Adobe’s Emergency Patch against Ransomware

Security, ,
24
May 2016

635957083271499585-AP-ADOBE-PARENTAL-LEAVE-75052044

Adobe’s Flash Player – no stranger to security concerns – has recently been forced into issuing an emergency patch to protect its users from ransomware.

Despite the repeated horror stories of Flash Player’s buggy and easily exploited software, it’s still used on a regular basis by a huge number of people. That’s why any vulnerability which comes to light can have an impact on millions of systems.

This time, it’s that contemporary marvel of security scares known as ransomware which is making the headlines again. So, to keep your systems protected, let’s see what we can learn from Adobe’s latest debacle.

Adobe’s Zero-Day Flaw

The vulnerability at the center of Adobe’s woes is known as a zero day flaw, but what does this mean? A zero-day flaw refers to a software vulnerability which is completely new and unheard of. Due to its unexpected emergence, the team behind the software then, quite literally, has zero days to prepare a response.

And it’s this level of precarious defense which means zero-day flaws can spread like wildfire and cause absolute mayhem.

In this particular instance, Flash Player was discovered to contain a memory-corruption vulnerability which allowed hackers to hijack user’s systems. To take remote control of user’s systems, the hackers employed the use of the Magnitude exploit kit.

Using Magnitude, hackers were then able to download ransomware software – such as Locky and Cerber – onto user’s systems. This ransomware was then primed to encrypt personal files and demand a ransom to unlock these files.

All versions of Flash Player up to version 21.0.0.197 have been affected. And it’s not just limited to systems running Windows – Macs, Linux and ChromeOS are all vulnerable as well.

The Emergency Patch

Adobe-Patchday-658x370-6fda846fec7c4caa

The threat was first discovered when security experts Proofpoint were investigating recent changes made to the Magnitude exploit kit. Once the magnitude of Magnitude had been established, Proofpoint swiftly contacted Adobe who was quick to rush out an emergency patch.

Thankfully, for Adobe, they had previously built in an exploit mitigation technique into Flash Player version 21.0.0.182, so this minimized the malicious impact of this zero-day flaw. However, you would be surprised by the amount of users who don’t update their software when prompted. As a result, a significant number of systems were compromised.

Once the emergency patch had been released, Adobe was also quick to advise all its Flash Player users to upgrade to the latest version. This would, hopefully, minimize the risk of further exploitations on older versions of the software.

Is Adode Safe?

This is a question which seems to get asked on a daily basis at present. And unfortunately for Adobe, things do not look great.

Hackers are clearly targeting Flash Player now and Adobe seems helpless in protecting its product. The knock on result of all this negative publicity is that PC manufacturers, such as Windows, are going to question whether it makes sense to bundle Flash Player with their products.

The key piece of information to take away from this article is that you should ALWAYS ensure all your software is up to date. This ensures you have the best protection possible against any potential security flaws.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What’s a DDoS Attack and How Do You Combat One?

Network, , ,
17
May 2016

bigstock-Hacker-Typing-On-A-LaptopWebsites are vital for business, so any disruption to them can spell disaster. A Distributed Denial of Service (DDoS) attack spells it in capitals!

A DDoS attack sounds like a mouthful and very technical, but it’s something that could strike your business’ website at any time. Therefore, it’s the kind of cyber-attack that you need to acquaint yourself with before it’s too late.

Let’s take a look at the ins and outs of a DDoS attack and, more importantly, how to combat one.

What’s a DDoS Attack

shutterstock_311192399

The main aim of a DDoS attack is to take down a website. Without a website, many businesses can find their operations severely crippled e.g. if you rely on e-commerce then no website equals no business.

But how does a DDoS attack disable a website?

Well, first of all, it doesn’t work off just one computer and this is where the distributed part of DDoS comes from.  It usually takes hundreds of computers all working together to disable web servers.

The denial of service aspect of a DDoS attack literally means that users of the website are denied that service e.g. making an office or medical appointment through the wesbite.

A DDoS attack uses huge amounts of false traffic (which has no intention of using a website’s services) to overload web servers. This prevents customers from accessing the website and, eventually, takes it down.

DDoS attacks are becoming more and more popular with hackers with nearly 180% more DDoS attacks in 2015 than the previous year. And big names are being targeted; the BBC and Microsoft’s Xbox Live network have suffered at the hands of DDoS hackers recently.

How Do You Combat a DDoS Attack?

ddos-attack

There are several ways you can combat a DDoS attack, so let’s take a look:

  • Invest in more bandwidth – the reason that a DDoS attack will eventually take down your website is because your bandwidth will be maxed out. Therefore, if you can invest in more bandwidth then you think you could ever possibly use, you’ll increase the chance of keeping your website up.
  • Watch your network – You need to maintain a watchful eye on your traffic. Any sharp increases in traffic need to not just be handled, but also visible to the network. This allows you to get to work on preventing any further damage and preparing any necessary protection.
  • Know who to call – In the case of a DDoS attack you’re going to need to get in touch with your ISP. They will have the capabilities to reroute data and nullify any huge packets of traffic. This is why it’s a good idea to make sure you have all the relevant contact details at your disposal. Remember, time is of the essence here.

Final Thoughts

A DDoS attack can be a tricky piece of cybercrime to combat, so it’s important that your business is aware of the impact they can have. It’s a good idea to formulate a set of guidelines of what to do in the case of a DDoS attack and putting this into place now could save your website in the future.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

What is Cloud App Security an Do You Need It?

Security,
10
May 2016

serveimage

Cloud computing is becoming more common in every business’ operations. Some benefits are set to be enhanced with Microsoft’s Cloud App Security.

Mindful that businesses want to maintain the protection and visibility of their data, Microsoft has designed Cloud App Security to provide this level of control. With more and more businesses moving to the cloud, it could prove to be a very clever move by Microsoft.

To help you understand the benefits of Cloud App Security, I’m going to take you through the basics of this exciting new service.

Employees and Cloud Apps

Employees – just like consumers – absolutely love cloud apps due to their ease of use, but what employees aren’t aware of is the security risk; with employees using, on average, around 17 cloud apps, this opens up a significant number of routes into your network.

These cloud apps are referred to as ‘shadow IT’ as they’re not software/hardware which your businesses IT team will be supporting. Or will have even acknowledged as accessing the network.

91% of companies allow their employees to have access to the organizations cloud, so, as you can gather, the impact of all these routes into your business could cause major issues if security processes are not adhered to.

Employees are human and humans make mistakes, so preparing for this is essential!

The Workings of Cloud App Security

Cloud-Security

Microsoft is keen to clarify that Cloud App Security isn’t about breaching employees’ data usage or habits, but more that it gives businesses a better understanding of how much data is leaving their network and the ramifications of this.

There are three main elements which make up Cloud App Security:

  • Data Control ­– This component allows IT teams to use routines and protocols to control how much data is shared and lost through the network. The policies employed here can either be default, pre-set controls or custom made ones.
  • App Discovery – Using a risk assessment scoring method, Cloud App Security identifies individual cloud apps on the network and evaluates their risk.
  • Threat Protection – By analyzing user behavior and any data anomalies, Cloud App Security delivers threat protection for your various cloud apps.

Cloud App Security operates through two simple steps:

  1. Uploads Network Logs for Analysis – This function allows businesses to take snapshots of network logs of any device on the network and then upload them for analysis. This provides clear and instant visibility.
  2. Connects Sanctioned Apps – Cloud App Security allows you to approve access to apps with just one click. This allows the service to then scan the cloud for app specific data usage.

Do You Need Cloud App Security?

Cloud App Security is an intriguing service and one which should help businesses sleep a little easier at night. There’s a level of cloud app visibility which is currently out of reach for most businesses, but Microsoft, among other cloud app security service provides, makes this readily available.

Cloud computing is a relatively new technology, so this means it can be easily exploited. Cloud App Security, therefore, helps you stay ahead of any potential exploits by providing readily available visibility and analysis of outgoing data through cloud apps.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Multifactor Authentication and Why You Need It

Security,
26
Apr 2016

19_MultifactorAuthentication_b2_l_v3

Many businesses are struggling to combat the increasing sophistication of hackers. However, the key to data security may lie in multifactor authentication.

When firms such as Apple are struggling to reduce the threat of hacks which spell disaster for their employees, it underlines the ease in which hackers can gain access to sensitive data. One way that you can put obstacles in the way of potential hackers is to implement multifactor authentication (MFA) into your business.

You may be wondering what MFA is, so let’s take a look!

The Basics of Multifactor Authentication

Whilst MFA may sound both a bit of a mouthful and incredibly technical, the truth is that it’s a simple concept. Whereas you may currently require your employees to log on to your system with a password, MFA takes it a little bit further.

What MFA demands is that at least two user credentials need to be combined to provide access. The credentials employed in MFA tend to center around the following categories:

  • Password – Yes, that’s right, the good old fashioned login/password combination still has a place in the 21st century!
  • Authentication Token – A small device which users carry such as a swipe card. Using this device will allow users to access your system.
  • Biometric Authentication – This is where things start to get really futuristic as it relates to forms of genetic verification e.g. retina scans and fingerprint recognition.

What’s Wrong with Just Passwords?

2015-12-29-1451425693-272677-Steal_password

Passwords have been in use with computers for as long as we can remember; we suspect that they will also continue to be here for some time. However, on their own, they represent a security risk.

The main problem with a reliance on passwords is that they have to be stored somewhere on a database. Immediately, this presents the threat of all your passwords being compromised if a hacker manages to access the database. And, as mentioned at the start of this article hackers are becoming very sophisticated.

It’s relatively simple for hackers to run software which attempts 1 billion passwords per second, so this demonstrates just how feeble a password on its own is. Therefore, integrating MFA is crucial for establishing a strong set of defenses against potential security attacks.

Benefits of Multifactor Authentication

multifactor

Let’s take a look through the benefits that MFA can bring to your business:

  • Physical credentials can’t be compromised by social engineering. Sure, it’s possible to get a password to someone’s bank account over the phone with a bit of trickery, but how are you going to talk someone out of their swipe card?
  • Hackers are instantly repelled by MFA as their time is better spent on less complex systems to break into.
  • MFA can be very cost effective if all it requires is for an employee to be sent an SMS message with a code.
  • There’s an increase in awareness of security breaches e.g. if an employee receives an SMS message advising that a login attempt has been made, but they haven’t tried to login, then they can alert your IT department.

Considering Multifactor Authentication?

If you’re trying to make your mind up on MFA then let us confirm the answer for you: it’s essential for your most important data and emails! Anything which creates a headache for hackers is an excellent deterrent and MFA achieves this effectively.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More

Email Phishing Scam Steals Snapchat Employees Data

Security, ,
19
Apr 2016

SNapchat620px

Phishing scams are well known within technology circles, but this doesn’t mean those in the tech industry are immune as Snapchat discovered in February.

Snapchat, for those of you who are not aware, is a social media app which allows users to send each other photos and videos with a limited viewing time. Once that time is up then the media disappears forever. It’s proved to be phenomenally successful and the company is estimated to be worth $20 billion.

However, even with the funds available to invest in state of the art cyber security, they still found themselves falling foul of a good old fashioned phishing scam. We are going to show you what happened in order to equip you with the knowledge needed to avoid a similar occurrence.

How Was Snapchat Hacked?

6357613873537576411298140331_snapchat-app_500-100224643-large.imgopt1000x70

The hack at Snapchat used a relatively simple phishing scam to gain access to sensitive employee data. The payroll department at Snapchat received an email which claimed to be from the company’s CEO requesting payroll information on employees. Unfortunately for the payroll department, this email was not genuine. It was a scam.

Not realizing the fraudulent nature of the email, an employee duly forwarded the required information to the hacker. The nature of the data disclosed has not been confirmed by Snapchat, but it’s suspected that it would include the following:

  • Bank details
  • Social security numbers
  • Salary information
  • Personal ID and addresses

Why Do People Still Fall for Phishing Scams?

Computer-Hacker

It may seem strange that such a master of modern technology can fall victim to such a simple phishing scam, but it’s by no means unthinkable. These scams have evolved over time to become more sophisticated and it’s often their simplicity which makes them so deceptive.

In the case of the email sent to Snapchat purporting to be from their CEO, it’s more than likely that it genuinely appeared to have been sent by the CEO. With even the most basic software, it’s possible to fake outgoing email addresses and, if I wanted, it wouldn’t be difficult for me to send an email apparently from bill.gates@microsoft.com

And although this particular Snapchat employee was left thinking “I should have known better”, they most likely thought they were being a helpful employee and were keen to impress their CEO. However, it’s this type of tempting payoff which makes phishing scams so hard to resist.

The Aftermath of the Scam

To Snapchat’s credit, they responded fairly quickly and within four hours they had managed to confirm this was an isolated attack. A report was filed with the FBI and employees affected by the scam were offered two years’ worth of identity theft insurance and monitoring. More importantly, Snapchat underlined their determination to increase the intensity of their security training within the next few weeks.

Snapchat’s case highlights just how vulnerable even multibillion dollar corporations can be when confronted with even the simplest hacks. The importance of good quality security training which focuses on even the most intricate details of phishing scams is paramount to ensure yours and your customer’s data.

For more ways to secure and optimize your business technology, contact your local IT professionals.

Read More
1 36 37 38 39 40 49