Category Archives: Security

Want to scan your crypto wallet for risks? Check: AML check BTC, USDT, ETH. Checking cryptocurrency wallets for dirty money. You may not be aware of a risky transaction and at any moment, even can increase your AML rating into the red zone.

The Rise of Malvertising

Posted on by

malvertising cyber security

LAS VEGAS—One of the hottest topics in cyberthreat detection right now is the rise of malvertising, online advertising with hidden malware that is distributed through legitimate ad networks and websites. On Monday, Yahoo! acknowledged that one of these attacks had been abusing their ad network since July 28—potentially the biggest single attacks, given the site’s 6.9 billion monthly visits, security software firm Malwarebytes reported.

In the first half of this year the number of malvertisements has jumped 260% compared to the same period in 2014, according a new study released at the Black Hat USA conference here today by enterprise digital footprint security company RiskIQ. The sheer number of unique malvertisements has climbed 60% year over year.

“The major increase we have seen in the number of malvertisements over the past 48 months confirms that digital ads have become the preferred method for distributing malware,” said James Pleger, RiskIQ’s director of research. “There are a number of reasons for this development, including the fact that malvertisements are difficult to detect and take down since they are delivered through ad networks and are not resident on websites. They also allow attackers to exploit the powerful profiling capabilities of these networks to precisely target specific populations of users.”

How does malvertising work—and why is it taking off right now? “The rise of programmatic advertising, which relies on software instead of humans to purchase digital ads, has generated unprecedented growth and introduced sophisticated targeting into digital ad networks,” the company explained. “This machine-to-machine ecosystem has also created opportunities for cyber criminals to exploit display advertising to distribute malware. For example, malicious code can be hidden within an ad, executables can be embedded on a webpage, or bundled within software downloads.”

The study also noted that, in 2014, there was significantly more exploit kit activity (which silently installs malware without end user intervention) than fake software updates that require user consent. In 2015, however, fake software updates have surpassed exploit kits as the most common technique for installing malware. Fake Flash updates have replaced fake antivirus and fake Java updates as the most common method used to lure victims into installing various forms of malware including ransomware, spyware and adware.

buy zyprexa online familyvoicesal.org/resources/images/jpg/zyprexa.html no prescription pharmacy

Last week, enterprise security firm Bromium also released a new study focused on the rising threat of malvertising, finding that these Flash exploits have increased 60% in the past six months and the growth of ransomware families has doubled every year since 2013.

“For the last couple of years, Internet Explorer was the source of the most exploits, but before that it was Java, and now it is Flash; what we are witnessing is that security risk is a constant, but it is only the name that changes,” said Rahul Kashyup, senior vice president and chief security architect at Bromium. “Hackers continue to innovate new exploits, new evasion techniques and even new forms of malware—recently ransomware—preying on the most popular websites and commonly used software.”

One of the riskiest aspects of these exploits is that users do not have to be accessing sites that seem remotely suspect to be exposed. According to Bromium’s research, more than 58% of malvertisments were delivered through news websites (32%) and entertainment websites (26%). Notable websites unknowingly hosting malvertising included cbsnews.com, nbcsports.com, weather.com, boston.com and viralnova.com, the firm reported.

With that in mind, IT and cybersecurity teams have to adapt to meet these new threats, which are evolving far faster than detection tools, including antivirus, behavioral analysis, network intrusion detection, and the basic safe browsing guidelines issued to employees regarding their use of work devices.

“The key takeaway from this report is that, at large, the Internet is increasingly becoming ‘untrustworthy.’ Attackers are now using popular websites to launch malware via online ads, which makes things difficult for IT security teams,” explained Rahul Kashyup, SVP and chief security architect at Bromium. “This risk should be well understood and factored in for any organization while building a ‘defense-in-depth’ security stack. Regular patching and updates definitely help to limit the exposure to potential attacks, but that might not be feasible for large organizations.

buy prevacid online familyvoicesal.org/resources/images/jpg/prevacid.html no prescription pharmacy

It is advisable to evaluate non-signature based technologies that can thwart such attacks in a reliable way and prevent infections on end-user devices.

buy singulair online familyvoicesal.org/resources/images/jpg/singulair.html no prescription pharmacy

According to Bromium, the websites that most frequently serve as malvertising attack sources are:

malvertising attack sources

Should Your Company Install an Office Surveillance System?

Posted on by

There are plenty of compelling reasons to install a surveillance system in your office, but there are also a number of reasons not to. Cameras are becoming more and more common in our daily lives, and choosing whether or not to embrace them in your own workplace can be a challenging decision.

online pharmacy elavil with best prices today in the USA

There are advantages and disadvantages to consider before installing cameras and phone/Internet monitoring. Here are a few of them:

Pro: Cameras prevent theft

There is no denying that a camera monitoring system is going to drastically reduce incidents of employee theft. Studies have shown time and time again that areas that are clearly monitored by camera systems have significantly less crime than places that suggest anonymity. If you have a problem with items going missing around the office, installing cameras can be a way of showing that you are aware of the problem without directly confronting a potentially innocent employee. Cameras are a highly effective deterrent that can quickly nip a theft problem in the bud.

Con: Cameras may offer a false sense of security

If you have a particularly devious employee, cameras may actually work against you. If an employee really wants to steal from the office, he or she will probably find a way to do so regardless of the cameras. You may feel like you do not need to do anything else once cameras are installed, which can cause you to let your guard down. For this reason, cameras should be used as an addition to your current loss prevention plan, rather than being used as the primary deterrent.

online pharmacy cipro with best prices today in the USA

Pro: Cameras provide evidence

If an unforeseen incident occurs on your company’s property, you may have to deal with a lawsuit. Having cameras installed ensures that you have indisputable evidence to back up your story. If you suspect an employee of misconduct, you can simply check the camera to make sure your worries are not misguided. You never want to have to depend on your cameras, but it is certainly nice to know that they are there when you do.

Con: Employees may feel stifled

Any office manager knows that keeping morale up is essential to keep productivity high. Although you may mean well, installing cameras can sometimes be viewed as an invasion of privacy. It is important to form a bond of trust with your employees, and cameras or phone/Internet monitoring can undo the work you have done to establish meaningful relationships. However, explaining your stance on the issue and approaching it head-on may help to alleviate any concerns your staff may have.

Pro: Monitoring employees provides valuable training materials

Sometimes explaining how to handle a situation just isn’t as effective as being able to show a trainee a video or recording of a similar situation. Or, if an accident occurs, having video or audio recordings allows you to see what went wrong and prevent problems next time. Often words do not carry nearly as much impact as a recording of a real-life situation, so in-office surveillance can make your employees better at their jobs and more equipped to handle tough situations.

Con: The cost

Although today’s surveillance cameras are surprisingly budget-friendly, you still have to consider the cost of hiring employees to monitor them. You may also need to have them repaired if something goes wrong. Depending on the size of your office, buying multiple cameras and monitors can get quite pricy. The cameras often pay for themselves in the long run, however, by reducing theft and increasing productivity.

Choose based on your situation

Every office is different, and what works for one may not be ideal for another. Cameras can be absolutely essential in some situations, or you may be able to operate just fine without them. You may want to start with just a camera or two to see how your employees react, and then add more if necessary. Making the right choice for your office can be challenging, but in-office surveillance can be a valuable way to protect your livelihood and improve employee conduct.

Insider Threats and the Limitations of Pre-Hire Background Checks

Posted on by

Background check

Is your company guarding against the threat of insider attack? If you responded with, “well, we do background checks when they are hired,” that’s a good start, but what about risk assessment during the course of an individual’s employment?

buy chloroquine online www.biop.cz/slimbox/css/gif/chloroquine.html no prescription pharmacy

The 2015 Insider Threat Spotlight Report from Infosec Buddy found that less than half of companies have the proper tools to fight insider threats. And, according to 62% of security professionals, that threat has increased in the past year. The average company faces four insider attacks every year, with an estimated price tag of $500,000 each, in addition to the astronomical impact a breach can have on an organization’s reputation.

So where is the disconnect? It starts with how we assess individual risk.

The limitations of the current employee screening model

The majority of companies conduct a one-time background check on new employees before they are hired. This is a necessary part of the risk assessment process, and the majority of background screening companies are great at what they do, but this model is built on a flawed assumption: that employee risk remains constant over time.

While an employee may not have posed a risk when hired, that can change quickly. Stressful life events such as a bankruptcy, a DUI, a divorce or a negative performance review can change an individual’s risk profile in an instant. It is also important to note that traditional background checks typically focus exclusively on criminal records, failing to analyze other important information sources like human resource documents, financial records, and social media activities.

And it’s not just employees. Insider threats can come in the form of third-party contractors, vendors, suppliers, and partners – in other words, any parties with the ability to access sensitive corporate information.

buy advair online www.biop.cz/slimbox/css/gif/advair.html no prescription pharmacy

A recent Accenture survey found that 76% of companies believe supply chain risk management is “very important.” The reality is that people are dynamic, and so are their motivations, which is why companies need comprehensive tools for managing personnel risk as it evolves over time.

The future of background checks: continuous identity screening

Getting proactive about managing the risks of insider threats starts with finding ways to continuously monitor personnel risk after they are brought into the organization. Advances in software offer one way to approach this challenge. Programs now exist that allow companies to actively monitor changes in personnel risk as it evolves, throughout an individual’s tenure with the company.

Continuous identity screening software automatically gathers and analyzes risk data from all relevant information sources, such as public records and HR documents, and proactively alerts risk and security managers to the most pressing threats. This allows risk managers to be continuously updated in real time, instead of traditional methods of pre-hire or periodic screening, which can uncover risk after it’s too late.

Take the example of a city bus driver who has received a recent DUI charge. Many employers would not be notified of that until a regularly-scheduled periodic background screening, if at all. Most employers rely on their employees to self-report incidents, but that does not always happen for obvious reasons. By implementing continuous screening, companies can immediately learn about that bus driver’s DUI charge, which prompts an investigation that could lead to further action.

Today’s continuous screening tools can also be customized by industry. For instance, the financial services industry may attribute more risk to an employee filing for bankruptcy than a transportation company would, whereas the healthcare industry may view odd activity on the network as a greater indicator of potential IP theft. Every industry has its own unique challenges and obstacles in meeting the mandates and regulations necessary. Tailoring the screening process accordingly can help proactively address those issues.

buy stendra online www.biop.cz/slimbox/css/gif/stendra.html no prescription pharmacy

What does this mean for you?

By bringing together identity data from external sources like criminal and financial records with internal sources like network activity and personnel reviews, organizations can reduce the risk of insider threats. It also allows organizations to maintain compliance through a legally defensible audit trail designed to meet critical regulations such as FCRA, FTC, and EEOC.

Morpho Hacker Group Targets Intellectual Property

Posted on by

With the highly-publicized rise in cyberbreaches, we have seen hackers break into systems for a variety of reasons: criminal enterprises simply stealing money, thieves gathering Social Security or credit card numbers to sell on the black market, state-sponsored groups taking confidential information, and malicious actors taking passwords or personal data to use to hit more valuable targets. Now, another group of financially-motivated hackers has emerged with a different agenda that may have even riskier implications for businesses.

According to a new report from computer security company Symantec, a group it calls Morpho has attacked multiple multibillion-dollar companies across an array of industries in pursuit of one thing: intellectual property. While it is not entirely clear what they do with this information, they may aim to sell it to competitors or nation states, the firm reports. “The group may be operating as ‘hackers for hire,’ targeting corporations on request,” Symantec reported. “Alternatively, it may select its own targets and either sell stolen information to the highest bidder or use it for insider trading purposes.”

Victimized businesses have spanned the Internet, software, pharmaceutical, legal and commodities fields, and the researchers believe the Morpho group is the same one that breached Facebook, Twitter, Apple and Microsoft in 2013.

Symantec does not believe the group is affiliated with or acting on behalf of any particular country as they have attacked businesses without regard for the nationality of its targets. But, as the New York Times reported, ” the researchers said there were clues that the hackers might be English speakers — their malicious code is written in fluent English — and they named their encryption keys after memes in American pop culture and gaming. Researchers also said the attackers worked during United States working hours, though they conceded that might just be because that is when their targets are most active.”

The researchers have tied Morpho to attacks against 49 different organizations in more than 20 countries, deploying custom hacking tools that are able to break into both Windows and Apple computers, suggesting it has plenty of resources and expertise. The group has been active since at least March 2012, the report said, and their attacks have not only continued to the present day, but have increased in number. “Over time, a picture has emerged of a cybercrime gang systematically targeting large corporations in order to steal confidential data,” Symantec said.

Morpho hacking victims by industry

Morpho hackers have also been exceptionally careful, from preliminary reconnaissance to cleaning up evidence.

In some cases, to help best determine the valuable trade secrets they would steal, the group intercepted company emails as well as business databases containing legal and policy documents, financial records, product descriptions and training documents. In one case, they were able to compromise a physical security system that monitors employee and visitor movements in corporate buildings. After getting the data they wanted, they scrubbed their tracks, even making sure the servers they used to orchestrate the attacks were rented using the anonymous digital currency Bitcoin.

In short, the hackers are really good, according to Vikram Thakur, a senior manager of the attack investigations team at Symantec. “Who they are? We don’t know. They are virtually impossible to track,” he said.