Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Deep Analysis of More than 60,000 Breach Reports Over Three Years
https://www.securityweek.com/deep-analysis-more-60000-breach-reports-over-three-years
Hackers Are Winning Battles, While Victims are Gaming the Notification Laws
Threat intelligence platform provider HackNotice has analyzed more than 60,000 breach reports over the last three years, and finds some disturbing results ? including the rate of increase in breaches and a relative decline in the number of official breach notifications.
In its analysis, shared exclusively with SecurityWeek, the company examined 67,529 breaches that were publicly reported from 2018 to 2020. The source of the reports is as follows:
Leak reports containing data from a breached company as disclosed by hackers (41,030).
News; that is, a breach report first announced by an online news service (15,219).
With 2.7 times more breaches first being disclosed by hackers rather than a news service, the implication is that companies monitoring the news for their own or suppliers’ compromise would be better served by monitoring the dark web.
Ransomware, being data leaked by hackers when a victim refuses to pay the ransom (988).
This is not an indication of the number of successful ransomware attacks, but merely the number of companies that were breached but refused to pay the ransom in an increasingly frequent double extortion attack. The first of such breach announcements occurred in April 2020, but the number grew to almost 1,000 by January 1, 2021. The implication is that double extortion ransomware attacks are increasing and will likely continue to increase through 2021 and beyond.
Defacement, where a website has been breached and content changed by the hacker as proof (2,243).
Website defacements have long been popular with hacktivists wishing to make a point ? usually political and/or ethical. A decade ago they were commonplace, but seemed to lose popularity in recent years. However, according to HackNotice they began to increase again in July 2019, and then dramatically from April 2020. This is perhaps not surprising given the tumultuous state of geopolitics in recent years.
It is difficult to predict whether this will continue, but it will most likely reflect the state of national and international geopolitics. Companies working in either politically or ethically sensitive areas should take extra care in protecting their websites from defacement attacks.
Official disclosure, where a data breach was reported to official sources and disclosed ? such as state level DOJ websites and HHS (9131).
The interesting point here is the relatively small number of breaches, around 13.5% of the total, that are reported through official channels. This has fallen from 25% at the beginning of the period analyzed.
HackNotice, a startup headquartered in Austin, Texas, was founded in 2018. CEO and co-founder Steve Thomas told SecurityWeek, “We collect hack notices (data breaches, defacements, ransomware, etc.) from hundreds of sources, scraping official data breach disclosure sites, ransomware disclosure sites, APIs, twitter accounts and hashtags throughout the day. All those events go into a queue, where each one is reviewed by a security researcher. We remove all the noise, identify the companies being broken into, and add those events to our system. We use machine learning to analyze each event’s disclosure statement to identify what data was exposed.”
Two elements of the new analysis of breaches occurring in 2018 to 2020 are particularly interesting: the steady growth in hacker successes and the decline in the percentage of breaches disclosed through official channels.
In 2018, HackNotice discovered 29,562 reported breaches. By December 2019, the total discovered had risen to 44,863 ? a 51.7% increase over the year. By December 2020, the total had risen to 67,529 ? a 50.5% over the year. In absolute terms, these figures show an increase from 15,301 in 2019 to 22,666 in2020.
The obvious question is why have the hackers become more successful at a time when we have increased security budgets, and more and supposedly superior security products?
Thomas believes it is because companies concentrate defenses in the wrong areas. “Hackers are winning the cyberwar,” he said, “largely because they don’t target the infrastructure, but they target people. Phishing, credential stuffing, account takeover of personal accounts to get into business accounts… All the major attack vectors rely on the fact that average employees are not informed as to how exposed they are, and they value security much less than the security team does.”
Other security experts have similar views. Josh Angell, application security Consultant at Falls Church, Virginia-based nVisium, suggests, “Human error still accounts for the vast majority of breaches, making tools and secure coding practices obsolete if the people who maintain these networks and systems, and have access to company emails and sensitive client data, are not compliant with industry best practices.”
“Several factors play into the increase in breaches,” explains Brandon Hoffman, CISO at San Jose, Calif.-based Netenrich. “Some of it is indeed related to the ingenuity of the adversary but much of it seems related to the deviation from foundational security. Security tooling has advanced significantly yet the focus of security as a discipline seems to be more on the use of advanced tooling. The challenge this creates is time and resources.”
Alec Alvarado, threat intelligence team lead at San Francisco-based Digital Shadows, summarizes this viewpoint, “The bad guys are winning the war simply because they are sticking to ways that work and have proven effective. The most robust security team with the most extensive cybersecurity practices and a multi-million dollar cybersecurity budget will fail with the single click of a well-crafted phishing email or a weak password.”
The implication is clear. While hackers are becoming more sophisticated, defenders are perhaps spending too much time and effort on shiny new toys rather than getting the basics of security right.
The second notable discovery from the HackNotice research is the decline in the number of breaches that are disclosed through official channels. This seems surprising considering the growing number of national and international breach notification laws that now exist. HackNotice CEO Thomas puts the apparent anomaly down to the number of state breach laws that allow 30 days or more before notification is required.
“There is no federal breach notification law in the US, so you have to go by the states,” he told SecurityWeek. “However, each state writes its law different and the laws allow the breached company 30 days or even more before they have to disclose. News outlets, ransomware and defacement gangs end up disclosing before the official notice, so we are seeing market share being taken away from official disclosures.”
Delaying breach disclosure until the last possible moment almost seems like gaming the system. Netenrich’s Hoffman agrees with this. “We, the security industry, also suspect there is in fact flouting of the notification law or that the notification period is being abused to the maximum extent possible to provide a rosier picture for investors and the public,” he said. “To phrase it differently if an organization is breached and their notification window by law is 90 days, they will not announce it until they have used 89 days to perform maximum triage and cleanup effort so that when they do announce they can claim it has all been addressed.”
“Breach notification laws do not guarantee that companies will be willing to sacrifice investor confidence or risk lawsuits to disclose a breach every time there is one,” adds nVisium’s Angell.
Digital Shadows’ Alverado has an interesting addendum to this. He accepts that current notification laws give companies wiggle room to avoid damage to stock value and brand image, but adds, “We often hear of a company announcing that ‘there was a cybersecurity incident, but there was no indication that data was exfiltrated.’ This should raise eyebrows for most as it does not fit the typical motive of a threat actor to sit on a network and not pull data or find a way to monetize on that access.” It may be that whenever we hear ‘incident’ we should automatically suspect ‘probable breach’.
The HackNotice analysis of 60,000 breaches over the last three years provides extensive data on where things are going wrong, and highlights trends on what is likely in the future. Importantly, it shows that the criminals are winning. It is likely that at least a partial solution might be for companies to do better basic security rather just throw money at the newest and most shiny product.
It also shows that if knowing what is going on is important, a more accurate picture will be obtained from monitoring the dark web though threat intelligence rather than monitoring the news feeds. And it also shows that current breach notification laws are not truly fit for purpose.
=================================================================
Is the Big Bang coming when organizations realize that activating TPMs and SEDs with Wave software is the Wave of the Future?? TPMs and SEDs are ubiquitous!!! The TCG wrote a highly combustible piece on TPMs and SEDs a few months ago. If it were read closely by the cybersecurity community and smart organizations, they could see the Wave of the Future!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
#DataPrivacyDay: Leaks and Breaches Soared 93% in 2020
https://www.infosecurity-magazine.com/news/data-leaks-and-breaches-soared-93/
Breaches and leaks of sensitive information from organizations doubled last year, even as consumer concerns over data privacy surged, according to two new reports published on Data Protection Day.
January 28 marks the signing in 1981 of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Also known as Data Privacy Day in North America, it is now an awareness raising event aimed at organizations and consumers alike.
However, new research from Imperva warned today that unauthorized transmissions of data from organizations’ networks to external destinations had soared 93% in 2020.
The security vendor detected 883,865 such incidents at the start of the year, rising to 1.7 million by the end of December, and argued the figure would be even higher if loss of data via physical devices, print-outs and the like were included.
“Data security should never be an afterthought – but sadly it often is, particularly when organizations prioritize speed over security. The rush to maintain business continuity in 2020 has accelerated change at such a pace that huge gaps now exist in process and protection around data,” said Chris Waynforth, AVP Northern Europe at Imperva.
“It is naïve to think that it is only human access to data that leads to compromise. Over 50% of access requests to databases are coming not from users, but application to application.”
The risk of major regulatory fines should be making this a board-level issue, the vendor added.
Imperva urged organizations to follow several key steps to better protect their data, starting with discovery and classification, and moving on to access controls, continuous monitoring and quarantining in the event of an attack.
Data minimization should be front-of-mind throughout, as information continues to disperse across complex multi- and hybrid cloud environments, the firm argued.
However, consumers also have a big part to play in keeping their information out of harm’s way. Some 77% told Entrust they are concerned about data privacy, and 64% said their awareness about the issue has increased over the past 12 months.
At the same time, though, many (63%) were wiling to hand over more information to applications in return for greater personalization. Nearly half (47%) said they don’t review the T&Cs of an app before downloading, with most claiming it was because these take too long to read.
=================================================================
It's interesting that Wave has the solutions that would do away with data breaches, and yet we are still reporting statistics like those in the above article!!!
Better security at less than half the cost!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Microsoft Security Business Exceeds $10B in Revenue
https://www.darkreading.com/cloud/microsoft-security-business-exceeds-$10b-in-revenue/d/d-id/1339994
==================================================================
Given the size of the inactivated TPM and SED market, it's amazing the benefit the market could derive from having Wave solutions, and also what Wave could generate in revenue!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
UK Insurers Defend Covering Ransomware Payments
https://www.infosecurity-magazine.com/news/uk-insurers-defend-covering/
Insurance providers in the United Kingdom have defended the inclusion of ransomware payments in first-party cyber-insurance policies.
Cyber-risk insurance covers the cost of restoring loss to business income or reputation caused by damage to computers and computer networks.
The Association of British Insurers (ABI) said that while insurance was "not an alternative" to taking appropriate action to minimize risk, firms could suffer financial ruin without cyber coverage.
The ABI comments were made in response to a warning issued earlier this week by the UK's former National Cyber Security Centre director Professor Ciaran Martin. Speaking to The Guardian, Martin said that insurers who pay out claims from companies who have paid ransoms to cyber-attackers to regain access to systems and data are funding organized crime.
Martin, who stepped down from his position as Britain's top cybersecurity official last August, expressed concern that ransomware attacks were "close to getting out of control."
Extortion laws in the UK prohibit the payment of ransoms to terrorists; however, no legal barriers are in place to stop companies from paying ransomware gangs to retrieve exfiltrated data and system access following a cyber-attack.
“People are paying bitcoin to criminals and claiming back cash. I see this as so avoidable," said Martin.
"At the moment, companies have incentives to pay ransoms to make sure this all goes away. You have to look seriously about changing the law on insurance and banning these payments, or at the very least, having a major consultation with the industry."
He added: “The law is nobody’s fault, it was written for another purpose, but it has become OK to pay out to criminals."
An ABI spokesperson told the BBC that insurers do require customers to take "reasonable precautions" to prevent cyber-attacks from occurring.
"Some might argue that any insurance that covers against a criminal act could lull the policyholder into a false sense of security," they said.
Martin, who now works at Oxford University's Blavatnik School of Government, told the BBC: "I have some sympathy with insurers, because as long as it's legal, there are incentives to pay."
=================================================================
Avoid the ransomware problem by being prepared with better solutions for your organization: Wave solutions by Wave Systems!!!
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Pan-Asian retail giant Dairy Farm suffers REvil ransomware attack
https://www.bleepingcomputer.com/news/security/pan-asian-retail-giant-dairy-farm-suffers-revil-ransomware-attack/
==================================================================
Ransomware Disrupts Operations at Packaging Giant WestRock
https://www.darkreading.com/attacks-breaches/ransomware-disrupts-operations-at-packaging-giant-westrock/d/d-id/1339990
==================================================================
Manufacturing Giant Suffers Major Cyber-Disruption
https://www.infosecurity-magazine.com/news/manufacturing-giant-suffers-major/
==================================================================
These three articles all have the term 'giant' in them. In the Dairy Farm article there is screen shots that the hacker has of the network. Using Wave solutions, only known and approved devices are allowed access to the network. This hacker (unknown and unapproved device) wouldn't have been allowed access to the network if Dairy Mart was using Wave solutions!!! It's a simple yet powerful technology that everybody should be using, yet there are 3 giants in recent days hit by ransomware attacks!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Excluding Words Using Active Directory Password Policy
https://www.infosecurity-magazine.com/blogs/excluding-words-active-directory/
==================================================================
If MANY organizations were using Wave VSC 2.0, they wouldn't need to use what is in this article!!! The employee productivity would go up, they would be safer online, and there wouldn't be a need to control the naming of passwords!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
Token-free, password-free user authentication
We know you’ve dreamt about shredding your list of passwords. Go on and do it.
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
The Role AI Plays in Safeguarding Government Data
https://www.nextgov.com/ideas/2021/01/role-ai-plays-safeguarding-government-data/171602/
=================================================================
Rather than use a complicated system (AI), using the Wave Alternative could get the job done successfully at less cost by an American company (Wave)!!!
=================================================================
http://www.wavesys.com/wave-alternative
Choose data protection that actually works!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Defense IG lays out Pentagon's biggest cyber troubles
https://federalnewsnetwork.com/cybersecurity/2021/01/defense-ig-lays-out-pentagons-biggest-cyber-troubles/
==================================================================
Using Wave solutions, and their better security could result in fewer troubles for the Pentagon! Not using Wave solutions (by Wave Systems) has created many more troubles for organizations!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
SonicWall firewall maker hacked using zero-day in its VPN device
https://www.bleepingcomputer.com/news/security/sonicwall-firewall-maker-hacked-using-zero-day-in-its-vpn-device/
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
==================================================================
It's sort of ironic what Wave states in the paragraph above about firewalls, and then SonicWall's remedy for customers to protect themselves is to enable MFA!!! Wave has better products: Wave VSC 2.0 (MFA) and Wave solutions!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Gold Customer Support:
goldsupport@wavesys.com
1-800-928-3638
Support:
support@wavesys.com
1-844-250-7077
Sales:
1-877-228-WAVE
Microsoft details how SolarWinds hackers hid their espionage
https://www.cyberscoop.com/solarwinds-hack-russia-spying-microsoft/
Attackers behind an espionage campaign that exploited software built by the federal contractor SolarWinds separated their most prized hacking tool from other malicious code on victim networks to avoid detection, Microsoft said Wednesday.
The findings make clear that, while the hackers have relied on a variety of tools in their spying, the tampered SolarWinds software functioned as the cornerstone of an operation that Microsoft described as “one of the most sophisticated and protracted” of the decade. Multiple U.S. federal agencies focused on national security have been breached in the campaign, which U.S. officials have linked to Russia.
The latest Microsoft research comes as influential security firms continue to come forward as victims of the hacking campaign. Malwarebytes said Tuesday that the same hacking group had apparently breached some of the firm’s internal emails by abusing access to Microsoft Office 365 and Azure software. Malwarebytes said it doesn’t use SolarWinds software, underscoring the array of attack vectors used in the campaign.
Access to SolarWinds’ network monitoring software, which is used by a range of Fortune 500 firms, would offer an attacker who manages to compromise the technology prime access to an organization’s sensitive data.
Researchers have since suggested that other groups will aim to adopt the SolarWinds hackers’ techniques for their own gain.
The attackers “apparently deem[ed] the powerful SolarWinds backdoor too valuable to lose in case of discovery,” Microsoft researchers said in its latest blog post. And so the spies ensured that the malicious code they used to move through victim organization was “completely disconnected from the SolarWinds process,” the researchers said.
Moscow has denied involvement in the hacking campaign. Recovering from the breaches, and responding to the perpetrators, will be an early test for President Joe Biden’s administration.
The new Microsoft research also offers one of the more detailed timelines of the hacking operation, covering when the spies selected victims and prepared malicious software implants.
After the SolarWinds trojan was delivered to organizations, the attackers spent about a month pinpointing victims, according to Microsoft. As early as May 2020, the hackers were doing the “real hands-on-keyboard activity” of moving through victim networks for valuable data, Microsoft said.
The hackers were meticulous in covering their tracks. They prepared unique malicious code implants for each victim machine, according to Microsoft, and changed timestamps of the digital clues they left behind to complicate the recovery process for organizations. Microsoft called the former technique an “incredible effort normally not seen with other adversaries and done to prevent full identification of all compromised assets.”
That echoes what first responders at the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency have told technology executives about the hacking campaign.
“One of the initial targets of their activity is to go after the incident responders and IT professionals in your organization, ostensibly to see if you’re conducting response activities to their activities,” a CISA official told industry executives in a call about the SolarWinds campaign this month.
“Your defenders are being explicitly targeted in a number of instances by the adversary…to see if the adversary needs to move.”
=================================================================
It seems quite disturbing that after all the ransomware, data breaches, cyber attacks and SolarWinds hack that a technology that could REALLY help organizations has been inexplicably been put on the back burner (Wave)!!! Using the status quo has resulted in many billions of dollars in cyber damage. It's time to take Wave off the back burner and put it on the launching pad!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Contact Wave
Wave Systems
401 Congress Avenue
Suite 2650
Austin, TX 78701
sales@wavesys.com
Singapore widens security labelling to include all consumer IoT devices
https://www.zdnet.com/article/singapore-widens-security-labelling-to-include-all-consumer-iot-devices/
Introduced last October as a voluntary programme, the Cybersecurity Labelling Scheme rates devices according to their level of cybersecurity features and will now be extended to include all consumer smart devices such as smart lights and smart printers.
==================================================================
Does this mean that computers will come with a warning label that security (TPM) is not turned on if it is not turned on??? The TPM is the 'built in' security for computers!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Global Cybersecurity Spending to Soar 10% in 2021
https://www.infosecurity-magazine.com/news/global-cybersecurity-spending-to/
The worldwide cybersecurity market is set to grow by up to 10% this year to top $60bn, as the global economy slowly recovers from the pandemic, according to Canalys.
The analyst firm clarified that double-digit growth from $54.7bn in 2020 would be its best-case scenario. However, even in the worst case, cybersecurity spending would reach 6.6%, it predicted.
That would factor in a deeper-than-anticipated economic impact from lockdowns, although the security market has proven to be remarkably resilient thus far to the pandemic-induced global economic crisis, Canalys said.
That said, SMB spending was hit hard last year, along with certain sectors like hospitality, retail and transport.
However, while spending is set to soar, so are data breaches and ransomware attacks. Human error continues to be a major factor, via misconfigurations of cloud infrastructure and susceptibility to phishing attacks, the analyst argued.
Mass remote working and learning in 2021 and the ongoing pressure placed on healthcare services will continue to expose these organizations to threats, it said.
Chief analyst, Matthew Ball, claimed the recent SolarWinds attacks highlight the continued unpredictability of the threat landscape. Amidst this volatile backdrop, organizations will need to adopt multi-layered approaches combining staff awareness training, data protection and threat detection and response, he said.
“Cybersecurity professional services engagements in response to this latest issue will be one of many factors contributing to sustained investment this year, especially in newer solutions to mitigate emerging threats,” Ball noted. “Growth in add-on subscriptions providing new features, products to secure the cloud and delivered from the cloud, and upgrades to existing solutions will be key drivers for expansion.”
The Canalys report covered shipments of endpoint security, network security, web and email security, data security, vulnerability and security analytics, and identity access management (IAM).
Web and email security (12.5%) will grow the most in 2021 with vulnerability and security analytics (11%) not far behind. Data security (6.6%) and network security (8%) are set to bring up the rear in terms of growth.
==================================================================
Wave VSC 2.0 (MFA), BETTER SECURITY at less than half the cost!!!
Catch the CYBERSECURITY WAVE in 2021!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Exploit Allows Root Access to SAP
https://www.infosecurity-magazine.com/news/exploit-allows-root-access-to-sap/
A team of enterprise resource planning security experts in Massachusetts have identified a functional exploit affecting SAP that is publicly available.
The exploit was discovered by Onapsis Research Labs on code-hosting platform GitHub, where it had been published by Russian researcher Dmitry Chastuhin on January 14. Researchers said the exploit can be used against SAP SolMan, the administrative system used in every SAP environment that is similar to Active Directory in Windows.
The fully functional exploit abuses United States' National Vulnerability Database listing CVE-2020-6207, a vulnerability in which SAP Solution Manager (User Experience Monitoring), version- 7.2, due to Missing Authentication Check, does not perform any authentication for a service. This vulnerability results in the complete compromise of all SMDAgents connected to the Solution Manager.
A successful attack exploiting this vulnerability could impact an organization's cybersecurity and regulatory compliance by placing its mission-critical data, SAP applications, and business process at risk.
"While exploits are released regularly online, this hasn't been the case for SAP vulnerabilities, for which publicly available exploits have been limited," wrote Onapsis researchers.
"The release of a public exploit significantly increases the chance of an attack attempt since it also expands potential attackers not only to SAP-experts or professionals, but also to script-kiddies or less-experienced attackers that can now leverage public tools instead of creating their own."
Because it was created to centralize the management of all SAP and non-SAP systems, SolMan has trusted connections with multiple systems. An attacker that could gain access to SolMan could potentially compromise any business system connected to it.
"Unfortunately, since it doesn't hold any business information, SAP SolMan is often overlooked in terms of security; in some companies, it does not follow the same patching policy as other systems," noted researchers.
An attacker with SAP SolMan control could shut down systems, access sensitive data, delete data, cause IT control deficiencies, and assign superuser privileges to any new or existing user.
"It is not possible to list everything that can potentially be done in the systems if exploited, since having admin privileged control in the systems or running OS commands basically make it limitless for an attacker," wrote researchers.
==================================================================
I believe the TPM is also called 'the root of trust.' Using an international standard in the TPM, also referred to as hardware security, supported by 150 companies would help SAP immensely!!! Wave VSC 2.0 (MFA) is great technology that would solve what could be huge problems for SAP and its customers. If only SAP and others knew what Wave solutions by Wave Systems could do!!!
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
What can it be used for?
What do you use your smart card for today? With the exception of keying open the door at work, Wave Virtual Smart Card can perform any of the services or applications you rely on your smart card for today. Secure VPN, WiFi, remote desktop, cloud applications – it can all be done with a virtual smart card.
One helpdesk call you'll never get: "I lost my virtual smart card again..."
There are so many ways to lose a token – couch cushions, street drains, curious toddlers. In fact, up to 30% of all tokens are eventually lost. It’s much harder to lose a laptop, and you notice a lot faster when you do.
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Enterprise Credentials Publicly Exposed by Cybercriminals
https://www.securityweek.com/enterprise-credentials-publicly-exposed-cybercriminals
Cybercriminals behind a successful phishing campaign have exposed more than 1,000 corporate employee credentials on the Internet, according to a warning from security vendor Check Point.
The corporate account credentials were stolen as part of a phishing campaign that kicked off in August 2020, targeting thousands of organizations worldwide.
As part of the campaign, the attackers were able to successfully bypass Microsoft Office 365 Advanced Threat Protection (ATP) filtering, which allowed them to harvest more than a thousand credentials from victims.
According to Check Point, the miscreants behind the campaign made a simple mistake that eventually resulted in the stolen credentials being publicly accessible on the Internet, “across dozens of drop-zone servers used by the attackers.”
Because of that, anyone could have used Google search to find the passwords for the compromised, stolen email addresses.
The attack started with phishing emails masquerading as Xerox notifications, attempting to lure victims into clicking on a malicious HTML attachment, which resulted in the browser displaying a blurred image.
JavaScript code running in the background, however, would perform password checks and send data to drop-zone servers controlled by the attackers, after which it would redirect the victim to a legitimate Office 365 login page.
Check Point also notes that the attackers continuously refined the code throughout the campaign, creating a more realistic experience, in an attempt to avoid any kind of suspicion from the victims and to ensure that their attacks can evade detection by antivirus vendors.
The cybercriminals employed both their own infrastructure to host domains used in the phishing attacks, and dozens of compromised WordPress websites that were used as drop-zone servers.
“Attackers usually prefer to use compromised servers instead of their own infrastructure because of the existing websites’ well-known reputations. The more widely recognized a reputation is, the chances are higher that the email will not be blocked by security vendors,” Check Point explains.
Once sent to the drop-zone servers, the stolen data was saved in files that were publicly accessible, thus indexable by Google, meaning that anyone could have located the stolen email address credentials via the popular search engine.
Check Point says it informed Google on the issue, and “victims now can use Google search capabilities to look for their stolen credentials and change their passwords accordingly.”
The campaign appears to have been mainly targeted at energy and construction companies, though IT, healthcare, real estate, manufacturing, education, transportation, financial services, and retail organizations were also targeted.
Analysis of the Tactics, Techniques, and Procedures (TTPs) employed in this campaign has allowed Check Point to identify a similar set of phishing attacks, carried out in May 2020, but which redirected to another version of an Office 365 phishing page.
=================================================================
Phishing that is targeting thousands of organizations worldwide in this article would be protected if they had Wave VSC 2.0!!! Wave VSC 2.0 (MFA) is better security. It works very effectively!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Key Features:
Strong Security
• Authenticate securely, encrypt email, and prove integrity of the device with one management console
• Protect against phishing, malware and other network security threats by storing authentication credentials in hardware
• Provide centralized enforcement of custom policies
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Hacker leaks full database of 77 million Nitro PDF user records
https://www.bleepingcomputer.com/news/security/hacker-leaks-full-database-of-77-million-nitro-pdf-user-records/
=================================================================
How many large stolen databases (reported and unreported) have there been??? Many could have been prevented with the excerpt below from Wave!!! Try and use Wave solutions to protect your organization's data and users' data.
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Ransomware victims that have backups are paying ransoms to stop hackers leaking their stolen data
https://www.zdnet.com/article/ransomware-victims-that-have-backups-are-paying-ransoms-to-stop-hackers-leaking-their-stolen-data/
Ransomware attacks are proving even more lucrative for cyber criminals as even organisations which can restore from backups are paying ransom demands to prevent further damage.
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
http://www.wavesys.com/
http://www.wavesys.com/contact-information
GDPR fines skyrocket as EU gets tough on data breaches
https://money.yahoo.com/gdpr-fines-dla-piper-report-144510440.html
Europe’s new privacy protection regime has led to a surge in fines for bad actors, according to research published today. Law firm DLA Piper says that, since January 28th, 2020, the EU has issued around €158.5 million (around $192 million) in financial penalties. That’s a 39-percent increase on the previous 20-month period Piper examined in its report, published this time last year. And as well as the increased fines, the number of breach notifications has shot up by 19 percent across the same 12-month period.
Italy, Germany and France are the three countries most willing to sanction companies, and have collectively charged companies €192.8 million ($234 million) since GDPR came into force. The biggest single fine, however, remains the $57 million that France levied against Google for violating data transparency rules. Other blockbuster fines, including the UK’s $123 million penalty for the Marriott data breach, was trimmed down to just $25 million.
The readiness of these countries to enforce data protection rules comes in stark contrast to the US, where there is a clamor for a GDPR-style regulatory regime. Apple CEO Tim Cook has lent his backing to the idea, as had some members of the outgoing administration. Senator Kirsten Gillibrand called on the US to launch a new data-protection body with similar enforcement powers, while the Government Accountability Office says that new rules are needed, but suggests that the FTC is best placed to act as regulator.
==================================================================
Wave can prevent data breaches unlike many others; http://www.wavesys.com/ can help show why Wave can stop these data breaches from happening!! Given what is happening in the EU with GDPR (see above article), and what may happen in the U.S. with data protection, making Wave solutions a part of your data protection would be a smart idea!!!
==================================================================
http://www.wavesys.com/contact-information
Capitol riot suspect plotted to sell stolen Pelosi laptop to Russian intelligence, authorities say
https://www.nbcnews.com/news/us-news/capitol-rioter-plotted-sell-stolen-pelosi-laptop-russian-intelligence-n1254583
==================================================================
This article should serve as another loud sign for organizations to use a solution like the Wave Cloud (as seen in previous post #246397) to activate and manage SEDs!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
MoD Experiences 18% Growth in Personal Data Loss Incidents
https://www.infosecurity-magazine.com/news/ministry-defence-growth-personal/
The UK’s Ministry of Defense (MoD) experienced an 18% rise in personal data loss incidents in the financial year 2019/20, according to official figures analyzed by the Parliament Street Think Tank.
The UK government’s defense department revealed there were 546 reported incidents of personal data loss during the last financial year, up from 463 in 2018/19. Seven of the incidents were reported to the Information Commissioner’s Office (ICO) owing to their serious nature.
The vast majority (454) of incidents were recorded under the category of unauthorized disclosure. A further 49 were classified under loss of inadequately protected electronic equipment, devices or paper documents from secured government premises, with another 19 reported from outside of government premises.
Of the seven most serious incidents reported to the ICO, one involved a sub-contractor incorrectly disposing of MoD originated material in July 2019, which led to the personnel and health data of two former employees being accidently disclosed. Another occurred when a recorded delivery package containing the claims for forms of five individuals was lost in transit between two stations in February 2020. A third example revolved around a whistleblowing report that had not been properly anonymized.
Commenting on the figures, Tim Sadler, CEO at Tessian, said: “Time and time again we see how simple incidents of human error can compromise data security and damage reputation. The thing is that mistakes are always going to happen. So, as organizations give their staff more data to handle and make employees responsible for the safety of more sensitive information, they must find ways to better secure their people.
“Education on safe data practices is a good first step, but business leaders should consider how technology can provide another layer of protection and help people to make smarter security decisions, in order to stop mistakes turning into breaches.”
The data is likely to add to fears over the vulnerability of public sector organizations to data breaches, particularly since the shift to remote working during COVID-19.
In December, Parliament Street reported that the Ministry of Justice (MoJ) had suffered 17 serious data breaches during the last financial year.
==================================================================
http://www.wavesys.com/products/wave-cloud
Wave Cloud - The fast, risk-free way to deploy SEDs.
No infrastructure, no software …
no more excuses
You know you should be encrypting data on every device in your organization, especially your laptops. Self-encrypting drives (SEDs) are the fastest, easiest and most secure way to do that. But setting up to support and manage SEDs can seem daunting. Even to test them, you need server infrastructure and management software. Right?
Not with Wave Cloud. The world’s first cloud-based service for managing SEDs, Microsoft Bitlocker and OS X FileVault 2, Wave Cloud lets users take advantage of the benefits of SEDs without jumping through the hoops traditionally associated with SED management. Whether you’re doing a small proof-of-concept or full-blown production deployment, Wave Cloud is the fastest way to get there.
Contact Wave Sales and you’re on your way - no servers or software or big capital expenditures.
Manage the entire range of endpoint encryption technologies
Wave Cloud is the world’s only cloud service that manages SEDs and software encryption in a single console. Its hybrid management approach is the best way to secure your legacy endpoints today with OS-native full disk encryption, while phasing in self-encrypting drives on your latest-generation assets.
Key Features:
Flexibility
• Compatible with Windows 8.1, 8, 7 and Vista operating systems; and OS X 10.8 and 10.9 (for OS X FileVault 2)
• Manage mixed environments from one console
Easy security compliance
• Active monitoring, logging, and reporting of all user and device events associated with SEDs
• No infrastructure to buy or set up - fast, easy compliance
Data protection
• The only cloud-based management solution that gives you drive initialization, user management, drive locking, and user recovery for all Opal-based, proprietary, and solid-state SEDs
• Secure user recovery using challenge/response
• User-based SSO after recovery
• Control for external SEDs
• S3 sleep support
Simplicity
• Fast deployment of SEDs and OS-native software encryption—no need to buy, build, and test (or maintain) server infrastructure
• Easy-to-use web interface
• Deploy many drives at once with policy-based management
• Windows password synchronization and single sign-on (SSO)
• Features and maintenance patches are continually updated, so you’re always running the best, most secure version of the service
• One-click initialization/provisioning
• Your subscription covers everything—no up-front charges, no support charges
No compromises
• Wave Cloud is every bit as secure as our on-premise SED management product
• All the same monitoring, logging, and reporting you need for compliance
=================================================================
Please see Wave Cloud link above for a Free Trial!!!
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Facebook Takes Legal Action Against Data Scrapers
https://www.securityweek.com/facebook-takes-legal-action-against-data-scrapers
Facebook on Thursday announced that it took legal action against two individuals for scraping data from its website.
In a lawsuit filed in Portugal, Facebook Inc. and Facebook Ireland seek permanent injunction against the two for violation of the social media platform’s terms of service and Portugal’s Database Protection Law.
The social media giant says that the two created browser extensions that they made available for download through the Chrome Web Store. The extensions were being offered using the business name “Oink and Stuff.”
A privacy policy that accompanied these extensions claimed that no collection of personal information would be performed.
This, Facebook says, was misleading, as four of the extensions were found to contain spyware code, namely Web for Instagram plus DM, Blue Messenger, Emoji keyboard, and Green Messenger.
The code was meant to scrape users’ information from the Facebook website, but could also harvest additional data from the users’ browsers unrelated to the social platform, all without notifying the victims on the matter, the company reveals.
Data harvested from the Facebook website includes name, user ID, gender, relationship status, and age group, along with other account information.
In addition to seeking a permanent injunction against the two individuals, the social media platform is demanding that they delete all of the Facebook data they harvested.
“This case is the result of our ongoing international efforts to detect and enforce against those who scrape Facebook users’ data, including those who use browser extensions to compromise people’s browsers,” Facebook concludes.
Facebook previously took legal action against entities in the U.S., Israel and Ukraine over data scraping.
=================================================================
If you had the data stored in a TPM or SED, it would be much more difficult to scrape the data. Wave could help Facebook out with managing and activating TPMs and SEDs such that Facebook wouldn't have to spend time and money bothering with data scrapers!!! Plus users wouldn't have their data scraped!!!
And if Facebook had only known and approved devices being able to access data from its network (Wave feature), Facebook and its users would be well protected!!
=================================================================
Catch the Cybersecurity Wave in 2021!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Forget A.I., cybersecurity is the new buzzword
https://fortune.com/2021/01/15/sequoias-doug-leone-turns-on-trump/
==================================================================
On the side of buildings:
Catch the Cybersecurity Wave in 2021. Buy Wave's better solutions!
==================================================================
Employees in Wave, ESW and other interested parties could post this message with interesting posts on social media!!!
=================================================================
http://www.wavesys.com/wave-alternative
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Biden-Harris Admin Proposes $10B in New IT and Cyber Funding for Federal Agencies
https://www.nextgov.com/it-modernization/2021/01/biden-harris-admin-proposes-10b-new-it-and-cyber-funding-federal-agencies/171446/
==================================================================
Wave Systems with Wave solutions offers the biggest BANG for the buck for outstanding cybersecurity!!! Wave would be a welcome change that works very well!!! Wave could protect against data breaches, ransomware and other cyberattacks and hopefully it starts to rollout very rapidly before the World continues to be plagued by these attacks!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
http://www.wavesys.com/wave-alternative
Excerpts:
Choose data protection that actually works.
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
GSA Awards $800M Contract to Support Internal Use of Emerging Tech
https://www.nextgov.com/emerging-tech/2021/01/gsa-awards-800m-contract-support-internal-use-emerging-tech/171416/
==================================================================
NCI Selects Wave Systems (WAVX) as a Subcontractor on the U.S. Government Services Administration's Alliant Contract
https://www.streetinsider.com/Corporate+News/NCI+Selects+Wave+Systems+(WAVX)+as+a+Subcontractor+on+the+U.S.+Government+Services+Administrations+Alliant+Contract/4980147.html
==================================================================
Wave was a previous subcontractor with NCI, and could have a big impact on vastly improving agencies' cybersecurity.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Pentagon’s $2 Billion Cybersecurity Project Slowed by Flaws
https://www.bloomberg.com/news/articles/2021-01-13/pentagon-s-2-billion-cybersecurity-project-slowed-by-flaws
The Defense Department has halted deployment on its classified networks of a $2 billion cybersecurity project intended to detect intrusions and prevent attacks because of poor test results, according to the Pentagon’s testing office.
The effort to consolidate hundreds of U.S.-based and global systems continues to be fielded to non-classified networks even though test assessments since 2016 have continually shown it’s “unable to help network defenders protect DoD component networks against operationally realistic cyber attacks,” testing chief Robert Behler wrote in his latest criticism of the project known as the Joint Regional Security Stack.
Behler’s report, obtained by Bloomberg News in advance of its release, was written before the Defense Department acknowledged that it was among government agencies hit by a massive intrusion attributed to Russian hackers. Although the Pentagon said there’s no evidence that data or systems were compromised, the attack raised new questions about protecting defense systems.
Please see the rest of the article at the link above.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
CISA: Hackers bypassed MFA to access cloud service accounts
https://www.bleepingcomputer.com/news/security/cisa-hackers-bypassed-mfa-to-access-cloud-service-accounts/
==================================================================
Organizations should use Wave VSC 2.0 (MFA) instead of the multi-factor authentication (MFA) in this article, and other MFA!!! Wave would then have MANY HAPPY CUSTOMERS!!!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Hacking WordPress websites & stealing WordPress passwords
https://securityboulevard.com/2021/01/hacking-wordpress-websites-stealing-wordpress-passwords/
==================================================================
http://www.wavesys.com/what-tpm
A Trusted Platform Module (TPM) is a standards-based security chip that’s built into most of your laptop and desktop computers. In fact, it has shipped in more than 600 million laptop and desktop computers from Acer, Dell, HP, Lenovo, Panasonic, Samsung and Toshiba.
The TPM is a secure micro-controller with cryptographic features that provides a root of trust and enables the secure generation of keys and the ability to limit the use of them (to signing / verification or encryption / decryption).
It also serves as a secure container for key storage and can safeguard other data deemed too sensitive for software protection alone.
The TPM standard was created almost a decade ago by the Trusted Computing Group (TCG), an international security standards organization.
=================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Token-free, password-free user authentication
We know you’ve dreamt about shredding your list of passwords. Go on and do it.
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
=================================================================
In Wave VSC 2.0 sign ins to websites could be limited to https websites and thus limit many account takeovers (imo)!!!
Hackers have leaked the COVID-19 vaccine data they stole in a cyberattack
https://www.zdnet.com/article/hackers-have-leaked-the-covid-19-vaccine-data-they-stole-in-a-cyberattack/
Excerpt:
"The agency continues to fully support the criminal investigation into the data breach and to notify any additional entities and individuals whose documents and personal data may have been subject to unauthorised access," the EMA added.
==================================================================
New Zealand Central Bank Breach Hit Other Companies
https://www.infosecurity-magazine.com/news/new-zealands-central-bank-probes/
Excerpt:
Although the breach has been contained, an urgent investigation into the unauthorized access has begun.
=================================================================
Unauthorised/unauthorized access - If these two organizations and others had Wave solutions, unknown and unapproved (unauthorized) devices would not be allowed access to their networks and sensitive information! There wouldn't be all of these unauthorized access problems!! Use better security, use Wave solutions by Wave Systems!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
=================================================================
http://www.wavesys.com/data-protection
Security Operations Struggle to Defend Value, Keep Workers
https://www.darkreading.com/operations/security-operations-struggle-to-defend-value-keep-workers/d/d-id/1339876
Companies continue to value security operations centers but the economics are increasingly challenging, with high analyst turnover and questions raised over return on investment.
A growing majority of companies consider their security operations center (SOC) to be essential or important to their ability to secure their business and data, but the challenges in maintaining SOCs have expanded in the past year, the Ponemon Institute states in its second annual "Economics of Security Operations Centers" report, published on Jan. 12.
Questions regarding the return on investment of security operations and the increasing cost of retaining security analysts are among the most significant challenges uncovered by the study. More than half of respondents — 51% — consider SOCs to be less valuable, despite the number of breaches increasing, according to the Ponemon Institute. Exacerbating the issues, the average cost of a managed security service provider (MSSP) has increased to $5.3 million, up from $4.4 million in 2019, according to the report.
Along with the coronavirus pandemic, security teams have had to deal with the perennial problems of high stress, information overload, and a lack of network visibility, resulting in SOCs failing to live up to their potential in the minds of security leaders, according to the report. To combat negative security trends, automation, analyst training, and the adoption of more efficient technology can help, says Chris Triolo, chief customer officer at Respond Software, which sponsored the Ponemon survey.
Companies need to "scale security operations past manual capabilities to deal with increasing threats and to reduce SOC workloads, while better enabling analysts to manage critical incidents," he says.
The last year has been challenging for security operations teams. Not only have most SOCs had to move to a remote or virtual model because of the pandemic, but the average employee is now connecting to business data and services from home. As a result, the Ponemon survey found that both endpoint security and denial-of-service attacks have become greater problems for security teams.
"[S]ecurity teams struggle to secure remote employees and their access points to the organization," the report states. "SOCs have had to focus on bad actors trying to take advantage of the situation as more respondents report they are worried about nation states and criminal organizations attacking their companies."
Little surprise, then, that more respondents — 81% — consider SOC management to have become more complex, compared with 74% of respondents a year ago.
Companies are trying to reduce that complexity and increase agility, with significant momentum for adoption of DevOps and other agile business and development models. More than 85% of survey respondents considered agile DevOps an important SOC activity, a 12-point jump from the previous year.
Making such efforts more complex, however, the high turnover of security analysts continues to be a significant problem for SOCs. The average tenure of an analyst is only two years, and while companies expect on average to hire five analysts in the coming 12 months, they also expect to lose three analysts over the same period.
More security workers — 75% — find the stress and repetitive work to lead to burnout, up from 70% a year ago. And a stunning 85% of security analysts consider their job working in a SOC as painful or very painful.
"For any profession, it's key to have a sense of accomplishment in your work — security is an especially mission-driven profession, and analysts want to know they're making an impact on protecting their organizations," Triolo says. "But it can be demoralizing to face false-positive security alerts all day or to think your skills are going to waste on less-technical tasks."
The pain and stress faced by workers have led to higher salaries, and thus greater cost for companies and a perceived lower ROI. The average salary for SOC analysts increased 9% in the past year, to $111,000, and nearly half of analysts expect their salary to increase again in 2021.
"SOC analysts are very overwhelmed with increasing workloads, the volume of alerts and false positives, which lead to burnout — but they are more often using their sought-after skills to find better paying opportunities," Triolo says. "We always recommend that organizations identify their best performing SOC analysts and find ways to keep them challenged, growing, and to provide leadership opportunities, or risk losing them."
The solutions do not appear simple nor clear. However, reducing complexity through automation and focusing on retaining workers should both be priorities, according to the report.
"The path taken by many security teams to solve these problems appears to be investments in technology that provide greater visibility, less information and alert overload, and the elimination of manual, mundane tasks," the Ponemon Institute states in the report. "It will be interesting to see if organizations can connect the dots with technology and in-house expertise to drive greater efficacy and efficiency in their SOC next year."
=================================================================
If CISOs, CIOs, CEOs and BODs saw what Wave solutions could do to protect their endpoints, a lot of the problems with SOCs wouldn't exist (ie. burnout)!!!
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Windows 10 hardware security enabled by default on new Surface PC
https://www.bleepingcomputer.com/news/security/windows-10-hardware-security-enabled-by-default-on-new-surface-pc/
Excerpt:
Customers are also protected from attacks with the help of a security processor (TPM 2.0) which secures and encrypts data and the Windows Hello feature which enables passwordless sign-ins.
==================================================================
This article is another huge endorsement for the TPM (activated)!!! Wave should seize on this incredible opportunity for spreading the word on its better endpoint security for its future customers!!! Wave VSC 2.0, Wave Endpoint Monitor and Wave SED management could be helping millions now with these solutions and activated TPMs.
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Windows Hello is now being used by 84% of Windows 10 users
https://www.bleepingcomputer.com/news/microsoft/windows-hello-is-now-being-used-by-84-percent-of-windows-10-users/
Excerpt:
According to a new report from Microsoft, the number of consumers using Windows Hello to sign in to Windows 10 instead of a password grew to 84.7 percent from 69.4 percent in 2019.
==================================================================
According to this statistic, the TPM has landed and has been successfully tested! Wave has great solutions to further take advantage of the TPM, and these solutions are second to none in things like data protection.
==================================================================
http://www.wavesys.com/data-protection
Security = data protection
When we talk about security, what we really mean is protecting data from theft and misuse. Proprietary information, R&D, corporate strategy, customer names and phone numbers, social security numbers, passwords … All have potential monetary value, and all are targets. Data theft is a growth industry. As an example, tens of thousands of new malware strains pop up daily. With online tools, even a non-technical person can create one in minutes.
The IT perimeter has vanished
Data protection is easy enough when your data is sitting in secure servers. But today, it’s not. The workforce is increasingly mobile. More than 60 percent of corporate data lives not on servers but on laptops, tablets, and other devices (and more and more of those devices are owned by employees). Data is dispersed, constantly moving, and constantly exposed to the Internet and all the malware, viruses, and hackers lurking there.
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Wouldn't it be something if Wave flourished in a BIG WAY from all the blood, sweat and tears of the shareholders and employees, and we were able to share in that?
Who knows?
Some ransomware gangs are going after top execs to pressure companies into paying
https://www.zdnet.com/article/some-ransomware-gangs-are-going-after-top-execs-to-pressure-companies-into-paying/
==================================================================
Wouldn't it make sense for top management and other employees to have their workstations and laptops be protected by using activated Self Encrypting Drives (SEDs) in their computers!!! To activate these SEDs and manage them, it also makes a lot of sense to use Wave SED management!!!
==================================================================
http://www.wavesys.com/products/wave-self-encrypting-drive-management
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Laptop stolen from Pelosi's office during Capitol riots
https://thehill.com/policy/cybersecurity/533384-laptop-stolen-from-pelosis-office-during-capitol-riots
=================================================================
It would make sense to have a law that mandates that SEDs be activated for organizations. Data can be too valuable to trust in unencrypted form during unforeseen circumstances. Better to have it encrypted and managed by a solution like Wave SED management!!!
=================================================================
http://www.wavesys.com/products/wave-self-encrypting-drive-management
Enterprises choose Wave to manage SEDs
Why? From our single console, you can manage all your organization’s self-encrypting drives (SEDs) easily and remotely, whether they number in the hundreds, or hundreds of thousands.
SEDs are the most secure, best-performing and most transparent encryption option for protecting data on laptops. These drives automatically encrypt all data written to the drive, so you don’t have to decide what’s important enough to encrypt. They also perform this encryption in the hardware of the drive, so you don’t end up with the performance issues software full-disk encryption is infamous for. SEDs are available as HDD or SSD, and are sold by most major drive manufacturers.
Wave’s management solution delivers remote drive initialization, user management, drive locking, user recovery and crypto-erase for all Opal-based, proprietary and solid-state SEDs.
Easy proof of compliance
Your encryption is only as good as you can prove it to be. To comply with most data protection regulations, your organization has to prove encryption was in place at the time of a potential breach. Wave provides secure audit logs to help you demonstrate compliance.
If you lose a device with a Wave-managed SED, there’s no wondering or guessing. You know encryption was on by default, and you can prove it.
No vendor lock-in
SED technology was created and standardized by a consortium of the best in the infosec industry, a standards body called the Trusted Computing Group (TCG). This means you can buy your drives wherever you want, from whatever vendor you want—any SED built to the TCG’s Opal specification can be managed by Wave.
No SEDs yet? No problem.
If your organization hasn’t yet deployed SEDs, you can skip the process of retro-fitting and simply incorporate SEDs on all new laptops as part of your regular refresh cycle. In the meantime, the same Wave console can manage BitLocker and SEDs, so you can protect the devices you have now with BitLocker and add those with SEDs as they are deployed. And if you’re using Wave’s cloud platform, you can also support OSX FileVault2.
Pick your platform
Wave SED management is available via the cloud or on-premise servers. Ask us for more details about which platform is right for your deployment.
Key Features:
Easy security compliance
• Active monitoring, logging and reporting of all user and device events
Data protection
• Local changes are prohibited
• Drive locking is supported in sleep or standby (S3) modes
• Manage clients inside or outside the firewall and on non-domain machines
Simplicity
• Everything is automatically encrypted—users don’t have to identify which data is sensitive
• Windows password synchronization and single sign-on
• Add or remove users remotely
• MMC snap-in is familiar and easy—less administrator training
• Role management allows delegation of tasks with customized or predefined roles.
No compromises
• Encryption is completely transparent to your users—they won’t even notice it's there
• Customizable pre-boot message at authentication screen
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
New side-channel attack can recover encryption keys from Google Titan security keys
https://www.zdnet.com/article/new-side-channel-attack-can-recover-encryption-keys-from-google-titan-security-keys/
Excerpt:
A duo of French security researchers has discovered a vulnerability impacting chips used inside Google Titan and YubiKey hardware security keys.
==================================================================
Didn't RSA Securid once recommend Yubikey be used with Securid?
Why not simply, securely, smartly, and economically use Wave VSC 2.0 with a TPM ALREADY BUILT-IN?!!
==================================================================
http://www.wavesys.com/products/wave-virtual-smart-card
Excerpts:
One helpdesk call you'll never get: "I lost my virtual smart card again..."
There are so many ways to lose a token – couch cushions, street drains, curious toddlers. In fact, up to 30% of all tokens are eventually lost. It’s much harder to lose a laptop, and you notice a lot faster when you do.
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Hacker sells Aurora Cannabis files stolen in Christmas cyberattack
https://www.bleepingcomputer.com/news/security/hacker-sells-aurora-cannabis-files-stolen-in-christmas-cyberattack/
==================================================================
It's really sad that cyberattacks like this continue to happen especially when the Wave Alternative could have been used to prevent this!!! USE BETTER SECURITY, USE WAVE SOLUTIONS BY WAVE SYSTEMS!!!
==================================================================
http://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
FBI warns of Egregor ransomware extorting businesses worldwide
https://www.bleepingcomputer.com/news/security/fbi-warns-of-egregor-ransomware-extorting-businesses-worldwide/
==================================================================
The FBI recommends antivirus software and two factor authentication to help stop ransomware. Wave Endpoint Monitor , anti-malware protection, against ransomware and Wave's VSC 2.0 (2FA) work effectively!!! WHY NOT USE WHAT WORKS EFFECTIVELY, Wave Solutions!!! Organizations should try what works effectively, Wave solutions!! Or ransomware attackers are going to continue to keep doing what they're doing to the market!!!
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
British Airways Plans £3bn Breach Settlement
https://www.infosecurity-magazine.com/news/british-airways-plans-3bn-breach/
=================================================================
It's staggering the money and headaches that could have been saved if British Airways, and many breached companies had used Wave Solutions. What will British Airways pay for insurance again or at all? What costs will be passed on to consumers?
Use better security, use Wave solutions!!!
==================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
http://www.wavesys.com/data-protection
==================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
Anti-Secrecy Activists Publish a Trove of Ransomware Victims' Data
https://www.wired.com/story/ddosecrets-ransomware-leaks/
WikiLeaks successor DDoSecrets has amassed a controversial new collection of corporate secrets and is sharing them in the name of transparency.
==================================================================
http://www.wavesys.com/data-protection
Security = data protection
When we talk about security, what we really mean is protecting data from theft and misuse. Proprietary information, R&D, corporate strategy, customer names and phone numbers, social security numbers, passwords … All have potential monetary value, and all are targets. Data theft is a growth industry. As an example, tens of thousands of new malware strains pop up daily. With online tools, even a non-technical person can create one in minutes.
The IT perimeter has vanished
Data protection is easy enough when your data is sitting in secure servers. But today, it’s not. The workforce is increasingly mobile. More than 60 percent of corporate data lives not on servers but on laptops, tablets, and other devices (and more and more of those devices are owned by employees). Data is dispersed, constantly moving, and constantly exposed to the Internet and all the malware, viruses, and hackers lurking there.
Wave’s solution: start with the device
The Wave approach to this challenge is to make the IT perimeter irrelevant. Wave turns on and manages the self-encrypting drives (SEDs) and trusted platform modules (TPMs), or security chips, that are already embedded in many of your devices. The upshot is that each and every device is equipped with its own data protection system—while being centrally managed. This gives you unprecedented yet straightforward control over exactly who has access to your data, with what devices, over what networks.
We cost less too. Wave works on your existing hardware, across platforms. That’s because our solutions are based on an open standard that’s already been implemented on 600 million–plus laptops and is now working its way onto mobile devices. Our software is all you need to reach a whole new level of data protection. It’s one of the big reasons why total cost of ownership can be almost half that of a traditional software-based system that doesn’t even work very well.
=================================================================
Use Wave solutions, and avoid showing up in DDoSecrets!!!
=================================================================
http://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpt:
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information
The U.S. government spent billions on a system for detecting hacks and the Russians outsmarted it.
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=160223598
SolarWinds incident should be a catalyst to rethink federal cybersecurity
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=160426799
==================================================================
The Wave alternative below is worth the read!!!
http://www.wavesys.com/wave-alternative
Choose data protection that actually works.
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
http://www.wavesys.com/
http://www.wavesys.com/contact-information
10 of 15 of DOD’s Major IT Projects Are Behind Schedule, GAO Found
https://www.nextgov.com/it-modernization/2021/01/10-15-dods-major-it-projects-are-behind-schedule-gao-found/171155/
Lack of talent is one of the key reasons Defense officials cited for shortfalls implementing cybersecurity best practices.
==================================================================
http://www.wavesys.com/wave-alternative
Excerpt:
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
=================================================================
Wave Systems Announces First U.S. Federal Government Customer for Wave Virtual Smart Card 2.0
http://www.wavesys.com/buzz/pr/wave-systems-announces-first-us-federal-government-customer-wave-virtual-smart-card-2.0
Lee, MA -
October 2, 2014 -
Wave Systems Corp. (NASDAQ: WAVX) marked an important sales milestone by announcing the first U.S. federal government customer for its Virtual Smart Card 2.0.
Since the Virtual Smart Card 2.0 became commercially available in late July 2014, Wave has entered into dozens of pilot deployments in multiple sectors, including healthcare, financial services, automotive, energy and utilities. However, today’s announcement marks the product’s first sale in the government sector.
“This is an important milestone for Wave,” said Bill Solms, CEO of Wave. “Wave Virtual Smart Card 2.0 has been purchased by a government agency with significant security requirements and one that requires redundant means of system authentication due to national security interests. This initial sale is modest compared to the addressable market within the Federal Government sector, but it is important to our strategy for marketing the Virtual Smart Card to address critical government infrastructure defense.”
“We believe that this sale, which was completed on a shorter sales cycle than we had anticipated, supports our view that customers are interested in the type of cyber security solution that Wave’s Virtual Smart Card 2.0 provides,” Solms added.
Wave Virtual Smart Card 2.0 is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7. It also supports Windows 8 and 8.1. Wave’s new solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, lower total cost of ownership, and a reduced risk of unauthorized use.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure PIN and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with TPM 1.2 or TPM 2.0
=================================================================
Army Reserve gets its first cyber general
https://www.fedscoop.com/army-reserves-first-cyber-general/
=================================================================
http://www.wavesys.com/
http://www.wavesys.com/contact-information