMe announced the loss of customer data to hackers who targeted Ashkenazi Jews. The data of as many as a million people was reportedly stolen and is currently being sold anonymously on the Internet. The hack exploited customers who reused passwords and the platform’s feature called “DNA Relatives,” linking one person to another.

We won’t easily forget this awful hack — but every year, tens of millions of Americans become victims of information leaks, so many that they have begun to blur together. Microsoft, for one, has been hacked at least 10 times since 2018.

Victims range from ordinary people, like those in the 23andMe hack, to the most politically sensitive: the State Department’s China diplomats; the Secretary of Commerce. Hackers access people’s email and steal their social security numbers or their home addresses, and in one case, in-depth psychological profiles needed for top security clearances.

If we use the frog-in-hot-water analogy for Americans and their information privacy, this frog is dead.

Weak laws let companies get away with weak security.

Current US privacy laws are so ineffective that Europeans are afraid to send their data here lest it be hacked, leaked, or surveilled. This fear was the basis of the tensely negotiated “Data Privacy Framework” between the EU and the US over whether and how to allow the personal data of European citizens to be sent to this country.

Without the risk of a giant fine or, say, jail time, many tech giants can and do get away with managing their data security badly. They fail to update security keys, encrypt users’ credit card numbers or enforce multi-factor authentication.

Weak laws let companies get away with weak security. For instance, 23andMe didn’t require users to use two-factor authentication or warn users about the dangers of enabling “DNA Relatives.” If they have to pay a small fine — small to them — that’s the cost of doing business.

In 2019, the year that the Cambridge Analytica scandal caught up with Facebook, the company paid $5 billion to the FTC for illegally sharing…

Source…

Ransomware Dwell Time Hits Low Of 24 Hours

/in


(MENAFN– PR Newswire)
Analysis from Secureworks annual State of The Threat Report shows ransomware median dwell time has dropped from 4.5 days to less than 24 hours in a year

ATLANTA, Oct. 5, 2023 /PRNewswire/ — Ransomware is being deployed within one day of initial access in more than 50% of engagements, says Secureworks® (NASDAQ: SCWX ) Counter Threat UnitTM (CTUTM). In just 12 months the median dwell time identified in the annual Secureworks State of the Threat Report has freefallen from 4.5 days to less than one day. In 10% of cases, ransomware was even deployed within five hours of initial access.

“The driver for the reduction in median dwell time is likely due to the cybercriminals’ desire for a lower chance of detection. The cybersecurity industry has become much more adept at detecting activity that is a precursor to ransomware. As a result, threat actors are focusing on simpler and quicker to implement operations, rather than big, multi-site enterprise-wide encryption events that are significantly more complex. But the risk from those attacks is still high,” said Don Smith, VP Threat Intelligence, Secureworks Counter Threat Unit.

“While we still see familiar names as the most active threat actors, the emergence of several new and very active threat groups is fuelling a significant rise in victim and data leaks. Despite high profile takedowns and sanctions, cybercriminals are masters of adaptation, and so the threat continues to gather pace,” Smith continued.

The annual State of the Threat report examines the cybersecurity landscape from June 2022 to July 2023. Key findings include:

  • While some familiar names including GOLD MYSTIC (LockBit), GOLD BLAZER (BlackCat/ALPV), and GOLD TAHOE (Cl0p) still dominate the ransomware landscape, new groups are emerging and listing significant victim counts on ” name and shame” leak sites . The past four months of this reporting period have been the most prolific for victim numbers since name-and-shame attacks started in 2019.

  • The three largest initial access vectors (IAV) observed in ransomware engagements where customers engaged Secureworks incident responders were: scan-and-exploit,…

Source…

Hackers’ dwell time decline, but they are able to reach active directory very fast

/in


Even as the cyber threat landscape is becoming more complex and dangerous, there seems to be an increase in the awareness levels on the importance of guarding one’s digital properties and networks. This sounds very good and encouraging. But bad news is that the hackers are able to reach the Active Directory (AD), one of the critical assets for a company, in less than a day. 

AD typically manages identity and access to resources across an organisation, meaning attackers can use AD to easily escalate their privileges on a system to simply log in and carry out a wide range of malicious activity.

According to the latest report by cybersecurity company Sophos, the average dwell time (the time an intruder lurks around in a computer network or a device undetected) has come down to eight days from 10 days in the first half of 2023.

With regard to ransomware attacks, the dwell time comes down to five days. In 2022, the median dwell time decreased from 15 to 10 days.

Also read: India’s AI talent pool on LinkedIn has grown 14-fold since 2016

The Active Adversary Report for Tech Leaders 2023, which provides an in-depth look at attacker behaviours and tools during the first half of 2023, analysed Sophos’ Incident Response (IR) cases from January to July 2023.

“It took on average less than a day—approximately 16 hours—for attackers to reach Active Directory (AD),” he said.

“Attacking an organisation’s Active Directory infrastructure makes sense from an offensive view. AD is usually the most powerful and privileged system in the network, providing broad access to the systems, applications, resources, and data that attackers can exploit in their attacks,” John Shier, field CTO, Sophos, said.

“When an attacker controls AD, they can control the organisation. The impact, escalation, and recovery overhead of an Active Directory attack is why it’s targeted,” he said.

“Getting to and gaining control of the Active Directory server in the attack chain provides adversaries several advantages. They can linger undetected to determine their next move, and, once they’re ready to go, they can blast through a victim’s network unimpeded,” he said.

Full recovery from a domain compromise…

Source…