Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
GDPR lawsuit against Oracle and Salesforce moves forward
https://www.computerweekly.com/news/252491537/GDPR-lawsuit-against-Oracle-and-Salesforce-moves-forward
Class action suit seeks claims worth more than £10bn over the processing of personal information
==================================================================
What if organizations leave personal data to be stolen because they don't have excellent cybersecurity like Wave solutions to protect the data? The previous post talks about European Consumer groups beginning to sue over data breaches. Salesforce and Oracle are facing expensive lawsuits for 10 to 15 billion. One would figure that with class action lawsuits such as these, many organizations would be demanding better security: Wave solutions in a hurry!!! It's a lot less to pay for Wave solutions up front and protect the organization than wait for a disaster to hit!!
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
European Consumer Groups Begin Suing Over Data Breaches
https://www.wsj.com/articles/european-consumer-groups-begin-suing-over-data-breaches-11604658602
Class-action lawsuits for privacy violations are becoming more common in Europe
==================================================================
INTERESTING Article!!!
==================================================================
If organizations were using Wave VSC 2.0, Wave SED management, and Wave Endpoint Monitor (WEM), they wouldn't have the problems that companies in the article will be having with class-action lawsuits. Prepare ahead of time with these Wave solutions, and avoid data breaches rather than paying substantially more later on!!!
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Two-Thirds of Financial Services Firms Suffered Cyber-Attack in the Past Year
https://www.infosecurity-magazine.com/news/two-thirds-financial-services/
================================================================
When you see a statistic like this in the title of the article, it has become common for financial services firms to suffer a cyber-attack. This is just unacceptable. There was a Global Financial Services firm with in excess of 150,000 employees, and after they tested Wave VSC 2.0, they signed up with Wave. It's better security, and this Global Financial Services firm agreed!!!
Why not use solutions that work effectively: Wave solutions!!!
==================================================================
wavesys.com
Fewer than 25 percent of companies deployed adequate security access control systems
https://www.scmagazine.com/home/security-news/fewer-than-25-percent-of-companies-deployed-adequate-security-access-control-systems/
==================================================================
From this survey, it appears that MANY companies could use Wave VSC 2.0!!!
==================================================================
Excerpt: On the plus side, 58.7 percent said they either planned to implement network security monitoring in the next 12 to 24 months or had a pilot project in place.
==================================================================
It seems that unauthorized access to the network is in the headlines quite often, and when affected organizations already had network security monitoring. How successful is the monitoring? Why not try only known and approved devices being allowed to access your network. Instead of the bad guys slipping through to get on the network, they would be kept from accessing it!!
=================================================================
wavesys.com
=================================================================
Use Wave solutions, use better security!!!
23,600 hacked databases have leaked from a defunct 'data breach index' site
https://www.zdnet.com/article/23600-hacked-databases-have-leaked-from-a-defunct-data-breach-index-site/
================================================================
Excerpts:
Zdnet was not able to download the entire dataset estimated at around 50GB and 13 BILLION user records.
Currently this data is now being used by other cybercrime gangs to orchestrate spam campaigns and credential stuffing and password spraying attacks against users who might have reused passwords across online accounts.
Even if some of these databases are from old hacks, mega leaks like these are incredibly damaging to the security posture of most internet users.
=================================================================
This article is a great reason to use Wave VSC 2.0 (MFA)!!! Organizations could keep from getting hacked into if they used this Wave solution!!
=================================================================
wavesys.com
=================================================================
Use Wave solutions, use better security!!!
Why Defense, Not Offense, Will Determine Global Cyber Powers
https://www.darkreading.com/edge/theedge/why-defense-not-offense-will-determine-global-cyber-powers/b/d-id/1339237
Darktrace director of strategic threat Marcus Fowler explains what to expect from nation-state attackers in the months to come -- and why kindergarten classes are a good model for solid cybersecurity.
==================================================================
Excerpt: "We need technology like AI to make that split-second decision about what is threatening."
==================================================================
We don't need AI to make split second decisions about what is threatening! What will get missed with these decisions?? What governments really need is only known and approved devices to be allowed access to the network. Therefore, unauthorized (unknown and unapproved devices) don't get access to the network and its data: use Wave solutions, use better security!!!
=================================================================
wavesys.com
Interview: Ian Pratt, HP Security
https://www.infosecurity-magazine.com/interviews/interview-ian-pratt-hp/
=================================================================
Articles like this one are ok, but then you read this:
Rising Ransomware Breaches Underscore Cybersecurity Failures
https://www.darkreading.com/attacks-breaches/rising-ransomware-breaches-underscore-cybersecurity-failures/d/d-id/1339340
Ransomware's continued success speaks volumes about what's at stake for businesses and people, and, perhaps, the cybersecurity industry's inability to adapt quickly enough to protect everyone.
==================================================================
Lenovo, HP, DELL, and others could use a simpler and more secure cybersecurity set of solutions that gets the job done and in timely fashion: Wave solutions!!!
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Lenovo Q2 2020: Revenue tops $14.5 billion as PC demand climbs
https://www.zdnet.com/article/lenovo-q2-2020-revenue-tops-14-5-billion-as-pc-demand-climbs/
================================================================
The #1 computer maker bundled Wave's software with their computers!!! Lenovo could increase its services business by adding outstanding cybersecurity to its lineup with Wave solutions! The hardware (TPMs and SEDs) is already built-in to computers and Wave/Lenovo can help turn it on and make excellent use of it!!!
=================================================================
wavesys.com
=================================================================
Use Wave solutions, use better security!!!
Cybersecurity threats to corporate America are present now 'more than ever,' SEC chair says - CNBC
https://www.cnbc.com/2020/11/02/secs-jay-clayton-on-cybersecurity-threats-to-corporate-america.html
==================================================================
Coming from the SEC chair, this is a BIG DEAL!! Previous posts could be helpful.
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Interview: John O’Malley, Director of Cybersecurity, AT&T Cybersecurity
https://www.infosecurity-magazine.com/interviews/interview-att-cybersecurity/
=================================================================
Why did a Global Financial Services company and PwC choose to work with Wave software? It must have partly been due to Wave solutions being very effective. These are two companies with in excess of 150,000 employees each. Managed security service providers (MSSP) could benefit tremendously by using Wave VSC 2.0 and Wave's other solutions. Hardware (TPMs and SEDs) and software are stronger than software only solutions. The Trusted Computing Group (TCG) has been behind the TPM and SED standards for many years. Are the MSSP's aware of the better security in Wave's solutions, and that Wave incorporates the TPM and SED into its security offerings, and that the SEDs and TPMs are built-in security?
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Technology solutions providers must empower end users to improve cybersecurity standards
https://www.helpnetsecurity.com/2020/11/02/tsp-cybersecurity/
==================================================================
Do the technology solutions providers (TSP) really know about tried/tested cybersecurity standards: TPMs and SEDs? PwC was able to see what a useful and powerful technology Wave software and the TPM is!! Why not share this information with the TSPs? They could have better cybersecurity for their clients!!!
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Ransomware Surge Imperils Hospitals as Pandemic Intensifies
https://www.securityweek.com/ransomware-surge-imperils-hospitals-pandemic-intensifies
Hackers are stepping up attacks on health care systems with ransomware in the United States and other countries, creating new risks for medical care as the global coronavirus pandemic accelerates.
Alerts from US authorities and security researchers highlight a wave of cyberattacks on hospitals coping with rising virus infections.
An unusual warning this week from the FBI with the Departments of Homeland Security and Health and Human Services, underscored the threat.
The three agencies "have credible information of an increased and imminent cybercrime threat to US hospitals and health care providers," said the alert issued Wednesday, calling on health systems to "take timely and reasonable precautions to protect their networks from these threats."
Media reports have cited several US hospitals hit by ransomware.
One of them, the University of Vermont Medical Center, said in a statement Thursday it was working with law enforcement on "a now confirmed cyberattack that has affected some of our systems" which has had "variable impacts" on patient care.
Daniel dos Santos of the computer security firm Forescout said cash-strapped medical centers are particularly attractive targets for hackers and that at least 400 hospitals had been hit in the past few weeks in the US and Britain.
Hackers are aware that "health care is the most likely to pay the ransom because their services are critical," dos Santos said."Stopping services means that people will literally be dying."
For hospitals unable or willing to pay, "it would mean going back to pen and paper, which can cause huge slowdowns," he added.
Forescout said in a report that while many hospitals have upgraded computer systems, most use a variety of connected devices such as patient monitors or CT scanners which "act as the weak links in the network" because they transmit data over insecure channels.
In one sign of the troubles looming, dos Santos and fellow researchers said they discovered data on some three million US patients online, "unprotected and accessible to anyone who knows how to search for it.," the Forescout report said.
- Most targeted -
Ransomware is a longstanding security issue and health care has been a frequent target. A September attack disrupted Universal Health Services, which operates hospitals in the US and Britain.
But security experts say the attacks are accelerating as the pandemic worsens.
Researchers at the security firm Check Point said its survey showed health care has been the most targeted industry by ransomware, with a 71 percent jump in attacks on US providers in October from a month earlier.
Check Point said there have been significant rises in ransomware attacks on hospitals in Asia, Europe and the Middle East as well. Globally, the firm said ransomware attacks were up 50 percent in the third quarter compared with the first half of this year.
Many of the attacks use a strain of ransomware known as Ryuk, which security researchers say may be tied to North Korean or Russian cybercriminals.
The US government warning said health organizations are being targeted by phishing attacks to get access to the systems, with hackers using sophisticated tools including TrickBot software which can harvest credentials and exfiltrate data.
The Canadian government's Cyber Centre issued a similar warning in early October, warning of Ryuk ransomware "affecting multiple entities, including municipal governments and public health and safety organizations in Canada and abroad."
"The ransomware problem is steadily worsening and a solution desperately needs to be found," said Brett Callow of the security firm Emsisoft.
"We believe that solution is a prohibition on the payment of demands. Ransomware exists only because it's profitable. If the flow of cash stops, the attacks will stop and hospitals will no longer be at risk."
==================================================================
With Wave's technology to stop ransomware, there are ways to protect hospitals and other organizations from this terrible problem.
I heard it once nicely said, "Alone we are smart. Together we are brilliant!" Too bad all the Wavoids and Wave Employees couldn't band together somehow to solve the problems that exist that shouldn't exist.
=================================================================
wavesys.com
=================================================================
Use Wave solutions, use better security!!!
Auditors assessing cybersecurity risks
https://www.accountingtoday.com/news/auditors-assessing-cybersecurity-risks-for-boards
==================================================================
PwC used the TPM and Wave software for its 2FA several years ago. PwC didn't appear to be in the headlines with a cyber attack on the company during that time. This help of the 2FA in PwC's cybersecurity with Wave and the TPM could be important information that companies would want to know when audited given it was successful!
Wave VSC 2.0 (2FA) which uses Wave software and the TPM can be set up much faster for organizations than the PwC implementation, partly because now organizations have near 100% TPMs in their computer fleets. Wave VSC 2.0 has a number of advantages over the competition.
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Marriott fined £0.05 for each of the 339 million hotel guests whose data crooks were stealing for four years
https://www.theregister.com/2020/10/30/marriott_starwood_hack_fine_just_18_4bn/
UK watchdog's mooted £99m penalty comes in at just £18.4m
==================================================================
What has been missing from Marriott is better security and Wave solutions!! Other companies/organizations that are missing better security should try Wave solutions. They'd see what they are missing, and be able to feel confident in Wave's security!!! The previous post was missing some information, and that was 36 BILLION records were exposed. Wave solutions can do better!!!
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
First the Good News: Number of Breaches Down 51% Year Over Year
https://www.darkreading.com/attacks-breaches/first-the-good-news-number-of-breaches-down-51--year-over-year/d/d-id/1339331
But the number of records put at risk experiences a massive increase. Here's why.
In the first three quarters of 2020, the number of data breaches fell to its lowest level in five years, while the number of records put at risk by those breaches skyrocketed to more than four times the level of the same nine months in 2019, according to Risk Based Security's (RBS) latest quarterly breach report.
The massive rise in the number of records exposed during breaches in 2020 is partly due to a handful of large misconfigured databases, RBS states in the Q3 report. Two breaches exposed more than 1 billion records each, and another four breaches put at risk more than 100 million records each.
While the number of breaches is typically a measure of malicious activity, the number of records exposed to risk is generally due to an increase in the discovery of misconfigured databases and services, says Inga Goddijn, executive vice president at RBS.
"When we look at the records exposed, it is important to keep in mind that the real driver behind that is the misconfigured databases and services, where folks find the open data sets, they explore and look around, and then the incident gets reported," she says. "They are more focused on the entire dataset put at risk."
There may not necessarily be fewer breaches, says Goddijn. The different numbers underscore the differences in what can be considered a data breach. RBS defines a data breach as the "unauthorized access to, or loss of control of, confidential or sensitive information," the report states.
In addition, companies hit with ransomware do not always report the incident as a breach, especially if they do not know what data has been copied by the attackers. For the first nine months of the year, RBS researchers found reports of 440 ransomware attacks that also contained a data-breach angle — whether information had been taken or the attacker had access to the information in the course of the attack.
Add to that the uncertainty of the pandemic, which has pushed a lot of breach news from the headlines, and fewer breaches may gain public notice, Goddijn says.
"I hate blaming everything on COVID because everyone does that, but I really do think that there is COVID effect," she says. "Because of world events, less breach news is being surfaced ... and information that does become public is a little bit slower to come out."
RBS also notes the election has spurred the interest of data thieves. Voter databases have appeared for sale in underground forums where stolen data is often sold. A variety of actors were selling data dumps of purported voter databases, including information on 7 million voters from Michigan, 8 million voters from North Carolina, 5 million voters from Washington state, and several files containing information of Florida voters, RBS states in its report.
Since voter registration information is often publicly available, the files do not necessarily represent breaches, but they do underscore that such data may allow attempts to meddle in the US election or enable cybercriminals to craft convincing lures as part of phishing campaigns.
"While much of this data might have been collated from older or publicly accessible sources, the potential dangers are still very real," RBS states in the report. "The increased attention and cooperation between hackers points to a growing interest and overall risk. They would most likely prefer for us to think that hacktivism isn't a real issue, given the current climate, but circulating these types of databases can leave voters feeling vulnerable and feed mistrust of voter systems."
The healthcare industry, information brokers, and the financial industry represent the top three reporting industries for breaches, highlighting how companies with the most personal information are often attacked by cybercriminals.
Companies cannot expect a one-size-fits-all approach to securing their data, Goddijn adds. They should take the effort to assess their risk, create a strategy around that risk, and keep those valuable assets protected.
"I come back to process, process, process," she says. "Your security process needs to be strong. You need to be double checking, triple checking, and having ways to discover those security weaknesses on their own."
=================================================================
Remember years ago when Wave announced a solution to tackle the data breach problem? If Wave was more prevalent, we could very well not be having a data breach problem!! Fast forward a few years and there are billions of records exposed and who knows what goes unreported!! If you are a company worried about your brand or reputation, give Wave VSC 2.0 and Wave ERAS a try! The technology built into these solutions, and TPMs can prevent the bad guys from getting on your network. This keeps the bad guys from being able to access your sensitive data!!!
=================================================================
wavesys.com
=================================================================
Use Wave solutions, use better security!!!
Wisconsin Republicans say last minute hack cost party $2 million meant to reelect Trump
https://www.cyberscoop.com/wisconsin-gop-alleges-late-race-hack-cost-party-2-3-million-from-fund-to-reelect-trump/
Less than a week before Election Day in a vital swing state, Wisconsin Republicans said on Thursday that hackers made off with $2.3 million devoted to reelecting President Donald Trump.
The Republican Party of Wisconsin said it first detected the attack on Oct. 22, then notified the FBI the following day about doctored invoices in the names of its vendors.
“Cybercriminals, using a sophisticated phishing attack, stole funds intended for the re-election of President Trump, altered invoices and committed wire fraud,” the party’s chairman, Andrew Hitt, said in a statement. “These criminals exhibited a level of familiarity with state party operations at the end of the campaign to commit this crime.”
It’s common for hacking victims to claim they were the victims of “sophisticated” attacks, whether the attacks were rudimentary or not. Hitt and a party spokesperson did not immediately respond to questions seeking further details, including any evidence the hack occurred. The FBI said it would neither confirm nor deny any investigation, as its is standard practice, and declined to comment.
The alleged hack comes as Trump is slightly behind in the Wisconsin polls against Democratic challenger Joe Biden, and as the president has laid the groundwork for undermining election results should he lose. Wisconsin, too, has been the setting for court battles over the 2020 election, including a case the Supreme Court decided this week.
News of the incident first emerged in an Associated Press interview with Hitt. Hitt offered additional information in that story, which also reported on Democrats’ fundraising edge in the state.
If the hack proves genuine, it would be the most significant hacking-related incident of this year’s campaign season.
Hitt’s description of what happened matches that of the definition of a business email compromise scam. The FBI’s Internet Crime Complaint Center estimates that between early 2014 and late 2019, BEC scams have cost U.S. businesses more than $2 billion.
BEC scams aren’t usually listed among the top threats to elections or political campaigns, but the Democratic Party of Wisconsin said it, too, has encountered financially motivated attacks.
“According to our IT team, we’ve been the target of over 800 phishing attempts this cycle, with at least half of them seeking financial gains, all of which have been stopped and recorded,” a spokesperson for the party, Philip Shulman, said via email.
The 2016 campaign was of course marked by Russia hacking Democrats’ emails, subsequently leaked in what the U.S. government said was an attempt to influence the election.
The Wisconsin case also isn’t the only time a late-race hacking allegation has surfaced. When Georgia’s then-Secretary of State Brian Kemp was running for the governor’s seat he would eventually win in 2018, he accused Democrats of trying to hack the state’s voter registration system. The Georgia attorney general found no proof of claim.
It’s likewise not uncommon for incidents originally identified as cyberattacks to prove to be something else, as happened in 2018 in Knox County, Tennessee. The Wisconsin GOP said it was still ready for the 2020 stretch run.
“While a large sum of money was stolen, our operation is running at full capacity with all the resources deployed to ensure President Donald J. Trump carries Wisconsin on November 3rd,” Hitt said.
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!
'Act of War' Clause Could Nix Cyber Insurance Payouts
https://www.darkreading.com/attacks-breaches/act-of-war-clause-could-nix-cyber-insurance-payouts/d/d-id/1339317
The indictment of six members of the Russian military for the NotPetya ransomware attack places companies on notice that insurance "is not a get-out-of-jail-free card."
==================================================================
Invest in better security (Wave solutions) so you don't have to encounter lawsuits such as the ones in this article.
==================================================================
wavesys.com
==================================================================
Use Wave solutions, use better security!!!
Survey Uncovers High Level of Concern Over Firewalls
https://www.darkreading.com/vulnerabilities---threats/survey-uncovers-high-level-of-concern-over-firewalls/d/d-id/1339301
More than half of respondents are planning to reduce their network firewall footprint because of what they see as limitations in the technology.
A relatively high percentage of cybersecurity leaders apparently perceive most firewall technologies — long a linchpin of enterprise security — as being ineffective in protecting their applications against attack.
The Ponemon Institute recently surveyed 603 US security professionals on their firewall use. The survey, sponsored by Guardicore, asked respondents to evaluate the effectiveness of firewalls in blocking ransomware and a range of other existing and emerging threats.
For purposes of the research, Ponemon defined legacy firewalls as including network appliances, virtual firewalls, and so-called next-generation firewall technologies. The survey encompassed both "stateful" firewalls that inspect incoming and outgoing network traffic and firewalls that integrate threat intelligence, intrusion prevention, application access control, and other features.
The results reveal that organizations are highly unhappy with their current firewall technologies. More than half (53%) of the respondents say they're either moving away from or reducing their dependence on firewalls and looking at other options.
Six in 10 of the security leaders in the survey believe legacy firewalls don't have the capabilities to protect critical application and systems from attack. An identical 60% describe legacy firewalls as being of little help in enabling a zero-trust environment, and 76% say it took them too much time to secure new applications or to change configurations with their legacy firewalls.
"The biggest complaints we're hearing from organizations on legacy firewalls is that they kill speed and flexibility and are not providing the required needs around security," says Dave Burton, vice president of product marketing at Guardicore.
According to Burton, 57% of respondents say they sometimes take as much as three weeks to a month to change firewall rules to accommodate an updated or new app. Sixty-two percent describe the access control policies available with their firewalls as not being granular enough.
Network segmentation — something considered critical to containing damage from a ransomware incident or other attack — is another major issue. "The inability to ensure proper segmentation of east-west traffic is a big reason why we're seeing companies reduce their firewall footprints," Burton says. "Less than half of all respondents trust their legacy firewalls to provide even adequate security for internal data center east-west traffic."
At least partly because of this, results of the Ponemon survey also suggest that legacy firewalls have become something of a roadblock for organizations that want to implement a zero-trust security model.
In a zero-trust model, all access requests to enterprise applications and data are fully vetted and authenticated each time, regardless of whether the request is from inside the enterprise network or outside. Sixty percent of the respondents in the Ponemon survey say their firewall technologies don't support the flexibility and high-speed requirements of a zero-trust environment.
"When it comes to zero trust, the failures of firewalls are intrinsically linked with their inability to rapidly accommodate new access rules and applications," Burton says. "Protecting assets in the cloud and across distributed workforces requires speed and agility, which legacy firewalls simply can't address.
Growing threat sophistication and trends such as cloud adoption and enterprise mobility have exposed some limitations in firewalls and other network security controls in recent years. The trend has focused greater attention on endpoint- and workload-focused security controls.
More than two-thirds (67%) of the respondents in the Ponemon survey, for example, say they are shifting security controls from the network closer to the endpoint and to enterprise workloads, whether on-premises or in the cloud.
"The first thing organizations need to do is realize the limitation of legacy network security technologies like the firewall and stop trying to retrofit network solutions for the way business is conducted today," Burton says. Instead, they need to consider approaches such as microsegmentation to compensate for the limitations in current network security controls, he says.
"Microsegmentation is the technique of inserting security services between two workloads to isolate them from one another and secure them individually," Burton says. "This allows system administrators to deploy flexible security policies that restrict traffic between workloads based on the principle of least privilege."
=================================================================
Instead of spending money on firewalls, spend the money towards Wave solutions which can prevent ransomware, protect against phishing, prevent data breaches, stop the stealing of sensitive data, keep unauthorized devices off your network and more...
=================================================================
wavesys.com
=================================================================
Use Wave solutions and the Wave Alternative, use better security!!!
Trump Campaign Website Defaced by Cryptocurrency Scam
https://threatpost.com/trump-website-defaced/160634/
==================================================================
Imagine if the Trump campaign used computers with Self-Encrypting Drives (SEDs) and Wave SED management!! Imagine further if the computers used Wave VSC 2.0 and Wave ERAS!! They could keep the bad guys from stealing sensitive data off their network by not allowing them on the network. For the Trump campaign and organizations in the same predicament, it's never too late!!!
=================================================================
wavesys.com
=================================================================
Use Wave solutions, use better security!!!
Enel Group hit by ransomware again, Netwalker demands $14 million
https://www.bleepingcomputer.com/news/security/enel-group-hit-by-ransomware-again-netwalker-demands-14-million/
=================================================================
Investing in Wave solutions is a small price to pay to prevent these ransomware attackers from having a field day with your data!! So many companies/organizations have tried other products for ransomware and failed. Why not try solutions that work, Wave solutions!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Attackers finding new ways to exploit and bypass Office 365 defenses
https://www.helpnetsecurity.com/2020/10/26/exploit-and-bypass-office-365-defenses/
=================================================================
Wave solutions protect against phishing, malware and other network security threats by storing authentication credentials in hardware. Wave solutions can protect against phishing in this article!!! Simple to use and better security!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
78% of Microsoft 365 admins don’t activate MFA
https://www.helpnetsecurity.com/2020/10/27/activate-microsoft-365-mfa/
=================================================================
Wave VSC 2.0 (MFA) is simple to use and could protect Microsoft 365 more easily and securely for users and organizations. Because the MFA for Microsoft 365 is difficult may be why the admins don't activate MFA!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Swedish Authorities, Banks Hit by Security Data Leak: Report
https://www.securityweek.com/swedish-authorities-banks-hit-security-data-leak-report
Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday.
A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens Nyheter.
"It's of course unfortunate that we've had a theft of data," Gunnebo CEO Stefan Syren was quoted as telling the paper.
"We are now reviewing the material and in the cases where there is sensitive information we are contacting the client," he said.
Among the leaked documents are details of the security arrangements for the Swedish parliament and confidential plans of the Swedish Tax Agency's new office on the outskirts of Stockholm, the paper said.
Plans for bank vaults in at least two German banks were leaked, while other documents show the alarm systems and surveillance cameras at a branch of the SEB bank in Sweden, it reported.
Headquartered in Sweden, Gunnebo is a multinational company with nuclear power plants, hospitals and airports among its international customers.
The hack was reported to the Swedish Security Service in August.
"We can only speculate on what the target of the attack was, but as we cannot rule out that it was an attempt at industrial espionage, it has been important to follow the regulations and we have therefore decided to inform Sapo," Syren said in a statement at the time.
The company also said it had concluded that the attack was "well organized," but no details of what data had been compromised was disclosed.
AFP has contacted Gunnebo for a comment.
Dagens Nyheter said hacking attacks based on extortion have hit many companies in recent times, in which criminals steal sensitive information and then demand a ransom not to leak the data online.
Neighboring Finland is currently dealing with an unprecedented hack after the private records of thousands of psychotherapy patients were stolen from the private healthcare company Vastaamo.
The records were first used to try to blackmail the company but then emails demanding ransoms were sent directly to patients at the weekend.
=================================================================
Gunnebo and other companies with sensitive data could have helped prevent disasters such as this by using the Wave Alternative!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Neural Networks Help Users Pick More-Secure Passwords
https://www.darkreading.com/endpoint/authentication/neural-networks-help-users-pick-more-secure-passwords/d/d-id/1339283
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary
==================================================================
Does a user need Neural Networks when he/she and his/her organization should use Wave VSC 2.0?!!! Does the above work with phishers?? Use better security, use Wave VSC 2.0!! Simpler and more secure!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Massive Nitro data breach impacts Microsoft, Google, Apple, more
https://www.bleepingcomputer.com/news/security/massive-nitro-data-breach-impacts-microsoft-google-apple-more/
Please read this interesting article.
==================================================================
It's a shame that data breaches like Nitro's occur when there are cybersecurity solutions like Wave solutions. Wave solutions allows IT to entrust that only known and approved devices are accessing your network. Therefore, unknown and unapproved devices don't get access to the network, and therefore don't get access to 1TB of sensitive data as in this case.
Wave solutions is a small price to pay for what could turn out to be an expensive disaster (70 million user records) if Wave is not used.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Cybersecurity is failing due to ineffective technology
https://www.helpnetsecurity.com/2020/10/23/cybersecurity-is-failing-due-to-ineffective-technology/
Excerpts:
A failing cybersecurity market is contributing to ineffective performance of cybersecurity technology, a Debate Security research reveals.
Based on over 100 comprehensive interviews with business and cybersecurity leaders from large enterprises, together with vendors, assessment organizations, government agencies, industry associations and regulators, the research shines a light on why technology vendors are not incentivized to deliver products that are more effective at reducing cyber risk.
The report supports the view that efficacy problems in the cybersecurity market are primarily due to economic issues, not technological ones. The research addresses three key themes and ultimately arrives at a consensus for how to approach a new model.
Cybersecurity technology is not as effective as it should be
90% of participants reported that cybersecurity technology is not as effective as it should be when it comes to protecting organizations from cyber risk. Trust in technology to deliver on its promises is low, and yet when asked how organizations evaluate cybersecurity technology efficacy and performance, there was not a single common definition.
Please see the rest of the article at the link above.
==================================================================
The Wave Alternative is unique. The technology works effectively and efficiently!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
US Army Base's Twitter Account Hacked
https://www.infosecurity-magazine.com/news/us-army-bases-twitter-account/
Excerpt:
This was not the work of our admins. Our account was hacked.
==================================================================
It would be nice if Bill Solms were still with Wave. The two previous posts relate to this. I don't use Twitter, Facebook, or LinkedIn, but others may find them very effective for things they have learned.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
5 Tips for Fighting Credential Stuffing Attacks
https://www.darkreading.com/edge/theedge/5-tips-for-fighting-credential-stuffing-attacks/b/d-id/1337896
With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts?
Sumit Agarwal takes credit for coining the term "credential stuffing." He served as deputy assistant secretary of defense under President Obama, and in 2011, while working at the Pentagon, he began to notice a pattern of brute-force attacks on public-facing military websites, where threat actors were using credentials, like usernames and passwords, stolen from one site and to gain access to other sites.
Today, Agarwal is co-founder and CTO of Shape Security, and credential stuffing has gone mainstream, making life miserable for security managers in many types of organizations.
"Credential-stuffing attacks are a massive problem today, especially with the extreme shift to online-only services due to COVID-19," says Agarwal. "Something becomes spontaneously popular - we saw this with Disney+ as soon as it came out - and is overwhelmed with targeted credential-stuffing attacks. Any time a service gets any substantial amount of traffic, they see surges in credential stuffing. We're going to see these attacks increase for online grocers, delivery services, and telehealth providers."
Simply put, credential stuffing takes place when cybercriminals obtain stolen credentials through some means – usually on the Dark Web – and then use botnets or other automation tools to try and use these stolen usernames and passwords to gain fraudulent access to multiple, other user accounts.
"Credential stuffing is a type of cyberattack where the hacker attempts to sign into a user's account using usernames and passwords that have been leaked during a data breach," says Charlotte Townsley, director of security engineering at Auth0. "During the attack, a hacker can steal a user's credentials and sell them on the Dark Web for other hackers to purchase. Other hackers can gain access to billions of leaked credentials and use bots to try different combinations of passwords, quickly, into hundreds of accounts from social platforms to banking apps."
"Credential stuffing is really a subset of brute force attacks," adds Adam Darrah, director of intelligence with Vigilante. "The major difference is the fact that threat actors are working with previously cracked or dehashed passwords, and passwords that were compromised by other attack vectors, like keyloggers and other malware, so they already have an attack-ready set of credentials at their disposal. Threat actors utilize a litany of brute force checkers, varying in sophistication, to run targeted account takeover campaigns against corporate infrastructure and websites alike."
Once in, of course, that means corporate sensitive assets could be leaked, or the attacker can possibly gain access to other private accounts or trick unsuspecting colleagues into sharing information. The potential for damage is limitless.
Attacks Are Growing and Easy to Execute
From Agarwal's early days of identifying credential-stuffing attacks on government sites, the problem is now pervasive. The most recent Verizon Data Breach Investigations Report (DBIR) from 2019 finds credential stuffing was used in 29% of all data breaches. And currently HaveIBeenPwned.com (HIBP), a free site that offers data breach notification, has information on nearly 9 billion compromised credentials from hundreds of data beaches.
I's unsurprising that criminals are drawn to it for quick success as its fairly easy today to obtain stolen credentials cheaply.
"The skills required to purchase credentials to a victim's bank account or online retail account could be learned in an afternoon of Google searches," says Darrah. "There are seemingly endless deep and Dark Web marketplaces offering account credentials for as little as $2, depending on the service or website. In some cases, they even offer refunds if the credentials don’t work as advertised."
But there are some tools and techniques security managers can put in place to mitigate credential-stuffing attacks. Security researchers we spoke with recommend the following.
1. Boost user awareness on password management: With many users still reusing passwords across accounts, one place to start is education, says Townsley: "Improving user password habits is a great start in defending against credential stuffing-attacks. Educating employees on best practices and reminding them to change their passwords on a more regular basis can make it harder for hackers to pull off a successful attack."
2. Implement multifactor authentication: Two-factor/multifactor authentication should be enabled on every account where it is allowed and available. This adds another layer that makes it more difficult for a threat attacker to penetrate.
3. Use anomaly detection tools: "These could be either free or enterprise-grade online threat intelligence tools that can help identify risk signals – such as a breached password or a higher than usual number of failed authentication attempts," says Townsley. "These can also be used to determine a sudden or unusual increase in the amount of IP addresses visiting a website – this can be a tip off that there is malicious activity happening."
4. Deploy password managers: Several enterprise password managers are available, free of charge, that can help users create unique and strong passwords for every secure account and can help cut down on the common password reuse problem. A variety of password managers suitable for both enterprises and small businesses alike, are available, among them, according to recent market research from Ovum (now part of Omdia), 1Password Business, Dashlane Business, Keeper for Business, LastPass Enterprise, ManageEngine Password Manager Pro, Pleasant Password Server, and RoboForm for Business are the leaders. Ovum also gave kudos to Bluink, Passwork, Bitwarden, TeamPassword and Passbolt for unique features.
5. Embed security into website design: "Security professionals and web developers can make a threat actor's job a little tougher by ensuring that websites use any available bruting countermeasures, including CAPTCHAs and MFA," says Darrah. "Simple changes to website functionality can also be implemented - the prompt given after a login attempt, for example.”
=================================================================
#246172 was a post on credential stuffing and so this post might help explain that post.
=================================================================
For those who do or do not believe their Twitter account can be hacked, I think this article shows what hackers can do. Check out Wave VSC 2.0 and Wave Knowd which could prevent hackers from hacking your online accounts. Both authentication solutions use the TPM as a factor of authentication to stop hackers. What is a TPM? and "Hardware-based encryption is the key to future proofing", posts 246168 and 246170. Hardware and software is stronger than software only. After reading this article, it becomes quite apparent that the TPM could help in providing better security than what exists on Twitter now! Intended messages may not find their destination without the help of readers. Thank you readers!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Researcher: I Hacked Trump’s Twitter by Guessing Password
https://threatpost.com/researcher-hacked-trumps-twitter-password/160473/
Excerpts: It took only five attempts to guess the password to President Donald Trump's Twitter account - "maga2020"
2FA requires users to have a one-time generated code, sent by email or text which needs to be entered to login. This keeps bad actors from accessing the account even if they have the username and password. "elderly people often switch off two step verification because they find it too complicated."
=================================================================
Thinking outside of the box, it would seem so easy for Mr. Trump to have the benefits of either Wave VSC 2.0 or Wave Knowd! Other users could also enjoy simpler and more secure authentication as well. They're simple so you don't have to turn them off, and for security they can't be turned off. The technology could be available, why not use it?
=================================================================
wavesys.com
=================================================================
Wave solutions, better security
French IT giant Sopra Steria hit by Ryuk ransomware
https://www.bleepingcomputer.com/news/security/french-it-giant-sopra-steria-hit-by-ryuk-ransomware/
Excerpt:
Sopra Steria is a European information technology company with 46,000 employees in 25 countries worldwide.
==================================================================
Post #246140 could show organizations that they have another way (investing in Wave solutions) to deal with ransomware. This investment could alleviate the possibility that insurance carriers could drop their insurance!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
US Treasury Department ban on ransomware payments puts victims in tough position
https://www.csoonline.com/article/3587108/us-treasury-department-ban-on-ransomware-payments-puts-victims-in-tough-position.html
The Treasury Department's advisory warns companies not to pay ransoms to sanctioned entities. The move complicates ransomware incident response and might encourage insurance carriers to drop ransomware coverage.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Retail, Hospitality and Travel Hit by 64 Billion Credential Stuffing Attacks
https://www.infosecurity-magazine.com/news/retail-hospitality-travel-64-bn/
Over 60% of credential stuffing attacks detected over the past two years have been targeted at retail, travel and hospitality businesses, according to Akamai.
The security vendor’s latest report, Loyalty for Sale, is compiled from internet traffic flowing through its extensive global content delivery network.
It revealed that, during the period July 1 2018 to June 30 2020, it detected over 100 billion credential stuffing attempts. Almost 64 billion of these were aimed at cracking open user accounts in the retail, travel and hospitality sectors.
Further, retail accounted for the vast majority (90%+) of the attacks aimed at these verticals.
Such attacks remain popular given the continuous surge of breached log-ins onto underground sites and the potentially rich pickings to be found inside cracked accounts.
“Criminals are not picky — anything that can be accessed can be used in some way,” said Steve Ragan, Akamai security researcher and report author.
“This is why credential stuffing has become so popular over the past few years. These days, retail and loyalty profiles contain a smorgasbord of personal information, and in some cases financial information too. All of this data can be collected, sold and traded, or even compiled for extensive profiles that can later be used for crimes such as identity theft.”
Akamai also claimed that during the early days of the COVID-19 crisis as consumers flooded online sites to purchase goods, cyber-criminals began recirculating old credential lists in an attempt to identity new vulnerable accounts.
The report identified not just credential stuffing activity but also attempts to compromise sites directly via SQL Injection (SQLi) and Local File Inclusion (LFI) attacks.
Akamai detected nearly 4.4 billion web attacks against the retail, hospitality and travel sectors, comprising 41% of the total across all verticals. Once again, retail (83%) was the most popular target, while SQLi attacks (79%) were the number one choice of cyber-criminals across the three verticals.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Cybersecurity company finds hacker selling info on 186 million U.S. voters
https://www.nbcnews.com/politics/2020-election/cybersecurity-firm-finds-hacker-selling-info-148-million-u-s-n1244211
The cybersecurity company Trustwave said the hacker was offering 186 million U.S. voter records and 245 million records of other personal data.
WASHINGTON — A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.
The revelation underscored how vulnerable Americans are to email targeting by criminals and foreign adversaries, even as U.S. officials announced that Iran and Russia had obtained voter registration data and email addresses with an eye toward interfering in the 2020 election.
Much of the data identified by Trustwave, a global cybersecurity company, is publicly available, and almost all of it is the kind that is regularly bought and sold by legitimate businesses. But the fact that so many names, email addresses, phone numbers and voter registration records were found for sale in bulk on the so-called dark web underscores how easily criminals and foreign adversaries can deploy it as the FBI said Iran has done recently, by sending emails designed to intimidate voters.
"An enormous amount of data about U.S. citizens is available to cyber criminals" and foreign adversaries, said Ziv Mador, vice president of security research at Trustwave, which found the material.
"In the wrong hands, this voter and consumer data can easily be used for geotargeted disinformation campaigns over social media, email phishing and text and phone scams," he added, "before, during and after the election, especially if results are contested."
The data is a mix of material stolen in various hacks of companies in recent years and publicly available data retrieved from government websites, he said. In most states, voter registration information is publicly available, for example.
Trustwave monitors dark web forums for threat information, and it came across a hacker calling himself Greenmoon2019 who was offering the data for sale. Trustwave used fictitious identities to induce the hacker to provide more information, including a Bitcoin wallet that Greenmoon2019 used to collect payment.
Bitcoin wallets — virtual storage facilities for the most commonly used cryptocurrency — publicly display transactions but not the identities of those making them. Trustwave was able to trace payments to a larger wallet, created in May, that has taken in $100 million in what the company believes is illicit proceeds, Mador said. Not all of that was from data sales, he said.
The wide availability of personal information is not new, but the idea that such a huge cache is for sale as the election approaches underscores how easy it would be for malicious actors to cause trouble. Trustwave said the hacker was offering 186 million voter records and 245 million records of other personal data.
National Intelligence Director John Ratcliffe said Wednesday night that Iran had obtained voter registration information and used it to send threatening emails to Democrats while posing as the Proud Boys, a white supremacist group. Ratcliffe said the Russian government had also obtained voter registration information.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Hardware-based encryption is the key to future proofing data protection concerns
http://digitalmarketingmagazine.co.uk/digital-marketing-data/hardware-based-encryption-is-the-key-to-future-proofing-data-protection-concerns/5077
?With recent changes to data protection laws, the data protection landscape is rapidly changing in scope, breadth and depth. Data protection is no longer simply a part of risk management, but also governance and compliance – meaning organizations today must keep up with all that is happening in the world of data protection.
The permanent physical loss of key information such as customer account information could have a severe negative impact on a business and bring about huge penalties and legal costs. The loss of confidentiality of information through a data breach can carry high security threats and put businesses of all sizes at risk. With such high security risks and huge penalties at stake, the protection of electronically stored information – in all its different expressions – should be at the forefront of any business.
As data and business processes evolve with technological advances, enterprises are actively examining how to improve the data protection function from the perspectives of people, processes and technology. In order to select the right data protection technology, the business needs to understand the overall data protection infrastructure portfolio into which individual data protection technologies should fit.
The growing advantages of hardware-based encryption
The disadvantages of software-based encryption have become increasingly apparent in the industry over the years. In software encryption, there are more possible attack vectors that can lead, among others, to the ability for a hacker to crack the password. Software encryption tools also share the processing of your computer, which can cause the whole machine to slow down as data is encrypted/decrypted.
Despite the apparent disadvantages of software-based encryption, some users remain unaware of the potential to solve these problems with hardware-based encryption. Through an industry-wide, open specification for hardware-based Self Encrypting Drives (SEDs), e.g., Opal Family Specifications, developed by Trusted Computing Group (TCG), the issues caused by software-based encryption are being addressed and the reasons for using a SED continue to grow.
Compared to software-based encryption, hardware-based encryption built into a drive offers simplified management, interoperability among drives from different vendors and most importantly no performance impact. In fact, using a SED is much more cost-effective than buying higher performance main laptop processors when software Full-Disk Encryption (FDE) is used. SEDs integrate to systems and image the same as non-encrypting drives, with no initial encryption necessary, nor re-encryption when drives are re-imaged.
SEDs and TPMs – the perfect match for future security threats
Strong user authentication is critical for better security. With a SED, access to the platform is based on secure authorization from the SED and not by the software that can be fooled into allowing unauthorized access to data. Mixing hardware-based encryption with Trusted Platform Modules (TPMs) can provide even stronger security benefits. Through combining hardware-based technologies like SEDs with TPMs, enterprises add another layer of security to their systems, ensuring the possibility of any loss of data is drastically reduced.
Hardware-based encryption brings a lot of necessary advantages including compliance, stronger security, integrated authentication and low total cost of ownership with an additional benefit of rapid data destruction or crypto-erase. While these convincing reasons remain valid, additional security scenarios provide even more compelling justification for organizations.
With ever-increasing data demands and the potential for new security threats in the future, corporations are investing in the technology to futureproof their business processes. New approaches such as SEDs, give corporations a way to obtain improved security without the shortcomings of software-based encryption. Once potential users correctly and completely understand the capabilities of SEDs and the misconceptions are corrected as well, the increasing availability of SED options will provide the solution to cope with data security threats both now and long into the future.
?Written by By TCG Storage Workgroup.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Is Encryption the Answer to Data Security Post Lockdown? #NCSAM
https://www.infosecurity-magazine.com/opinions/encryption-answer-lockdown/
Remote work and working from home has grown exponentially over the past decade. In fact, a 2018 study from Apricorn found that 100 per cent of surveyed IT decision makers noted that they had employees who work remotely at least some of the time.
However, the COVID-19 pandemic and resulting lockdown have forced a large number of employees into unfamiliar territory, not just remote work, but full-time working from home (WFH). While some businesses may have long adopted remote work strategies as part of increased flexibility, others have resisted due to the risks posed to data security and compliance efforts.
Worryingly, a more recent (2020) survey by Apricorn found that more than half (57 percent) of UK IT decision makers still believe that remote workers will expose their organization to the risk of a data breach. Employees unintentionally putting data at risk remains the leading cause of a data breach, with lost or misplaced devices the second biggest cause.
More than a remote risk
Whilst some are already transitioning back into the workplace, many are questioning whether WFH could become the new norm. The issue remains however, that remote working brings a number of challenges to data protection: be it an increased risk of external attacks, or employees’ tendency to relax security practices when working from home. Whatever the case, sensitive information leaving the confines of the office walls will always be more vulnerable than when it is safely secured on the corporate network.
Employees may well be tempted to use personal devices when working from home, or businesses may have introduced the need for video conferencing tools, or document sharing services, but it is critical that businesses take the onus on securing information before employees further put data at risk.
Our survey found that, of those with an information security strategy that covers employees’ use of their own IT equipment for mobile/remote working, forty two per cent said they permitted only corporate IT provisioned/approved devices, and have strict security measures in place to enforce this with endpoint control. Additionally, seven percent tell employees they’re not allowed to use removable media, but don’t have technology in place to prevent this.
Every organization should cover the use of employees’ own IT equipment for mobile and remote working in their information security strategy. If businesses want to secure data on the move, it is essential that encryption and endpoint control is applied to all devices, whether that be laptops, mobile phones, or removable devices such as USBs.
Data must remain on lockdown
Despite COVID restrictions showing some signs of easing, data must always remain on lockdown. Whether working from home or not, the GDPR has clear mandates for data encryption; firstly for compliance (Article 32); secondly to mitigate the impact on any organization who suffers a breach (Article 34) which removes the obligation to individually inform each citizen affected if the data remains unintelligible.
Additionally, article 83 suggests that fines will be moderated where the company has been responsible and mitigated any damage suffered by data subjects. Businesses will find that they are in a stronger position to defend themselves in the event of a breach should they be able to demonstrate the use of encryption practices.
The good news is that we have seen an increase in encryption and endpoint control. Nearly all survey respondents (94%) say their organization has a policy that requires encryption of all data held on removable media. Of those that encrypt all data held on removable media, more than half (57%) hardware encrypt all information as standard.
Businesses are seeing the value of encryption, but this is an ongoing process and it needs to cover all devices. The research highlighted that a number of those surveyed have no further plans to expand encryption on USB sticks (38%), laptops (32%), desktops (37%), mobiles (31%) and portable hard drives (40%). With so much data now moving beyond the corporate perimeter, it’s imperative to address the importance of encryption in protecting sensitive information, whilst giving staff the flexibility required to work remotely.
The value of encryption
Hardware encryption offers much greater security than software encryption and PIN pad authenticated, hardware encrypted USB storage devices offer additional, significant benefits. Being software-free eliminates the risk of keylogging and doesn’t restrict usage to specific Operating Systems; all authentication and encryption processes take place within the device itself, so passwords and key data are never shared with a host computer. This makes it particularly suited for use in highly regulated sectors such as defense, finance, government and healthcare.
By deploying removable storage devices with built-in hardware encryption, a business can roll this approach out across the workforce, ensuring all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorized to access it.
The pandemic has thrown up many challenges this year, but data protection should not have been one of them. It should not be an afterthought, something incorporated into the business strategy as a result of an incident, but one that’s core to business operations and security best practice.
Organizations should analyze their data, identify everything that should be protected, understand where it exists and how it is transported, and ensure that it is encrypted at all stages of its lifecycle. Encryption and endpoint control can ensure that data remains secure and businesses can be prepared for the risks that come with an enduring remote workforce.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
What is a TPM?
https://securityboulevard.com/2020/10/what-is-a-tpm/
A TPM, also known as a Trusted Platform Module, is an international standard for a secure cryptoprocessor and is a chip found on the computer’s motherboard. The function of a TPM is to generate encryption keys and keep a part of the key inside the TPM rather than all on the disk. This is helpful for when an attacker steals the disk and tries to access the contents elsewhere. The TPM provides hardware-based authentication so if the would-be attacker were to try and remove the chip and place it onto another motherboard, or try to tamper with the motherboard to bypass the encryption, it would deny access.
What is the Difference Between HSM and TPM?
For the most part hardware security modules (HSM) and TPMs are similar in function and are used for encryption, but there are two notable differences that can be made between the two. A hardware security module is typically an external device while TPMs are chips that are embedded into the motherboard. The other difference is that you can easily add an HSM to a computer or network, while a TPM is usually not considered feasible to add after the computer is in use.
Does My Computer Have a TPM?
Off-the-shelf computers have a TPM soldered onto the motherboard, however, if you are building your own computer then you can easily buy one as an add-on module for a relatively cheap price. Installing a TPM in your computer is very simple, just find the port on your motherboard (if it supports a TPM module) and plug it in.
Can You Remove a TPM chip?
This depends on the type of computer you owned. Like previously stated, if you purchased your computers off-the-shelf then the TPM is typically soldered onto the motherboard, meaning that removal of the TPM would damage both the TPM and motherboard rendering both useless for the attacker. However if you had the TPM as an add-on and installed it yourself, it can easily be removed, but the encrypted contents would still be safe as the TPM uses hardware-based authentication meaning that it can’t be used when affixed onto another motherboard.
Can You Clear a TPM?
Yes, all you need to do is go into your security center app. However, it is not recommended as it can lead to data loss and you would lose all created keys associated with the TPM. If you must clear your TPM, then it is strongly recommended to have a backup and recovery for any data that is stored in your TPM.
Can a TPM be Hacked?
For the most part, TPMs are secure, however a new attack found by Christopher Tarnovsky found a way to break chips that carry a TPM by essentially spying on them like a phone conversation. This attack was used on Infineon Technologies AG flagship model, which is regarded as one of the top makers of TPM chips.
So does that make TPMs a liability? Well, not exactly. This attack was so resource heavy that Tarnovsky stated that unless you are a multi-million dollar corporation, this attack just isn’t worth it and is incredibly difficult to pull off in a real-world environment.
Key Attestation
A key attestation with a TPM is like a signature where it proves the origin of the certificate to the certificate authority to acknowledge that the TPM that is making the request is the same TPM that the certificate authority trusts. Key attestation is important because it allows the private key to not only be stored on the disk, but another key to be isolated and stored inside the TPM on that device so that you can benefit from a higher level of security due to the non-exportability of the TPM key.
Trusted Platform Module with Certificates
Using a TPM as your only protection against attackers is not recommended, as although a TPM protects your files from a physical attack, the ever-present threat of the infamous MITM attack can still grant access to your files. SecureW2 uses certificates to prevent over-the-air attacks and our management portal also supports security key attestation, as our software client can attest to the location a private key has been generated on a security key, or any other device with a TPM. Our industry-leading PKI makes it easy to configure BYOD and managed devices for 802.1x authentication and self-enrollment for certificates in just a few clicks.
We have affordable options for organizations of every size. Check out our pricing here.
The post What is a TPM? appeared first on SecureW2.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Morgan Stanley Fined $60m Over Data Disposal
https://www.infosecurity-magazine.com/news/morgan-stanley-fined-60m-over-data/
American multinational investment bank and financial services company Morgan Stanley has been fined $60m for improperly disposing of personal data.
The substantial fine was imposed on Morgan Stanley Bank, N.A., and Morgan Stanley Private Bank, N.A. by the US Office of the Comptroller of Currency (OCC), which discovered deficiencies in the banks' data decommissioning practices.
The federal banking agency found that in 2016, the banks "failed to exercise proper oversight of the decommissioning of two Wealth Management business data centers located in the United States."
Among the issues flagged by the OCC were inadequate risk assessment and monitoring of third-party vendors and a failure to keep track of customer information.
A consent order for the assessment of a civil money penalty states that the banks "failed to effectively assess or address the risks associated with the decommissioning of its hardware; failed to adequately assess the risk of using third party vendors, including subcontractors; and failed to maintain an appropriate inventory of customer data stored on the devices."
Morgan Stanley, which is headquartered in New York City, was also found to have failed to exercise adequate due diligence in selecting the third-party vendor engaged by Morgan Stanley and failed to adequately monitor the vendor’s performance.
Three years on from the decommissioning of the two data centers, the OCC found data disposal at the banks was still not as it should be.
"In 2019, the banks experienced similar vendor management control deficiencies in connection with decommissioning other network devices that also stored customer data," stated the comptroller.
Morgan Stanley, at the OCC’s direction, notified potentially impacted customers of the 2016 incident, and voluntarily notified potentially impacted customers of the 2019 incident. The bank has undertaken initial corrective actions, and the OCC states that it "is committed to taking all necessary and appropriate steps to remedy the deficiencies."
The OCC found the noted deficiencies constitute "unsafe or unsound practices" and resulted in noncompliance with 12 CFR Part 30, Appendix B, "Interagency Guidelines Establishing Information Security Standards."
The $60m civil money penalty will be paid to the United States Treasury.
=================================================================
What about ABC Investment Bank that retires computers that show up on EBAY. It seems that investing in Wave SED management would be a lot better than a massive fine. Disposing of computers' hard drives is so much easier using the crypto erase feature with Wave SED management than the other methods!!! It's these difficult methods that could be the reason that the data remains on these hard drives and could lead to noncompliance and drives getting into the wrong hands, and fines!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Trump ‘Nobody Gets Hacked’ Video Goes Viral
https://www.forbes.com/sites/kateoflahertyuk/2020/10/20/trump-nobody-gets-hacked-video-goes-viral/
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Cybersecurity And Your Passwords
https://www.forbes.com/sites/forbestechcouncil/2020/10/19/cybersecurity-and-your-passwords/#e62b50137320
==================================================================
Wow, those are the recommendations. No wonder every user on the internet is fed up. Try Wave VSC 2.0 (2FA)!!! Its more secure and simpler to use (for enterprise). Wave Knowd (no passwords and unfortunately in retirement - but shouldn't be) could make the experience on the internet like no other! These two Wave solutions could make users much happier and more secure!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
CyberArk Discover Numerous Vulnerabilities In Popular Antivirus Solutions
https://latesthackingnews.com/2020/10/09/cyberark-discover-numerous-vulnerabilities-in-popular-antivirus-solutions/
Researchers from CyberArk Labs have found serious vulnerabilities in multiple antivirus solutions. Briefly, they found privilege escalation bugs in these programs that exposed the devices to cyber threats. Vulnerabilities in antimalware products are significantly threatening since these programs usually run with high privileges, often at the admin level. Hence, any bugs here, especially the privilege escalation found by CyberArk, could give elevated access to an adversary.
Briefly, the researchers observed that in most cases, the issues existed because of the default DACLs of the C:\ProgramData directory. This director, on Windows, is accessible by all users, unlike the %LocalAppData% that specifies to the logged-in user only. It means any user can read/write files in ProgramData and will have full control of the data present here. Thus, any process created by a non-privileged user that a privileged user executes later will give rise to security issues. Such exploitation could allow for symlink attacks, whilst deleting arbitrary files and point to malicious files. Also, they found DLL hijacking flaw affecting some antivirus programs. Technical details about these vulnerabilities are available in the researchers’ post. Whereas, following is the list of all programs that had the vulnerabilities, with the respective CVEs. Kaspersky: CVE-2020-25045, CVE-2020-25044, CVE-2020-25043 Trend Micro: CVE-2019-19688, CVE-2019-19689 +3 Symantec: CVE-2019-19548 McAfee: CVE-2020-7250, CVE-2020-7310 Checkpoint: CVE-2019-8452 Fortinet: CVE-2020-9290 Avira: CVE-2020-13903 Microsoft: CVE-2019-1161 Avast + F-Secure: Waiting for Mitre
Please see the link for the rest of the article.
=================================================================
Wave Endpoint Monitor sounds better and better!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!