Posts tagged with "hackers"

Graph via BeyondTrust.com for Atlas VPN for use by 360 Magazine

In 2020 Number of Vulnerabilities in Microsoft Products Exceeded 1,000 for the First Time

Microsoft products are used by billions of people worldwide. Historically, however, they are known to have many vulnerabilities that pose security risks to users of the software.

According to data presented by the Atlas VPN team, the total number of vulnerabilities in Microsoft products reached 1,268 in 2020—an increase of 181% in five years. Windows was the most vulnerability-ridden Microsoft product. It had a total of 907 issues, of which 132 were critical. However, Windows Server had the largest number of critical issues. In 2020, 902 vulnerabilities were detected in Windows Server, of which 138 were critical.

Issues were also found in other Microsoft products, such as Microsoft Edge and Internet Explorer. Together, these browsers had 92 vulnerabilities in 2020. In total, 61 or even 66% of these vulnerabilities were of critical level. Meanwhile, Microsoft Office had 79 vulnerabilities, 5 of which were critical. 

Ruth Cizynski, the cybersecurity researcher and author at Atlas VPN, shares her thoughts on the situation :

 “These numbers are a massive problem because every Microsoft product has millions of users. Therefore, it is important that consumers update their software applications on time. Software updates can include security patches that can fix vulnerabilities and save users from getting hacked.”

Elevation of privilege is the most common Microsoft vulnerability

A wide range of vulnerabilities was discovered in various Microsoft products last year.  However, some types of vulnerabilities were more common than others. Elevation of privilege was the most frequently detected issue in Microsoft products. It was discovered 559 times and made up 44% of all Microsoft vulnerabilities in 2020.

Next up is remote code execution. In total, 345 such vulnerabilities were found last year, putting it in second place on the list. Remote code execution accounted for 27% of the total number of Microsoft vulnerabilities in 2020.

Information disclosure occupies the third spot on the list. There were 179 such issues discovered in 2020. Together, they made up 14% of all Microsoft vulnerabilities that year.

To learn more, click HERE.

Cybersecurity illustration by Heather Skovlund for 360 Magazine

Amazon × MGM Studios Merger

Amazon announced that it will be acquiring MGM Studios for $8.45 billion, in an effort to bolster the already growing Amazon studios and making it the second largest acquisition on Amazon’s part, following its $13.7 purchase of Whole Foods in 2017.

According to cybersecurity expert Mark Stamford, CEO of OccamSec, a deal of this scale will require a complete review of its cybersecurity infrastructure, as the process of fully merging these entities are rarely completed in the expected timescale.

Mark continues:

  • The standard “merger” due-diligence template goes into great detail looking at financial & legal status issues, but rarely seems to consider the potential liability associated with linking into an organization with a seriously compromised infrastructure. 
  • Trying to coherently map risks or produce an enterprise security plan for this type of environment is incredibly challenging, when multiple systems are coming together
  • With such notable deals, most attackers reside within the organization’s network for over 100 days before discovery, so there is a very real risk of starting work on merging infrastructure, whilst being observed by an interested resident attacker, who will be keenly looking out for an opportunity to vector into the core organization’s networks

Mark says, “Exercising strategic due-diligence during a merger or acquisition, is the most effective what for any organization, like Amazon, to protect itself from cyber threats.”

We had the opportunity to ask Mark Stamford some questions as far as the merger and his expert opinion(s):

Q: What changes can be expected with a merger like the Amazon/MGM Studio merger?

MS: The merging of two different cultures always prompts a lot of changes. In this case, MGM is going to become more like Amazon than the other way round.

Q: Do the benefits outweigh the risks with this type of merger?

MS: Yes, I assume so, from a cyber perspective, the main risk is joining two networks together that have different structures, and probably issues. So, for example I was called in to help with some M&A work once, the new network was plugged in…and brought a heap of malware with it which quickly spread into the acquirers’ network.  It later transpired that some of the IP, which was the very reason for the merger, had been stolen.

Q: What challenges is Amazon, an online retailer, facing when merging with MGM Studio?

MS: Both operate in different ways. The majority of movie making companies seem to follow the “if it ain’t broke don’t fix it” mantra. So, technology tends to be a hodge podge, along with processes etc.… Amazon meanwhile is a tech company, and while primarily known as a retailer, has considerable presence in the cloud (with AWS) so has a lot of cutting-edge technology at its disposal.

Q: What are some ways to help the process move along with ease?

MS: Again, in a cyber perspective there needs to be due diligence done on the MGM environment. At the same time, since both organizations probably have a range of security tools, seeing who has the best tool for the job can save money in the long term.

Also, not to be discounted is the human element in cyber security – any merger results in layoffs. So, the potential for a “disgruntled insider” increases. The way to help with that is communication – not more monitoring.

Q: How can Amazon prevent cyber-attacks during the process of the merger?

MS: MGM makes a nice target right now, since at some point their technology will be integrated into Amazon, and if I was a bad guy, I would assume they are the softer target of the two. Amazon should work with MGM to ensure their security is at a “good” level, and work on the integration aspects – two distinct cyber security teams need to become one, quickly.

Q: In your opinion, does Amazon face cyber risks from vendors or third parties with the onset of the merger?

MS: I think amazon always faces this risk, as does everyone. Since the organization is increasing in size, the “attack surface increases” so yes, they do face risks.

Q: What are the biggest cybersecurity threats at the moment?

MS: Motivated attackers, be that nation states, criminal groups, hacktavists, or others. Ransomware is getting a lot of press right now. However, I think the biggest threat is the endless cost spiral companies are trapped in trying to deal with this.

Q: What are some ways to ensure that the infrastructure is not compromised?

MS: Defense in depth continues to be the key. Layers of security, which work together, and consider the context of the organization (how it makes money or delivers its service) in order to support that mission.  I assume Amazon will expand their cyber security program across MGM fairly quickly, which checks a number of boxes and provides a good starting point.

One issue may be that a movie studio faces different kinds of attackers than Amazon. Movie studios are primarily about their IP, everything else always seemed to be secondary to that. Stealing a movie is a different attack then ransomware, which we have seen borne out in practice (various insider attacks to steal content for example).

Q: What are your certifications in the cybersecurity field?

MS: I have been involved in cybersecurity since I was 11. Was senior penetration tester for a global consulting company, ran a security program at a global investment bank, and have been running a security company for 10 years.

Q: What does effective cybersecurity look like to you?

MS: Cost effective, business aware, and layered.

Graph via Sophos for Atlas VPN for use by 360 Magazine

India, Austria, and US Most Hit with Ransomware

Ransomware attacks are one of the leading cyber threats that organizations have to face.

According to the data presented by the Atlas VPN team, organizations in India, Austria, and the United States are among the most hit with ransomware attacks. To compare, more than 50% of companies in the mentioned countries experienced such attacks in the past year, while the global average is 37%.

Out of 300 interviewees from India, 68% suffered from a ransomware attack. At the same time, 57 out of 100 respondents from Austria experienced a ransomware attack in the last year. Next up, in the United States, 51% of participants, out of 500 questioned, reported that they were hit with a ransomware attack.

Retail and Education Sectors Suffer the Most Ransomware Attacks

Some organizations in specific sectors are more susceptible to hacker attacks due to their lower security levels or valuable data. However, cybercriminals do not shy away from attacking even the biggest companies or government administrations.

Out of 435 respondents in the retail industry, 44% were hit with a ransomware attack last year. Hackers strike retailers when it could hurt them the most, for example, on Black Friday or Christmas seasons.

Retailers share first place with education organizations—out of 499 education interviewees 44% experienced such malicious attacks. Cybercriminals usually deploy ransomware attacks at the start of a school year to cause maximum disruption.

The business and professional services industry suffered the third most ransomware attacks, with a total of 42% out of 361 respondents stating they experienced a ransomware attack in the past year. Companies in this industry are usually smaller with less staff, meaning they might not have a dedicated person to ensure security. Out of 117 participants in the Central government and non-departmental public body (NDPB) sector, 40% reported being attacked with ransomware in the last year.

Conclusion

Cybersecurity writer and researcher at Atlas VPN Anton Petrov shares his advice on how to protect your organization against ransomware attacks.

“Prepare a plan in case you… get hacked. Always have a backup of your data so you don’t have to pay a ransom. Investing in cybersecurity will cost you less than having to deal with the aftermath of a ransomware attack.”

Like with everything else, there’s a way to protect your data in order to make sure hackers don’t get to it and cause serious financial damage.

Nicole Salazar Breaking News Illustration

Weekly News Roundup: Week of May 10

Biden’s Spending Plan for Education

President Biden is planning to enact higher taxes on the wealthy to go towards free preschool, two years of free community college for young adults, and national paid leave. The 1.8 trillion spending and tax plan is aimed to expand education, while increasing the US’ social safety net, supporting women in the workplace, and decreasing the cost of child care. The New York Times recognized Biden’s tax plan as “ the biggest expansion in federal support for higher education in at least half a century.”

Increasing Vaccination Numbers in the EU

The pace of people being administered the COVID vaccine in the European Union is steadily rising. Just last week, nearly three million doses of the vaccine were being administered daily according to Our World in Data, a University of Oxford database. The EU is primarily utilizing the Pfizer-BioNTech vaccine. The New York Times reports that in a rate adjusted for population, the amount of people being administered the vaccine daily in the EU is now roughly equivalent to the US. Usula von der Leyen, the European Commision president, announced her goal of vaccination 70 percent of adults in the EU by the end of the summer. Due to an early shipment of doses from Pfizer last month, and the company’s partnership with BioNTech, it is predicted that this goal will be reached.

DarkSide Ransomware Attack

On Monday, President Biden announced that the United States will “disrupt and prosecute” the criminal gang of hackers, DarkSide. The hackers have been the culprit of a huge ransomware attach that effected the flow of gasoline and jet fuel supplies to the country’s East Coast. Federal investigators believe that the attackers aimed at uncovering corporate data and back-office operations, rather than taking control of the pipelines. After taking note of the ransomware attack that which locked Colonial Pipelines–up a major pipeline in Texas that transported gasoline, diesel, and jet fuel from Texas’ Gulf Coast to New York Harbor– the F.B.I. sent out an emergency alert to other pipeline operators and electric utility and gas suppliers. Colonial Pipelines has remained closed since the attack and hopes to restore operations by the end of this week. The city governments of Atlanta, New Orleans, and the Washington D.C. Police Department have also been victim to DarkSide’s attacks.

Violent Clash Between Palestinian Protesters and Israeli Police in Jerusalem

Recent escalations between Palestinians and Israeli Jews regarding control over a single neighborhood in Jerusalem has exploded into major conflict. Israeli efforts to eradicate Palestinians from parts of the city have incited upset between the two groups. While Israeli Jews attempt to ensure Jewish landownership and control over East Jerusalem, Palestinians argue that their attempts are illegal and a form of ethnic cleansing. On Monday, right-wing Israeli protestors and the police erupted into military conflict with Palestinian protesters. As a result of a raid on the Israeli police on the Al Aqsa Mosque in Jerusalem, Gaza militants retaliated with rocket fire. Countering, Israeli airstrikes were fired back. Due to the violent conflict, at least twenty Palestinians have been killed, including nine children.

Offshore Wind Plan to Create Thousands of Jobs

On Monday, the Biden Administration announced their plan to use offshore wind power along the East Coast. Through utilization of off-shore wind turbines in coastal waters nationwide, the plan is aiming to deliver 30,000 megawatts of wind power to power 10,000 homes by 2030, reports the New York Times. To start, the eco-conscious project will begin in the nation’s first large-scale offshore wind farm off the coast of Martha’s Vineyard. It is predicted that offshore wind deployment projects will create 44,000 new jobs in the offshore window sector and 33,000 other new, indirect job positions. According to the American Clean Power Association, “States along the East Coast are driving demand for offshore wind. Connecticut, Maryland, Massachusetts, New Jersey, New York, and Virginia have established targets to procure a total of 25,400 MW of offshore wind by at least 2035 and have selected over 6,000 MW of projects as of February 2020 to help meet these goals.”

CDC Announces Vaccinated People Rarely Need Masks

The Centers for Disease Control and Prevention announced this week that fully vaccinated people don’t need to wear mask in most situations. Whereas it is still encouraged for vaccinated people to wear a mask inside to contribute to the culture of mask wearing, they are at virtually no risk of disease and minuscule risk of transmitting the virus to others. The New York Times talked to Dr. Paul Offit, the director of the Vaccine Education Center at Children’s Hospital of Philadelphia: “The Moderna and Pfizer vaccines are ‘essentially 100 percent effective against serious disease.’”

Furthermore, it has been announced that there have been few, if any, instances of COVID-19 transmission occurring from brief outdoor interactions. The risk of exposure from outdoor contact is too small to lead to infection.  However, unvaccinated people are still advised to wear masks when in close conversation with people both outdoors and indoors, when not at home.

However, with the child population of Americans unvaccinated, it raises questions about how families will be able to return to normalcy. While children under 16 haven’t been eligible to receive the vaccination, their demographic poses a low risk to fatal coronavirus cases. For children, it is believed that COVID-19 presents no greater risk than the average flu season. As America looks towards the rest of 2021, it can be hoped that a return to normalcy will soon come. To read the current CDC COVID-19 guidelines, you may visit this website.

LongdistanceRelationship by Rita Azar for 360 Magazine

Catfishing During COVID

new study expects there to be an unprecedented rise in online romance scams this Valentine’s Day, with scammers praying on lonely and isolated people during the pandemic.

Americans lost $201 million to romance scams in 2019, more than any other type of scam. Virginia had the eighth most victims in the nation.  

When the FTC releases the final totals for 2020, they are likely to increase in correlation with surging dating app usage due to more Americans turning online for human connection.

Bumble saw an 84% increase in video calls and Match Group, which owns 60% of the market including Tinder, saw subscriptions increase by 15%.

SocialCatfish.com released a study, Catfishing: A Growing Epidemic During COVID-19, using the most recent data from the FBI’s Internet Crime Complaint Center. It also includes an exclusive seven-minute video interview with a Nigerian scammer, and a 20-page leaked playbook.

The study warns of 5 tactics scammers are using:    

1.     Cannot Meet Because of COVID: The hallmark of a catfish scammer is to come up with excuses of why they cannot meet, such as pretending to be in the military overseas. The pandemic gives them a built-in excuse not to meet.  Be careful.

2.     Will Not Video Chat: The oldest excuse in the book… they cannot video chat with you because their video camera is supposedly “broken”, or they do not have the best access to Wi-Fi. These are red flags.

3.     They Ask You for Money: Once they form an emotional connection with lonely victims, they ask for money. During COVID-19, scammers have begun saying they are sick and need help with treatment, or are low on food, water, and other supplies.

4.     Poor Grammar: If the person claims to be American but has terrible grammar, they may be a scammer.

5.     Confesses Love Quickly: If you are stuck in your house with limited contact with your loved ones, then someone else’s sweet words can win you over. Scammers know that the sooner they win your trust, the sooner they can drain your bank account. Beware of someone who is moving too fast.

5 Ways to Avoid Becoming a Victim:  

1.     Never Give Money: Do not give anyone you meet online money, no matter the reason.

2.     Meet or Video Chat: Do not form a relationship with someone who will not video chat with you or meet you in person. 

3.     Do Not Give Personal Information:  Scammers can use basic information to commit identity fraud, get access to your banks and steal your money.

4.     Conduct Thorough Background Checks: Do not take someone’s word for it.  Use reverse look-up sites to verify information, images, email addresses, phone numbers and online profiles.

5.     Take Things Slow: If you like someone online, do not let them rush you. Nigerian romance scammers will be pushy about falling in love right away. If that is the case, know something is not right.  

Rita Azar Illustrates an Eyewear Article for 360 MAGAZINE

Luxottica Hacked

By Justin Lyons

According to Italian press sources, Luxottica was the victim of a cyberattack Saturday.

Luxottica owns eyewear brands like Oakley, Ray-Ban, Coach, Chanel and Versace as well as retail brands like LensCrafters, Sunglass Hut and Target Optical. It is the largest eyewear company in the world with more than 80,000 employees.

SecurityOpenLab, an Italian cybersecurity site, said its sources confirmed Luxottica offices suffered a complete system failure due to ransomware attacks, shutting down operations in Italy and China

SecurityOpenLab also said union sources confirmed that workers received an SMS message saying the second shift on Sept. 21 had been suspended.

Users began reporting an inability to reach sites for LensCrafters, Sunglass Hut, Ray-Ban and other Luxottica brands on Saturday. It was also reported that One Luxottica, a user portal for the company, was down, but it appears to be up again at the time of writing.

BleepingComputer spoke to Bad Packets, a cybersecurity firm, who told them Luxottica used a Citrix ADX controller device, which is vulnerable to CVE-2019-19781, a flaw in Citrix devices.

This flaw is exploited by ransomware actors as it provides network access and credentials used to deeper infiltrate a network.

Luxottica took the servers to its eyewear brand websites offline. While websites for Oakley, Ray-Ban, Coach and more are accessible now, a manager at LensCrafters storefront told 360 MAGAZINE that the Ciao operating system crashed Saturday and that they still have little to no ability to process insurance or complete transactions.

Though Luxottica has not made a public statement, the same source told 360 MAGAZINE that IT support was unavailable while systems were down. LensCrafters is currently logging orders for a later date when systems are back up.

360 was also told that LensCrafters will offer 50% off frames and lenses for the inconvenience to customers.

Hackers Covet Your Identity; 5 Ways To Thwart Their Efforts

Each day people take a virtual trip through the internet to do their banking, make hotel reservations, shop for a new car, or engage in a myriad of other activities important to them.

It’s so routine that it’s easy to forget that you need to be just as careful about protecting yourself on those virtual journeys as you would on an actual one. “Hackers are creative about dreaming up new ideas for stealing your identity, so it’s important that you stay vigilant even if you already have taken action to guard yourself and your data,” says Chris Hoose, an IT consultant who works with small businesses.

Hoose says a few steps you can take to protect your identity include:

Use a password manager. One problem with passwords is that people often use simple ones that are easy to remember, but also easy to hack. A password manager  provides an encrypted database where you can store unique, long, complex passwords for each of your online accounts, and access them when you need them. “With a password manager, you can have better passwords that are harder to hack, and you don’t have to memorize them,” Hoose says.

Do your online activities with a VPN. Worried that your online browsing will lead identity thieves right back to you? One solution, Hoose says, is a virtual private network (VPN), which lends you a temporary IP address and hides your true IP address from every website or email you connect with. “It also prevents the sites you visit from learning your physical location,” he says. “You just need to remember to connect to it when you want to use it.” A VPN usually costs about $40 to $50 a year, he says.

Be wary on social media. Most people check in on social media routinely to catch up on family news, connect with college buddies, or perhaps to share photos of a new puppy. Unfortunately, cyber thieves lurk in the background. “They know that social media platforms are an excellent source for personal information and information about your contacts, which makes identity theft that much easier for them,” Hoose says. To stay safe on social media, he suggests you check to see if you have already been compromised; avoid password reuse; update your security settings regularly; and limit your connections because the more you have, the more potential for a fraudulent or compromised account to send you a malicious link.

Keep tabs on your credit report. One way to make sure no one has taken on debt in your name, and damaged your credit in the process, is to request a full credit report from any of the three major agencies: Equifax, TransUnion and Experian. You can get a free copy from any of them through the site. Also, it might be time to get off the mailing list for all those credit offers you receive that say you are pre-approved. “Those offers are a gold mine for identity thieves,” Hoose says. You can opt out of pre-approved credit offers by visiting.

Be sure to install anti-virus/malware software. Your first and best line of defense against identity theft on your computer remains anti-virus software and anti-malware software, Hoose says. When choosing one, he suggests making use of the trial period most companies offer. “That way you can try them out and decide which one works best for you,” he says.

“The more people try to foil identity thieves, the more sophisticated those thieves seem to get in their methods,” Hoose says. “But by being watchful and attentive, you can stay safe and enjoy your time online.”

About Chris Hoose

Chris Hoose  s the president of Choose Networks, an IT consulting firm for small businesses. Hoose started the company in 2001 to give large-scale solutions and support to businesses that can’t afford their own in-house IT department. He earned a Master of Information Systems Management from Friends University.

Focusing on People & Data to Distract Hackers

We live in times when it’s become easier than ever for hackers to breach an organization through social engineering. Breaches are primarily caused by phishing attacks, representing a huge security problem for businesses.

But why is this type of cybercriminal so widely represented in the statistics? What is it that makes it so easy and so profitable for hackers? We might not like the answers. The ever-increasing connectivity and focus on people and data is leaving us vulnerable to malicious attacks. To protect your business, you need to start thinking like a hacker. Let’s take a look at how they infiltrate big business and what can be done about it.

How Social Engineering Works

Since social engineering relies on personal information hackers can find online, it’s pretty difficult to counter. Before; that required some digging on the hacker’s part – now all it takes is a data-matching service like Spokeo and PeekYou, and they get all the information they might need and more. Cross-matching public records is one thing, but employees also freely share a lot of information on social media. This personal info is then used to target employees within a company with malicious emails, by posing as a trusted individual. From there, all a hacker needs to do is convince an employee to click on a malicious link or perform a wire transfer.

Are Individual Threats the Same as Company Threats?

As we can see, cybercriminals can efficiently use your social media information to reach their desired target within your company. Does that mean company executives should stop using social media altogether, or ban their employees from sharing any work-related information?

The short answer is yes. The long answer, if not “yes,” is that there should be strict policies in place about the use of social networks and what can and can’t be shared. For example, if a company executive posts about being on a business trip, hackers take that as a signal to try and perform BEC. Anything an employee posts about work projects or people they spend time with inthe office can help cybercriminals construct an elaborate and believable social engineering scam. It is why every employee must assume the whole world is watching them when they want to post anything work-related on social media.

The frequency of Social Engineering and Phishing

It’s no accident that social engineering and phishing attacks are responsible for 95 percent of data breaches. They exploit what will always be the weak link in any company’s security chain – the people who work there. Relying on traditional protective measures such as firewall, antivirus, anti-spoofing techniques, etc. cannot stop all of these attacks. Education is vital for prevention, but with these scams getting more elaborate and difficult to spot, it doesn’t ensure safety.

What Can Protect Your Business?

Wouldn’t it be wonderful if you didn’t have to worry about phishing? Good news, the worrying stops today. It seems challenging to prevent phish, but Area 1 Security offers an Anti-Phishing Service that finds and eliminates phish through a combination of web crawling and small pattern analytics. With Area 1 Horizon, your business will be safe, and you won’t be adding to the pool of $5.3 billion in losses due to phishing attacks last year.

With the ever-increasing focus on people and data, businesses are leaving themselves wide open to hackers. In those circumstances, there are two options – limiting the information hackers can get about you through social media, or investing in preemptive and comprehensive phishing protection. At Area 1 Security, we stop phishing for good.