Apr272019 by genxwordadminNo Comments
City of Stratford Says Cyberattack Recovery Takes ‘Days, Not Hours’

City of Stratford Says Cyberattack Recovery Takes ‘Days, Not Hours’

Information Security, IT Support, News
City of Stratford Says Cyberattack Recovery Takes ‘Days, Not Hours’ It takes “days, not hours” to recover from the recent cyberattack that hit the City of Stratford, this according to the statement released by the City. Last April 14, the City of Stratford, Ontario announcedthat it was managing of what appears to be a cyberattack. More than a week after the initial cyberattack announcement, the City, in a statement, said that a virus encrypted the City’s data and locked the staff out. “We have now begun methodically unlocking and decrypting our systems,” the City said. “This is a thorough process that takes days, not hours.” In response to the cyber incident, the City said that it intentionally shut down its IT and email systems to contain the virus and in…
Read More
Apr182019 by genxwordadminNo Comments
New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk?

New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk?

Information Security, News
New Report Shows Security Vulnerabilities in Some VPN Products. Is Your Organization at Risk? The U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert that enterprise Virtual Private Network (VPN) products made by Cisco, Palo Alto Networks, F5 Networks and Pulse Secure have vulnerabilities that could compromise the security of users. The alert was issued in response to the disclosure made by the CERT Coordination Center (CERT/CC), the coordination center of the computer emergency response team for the Software Engineering Institute at Carnegie Mellon University. The following VPN products and versions, according to CERT/CC, store the cookie insecurely in log files: . Palo Alto Networks GlobalProtect Agent 4.1.0 for Windows and GlobalProtect Agent 4.1.10 and earlier for macOS0 (CVE-2019-1573) . Pulse Secure Connect Secure prior to 8.1R14,…
Read More
Apr112019 by genxwordadminNo Comments
How to Protect Your Organization from Spear Phishing Scams

How to Protect Your Organization from Spear Phishing Scams

Information Security, IT Support
How to Protect Your Organization from Spear Phishing Scams The recent revelation that the treasurer of the City of Ottawa unwittingly paid nearly US$100,000 to a phony supplier highlights the danger of spear phishing scams. The Office of the Auditor General of the City of Ottawarecently released its findings on how the City fell victim to a common fraud scheme in which US$97,797 was transferred to an account of a phony supplier. The Office of the Auditor General found that on July 6, 2018 at 10:29 am, the City Treasurer received an email from the City Manager. This email, which turned out to be a spoofed email, purporting to be coming from the City Manager when, in fact, it came from fraudsters or fraudster, requested that a wire transfer in…
Read More
Apr42019 by genxwordadminNo Comments
Are You Securing Your Data on the Cloud?

Are You Securing Your Data on the Cloud?

Information Security
Are You Securing Your Data on the Cloud? The discovery of millions of Facebook records openly exposed online as a result of the mishandling of Facebook’s third-party partners of their cloud data highlights the importance of the responsibility of organizations in securing customers data on the cloud. Researchers at UpGuardreported that they found two data sets owned by Facebook partners, Mexico-based media company Cultura Colectiva and the now defunct “At the Pool”, exposing a total of hundreds of millions of Facebook customer data. UpGuard found that the Cultura Colectiva data set exposed online 146 gigabytes, containing over 540 million Facebook records such as comments, likes, reactions and account names. The exposed database backup of At the Pool, meanwhile, contained columns for fk_user_id, fb_user, fb_friends, fb_likes, fb_music, fb_movies, fb_books, fb_photos, fb_events, fb_groups,…
Read More
Mar282019 by genxwordadminNo Comments
Software Updates: Gateway for Supply Chain Attacks

Software Updates: Gateway for Supply Chain Attacks

Information Security, IT Support, Security
Software Updates: Gateway for Supply Chain Attacks The confirmation by Taiwan-based tech giant ASUS that its software update was hijacked by cybercriminals to install malicious software (malware) on its customers’ notebook computers highlights the threat of supply chain attacks via software updates. A supply chain attack attempts to exploit the security vulnerability in a third-party service or software to compromise a final target. Hijacked software update is one of the most common forms of supply chain attack. Last March 26, ASUS, ranked by Gartner as the world's 5th-largest PC vendor in the 3rd quarter of 2018, asked its notebook computer customers to install the latest software update (version 3.6.8) after acknowledging that ASUS Live Update, a pre-installed software in ASUS notebook computers to ensure that the system always benefits from…
Read More
Mar212019 by genxwordadminNo Comments
How to Protect Your Organization’s Network from the Dangers of the Internet

How to Protect Your Organization’s Network from the Dangers of the Internet

Information Security
How to Protect Your Organization’s Network from the Dangers of the Internet The recent cyberattack at Norsk Hydro, one of the world’s largest aluminum producers, is the latest example of the dangers of connecting industrial control system (ICS) to the internet. Norsk Hydro, which was forced to issue its official statements via Facebookas a result of the cyberattack, said that the attack detected last March 18 hasn’t affected the company’s power plants as they’re running normally on isolated IT systems. The company, however, said that the cyberattack has impacted operations in several of the company’s business areas globally as the company’s worldwide network is down, forcing the company to switch to manual operations and procedures as far as possible. Norsk Hydro, which has its headquarters in Oslo, Norway operates in…
Read More
Mar142019 by genxwordadminNo Comments
Even Organizations Like NASA Get Failing Grade on Cybersecurity

Even Organizations Like NASA Get Failing Grade on Cybersecurity

Information Security
Even Organizations Like NASA Get Failing Grade on Cybersecurity The U.S. National Aeronautics and Space Administration (NASA) falls short on cybersecurity, managing only to get Level 2 rating on its cybersecurity programs – way below the acceptable Level 4 rating, this according to the audit report conducted by the Office of Inspector General (OIG). This is the second year in a row that the OIGhanded NASA the Level 2 rating. OIG rates cybersecurity programs from Level 1 to Level 5, with Level 5 as the highest rating and Level 4 as the passing rating using 61 metrics in the following 5 cybersecurity function areas: Identification Understanding to manage cybersecurity risk to systems, people, assets, data and capabilities Protection Appropriate safeguards to ensure delivery of critical services Detection Appropriate activities to…
Read More
Mar62019 by genxwordadminNo Comments
Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks

Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks

Information Security, IT Support
Microsoft Annual Security Report Highlights Surge in Supply Chain Attacks The newly released Microsoft Security Intelligence Report revealed that over the past few years, the increased number of supply chain attacks had become a primary source of concern in many IT departments. The Microsoft Security Intelligence Report Volume 24found that several cyberattacks were detected using compromised software supply chains in 2018. These supply chain attacks, Microsoft said, have affected a wide range of software and targeted organizations in different geographic locations and sectors. The Microsoft report compiled 6.5 trillion threat signals and was based on research and real-world experiences from thousands of security researchers and responders worldwide for the period of January 2018 to December 2018. What Is Supply Chain Attack?  In a supply chain attack, an attacker maliciously makes…
Read More
Feb272019 by genxwordadminNo Comments
More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows

Information Security, IT Support, Security
More than Half of Cyberattacks Exploit Tools that Already Exist on Targeted Computers, Study Shows A study conducted by IBM showed that more than half of cyberattacks exploit common administration tools or tools that already exist on targeted computers. IBM’s 2019 X-Force Threat Intelligence Indexshowed that more than half or 57% of cyberattacks leveraged common administration tools and in the process, evading detection, maintaining persistence and achieving their objectives. Living Off the Land The phrase “living off the land” is the term used for cyberattacks that leverage tools that already exist on targeted computers. This type of cyberattack blends in with common administration work, making detection more difficult. According to IBM, one of the common administration tools that’s often used by cyberattackers is PowerShell. What Is PowerShell? PowerShell is a…
Read More
Feb42019 by genxwordadminNo Comments
Online Marketplace Selling Hacked Server Credentials Taken Offline by Authorities

Online Marketplace Selling Hacked Server Credentials Taken Offline by Authorities

Information Security, News
Online Marketplace Selling Hacked Server Credentials Taken Offline by Authorities xDedic, an online marketplace for buying and selling hacked server credentials, is no longer accessible to users after authorities took it offline as part of the coordinated multi-country law enforcement action. Users who try to access the xDedic website are referred to a U.S. government site explaining that the online marketplace was taken offline. On January 24, this year, the U.S. Federal Bureau of Investigation (FBI) in pursuant to a seizure warrant issued by the U.S District Court for the Middle District of Florida seized the servers and domain names of xDedic. The seizure was made possible with the assistance of the authorities in Europe, including the Federal Prosecutor’s Office and the Investigating Judge of Belgium, the Ukrainian National Cyber…
Read More