Industry Resource
Links to articles relating to asset management and cloud computing

Industry Resource - Sep 2019


Don t Put the Custom Processes Cart Before the Best Practices Horse

Although custom processes may be useful in some IT Asset Management (ITAM) programs, implementing them before employing established best practices can be counter-productive The International Association of Information Technology Asset Managers, Inc. (IAITAM) has developed a set of best practices necessary for successful ITAM programs through its 12 Key Process Areas (KPAs). The first step in establishing a program using best practices is to become educated on what they are. Once a practitioner understands how these best practices impact the overall program, a program can be developed to meet the unique needs of their organization. Dr. Barbara Rembiesa, President and CEO of IAITAM, noted that obtaining executive buy-in to the program and using tools such as an automated discovery tool and centralized repository are necessary to ensure overall success. Each of these supplements supports the KPAs and creates a stronger program.
Click here to read more

Microsoft Tenant-Level Services Licensing Guidance

Microsoft defines a tenant-level service as an online service that, when purchased for any user in the tenant, (either as a standalone or as part of Office 365 ), is activated in part or in full for all users in the tenant. Although some unlicensed users may technically be able to access the service, a license is required for any user that is intended to benefit from the service. Some tenant services are not currently capable of limiting benefits to specific users, and It management should undertake efforts to limit the service benefits only to licensed users. Doing so will help avoid potential service disruption to the organization once targeting capabilities are available. (Go to https://docs.microsoft.com/en-us/office365/servicedescriptions/microsoft-365-service-descriptions/microsoft-365-tenantlevel-services-licensing-guidance for more details.) The issue here is license compliance. It addresses the impact of an organization s lack of controls in the management of their software estate. Unless that organization has a sound software asset management program or monitors software compliance, it could easily be subject to unplanned costs in the form of software licensing and subscription services.
Click here to read more

A Free Trick for Fake Apps To Steal Your Data

Fake apps are attracting users with free apps, and install malware to access personal data and tracking devices as part of the process. These apps target popular, viral apps that allow in-app purchases. The fake app business has been estimated at $2.3 billion globally for just the first half of 2019. The fake apps are developed by extracting the original apps using their APK files and then creating new APK files with a similar name. These apps are usually shared through APK, SDK files in closed networks. Stolen user information is sold to companies or leaked. These apps also use stolen data to create fake accounts on online services and steal user identities. It managers are encouraged to scan mobile devices for unapproved apps.
Click here to read more

Cybersecurity: 99% Of Email Attacks Rely On Victims Clicking Links

According to Proofpoint's Annual Human Factor Report, almost all successful email-based cyberattacks depend on the target to open files, click on links, or perform some other action.
Only a tiny fraction of attacks rely on exploit kits and known software vulnerabilities to compromise systems. However, 99% of campaigns require some level of user input to infect the system. Phishing attacks are becoming increasingly sophisticated and it is often difficult for users to distinguish a malicious email from a regular. Attackers now design attacks to appear as if they originate from a trusted source, such as cloud service providers, colleagues, or even the boss.
Click here to read more

Microsoft Patches Two Zero-Days in Massive September 2019 Patch Tuesday

As part of the company's monthly release of security updates, Microsoft recently published 80 security fixes for 15 products and services. Two are so-called zero-day vulnerabilities were patched as part of this release. They are CVE-2019-1214 and CVE-2019-1215 which are elevation of privilege (EoP) vulnerabilities. These vulnerabilities can be exploited by malware to gain the ability to run malicious code with administrator privileges on infected systems. Microsoft didn't reveal any details of how the two bugs were being exploited in the wild. It managers can use their IT asset management toolds to identify any systems that remain unpatched and afre still vulnerable.
Click here to read more

8 Signs You re About To Be Audited For Non-Compliance

Software audits are often conducted by major software vendors such as Oracle, Microsoft and IBM when they detect circumstances or business practices that indicate potential non-compliance with the terms of the ELA. Some of the major triggers include:

  • A recent merger, acquisition or divestment

  • Your firm backed out of a purchase

  • Past proof of noncompliance

  • Lack of a SAM solution or license management practice

  • Published reports of instability in the organization

  • The software sales rep is suspicious

  • Recent projects to virtualize or move to the cloud

  • The licensing expert leaves


Use of a comprehensive ITAM tool can help management prepare for an audit or take pre-emptive measures to insure license compliance.
Click here to read more

Microsoft Urges Windows Users To Install Emergency Security Patch

Microsoft has issued an advisory to all Windows users to install an emergency out-of-band security patch as soon as possible. The company said that a security flaw in Internet Explorer could enable an attacker to remotely run malicious code on the user s device and take full control of that device. A user could become infected by visiting a malicious web page or by clicking on a malicious link in an email. Microsoft said the vulnerability was under active exploitation, however details of the flaw have not been made public. Most users can install the patches using Windows Update. Microsoft also issued a fix for its in-built malware scanner Windows Defender. The flaw could have been used to trigger a denial-of-service condition. IT managers can use their ITAM tools to scan for unpatched devices.
Click here to read more

Delete These 25 Malware-Infested Android Photo-Editing Apps ASAP

Cybersecurity firm Symantec announced that it found over two-dozen Android photo-editing and fashion apps in the Google Play Store contained malware. The infected apps were downloaded more than 2 million times. After Symantec reported the malicious apps to Google all the apps have since been removed. Users are cautioned to re view all of the apps on their devices and remove the malicious apps as soon as possible. A complete list of the affected apps can be found on the link below.
Click here to read more

Industry Resource - Aug 2019


What May Trigger A Software Audit?

Each signed software license agreement includes some sort of audit clause stating that the software publisher can conduct a license compliance verification (AKA software audit). When organizations receive the audit letter they often question why they were selected Understanding audit triggers can helps a company predict if and when a software audit may be performed. Some common triggers include: a) a license period of longer than three years, b) termination of the support agreement, c) dignificant changes in the IT infrastructure, d) increase in the total number of employees, e) a merger or acquisition, f) expiration of the agreement, g) suspect true-up reports, h) support tickets and/or training requests for software not included in the license, and i) change in ownership of the software publisher.
Click here to read more

Making the Case for ITAM in Secure Computing Environments

In today s uber-connected computing environment, the concept of an air-gapped, locked down, and stand-alone data center running proprietary special use software is an anachronism. Even the most secure military data systems use some commercial off-the-shelf (COTS) software and almost all IT environments are networked. Procurement and IT managers and officers look for the best hardware and software configurations needed to meet a specific goal and integrate them into existing data centers and networks. Having been common practice for a period of years, this model raises the questions, What exactly are we running? and What do we need? A secure, approved and flexible IT asset (ITAM) management solution can help answer those questions.
Click here to read more

New Windows Malware Sets Up Proxies on Your PC To Relay Malicious Traffic

Proofpoint researchers recently analyzed new malware strain named SystemBC that is targeting Windows systems. SystemBC malware installs a proxy on infected computers and rarely comes alone. The presence of this malware on any system usually indicates that the computer was also infected by a second threat. The SystemBC malware is an on-demand proxy component that any malware operator can integrate and install on compromised computers alongside their primary software. Proofpoint noted that malware operators have used exploit kits to infect hosts and then used SystemBC's proxying capabilities to disguise their malware s activity. Fundamentally, if an IT manager detects SystemBC, there's a high probability that there is a second malware strain on the system and removing SystemBC won't solve the problem.
Click here to read more

An Nvidia Vulnerability Has Been Found. It s Time to Update Your Drivers

Nvidia recently published a security bulletin alerting users that the GPUs in its GeForce, Quadro, and Tesla product lines are all affected by serious vulnerabilities. The vulnerabilities can impact local code execution and privilege escalation. They are in all versions of numerous driver tracks provided by the company for its hardware. Nvidia has issued new patched versions of all of its GeForce and many of its Quadro drivers, patches for some of its Quadro and Tesla drivers have not been released, and in some cases won t be ready for several weeks. IT managers can use their IT asset management software to locate unpatched systems and take the necessary action to update those systems.
Click here to read more

Microsoft: Russian State Hackers Are Using IoT Devices To Breach Enterprise Networks

A Russian state-sponsored hacking groups is attacking IoT devices to breach corporate networks. Microsoft noted that its staff spotted one group attempting "to compromise popular IoT devices across multiple customer locations." Microsoft said the group tried to exploit a VOIP phone, an office printer, and a video decoder. In its report Microsoft wrote that "The investigation uncovered that an actor had used these devices to gain initial access to corporate networks. In two of the cases, the passwords for the devices were deployed without changing the default manufacturer's passwords and in the third instance the latest security update had not been applied to the device." The company also said that these recent attacks include indicators of compromise (IoCs) such as IP addresses of the hackers command and control (C&C) servers, which organizations can block on their networks.
Click here to read more

Researchers Discover Troubling New Security Flaw in All Modern Intel Processors

BitDefender researcjers have discovered a significant security vulnerability in all modern Intel processors. The flaw can enable a hacker to access the computer s kernel memory, potentially provide ng access to highly sensitive information. The vulnerability affects all machines using Intel processors that support the SWAPGS system call. SWAPGS allows the processor to swap
between the kernel mode and user mode memory rings and is a component of the speculative execution features present in most modern processors. BitDefender has worked with Intel, Microsoft and the Linux Foundation to develop a fix that remedies the problem. The company advises users install the latest security patches from their operating system manufacturer with haste. It mangers can also install BitDefender Hypervisor Introspection, which guards against many chip-level attacks. A fully functional IT asset management system, such as the one supplied by xAssets, can be used to identify patched systems and to determine if the BitDefender Hypervisor Introspection software is installed.
Click here to read more

Popular Avaya Enterprise VoIP Phones Are Vulnerable To Hacking

McAfee researchers disclosed a serious remote code execution vulnerability in enterprise Avaya VoIP desk phones. The flaw enables hackers to gain full control of the devices, listen to calls and turn the phone into a spying device. The vulnerability is located in the DHCP service, which allows the devices to automatically obtain IP addresses on the network. Attackers can send maliciously modified DHCP responses to the devices, which do not require authentication. Firmware updates have been available since June 25 of this year.
Click here to read more

Be Cautious When Installing Free Apps from Google Play Store; Over 1,600 Bugs Found In Backend Systems

Cybersecurity researchers have identified over 1,600 vulnerabilities in the ecosystem supporting the 5,000 most popular free apps on the Google Play Store. Although the researchers from Georgia Institute of Technology and The Ohio State University studied only applications in the Google Play Store, some iOS apps may use the same backend systems. The vulnerabilities, affecting multiple app categories, could allow hackers to break into databases that include personal information and potentially into the devices themselves.
Click here to read more

Remote Code Execution Is Possible By Exploiting Flaws in Vxworks

Eleven zero-day vulnerabilities in WindRiver s VxWorks, a real-time OS, have been discovered by network security vendor Armis. The software is in use across an advertised 2 billion connected devices. Over half of the vulnerabilities could allow remote attackers to access unpatched systems without any user interaction, even if protected by a firewall. The vulnerabilities impact all devices running VxWorks version 6.5 and later. VxWorks 7,which was issued July 19 of this year, patches the flaws. Consequently, the attack windows may have been open for more than 13 years. Affected devices included SCADA controllers, patient monitors, MRI machines, VOIP phones and even network firewalls. Users in the medical and industrial fields should be particularly attentive about patching the software. IT managers can utilize their IT asset management tools to identify vulnerable devices..
Click here to read more

Unpatchable Security Flaw Found In Popular SoC Boards

Security researchers from F-Secure have discovered an unpatchable security flaw Xilinx s system-on-chip (SoC), multi-processor system-on-chip (MPSoC), and radio frequency system-on-chip (RFSoC) products. F-Secure said that the Encrypt Only secure boot mode of these SoCs contains two security flaws one of which cannot be patched using a software update, and requires "a new silicon revision" from the vendor. In a security advisory released following F-Secure's findings, Xilinx said it updated its technical manuals advising equipment vendors using Zynq UltraScale+ SoCs to use the stronger Hardware Root of Trust (HWRoT) secure boot mode instead of the weaker Encryption Only one. The company noted that "The HWRoT boot mode does authenticate the boot and partition headers." +
Click here to read more

Cybersecurity: This Trojan Malware Being Offered For Free Could Cause Hacking Spike

A new version of a powerful form of the NanoCore RAT (Remote Access Trojan) malware is being offered on the dark web for free. One cybersecurity company warned that it could lead to a rise in attacks targeting passwords, bank details and other personal information, even by crooks with limited technical skills. Discovered by security researchers at LMNTRIX Labs, NanoCore provides hackers with a variety of attacks against Windows systems, including password theft, keylogging and secretly recording audio and video footage using the system s webcam. NanoCore is distributed using email phishing attacks and is often designed to look like invoices or purchase orders with attachment names designed to get victims to click on an attachment.
Click here to read more

Cybersecurity Alert: 34% of Vulnerabilities Found This Year Remain Unpatched

Even though during the first half of 2019, there have been about 4,000 fewer entries in the common vulnerabilities and exploits (CVE) database, over 30% of the more than11,000 reported vulnerabilities remain unpatched. Nearly na quarter of all vulnerabilities originate from five companies: Software in the Public Interest (Debian and related platforms), SUSE, Oracle, IBM, and Microsoft. Given the proliferation of platforms from those organizations, it's reasonable to assume most organizations are affected by at least one of those vulnerabilities reported in 2019, and possibly by some that remain unpatched. The most common vulnerabilities, which account for more than half, are remote ones. Remote vulnerabilities occur over a network and are perpetrated by an attacker without prior access to a system. Along with remote vulnerabilities, context-dependent, local, and mobile exploits are included, but in far smaller percentages.
Click here to read more

BitDefender Confirms Security Flaw In Free Windows Antivirus 2020, Millions At Risk -- Update Now

Recently, researchers from the security firm SafeBreach revealed a critical security flaw in BitDefender's popular and latest free antivirus for Windows. The flaw allows hackers to entirely take over a user's computer. Peleg Hadar, one of the researchers, noted that" The vulnerability gives attackers the ability to load and execute malicious payloads using a signed service. This ability might be abused by an attacker, for example, to achieve Application Whitelisting Bypass for purposes such as execution and evasion." The vulnerability affects only the free product, not Antivirus Plus 2020 or GravityZone Security as they are different products. BitDefender has published a security advisory regarding the vulnerability as well as a patch to correct the flaw. It managers are urged to use their IT asset systems to identify unpatched systems.
Click here to read more

Do Self-Service and Low-Code Curb Shadow IT?

Shadow IT has typically been driven by two factors; impatience and a desire to go beyond IT-sanctioned technology. For years organizations have been trying to strike a balance between business unit effectiveness and enterprise risk management. Some of these efforts include department-specific IT budgets and the partial decentralization of IT. In 2017 Gartner estimated that shadow IT would account for nearly 40%of all technology purchases (go to https://www.gartner.com/smarterwithgartner/make-the-best-of-shadow-it/ ). The reality is the IT group can t completely eliminate shadow IT, but it can minimize its negative effects by working with the business units, providing self-service tools and using shadow IT asset management discovery tools.
Click here to read more

Industry Resource - Jul 2019


Don't Play the Victim: #HowTo Create a Ransomware Backup Plan

In today s computing environment there is no single defense against ransomware. Malware spreads like a virus as soon as makes contact with your network. Ransomware enables cyber-criminals to start encrypting files on start-up drives and quickly go to attacking data on shared networks. Firms need a multi-level backup strategy to ensure their mission critical data can t be held for ransom. Companies should start by inventorying and isolating their backup systems. Utilizing cloud storage as a backup storage solution is the ideal solution. As it is isolated from the main network and updated with the latest security policies, cloud storage is a secure, low cost and scalable defense. In addition to isolating the backup systems, regular data replication, ensures that backup data is current and available. A sensible approach is to maintain at least three copies of data, on two devices and with one copy offsite
Click here to read more

US Cyber Command Issues Alert About Hackers Exploiting Outlook Vulnerability

The US Cyber Command recently issued an alert about threat actors abusing an Outlook vulnerability to plant malware on government networks. It cites recent use of the CVE-2017-11774 vulnerability, which was patched by Microsoft in the October 2017 Patch Tuesday. The Outlook bug enables a threat actor to run malicious code on the underlying operating system The Cyber Command alert advises IT managers to insure all their Outlook systems are patched. IT managers can easily identify any vulnerable systems using the company s ITAM solution.
Click here to read more

Strengthening ITAM by Curing HAM

When compliance issues and software audits become a focus of attention it s easy to overlook the hardware aspects of IT asset management. However there are significant opportunities for cost savings and efficiency when IT Asset Managers practice good Hardware Asset Management (HAM). HAM best practices ensure an IT Asset Management (ITAM) program will be successful. Without HAM, Software Asset Management (SAM) could easily fail. Software can affect the hardware environment, just as hardware can affect what software should be licensed. Software purchases often require an assessment of the hardware assets in use. Taking HAM into consideration with SAM procedures will save money, improve efficiency, and result in improved overall ITAM operations.
Click here to read more

Oracle to Release Critical Patch Update

Oracle released its Critical Patch Update in mid-July, which included seven new fixes for the Oracle database server. The July Critical Patch Update consists of a collection of patches for multiple security vulnerabilities, including 322 new fixes. In its announcement Oracle stated that "Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products. Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible." IT managers can utilize ITAM resurces to identify patched and unpatched systems.
Click here to read more

Lenovo NAS Firmware Flaw Exposes Stored Data

Researchers from Vertical Structure and WhiteHat Security recently revealed that thousands of users of Lenovo network-attached storage devices are vulnerable to data compromise due to a firmware-level flaw. The flaw enables unauthenticated users to view and access data stored on the devices. To make matters worse it is trivially easy to exploit via the Application Programming Interface. An initial investigation uncovered over 5,000 of the devices exposed on the Internet exposing over 3 million files. The affected devices include several models of Iomega's StorCenter and LenovoEMC's series of NAS systems. Lenovo is no longer supporting or maintaining several of the impacted models as they have reached end-of-life status. IT managers can identify any affected devices using their ITAM toolset.
Click here to read more

If You Installed FaceApp, You Should Be Aware Of Its Privacy Policy

Users who downloaded FaceApp to predict what they will look like in old age may be upset to learn what they agreed to in the app s terms and conditions. In fact the content of the legal document is exceedingly vague. It gives the publisher rights to use the likeness, name and username of the users for any purpose. By accepting the agreement they consent to those terms forever, even if they delete the 9information. As FaceApp was developed in Russia, some speculate the app could be used to build a database of photorealistic avatars that could result in a far more convincing fake profiles on social media.
Click here to read more

CCPA/ GDPR Compliance

Many firms are working to insure their company is compliant with the California Consumer Privacy Act (CCPA) , which become effective in January of 2010. CCPA established California consumer rights including personal data request, erasures and opt-outs from organizations that store their personal information. The scope of this regulation impacts any company that stores personal data of California consumers. The act also sets a new standard for data security, requiring IoT devices transmitting or storing personal information to be encrypted to prevent data breaches. Without an efficient way of managing and locating data carrying IoT devices well compliance with CCPA can be a daunting task for organizations with thousands of IT assets.
Click here to read more

Software Licensing: Changing Terminology without Changing the Lingo

As the software business changes software asset managers need to remain current with the ever changing terms and conditions of software licenses. As the licensing models evolved terminology that may be used for more than one purpose had also evolved. One example is the word subscription. When subscription licensing first came on the scene, it was straightforward. Licensees paid an annual, fixed term, to use the software. Subscription is now being used in conjunction with maintenance agreements, and the term subscription support, or subscription maintenance has come about. However, as the terms do not have a common meaning. software asset managers must know exactly what is being offered with these new terms
Click here to read more

Office 365 Declared Illegal In German Schools Due To Privacy Risks

The German state of Hesse recently ruled that its schools may not legally use the Office 365 cloud product. Although the press release specifically targets Office 365, it also notes that Apple and Google cloud suites also do not satisfy German privacy regulations for use in schools. It does appear that the the Hessian commissioner for Data Protection and Freedom of Information (HBDI) would rather not ditch Office outright, but wants to pressure Microsoft into compliance with German law. The HDMI specified the conditions under which schools could continue to use and that the contents of Windows 10 and Office 365 telemetry be revealed in full. Until those conditions are met, HBDI says, "schools can use other tools such as on-premise licenses on local systems."
Click here to read more

This New Android Ransomware Infects You Through SMS Messages

Researchers recently discovered a strain of ransomware that attacks Android mobile operating system utilizing SMS messages. Named Filecoder, the malware has been active since early July of 2019. It is being spread through malicious posts in online forums that include Reddit and the Android developer messaging board XDA Developers. The majority of the malicious posts attempt to entice victims to download the malware by associating it with pornographic material and disguising domains with bit.ly links. Once installed Filecoder raids the victim's contact list and sends text messages to every entry. The link is advertised as a photo app but it is actually a malicious app harboring the ransomware.
Click here to read more

Industry Resource - Jun 2019


How the Energy Sector Can Defend Against DoS Attacks

According to the Department of Energy, in March 2019, an energy company that provides power to customers in three western U.S. states was hit with an extended denial of service cyber-attack. Although the attack did not cause service interruptions to customers, it did impact electrical system operations for nearly half a day. That event was caused by a known vulnerability and could have been prevented by installing a previously published software update. This case illustrates the vital importance of basic blocking-and-tackling security measures such as patching, in preventing DoS attacks. A comprehensive IT asset management program can be used to easily identify vulnerable systems and unpatched software.
Click here to read more

Cybersecurity: One In Three Breaches Are Caused By Unpatched Vulnerabilities

IT security professionals admit that a third of all data breaches are the result of vulnerabilities that they should have already patched. Software vendors are constantly publishing new patches to fix problems in their software; however, the users must apply the patches. Failure to do so opens them to attack via the backdoors that the vendors have patched. Finding the systems that need to be patched can be a challenge - nearly 60% of respondents indicated they can detect new hardware and software on their network within hours. But for the rest, it's a difficult manual effort for many, with nearly 40% saying less than half of their assets are discovered automatically. A fully functional IT asset management solution can be a key factor in managing the patching process and curing known vulnerabilities.
Click here to read more

NSA Warns Microsoft Windows Users of Cyber-Attack Risk

US officials at the National Security Agency (NSA) and Microsoft executives have warned that older versions of the programs may be vulnerable to malware. NSA officials indicated that a flaw known as "BlueKeep" exists in older editions of Microsoft Windows. Microsoft echoed the advisory saying that some older versions of Windows" could be vulnerable to cyber-attacks. The company urged those customers to update as soon as possible." The "BlueKeep" flaw can leave computers vulnerable to infection by viruses through automated attacks or by the downloading of malicious attachments. Firms still running Windows 7 systems can identify vulnerable systems using their IT asset management tools.
Click here to read more

The Case Against Knee-Jerk Installation Of Windows Patches

Every computer system needs to get patched eventually, but maybe not immediately. There are highly unusual patches, for example, patches for EternalBlue/WannaCry and BlueKeep, that should be applied right after they re released. However, in the vast majority of cases, waiting a week or two or three to install the latest crop of Windows and Office patches makes sense. Except for patches aimed at fixing sever vulnerabilities, IT managers who waited 1-3 weeks to install the latest patches weren t impacted. Few just-patched security holes turned into genuine mass-market malware in a matter of weeks. Conversely, hundreds of recent patches have brought down some Windows machines.
Click here to read more

5 Software License Purchasing Best Practices

Software license management can be a difficult job. Most firms have multiple software license types and extensive dispersion that govern their use of the code. It is critical that the Software Asset Manager (SAM) be able to collect and utilize information in a way that creates value and efficiency for the company. Following is a collection of best practices for purchasing software licenses:
1. Take Inventory co-locate the company s licenses in a centralized location
2. Maintain Proof of Purchase (POP) records the company must be able to prove its right to use the software
3. Track Usage knowing what licenses are in use and which are not has multiple benefits
4. Update updates help tailor the amount and type of licenses to best meet the company s needs
5. Self-Audit conducting a self-audit for compliance has multiple benefits.
Click here to read more

How Proper IT Asset Management Allows for Proper Decision Making

In too many cases IT asset or equipment management has been an afterthought in the purchase/lease decision. In reality, it should be placed at the forefront of all IT purchase decisions. A strong ITAM program is essential to a leasing program. Firms should develop a cost/benefit analysis comparing leasing and purchasing options. This effort should include the total lifetime cost of those assets, payment structure, frequency, tax benefits, life expectancy, remarketing and redeployment of retired assets, which are all part of an ITAM framework. It is important to determine if the software licenses are included in the lease program or if they are in addition for these programs and services. Lastly, consider if the maintenance program meets the organizational needs. Do the assets include a standard manufacturer s warranty or must the firm purchase a services warranty from the lessor?
Click here to read more

ITAM Policy Compliance in the Workplace

The employee handbook, AKA the employee manual or company policy manual, is used by almost every major organization. They typically cover all regulations governing employee behavior. However, few include policies regarding use of the organization s IT assets. IT asset managers can, and should, have input on the document. Examples of what ITAM-related terms could be made part of the document include:
a. employees should not install software on the organization s computers
b. employees should not use or install rogue assets
c. employees should go through a request process with the Help Desk and ITAM department to obtain required software or hardware.
Lack of clear ITAM-related regulations can lead to security breaches, new vulnerabilities and the risk of failing a software audit.
Click here to read more

76% of Mobile Apps Have Flaws Allowing Hackers to Steal Passwords, Money, and Texts

According to a recent report issued by Positive Technologies' Vulnerabilities, both Android and iOS mobile apps contain high-risk vulnerabilities. The report noted that Android devices are slightly more at risk (43% vs. 38%) than their iOS counterparts. Over 75% of all apps contain an insecure data storage vulnerability which can enable hackers to steal sensitive information stored on the device. Nearly 90% of the discovered vulnerabilities could be exploited by malware. Firms can mitigate the risks by enforcing an approved app list for devices used in the workplace and by using their ITAM solution to scan all devices used on the network.
Click here to read more

Hackers Are Poking at a MacOS Flaw Apple Left Unfixed

A recently discovered vulnerability in Apple s MacOS Gatekeeper software could allow malware to be installed on a system undetected. Gatekeeper scans apps that are downloaded from outside of Apple s App Store to determine if they ve been code-signed. An app is code-signed to ensure that its software comes from the developer it claims to and that it hasn t been tampered with. Gatekeeper also maintains a blacklist of identified malware. However, Gatekeeper doesn t treat all files equally, and it considers applications whose origins are from external drives or shared over a network, as safe. Consequently, if you can convince a user into opening a file with a symbolic link to a Network File System, the hacker can insert malware onto the victim s system without Gatekeeper intercepting the download.
Click here to read more

Industry Resource - May 2019


50,000 Companies Exposed To Hacks of 'Business Critical' SAP Systems: Researchers

Security researchers recently discovered new ways to exploit vulnerabilities of SAP systems that haven t been properly protected. They published the tools to protect those systems. Up to 50,000 companies running SAP software are at risk of being hacked. SAP said it issued guidance in 2009 and 2013 on how to correctly configure the security settings. However, data compiled by the security researchers at Onapsis indicates that 90% of affected SAP systems have not been properly protected. Onapsis Chief Executive, Mariano Nunez, said that Basically, a company can be brought to a halt in a matter of seconds. With these exploits, a hacker could steal anything that sits on a company s SAP system and also modify any information there so he can perform financial fraud, withdraw money, or just plainly sabotage and disrupt the systems. SAP stated that it always strongly recommends that customers install security fixes as they are released. IT managers can use their ITAM solutions to locate unpatched systems.
Click here to read more

Cisco Issues Critical Security Warning For Nexus Data-Center Switches

Cisco recently issued 40 security advisories however only one of them was deemed critical. That vulnerability is in the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode data-center switch and could enable an attacker to secretly access system resources.
The vulnerability has a Common Vulnerability Scoring System importance of 9.8 out of 10. It involves a problem with Secure Shell (SSH) key-management that allows a hacker to connect to the affected system with the privileges of a root user. The vulnerability affects Nexus 9000s running a Cisco NX-OS software release prior to 14.1. Cisco noted that there were no workarounds to address the problem and has released a free software update that addresses the vulnerability. IT managers can utilize their IT asset management solutions to locate switches without the software fix.
Click here to read more

Measure for Success: The Four Guideposts for ITAM Processes

Peter Drucker coined the phrase, You can t manage what you can t measure . This philosophy extends to the management of ITAM processes. Effective ITAM processes must meet stakeholder requirements while including components needed to manage the process. Utilizing checkpoints that test the function, quality, efficiency and risk of the process are the four key components that ITAM professionals need to construct, to ensure sound ITAM processes that can be measured.
Click here to read more

Building A SAM Program: Update Existing Or Rip & Replace ?

Developing a Software Asset Management (SAM) program or organization would seem to be a straightforward and simple process. Every IT operation has a framework for the who , what , where , when , why and how of SAM. There is even an ISO standard (ISO 19770) that describes this framework and provides a roadmap for SAM organizations. However, the reality of SAM is that the process cannot be developed in a vacuum. Building a SAM operation from scratch based on the ISO 19770 standard and framework would be a great approach if the SAM program was being developed and deployed as the company was being established. However, because SAM supports the broader corporate structure, it must be integrated within defined and existing organizational processes and procedures. SAM is not a standalone function but acts as a provider of data and information critical to many facets of the organization, including finance, risk management, IT security, development, procurement, human resources and many more.
Click here to read more

Enterprise It Asset Management (ITAM)

As the Information Technology (IT) industry rapidly evolves it is critical that organizations maintain their ongoing efforts to manage the entire spectrum of their IT assets. This includes desktop PCs, laptops, software licenses, phones, servers, printers, routers and switches. An effective enterprise ITAM program provides a multitude of business benefits. They include, but not limited to, enforcing compliance, mitigating risks, increasing the ROI on IT assets, securing information, reducing costs, supporting business continuity, enabling growth, and protecting the integrity of the organization s brand. An investment in ITAM truly pays for itself. An automated ITAM solution with a short time-to-value can produce measurable benefits even in the short term.
Click here to read more

WhatsApp Has Exposed Phones to Israeli Spyware -- Update Your Apps Now

WhatsApp identified a major cyber-security breach that enables Spyware to be installed on phones through voice calls. The vulnerability affects both iPhone and Android devices. The malicious code is transmitted even if a user does not answer an infected call. WhatsApp engineers have been working to patch the vulnerability and the company has recently deployed a fix to servers and to customers. The issue affects WhatsApp for Android prior to v2.19.134, WhatsApp Business for Android prior to v2.19.44, WhatsApp for iOS prior to v2.19.51, WhatsApp Business for iOS prior to v2.19.51, WhatsApp for Windows Phone prior to v2.18.348, and WhatsApp for Tizen prior to v2.18.15.
Click here to read more

Prevent a Worm by Updating Remote Desktop Services (CVE-2019-0708)

Microsoft recently released fixes for a critical Remote Code Execution vulnerability, CVE-2019-0708, in Remote Desktop Services. The vulnerability affects older versions of Windows. This vulnerability is wormable. That means that any future Malware that exploits this vulnerability could propagate among vulnerable computers in the same way that the WannaCry Malware spread in 2017. It is critical that affected systems are patched as quickly as possible to prevent such a scenario from occurring. Microsoft is providing a security update for all customers to protect Windows platforms, including some out-of-support versions of Windows. IT managers are encouraged to use their IT asset management solutions to identify affected systems.
Click here to read more

Coming To Windows 10: More Browsers, Not Fewer

According to a company program manager, Microsoft will continue to include Internet Explorer 11 (IE11) and the original Edge with Windows 10. However, Fred Pullen, a principal program manager on the Edge team, stated that "Our guidance for years has been as you upgrade your web applications to modern standards, you can alleviate yourself of the dependency on Internet Explorer. When we introduced Windows 10, our suggestion to customers was to standardize on Microsoft Edge using EdgeHTML as your modern browser and fallback to IE11 as needed just for backward compatibility." In that fallback option, the IT group would need to create an Enterprise Mode Site List of URLs to apps and sites that required some of those IE compatibility modes, or IE-associated technologies that Edge didn't support. IT could also instruct every intranet site to open in IE11.
Click here to read more

Consumer IoT Devices Are Compromising Enterprise Networks

According to a new report, employee-owned Internet of Things (IoT) devices are proliferating within enterprise networks, exposing organizations to a wide range of attacks. The study found 270 different IoT device profiles from 153 different IoT manufacturers. In the aggregate, these devices handled over 55 million device transactions in a single month. Nearly all of the IoT transactions were conducted over a plaintext channel. Less than a fifth of IoT devices use SSL exclusively to communicate in enterprise settings. The IoT proliferation is just another cycle of the BYOD challenges that security teams were first forced to face a decade ago. The security risk posed by IoT devices underscores the need for IT professionals to have an ongoing awareness of what devices are connected to the network.
Click here to read more

To read the entire report go to: https://www.zscaler.com/resources/industry-reports/IoT-in-the-enterprise-2019.pdf

Structural Integrity: Quantifying Risk with Security Measurement
An effective method for measuring security metrics is the Goal-Question-Metric approach. It starts with a goal for the security program, then determines what questions need to be addressed to achieve the stated goal and then determines what metrics would answer those questions. The author relates that a key set of questions includes: a) What type of devices are on the network? b) Where does the sensitive data reside? And c) Who has access to the sensitive data? The metrics to answer these questions include: a) the number and type of devices on the network, b) the OS and distribution of devices on the network, c) the number and type of approved applications on workstations, d) the number and type of devices up-to-date on OS patches and e) the number of devices up-to-date on application patches. Clearly an effective IT asset management tool can assister in answering the critical questions related to measuring a firm s security readiness.
Click here to read more

.

Industry Resource - Apr 2019


Cisco Warns of Two Security Patches That Don t Work, Issues 17 New Ones for IOS flaws

Cisco has issued 17 security advisories involving 19 vulnerabilities in its IOS and IOS/XE software, which runs most of its routers and switches. The company also advised users that two patches for its RV320 and RV325 Dual Gigabit WAN VPN Routers that were issued earlier are incomplete and will be redone and reissued. Cisco rates both those router vulnerabilities as High. One vulnerability is due to improper validation of user-supplied input. If left unpatched an attacker could send malicious HTTP POST requests to the web-based management interface of an affected device. The attacker could then execute arbitrary commands on the underlying Linux shell as root. The second exposure is due to improper access controls for URLs, allowing. an attacker to connect to an affected device via HTTP or HTTPS and request specific URLs, allowing the attacker to download the router configuration or detailed diagnostic information.
Cisco said firmware updates that address these vulnerabilities are not available and no workarounds exist, but is working on a complete fix for both.
Click here to read more

Gustuff Malware Can Steal from Banking Apps, Then Spread via Contact Lists

Research from security firm Group-IB has identified a new type of malware affecting Android devices that is capable of stealing credentials and initiating bank transactions for more than 100 banks and 32 virtual currency apps. The malware, dubbed Gustuff, targets top international banks including Bank of America, Wells Fargo, Chase, Capital One, among others. It can also steal from cryptocurrency apps such as Bitcoin Wallet and Coinbase. In addition Gustuff can phish usernames and passwords from PayPal, Western Union, Walmart, eBay and WhatsApp.
Gustuff infects victims using a text message, convincing them to provide access to the Android Accessibility function which enables Android phones to take action by default. Once installed, Gustuff can siphon funds from payment software called Automatic Transfer Service.
Click here to read more

Kaspersky Lab Will Warn You If Your Phone Is Infected With Stalkerware

Kaspersky Lab recently announced that it would start flagging stalkerware as malicious software. Users of its Android app will be warned when stalkerware is detected on their phones and be given the option to delete them. When stalkerware is installed on mobile devices it accesses personal data including GPS location, text messages, photos and microphone feeds. Last year Kaspersky Lab found stalkerware on over 58,000 mobile devices. The protection is available on Android devices, because stalkerware isn't as prevalent on iOS devices. Symantec s, Norton also blocks spyware and stalkerware. The Norton software flags instances when location information is being sent from apps.
Click here to read more

Companies See Broader Benefits From GDPR Compliance

The mandates established for IT operations in the European Union's Global Data Protection Regulation provide an opportunity for companies to better understand their IT infrastructure while, improving their data security efforts. It also helps them to prepare for any privacy regulations that may be enacted in the U.S. Companies that have invested in GDPR compliance are finding that the benefits from those investments go beyond mere compliance with to include a range of other IT asset management benefits.
Click here to read more

Health Care s Huge Cybersecurity Problem

The health care industry relies heavily on technology that s connected to the internet. However, those technologies are often vulnerable to cyberattacks. Moreover, the technologies inside of hospitals vary widely. Some devices are new, but others are legacy devices or run on old software with gaping security holes. What s more, experts say that hospitals often don t know what systems run on the devices that they use every day. Christian Dameff, cybersecurity researcher and informatics fellow at the University of California San Diego Health noted that These devices are often black boxes to hospitals. That s not that hospitals do not pay any attention to their computing systems, but data security practices in place in hospitals usually prioritize protecting patient privacy. As health care organizations can be fined under HIPPA for exposing patient data they may ignore the fact that devices that do not have patient health info can be vulnerable to cyber-attacks. A robust and flexible IT asset management system could help hospital IT managers better understand the entire network
Click here to read more

Gov t Warns On VPN Security Bug in Cisco, Palo Alto, F5, Pulse Software

The Department of Homeland Security has issued a security warning involving Cisco, Palo Alto, F5 and Pulse VPN. DHS warns that some packages may improperly secure tokens and cookies, thus allowing hackers an opening to invade and take control over an end user s system. Carnegie Mellon's CERT also reported that multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files. F5 said it was aware of both vulnerabilities and has issued advisories for both CVE-2013-6024and CVE-2017-6139. CVE-2017-6139 has been fixed in BIG-IP 12.1.3, 13.1.0 and 13.0.1.Pulse Secure noted that it had already fixed this vulnerability in the latest Pulse Desktop Client and Network Connect product. Pulse issued a related Security Advisory to disclose this to the public - Security Advisory SA44114. CERT said it is unaware of any patches at the time of publishing for Cisco AnyConnect. IT managers can use their IT asset management tools to identify patched and unpatched systems.
Click here to read more

A Strong SAM Program is an IT Asset Manager s Best Friend

An IT Asset Management (ITAM) solution and a comprehensive software asset management (SAM) program is essential to a firm s bottom line. SAM is more than just counting software suites. A good SAM program helps IT management correctly evaluate how much software the organization needs. With the SAM program in place, the organization acquires only the right amount of software. SAM program also provide a tool for avoiding non-compliance fines. Without a good SAM program, the value of an ITAM-only program can be negated by the cost of an audit. SAM programs give IT Asset Managers the right amount of control over software assets to help organizations derive the most value from their IT budgets.
Click here to read more

Kaspersky: 70 Percent of Attacks Now Target Office Vulnerabilities

According to information collected by Kaspersky Lab, Microsoft Office products are the top target for hackers. The company recently reported that almost 70 percent of the attacks its products have detected in the last 3 months of 2018 tried to leverage a known Microsoft Office vulnerability. In contrast, in Q4 2016 Office vulnerabilities accounted for just over 15 percent of all attacks. The company noted that "An interesting side note, none of the top most exploited vulnerabilities are in MS Office itself. Rather, the vulnerabilities exist in related components."
For example, two of the most exploited vulnerabilities, CVE-2017-11882 and CVE-2018-0802, impact Office's legacy Equation Editor. To mitigate risks associated wit MS Office, IT managers can utilize their IT asset management toolset to identify vulnerable devices and unpatched software.
Click here to read more

Microsoft Targeted by 8 of 10 Top Vulnerabilities in 2018

Recorded Future published an analysis that focused on an exploit kits, phishing attacks, or remote access trojan co-occurrences that leveraged a known vulnerability for the year 2018. The firm analyzed thousands of sources, including code repositories, deep web forum postings, and dark web sites. The intended audience includes information security practitioners, especially those supporting vulnerability risk assessments. The report noted that Many vulnerability management practitioners face the daunting task of prioritizing vulnerabilities without adequate insight into which vulnerabilities are actively exploited by cybercriminals. The report outlined the top 10 vulnerabilities from 2018. It is important that IT professionals can identify those vulnerabilities that impact a company s technology infrastructure and are used in exploit kits, to distribute a remote access trojan (RAT), or which are used in phishing attacks.
A comprehensive IT asset and software inventory can help identify vulnerable devices and programs. The complete repot can be downloaded by accessing the URL shown below.
Click here to read more

Cyber Readiness Worsens as Attacks Soar

According to a recent report from Hiscox, the number of companies in Europe and the United States that were victims of a cyber-attack over the past 12 months has increased over 60%.
The Hiscox Cyber Readiness Report 2019, which was is compiled from interviews with over 5300 cybersecurity professionals in the US and the E.U. revealed a 45% increase over the number of firms suffering an attack in the 2018 report. Average losses were also up over 60%: from nearly $230,000 last year to just under $370,000 in 2019. Losses at large firms neared $700,000, compared to$162,000 in 2018. Companies can use their IT asset management tools to identify vulnerabilities before an attack occurs and reduce the probability of a successful attack.
Click here to read more

How SMBs Can Better Protect Their Business and Customer Data

Business owners need to protect their data and their customer information. A single data breach can cause their customers to lose their trust in the company and business will suffer as a result. By following certain best practices, firms can secure their data to make it less vulnerable. The National Cyber Security Alliance and the Better Business Bureau recommend that firms update their systems and software and insure that computers, devices, and software have the latest security updates and patches. An IT asset solution is a key part of identifying vulnerable assets or unpatched software.
Click here to read more

Over Two Million IoT Devices Vulnerable Because Of P2P Component Flaws

Over two million IoT devices come equipped with a vulnerable P2P firmware component that enables hackers to locate and control those systems. Vulnerable devices include IP cameras, baby monitors, smart doorbells, DVRs, and similar systems sold by a number of firms. All of the affected devices use iLnkP2P, a firmware component that enables the device to communicate with the vendors' servers using the P2P (peer-to-peer) protocol. Security researcher Paul Marrapese identified two vulnerabilities in this component. They are tracked under the CVE-2019-11219 and CVE-2019-11220 identifiers. The first vulnerability "allows attackers to rapidly discover devices that are online," and the second "allows attackers to intercept connections to devices and perform man-in-the-middle attacks" and "to steal the password to a device and take control of it."
Click here to read more

Tech Manufacturers in the Crosshairs

Cyberattacks are no longer a passing concern for technology manufacturing companies. The number of cyberattacks is increasing as smart machines replace legacy equipment. The Chubb Cyber Index reports that ransomware attacks against manufacturers exceed similar attacks against all other industry segments. Verizon s 2018 Data Breach Industry Report indicated that data breaches affecting manufacturers had also increased. However, despite the risks posed, the advantages of the Industrial Internet of Things (IIoT) have become an integral part of efficient production methods. As such, technology manufacturers must improve the security of the connections between their OT systems and IT systems to prevent unauthorized network intrusions. The first step in this process is to perform a technology audit of the IT and OT systems to identify those assets that are connected to the network. For example, often old printers are connected to the network. With the IT and OT systems are also on that same network, a hacker can potentially leverage the printer s obsolete operating system to gain entry onto the network. by the National Institutes of Standards and Technology (NIST) has issued cybersecurity standards, guidelines and best practices of a certified framework for such audits. A working IT asset management toolset can expedite these audits and provide an ongoing view of the entire network.
Click here to read more

The Gathering Storm SAM in the Age of the Cloud

Traditional licensing SAM tools have focused on governance, compliance and managing licenses as assets owned by the business. SaaS subscription management is similar to inventory or stock management. Managing cloud-based software must ensure that the company is paying for only what being used and reducing costs where possible. Effective SaaS inventory management consists of three main components: forecasting analysis, optimizing procurement and Inventory control. This article provides a detailed description of each of these functions as they relate to SaaS software management.
Click here to read more

Industry Resource - Mar 2019


Machine Learning in ITAM Tools

With artificial intelligence (AI) initiatives taking center stage at many organizations, the question for IT Asset Managers is what will AI mean for ITAM? Benefits relating to IT asset management may be on the horizon. As machine learning, a form of AI, uses statistical models that perform a function without interaction with a human. Instead it relies on inferring information from observed or recorded patterns, absorbing information and extrapolating the correct actions. If ITAM tools utilized machine learning they could conceivably automatically predict the total cost of ownership, amount of risk and if an asset should be leased or purchased. Software license compliance, the risk of an audit and the amount of Shelfware could also be automatically analyzed. The AI of the future will only make IT asset management more effective.
Click here to read more

Verizon Warns Enterprises About Internal Security Threats

According to Verizon s 2018 Data Breach Investigations Report, nearly a quarter of cybersecurity incidents and almost twenty percent of data breaches were caused by from people within an organization. The report identified five categories of inside threat actors, including the Careless Worker, the Inside Agent, Disgruntled Employee, the Malicious Insider, and the Feckless Third Party.
With external attacks, it can take months for organizations to detect intrusions, however as insiders have fewer barriers to overcome the time it takes to detect a breach can be much longer.
Click here to read more

Windows 10 closes in on Microsoft s 1 Billion Device Goal

Microsoft recently announced that Windows 10 is now running on 800 million devices worldwide, Microsoft has announced. That number indicates that means Windows 10 is the most popular desktop operating system in the world, however it represents fewer users that Microsoft s original goal one billion devices within three years of its release. According to Net Applications, Windows 10 is currently installed on just over 40 percent of PCs, with Windows 7 with a share of around 38.5 percent. Companies with mixed Windows OS environments can use their ITAM tools to plan an efficient migration to Windows 10 before Windows 7 is no,longer supported.
Click here to read more

Senate Report Highlights Equifax Neglect Before Data Breach

A bipartisan Senate subcommittee on Equifax Inc. s years-long failure to prioritize cybersecurity left the company vulnerable to a data breach that exposed more than 145 million Americans personal information. The Senate audit revealed that, as of 2015, Equifax did not have a complete IT asset inventory or accurate network documentation. The risk of not having this inventory makes it difficult to ensure systems are patched in a timely manner and are being regularly scanned for security vulnerabilities. Moreover, the report stated that Equifax didn t have a written policy on patching known vulnerabilities until 2015. An internal audit that year found a backlog of vulnerabilities that were yet to be patched. The patching issues remained before the 2017 breach, the report said.
Click here to read more

Microsoft: Windows 10 Can Now Automatically Uninstall Buggy Updates

Microsoft has a cure for to automatically downloaded Windows 10 updates that aren't compatible with the device on which they are installed. Windows 10 can now remove "problematic updates" without any user interaction. The feature addresses updates with severe incompatibility issues, especially those that prevent a Windows 10 PC from starting up. According to Microsoft, If a Windows 10 device has a startup failure after installing certain updates, the device will display the following: "We removed some recently installed updates to recover your device from a startup failure."
Click here to read more

'100 Unique Exploits and Counting' for Latest WinRAR Security Bug

A vulnerability that impacts all the WinRAR versions released in nearly the last 20 years has recently become a popular exploit for malware distributors. WinRAR is a downloaded Windows data compression tool that focuses on the RAR and ZIP data compression formats for all Windows users. Several campaigns have been identified whereby cyber-criminal groups and/or nation-state hackers attempted to exploit the WinRAR vulnerability to install malware on their targets devices. Using the vulnerability an attacker can create booby-trapped archives that when unpacked with the WinRAR app will install malicious files anywhere on users' systems. IT managers are reminded to use their IT asset management tools to identify unpatched devices that may still harbor vulnerabilities.
Click here to read more

Microsoft Warns Windows 7 Users of Looming End To Security Updates

Starting April 18 Microsoft will begin warning Windows 7 users that security updates will come to an end on January 14, 2020. Microsoft will stop issuing Windows 7 security updates as part of its ongoing effort to move to its latest software, which provides an improved security foundation and improvements to mitigate cyberattacks attacks. According to Net Applications, Windows 7 is still in use in 40 percent of the desktop market. Enterprise customers will have the option to pay for extended security updates until 2023. Windows 7 s successor, Windows 8, will continue to receive updates until January 10, 2023. IT managers can use their IT asset management tools to identify all the Windows 7 devices on their networks.
Click here to read more

Zero-Day in WordPress SMTP Plugin Abused By Two Hacker Groups

Two cyber-security companies have discovered attacks leveraging a zero-day vulnerability in "Easy WP SMTP," a WordPress plugin with over 300,000 active installs. Hacker groups have were using the vulnerability to hijack traffic from the affected sites. The problem was reported to the plugin's author and was patched on Sunday, March 17, in release of v1.3.9.1. Attacks continued throughout the week, with hackers trying to take over as many sites as they could before site owners applied the patch. IT managers can use their ITAM tools to identify unpatched devices.
Click here to read more

Would You Quit Your Job Over Bad Software? 24% of Employees Have Considered It

Companies spend nearly $1.5 trillion a year on business software and related IT services. However, according to a recent report from G2, many staffers are either unaware of or unhappy with the provided software tools. The G2 reported that almost 60% of employees either cannot name all the software platforms and tools in their department, or do not know how many software tools are in use. The report also found that over 4% of respondents said they use more than 50 software platforms while nearly 6% use more than 20, but f employees have any influence on software decisions. IT managers can use their IT asset management tools to determine what software goes unused to manage their software budgets more effectively
Click here to read more

Industry Resource - Feb 2019


Microsoft to End IE10 Support Years Early, Tells Enterprises to Upgrade to IE11

Microsoft notified the remaining users of Internet Explorer 10 (IE10) that it would end support three years earlier than promised. The company will cease distributing security updates for the browser in January 2020. IE10 was scheduled to receive security updates until October of 2023, which would coincide with the retirement date for Windows Server 2012. In a statement the company said that "Starting in the spring of 2019, commercial customers running Windows Server 2012 and Windows Embedded 8 Standard can begin using IE11 in their test environments or pilot rings. You will have until January 2020 to complete the transition from IE10 to IE11. After this, we will not release any security or non-security updates, free or paid assisted support options, or online technical content changes for IE10." Licensees are encouraged ti use their IT asset management tool to identify those systems and networks that will need to be upgraded to IE11.
Click here to read more

Communicating the Importance of ITAM

In many organizations, IT Asset Management is rarely recognized as a core business practice. Consequently, IT Asset Managers need to do most of the work involved in convincing executives to recognize the business value of ITAM. This effort involves negotiation skills to argue for the program acceptance, funding and resources that are all part of implementing best practices. Therefore, before even starting, implementing and growing the ITAM Program, there must be communication with, and approval from, the executives of the organization. This article explores several effective steps and methodologies for communicating with C suite executives.
Click here to read more

How Can You Save Costs On Support And Maintenance?

Maintenance and support costs constitute a substantial source of revenue for software publishers and are often a significant component of corporate software budgets. Support and maintenance typically include the license rights to new product features, updates, bug fixes and phone, web-based or even on-site support. Maintenance and support fees are typically priced to be about twenty percent of the total license fees. These fees are rarely discounted and many software publishers have strict clauses on how the end users can terminate support. This article provides some guidance on how to limit and manage those maintenance and support fees.
Click here to read more

How to Avoid Ransomware and Avoid Damaging Your Business

Statistics indicate the almost half of all ransomware attaches of all attacks target small businesses and that over half of small businesses that suffer an attack are out of business within six months following the event. Clearly, business must take precautions to protect their business and their customers data. Some suggestions include assessing the company s vulnerability and remediating potential vulnerabilities, using an fully-capable anti-virus software and performing a full software and hardware inventory to identify unpatched and obsolete software and hardware configurations.
Click here to read more

The Secret to Comprehensive, Scalable, and Effective Cybersecurity

Forbes Magazine recently reported on key features that are essential for effective cybersecurity. The article notes that One of the simplest truths of cybersecurity is that you can t protect what you can t see. Without an accurate inventory of every asset and service connected to the network, it s not possible to discover vulnerabilities, identify configuration or other security issues, or detect suspicious or malicious activity on them. The article goes on to say that IT team members need to comprehend the exposure of assets and the potential security or compliance impact in order to prioritize risk and allocate scarce resources.
Click here to read more

Windows 7 Add-On Support To Cost Up To $350 per PC For 3 More Years Of Patches

Computerworld recently reported that Microsoft will charge companies up to $350 per Windows 7 PC for continued OS security updates after Windows 7 is officially retired next January. According to a Microsoft announcement in September 2018, "Windows 7 Extended Security Updates" (ESU will add security support through January 2023. IT managers can use their ITAM tools to identify those systems currently running Windows 7 to plan for ESU costs or migrate to windows 10 ahead of the January date.
Click here to read more

4 Ways Your Company Can Avoid A Data Breach

Citing a report from Balbix and the Ponemon Institute, and complementing the above referenced Forbes article TechRepublic listed for ways organizations can protect against cyber threats. First on the list od re34commended actions was to discover all exiting IT assets and identify known vulnerabilities. TechRepublic noted that Organizations must uncover all internal, cloud, and third-party IT assets that touch their network and could act as an entry point for cybercriminals. This includes servers, applications, managed IT infrastructure, and cloud assets, but also BYOD, Internet of Things (IoT) devices, industrial control systems (ICS), and third-party assets from other business partners. This key action is only possible with a fully functional IT basset management solution in place.
Click here to read more

One in Three Enterprises Can t Protect Themselves From Data Breaches

According to a recent survey conducted by Balbix in conjunction with the Ponemon Institute, one third of the respondents do not believe they have the capabilities required to fend off a cyberattack or prevent a data breach. The survey results indicate that vulnerability patch management and a lack of skilled staff required to manage even basic bug resolution procedures are the main barriers to preventing data breaches. In fact, only 15 percent of the individuals surveyed believed their patching efforts were "highly effective." An effective IT assert management tools can identify unpatched systems, or systems running vulnerable software, making the patching process more efficient.
Click here to read more

How Companies Overspend Millions on IT Procurement

Overspending on IT is a common phenomenon for large organizations. Without a comprehensive IT asset and software asset inventory companies can buy too much or make duplicate purchases. Companies can take several simple steps to limit duplicates and overspending. They include using an IT asset management tool to create accurate and current inventory reports and to identify unused hardware and software. Without a clear understanding of what is on hand overspending on IT will continue.
Click here to read more

Cisco: Patch Routers Now Against Massive 9.8/10-Severity Security Hole

Cisco is urging customers using its wireless VPN and firewall routers to install updates immediately. The company has discovered a critical flaw that enables remote attackers to break into a network. If he vulnerability is not patched, any attacker with any browser can execute code of their choice using the web interface that manages the Cisco RV110W Wireless-N VPN Firewall, Cisco RV130W Wireless-N Multifunction VPN Router, and Cisco RV215W Wireless-N VPN Router. The bug has been tagged as CVE-2019-1663and has a severity score of 9.8 out of a possible 10 under the Common Vulnerability Scoring System (CVSS). IT managers can use their IT asset management tools to identify affected routers, facilitating the patching process.
Click here to read more

Industry Resource - Jan 2019


Android Messages Automatic Spam Protection Has Started Rolling Out

Google has begun making automatic spam protection within the default Android Messages app available to some users. After displaying a notification informing the user that the feature has been enabled, the app will begin analyzing received messages to detect and proactively block spam messages. Google said that the new feature is currently being released gradually in a few countries, and will make it more widely available in the coming months. Google downplayed privacy concerns regarding the way that the feature tracks and stores details about the messages sent noting that Google temporarily stores the phone numbers of people sending and receiving messages with you and the times they messaged with you, but does not store your phone number or the content of these messages.
Click here to read more

Google s Fuchsia OS Confirmed to Have Android App Support via Android Runtime

Google s upcoming operating system, Fuchsia, will employ a specially designed version of the Android Runtime (ART) to run Android applications. This version of ART will be installable on any Fuchsia device using a .far file, which is the equivalent of Android s APK. However, it is not clear exactly how Fuchsia will use the Android Runtime. What is clear is that Fuchsia devices are intended to run Android applications. As Android is the world s most popular operating system, and offering support for the vast wealth of Android apps in the Play Store will facilitate the transition from Android to Fuchsia easier.
Click here to read more

Double Trouble: Two-Pronged Cyber Attack Infects Victims with Data-Stealing Trojan Malware and Ransomware

Cyber criminals are targeting victims with a two-pronged attack. First the attack secretly infiltrates systems with the Vidar data-stealing malware. Almost immediately after the Vidar is installed GandCrab ransomware is inserted onto the infected system. Vidar is a new form of malware that targets vast amounts of victims' personal information. GandCrab is a popular file-encrypting malware and is is regularly updated with new features designed to make it more potent, and more difficult to detect. J r me Segura, security researcher head of investigations at Malwarebytes noted that "Keeping your systems up to date ensures that you will not be infected via drive-by downloads that use already patched vulnerabilities.
Click here to read more

CES 2019: BlackBerry Secure Feature Packs Aspire To Give Trusted Security to 'All Smart Things

BlackBerry announced its Blackberry Secure feature packs at CES. The company said that the new feature packs will make it easier for companies to bring secure Internet of Things (IoT) devices to market. Blackberry positioned its Secure feature packs as providing trusted software and a proven certification framework for companies to securely build smart products. Using the blackberry products developers will not need to develop in-house technology and deep cybersecurity expertise. BlackBerry will review each new device before it is certified as BlackBerry Secure.
Click here to read more

The Pentagon Has More than 250 Cyber Gaps in Its Networks, Watchdog Says

The Defense Department Inspector General reported the DoD had 266 cyber vulnerabilities highlighted in previous watchdog reports. The bulk of the vulnerabilities resulted from the agency s approach to identifying potential gaps in its cyber security and proactively defending against cyber threats. Many of the shortcomings were related to cyber governance. the IG commented that Without proper governance, the DoD cannot ensure that it effectively identifies and manages cybersecurity risk as it continues to face a growing variety of cyber threats from adversaries, such as offensive cyberspace operations used to disrupt, degrade, or destroy targeted information systems. A major component of cyber governance is the ability to accurately inventory all the devices on a network and determine tat all sys6tems are patched and are running current software versions.
Click here to read more

IoT Security Is So Bad, Many Companies Can t Tell When They re Hacked

A recent report from the security company Gemalto surveyed nearly 1000 companies that make and/or use IoT technology noted that almost half of the companies use IoT devices have no way of detecting if any of their devices have been hacked. As the number of connected devices increases the security of these devices will only become more critical. Currently IoT security spending has increased from 13% in 2017 to 15%. Although budget is increasing, 15% growth seems insignificant in a time when data breaches are virtually a daily event.
Click here to read more

Trojan Malware Is Back and It's the Biggest Hacking Threat to Your Business

A recent report from Malwarebytes Labs indicates that that the number of trojan and backdoor attacks have increased to become the most detected attacks against businesses. The number of trojan attacks has increased by more than130 percent between 2017 and 2018. Backdoor up attacks have increased by more than 170 percent. Attacks using spyware that gathers information on a device and sends it to a third-party have also increased by more than 140 percent in the same period.
Click here to read more

Cost Savings Vs Cost Avoidance What s The Difference?

Most companies are interested in cost savings, especially as it relates to software spending. A cost saving involves reducing the amount of money that is spent or budgeted. Examples include: a) the termination of support maintenance on software licenses that are no longer used
b) replacing of existing software licenses and maintenance fees for less expensive licenses and support fees, c) converting to a less expensive support maintenance type and d) renewing only the cloud subscription licenses that are actually in use. In contrast, when firms perform regular internal reviews to identify and remediate compliance issues before the publisher determines requests an audit, costs related to the audit are saved and the action is classified as Cost avoidance . In either case, a robust IT asset management program is critical to the success of the program.
Click here to read more

Windows 10 1809 Fiasco May Hinder Enterprise Migrations From Windows 7

Microsoft's long delay in releasing the latest Windows 10 feature upgrade could not have come at a worse time. The slow delivery may impact enterprises' migration from Windows 7 to the longer-supported versions of Windows 10. But a bug in the new release of Windows 10 that deleted users' files forced Microsoft to withdraw the upgrade from all release channels. Consequently, customers running PCs running Windows will likely run the new version for just three months rather than six, before they're required to upgrade to the following release. The delay will also impact upgrade plans for enterprises, which are allotted 30 months of support for each version.
Click here to read more

Industry Resource - Dec 2018


Insiders Are Serious Threats to Cybersecurity in an Organization

A firm s employees can be the company s weakest cyber-security link and the greatest cause of a cyberattack and a data breach. Employee negligence, such as not knowing how their actions create a risk the company s data security, remains the biggest cyber-risk. However, the malicious insider is another factor that also demands management s attention. According to one recent report, malicious insiders are responsible for over a quarter of all cybercrime. researcher Tim Condello, technical account manager and security researcher at RedOwl noted that
Recruitment of insiders is increasing, and the use of the dark web is the current methodology that malicious actors are using to find insiders.
Click here to read more

Appeals Court Upholds US Government Ban on Kaspersky Software

A federal appeals court recently upheld the federal government s ban on Moscow-based cybersecurity firm Kaspersky Lab s software. Kaspersky fought the ban, but a district court ruled against the company s claims, and the Court of Appeals for the D.C. Circuit supported that previous decision. Last year The Department of Homeland Security ordered government agencies to stop using and remove Kaspersky Lab software due to concerns about the company s ties to the Russian government. Later Congress included a mandate for agencies to remove Kaspersky software from their systems as part of the annual defense bill. Agencies can use a software asset management tool to determine if the software is still on their networks.
Click here to read more

Cyber Insurance Disputes Rise with Attacks

The Financial Times reports that sales of cyber insurance policies have been growing close to 25 percent a year. However, disputes between companies and the insurers have also increased dramatically. Rob Smart, technical director of Mactavish noted that Most cyber policies are written in a fairly restrictive way and there are points of uncertainty over how far the cover will extend. One key issue is that coverage might only include malicious attacks, but exclude issues related to security errors. Furthermore, payouts for data breaches could be limited to the legal minimum, excluding anything extra the firm may want to spend, such as informing customers of the breach.
Click here to read more

Three Out Of Four CIOs Fear IoT Performance Problems Could Derail Ops And Hurt Revenues

According to a recent survey conducted independently by Vanson Bourne for software intelligence company, Dynatrace, over seven out of ten of the 800 CIOs contacted chiefs believe that Internet of Things (IoT) performance problems could negatively impact business operations and revenues. Nearly 80 percent of CIOs said there is a risk that their firm will deploy IoT strategies without having a plan or solution in place to manage the performance of the ecosystems that support IoT installations. In fact, nearly 70 percent of CIOs believe that IoT will become a major performance management burden.
Click here to read more

How Manufacturers Can Build Lasting Cyber Resilience

As manufacturers become more dependent on digital systems, new opportunities abound for cyber-criminals. As the number of endpoints, including computers, mobile devices, and IoT systems, expands attackers have increased network locations to probe for vulnerabilities. A study by EEF earlier this year found that nearly half of manufacturers polled said they d suffered a cyber incident and almost a quarter (24%) suffered losses as a result. Part of the problem is that many firms are running a patchwork of security products from multiple vendors. In addition, many systems go unpatched, perpetuating the existence of known vulnerabilities.
Click here to read more

Using One of the Worst Passwords of 2018 Is A Great Way to Get Hacked

SplashData, a provider of password management applications, recently published its annual lstof the Worst Passwords of the Year. The firm develops the ranking after evaluating more than 5 million passwords that have been leaked on the Internet As SplashData puts it, people using any of these passwords is subjecting themselves to substantial risk of being hacked and having their identities stolen. The 2018 was the fifth straight year that included these passwords in the Number 1 and 2 spots for being the absolute worst: 123456, and password. The five worst passwords after those two are all just numerical strings. SplashData CEO Morgan Slain noted that Our hope by publishing this list each year is to convince people to take steps to protect themselves online. It s a real head-scratcher that with all the risks known, and with so many highly publicized hacks such as Marriott and the National Republican Congressional Committee, that people continue putting themselves at such risk year-after-year.
Click here to read more

Microsoft Releases Security Update For New IE Zero-Day

Microsoft recently released a security update for an Internet Explorer vulnerability that is currently being widely abused. Clement Lecigne of Google's Threat Analysis Group discovered and reported the IE zero-day. According to a security advisory released by Microsoft, the IE vulnerability can allow an attacker to execute malicious code on a user's computer if it is exploited in web-based scenarios. The where attacker would need to lure a user onto a malicious site that in turn runs the malicious code on his computer. The vulnerability can also be exploited using applications that embed the IE scripting engine to render web-based content part of the Office suite.
Click here to read more

Microsoft Plans New 4K Webcams To Bring Facial Recognition To All Windows 10 Devices, Says Report

Microsoft may offer its own external webcams in 2019. One model could be intended to extend Windows Hello facial recognition to all Windows 10 PCs. The new camera will, for the first time, bring facial recognition to all Windows 10 PCs. Currently the Windows Hello facial recognition is restricted to the built-in webcams such as those installed on Microsoft's Surface devices. Microsoft's planned webcams may be linked to the USB-C webcams that it planned to ship with the forthcoming Surface Hub 2, which includes a USB-C port. The Surface Hub 2 is also planned to ship in 2019.
Click here to read more

Cyber Breaches Abound In 2019

There ids no question that cyber will become even more rampant in 2019 as ever- improving malware will be aggressively deployed across multiple fronts. As companies increase their digitization efforts to drive efficiency, reduce costs and build data-driven businesses, they also move into the target zone of hackers and cyber-criminals. The use of machine learning and AI only serves to compound the situation, as hackers work to scale their bad behavior. Things to look for include: AI-driven chatbots going rogue, an increase in crimeware-as-a-service, the increased weaponization of data, an increase in ransomware attacks and a significant rise in nation-stage cyberattacks. Cryptojacking , malware that relies on invasive methods of initial access and drive-by scripts on websites to steal resources from unsuspecting victims, is also expected to become a larger threat.
Click here to read more

One-Fourth Of Corporate Data Now In The Cloud

A quarter of corporate data is now stored in the cloud. Enterprise managers are now more confident than ever that their data is safe and readily accessible from cloud providers. Nonetheless, there are many challenges in the area of integrating cloud services into core applications and operations. These are some of the observations published a recent survey released by the Independent Oracle Users Group, working with Amazon Web Services
The survey included over 200 data and IT managers and found that, on average, one in every four bytes of enterprise data is now managed by public cloud providers. In addition, almost fifty percent of new database projects are being built to public cloud providers. However, there will still be a large percentage of data remaining on-premises. Over 60% of respondents indicated that it is likely they will be moving into hybrid cloud arrangements over the next one to two years.
Click here to read more

Industry Resource - Nov 2018


Are Devices Getting More Secure?

As more devices are connected to the Internet, incorporating security into chip design is becoming more prevalent. Security concerns have been growing for the past five years, motivated by a number of high-profile attacks on retail establishments, credit reporting services and the hardware vulnerabilities were made public in 2018. However, there is real progress in combating cyber-criminals. An increasing number of devices are shipping with some form of built-in security, and device makers appear to be accepting the reality that not all connected devices will be secure. The industry needs to evolve that to provide systems that are connected and secure, as there will be more and more connected systems.
Click here to read more

Microsoft, Google Apps Feature In The Top 20 Vulnerabilities In Enterprise Environments

According to cybersecurity firm Tenable, the most prevalent vulnerabilities can potentially impact 30 percent of enterprises if left unpatched or unresolved. Microsoft and Google software offerings have the greatest number of vulnerabilities that could disrupt enterprise services and systems. In its Tenable Vulnerability Intelligence Report, the company reported that Microsoft .Net and Office, Adobe Flash, and Oracle's Java have the most widespread impact for enterprise assets.
Click here to read more

Post-Wannacry: Only 3% of Companies Are Prepared For New Types of Cyberattacks

A recent study found that companies are actually less well-prepared than their security officers believe them to be. Considering the type of security technologies that companies deploy, the study found only three percent are using threat prevention solutions that can successfully prevent a business from falling victim to a Gen V attack. Gen V attacks are multi-vector and are exponentially more damaging financial and reputational losses compared to earlier forms of attacks. To successfully fend off Gen V attacks, organizations must integrate and unify security infrastructures so they operate better together. Threat data must be shared across all entry points in real time, requiring a move from a layered, componentized security approach to one that is more holistic.
Click here to read more

Consumers Are More Concerned With Cybersecurity and Data Privacy In 2018

Recent data breaches at major companies exposed the personal information of millions of people. The recent Ping Identity 2018 Consumer Survey, measured users' trust of those companies. The report surveyed more than 3,000 consumers worldwide to determine how customers felt in this post-breach era. Per the report many people could have developed negative connotations with certain companies. Following a breach, over 75% of respondents said they would stop engaging with the brand online. Nearly 40% said they would stop engaging with the brand completely, added the report. Data breaches infringe on the consumer's personal information and impact their trust in the breached company.
Click here to read more

Google: Newer Android Versions Are Less Affected By Malware

After dedicating itself to improving Android's security, Google is finally seeing tangible results. According to company data, devices running newer Android versions have been infected far less than devices running older OS releases. According to the company, the percentage of Android devices with at least one potentially harmful application (PHA) is above the 0.5 percent figure for Android devices running OS Versions 4, 5 and 6. The infection rate for devices running for newer OS versions is much smaller. Google reports that 0.25 percent of all Android running Version 7 have at least one PHA. The percentage for devices running Version 8 and 9 is 0.14 percent and 0.06 percent, respectively.
Click here to read more

Conquering FITARA Challenges via ITAM Program Development

The two main objectives of the Federal Information Technology Acquisition Reform Act (FITARA) are to facilitate the development and operation of effective IT programs within budget and to increase collaboration among key decision makers, including the CIO, CFO and the Chief Acquisition Officer (CAO). FITARA recognizes that a successful IT program requires a governance program supported by a policy that defines roles, responsibilities and interactions across the organization. The overall process needs to be integrated with the organization s ITAM program. ITAM is key as it incorporates policies, processes, people, and technology that are coordinated with an organization s business needs. The intertwining of FITARA requirements with ITAM in Federal agencies will help to significantly reduce the risk of IT acquisition waste and enhance overall IT program management.
Click here to read more

Study: Ransomware Attacks Surge on Apple Operating Systems

According to a global Datto survey, hackers have intensified their attacks on Apple machines in the past year. Over 50% of the companies surveyed experienced a ransomware incident. The survey indicated that in companies that manage information technology for other businesses, ransomware was cited as the leading cyberattack, ahead of viruses and spyware. Datto polled 2,400 managed-services providers that use its systems to back up and secure data on behalf of other businesses.
Click here to read more

Microsoft Patches Windows Zero-Day Used By Multiple Cyber-Espionage Groups

Microsoft recently released security patches intended to fix 62 security flaws, including ma fix
for a zero-day vulnerability that was under active exploitation. The zero-day, tracked as CVE-2018-8589, affects the Windows Win32k component. Microsoft classified the issue as an elevation of privilege" vulnerability. According to the company, before an attacker could use this zero-day vulnerability, the system would have to been previously infected with some form of malware. Microsoft has also patched the zero-day that was disclosed at the end of October, which affected the Windows Data Sharing Service (dssvc.dll)..
Click here to read more

WannaCry Is Still Dominating Ransomware

Even thought WannaCry, has largely been disabled, and the deadline to pay the ransom has long passed it still accounts for nearly 30% of ransomware attacks. According to Kaspersky Lab, the ransomware is still spreading uncontrollably. The spreading mechanism that passed WannaCry from victim to victim is still active, even if the malware is not functioning. Senior malware analyst Fedor Sinitsyn noted that "This is not an uncommon occurrence, as there are multiple currently defunct worms that are still automatically spreading in the wild and infecting unpatched/unprotected machines."
Click here to read more

Major SMS Security Lapse Is A Reminder To Use Authenticator Apps Instead

TechCrunch recently reported a data breach that exposed a database of around 26 million text messages containing private customer information. The breach highlights the dangers of relying on SMS messages for receiving two-factor authentication codes over an unencrypted platform.
A Berlin-based security researcher discovered that the Voxox-managed database was unsecure and easily searchable for both names and telephone numbers. Anyone could have monitored a near-real-time data stream to intercept a two-factor authentication code sent to a user trying to log into an account. Two-factor authentication is one of the best ways to isure online security and it s common for providers to text the code to a user. Instead of relying on SMS messages, use of an authentication app such as Google Authenticator is far more secure. These apps are completely self-contained, and no sensitive data needs to be sent to them.
Click here to read more

IoT Security Problems Can Cost Enterprises Millions

The Internet of Things (IoT) is becoming increasingly integrated into many businesses. However, according to researchers at cybersecurity firm DigiCert, too many firms are not prioritizing the security around those devices. DigiCert found that a quarter of the companies having difficulty securing their IoT devices reported that they had lost in excess of $30 million due to security-related issues. Organizations will need to of secure the interoperability of these myriad devices. Mike Nelson, vice president of IoT security at DigiCert,said that "it won't be sufficient for an organization to simply secure the connections their device makes with other internal resources. IoT devices will be connecting to each other and other systems and the secure interoperability of those connections will be a unique challenge."
Click here to read more

Every Cellphone Is a Security Risk, So what s Your BYOD Policy?

Bring your own device (BYOD) practices and have a significant impact on the general data integrity and security of a company. Consequently, it s critical that any company that permits employees to use a personal device at work has an effective BYOD policy and that HR is involved from the outset. That s important because BYOD requires education, compliance and enforcement. In addition, due to the EU s GDPR regulation, companies are obligated to ensure that any data held about the employees is done in a secure manner. Consequently, the firm s Data Protection Officer must be involved in the formulation of BYOD policies to ensure GDPR compliance. As part of this, the firm must be aware of how mobile device management (MDM) software or any other endpoint security devices will affect the data of those involved.
Click here to read more

WhatsApp at Work: Companies Grapple With A Popular Ad Hoc Tool

A recent survey conducted by CCS Insights indicates WhatsApp is the most widely-used mobile app in the workplace. However, popular apps aren't the most secure apps, and employees that ignore corporate-approved messaging software and use their preferred apps can create cyber-security problems. Consumer apps lack central management capabilities and raise the likelihood that sensitive information is shared externally. Consequently, some companies have banned the use of WhatsApp. Nick McQuire, vice president for enterprise research at CCS Insights noted that WhatsApp has encryption mechanisms, but there's not enough control, governance, visibility and reassurances that enterprises need. That's understandable because it is not an enterprise service, but that's the problem they have.
Click here to read more

The Importance of Data Security

There are many documented cases of sensitive information becoming compromised because everyday electronic devices, including hard drives, SSDs, printers and photocopiers) were not properly data wiped prior to being resold or recycled. The issues surrounding any data security breach have serious ramifications, including breach of privacy, liability under GDPR, and as erosion of a company s brand loyalty. Data wiping (AKA data destruction) is the only method which allows the device to be reused. Data wiping, removes the data using software to overwrite the information stored on the hard drive or device. The practice erases just the data while leaving the disk operable to enable the reuse of IT assets.
Click here to read more

Industry Resource - Oct 2018


46% of Enterprise Brands Fear Website Data Breach

According to recent research by data management specialists Ensighten, nearly half of all enterprises believe they are at risk of a website data breach. Fifteen percent of the surveyed firms admitted that they have identified a definite, known risk. Few companies are prepared to fend off such a breach, with just under 70% stating that they had implemented no security for their website. The survey also found that just over 40% had incurred a breach and that less than 15% review their customer records once every six months. Ian Woolley, chief revenue officer, at Ensighten commented: We should question why enterprises aren t taking better care of their data. It shouldn t take a leak or breach to inspire action to improve marketing security when customer details are so sensitive. Prevention is better than cure. Brands must put the safety of their customers data first.
Click here to read more

New Study Finds 5 of Every 6 Routers Are Inadequately Updated For Security Flaws

A recent study by the American Consumer Institute (ACI) found that five out of six home routers are inadequately updated for security flaws. Those devices, and their users, are vulnerable to hacking. The study analyzed a sample of 186 small office/home office Wi-Fi routers from 14 different vendors sold in the US. ACI staffers examined the firmware version the routers were running and searched public vulnerabilities databases for known security flaws affecting each device's firmware. The study identified over 32,000 known vulnerabilities found in the sample
ACI experts noted that, "Our analysis shows that of the 186 sampled routers, 155 (83 percent) were found to have vulnerabilities to potential cyberattacks, in the router firmware, with an average of 172 vulnerabilities per router, or 186 vulnerabilities per router for the identified 155 routers." To compound the problem, the absense of auto-update mechanisms keeps many of these devices in a vulnerable state, or until a user is reminded to update the firmware. Firms running an IT asset management tool are urged to
Click here to read more

Provider Executives Say One-Third of Their Medical Devices Are Unpatchable

According to a new survey by KLAS and the College of Healthcare Information Management (CHIME), Executives, almost a third of health IT executives at provider organizations are concerned that a lack of medical device cybersecurity, particularly regarding older legacy devices, will result in disruptions in patient care. The survey indicated that each provider organization has an average of 10,000 connected medical devices, of which a third are deemed unpatchable. In addition, almost 20% of respondents had medical devices hit by a ransomware or malware attack in the last 18 months. CHIME CEO Russell Branzell noted that Unsecured and poorly secured medical devices put patients at risk of great harm if those devices are hacked. In recent years, that risk has increased exponentially as devices in hospitals and health organizations have become more and more interconnected.
Click here to read more

Silent Cyber Perceived As A Far Greater Risk Than Ever Before: Willis Towers Watson

According to a recent survey conducted by Willis Towers Watson (WTW, cyber-related losses are expected to increase across all business lines over the next 12 months. In addition, silent cyber continues to pose a massive threat. Anthony Dagostino, Global Head of Cyber Risk Solutions at WTW noted that the insurance market considers silent cyber to be a far greater risk than ever before. Silent cyber losses occur when insurance or reinsurance policies fail to explicitly exclude cyber risks, resulting in an accumulation of cyber losses within other policies.
The IT/Utilities/Telecom industry group reported the highest perceived property silent cyber risk factor, with over 40% of respondents stating that they are likely to incur ten or more cyber related loss for every hundred non-cyber covered losses.
Click here to read more

How the Windows 10 October 2018 Update Will Impact Your Enterprise IoT Deployments

Microsoft recently announced in a blog post that the October Windows 10 update will include edge intelligence with machine learning, industrial strength security, new silicon options, and advances support for enterprise Internet of Things (IoT) projects. Microsoft customers can commercialize devices with their choice of a Semi-Annual Servicing Channel or a Long-Term Servicing Channel. The long-term model is ideal for commercial IoT devices that require strong security and fewer feature updates, The Windows 10 IoT Core Services, a new cloud service subscription, offers companies the services needed to commercialize a device on Windows 10 IoT Core. This service will help device manufacturers lower support costs, and distributors create better business models to create customer value.
Click here to read more

Identify Data Breaches By Leveraging ITAM Best Practices

One major strength of IT asset management is how it relates with IT security. IT asset managers identify and track data within the organizational environment. They monitor data flow and identify its location. When a data breach occurs, security should work with IT asset managers to help identify who was targeted and move quickly to notify the data breach victims.
IT asset management has much to offer IT security and, working together, a strong, robust, and mature data security model can be created. Such a model can facilitate rapid crisis response times and industry-leading data breach victim communications. By leveraging the IT asset management best practices proactively an organization will be able to handle a data breach incident in a manner that protects both the organization as well as the victim.
Click here to read more

Facebook's WhatsApp Says Has Fixed Video Call Security Bug

Facebook Inc s WhatsApp unit recently announced that it fixed the bug on its platform that allowed hackers to gain control of users applications when they answered an incoming video call. As reported by ZDnet and The Register the vulnerability impacted WhatsApp applications on Apple and Android smartphones, and was discovered in August and was fixed in early October. A WhatsApp employee noted that there was no evidence that hackers actually exploited the bug to launch attacks.
Click here to read more

California Privacy Law Expected To Have Nationwide Impact

California's new privacy law grants state residents the ability to have control over their personal data. That includes the right to know what personal information is held by businesses, and to prevent the sale of that information. The Law also requires companies to implement security measures to prevent data breaches, and gives individuals the right to sue over data breaches. According to a study by PwC, even thought the law only grants rights to residents of California, many companies that collect data are considering changing their policies nationwide. PWC noted that More than three quarters of respondents to our survey say they collect personal information on California residents. Many are considering whether to extend CCPA s rights to all of their US employees and consumers for operational simplicity and long-term readiness for potential federal privacy legislation. The PwC report also found that just over half of survey respondents expect to be compliant with the law by January 2020, when the legislation goes into effect.
Click here to read more

This Cryptojacking Mining Malware Pretends To Be a Flash Update

Cybercriminals are disseminating their cryptojacking malware to targeted victims by disguising it as an update for Flash. The attackers attempt to trick potential victims into downloading an XMRig cryptocurrency miner. The malware runs in the background and uses the power of the infected PC to acquire Monero for the hackers. The fake updates are delivered to victims via web-based pop-up windows and use authentic-looking branding to convince the victim to download the malware. If the user does click through to the download a warning about installing software from an unknown publisher is displayed. This should be a security red flag. But if is is ignored, the cryptocurrency miner will be downloaded onto the system, with the use oblivious to the action.
Click here to read more

Around 62 Percent of All Internet Sites Will Run an Unsupported PHP Version in 10 Weeks

According to W3Techs, nearly 80 percent of all Internet sites in operation today run on PHP. However, by year s end security support for PHP 5.6.x will end. It will be the end of all support for any version of the t PHP 5.x branch. Consequently, just over 60% of all Internet sites running a PHP 5.x version will stop receiving security updates. That will expose hundreds of millions of websites to serious security risks. ," Scott Arciszewski, Chief Development Officer at Paragon Initiative Enterprise notes that, "This is a huge problem for the PHP ecosystem. While many feel that they can 'get away with' running PHP 5 in 2019, the simplest way to describe this choice is: Negligent."
Click here to read more

Microsoft JET Vulnerability Still Open To Attacks, Despite Recent Patch

A vulnerability in the Microsoft JET database engine is still not fully patched even after Microsoft shipped an update as part of the October 2018 Patch Tuesday. The vulnerability was discovered in mid-September after the Trend Micro Zero-Day Initiative (ZDI) disclosed details on its website. ZDI decided to make the issue public, to enable users to take actions to protect themselves against any exploitation attempts. The vulnerability raised some alarms, principally because the JET database engine is included in all versions of Windows, and the vulnerability provided attackers with a huge attack vector..
Click here to read more

Some Cybersecurity Apps Could Be Worse for Privacy than Nothing at All

In September of this year Apple removed several Trend Micro anti-malware tools from the Mac app store. The apps were collecting unnecessary personal information from users, including browser history. Trend Micro has now deleted this function from the apps. User s should be aware that that not all security apps will make their online movements more secure. In some cases they could be worse than doing nothing at all. Users need do their due diligence before downloading nay type of security app, including ad-blockers or VPN software. Click on te link below for some other security tips.
Click here to read more

Patching The Pinholes In Your Business s Cybersecurity

Cybersecurity must be addressed in organizations of all sizes. The need is exacerbated by a recent reveal that every computer is a virtual ticking time-bomb. To keep an organization secure IT pros must ask the question: Where are the pinholes in my business s data security and how can they be patched? Today, the nature of data security is changing faster than most people can imagine. Many of the security protocols put in place a year ago are likely already obsolete. This situation is compounded by employees who cross their personal and professional emails, or accept any attachment that is delivered through their email. Cybersecurity is a state of mind; something that needs contestant as opposed to discrete milestone. Corporate data security programs must be agile and adaptive. is the name of the game, and while much of the security software is frequently updated, it is prudent to review and adjust all aspects of cybersecurity on an ongoing basis.
Click here to read more

Many CMS Plugins Are Disabling TLS Certificate Validation... And That's Very Bad

An enormous number of CMS plugins and PHP libraries are purposely disabling SSL/TLS certificate validation. By doing so, they are putting millions of internet users at risk. To exacerbate the problem, a great number of these plugins and libraries are used to establish connections to payment provider servers. That process transmits sensitive user data or financial transactions. The problem resides in how the code in the CMS plugins and PHP libraries is configured, and specifically in some of the cURL options.
Click here to read more

Industry Resource - Sep 2018


Oracle Will Charge for Java Starting in 2019

According to a recent Oracle announcement, Java SE 8 public updates will no longer be available for Business, Commercial or Production use without a commercial license, effective January 2019. The current version of Java (Java SE 9 and Java SE 8) is free and available for redistribution for general purpose computing. Java SE continues to be available free of charge under the Oracle Binary Code License (BCL). The Java Runtime Environment (JRE) may require a license fee from Oracle. Read more about embedded use of Java SE, or contact your local Oracle sales representative to obtain a license. To properly manage Oracle Java licensing changes, licensees will need to collect and identify every application that is running Java SE 8 before January of 2019. This action ensures an accurate forecast of costs and potential non-compliance risk for future software audits. The safest way for a company to avoid the risk of unexpected software costs is to use an automated Software Asset Management solution which can detect, collect, measure, and determine a firm s compliance position.
Click here to read more

Hackers Increasingly Target Reputations through Reviews Sites, Experts Say

Cyber-criminals are increasing their attempts to extort companies and individuals by threatening to post multiple harmful and negative reviews and comments on sites such as Yelp and TripAdvisor to create reputational harm. While internet extortion is not a new phenomenon, the attackers now are spamming sites where enough negative reviews can materially impact business. It is definitely an increase that we see that more and more hackers are misusing the whole brand reputation and any type of review process to blackmail and extort companies, based in Europe, told The Hill. Of course the same would be harmful for anyone who has an online profile such as hotels we ve seen it with restaurants as well, like TripAdvisor or Yelp.
Click here to read more

Mozilla Announces Firefox Will Block Trackers By Default

Mozilla recently announced that future releases of Firefox will block web trackers by default. Firefox will also enable users to control what information they share with sites. Mozilla s goal is to protect users from websites using abusive trackers that are used for targeted advertising and broad user data collection, while improving performance and privacy. Mozilla will build three tracker-blocking features it is building into Firefox: 1) Blocking trackers that slow down page loads; 2) Removing cross-site tracking that follow users around the web and 3) Mitigating harmful practices such as trackers that fingerprint users to identify users by their device properties and crypto-mining scripts..
Click here to read more

Almost 400k Websites Risk Hacking, Data Theft via Open .Git Repos, Researcher Warns

Czech security researcher Vladim r Smitka recently scanned 230 million websites worldwide over a one month period and discovered nearly 400,000 pages with an open .git directory. He is warning website operators to closely examine how they configure their site, especially if they use a git to deploy and manage it. Smitka noted that if the .git directories are not properly configured, unauthorized persons can access current and past files with information about the website's structure, database passwords, API keys, and more. The attacker could use this access to reconstruct a site's git repository and discover potential vulnerabilities.
Click here to read more

Mirai, Gafgyt IoT Botnets Stab Systems with Apache Struts, Sonicwall Exploits

New versions of the Mirai and the Gafgyt botnets are exploiting vulnerabilities in IoT devices, including a security flaw related to the 2017 Equifax data breach. Palo Alto Networks Unit 42 researchers recently disclosed that that new variants of the botnets have been upgraded with a number of exploits designed to leverage multiple vulnerabilities. Botnets operate by exploiting vulnerable devices, gaining control, and using them to create excessive web-traffic which is then used to disable online services. These distributed denial-of-service (DDoS) attacks can prevent legitimate traffic from reaching online services or take systems down completely.
Click here to read more

Ransomware Campaign Targets Businesses With Fake Invoice Message

A new ransomware campaign that encrypts files and demands victims to pay a ransom to retrieve the encrypted data is targeting businesses in Europe. Labeled PyLocky, the new ransomware is focused on targets in Europe, with France a particular target for the malware. Germany was the initial focus of the campaign, accounting for over half of targets at the beginning of August, but accounted for just over a quarter of the spam emails by the end of the month. The perpetrators target victims in different countries, with the ransom note available in English, French and other languages, indicating that attacks against other regions are planned.
Click here to read more

'Father of Zeus' Kronos Malware Exploits Office Bug to Hijack Your Bank Account

According to Securonix researchers, the latest Kronos variant was discovered in July this year.
Three distinct, separate hacking campaigns involving the malware are currently underway in Europe. The attacks rely on phishing campaigns and fraudulent emails, as well as exploit kits. The malicious emails employ Microsoft Word documents or RTF attachments with macros that drop and execute obfuscated VB stagers. The documents exploit CVE-2017-11882, which is a vulnerability in the Microsoft Office Equation Editor Component that was disclosed in 2017. If a target system has not been patched, the bug permits the execution of arbitrary code. To prevent a Kronos infection, ITAM managers can use a discovery system to determine if all systems have been patched.
Click here to read more

This New Phishing Attack Uses An Old Trick To Steal Passwords And Credit Card Details

A recent phishing campaign uncovered by Malwarebytes uses a financial enticement to steal login credentials, payment details and other sensitive information. The bogus email offers victims a tax refund which can only be claimed online. The message purports to be from the UK government tax office, and advises recipients that they are due a tax refund of over 500 which would be deposited onto their credit card. Targets are also told that the link to the "customer" portal" expires on the day the message is received in an effort to convince victims that they might miss out on a sizeable cash payment through inaction. Individuals who click through to the 'portal' are initially asked to provide their username and password and later for their full name, address, phone number, date of birth, mother's maiden name and all credit card information.
Click here to read more

Microsoft Managed Desktop Plan Turns Windows 10 Device Management Over To Microsoft

Microsoft recently announced Microsoft Managed Desktop" (MMD), through which the company will offer business users with the option of allowing Microsoft manage their Windows 10 PCs. With this service Microsoft will provide users with pre-configured Windows 10 PC hardware; ongoing Windows 10 feature updates, security updates, software fixes; and overall management of those devices. Microsoft would charge a per-user monthly subscription fee for MMD. Initially, qualifying devices will be limited to Surface PCs. In the future devices from HP, Dell and other PC makers will be offered as options.
Click here to read more

Innovating Compliance through Automation

According to recent report by KPMG entitled Innovating Compliance through Automation changes in technology and behavior behavior are forcing organizations to become more flexible. Compliance and IT management leaders often discuss the need to do more with less. Industry leaders are identifying targeted compliance programs and obligations while establishing the expected return on investment. The consulting firm details a. most effective model for building out a compliance automation approach can be summarized in three key phases: strategize, prioritize and realize. The complete report can be downloaded by clicking on the url shown below.
Click here to read more

Researcher Discloses New Zero-Day Affecting All Versions of Windows

An un-patched zero-day vulnerability has been discovered in all supported versions of the Microsoft Windows OS, including Windows 10, Windows 8.1, Windows 7, and Windows Server Edition 2008 to 2016. . The zero-day vulnerability was reported by Lucas Leong of the Trend Micro Security Research team. It resides in Microsoft Jet Database Engine and could be used by an attacker to remotely execute malicious code on any vulnerable Windows computer. To exploit this vulnerability and remotely execute malicious code on a targeted vulnerable computer a hacker must first convince the victim to open a specially crafted JET database file. Microsoft was made aware of vulnerability in May od 2018 but as yet failed to patch the vulnerability.
Microsoft is working on a patch for the vulnerability, but it was not included in September Patch Tuesday. Users can expect the fix in Microsoft's October patch release. IT asset managers should scan all enterprise system to determine that the patch is applied when it becomes available.
Click here to read more

5 Cyber Security Basics You Can't Afford To Ignore

Asset inventory is among a number of basic cyber security functions that are critical, and yet are overlooked by too many organizations. The companies regularly perform these security basics consistently and significantly reduce the likelihood of a successful cyber-attack. Those who don t may pay the price in terms of intrusions, data breaches, and malware attacks. Device inventory is just one of five tasks critical to a securing environment. They include maintaining an asset inventory, managing address assignments, a detailed awareness of the attack surface, securing vendor connections and establishing incident response procedures.
Click here to read more

Industry Resource - Aug 2018


Why the IIoT Is Not Secure

The Internet of Things (IoT), and especially the Industrial IoT (IIoT) has a reputation of being less-than-secure. However, this is not because the IoT technology is immature. According to chipmakers and industry analysts, the situation has developed because neither technology buyers nor providers have the time and effort to create and adopt steps that will make everyone safer. Richard Soley, executive director of the Industrial Internet Consortium (IIC and chairman and CEO of the Object Management Group noted that, My evaluation of security in the IIoT? Zero. Nearly all implementations of the IIoT I ve seen assume you re going to build a wall around them and they won t need extra security because the perimeter will keep any threats away. That s nonsense. On the consumer Internet, 80% of breaches involve something inside the perimeter that breaks security, whether it s malware, or a phishing call, or an insider you shouldn t have trusted.
Click here to read more

FBI Outlines IoT Risks in New Article

The U.S. Federal Bureau of Investigation has recently published an article outlining the risks associated with internet-connected, or Internet of Things (IoT) devices. The FBI notes that cyber-criminals can use unsecured IoT devices as proxies to conduct malicious cyber activities.
The article, entitled Cyber Actors Use Internet of Things Devices as Proxies for Anonymity and Pursuit of Malicious Cyber Activities (https://www.ic3.gov/media/2018/180802.aspx) notes that that IoT devices need to be evaluated for risk to determine if they can be used as a vector for an attack into a network. The FBI lists likely targeted IoT devices as routers, wireless radio links, time clocks, audio/video streaming devices, web-connected cameras, DVRs, satellite antenna equipment, smart garage door openers, and network-attached storage devices.
Click here to read more

New Genre of Artificial Intelligence Programs Take Computer Hacking To another Level

-Artificial intelligence (AI) programs that can learn how to evade even the best cybersecurity defenses may be a reality. IBM Corp. has already used AI machine learning to develop programs that can evade best-of-class defensive measures. Details of the experiment were unveiled at the recent at the Black Hat security conference. The best software defenses examine what the attack software is doing, instead of analyzing software code for danger signs. The AI-based programs can be trained to stay dormant until they reach a very specific target, making them exceptionally hard to stop.
Click here to read more

Report: Mid-Sized Businesses Lose More To Cybercrime Than Large Or Small Ones

A new report entitled White Hat, Black Hat and the Emergence of the Gray Hat: The True Costs of Cybercrime (https://resources.malwarebytes.com/files/2018/08/GLOBAL-White-Hat-Black-Hat-and-the-Emergence-of-the-Gray-Hat-The-True-Costs-of-Cybercrime_Sponsored-by-Malwarebytes.pdf) notes that mid-market companies with 500 to 1000 employees incur greater losses from cyber -tacks than smaller or larger ones. The report was published jointly by Malwarebytes and Osterman Research. The information in the report was based on a survey of 900 security pros worldwide, working in organizations that had between 200 and 1000 employees.
Click here to read more

Fax Machines Are Still Everywhere, and Wildly Insecure

Many people consider fax machines as a relic, but health care and government organizations continue to use faxes on a regular basis. In addition, most all-in-one printers have a fax component. Current research indicates that vulnerabilities in that old technology can expose entire corporate networks to attack. Check Point researchers Yaniv Balmas and Eyal Itkin note that "Fax is an ancient technology. The protocols we use today haven t been changed for the past 30 years. But everybody is still using fax and nobody really looks at it as a valid attack vector. So we thought, what if we could exploit a printer just by sending a malicious fax? In an all-in-one printer, one side is connected to the phone line and the other side is connected to the network. So if we could take over the device, we could then move into the internal network."
Click here to read more

Spending on Internet of Things May More Than Double to Over Half a Trillion Dollars

According to a recent report released by Bain & Co., major corporations will double their budgets for Internet-connected devices over the next four years to an estimated total of over $500 billion. The forecast amount, which includes the acquisition of devices, software, and related services, is an increase from Bain s forecast of $450 billion in 2016. The current forecast indicates that businesses are increasing their demand for Internet of Things (IoT) devices. IoT devices typically send the information to cloud data centers for analysis. The newer products will have more built-in computing power and AI apps, making them more independent and efficient.
Click here to read more

Intel Discloses Three More Chip Flaws

Intel Corp recently disclosed three more potential flaws in its popular Core and Xeon processors microprocessors that can be exploited to gain access to certain data from computer memory. Intel noted in a blog post that "We are not aware of reports that any of these methods have been used in real-world exploits, but this further underscores the need for everyone to adhere to security best practices." Intel also released patches to address the issue. The company said that the updates, coupled those released earlier in the year, will reduce the risk for users.
Click here to read more

Check Point Research: How Android Allows Man-In-The-Disk Cyberattacks

Check Point Research recently discovered a design flaw in Android s Sandbox that allows external storage to be used as a vector for cyberattacks. Such attacks could include the undetected installation of malicious apps on the user s phone, denial of service for legitimate apps and the potential code injection that could then run in the privileged context of an attacked application. These man-in-the-disk attacks become possible when applications use of shared storage does not employ the Android sandbox protection and which fail to use independent security precautions.
Click here to read more

Why SAM is Critical during a Merger or Acquisition

During any a merger process, numerous asset transfers take place. One critical asset that can often be overlooked, and can result in a substantial risk, is software licensing. One to establish the number of hardware assets is to use a software inventory tool to determine the assets in a company, and also what software is installed on them. In a merger process this is critical, especially if there are any licensing shortfalls coming with the acquisition. The company acquiring the organization needs to be made fully aware of any software license compliance issues.
Click here to read more

Data Breaches Fell In 2018, but Email Address Exposure Grew: Study

According to a study by Risk Based Security Inc., sponsored by Risk Placement Services Inc., companies experienced over 2300 data breaches in the first half of 2018. In all over 2 billion records were exposed. Email addresses were the most prevalent data type exposed, accounting for almost half of the total. Passwords were second, comprising just over 40% of the total. Hacking accounted for the majority of the breaches, and fraud accounted for just under half of the records exposed. The U.S. was the hardest hit, with over 1,074 incidents. In contrast, there were just over 60 breaches in the UK and nearly 50 in Canada.
Click here to read more

Meet the Malware Which Hijacks Your Browser and Redirects You To Fake Pages

The RIG exploit kit has been fitted with a new tool designed to hijack browsing sessions.
At its peak the RIG exploit kit infected over 25,000 machines on a daily basis. The new malware is a rootkit called CEIDPageLock. It has recently been distributed through the exploit kit.
CEIDPageLock includes functionality which allows user browsing activities to be monitored, plus the ability to change a number of websites with fake home pages. The malware targets Microsoft Windows systems. The dropper extracts a 32-bit kernel-mode driver which is saved in the Windows temporary directory with the name "houzi.sys." When the driver executes, the dropper sends the victim PC's mac address and user ID to a malicious command-and-control server. This information is then used to download the desired malicious homepage configuration
when a victim begins browsing.
Click here to read more

Phishing Attacks That Impersonate Trusted Individuals on the Rise

According a recent study by Mimecast, (https://www.nasdaq.com/press-release/new-report-reveals-an-80-increase-in-impersonation-or-business-email-compromise-bec-attacks-20180828-00078) phishing attacks that impersonated someone familiar to the targeted individual increased by 80 percent over the prior quarter. Mimecast found that there was one successful malicious link for every 50 emails that passed through the subject firms security systems. As part of the study, Mimecast inspected over 140 million emails handled by incumbent email security systems. According to the report, nineteen million pieces of spam, over 13,000 emails containing dangerous file types, and over 15,000 malware attachments were missed by incumbent providers and delivered to users' inboxes.
Click here to read more

Android 'API Breaking' Vulnerability Leaks Device Data, Allows User Tracking

Nightwatch Cybersecurity discovered a new vulnerability in the Google Android operating system which could allow cyber-attackers to secretly capture Wi-Fi broadcast data which can be used to track users. The bug, labeled CVE-2018-9489, resides in the operating system's communication management programming. Researchers noted that Android devices broadcast information including Wi-Fi network names, BSSID, local IP addresses, DNS server data and MAC. When rogue apps eavesdrop on a user s device, sensitive information can be disclosed and attackers can attack local Wi-Fi networks or use MAC addresses to track specific Android devices.
Click here to read more

Industry Resource - Jul 2018


Companies Are Struggling With Security Automation Study

According to a recent Ponemon Institute report entitled The Challenge of Building the Right Security Automation Architecture, the growing threat cybersecurity landscape and security skills gap will require organizations to implement automation to create more effective security posture. Survey respondents agreed that security automation will improve productivity, better handle the growing volume of threats and decrease the number of false positives. The top two reported benefits of security automation are increased productivity of security personnel and automated correlation of threat behavior to address the volume of threats. Over half of respondents noted that these automation technologies can simplify the process of detecting and responding to cyber threats and vulnerabilities.
Click here to read more

The Top 10 Phishing Lines Luring Employees

According to a recent report from UK-based security software firm Sophos, almost half of all organizations experience daily phishing attacks. Over three quarters experience a phishing attack at least once a month. The report also noted that cybercriminals use social engineering to exploit human weaknesses. Worse, every employee is a target. Along with personnel connected to company finances, cybercriminals also target those who manage business processes and IT controls, putting organizations at risk for ransomware and extortion. In short, anyone who receives emails is at risk. Sophos Phish Threat, a simulation and training tool that teaches staff members how to spot phishing emails ,indicates that individuals are most likely to ...
Click here to read more

Hacking Campaign Targets iPhone Users With Data-Stealing, Location-Tracking Malware

A new mobile malware campaign is targeting iPhones by enticing users to download malware disguised as an open-source mobile device management (MDM) software package. The malware gives attackers complete control of the device and the ability to install fake versions of real apps. Once installed, the hackers can steal sensitive information such as phone number, serial number, location, contact details, user's photos, SMS, and Telegram and WhatsApp chat messages.
Click here to read more

Cisco Patches Critical Vulnerabilities in Policy Suite

Cisco released fixes to set of critical vulnerabilities in Policy Suite. The vulnerabilities enabled attackers to cause havoc in the software's databases. Cisco recently released a security advisory detailing four vulnerabilities which could place enterprise users at risk of information leaks, account compromise and database tampering. Unpatched systems could be subject to unauthorized connections to the Policy Builder database, unauthenticated logins using a root account, unauthorized changes to existing repositories and the creation of new repositories and remote unauthorized direct access to the Open Systems Gateway initiative (OSGi) interface
Click here to read more

Microsoft Releases New Windows 10 Preview with Edge, Fluent, Display, And Registry Editor Improvements

Microsoft recently released a preview of the Windows 10 update. It includes improvements to Edge, Skype, Diagnostic Data Viewer, Task Manager and other features. This represents the Windows 10 update planned for release later this year. In the update Edge received richer learning tools in Reading View, the ability to change the color for parts of speech, and a line focus option to improve focus while reading an article by highlighting sets of one, three, or five lines. There s also a new consent box for saving Autofill data and PDF toolbar improvements.
Click here to read more

Project Fuchsia : Google Is Quietly Working on a Successor to Android

It was recently revealed that a small group of Google engineers has been working on software that will eventually replace Android. The project, known as Fuchsia, was created from scratch to improve the performance Android as more connected devices come online. The goal is to better accommodate voice interactions and frequent security updates and to look the same across a range of connected devices. Google started quietly posting code online in 2016, has allowed some third party app developers tinker with bits of the open-source code. Google has also begun to experiment with applications for the system, including interactive screen displays and voice commands for YouTube.
Click here to read more

Study Warns Of Rising Hacker Threats To SAP, Oracle Business Software

According to a study published by two cyber security firms several companies and government agencies have been targeted and thousands more are exposed to data breaches by hackers exploiting unpatched security flaws in SAP and Oracle software. Systems at two government agencies and companies in the media, energy and finance sectors were attacked after failing to install the recommended patches. In an alert entitled Malicious cyber activity targeting ERP applications , the Homeland Security s National Cybersecurity and Communications Integration Center highlighted signs of increasing hacker focus on ERP applications.
Click here to read more

Why Software Asset Management (SAM) Is So Often Overlooked By CIOs

Software asset management (SAM) is a long-time key IT management practice; it is often regarded as a tedious necessity to complete the to-do list. Instead it should be regarded as an opportunity to add value to the business. The cost of fines for license non-compliance can be enormous, and audits can cost businesses thousands. However, there is more to SAM than avoiding fines. Businesses need to start strategizing ways to benefit from SAM. By changing the prevailing attitude regarding software management, IT teams can reduce budgetary waste and better streamline software use across the entire organization
Click here to read more

Why Automation is Set to Transform Software Asset Management

Software licensing management tasks, such as the gathering, consolidating, and normalizing of software install and usage data, and the cross referencing of that data with software license entitlement, are critical for insuring software license compliance. Organizations with larger IT budgets often procure an automated Software Asset Management (SAM) solution. All too often smaller companies don t deploy a SAM tool. However, regardless of the size of the organization, or its IT budget, it has been discovered that over 70% of SAM Managers spend most of their time on transactional license management tasks. Those tasks could actually be completed in less time, and more accurately, through automation.
Click here to read more

Five Ways CIOs Need To Change To Survive In a Software Driven World

Software has become one of the most invaluable assets for any enterprise and it will continue to change the way most companies operate. It is also true that the software supply chain is complex, making it hard to really understand what s was actually licensed. Consequently too businesses often pay for software they don t need, costing companies worldwide tens of billions of dollars a year. Companies need to have a good understanding of what software they already have and what licenses they own. Only then can they decide what they need, what they don t, and make full use of their resources to save money. It s also critical that CIOs realize that this practice not become a single a point-in-time view. Properly used Software Asset Management allows them to examine company growth, pinpoint any potential stagnation and to act strategically.
Click here to read more

Security 101: 4 Simple Steps to Avoid a Software Attack

According to the Vulnerability Review 2018 Global Trends, in 2017 software vulnerabilities increased nearly 15% per cent as compared to 2016 That constitutes the highest vulnerability level to date and carries with it a huge financial and operational impact. Even if an organization goes without a successful breach, events related to exploitation of known vulnerabilities run into the millions each year. These risks highlight the need for organizations To mitigate these risks and their impact on the organization firms need to adopt processes and tools that provide insight on where to take action. Companies need to have an in depth knowledge of what software it operates and the degree to which that software is up-to-date. Without that basic information, it s impossible to protect the IT systems from attack. However, with the scope of software used in today s organizations, developing inventory can be difficult. Software Asset Management (SAM) tools and technology to automate the process of discovering and creating an inventory of their software (and hardware) assets throughout the organization..
Click here to read more

Will Agencies Tame Their Software, Telecom Inventories Ahead Of 2020?

As the federal government pursues IT modernization, agencies must complete comprehensive inventories of their software licenses and telecommunication assets. A complete inventory is a critical component of the government s goal of modernizing its collective information technology. Without a thorough understanding of what s on their networks, agencies could be open both cybersecurity and mission support vulnerabilities. However, despite a law compelling agencies to document their software licenses, 14 agencies failed the metric on the most recent FITARA scorecard. And a quarterly report on modernization milestones under the President s Management Agenda found last week that software asset management had digressed from its previous report. Development of the software license inventories is also required as part implementation of General Services Administration s Enterprise Infrastructure Solutions contract. The next-generation telecommunications program, scheduled to go live in 2020, requires agencies to identify their current assets before adding new technology to the network.
Click here to read more

A Bluetooth Flaw Could Allow Hackers to Steal Your Data

A research paper entitled Breaking the Bluetooth Pairing Fixed Coordinate Invalid Curve (https://www.cs.technion.ac.il/~biham/BT/bt-fixed-coordinate-invalid-curve-attack.pdf ) reveals a vulnerability in the Bluetooth wireless standard that enables attackers to capture and manipulate data exchanged over a Bluetooth connection. According to the Ars Technica report entitled Decade-Old Bluetooth Flaw Lets Hackers Steal Data Passing Between Devices, accessible information includes virtually all data stored on a device. Hackers access to the data by forcing a device to use a known pairing key. For instance, when pairing a phone with a computer, users may be prompted to enter a five-digit code. Hackers leverage that code to intercept information when you the devices are paired again.
Click here to read more

New Spectre Attack Can Remotely Steal Secrets, Researchers Say

In a recent paper entitled NetSpectre: Read Arbitrary Memory Over Network https://www.documentcloud.org/documents/4619513-NetSpectre.html researchers have described a new variant of the Spectre vulnerability which can remotely steal data from vulnerable systems.
Previously, in order to exploit Intel, AMD, and ARM processors an attacker would have to run malicious code on an affected device. With NetSpectre, an attacker can pummel a target device with malicious network traffic without running any code on the system. NetSpectre exploits a weakness in how chips speculatively predict where memory is stored to speed up processing. The attack can be used to leak memory content, which could include proprietary data such as encryption keys or passwords.
Click here to read more

At T-Minus 18 Months, Windows 7 Still Powers 184M Commercial Pcs

According to Microsoft, over 180 million PCs in use at in small and mid-sized businesses, large corporations and in government agencies are still running Windows 7, which will no longer be supported by the year 2020. That number excluded China, but included all other markets. The largest installed base of commercial PCs with Windows 7 is in the U.S. Twenty-five percent, or about 46 million PCs are still running the software. However, using share data Computerworld estimates that there are nearly 400 million PCs still using the older OS. That estimate is more than twice Microsoft's number, raising the question if China has more than 200 million Windows 7 PCs.
Click here to read more

Industry Resource - Jun 2018


Employees Are Ill-Prepared For Phishing Emails: Study

According to a new study from Barracuda, many companies that have been successfully phished haven t trained their employees on how to combat phishing attacks. Of the firms surveyed, over three quarters have anti=phishing training programs in place. But nearly a quarter do not. The report notes that nearly 85% believe that the biggest security concern is poor employee behavior, including carelessness, use of personal emails and devices and disregarding policies. Less than 20% cite inadequate tools that are not adequate for fighting email threats, false positives and team distractions. There s no question that email phishing attacks are dangerous and can have significant serious fiscal consequences:
Click here to read more

Experts Warn Massive Malware Network Linked To Russia Is More Widespread

Cybersecurity experts at Cisco s threat intelligence arm Talos are warning that a sophisticated Russia-linked hacking campaign has infected more devices than previously reported. Their findings show that the dangerous malware, labeled VPNFilter, has not only compromised more routers in small or home offices, but it also has more capabilities than they had initially discovered. according to a Wednesday Talos blog post "We have seen that VPNFilter is targeting more makes/models of devices than initially thought, and has additional capabilities, including the ability to deliver exploits to endpoints." The hackers are also targeting home network vendors like ASUS, D-Link, Huawei, Ubiquiti, UPVEL and ZTE.
Click here to read more

The Threat Is Real: Protecting Your Systems from Cyberattacks

While physical safety is still important, in automated manufacturing environments, industrial risk now must also include concerns about protecting industrial control systems (ICS) from cyber threats. One of the most significant threats to industrial systems in is encryption ransomware attacks. The global Wanna Cry and ExPetr ransomware attacks taught both security experts and cybercriminals that operational technology systems are more vulnerable to attack than information technology systems.
Click here to read more

Cisco Fixes Critical Bug That Exposed Networks To Hackers

A "critical"-rated bug found in Cisco's Secure Access Control System (ACS) could have allowed hackers to remotely break into corporate networks. The bug was found in the code that system administrators use to authenticate users across a network. The vulnerability had a 9.8 out of 10 score on the common vulnerability severity rating. Security researchers at Positive Technologies, which reported the bug to Cisco, noted that bug could have allowed an attacker to gain near-unfettered access to a corporate network. According to Positive technology, an attacker on the network could collect or modify the credentials of users on network devices and use it to execute man-in-the-middle attacks. If a device was accessible to the internet, titwould be at far greater risk of remote attacks.
Click here to read more

6 Reasons To Leverage Cloud Technology

Organizations have historically relied on on-premises data-systems to run applications or store data. Currently, many organizations are considering cloud-computing for deployment of data workloads. With its usage- based model with unlimited scalability and no hardware investment costs, cloud computing provides new levels of business agility for IT, developers, and data scientists. As cloud adoption grows, hybrid cloud solutions are gaining traction. Following are some of the top reasons to leverage cloud technology for your complex processing jobs: 1) scale computing needs without additional hardware, 2) reduce cost of innovation, 3) only pay for what you need, 4) use the right configuration for the job, 5) draw insights from data as it resides in the cloud and 6) simplify IT operations.
Click here to read more

Good IT Asset Management Can Answer Far More Than Just IT Problems

As IT Asset Management (ITAM) is an integral part of IT, and virtually every part of an organization is impacted by IT, using ITAM as a nosiness tool will make a business more effective overall. The ubiquity of IT can become overwhelming, however breaking the management of IT Assets down into smaller chunks can make the overall process easier to deal with. One study suggests that an ideal ITAM program has weigh-in from several stakeholders. And when these departments communicate the business can become more efficient. By recognizing the intrinsic value of an enterprise s assets the company will handle the assets differently and more effectively.
Click here to read more

Vendors Are Shipping Android Devices with Diagnostic Port Exposed

Android devices with open port setups that leave many products open to attack are being shipped worldwide. The port in question is a key component of the Android Debug Bridge (ADB) feature), which allows developers to remotely communicate with devices to and execute commands. It is used for diagnostic and debugging purposes. Unsecured, , ADB provides a path for cyberattacks. Vendors are supposed to secure the port; however, many companies do not. Security researchers discovered a worm, labeled ADB.Miner, that was exploiting the ADB interface to spread malware and hijack the victims devices.
Click here to read more

IT Asset Management: Are You Taking Painkillers or Vitamins?

Being proactive in IT asset management (ITAM) requires a company to know what IT assets it has, who is using them and how they are used. This proactive approach enables IT pros to avoid crisis situations, often involving software license renewals, critical software upgrades and end-of-life decisions for hardware. This article provides suggestions that will create a healthier, more cost efficient and more powerful ITAM platform in any organization:
Click here to read more

Unlicensed Software a Security Risk: BSA Research

According to recent research by BSA, unlicensed software increases the risk of cyberattacks. As CIOs reported and as information the BSA survey confirms, use of unlicensed software, exposes organizations to often-crippling security threats. BSA released the 2018 Global Software Survey: Software Management: Security Imperative, Business Opportunity to provide IT pros with a better understanding of the implications of using unlicensed software. Victoria Espinel, President and CEO of BSA noted that Organizations around the world are missing out on the economic and security benefits that well-managed software provides. Businesses should establish software asset management (SAM) programs to evaluate and manage the software on their networks. This, in turn, helps organizations reduce the risk of debilitating cyberattacks and helps grow their revenues.
Click here to read more

APAC Computer Users Most Vulnerable To Cyberattacks Due to High Percentage Of Unlicensed Software Use

According to a recent BSA report the Asia Pacific region has the world s highest percentage rate of unlicensed software use and greatest amount of financial losses. Computer users in the region remain highly vulnerable to the risks of cyberattacks linked with the use of unlicensed software. The survey found that in the Asia Pacific region, nearly 60% of software installed on computers in 2017 was unlicensed. The commercial value of unlicensed software in the region remains the highest in the world. Worldwide, nearly 40% of software installed on computers in 2017 is not properly licensed, with losses of nearly US$50 billion.
Click here to read more

This 30-Second Change To Your Computer Settings Is The Easiest Way To Stop Hackers

According to Juniper Research, cybercrime is projected to become a $2 trillion a year business by 2019. Many cybercrimes start with a phishing attack. However, change the Domain Name System (DNS) that a computer uses is an easy way to block these attacks. Most computers connect to the DNS that s set by their internet service providers, however there are safer alternatives. Mukul Kumar, chief information security officer at Cavirin, recommends changing theDNS service to one of a handful of alternative options from either Google, security company Cloudflare, or Quad9. All of these services are free.
Click here to read more

Apple to Undercut Popular Law-Enforcement Tool for Cracking iPhones

Apple recently announced that it is working to protect all customers, especially in countries where phones are readily obtained by police or by criminals with extensive resources. Apple will change default settings in the iOS to prevent communication through the USB port when the phone has not been unlocked in the past hour. The USB port is how machines made by forensic companies connect and work around the security provisions that limit how many password guesses can be made before the device freezes them out or erases data. The new code will make it impossible to run code on the devices after the hour is up.
Click here to read more

This New Android Malware Delivers Banking Trojan, Keylogger and Ransomware

A new form of Android malware, still under development, delivers a banking trojan, a keylogger and ransomware to those unfortunate to fall victim to it. It was discovered the security company ThreatFabric. Initially the malware was believed to be an updated version of Lokibot. However it contains enough new features for researchers to consider it as a new form of malware called MysteryBot. The new malware is also potent, with the trojan able to control the functionality of the infected devices, including the ability to read messages and collect contact information.
Click here to read more

Microsoft Adds Resiliency, Redundancy, Security to Windows Server 2019

Microsoft will add resiliency and redundancy enhancements to the Shielded Virtual Machines security controls included in Windows Server 2019. Shielded VM enhancements in Window Server 2019 will provide real-time failback configurations and host- and policy-based security improvements. Host key attestation has also been added to Windows Server 2019, which provides a certificate-based solution allowing organizations to store keys using standard certificate-storage mechanisms.
Click here to read more

The State of Data Center Management As A Service In 2018

Commissioned by Intel, s new report entitled, The State of Data Center Management as a Service in 2018 shows that organizations must allocate additional money and resources to upgrade data center management infrastructure to achieve operational efficiency as the use of data center management solutions mature. Alternatively the organization must change the paradigm completely and leverage cloud enabled services. An on-premise solution offers consistent and secure data collection, reporting and alerting. In contrast Data Center Management as a Service (DMaaS) is an easy-to-use, low- cost cloud-based solution providing IT professionals the ability to monitor their data center infrastructure incrementally, receive real-time insights, and prevent potential failures.
Click here to read more

Do Remote Workers Increase Your Chance Of A Data Breach? 86% of CXOs Say Yes

According to Shred-it's State of the Industry Report most C-Suite executives and small business owners bele9ive that cyber security risks increase with the number of remote workers employed by the company. Nearly half of CXOs and small business owners cited accidental loss or employee negligence as the top reason for data breaches. Shred-it vice president Monu Kalsi noted that "The study's findings clearly show that seemingly small habits can pose great security risk and add up to large financial, reputational and legal risks."
Click here to read more

WannaCrypt Ransomware Scam Demands Payment In Advance!

There is a new approach to ransomware. Instead of encrypting files and demanding a ransom for their return, scammers are promising not to do so it f they are paid in advance. This
WannaCrypt threat email is very widespread, however the good news is that these cybercriminals don t actually have any malware to back up their threat. Their claim that antivirus software will not be able to detect [the] program is accurate simply because there is no program to detect.
.
Click here to read more

Automation s Helping Hand in Software Asset Management

With the help of automated software asset management (SAM) tools, IT pros spend less time on tedious, repetitive administrative tasks and more time on the business-critical work that directly benefits the organization. Human input is still required to ensure quality output, but SAM tools speed up these processes and standardize the way in which they are executed.
Click here to read more

Manage Software Assets to Manage Cyber Threats

Software comprises a significant percentage of and organization s IT budget However; too often software licenses are improperly managed and tracked. Consequently, organizations do not realize the optimum benefits from these software licenses. Asa result software asset management (SAM) practices have been included within the broader scope of IT asset management (ITAM) to integrate the policies, processes, technology, and people for managing software assets. Along with minimizing legal and contractual risks from the use of unlicensed software, companies who have implemented SAM also reap benefits in the areas of cost control and IT security.
Click here to read more

How the Emerging IoT Will Prompt Asset Management Issues

Gartner forecasts that by the beginning to the next decade IoT technology will be enabled in nearly all of electronics for new product designs. In addition, many company s digital transformation plans are dependent upon IoT. Bain predicts business-to-business IoT segments will generate more than $300 billion annually by 2020. Consumer applications, including smart homes and self-driving vehicles are expected generate $150 billion in that same timeframe. But, what impact does this have on software asset management (SAM)? Can IoT devices be managed in the same way as traditional computers, laptops, mobile devices, and software? Should the SAM function even get involved in IoT initiatives? SAM must be included in all IoT decisions because IoT devices will bring with them the issues of security, data privacy, and service sustainability. By planning ahead and ensuring SAM-related IoT issues are addressed early, companies will be able to manage potentially damaging situations as they proceed with any digital transformation efforts.
Click here to read more

A Good Software License Policy Is the Best Defense against the Threat Of Audits

Maintaining compliance with software licenses can be a daunting task. Due to the availability of file-sharing services, end users have become used to copying software, as it is easy and convenient to do. Historically, in response to the practice the software industry has tried to raise awareness about the illegality of copying software. The burden of compliance rests with the company and in cases where the firm ignores its responsibility for software licensing; it faces the cost of complying with a software audit. An effective software asset management (SAM) tool can prevent, or reduce, the cost and inconvenience of such an audit.
Click here to read more

Printer Asset Management Managing Printers & their Vendors

Printers are a component of nearly every IT asset base or network. Consequently they need to be managed according to a firm s established asset management standards and objectives.
Many organizations work to streamline printer support of printers through helpdesk integration services and improved integration/configuration management. They also work to reduce the cost printers and output devices through governance and better vendor management. One method of printer cost management is a routine verification of vendor invoices using device utilization reporting, a core ITAM practice. Printer-relates cost savings can also be achieved by improving end-user habits through the development and use of a Print Policy, combined with the standardization of hardware and print drivers.
Click here to read more

New Windows 10 Vulnerability Bypasses OS Defenses, Says Security Researcher

According to new security research Windows 10 users are vulnerable to hackers who can exploit a file format in order to bypass key defenses in the software. Security firm Specter Ops security discovered that the SettingContent-ms file type can be used to run arbitrary, and potentially dangerous code. The malicious code could be run on a target computer by convincing a user to open a Word document that contains an embedded .SettingContent-ms file. This embedded file would include a link to the arbitrary code. Neither the OLE protections nor the Attack Surface Reduction (ASR) defenses offered by Windows 10 with Windows Defender stopped the code being executed.
Click here to read more

Thanatos Ransomware: Free Decryption Tool Released For Destructive File-Locking Malware

Thanatos ransomware started attacking Windows systems in February of 2018. Since then multiple versions of it have been released, with all remaining an active threat. Thanatos is delivered to victims in the form of an email attachment. However attackers have also distributed the ransomware by the voice and text chat application Discord. Like other ransomware Thanatos demands a payment in cryptocurrency. However, unlike other ransomware even if the victim does give into the ransom demand, problems with the Thanatos encryption process prevent the data being returned to the victim. To combat the destruction caused by lost files researchers at Cisco Talos have built and released ThanatosDecryptor, a free tool for decrypting the files. The tool is available to download and works on all current versions of the ransomware. In order decrypt files across a network as quickly as possible, Cisco Talos researchers recommend that ThanatosDecryptor be run on the originally infected machine.
Click here to read more

Report: Bot Attacks Going Mobile

According to new report from Distil Networks, malicious bot attacks are increasing and malicious bot networks are running on six of the major US mobile ISPs. Cybercriminals are using mobile devices, which may not be recognized by website defense systems, to commit fraud, steal data, and run DDoS attacks. In addition, as a re34sult of the large number of cellular gateway requests, malicious bot traffic can be difficult to identify and then block. The report notes that about 8% of malicious bot traffic is now coming from mobile devices. Just over 40% of mobile ISP gateways have been used in malicious bot attacks. On average, about 15 malicious bot devices are making requests on each cellular gateway IP each day.
Click here to read more

Industry Resource - May 2018


A Remote Hack Hijacks Android Phones Via Electric Leaks in Their Memory

Hackers have recently discovered a way to use Rowhammer against Android phones over the internet. Rowhammer is a hacking technique that manipulates the physical electric charge in memory chips to corrupt data in unexpected ways. In a recent paper, researchers in the VUSec research group at Vrije Universiteit in Amsterdam detail a new form of the Rowhammer attack they call "GLitch." GLitch uses Rowhammer's method of inducing electric leaks in memory to create "bit flips." changing ones to zeros and vice versa in the stored data. The new technique enables a hacker to run malicious code on some Android phones when the victim simply visits a carefully crafted web page. GLitch is the first ever remote, smartphone-targeted implementation of a Rowhammer attack, breaking practically every computer security model.
Click here to read more

Securing Legacy Plant Equipment

Newer manufacturing plant equipment is designed to be networked and is equipped with cyber protection technology. However, legacy plant equipment is not. Protecting decades-old equipment is critical as the expected life of of industrial equipment is measured in decades.
Security companies are developing methods to enable cybersecurity on networks that include older plant equipment. Strategies include bringing everything on the plant network up to enterprise security standards. Gabe Authier, senior product manager for industrial cyber security at Tripwire noted that We re not just looking at the network layer. We re looking into level one and level two, including the devices directly in line with the production equipment in manufacturing facilities. One approach is to use the IEC 62243 standard to make adjustments on the floor, including adjustments to the firmware of devices because they re so old. Then you start looking at upgrading hardware on the plant floor to adhere to shop floor policies.
Click here to read more

Seven Strategies to Keep Your Company Data Safe When an Employee Leaves

In an environment where high-profile cyberattacks are a daily threat, most firms are focused on preventing external hackers from breaking into their systems and stealing their data. While hackers clearly present a threat, an even bigger threat is found inside the company; its own employees. One study reported that over 30% of U.S. and U.K. office workers still have access to their former company's data and systems after leaving the company. Consequently, malicious individuals can use their access to break into their ex-employer s network However, there are seven steps that an HR professional can take to keep the company protected from departing employees. These include: 1) practice good onboarding when hiring, 2) creating clear company policies and offering compliance training, 3) creating a corporate culture of security, 4) proactively managing employee access points using an off-boarding checklist, 5) ensuring remote access to all employee devices, 6) providing a great day-to-day employee experience and 7) becoming an organized, communicative conductor of the exit process.
Click here to read more

Thousands of Companies Are Still Downloading the Vulnerability That Wrecked Equifax

In the year following the great Equifax data breach, thousands of companies have continued to introduce the same security vulnerabilities that impacted Equifax into their computer networks. According to data from Sonatype, a Goldman Sachs-backed cybersecurity startup that tracks code pulled by software developers, over 10,00 organizations, including more than half of the Fortune Global 100, have downloaded known-to-be-vulnerable versions of Apache Struts. Apache Struts is the popular, open source software package that attackers targeted to loot data from Equifax s servers.
Click here to read more

Here's What Those New Full-Page Warnings in Chrome Mean

Google Chrome will display a full-page warning whenever a user accesses a website without an SSL certificate that is registered with a public certificate log. SSL is the main cryptographic standard by which HTTPS connections are secured. An SSL certificate ensures that data transmitted between web servers and users remains unmolested. This action provides additional protection from websites using SSL certificates that may have been maliciously acquired. Hackers have manipulated the system to spoof legitimate websites, launch man-in-the-middle attacks, and in some cases, install spyware on the devices of unsuspecting users.
Click here to read more

How to Survive a Nasty Software Vendor Audit

According to Gartner, over 60% of businesses receive at least one software audit request per year. Some organizations have been audited by four different vendors in the same 12-month period. Software companies conduct audits to ensure that businesses aren t pirating software, exploiting single-user software, or infringing on copyrights. However, vague contract language and soft interpretations of licensing often make it easy for vendors to nail customers for non-compliance. In fact, three quarters of enterprises are found to be out of compliance with their software contracts. Twenty percent of those end up paying a $1 million or more in license true-ups. Companies can take simple steps to prepare for, and survive a software audit, including performing their own audits, looking for errors and driving settlement negotiations.
Click here to read more

Organizations Slow To Address System Vulnerabilities

According to current research from IT consulting firm Protiviti, many companies do not patch vulnerable systems in a timely manner. Consequently they are operating systems that are no longer supported and/or are easily exploited. Protiviti conducted in-depth analysis of vulnerability scans and IT systems and infrastructure tests at oer 500 organizations over a nine-year period that began in 2009. In its analysis, Protiviti found that easily patched application and OS vulnerabilities are not being fixed in a timely manner. The firm also found that organizations continue to operate a large number of unsupported systems, significantly increasing the risk for data breaches.
Click here to read more

7 Ways to Embrace Shadow IT and Win

For years, CIOs and IT managers have attempted to reliably ferret out and squash shadow technologies It was well known that the illicit tools create dangerous security, compliance and workflow vulnerabilities. However a small number of IT leaders are starting to look at shadow IT in a way. By studying the covert practice they can gather clues and insights into end-user needs and preferences. This knowledge leads to the development and deployment of authorized software and services that can improve employee performance and satisfaction. There are several ways to recognize and manage shadow IT, including: 1) gain and understanding of why the shadow IT tool is being used, 2) understand how employees use the shadow IT tool, 3) determine if the shadow technology poses any security threat, 4) determine if the shadow IT has potential value as an enterprise productivity tool, 5) engage with the shadow IT s vendor to develop an enterprise-level version, 6) preserve the shadow IT s original benefits in any official deployment and 7) remain vigilant for new instances if shadow IT.
Click here to read more

Critical Windows Bug Fixed Today Is Actively Being Exploited To Hack Users

Microsoft recently patched two Windows vulnerabilities actively used by hackers to install malicious apps on computers. One vulnerability resides in the VBScript Engine that is included in all currently supported versions of Windows. An use-after-free flaw allows attackers to execute code that runs with the same system privileges as the logged-in user. When users are logged in with administrative rights, attackers can take complete control of the system. If users are logged in with more limited rights, attackers can escalate privileges by exploiting a separate vulnerability. The second vulnerability is a privilege-escalation flaw in the Win32k component of Windows. Microsoft officials noted that "An attacker who successfully exploited this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
Click here to read more

Microsoft Windows, Apple MacOs, Linux, BSD: All Hit By Same 'Serious' Security Flaw

Windows, MacOS, major Linux versions, FreeBSD, VMware, and Xen running on x86 AMD and Intel CPUs are all impacted by a serious security flaw. The flaw is a result of operating system developers misinterpreting debug documentation for the two chip platforms. The patches fix for the common flaw can enable an authenticated attacker to access and manipulate sensitive data stored in memory or gain control over low-level operating system functions. Patches are available from Apple, DragonFly BSD, FreeBSD, Microsoft, Red Hat, SUSE Linux, Ubuntu, VMware, and Xen. Links to all available updates are available in the CERT advisory.
Click here to read more

Two-Factor Authentication Hackable

Two-factor authentication may not be a foolproof method of securing access to online account. KnowBe4's chief hacking officer, Kevin Mitnick, has discovered how the popular security measure can be spoofed. Mitnick found that if a phishing email containing a bit of code that can steal login information is placed into a login box, it can be used to totally compromise a user s account, eliminating the effectiveness of two-factor authentication. Mitnick notes that the email looks legitimate, but upon closer examination, the return address is not correct. If the target of the hack clicks the interested button the malware is downloaded onto the victim's computer. At this point, the person is taken to the real site where login information is required to complete the connection process. That process includes having the site send an access code to the account holder's phone. However, working in the background, the malware has grabbed the email and password associated with the account, along with the session cookie.
Click here to read more

Google Will Force Android Phone Makers To Issue Regular Security Updates

Google has always been quick to issue security patches to Android, but it takes longer for phone manufacturers to promulgate them to users, causing major lapses in security. To remedy this situation, Google announced that OEMs will now be contractually obligated to issue regular security patches. David Kleidermacher, head of Android platform security noted that
"We've also worked on building security patching into our OEM agreements. Now this will really lead to a massive increase in the number of devices and users receiving regular security patches."
Click here to read more

Critical PGP and S/MIME Bugs Can Reveal Encrypted Emails Uninstall Now [Updated]

Sebastian Schinzel, a professor of computer security at M nster University of Applied Sciences discovered that the two most widely used methods for email encryption, PGP and S/MIME are vulnerable to hacks that can reveal the plaintext of encrypted messages. He warned that there are no reliable fixes and advised entities that use those techniques to avoid using either encryption standard for sensitive communications. He also suggested that IP groups to remove PGP and S/MIME immediately from email clients. He said that The flaws might reveal the plaintext of encrypted emails, including encrypted emails you sent in the past. There are currently no reliable fixes for the vulnerability. If you use PGP/GPG or S/MIME for very sensitive communication, you should disable it in your email client for now.
Click here to read more

New Strain of 'Hide and Seek' IoT Malware Adds Persistence To Threat

BitDefender discovered a new version of the 'Hide and Seek' IoT malware, which targets numerous generic devices. This new strain has the ability to remain operable despite a reboot. Equipment owners could remove the previous version of the IoT malware by resetting their smart devices, router and modems. Hide and Seek uses a proprietary peer-to-peer network for both C&C and new infection communication. The persistence feature makes the botnet a more pressing concern for owners of the nearly 100,000 IoT devices already infected and other vulnerable and unprotected equipment.
Click here to read more

Managing Things : The New Competitive Imperative for Enterprises

Enterprises are trying to understand how to take full advantage of and manage the explosion of Internet of Things (IoT) assets, or things, inside and outside of their organizations. IoT technology promises to save time and money. IoT will enable firms to provide better value to customers, employees, and other stakeholders. These assets are invaluable to any business. However these devices hold information that cannot be replaced, and can open businesses and entire industries to vulnerabilities if they are not properly protected. IoT introduces another vital layer onto the need for ITAM, and the need for IoT asset management is massive. The importance of ITAM will never go away.
Click here to read more

A Bug in Cell Phone Tracking Firm's Website Leaked Millions of Americans' Real-Time Locations

LocationSmart collects the real-time location data on virtually every cell phone customer in North America. Recently a bug in its website was discovered, that enabled anyone to see where a person is located without obtaining the target s consent. The company has "direct connections" to all major US wireless carriers, including AT&T, Verizon, T-Mobile, and Sprint as well as Canadian cell networks. LocationSmart, is a data aggregator and works with cell carriers to obtain locations from nearby cell towers. Initially the company s site had a "try-before-you-buy" page that let users verify the accuracy of its data. The site sent a one-time text message to the user to obtain consent to access the location information. The software can track a phone s location to a city block of his actual location. However, the website had a bug that allowed anyone to track someone's location silently without any consent.
Click here to read more

Americans Say, 'Bring On the Data Privacy Regulations!'

A majority of Americans who were polled would like to see GDPR-style laws enacted in the US. Janrain, an identity management company, surveyed US internet users asking the following question "The General Data Protection Regulation (GDPR) will give European Union citizens greater control over how businesses can use their personal data. Would you like to see similar laws enacted in the US?" Over 65 percent of respondents indicated they would welcome such a law. The survey suggests that consumers are wary of how digital companies use their personal information. Over half 50% of the respondents indicated that they were "very concerned" about the security and privacy of their data, and over 40% were somewhat concerned.
Click here to read more

Google and Microsoft Disclose New CPU Flaw, and the Fix Can Slow Machines Down

Microsoft and Google jointly announced the discovery of a new CPU security vulnerability that is similar to the previously revealed Meltdown and Spectre flaws. Labelled Speculative Store Bypass (variant 4), this vulnerability exploits speculative execution that modern CPUs use. The Safari, Edge, and Chrome browsers were all patched for Meltdown earlier this year. Intel announced that these mitigations are also applicable to variant 4 and available for consumers to use today. Patches to combat this new vulnerability include firmware updates for CPUs that could affect performance. Intel has distributed microcode updates for Speculative Store Bypass in beta form to OEMs. The firmware updates will set the Speculative Store Bypass protection to off-by-default to avoid negative performance impacts.
Click here to read more

Why Software Asset Management (SAM) Is So Often Overlooked By CIOs

Even though software asset management (SAM) has been a long standing IT management practice, many CIOs do not prioritize it. SAM can be complex and is often considered a tedious necessity rather than an opportunity to add value to the business. Fines for non-compliance with software license agreements can be enormous, and audits can cost thousands of dollars. However, there is more to SAM than surviving software audits. Businesses need to stop going through the motions and start considering the many ways they can benefit from effective SAM practices. By changing their mindset, IT teams can create savings and streamline software use across the entire organization.
Click here to read more

How a New ISO Standard Helps You Take Control of Your IT Assets

The updated ISO standard 19770-1:2017 promises to help companies gain control over their software and hardware assets. ISO 19770-1:2017 is an update from ISO 19770-1:2012, however it feels more like an overhaul in that it now meets the requirements of a real management systems standard. The standard helps to address some significant problems when it comes to reducing risk and creating a best practice for managing a firm s IT assets.
Click here to read more

Make Software Audits Unprofitable By Fortifying Your Software Audit Castle

Staying compliant with the terms of software licenses is a major challenge for any organization. Software rules and metrics are constantly changing, and when combined with virtualization and cloud computing the license and usage mix becomes difficult to control and virtually impossible to manage. The best way for a company to protect itself from software vendor audits is to make them as unprofitable as possible for the software publishers. The only effective defense is to establish a professional Software Asset Management (SAM) practice including audit prevention and defense capabilities.
Click here to read more

Growing Number of Shadow Devices Leaves Many Networks Vulnerable

According to a report from security company Infoblox, corporate networks across the United States and the European Union have thousands of shadow personal devices connecting to their networks. Infoblox surveyed 1,000 IT directors and 1,000 employees in the U.S. and E.U. Over one third of the surveyed organizations reported more than 5,000 personal devices connecting to their networks daily and reported that they have more than 1,000 shadow IoT devices connected to their networks on a typical day. Such practices make organizations vulnerable to social engineering hacks, phishing attacks and malware injection.
Click here to read more

Industry Resource - Apr 2018


The Overlooked Problem of 'N-Day' Vulnerabilities

Zero-day attacks are often the focus of news about cybersecurity threats, however the known vulnerability or "N-day" vulnerabilities that create a more significant problem for many companies. Zero-day vulnerabilities are unknown to a software developer or hardware manufacturer, whereas an N-day is a flaw that is known but for which there may be, or not be, a security patch. There are thousands of known vulnerabilities in existence; organizations have significant exposure to them within their IT infrastructure.
Click here to read more

The Cloud Is Rising To the Cybersecurity Challenge

Cybersecurity was the focus of the last Google Next cloud conference. The company recently made a series of cybersecurity-related announcements, emphasizing just how much of a growth area cloud-based cyber-security has become. Some of these new tools are designed to survey a company s entire cloud footprint, and to identify potential vulnerabilities or forgotten access points. The most common causes of data breaches in the cloud are misconfigured access restrictions on storage resources and forgotten or improperly secured systems. Unlike the VPN defenses, whereby companies monitored their assets, but trusted anyone that got inside, cloud vendors are pushing businesses towards their own trust nothing model.
Click here to read more

First Spectre, Now BranchScope Another Vulnerability In Intel Processors

Researchers recently discovered a new vulnerability in Intel s processors which they labeled BranchScope. The flaw is found in the method the CPU uses to predict where its current computational task will end. The BranchScope exploit gives attackers the ability to take control of this think ahead decision-making component and steer the upcoming path in a different direction. The intruders can then steal sensitive data stored in memory not typically accessible by users and applications.
Click here to read more

3 Steps to Asset Management and Software Auditing

Today, computing and I/O endpoints are the largest group of devices inside a network. Endpoint disruption can significantly negatively impact any firm s day to day operations. There are four key components to building an endpoint security program: asset management, software auditing, vulnerability management and managing incidents. These points are detailed in a new guide, 4 Essential Strategies to Endpoint Security Protection. Of those four points, IT asset is the single most critical control component of security today. To manage all of a company s IT assets, IT managers can follow these three foundational steps: 1) establish a baseline, 2) refine and maintain your inventory and 3) introduce automation, integration and alerting.
Click here to read more

A Third of SA Firms Admit To Lack Software Asset Management Savvy

According to ITWeb's Software Asset Management Survey, over 75 percent of respondents have a defined IT strategy in place. However, more than a third admitted to lacking software asset management tools in their organization. In addition, nearly 30% were concerned about software non-compliance. It was generally recognized that effectively managing IT assets is a key component of achieving production targets, controlling costs, and meeting corporate and organizational goals.
Click here to read more

There s more to Software Asset Management than Managing Licenses

When establishing a SAM function, many companies start by implementing an IT asset management (ITAM) and software asset management (SAM) solution. Combined, the ITAM and SAM solutions will provide better visibility of any potential compliance risks and establish a central database of related that can be useful throughout the organization. By compiling information on license purchases a SAM professional can calculate the firm s actual license entitlement, as well as actual license demand or usage. These two numbers can be compared to create an effective license position, highlighting areas of over- or under-licensing.
Click here to read more

Get Visibility on Potential GDPR Blind Spots

Today, no company is immune to a data breach. However, a data breach is the most likely cause for a company to ways to get assessed GDPR s top fine of the greater of 20 million or 4% of revenue. Regulators are expected to fully investigate a breach and it s causes they investigate. EU regulators will want to see that a breached did everything reasonably possible to prevent the incursion and protect personal data, including proactively managing all of its IT assets. They ll focus on your cybersecurity processes, governance and how the firm tracked and enforced execution of these processes. As a means of protections a company must
update its processes and governance and be ready to show that it took exhaustive measures to protect personal data.
Click here to read more

How Android Phones Hide Missed Security Updates From You

Google struggles with how to have Android smartphone manufacturers regularly push out security-focused software updates to their customers. But when one German security firm Security Research Labs examined hundreds of Android phones, it found that many Android phone vendors fail to make patches available to their users. They may delay a security release for months or even claim that the firmware is fully patched, when they have skipped the patch altogether. SRL tested the firmware of over 1,000 phones, from multiple phone manufacturers, looking for every Android patch released in 2017. Their probe discovered that, except for Google's own phones like the Pixel and Pixel 2, even top-tier phone vendors claimed to have patches installed that were non-existent on the device..
Click here to read more

SAP Unveils First-of-Its-Kind Pricing Model

SAP recently announced a new model for its Digital Access licensing policies commonly known as Indirect Access. The new model makes it easier for customers to use, understand and pay for SAP software licenses. It differentiates between Direct/Human (per user license) and Indirect/Digital Access (automated access), while clarifying the terms for licensing, usage and compliance. Historically, customers primarily had the option to pay for the SAP ERP application based on the number of individual users. However, as more automated systems accessed SAP software systems, customers asked for an alternative pricing approach. Going forward, SAP will differentiate between direct/human access which will be charged for by number of human users and indirect/digital access via third party, IoT devices, bots and/or other digital access that will be licensed based on transactions/documents processed by the system itself
Click here to read more

GDPR Compliance: For Many Companies, It Might Be Time To Panic

Even though the May 25th deadline for complying with the General Data Protection Regulation (GDPR) is rapidly approaching many companies still are not prepared to comply with its requirements. GDPR is a set of rules developed by the European Union (EU) governing bodies designed to ensure data protection for individuals within the European Union EU. Any company that handles data for individuals within the coverage area is impacted, and will face stiff penalties for non-compliance. In most organizations, IT and information security teams have the main responsibility for meeting GDPR compliance. A majority of them reported to survey firm Crowd Research Partners that developing an inventory of user data, and mapping the data to protected GDPR categories, is a priority in their GDPR compliance efforts. This is followed by evaluating, developing, integrating and inventorying systems that support or are impacted by GDPR compliance.
Click here to read more

Why Human Vulnerabilities Are More Dangerous To Your Business than Software Flaws

A recent report from Proofpoint, noted that most cyberattacks are designed to take advantage of human error, despite the current focus on software and network vulnerabilities. The report stated that "Email remains the top attack vector...Attackers are adept at exploiting our natural curiosity, desire to be helpful, love of a good bargain, and even our time constraints to persuade us to click." Half of all clicks on malicious emails occurred within an hour of it showing up in the victim's inbox, with nearly a third being accessed within 10 minutes of receiving the email. Hackers, attempted to take advantage of human trust in most cases. The report stated that "Many of these attacks rely on social engineering. Others simply take advantage of inclinations for immediate gratification, improved status, or even the reward of 'getting something for nothing.'"
Click here to read more

Software Asset Management: A New Defense Against Cybersecurity Threats

Today, companies are spending millions for malware protection, firewall solutions, and security consulting. However, most firms remain unaware of their greatest vulnerabilities. Companies cannot protect what they cannot manage or do not know that they own. Organizations need to have a complete picture of their infrastructure what devices and software is installed, how it s being used, who s using it, and if it s current with regard to patches and fixes. A robust software asset management (SAM)tool can provide this information. Comprehensive asset management is a critical component for effective IT infrastructure, service, and cybersecurity management. SAM provides critical information about the number of devices and applications deployed, and their location and warranty status. SAM also identifies discrepancies between software licenses owned and the number of software copies deployed and ensures companies are in compliance or are not paying for licenses not in use.
Click here to read more

A Corporate Guide to Addressing IoT Security Concerns

IoT security ranks as a major concern for many companies. Research firm 451 Research recently found that over half of survey respondents rated IoT security as a high priority. The report notes that the nature of IoT makes it particularly difficult to protect against attacks, If a company does not know which devices are connected to its network, ensuring security of these endpoints is difficult if not impossible. Ruggero Contu, research director at Gartner Inc stated that This is a critical area. One key concern for enterprises is to gain full visibility of smart connected devices. This is a requirement to do with both operational and security aspects. Robert Westervelt, research director of the Data Security Practice at IDC added that
this discovery and identification is about asset management and less about security.
Click here to read more

The 6 Pillars of a SAM Guru

Software asset management is a challenging job, and can become even more difficult without support from management. A true SAM guru who employs best practices, must master six conceptual pillars, including ownership, usage, plans, contracts, controls and versions. If any of these pillars are missing from a firm s SAM strategy, it may experience problems with license coverage and compliance, or software licensing over-spending. This article describes these pillars and why they are critical to a successful SAM program.
Click here to read more

An Elaborate Hack Shows How Much Damage IoT Bugs Can Do

Increasingly, hackers are attacking corporations through the Internet of Things (IoT). Vulnerabilities linked to IoT devices are well-documented. The most common attacks generally involve turning thousands of vulnerable devices into botnets, or penetration a network through a weak IoT device. Researchers from the IoT security firm Senrio have proven that a company's publicly exposed IoT devices can create an unsupervised backroad access point into networks. Attackers can move among all the vulnerable IoT devices, totally bypassing mainstream devices like PCs and servers, and creating an exploit that is much harder to detect.
Click here to read more

Industry Resource - Mar 2018


Memcached DDoS: The Biggest, Baddest Denial of Service Attacker Yet

Memcrashed, a new DDoS attack method can overwhelm a website with over a terabyte of traffic. The malware works by exploiting the memcached program, an open-source, high-performance, distributed, object-caching system that is widely used to cache web-server-session data. However, system administrators have exposed memcached-enabled servers to the internet, not knowing that the software was never intended be available over the public internet. Having no authentication it is easy to abuse. When hackers discover memcached on the internet they can use it to power a DDoS UDP-based reflection attack vector.
Click here to read more

Feds Move To Secure Mobile Devices with Machine Learning, Biometrics

With the use of mobile devices for work by federal employees constantly growing, U.S. government agencies are using biometrics and other means to secure computers, smartphones and tablets. According to a recent report, over 90% of federal agency IT said their organizations provide secure mobile access for work-issued devices. However, fewer than 20% support access to agency systems from employee s personal devices. The report noted that over 30% of federal workers rely on personal laptops, almost half use personal smartphones and nearly three quarters rely on personal tablets for work, despite the lack of support for those devices.
Click here to read more

AMD Has a Spectre / Meltdown-Like Security Flaw of Its Own

CTS-Labs researchers have discovered critical security flaws in AMD chips. The vulnerability could be exploited by attackers to access sensitive data from highly guarded processors in use in millions of devices. Of particular concern is the fact that the flaws reside in the secure part of the processors where the devices store sensitive data including passwords and encryption keys. It's also the location where the processor checks that nothing malicious is running when the system is started up. The research indicates that there are 13 vulnerabilities in AMD's Ryzen and EPYC processors. IT security staff should refer to their IT asset management reports to identify affected systems.
Click here to read more

Your Smartphones Are Getting More Valuable For Hackers

Security researchers are reporting that attacks on smartphones are increasing at an alarming rate. Researchers from Lookout, and the Electronic Frontier Foundation, presented their findings about a global malware campaign called Dark Caracal that targets mobile devices and has infected thousands of users worldwide. The massive attack used nearly identical versions of real apps that were installed thousands of victims. Once installed phones, the attackers had access to everything on the users devices. Attacks on mobile devices are g yield a bigger
reward and people are using smartphones much more than they use their computers
Click here to read more

For Those Suffering From GDPR Panic: Start with SAM

The new GDPR rules will become effective on May 25th of this year. GDPR will impact every industry that collects, retains, or processes personal data on EU individuals, without regard to its physical business location. Noncompliance can result in a fine of the greater of 4% of a company s annual revenue, or 20 million euros. Much of the GDPR focus is related to infrastructure but ignores vital issues surrounding IT asset management (ITAM)and discovery.
If a company is found to be noncompliant with GDPR, there will be questions from the GDPR auditors about the causes of the breach. The CIO, will be held accountable, and will need to be able to provide details on the number of devices in use, who has access to those devices, the software and apps deployed throughout the company and if those devices were encrypted. A fully functional ,ITAM solution will be the key to providing that information.
Click here to read more

Researchers Find Security Flaws In Popular Smart Cameras

Researchers at security company Kaspersky Lab uncovered a series of security vulnerabilities in some smart cameras that makes them vulnerable to hackers. The flaws enable cyber-criminals to conduct surveillance and compromise the network to which the device is connected. The vulnerabilities in cameras manufactured by Hanwha Techwin enable attackers to access live video and audio feeds, and remotely get root access to the camera. That root access could allow access to the rest of the network.
Click here to read more

A Raft of Flaws in AMD Chips Makes Bad Hacks Much, Much Worse

Secure subsystems are intended to be impenetrable to hackers and to handle tasks too sensitive for the main CPUs in the device. AMD's version of that type of co-processor has a multitude of critical flaws that can be exploited by hackers. Attackers can leverage those flaws to run malware that's nearly impossible to detect and has direct access to a systems most sensitive information. The chips also contain "backdoors" that hackers can exploit to gain administrative access.
Click here to read more

SDN Its Time Has Come

With the rapid adoption of new technologies, it seems that network managers are constantly working to meet new demands: They need to be flexible and agile, while minimizing risk, to meet the challenge of giving employees the proper tools to do their jobs. As reliance on their network infrastructure increases, IT pros are investigating new tools to increase efficiency and meet organizational demands on time and on budget. Many businesses are considering
software-defined networks (SDN, to usher in the next generation of infrastructure. SDN eliminates the expensive, time consuming, labor intensive, hard wired, physical appliances and complex network architectures operations and uses software to set up and implement the network instead. According to Nemertes Research, currently, nearly 10% of organizations surveyed are currently using SDN, but more than 40% are evaluating the technology.
Click here to read more

Android Malware Found Inside Apps Downloaded 500,000 Times

Cybercriminals have installed malware to at least a half million Android users. The malicious code is by hidden inside a number of apparently harmless apps found on the Google Play store.
The malware was disguised as six QR readers and one compass app and passed security checks by hiding its true intent through coding tricks and by delaying its initial barrage of malicious activity. Following the download, the malware waits for six hours before start flooding the user with full screen ads, opening ads on webpages, and sending various notifications containing ad-related links. All of this activity generates click-based revenue for the attackers even when the app itself isn't actively running. This malware once again illustrates the need for good mobile device management programs for devices used in the workplace.
Click here to read more

Industry Resource - Feb 2018


ISU Professor Warns Of the Threat Of Data Breach Fatigue

Companies need to work to keep their employees from becoming complacent about cybersecurity. An Iowa State University professor has written that people are not overly concerned with cybersecurity, which he believes is growing and could put individuals, and by extension their employers, at further risk of hackers. The trend is known as data breach fatigue, which results in indiv9iduals not changing their passwords or taking basic cybersecurity actions. He noted that We need more attention from all different parties, consumers, industry, government, law enforcement. We need a lot of joint efforts from different stakeholders to combat this data breach fatigue.
Click here to read more

Cybercriminals: The Other Professionals Viewing Your LinkedIn Profile

When viewed through the eyes of a cybercriminal, it is easy to see how LinkedIn s features, and an individual s personal information, could be used for malicious purposes. From corporate reconnaissance to the execution of a cyberattack, LinkedIn can be a dangerous weapon in the hands of a hacker. To a hacker, a feature like 'see all employees' provides a catalog of potential targets. The feature can be used to develop a script to loop over LinkedIn to generate a comprehensive target list for phishing. With this information of the corporate structure, an attacker pose as an individual s superior or colleague and trick him/her into sharing confidential information or clicking a malicious link.
Click here to read more

Over 12,000 Business Websites Leveraged for Cybercrime

In 2017, over 12,000 business websites were used to launch cyberattacks or deliver malware. According to Menlo Security's State of the Web 2017, more than 40% of the top 100,000 websites ranked by Alexa are considered "risky." A website's risk was based on three criteria: presence of vulnerable software, past distribution of malware or being the launch pad attacks, and a security breach within the 12 previous months. A site was classified as risky if it met any one of these criteria. The riskiest sites included news and media sites, entertainment and arts sites, travel sites personal sites and blogs, society sites and business and economy sites.
Click here to read more

Software Asset Management Is a Key Enabler In GDPR Compliance

The European Union General Data Protection Regulation (GDPR) will take effect on 25 May of this year. GDPR guidelines state that companies must provide a reasonable level of protection for personal data. However it does not explicitly define what constitutes reasonable. With digital transformation technologies and trends increasing, the definition of the traditional IT environment and network infrastructure has become increasingly blurred. If companies do not know exactly what software they are using or have deployed, they risk falling short of the full protection required under the GDPR. In addition, ignorance of their full IT I infrastructure leaves vulnerable to data breaches and security threats. SAM, or Software Asset Management, is designed to help firms uncover and better understand their IT network.
Click here to read more

Understanding Software as a Service

In a Software as a Service (SaaS) model, a firm pays an annual subscription fee that grants it access to cloud-hosted software on the publishing company s computers. The SaaS subscription model ensures that the company s users always have access to the latest possible version of the software without having to pay for a software upgrade or install a new version. In addition users access the software from multiple devices with a single login and access it from just about anywhere without having to manually sync files across multiple devices. SaaS won t cause legacy issues for systems that have been adapted to work with them. Users with a computer or device that can access the internet can have access to the latest upgraded and patched version of the software along with all of the most recent versions of their files.
Click here to read more

Five Ways To Check If Your Router Is Configured Securely

In a modern IT environment where threats and new vulnerabilities are identified daily, it is necessary to use the most current security tools. Whether in a corporate, school or home environment, security must encompass and protect all network elements that could become gateways for possible attacks. Some security-related actions users should consider include: 1) conducting router connectivity and authentication tests, 2) performing router vulnerability tests, 3) verifying devices connected to the network, 4) updating all devices on the network and 5) enabling security options.
Click here to read more

Fewer CIOs Running ROI Calculations For Cloud: Survey

A by ISACA (Information Systems Audit and Control Association) poll of CIOs found that nearly a third of the companies considering cloud initiatives do not calculate an ROI. In 2014 a similar survey run by Information Week showed that be a fifth of CIOs surveyed conducted an ROI analysis on cloud initiatives. The majority of CIOs not calculating cloud ROI based their investment solely on business objectives and shifting funding from capital expenses to operating expenses. However, twenty per cent of those that didn t calculate a cloud ROI did develop a business case that included financial outcomes that resulted from making the transition.
Click here to read more

Updating a DCS for Optimized Operations

Manufacturers designing digital control systems twenty or thirty years ago could not anticipate the security issues industries face today. Companies that currently operate legacy systems cannot operate within a security-conscious environment necessary to protect against new and frequent threats. Legacy systems do not account for newer technologies such as wireless networks, intelligent devices, and the internet. In many cases, it is impossible to properly secure older systems. If a company attempts respond to a cyberattack without the proper infrastructure and tools, expenses and the probable downtime will be much greater. In addition, the firm would be forced into upgrading to address the security breach in a reactive action mode, as opposed to being proactive. A full knowledge to the IT and DCS infrastructure is necessary to avoid cyber-security threats.
Click here to read more

Skype Can't Fix A Nasty Security Bug Without A Massive Code Rewrite

A security flaw in Skype's updater process can permit a hacker to gain system-level privileges to a vulnerable computer. The bug can grant an unprivileged user with access to every part of the operating system. However, Microsoft (which owns Skype) immediately fix the code because the repair would require too much coding. Security researcher Stefan Kanthak discovered that Skype s update installer can be exploited with a DLL hijacking technique. It allows an attacker to trick an application into accessing malicious code in place of the correct library. Once installed, Skype uses a built-in updater to maintain the software. When that updater runs, it uses another executable file to run the update, which is vulnerable to the hijacking.
Click here to read more

How Your Company Can Prevent A Data Breach And What To Do If One Occurs

Based on the number of successful cyberattacks, the security practices for vulnerable businesses are far from adequate. Many small organizations that will face a data breach need cost-effective, tools that will work within the company s operating environment. One method successful businesses employ is to maintain a thorough inventory and assessment of all networked devices and deployed software. Too often businesses fail to take this critical first step. Ignorance of the network components can allow weaknesses and loopholes to go unpatched. A comprehensive IT asset management program can continually monitor for vulnerable dev ices and software, and may be a company s first and best defense to deal with an ever-widening threat landscape.
Click here to read more

Why Colleges Should Start Expecting the Unexpected

In 2016 hacking contests revealed nearly 50 vulnerabilities in more than IoT 20 devices from over 20 manufacturers. The hacked devices included smart door locks, padlocks, thermostats, refrigerators, wheelchairs and even solar panel array. Having so many connected devices attached to the network makes it difficult for IT personnel to know when one is vulnerable. One IT security expert noted that the first time there is an Internet of Things based attack it ll probably involve a device that the IT group didn t even know was on the network.
Click here to read more

Mobile App Management Is Being Driven By Unmanaged Devices

According to a recent report published by The Gartner Group, the need for companies to manage applications on unmanaged devices owned by employees or contractors is pushing the use of mobile app management (MAM) tools. In Gartner's Market Guide for Mobile Application Management the firm noted that, by early in the next decade over half of mobile apps used in the enterprise will rely on at least one app-level management solution. The use of stand-alone MAM licensing offers lower per-user cost and can be useful for companies only requiring app management.
Click here to read more

7 Steps Security Chiefs Can Take To Deal with Spectre and Meltdown

According to Gartner, CSOs and CIOs must take a risk-based approach to the ongoing threats posed by Spectre and "Meltdown, an underlying exploitable design implementation inside most computer chips manufactured over the last two decades. Nearly every modern IT system will be affected to some extent. Nearly every type of system is impacted, including desktops, mobile devices, servers, virtual machines, network and storage appliances, OT and IoT devices. The starting point for any remediation effort must be an inventory of affected systems which will constitute a roadmap for all planned actions. For each system, a detailed database needed to track the device or workload, the version of its microprocessor, firmware version and OS. A robust IT asset management solution will be a required tool in repairing vulnerabilities caused by Spectre and "Meltdown.
Click here to read more

Sophisticated Android Malware Spies on Smartphones Users and Runs Up Their Phone Bill Too

A new Android malware program called RedDrop stealthily steals sensitive data from infected devices, including full audio recordings of phone calls and stores it in the cloud. The spyware collects a wide spectrum of information from the device as well as information about saved Wi-Fi networks and nearby hotspots. It has also been designed to ensure that users are completely unaware that their phone is infected. The infection comes to light when the user receives an unusually high phone bill, as the malware secretly sends SMS messages to a premium rate service in addition to its spyware activities. More than 50 apps are used to distribute the malware, using lures to look like a range of tools including calculators, image editors and language learning aids.
Click here to read more

Industry Resource - Jan 2018


Amazon, Salesforce Shifting Business Away From Oracle: Report

Two of Oracle s biggest customers, Amazon and Salesforce are planning to replace Oracle software running on crucial business systems. Both companies plan to use lower cost open-source database software. The companies have made significant progress toward replacing Oracle all together. Although Oracle s database is considered by many to be the most advanced, it s also expensive and comes with complex licensing terms. Amazon has switched over two internal databases that run its e-commerce operation to open-source NoSQL. Salesforce, has also been developing a database replacement, code-named Sayonara ( Japanese for goodbye ) and is now ready to deploy it internally.
Click here to read more

Un-clear and Present Danger

Fileless Malware, also known as Advanced Volatile Threat, is malware that can launch without being stored on a systems hard drive. Traditional forms of malware saved their payload to a drive, either as an executable file or script. It was then and then executed it or scheduled to run at a late time or dater. Anti-virus software exploits this design by intercepting accesses to the file store. AV software can then detect the creation of a file and interrogate it for signatures of known malware. When detected the malware id deleted or quarantined before it can run. Consequently, if malware doesn t write any code to disk, the AV software never sees it. Even if the malware s signatures are known, the code will never be discovered.
Click here to read more

Cisco Releases Security Connector App For iOS Devices

Cisco recently announced the availability of Cisco Security Connector on the App Store The offering is a security app that will give enterprises the deepest visibility and control over network activity on iOS devices. The primary benefits of the Cisco security connector app are enhanced visibility into incident investigations involving enterprise-owned iOS devices and better control over iPhone and iPad users who may connect to malicious sites.
Click here to read more

Windows Patches: Microsoft Kills Off Word's Under-Attack Equation Editor, Fixes 56 Bugs

In its first security update for 2018, Microsoft fixed 56 flaws and included a fix for a new Office vulnerability caused by Word's built-in Equation Editor that is currently being exploited by hackers. The update follows Microsoft's emergency patches for the Meltdown and Spectre CPU attacks. Of the 56 fixes 56 in this update, Microsoft addressed the Equation Editor flaw in Office it patched in 2017. A cybercriminal group started to exploit that flaw soon after Microsoft released the patch.
Click here to read more

Trust Is Not a Strategy for Cybersecurity

Cyberattacks are ongoing activities, not discrete events. To compound matters digitalization and connectivity are heightening companies cyber risk. A breach of a single connected operational technology system puts every device on the network at risk. Low-security, unpatched and small networks provide easy access for cybercriminals. Human error and negligence also are major cyber risks. To establish and sustain cybersecurity, greater awareness of threats and a detailed knowledge of the components on the network are critical. In addition to mastering basic security measures, companies need to proactively detect and respond to attacks.
Click here to read more

Half a Million Users Affected By Malicious Chrome Extensions

US-based IT security company, ICEBRG recently discovered four Chrome extensions containing malicious code that were distributed through the official Chrome Web Store.
The company revealed that these extensions were primarily used to conduct click fraud and/or SEO manipulation. However, they could also provide cyber criminals with a way to access a corporate network, and a means to steal proprietary information. ICEBRG said the investigation was prompted by an anomalous spike in outbound network traffic from one of its customer's workstations. The investigation resulted in the discovery of the four malicious extensions: Change HTTP Request Header, Nyoogle - Custom Logo for Google, Lite Bookmarks, and Stickies - Chrome's Post-it Notes.
Click here to read more

How to Choose the Right Asset Management Software

Selecting best IT asset management software for your business requires time and effort. With all options available, one-size-fits-all does not apply. A solution that works for one company might not be a good fit for another. Evaluating options can be a time-consuming task especially if IT management does not have clear idea of the needed functionality. There are six important aspects that must be considered in selecting an IT asset management software solution. They include: Accessibility, Mobility, Features, Scalability, Pricing and Support.
Click here to read more

How IT Can Improve Asset Management

IT asset management challenges are numerous. They range from locating an old decommissioned server in the closet of a remote field service office, to discovering software that has become shelf-ware, to reallocating IT assets that are only being utilized to about. All are assets that are used at 20% of capacity. The organization continues to pay maintenance and licensing costs on these under used assets, draining the IT budget. There are IT asset management best practices that can be applied to address these problems. Four IT asset management cornerstones that comprise some of the best practices include: 1) implementing a asset management software solution, 2)assigning a person or group to be responsible for managing corporate IT assets, 3) making asset management an integral part of IT budget planning and execution and 4) periodically performing a manual inventory of the physical, software and and cloud-based assets.
Click here to read more

How to Manage Your Software and Hardware Assets

Hardware, software, and network management programs can result tangible benefits to any company. Firms having and maintaining an in-depth understanding of what devices comprise the network can make deliberate decisions when procuring additional assets. They avoid unnecessary purchases, negotiate better contracts, and maximize the benefits of the IT budget spend. Good visibility of the company s IT assets enables IT management to insure license compliance and implement improved security initiatives. In addition, productivity improves as service desk agents armed with detailed asset descriptions are better equipped to troubleshoot and resolve end-user issues.
Click here to read more

Mobile Devices and the Industrial Internet of Things (IIoT)

When attempting to secure general purpose and industrial IoT (IIoT) devices, IT pros consider limiting access to networks, especially those that don t use encryption; ensuring devices have current firmware and strong passwords; and using caution with regard to devices with cloud services. However, with so many BYOD and corporate owned devices on enterprise networks, the attack surface is much larger than traditional networks. End-user devices may be unpatched because no patch is available from the carrier or manufacturer, or which may have vulnerable or otherwise risky apps, or may have apps that send sensitive data to questionable sites on the Internet. Consequently, the proliferation of mobile devices has significantly added to the overall vulnerability of the network.
Click here to read more

The Future of AI and Endpoint Security

In the past it was sufficient to install antivirus software across a network to maintain a reasonable level of endpoint protection. Unfortunately this is no longer the case. With the growth of bring your own device (BYOD) policies and the number of smart devices available on the market there are more endpoints than ever. Consequently, endpoint security has never been more under threat. A number of studies have indicated that between 70% and 95% of the of security breaches originate at endpoints.
Click here to read more

High Mobile Device Adoption In Workplace Adds To Network Security Woes

The proliferation of bring-your-own-device (BYOD) programs is exposing corporate networks to complex cybersecurity threats. Security company Fortinet warns that vulnerabilities include shadow IT and data leakage. Employees expect to use their mobile devices at all times, and firms are allowing staff to access the corporate network from their personal devices, with minimal control over application use.
Click here to read more

The Benefits of a Subscription Service

Software has typically been acquired with a perpetual license, whereby firms pay for the number of licenses required for their workforces. However, recently software vendors are moving to subscription services. In fact, subscription services benefit both software publishers and their customers delivering a new level of flexibility and agility. Subscription services changes the ways that software expenses are accounted for. With a perpetual license, software is typically treated as a capital expenditure (CAPEX); subscription services are treated as an operating expense (OPEX). The difference in accounting gives the corporations more flexibility and an easy means of using the most current version of the software.
Click here to read more

Increase in Audits Makes Software Asset Management a Solid Investment

It is virtually guaranteed that any company that uses software will be targeted for a software audit at some point. According to some experts, it s not a question of if, but when a firm will be required to provide evidence of compliance with the terms of its software license agreements with the software vendor. For many firms, software asset management (SAM) tools are a key part of doing business and are critical tools in limiting the impact of vendor audits. The need to track hardware and software assets throughout their entire lifecycle is more important than ever as enterprises migrate to the cloud and invest in virtualization services. According to research by Transparency Market research, the IT asset management software market is projected to have a CAGR of nearly 7% over the next six years.
Click here to read more

How to Respond to a VMware Audit

Businesses facing VMWare audits must be prepared to take a number of steps to ensure compliance and avoid worsening any potential copyright infringement claims. These steps include: 1) identifying the source of the audit, 2) preserving the network to prevent spoliation of evidence claims, 3) conducting a comprehensive audit of the network, 4) reviewing the terms of the license agreement for each use case, 5) collecting all entitlements and license agreements and 6) negotiating a resolution of the audit.
Click here to read more

Should I Fear the Reaper?

Reaper was first identified spotted by an Israeli security firm in October 2017. Typically it lies dormant, seeking out Internet of Things (IoT) devices as a means to access other computer systems. It then recruits those devices to a network called a botnet to steal data, distribute spam, and perform other destructive actions. The best way IT can protect the network is to maintain a proactive strategy. Use an IT asset management and anti-virus solution tool to determine if all available specific security patches are installed, along with other known vulnerabilities and the location of various Reaper control networks.
Click here to read more

Cisco: This VPN Bug Has A 10 Out Of 10 Severity Rating, So Patch It Now

Cisco is advising customers of its Adaptive Security Appliance (ASA) software to patch a dangerous VPN bug. Cisco's ASA operating system has a severe double-free vulnerability in the Secure Sockets Layer VPN feature. The company is warning customers that it "could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code". According to Cisco a successful attack would allow an attacker to take "full control of the system. As a result of to the ease of exploitation and the impact, the has been assigned a Common Vulnerability Score System (CVSS) score of 10 out of a possible 10.
Click here to read more

More Than 2,000 WordPress Websites Are Infected With a Keylogger

Researchers recently warned that over 2,000 websites running the open source WordPress content management system are infected with malware. That a specific malware logs passwords along with anything else an administrator or user enters. The keylogger is a component of a malware package that installs an in-browser cryptocurrency miner. The miner runs undetected on the systems of anyone visiting the infected sites.
Click here to read more
Safe browsing - we don't use cookies in our websites or web applications.

_text_

_desc1_
_desc2_
_desc3_