Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
What is a TPM?
https://www.wavesys.com/what-tpm
A Trusted Platform Module (TPM) is a standards-based security chip that’s built into most of your laptop and desktop computers. In fact, it has shipped in more than 600 million laptop and desktop computers from Acer, Dell, HP, Lenovo, Panasonic, Samsung and Toshiba.
The TPM is a secure micro-controller with cryptographic features that provides a root of trust and enables the secure generation of keys and the ability to limit the use of them (to signing / verification or encryption / decryption).
It also serves as a secure container for key storage and can safeguard other data deemed too sensitive for software protection alone.
The TPM standard was created almost a decade ago by the Trusted Computing Group (TCG), an international security standards organization.
=================================================================
Even though this information is a few years old, the brochure in the link above gives a very good synopsis of the TPM as a refresher or for those who are unfamiliar with TPMs. There are now over 2 billion TPMs in existence and Wave solutions could be very helpful in the turn on and use of these TPMs.
=================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Hacker Used Raspberry Pi to Steal Sensitive NASA Docs
https://gizmodo.com/hacker-used-raspberry-pi-to-steal-sensitive-nasa-docs-1835802380
Turns out a tiny Raspberry Pi was at the source of a big headache for NASA. An audit released by the NASA Office of Inspector General on June 18 reveals that an early 2018 cyberattack utilizing one of these mini-computers resulted in a hacker making off with restricted documents.
If you’re not familiar with Raspberry Pi, it’s a small computer about the same size and shape as a credit card. Since it costs about $35, it’s a popular tool for learning the basics of computer programming, robotics, and creating DIY projects. (You may have seen one featured in an episode of Mr. Robot.) As you might guess, its small size and flexible use mean people don’t always employ it for good.
Which brings us to NASA: The “unauthorized” Raspberry Pi created a portal through which the attacker pilfered files from the Jet Propulsion Laboratory (JPL), which handles robotic space and Earth science missions, including the Mars Curiosity rover, according to the agency’s OIG. This particular breach was discovered in April 2018, when JPL found an external user’s account was compromised. The hacker, using an unauthorized Raspberry Pi connected to the system, was able to expand their access once they logged into the network.
Two of the 23 stolen files—about 500MB in total—involved restricted information relating to the International Traffic in Arms Regulation and Mars Science Laboratory mission. Additionally, the hacker accessed two out of three primary JPL networks, leading NASA to temporary disconnect several space-flight-related systems from the JPL network. Perhaps most frightening is that the hack went undetected for 10 months.
Also disturbing: JPL didn’t have a complete or accurate inventory of system components on its network, according to the OIG report. Neither did it have security controls to consistently monitor and detect cyberattacks on its network—so administrators had no idea the Raspberry Pi was there because it wasn’t logged properly. As a result, it wasn’t properly monitored, and taking control over an unsupervised, practically ‘non-existent’ Raspberry Pi is ostensibly a fairly easy task for a hacker. According to the BBC, the audit found several other [b]“unknown” devices on the JPL network, though none were believed malicious.
So far no culprit has been caught or identified, though NASA’s OIG report says the investigation is ongoing. In the meantime, JPL has installed more monitoring agents on its firewalls and says it’s reviewing network access agreements for external partners. Gizmodo reached out to NASA for comment and how the agency plans to improve its lax security going forward but did not immediately receive a response.
==================================================================
Only known and approved devices (see highlights below) should have access to NASA's sensitive networks (Government networks as well)!!! Wave VSC 2.0 and Wave ERAS would have stopped this hacker!! Organizations not using two solutions such as these seems crazy if they were aware of them. The link below if read by those in government and commercial organizations may save organizations such as NASA a lot of money, their reputation and a lot of avoidable stress!!
=================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Millions of Dell PCs Vulnerable to Flaw in Third-Party Component
https://threatpost.com/millions-of-dell-pcs-vulnerable-to-flaw-in-third-party-component/145833/
Warning Issued For Millions Of Microsoft Windows 10 Users
https://www.forbes.com/sites/gordonkelly/2019/06/22/microsoft-windows-10-problem-warning-dell-diagnostics-security-upgrade-windows/#3f9e54ff3f28
Excerpt:
Worse still, PC makers are currently engaged in a game of Whack-A-Mole trying to make Toolbox secure. SafeBreach reports it initially found flaws in Toolbox back in April and Dell released a patch to address it, but now SafeBreach has found further vulnerabilities and looks highly that they will not be the last.
==================================================================
Given the problems with the PC Doctor, and the possibility of computer system takeovers, Wave Endpoint Monitor is a harderned (TPM) solution that could better protect the computer against APTs while checking the PCs health. PC Doctor appears to be a software only solution and doesn't have the protection of a hardware (TPM) solution like WEM!!! It makes sense to use a safer solution like Wave Endpoint Monitor!
==================================================================
https://www.wavesys.com/buzz/pr/american-megatrends-and-wave-extend-uefi-support-windows-8-bios-malware-detection
American Megatrends and Wave to Extend UEFI Support in Windows 8 for BIOS Malware Detection
Excerpt:
Endpoint Monitor can then prove to a Cloud service or to an enterprise application that the PC has booted in a known, good state. If a platform is compromised, IT can determine which machine is infected, and take steps to prevent it from accessing sensitive systems to ensure that critical systems and data remain safe.
U.S. Government Warns of Data Wipers Used in Iranian Cyberattacks
https://www.bleepingcomputer.com/news/security/us-government-warns-of-data-wipers-used-in-iranian-cyberattacks/
Excerpt:
In times like these it's important to make sure you've shored up your basic defenses, like using multi-factor authentication....
==================================================================
Wave VSC 2.0 should be the better security (multi-factor authentication) that organizations would want to use to protect against the Iranian cyberattacks!!!
Wave Endpoint Monitor could stop those sneaky wiper malware attacks!!!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/malware-protection
https://www.wavesys.com/products/wave-endpoint-monitor
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Android Malware Bypasses 2FA by Stealing One-Time Passwords
https://www.bleepingcomputer.com/news/security/android-malware-bypasses-2fa-by-stealing-one-time-passwords/
==================================================================
Those using one-time passwords as a second factor of authentication (2FA) has shown in this article to be a potential weak link exploited by hackers! Wave VSC 2.0 doesn't use a one-time password, but rather a PIN and the TPM for its enterprise two factor authentication for better security!!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
U.S. Escalates Online Attacks on Russia’s Power Grid
https://www.nytimes.com/2019/06/15/us/politics/trump-cyber-russia-grid.html
WASHINGTON — The United States is stepping up digital incursions into Russia’s electric power grid in a warning to President Vladimir V. Putin and a demonstration of how the Trump administration is using new authorities to deploy cybertools more aggressively, current and former government officials said.
In interviews over the past three months, the officials described the previously unreported deployment of American computer code inside Russia’s grid and other targets as a classified companion to more publicly discussed action directed at Moscow’s disinformation and hacking units around the 2018 midterm elections.
Advocates of the more aggressive strategy said it was long overdue, after years of public warnings from the Department of Homeland Security and the F.B.I. that Russia has inserted malware that could sabotage American power plants, oil and gas pipelines, or water supplies in any future conflict with the United States.
But it also carries significant risk of escalating the daily digital Cold War between Washington and Moscow.
The administration declined to describe specific actions it was taking under the new authorities, which were granted separately by the White House and Congress last year to United States Cyber Command, the arm of the Pentagon that runs the military’s offensive and defensive operations in the online world.
But in a public appearance on Tuesday, President Trump’s national security adviser, John R. Bolton, said the United States was now taking a broader view of potential digital targets as part of an effort “to say to Russia, or anybody else that’s engaged in cyberoperations against us, ‘You will pay a price.’”
Power grids have been a low-intensity battleground for years.
Since at least 2012, current and former officials say, the United States has put reconnaissance probes into the control systems of the Russian electric grid.
But now the American strategy has shifted more toward offense, officials say, with the placement of potentially crippling malware inside the Russian system at a depth and with an aggressiveness that had never been tried before. It is intended partly as a warning, and partly to be poised to conduct cyberstrikes if a major conflict broke out between Washington and Moscow.
The rest of the article is at the link above.
==================================================================
Now would be a great time to use the defensive cybersecurity advantage that the U.S. would have in Wave solutions by awarding a contract to them. This contract awarded earlier could have prevented a lot of this escalating offensive maneuvering, and now could help stop a future cyber war!! Defense wins championships!!
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
DNS Firewalls Could Prevent Billions in Losses to Cybercrime
https://www.darkreading.com/network-and-perimeter-security/dns-firewalls-could-save-companies-billions/d/d-id/1334965
New analysis shows widespread DNS protection could save organizations as much as $200 billion in losses every year.
DNS protection could prevent approximately one-third of the total losses due to cybercrime – which translates into billions of dollars potentially saved.
According to "The Economic Value of DNS Security," a new report published by the Global Cyber Alliance (GCA), DNS firewalls could annually prevent between $19 billion and $37 billion in losses in the US and between $150 billion and $200 billion in losses globally. GCA used data about cybercrime losses from the Council of Economic Advisors and the Center for Strategic and Internation Studies as the basis for its GCA's estimates of how much DNS protection, such as a DNS firewall, could save the economy.
"The benefit from using a DNS firewall or protective DNS so exceeds the cost that it's something everyone should look at," says Philip Reitinger, GCA president and CEO. In many cases, he says, the DNS protection service or DNS firewall will be available at no cost to purchase or license.
But could any cost, no matter how small, be offset by the difficulty in deploying or managing the protection? Not likely. "In most cases, it will be extremely easy to do. There's no new software here," Reitinger says. When it comes to protecting endpoints, it could be as simple as changing the address used for DNS resolution in the computer's network settings. And for some companies, the adoption will be only slightly more difficult.
The only real difficulty, Reitinger says, comes if the firewall begins generating false-positives, blocking traffic to destinations that serve a legitimate business purpose. Should that happen, firewall rules will need to be manually overridden. "If you see people trying to going out to various services, you get to write the rules that allow or block the destination in spite of the firewall," he says.
One legitimate point of concern is the data on DNS traffic that the protection provider might collect, Reitinger adds. Knowing about an organization's traffic patterns provides a great deal of information about the organization itself, he says. In this case, asking serious questions of the provider before signing a contract or changing a resolution server address can prevent privacy concerns in the future.
==================================================================
Wave solutions provide better data security protection and could prevent billions in losses, but if organizations were to use firewalls for their data protection, SEDs and Wave SED management could help protect the data outside the firewall!!!
==================================================================
https://www.wavesys.com/buzz/news/securing-data-moving-target-self-encrypting-drives-deliver-top-security-performance-and--0
Securing Data on a Moving Target: Self-Encrypting Drives Deliver Top Security, Performance and Manageability
Author:
Lark Allen
storagereview.com -
Friday, August 3, 2012 -
Today’s increasingly mobile work force has moved more and more end-users, devices, computing applications and highly sensitive data beyond the safety of the enterprise firewall. As the number of laptops multiplies across the enterprise, the prospect of a security breach through a lost or stolen device shifts from a speculative risk to a virtual inevitability. Such breaches can now be measured in dollar signs, as underscored by a 2009 study by the Ponemon Institute, which estimated a lost or stolen laptop can cost an enterprise $200 for every customer record stored on the device. Much of these costs derive from penalties imposed by “Notice of Breach” laws adopted by 46 states, the District of Columbia and throughout Europe with the European Union Data Protection Directive and the Data Protection Act in the U.K. Such laws often require a company to publicly report security breaches unless it can guarantee the data is safe and unable to be misused by unauthorized persons.
=================================================================
https://www.wavesys.com/products/wave-self-encrypting-drive-management
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Yubico Replacing YubiKey FIPS Devices Due to Security Issue
https://www.securityweek.com/yubico-replacing-yubikey-fips-devices-due-security-issue
Yubico is in the process of replacing YubiKey FIPS (Federal Information Processing Standards) security keys following the discovery of a potentially serious cryptography-related issue that can cause RSA keys and ECDSA signatures generated on these devices to have reduced strength.
In a security advisory published on Thursday, the company informed customers that the issue impacts YubiKey FIPS series devices running versions 4.4.2 and 4.4.4 of the firmware (version 4.4.3 does not exist), including Nano FIPS, C FIPS and C Nano FIPS devices. No other Yubico products appear to be impacted.
“[Random] values leveraged in some YubiKey FIPS applications contain reduced randomness for the first operations performed after YubiKey FIPS power-up. The buffer holding random values contains some predictable content left over from the FIPS power-up self-tests which could affect cryptographic operations which require random data until the predictable content is exhausted,” Yubico said in its advisory.
“This issue occurs only during the power-up of the YubiKey FIPS Series, version 4.4.2 or 4.4.4. After the predictable content in the random buffer is consumed, the buffer will be filled with the intended full random number generator output, and all subsequent use of randomness will not be affected,” it added.
The issue impacts PIV smart card applications, Universal 2nd Factor (U2F) authentication, OATH one-time passwords, and OpenPGP.
The flaw was discovered internally by Yubico in mid-March and it was patched with the release of firmware version 4.4.5, which received FIPS certification on April 30. The vendor says it’s not aware of any incidents exploiting this weakness.
Yubico has actively reached out to customers to inform them of the free device replacement and says a majority of the affected security keys have already been replaced or are in the process of being replaced. Users who have not heard from the company have been advised to visit a replacement portal set up for this purpose.
The news comes just weeks after Google announced that it was replacing its T1 and T2 Titan Security Key dongles due to a misconfiguration in the Bluetooth pairing protocols.
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
Get better security at less than half the cost
Passwords are weak. Tokens are expensive. Don’t compromise on security or price.
Wave Virtual Smart Card does anything your physical smart cards and tokens do, but it starts with hardware you already have: the Trusted Platform Module (TPM), a hardware security chip built into the motherboard of most business-class PCs. You may not even know you have it, but once you do, the TPM can be used in a myriad of ways. Wave turns it into a smart card, embedded directly into your laptop.
What can it be used for?
What do you use your smart card for today? With the exception of keying open the door at work, Wave Virtual Smart Card can perform any of the services or applications you rely on your smart card for today. Secure VPN, WiFi, remote desktop, cloud applications – it can all be done with a virtual smart card.
One helpdesk call you'll never get: "I lost my virtual smart card again..."
There are so many ways to lose a token – couch cushions, street drains, curious toddlers. In fact, up to 30% of all tokens are eventually lost. It’s much harder to lose a laptop, and you notice a lot faster when you do.
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
What will you do with >50% TCO savings?*
Tokens and smart cards require an additional hardware purchase, plus the time and money to ship to remote users. Use something that’s already in the users’ hands (the TPM), and your acquisition and deployment costs are lower.
Then consider the management savings in not having to replace lost and stolen tokens. That means fewer helpdesk calls, less interruption of user productivity, and fewer acquisition and shipping costs.
When we say “secure”…
…we mean it. Our solution starts with a proven hardware root-of-trust. Multi-factor authentication is an established best-practice for strong authentication: the TPM-based virtual smart card is one factor (something you have) and the user PIN is a second factor (something you know).
*Actual number may vary. Contact us today to receive more details and a free quote.
Key Features:
• Full lifecycle management of virtual smart cards
• Intuitive interface to create (or delete) virtual smart cards
• Command line option to create and delete virtual smart cards
• Flexible PIN policies
• Helpdesk-assisted PIN reset and recovery
• Generates reports for compliance
• Integrates with Active Directory
• Supports familiar use cases ? Virtual Private Network (VPN)
? Local logon
? Remote logon
? Remote desktop access
? Intranet/Extranet
? Cloud applications
==================================================================
Wave Systems Announces First U.S. Federal Government Customer for Wave Virtual Smart Card 2.0
https://www.wavesys.com/buzz/pr/wave-systems-announces-first-us-federal-government-customer-wave-virtual-smart-card-2.0
Lee, MA -
October 2, 2014 -
Wave Systems Corp. (NASDAQ: WAVX) marked an important sales milestone by announcing the first U.S. federal government customer for its Virtual Smart Card 2.0.
Since the Virtual Smart Card 2.0 became commercially available in late July 2014, Wave has entered into dozens of pilot deployments in multiple sectors, including healthcare, financial services, automotive, energy and utilities. However, today’s announcement marks the product’s first sale in the government sector.
“This is an important milestone for Wave,” said Bill Solms, CEO of Wave. “Wave Virtual Smart Card 2.0 has been purchased by a government agency with significant security requirements and one that requires redundant means of system authentication due to national security interests. This initial sale is modest compared to the addressable market within the Federal Government sector, but it is important to our strategy for marketing the Virtual Smart Card to address critical government infrastructure defense.”
“We believe that this sale, which was completed on a shorter sales cycle than we had anticipated, supports our view that customers are interested in the type of cyber security solution that Wave’s Virtual Smart Card 2.0 provides,” Solms added.
Wave Virtual Smart Card 2.0 is the industry’s only enterprise-grade virtual smart card management solution that works on Windows 7. It also supports Windows 8 and 8.1. Wave’s new solution emulates the functionality of physical smart cards or tokens, but offers greater convenience to users, lower total cost of ownership, and a reduced risk of unauthorized use.
Wave Virtual Smart Card 2.0 gives IT the ability to:
• Remotely create and delete virtual smart cards
• Provide help desk-assisted recovery
• Configure PIN and card policies
• View the status of virtual smart cards and enrolled certificates
• Generate reports for compliance
• Support virtual smart cards on laptops, tablets and desktops with TPM 1.2 or TPM 2.0
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Congress to take another stab at 'hack back' legislation
https://www.cyberscoop.com/hack-back-bill-tom-graves-offensive-cybersecurity/?utm_campaign=CyberScoop%20-%20Editorial&utm_content=94085766&utm_medium=social&utm_source=twitter&hss_channel=tw-720664083767435264
The concept of “hacking back” — which has often been referred to as “the worst idea in cybersecurity” — has resurfaced again in Washington.
Rep. Tom Graves, R-Ga., is reintroducing a bill Thursday that would allow companies to go outside of their own networks to identify their attackers and possibly disrupt their activities. While Graves has made previous attempts to legalize the practice, “hacking back” would currently be a violation of the Computer Fraud and Abuse Act. The CFAA, enacted in 1986, makes it illegal to access computers without authorization.
Graves told CyberScoop the bill is necessary in part because companies are left without recourse when they are attacked.
“Where do they turn — can they call 911? What do they do?” Graves said. “They have nowhere to turn.”
The incentive to pass this bill, Graves says, also stems in part from the fact that there are no guidelines right now for companies that he says are already hacking back.
“We know…this is already occurring and unfortunately it’s occurring in a gray area in which there aren’t guardrails in place and there’s not rules of the road,” Graves said. “What we’re attempting to do is make permissible … activities that can occur outside of one’s network, while at the same time having liability and privacy protections in place.”
The bipartisan bill, which has 15 cosponsors, would also allow companies to monitor attacker behavior. If passed into law, Graves hopes companies will gather info from their attackers and share it with the federal government. However, the bill does not mandate that action.
Since Graves last introduced the bill, the U.S. government’s approach to offensive cyber-operations has started to change.
U.S. Cyber Command has gained new authorities that allow it to conduct more offensive cyber-operations. Just this week, White House National Security Adviser John Bolton said the U.S. is expanding its focus of offensive cyber-operations beyond just electoral contexts and responding to economic cyberthreats offensively as well.
“You’re seeing a complete evolution of acceptance of this concept,” Graves said. “[Bolton] is in essence echoing the thoughts and the concepts of the act.”
Critics have long said that opening offensive cyber capabilities to private companies in addition to the work the government is already doing to defend networks could create unwanted chaos.
“If such legislation passes, we run the risk of a future of cyber crossfire – where businesses, organizations, and governments alike will suffer operational downtime inflicted by incorrect targeting,” Justin Fier, Darktrace’s director for cyber intelligence and analysis, told CyberScoop.
Fier added that hacking back is a dangerous idea because perpetrators behind cyberattacks go to great lengths to obfuscate their identities.
“The art of making an attack look like it is coming from someone else is fairly straightforward,” said Fier. “It is simple to run a false flag operation, and threat actors know to never attack from their own infrastructure, but instead use other peoples’ infrastructure, usually unwittingly, to further hide from detection.”
There have also been critics of the concept inside the federal government. FBI Director Christopher Wray has indicated the FBI is not supportive of hacking back.
“We don’t think it’s a good idea for private industry to take it upon themselves to retaliate by hacking back at somebody who hacked them,” Wray said during an April event hosted by the Council on Foreign Relations.
Alongside Wray, there is a cavalcade of cybersecurity researchers and government officials who think this kind of proposal should be dead on arrival, in part because they don’t trust companies to know who attacked them.
David Hogue, senior technical director at the National Security Agency’s Cybersecurity Threat Operations Center, told CyberScoop he is wary of hacking back because he finds attribution is still difficult to come by.
“Attribution is really hard and you have to be absolutely certain that you’re going after who you think it is,” said Hogue, who led the NSA’s attribution of the 2014 Sony attack.
The bill’s text says only those that are “qualified defenders with a high degree of confidence in attribution” should be hacking back. When asked if there are limits the government can impose on who hacks back based on their technical ability to know who hacked them, Graves said he had considered it but that the language isn’t in the bill text at the moment.
“We grappled with that a little bit and decided to leave that up to the legislative process whether or not a certification process was necessary,” Graves told CyberScoop.
Other critics point to better defenses, not hacking back, as the solution to deter adversaries.
“If you’re hacking back, first of all you didn’t do your job from a network defense perspective,” the NSA’s Hogue told CyberScoop
=================================================================
Rather than becoming an organization that potentially fights false battles, use Wave VSC 2.0, Wave ERAS and Wave's other solutions to become an organization that has better security, and doesn't need to go on the dangerous offensive.
==================================================================
https://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
First framework to score the agility of cyber attackers and defenders
https://www.helpnetsecurity.com/2019/06/12/framework-agility-cyber-attackers-and-defenders/
To help train government and industry organizations on how to prevent cyberattacks, as part of a research project for the U.S. Army, scientists at The University of Texas at San Antonio, developed the first framework to score the agility of cyber attackers and defenders.
“The DOD and U.S. Army recognize that the cyber domain is as important a battlefront as ground, air and sea,” said Dr. Purush Iyer, division chief, network sciences at Army Research Office, an element of the Army Futures Command’s Army Research Laboratory. “Being able to predict what the adversaries will likely do provides opportunities to protect and to launch countermeasures. This work is a testament to successful collaboration between academia and government.”
The framework developed by the researchers will help government and industry organizations visualize how well they out-maneuver attacks.
The importance of cyber agility
“Cyber agility isn’t just about patching a security hole, it’s about understanding what happens over time. Sometimes when you protect one vulnerability, you expose yourself to 10 others,” said Jose Mireles, who works for the DOD and co-developed this first-known framework as part of his UTSA master’s thesis.
“In car crashes, we understand how to test for safety using the rules of physics. It is much harder to quantify cybersecurity because scientists have yet to figure out what are the ‘rules of cybersecurity.’ Having formal metrics and measurement to understand the attacks that occur will benefit a wide range of cyber professionals.”
Developing quantifiable metrics
To develop quantifiable metrics, Mireles collaborated with a fellow UTSA student Eric Ficke, researchers at Virginia Tech, and a researcher at CCDC ARL and the U.S. Air Force Research Laboratory.
The project under the supervision of UTSA Professor Shouhuai Xu, who serves as the director of the UTSA Laboratory for Cybersecurity Dynamics. Together, they used a honeypota computer system that lures real cyber-attacksto attract and analyze malicious traffic according to time and effectiveness. As both attackers and defenders created new techniques, the researchers were able to better understand how a series of engagements transformed into a new adaptive and responsive agile pattern or what they called an evolution generation.
“The cyber agility framework is the first of its kind and allows cyber defenders to test out numerous and varied responses to an attack,” Xu said. “This is an outstanding piece of work as it will shape the investigation and practice of cyber agility for the many years to come.”
Mireles added, “A picture or graph in this case is really worth more than 1,000 words. Using our framework, security professionals will recognize if they’re getting beaten or doing a good job against an attacker.”
==================================================================
With Wave ERAS and Wave VSC 2.0, the DOD wouldn't have to test the attackers agility, they'd keep them off the network. It's a better defense so they don't have to launch 'countermeasures'!! Using Wave solutions would be more successful than having to try to figure out the enemy, they'd be able to keep them off the network (as an unknown and unapproved device)!! Wave should have a salesperson like Bill Solms to enhance the way of thinking of the DOD and Army on this very effective technology below so they could have a better defense!! Is the contents of this article and the status quo truly going to help create a great cyber defense like Wave solutions could?!
=================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/contact-information
Cybersecurity News: Hackers Could Soon Find Out Your Passwords Through Listening
https://www.ibtimes.com/cybersecurity-news-hackers-could-soon-find-out-your-passwords-through-listening-2799425
================================================================
The hacker would need the TPM in order for him/her to make use of the scenario that was in this article!! See excerpts in the links (Wave VSC 2.0 and Wave ERAS) below which indicates a strong and helpful defense against those in this study (potential hackers) trying to obtain passwords through listening!!
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Token-free, password-free user authentication
We know you’ve dreamt about shredding your list of passwords. Go on and do it.
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
==================================================================
For more information about Wave's outstanding solutions, please see the links below.
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Major HSM vulnerabilities impact banks, cloud providers, governments
https://www.zdnet.com/article/major-hsm-vulnerabilities-impact-banks-cloud-providers-governments/
Researchers disclose major vulnerabilities in HSMs (Hardware Security Modules).
Two security researchers have recently revealed vulnerabilities that can be exploited remotely to retrieve sensitive data stored inside special computer components known as HSMs (Hardware Security Modules).
HSMs are hardware-isolated devices that use advanced cryptography to store, manipulate, and work with sensitive information such as digital keys, passwords, PINs, and various other sensitive information.
In the real world, they can take the form of add-in computer cards, network-connectable router-like devices, or USB-connected thumb drive-like gadgets.
They are usually used in financial institutions, government agencies, data centers, cloud providers, and telecommunications operators. While they've been a niche hardware component for almost two decades, they are now more common than ever, as many of today's "hardware wallets" are, basically, fancily-designed HSMs.
Remote attack discovered in one HSM brand
At a security conference in France this past week, two security researchers from hardware wallet maker Ledger have disclosed details about several vulnerabilities in the HSM of a major vendor.
The duo's research paper is currently available only in French, but the two are also scheduled to present their findings at the Black Hat security conference that will be held in the US in August.
According to a summary of this upcoming presentation, the vulnerabilities they discovered allow a remote unauthenticated attacker to take full control of the vendor's HSM.
"The presented attacks allow retrieving all HSM secrets remotely, including cryptographic keys and administrator credentials," researchers said.
Furthermore, the two also said they can "exploit a cryptographic bug in the firmware signature verification to upload a modified firmware to the HSM."
"This firmware includes a persistent backdoor that survives a firmware update," they added.
Vendor unnamed -- for now
The duo, made up by Gabriel Campana and Jean-Baptiste Bédrune, said they reported the findings to the HSM maker, which "published firmware updates with security fixes."
The two did not name the vendor, but the team behind the Cryptosense security audit software pointed out that the vendor may be Gemalto, which issued a security update last month for its Sentinel LDK, an API for managing hardware keys on HSM components.
--The rest of the article is continued at the link.
==================================================================
TPMs with Wave VSC 2.0/Wave ERAS could manage the keys and strong authentication rather than these HSMs!! TPMs and Wave solutions could be the new critical piece for the organizations mentioned above!!
=================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
Microsoft removes facial recognition database
https://seekingalpha.com/news/3469653-microsoft-removes-facial-recognition-database
•Microsoft (NASDAQ:MSFT), Duke University, and Stanford University quietly delete their respective facial recognition training databases following an earlier FT report the sites were being used by the likes of Chinese firms SenseTime and Megvii.
•The MS Celeb database was published in 2016 and contained 10M images of nearly 100K individuals collected by web scraping under a Creative Commons license.
•Microsoft: “The site was intended for academic purposes. It was run by an employee that is no longer with Microsoft and has since been removed.”
=================================================================
How many databases like this are in existence? Using Wave VSC 2.0 could be better privacy and security given articles like this. Using Windows Hello which has facial recognition as an option could be less secure and private (due to instances like this article) for the user and company using it than a PIN and TPM! Wave VSC 2.0 has the PIN and TPM as the second factor of authentication. Wave VSC 2.0 works with Windows 7, 8, 8.1 and 10. Windows Hello works with all of these except Windows 7. Wave VSC 2.0/Wave ERAS is the better enterprise 2FA choice for organizations!!
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
=================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Token-free, password-free user authentication
We know you’ve dreamt about shredding your list of passwords. Go on and do it.
Because you are starting the authentication process in the device’s hardware, the user doesn’t have to interact with it. All users see is their usual Windows log-in screen – no more additional passwords to access the VPN or other resources. They just sign in once, and the secure credentials in their TPMs securely and quickly connect them to everything they need. Say goodbye to user frustration and slow OS performance.
==================================================================
https://www.wavesys.com/contact-information
https://www.wavesys.com/
Criminals are selling hacking services targeting world’s biggest companies
https://www.helpnetsecurity.com/2019/06/07/targeted-hacking-services/
A new study – undertaken by Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey, and underwritten by Bromium – provides details of first-hand intelligence gathered from covert discussions with dark net vendors, alongside analysis by a panel of global industry experts across law enforcement and government.
Key findings:
•4 in 10 dark net vendors are selling targeted hacking services aimed at FTSE 100 and Fortune 500 businesses
•A 20% rise in the number of dark net listings with a direct potential to harm the enterprise since 2016
•The dark net has become a haven for custom-built, targeted malware, with threats tailored to specific industries or organizations outnumbering off-the-shelf varieties 2:1
•Access to corporate networks is sold openly – 60% of vendors approached by researchers offered access to more than ten business networks each
•70% of dark net vendors engaged invited researchers to talk on encrypted messaging applications, like Telegram, to take conversations beyond the reach of law enforcement.
“The dark net has become a veritable candy store for anyone looking to steal IP and corporate data or disrupt business operations,” commented Gregory Webb, CEO of Bromium. “A world once dominated by off-the-shelf malware has been replaced by a service-driven, on-demand economy. Savvy dark net vendors have responded to increased demand for business access and targeting, offering bespoke malware, access to corporate networks, and targeted corporate espionage services. Any business relying solely on detection should be on notice, as custom malware will be unknown to their systems and will be free to pass through undetected to its target. Organizations should adopt a defense in depth security strategy that includes application isolation capabilities to identify and contain threats, as well as the ability to generate in-depth threat telemetry to stop cybercriminals from obtaining persistent footholds in corporate networks.”
Bespoke services in vogue
The industries most frequently targeted by malware tools being traded on the dark net are banking (34%), ecommerce (20%), healthcare (15%), and education (12%) – with targeted malware becoming increasingly popular to improve the effectiveness of campaigns.
“Almost every vendor offered us tailored versions of malware as a way of targeting specific companies or industries,” said Dr. Mike McGuire, Senior Lecturer in Criminology at the University of Surrey. “The more targeted the attack, the higher the cost, with prices rising even further when it involved high-value targets like banks. The most expensive piece of malware found was designed to target ATMs and retailed for approximately $1,500.”
More than 40% of attempts by researchers to request dark net hacking services targeting companies in the Fortune 500 or FTSE 100 received positive responses from dark net vendors. “These services typically come with service plans for conducting the hack, with prices ranging from $150 to $10,000 depending on the company involved and the extent to which the malware was customized for targeted attacks,” Dr. McGuire explained.
Targeted access and phishing
Within every dark net market that researchers examined, vendors offered access to a diverse range of business networks, with banking and finance (29%), healthcare (24%), ecommerce (16%), and education (12%) corporate networks being the most common. “The methods for providing access varied considerably,” Dr. McGuire explains. “Some involved stolen remote access credentials that are for sale for as little as $2, others involve backdoor access or the use of malware. Illicit remote access tools appear to be most popular – we were offered Remote Access Trojans at least five times more often than keyloggers.”
Phishing also remains a preferred method for infiltrating corporate networks, with dark net vendors offering kits and tutorials to create convincing lures for phishing campaigns using genuine-looking company invoices and documentation.
“Purchasing corporate invoices is easy on the dark net, with prices ranging from $5-$10,” continues Dr. McGuire. “These documents can be used to defraud organizations or as part of phishing campaigns to trick employees into opening malicious links or email attachments, which deliver malware that triggers a breach or gives hackers a backdoor into corporate networks which could be sold on the dark net.”
“Organizations need to strengthen their defenses to protect their endpoints and networks against threats posed by the dark net,” Dr. McGuire concludes. “But the dark net can also help them in gathering intelligence and monitoring threats that are out there. Enterprises, researchers, and law enforcement must continue to study the dark net to get a deeper understanding of the adversaries that we are dealing with, and better prepare ourselves for counteracting the effects of a growing cybercrime economy.”
==================================================================
Wave has solutions that can stop things like custom malware (Wave Endpoint Monitor), keyloggers (Wave VSC 2.0), Remote Access Trojans (WEM), and remote access credentials being purchased for $2 wouldn't affect those using Wave VSC 2.0 (the hackers would have to have the TPM!), and phishing (Wave VSC 2.0/Wave ERAS)!!
==================================================================
https://www.wavesys.com/malware-protection
Excerpt:
A sophisticated attacker is able to fine tune the behavior of the malware he is writing against various known anti-malware software solutions, so that it can evade detection for long periods of time. ----(custom malware)
https://www.wavesys.com/products/wave-endpoint-monitor
Excerpts:
Detect attacks before it’s too late
Malware can do its work for weeks or months before you ever know it’s there. But with Wave Endpoint Monitor, you can spot malware before it has a chance to cause damage.
Antivirus software can’t detect rootkits and other malware; it works at the level of the OS and isn’t very good at seeing deeper into the system. For example, it can’t tell whether the boot record is lying. The Wave alternative is to work with the Trusted Platform Modules (TPMs), or security chips, embedded in your devices. By using the TPM to attest to the security of the device each time that device boots, Wave looks below the operating system and can help detect threats lurking there. Every time a device boots up, Wave Endpoint Monitor makes a comparison against previous boot values, and if anything deviates from the norm, it alerts you immediately.
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
Excerpt:
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
==================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Key Features:
Strong Security
• Authenticate securely, encrypt email, and prove integrity of the device with one management console
• Protect against phishing, malware and other network security threats by storing authentication credentials in hardware
• Provide centralized enforcement of custom policies
Low TCO
• Reduce operating expenses by eliminating password reset and shortening deployment times
• Minimize capital expenses by using hardware you already have
• Integrate with Microsoft Active Directory for IT familiarity
Superior User Experience
• No more tokens or smart cards to achieve two-factor authentication
• Eliminate VPN/WiFi/website passwords for faster access to resources
• No add-on software means improved OS performance
Flexibility
• Compatible with Windows 8.1, 8, 7 and Vista operating systems – manage mixed environments from one console
• Create custom management policies to suit your organization’s needs
• User and device authentication from a common console
Seamless Device Authentication
• Access control over wireless (i.e. 802.1x)
• Single sign-on
• VPN authentication (i.e. Microsoft DirectAccess)
==================================================================
Wave solutions are powerful in what they can accomplish, and the targeted companies and other organizations as well could highly benefit from using them!!!
=================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
2018 in numbers: Data breaches cost $654 billion, expose 2.8 billion data records in the U.S.
https://www.helpnetsecurity.com/2019/06/05/2018-data-breaches-cost-usa/
Cybercriminals exposed 2.8 billion consumer data records in 2018, costing over $654 billion to U.S. organizations, according to ForgeRock.
Cyberattacks to U.S. financial services organizations cost the industry over $6.2 billion in Q1 2019 alone, up from just $8 million in Q1 2018.
Even though investments in information security products and services have been on the rise, with $114 billion invested in 2018, cybercriminals continue to attack organizations across a wide spectrum of industries to gain access to valuable consumer data.
According to the research, personally identifiable information (PII) was the most targeted data for breaches in 2018, comprising 97% of all breaches. By targeting PII, cybercriminals prove that they’re hungry for consumer data and the research also found the most frequent attack method was from unauthorized access, encompassing 34% of all attacks. Healthcare, financial services and government were the sectors most largely impacted by cyberattacks.
“It’s clear from our research findings that consumer data is valuable and highly sought after by cybercriminals as well as very difficult for organizations to protect,” said Eve Maler, VP of Innovation and Emerging Technology of ForgeRock. “Organizations can protect consumer data by implementing a strong customer identity management program. Every industry has incentives to avoid brand damage and costly breaches, and so organizations must use modern identity standards and practices to secure their infrastructure, from servers all the way out to client apps and smart devices at the edge.”
Key findings:
•Almost half (48%) of all consumer data breaches happened in the healthcare sector, four times as many in any other sector.
•Financial services and government were the second and third most victimized industries, collectively comprising 20% of all breaches.
•Breaches in financial services are down 20% in Q1 2019, compared to Q1 2018, but over 26.9 million consumer records were compromised in the Q1 2019 breaches alone, which is a 78,900% increase.
•Date of birth and/or Social Security Numbers were the most frequently compromised type of PII in 2018, with 54% of breaches exposing this data.
•Name and physical address (49%) and personal health information (46%) were the second and third most commonly compromised type of PII in 2018.
=================================================================
Obviously the cybersecurity products in much of the marketplace are not working very effectively when there is a $654 BILLION cost to organizations!! Wave solutions have been successfully used in well renowned organizations. Why organizations continue to use cybersecurity products that don't work very effectively or just can't stop breaches seems to make little sense!! Wave could be saving a LOT of organizations substantial amounts of money by preventing breaches! Plus losing $654 BILLION has got to be very stressful! Using Wave solutions could eliminate the stress of having to go through these breaches!!!
==================================================================
The post above just reinforces that the cost of breaches and stress averted are higher than what it would cost to implement Wave VSC 2.0 and Wave ERAS along with Wave's other solutions! Reputation may not have a cost associated to it, but Wave could save a lot of reputations additionally!!
=================================================================
Quest Diagnostics says 11.9 million patients affected by data breach
https://investorshub.advfn.com/boards/read_msg.aspx?message_id=149181512
=================================================================
For more information on Wave solutions, please see the links below. Free trials are at the 2nd and 3rd links.
https://www.wavesys.com/
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
For assistance, please see the link below!!
https://www.wavesys.com/contact-information
Breaking Samsung's ARM TrustZone
https://www.blackhat.com/us-19/briefings/schedule/#breaking-samsungs-arm-trustzone-14932
The increasing popularity of connected devices in recent years has led manufacturers to put a greater emphasis on security, finding themselves in need of robust designs that would protect their users.
From these requirements emerged the ARM TrustZone, a system-wide hardware isolation technology. It introduces a trusted Secure World that can process code and data while ensuring their integrity and confidentiality. This Secure World can also watch over the user-controlled (and therefore untrusted) Normal World to verify its integrity, similarly to the mechanism implemented in Samsung's TIMA.
It can also access hardware peripherals, such as keyboards, screens, or crypto-processors in a secure and isolated manner to create trusted UIs, implement DRMs, etc. All the sensitive data and the critical interruptions are directly handled by the Secure World without ever passing through the Normal World.
However, the usage of this technology comes at a cost. By widening the attack surface and exposing privileged components, TrustZone can potentially introduce a single point of failure that allows the compromission of the entire system.
Using Samsung's TrustZone implementation as a target, this presentation explains and demonstrates how this new attack surface can be leveraged to hijack and exploit trusted components. After explaining the internals and interactions of these components developed by Samsung, different vulnerabilities will be detailed and exploited to execute code at EL3, the highest privilege level on an ARM-based system.
==================================================================
A TPM Mobile could enhance the security of Trustzone (TEE)! Wave had a 15 year agreement with Samsung to license Wave's software with a TPM. This could be an opportunity for Samsung to improve its smartphone security and for Wave to be in millions of devices and manage those devices!! See Samsung/Wave agreement below!!
==================================================================
White Paper: TPM Mobile with Trusted Execution Environment for Comprehensive mobile device security
https://trustedcomputinggroup.org/wp-content/uploads/TPM-MOBILE-with-Trusted-Execution-Environment-for-Comprehensive-Mobile-Device-Security.pdf
Excerpt: The whitepaper introduces how Global Platform TEE and Trusted Computing Group Mobile Trust Module (TPM Mobile) can work together in mobile devices to provide security, peace of mind and enhanced services to users.
Samsung is a TCG member.
==================================================================
https://www.wavesys.com/buzz/news/wave-systems-signs-15-year-license-agreement-samsung
Wave Systems Signs 15-year License Agreement with Samsung
https://www.securityweek.com/wave-systems-signs-15-year-license-agreement-samsung
Wave Systems has signed a 15-year software license and distribution agreement with Samsung, enabling Samsung to bundle Wave’s EMBASSY Security Center (ESC) and TCG Software Stack (TSS) technology with devices that include a Trusted Platform Module (TPM), an industry standard security chip embedded in the motherboard of a computer or other electronic device.
In an SEC filing, Wave said it would receive a per-unit royalty based on Samsung’s sales of products that include its technology, but did not provide estimates in terms of expected revenue derived as a result.
While the contract does not provide for guaranteed minimum or maximum shipped quantities or royalties, the long-term deal with the electronics giant is a big win for the Massachusetts-based security firm. “Samsung is a significant market maker and technology category leader,” Brian Berger, EVP Marketing & Sales at Wave Systems told SecurityWeek. “For Wave to have been selected and qualified to have a 15-year agreement is a very important message to the market of Wave's value to the computing ecosystem.”
In terms of Samsung products that could benefit from Wave’s technology, Trusted Platform Modules can be used in device types including mobile, consumer electronic products such as Set-top-boxes and printers, and other applicable products. Personal computers are the first and biggest market currently, as government requirements are starting to require higher levels of security including hardware-level protections such as TPM and encryption.
Wave Systems' EMBASSY Security Center delivers advanced levels of security to the client PC using the TPM security chip found on most enterprise PCs today. ESC offers a variety of secure business productivity benefits including self-encrypting drive management, and is compatible with all TCG-Compliant hardware platforms.
Wave’s software will be bundled with devices manufactured by Samsung within the 2012 calendar year, Berger said.
American Megatrends Announces Support for Storage of BIOS Passwords in TPM NVRAM with New Aptio V UEFI Firmware eModule
https://ami.com/en/news/press-releases/american-megatrends-announces-support-for-storage-of-bios-passwords-in-tpm-nvram-with-new-aptio-v-uefi-firmware-emodule/
NORCROSS, GEORGIA: - American Megatrends International LLC (AMI), a global leader in BIOS and UEFI firmware, BMC and server management firmware solutions, backplane control chips and much more, is pleased to announce support for BIOS passwords to be stored in the TPM NVRAM via new Aptio® V UEFI Firmware eModule.
System security is typically considered in terms of layers of security. Most end-users have a password or PIN to gain access into their operating system. This is considered the most basic form of system protection. However, this type of protection does not stop a malicious user from booting the system using another operating system loaded onto an external storage device such as a USB drive.
BIOS passwords offer a stronger layer of system protection; having a BIOS password along with a proper Boot Order setting offers superior protection as it can raise the barrier against a malicious user from booting the system from external storage devices. This does not, however, stop a bad actor from physically opening the system and resetting the BIOS to its default settings. If the BIOS password is disabled by default, then the system can be infiltrated.
As more individuals begin to experiment with defeating BIOS passwords, the traditional method of storing the BIOS password weakens. BIOS passwords are not stored in plain text; they are hashed and stored in system NVRAM. This method is easy for system manufacturers to implement and offers a good level of security because passwords are not saved in the clear. Yet anyone can read system NVRAM - and an attacker can easily employ a Dictionary Attack, which is simply attempting to guess the password until a match is found.
AMI raises the bar higher with a drastically different approach not traditionally seen when it comes to BIOS password integrity. AMI has invested two years in developing and testing the storage of the BIOS password in the NVRAM of the TPM. The TPM has an inherent characteristic that counters attempts to gain access to its NVRAM, so that a malicious user cannot search NVRAM for the BIOS password hash. Continuous reading of TPM NVRAM with the wrong password will trigger a dictionary attack defense mechanism that will intentionally and steadily slow down an attack.
As an added benefit of storing BIOS passwords in the TPM NVRAM, BIOS passwords are preserved even after a BIOS firmware flash and hardware reset is performed. A USB recovery key can be created during password creation that can be used to recover system if password is lost or forgotten.
AMI will begin offering this method of storing BIOS passwords immediately with the introduction of a new BIOS eModule called TpmPassword. Please contact your AMI sales representative for more information on the prerequisites and how to license it for Intel®, AMD and Arm®-based platforms.
All trademarks and registered trademarks are the property of their respective owners.
==================================================================
American Megatrends has found a great use and layer of security in the TPM!! These TPMs would need to be turned on and preferably managed by the premier TPM solutions company, Wave Systems. Wave is unique in that it can manage all of the different TPMs that are on the market. This could be one of the sparks that lights the TPM turn on fire!! Wave has worked with American Megatrends in the past...
=================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excerpts:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
==================================================================
Could Wave already have been establishing a chain of trust (ie. BIOS password in the TPM) with its BIOS integrity under Wave Endpoint Monitor?? If not, American Megatrends has covered it now.
==================================================================
https://www.wavesys.com/products/wave-endpoint-monitor
Excerpts:
Be proactive on compliance
No new regulations here—yet. But government agencies recognize malware as a growing threat. In 2011, NIST published guidelines for basic input/output system (BIOS) integrity measurement, the BIOS being what initializes a computer when it boots up. When this critical system is malware’s target, the consequences are big. The guidelines describe what’s needed to establish a chain of trust for the BIOS: Has it been tampered with? NIST actually looked to Wave for feedback on this document (see the acknowledgments). We know what’s needed, because Wave Endpoint Monitor is already doing it.
Key Features:
Easy security compliance
• Comports with NIST guidelines for BIOS integrity
=================================================================
https://www.wavesys.com/
Quest Diagnostics says 11.9 million patients affected by data breach
https://techcrunch.com/2019/06/03/quest-diagnostics-breach/
Medical testing giant Quest Diagnostics has confirmed a third-party billing company has been hit by a data breach affecting 11.9 million patients.
The laboratory testing company revealed the data breach in a filing on Monday with the Securities and Exchange Commission.
According to the filing, the breach was a result of malicious activity on the payment pages of the American Medical Collection Agency, a third-party collections vendor for Quest. The “unauthorized user” siphoned off credit card numbers, medical information and personal data from the site.
Laboratory test results were not among in the stolen data, Quest said.
The breach dated back to August 1, 2018 until May 31, 2019, said Quest, but noted that it has “not been able to verify the accuracy of the information” from the AMCA.
Quest said it has since stopped sending collection requests to the vendor while it investigates and has hired outside security experts to understand the damage.
AMCA spokesperson Jennifer Kain said in a statement, supplied through crisis communications firm Brunswick Group, that it was “investigating” the breach.
“Upon receiving information from a security compliance firm that works with credit card companies of a possible security compromise, we conducted an internal review, and then took down our web payments page,” said the spokesperson.
The company also said it informed law enforcement of the breach.
Several other companies have been hit in recent months by attacks on their websites. Highly targeted credit card skimming attacks hit Ticketmaster, British Airways, and consumer electronics giant Newegg in the past year, affecting millions of customers. The so-called Magecart group of hackers would break into vulnerable websites and install the malicious code to skim and send data back to the hacker-controlled servers.
It’s the second breach affecting Quest customers in three years. In 2016, the company said 34,000 patients had data stolen by hackers.
Updated with a statement from the AMCA.
==================================================================
Only known devices allowed on sensitive networks! Here is another breach where the user was 'unauthorized'. By using Wave VSC 2.0 and Wave ERAS, an unauthorized or unknown and unapproved device would not make it onto this network to obtain the millions of patients' data!!! The amount of money that could be saved by not having a breach (use Wave solutions) and stress averted far outweighs the cost of implementing Wave ERAS and Wave VSC 2.0 along with Wave's other solutions.
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
https://www.wavesys.com/contact-information
Setup Multi-Factor Authentication for Office 365 for a Users Mailbox
https://it.toolbox.com/blogs/pankajdohre/setup-multi-factor-authentication-for-office-365-for-users-mailbox-053119
Assigning Multi-factor Authentication for Office 365 accounts gives more security to Exchange Online, allowing users to have more than one verification method in the sign-in process. It checks if it is signed by the authorized user of Office 365. You can also say that MFA is a two-step verification process to Office 365 account. For this, we have to enable MFA for each user account. Once it is enabled, the user must accept a text message or the mobile app for verification. After it is been verified, you can use your Office 365 mailbox.
Here, I am going to discuss the MFA for Office 365 step by step process which you need to follow:
The many steps and details are continued at the above link.
==================================================================
It seems that Wave VSC 2.0 (2FA) setup for cloud applications (Office 365) would be more efficient and simpler to use than the method explained in this article. This could be another benefit to having Wave VSC 2.0!!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
Get better security at less than half the cost
Passwords are weak. Tokens are expensive. Don’t compromise on security or price.
Wave Virtual Smart Card does anything your physical smart cards and tokens do, but it starts with hardware you already have: the Trusted Platform Module (TPM), a hardware security chip built into the motherboard of most business-class PCs. You may not even know you have it, but once you do, the TPM can be used in a myriad of ways. Wave turns it into a smart card, embedded directly into your laptop.
What can it be used for?
What do you use your smart card for today? With the exception of keying open the door at work, Wave Virtual Smart Card can perform any of the services or applications you rely on your smart card for today. Secure VPN, WiFi, remote desktop, cloud applications – it can all be done with a virtual smart card.
One helpdesk call you'll never get: "I lost my virtual smart card again..."
There are so many ways to lose a token – couch cushions, street drains, curious toddlers. In fact, up to 30% of all tokens are eventually lost. It’s much harder to lose a laptop, and you notice a lot faster when you do.
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
What will you do with >50% TCO savings?*
Tokens and smart cards require an additional hardware purchase, plus the time and money to ship to remote users. Use something that’s already in the users’ hands (the TPM), and your acquisition and deployment costs are lower.
Then consider the management savings in not having to replace lost and stolen tokens. That means fewer helpdesk calls, less interruption of user productivity, and fewer acquisition and shipping costs.
When we say “secure”…
…we mean it. Our solution starts with a proven hardware root-of-trust. Multi-factor authentication is an established best-practice for strong authentication: the TPM-based virtual smart card is one factor (something you have) and the user PIN is a second factor (something you know).
*Actual number may vary. Contact us today to receive more details and a free quote.
Key Features:
• Full lifecycle management of virtual smart cards
• Intuitive interface to create (or delete) virtual smart cards
• Command line option to create and delete virtual smart cards
• Flexible PIN policies
• Helpdesk-assisted PIN reset and recovery
• Generates reports for compliance
• Integrates with Active Directory
• Supports familiar use cases ? Virtual Private Network (VPN)
? Local logon
? Remote logon
? Remote desktop access
? Intranet/Extranet
? Cloud applications
==================================================================
Wave VSC 2.0, Wave ERAS, and Wave's other excellent solutions are at the link below!!!
https://www.wavesys.com/
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
https://www.wavesys.com/contact-information
Flipboard Confirms It Was Hacked Twice: 150M Users At Risk As Passwords Stolen
https://www.forbes.com/sites/daveywinder/2019/05/29/flipboard-confirms-it-was-hacked-twice-150m-users-at-risk-as-passwords-stolen/#1bee1bf06926
Flipboard, the hugely popular news aggregation app that is used by 150 million people each month, has been hacked. Twice. According to a security notice posted by Flipboard, what it calls "unauthorized access" to databases took place between June 2, 2018 and March 23, 2019 as well as April 21, 2019 and April 22, 2019. The hacker is confirmed as having "potentially obtained copies of certain databases containing Flipboard user information."
What data has been breached?
According to Flipboard the databases that have been compromised hold account credentials including actual names, usernames, cryptographically protected passwords and email addresses. Although it is not known at this stage exactly how many users have been impacted by the breach, the Flipboard app has 150 million monthly users and the Flipboard will only say that "not all users were involved. The important two words in that list of breached data are cryptographically protected. This refers to the passwords being protected by salted hashes, or in plain speak a method of encrypting plain text passwords using unique seeds that make cracking them a much harder proposition for any attacker. Not impossible, mind, but time and resource consuming to a not insignificant extent. There is a caveat here though, Flipboard admits that passwords created (or changed) before March 14, 2012 used a much weaker hashing algorithm. Then there's digital tokens, used to connect Flipboard accounts to social media and other third-party accounts, which Flipboard say "may have" been stored in those breached databases.
How has Flipboard reacted?
As soon as Flipboard discovered the unauthorized access, on April 23, it launched an investigation with the help of an external security company. While it may seem like an overly long delay before informing users of the breach, Flipboard has been thorough in carrying out this forensic investigation to confirm the incident before doing so and security experts agree the disclosure is full and frank. Ethical hacker John Opdenakker told me that, "while a lot of companies fail at data breach disclosure, Flipboard did a good job; their communication is very transparent and detailed." All Flipboard account holders should by now have received an email with details of the breach. Law enforcement has also been notified. Although passwords were salted and hashed as already stated, Flipboard has taken the precaution of resetting all user passwords. It has also replaced or deleted all digital
Please see the rest of the article at the link.
==================================================================
To prevent having to put users and companies through password resets, Wave ERAS and Wave VSC 2.0 could keep the unauthorized or bad guys off the network, and from retaining the sensitive information in the first place!! Breaches like this shouldn't be happening, and Wave's solutions could be stopping them from happening!! I've posted a link below that can simply explain how Wave's solutions can do that. Given the frequency of data breaches, solutions such as the ones below should be very sought after unless companies choose to fight the bad guys on their networks to try to catch them or use salting, hashing of passwords and passwords resets as a means of defense!
==================================================================
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Excepts:
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate [b]which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
=================================================================
https://www.wavesys.com/
https://www.wavesys.com/contact-information
2.3B Files Currently Exposed via Online Storage
Digital Shadows researchers scanned various online file-sharing services and concluded the number of exposed files is up 50% from March of 2018.
https://www.darkreading.com/threat-intelligence/23b-files-currently-exposed-via-online-storage/d/d-id/1334843
More than 2.3 billion files are exposed across misconfigured online file storage technologies, marking an increase of 750 million files – or a 50% jump – from 1.5 billion in March 2018.
Researchers with the Digital Shadows' Photon Research Team thought last year's 1.5B figure alone was "incredible," they say in the aptly named "Too Much Information: The Sequel" report. Files with sensitive and insensitive data were found via SMB file shares, misconfigured network-attached storage (NAS) devices, FTP and rsync servers, and Amazon S3 buckets.
The United States exposed the most data (over 326 million files), though France (151 million) and Japan (77 million) each had the highest in their geographies. The United Kingdom exposed 98 million, and countries throughout Europe collectively exposed more than one billion files.
There's "a lot of really good work" being done to try and contain this wealth of compromised information, says Harrison Van Riper, strategy and research analyst at Digital Shadows. "However, the fact is that businesses are continuing to expand their footprint online, beyond their own networks and, more importantly, their own storage devices," Van Riper explains.
"The same kinds of access controls and safeguards that businesses put on their own data within their networks should be implemented on those systems existing outside as well," he adds.
"The same kinds of access controls and safeguards that businesses put on their own data within their networks should be implemented on those systems existing outside as well," he adds.
Server Message Block (SMB) protocol exposed the most data (46%) of all technologies analyzed. That's more than one billion files exposed via SMB file shares, a 547.6 million jump from March 2018. FTP was next-highest at 457.4 million (20%), followed by rsync at 386.7 million (16%), Amazon S3 at 182.1 million (8%), webindex at 163.5 million (7%), and NAS at 65.4 million (3%). FTP-hosted files increased by over 54 million, cancelling out rsync's decline of 53.7 million files.
The researchers aren't entirely sure why SMB-enabled file shares nearly doubled in the past year, though they call the statistic troubling. One potential reason is in June 2018, Amazon AWS Storage Gateway added SMB support, giving file-based applications built for Microsoft Windows a means to store and access objects in Amazon S3. Another is in November 2018, Akamai discovered attackers were opening SMB ports 139 and 445 for malicious reasons.
SMB is one of the main ways Windows users can facilitate file shares, Van Riper notes, and Microsoft adoption of the protocol surely drove its popularity. It's not a bad thing, he points out; technology is supposed to simplify the ways we live our lives and conduct business. However, he adds, the Internet has changed what we thought we knew about these systems and how they interact. It's time to rethink new ways to implement old protocols, he says.
"As businesses continue to digitize older systems and [processes], and more and more Windows systems that have SMB installed get spun up, the more chances there are for these exposures to occur knowingly," he explains.
In the report, researchers point out that in early 2018, Microsoft stopped preinstalling SMBv1 in Windows 10 and Windows Server. However, it's hard to confirm the full impact of this as researchers included SMB v1, v2, and v3 in the study.
Amazon S3 bucket misconfigurations, which have inadvertently exposed data for years, may also slow thanks to "Amazon S3 Block Public Access," introduced in Nov. 2018. The move locked down default security controls for S3 buckets so users can set global block rule for private data.
The standard advice for companies preparing for ransomware attacks is to back up their files. If they're hit and their files are encrypted, they can use saved data to get back up and running.
But what happens if the same ransomware variant also encrypts backup files? The researchers at Digital Shadows notice this is a growing trend, with more than 17 million ransomware-encrypted files across file stores used for backups. They specifically note NamPoHyu ransomware, an update to the MegaLocker variant that targets Samba servers. Samba is the open-source implementation of the SMB protocol; it runs on Unix systems and allows for file communication to Windows. Since April 2019, more than two million files have been encrypted with the .NamPoHyu extension.
"Obviously, WannaCry is the other big ransomware variant that comes to mind when we think about SMB and we are still seeing new files be encrypted by it," Van Riper says. "The trend has definitely picked up steam with the addition of a new variant in NamPoHyu."
These days, data is not only kept internally and businesses should protect their information wherever it resides. Oftentimes that means working with third parties to ensure they have a security strategy in place: for example, researchers point to a small IT consulting company in the UK that exposed more than 212,000 files containing company and client information.
When it comes to third parties, Van Riper says businesses should be asking the same questions they ask of their own security teams. Where is data stored? How are we storing it? Is it encrypted? Who has access to it? "These questions shouldn't only be asked internally, as these days data is not only kept internally," he explains.
=================================================================
Scrambls is in retirement, and appeared to be ahead of its time. The article above shows a strong reason for 'Scrambls for files' to be helping a problem that has been in existence for awhile!! Privacy is important as Apple's CEO continuously points out, and Scrambls could bring privacy to many users, companies and markets!
=================================================================
Protect Content in the Cloud with Scrambls for Files
Scrambls Brings Privacy & Control to Social File Sharing with Instant Encryption
https://www.wavesys.com/buzz/pr/protect-content-cloud-scrambls-files
Palo Alto, CA -
November 13, 2012 -
Today scrambls announced Scrambls for Files as the next enhancement to the free service designed to allow you to control your social media, manage your online privacy, and decide who to share with. Scrambls for Files brings the power of scrambls into Microsoft Windows, for easy encryption of all types of files and folders before they are sent over the open Web.
Cloud storage and social media services have become increasingly prevalent in the market, with consumers quick to embrace the benefits. Yet there are vulnerabilities in the current model of uploading information into the cloud, and then trusting third parties to apply the proper privacy, security and authentication policies. Scrambls for Files brings a more secure method of data transfer for sharing files and folders anywhere you happen to be on the Web. With scrambls, users even maintain control to change who can read messages and files even after the fact.
“This is an important solution to consider for anyone that wants to safely and securely use cloud storage services like Dropbox™ or Microsoft SkyDrive™. Only members of your specified scrambls groups are aware of and can access the content, and you maintain the dynamic control to change those permissions anytime,” said Michael Sprague, scrambls co-creator. “Cloud storage and social media services see only the encrypted data, and we don’t even see it here at scrambls—we only manage the keys and groups as a trusted third party.”
The power lies in the dynamic groups offered by scrambls. Users choose exactly who can see and read anything scrambled, by forming groups (based upon email address, Facebook contacts/groups, etc.). With the same simplicity of scrambls text messages, users just choose what individuals or groups are permitted to read a file. Scrambls will decrypt and display both text and files. Retract messages and/or files by changing the groups or individuals authorized; schedule a specific time for messages and files to appear or expire; and much more.
“Scrambls can be used to encrypt your posts and files for enterprise-caliber protection wherever they travel across the networked social web,” continued Sprague. “Secure what you place in cloud storage and take control over who can read sensitive information. The keys to unlock your encrypted data remain separate from the content, only to be brought back together when the people you authorize look to pull that message down from the cloud. Everyone else will only see scrambled text.”
While encryption concepts are not new, they’ve traditionally been a burden to use. The simplicity and power of scrambls’ groups mechanism sets it apart. Sharing scrambled files does not require circulation of a password or management of enterprise encryption key servers. Users simply choose who is authorized to read anything and those people or groups are granted rights—all they need is a scrambls account of their own.
Scrambls is a platform that can be used with any service, to add the protection of scrambls into any web service and infrastructure you already know and use (Facebook, DropBox, email, Active Directory, etc.). The new model of information sharing supports file and folder encryption for all Microsoft Windows platforms.
Introducing Scrambls Professional for Power Users:
Scrambls continues to introduce more functionality, expanding what users can do with their groups & connections. Scrambls for Files is the latest of these innovations, following the recent Facebook Integration for login and group creation and several mobile apps.
With Scrambls for Files, a premium offering of scrambls will be introduced for heavier usage that brings added benefits to scrambls’ most active users. Scrambls is committed to keeping basic use free for any consumer to secure their social communications over the open Web. The professional version allows unlimited use of Scrambls for Files, along with more features and functionality that are yet to come.
During an initial free trial period, every scrambls user will be given one free year of the professional offering (both new and existing users). Visit www.scrambls.com to sign up for free today.
Build scrambls Into Your Next App:
Scrambls also serves as a platform for integrating security and control for third-party solutions, protecting users’ interactions with the social web. App developers and social media providers interested in augmenting the privacy and security of their own applications and services can leverage scrambls’ software developer kit. The SDK enables third-party apps and sites to integrate directly with scrambls, for a comprehensive and reliable solution backed by enterprise security veteran Wave Systems. For more information, visit: http://developer.scrambls.com.
About Scrambls
Scrambls is a service developed by Wave Systems Corp. (NASDAQ: WAVX) that makes online sharing simple and safe. All you need is the scrambls plug-in added to your browser toolbar. You can make any post private with just one click, even if you’re publishing to different groups of contacts spread across multiple social networks. Scrambls lets you decide what the privacy policy will be for each post that you share. Scrambls makes online sharing smarter, with control over what you are sharing and whom you are sharing it with.
US Navy wants 350 billion social media posts
https://www.bbc.com/news/technology-48434172
The US Navy is seeking to create an archive of at least 350 billion social media posts from around the world, in order to study how people talk online.
The military project team has not specified which social media platform it intends to collect the data from.
The posts must be publicly available, come from at least 100 different countries and include at least 60 different languages.
They should also date between 2014 and 2016.
The details were revealed in a tender document from the Naval Postgraduate School for a firm to provide the data.
Applications have now closed.
Additional requirements included:
?the posts must come from at least 200 million unique users
?no more than 30% can come from a particular country
?at least 50% must be in a language other than English
?location information must be included in at least 20% of the records
Private messaging and user information will not form part of the database.
"Social media data allows us for the first time, to measure how colloquial expressions and slang evolve over time, across a diverse array of human societies, so that we can begin to understand how and why communities come to be formed around certain forms of discourse rather than others," T Camber Warren, the project's lead researcher, told Bloomberg.
The US Navy was behind the creation of Tor, the anonymous browsing network, in 2002.
Tor, also known as The Onion Router, aims to conceal where people go online by using encryption and randomly bouncing requests for web pages through a network of different computers.
=================================================================
Scrambls and 'Scrambls for files' could become popular in light of this article, and if it were taken out of retirement!! It certainly seems like a great solution that should be thriving in the marketplace!!
==================================================================
Protect Content in the Cloud with Scrambls for Files
Scrambls Brings Privacy & Control to Social File Sharing with Instant Encryption
https://www.wavesys.com/buzz/pr/protect-content-cloud-scrambls-files
Palo Alto, CA -
November 13, 2012 -
Today scrambls announced Scrambls for Files as the next enhancement to the free service designed to allow you to control your social media, manage your online privacy, and decide who to share with. Scrambls for Files brings the power of scrambls into Microsoft Windows, for easy encryption of all types of files and folders before they are sent over the open Web.
Cloud storage and social media services have become increasingly prevalent in the market, with consumers quick to embrace the benefits. Yet there are vulnerabilities in the current model of uploading information into the cloud, and then trusting third parties to apply the proper privacy, security and authentication policies. Scrambls for Files brings a more secure method of data transfer for sharing files and folders anywhere you happen to be on the Web. With scrambls, users even maintain control to change who can read messages and files even after the fact.
“This is an important solution to consider for anyone that wants to safely and securely use cloud storage services like Dropbox™ or Microsoft SkyDrive™. Only members of your specified scrambls groups are aware of and can access the content, and you maintain the dynamic control to change those permissions anytime,” said Michael Sprague, scrambls co-creator. “Cloud storage and social media services see only the encrypted data, and we don’t even see it here at scrambls—we only manage the keys and groups as a trusted third party.”
The power lies in the dynamic groups offered by scrambls. Users choose exactly who can see and read anything scrambled, by forming groups (based upon email address, Facebook contacts/groups, etc.). With the same simplicity of scrambls text messages, users just choose what individuals or groups are permitted to read a file. Scrambls will decrypt and display both text and files. Retract messages and/or files by changing the groups or individuals authorized; schedule a specific time for messages and files to appear or expire; and much more.
“Scrambls can be used to encrypt your posts and files for enterprise-caliber protection wherever they travel across the networked social web,” continued Sprague. “Secure what you place in cloud storage and take control over who can read sensitive information. The keys to unlock your encrypted data remain separate from the content, only to be brought back together when the people you authorize look to pull that message down from the cloud. Everyone else will only see scrambled text.”
While encryption concepts are not new, they’ve traditionally been a burden to use. The simplicity and power of scrambls’ groups mechanism sets it apart. Sharing scrambled files does not require circulation of a password or management of enterprise encryption key servers. Users simply choose who is authorized to read anything and those people or groups are granted rights—all they need is a scrambls account of their own.
Scrambls is a platform that can be used with any service, to add the protection of scrambls into any web service and infrastructure you already know and use (Facebook, DropBox, email, Active Directory, etc.). The new model of information sharing supports file and folder encryption for all Microsoft Windows platforms.
Introducing Scrambls Professional for Power Users:
Scrambls continues to introduce more functionality, expanding what users can do with their groups & connections. Scrambls for Files is the latest of these innovations, following the recent Facebook Integration for login and group creation and several mobile apps.
With Scrambls for Files, a premium offering of scrambls will be introduced for heavier usage that brings added benefits to scrambls’ most active users. Scrambls is committed to keeping basic use free for any consumer to secure their social communications over the open Web. The professional version allows unlimited use of Scrambls for Files, along with more features and functionality that are yet to come.
During an initial free trial period, every scrambls user will be given one free year of the professional offering (both new and existing users). Visit www.scrambls.com to sign up for free today.
Build scrambls Into Your Next App:
Scrambls also serves as a platform for integrating security and control for third-party solutions, protecting users’ interactions with the social web. App developers and social media providers interested in augmenting the privacy and security of their own applications and services can leverage scrambls’ software developer kit. The SDK enables third-party apps and sites to integrate directly with scrambls, for a comprehensive and reliable solution backed by enterprise security veteran Wave Systems. For more information, visit: http://developer.scrambls.com.
About Scrambls
Scrambls is a service developed by Wave Systems Corp. (NASDAQ: WAVX) that makes online sharing simple and safe. All you need is the scrambls plug-in added to your browser toolbar. You can make any post private with just one click, even if you’re publishing to different groups of contacts spread across multiple social networks. Scrambls lets you decide what the privacy policy will be for each post that you share. Scrambls makes online sharing smarter, with control over what you are sharing and whom you are sharing it with.
Password Spraying Fells Citrix. Are We Next?
https://www.infosecurity-magazine.com/opinions/password-spraying-citrix-1/?utm_source=dlvr.it&utm_medium=twitter
Did Iranian hackers steal six terabytes of sensitive documents from Citrix, a company that does business with the FBI, the US military, American government agencies, and many US corporations?
As usual, the identity of hackers cannot be established positively, but someone did steal a large amount of data, including reports, blueprints, and “business papers,” according to the company. We also know how they did it – using a tactic, said the company, known as “password spraying, a technique that exploits weak passwords.”
That perhaps is the most important part of the story – because it could claim many more companies like Citrix. Passwords as a primary factor of authentication are problematic, if not outright dangerous – and the Citrix hack illustrates that clearly.
Citrix revealed the hack on March 8th in a statement, saying that the FBI had alerted the company that it had been compromised several days earlier, but the attacks may have been going on much longer.
Cybersecurity firm Resecurity claimed it had alerted Citrix to the attack as early as December 28th 2018, and that “threat actors leveraged a combination of tools, techniques and procedures (TTPs) allowing them to conduct a targeted network intrusion.” They also called out the Iranian-backed IRIDIUM hacker group as the culprit.
The Citrix breach could turn out to be one of the most important in recent years. Among the “victims” of this breach may have been the source code of products like Netscaler Gateway (AKA Citrix Access Gateway), LogMeIn, and other highly sensitive products that may uncover a backdoor into Citrix customers’ networks. It's akin to a major breach at Lockheed Martin back in 2011, made possible after a hack of security vendor RSA Security exposed the secrets that went into its SecurID authentication token, used by Lockheed to protect its networks.
How Passwords Are Hacked
As mentioned, the FBI attributes the breach to password spraying, a tactic that involves attempting to access a large number of accounts (usernames) using a few commonly used passwords. Traditional brute-force attacks attempt to gain unauthorized access to a single account by guessing the password. This can quickly result in the targeted account getting locked-out, as commonly used account-lockout policies allow for a limited number of failed attempts (typically three to five) during a set period of time.
During a password-spray attack (also known as the “low-and-slow” method), the malicious actor attempts a single commonly used password (such as ‘Password1’ or ‘Summer2017’) against many accounts before moving on to attempt a second password, and so on. This technique allows the actor to remain undetected by avoiding rapid or frequent account lockouts.
Password spray campaigns typically target single sign-on (SSO) and cloud-based applications utilizing federated authentication protocols. Targeting federated authentication can help mask malicious traffic. Additionally, targeting SSO applications helps maximize access to intellectual property if the attack succeeds. In addition, email applications are also commonly targeted.
How Does Password Spraying Affect Business?
When hackers are able to get information about employees from public sources they can rely on organizations using the same user names as in public domains. The hacker will use those user names combined with frequently used passwords (Password123, date of birth…..) to access business accounts.
Ways to Prevent Password Spraying
If passwords are the weak link in the authentication chain, there are two things we can do about it: either strengthen them, or find a better alternative. The ways to accomplish the former are well-known; longer, more complex and more frequently updated passwords will likely provide relief for most password spraying attacks, and make any efforts to brute-force less effective.
Yet effective password policies have proven notoriously difficult to enforce; all companies have policies in place requiring safe password practices, but password-compromising attacks are as numerous as ever. A multi-step login process and capping the number of failed login attempts are “next-level” password protection schemes that could cut down those attacks.
When all else fails, companies can implement second-factor authentication. When used as an add-on to passwords, 2FA retains many of the shortcomings associated with passwords, while adding a few of their own.
Another possibility is to use a physical token – such as a smartphone app – where the user doesn't have to remember anything, and they will no longer be subject to ubiquitous phishing attacks.
There are other authentication methods that override passwords, and companies should consider them, given the risks in using passwords. If the Citrix breach was really the result of password spraying, then the company has a lot of security housecleaning to do. We all ought to take a lesson from Citrix's experience, and take steps to ensure that we're not the next victims.
==================================================================
Given all the excellent features of Wave ERAS and Wave VSC 2.0 and the three pieces of important information below, it would seem blatantly implausible for an organization to use an enterprise 2FA solution other than Wave VSC 2.0 especially if they have Windows 7 systems along with the other Windows operating systems (8,8.1, 10) in the organization's computer fleet.
=================================================================
1. The article above has a RSA Securid (a 2FA token) mention.
2. The Wave VSC 2.0 White Paper. See link at the link below.
https://www.wavesys.com/virtual-smart-card-2.0-from-wave
3. Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company
Wins competitive evaluation against market leader in two-factor authentication tokens.
https://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global
It's better security at less than half the cost!!!
==================================================================
See the links below for more information and free trials on Wave ERAS and Wave VSC 2.0.
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Wave Endpoint Monitor and Wave SED management could also make life a lot easier and more secure for organizations and are found at: https://www.wavesys.com/ Methinks has some great WEM links in a previous post!
The link below is to contact Wave:
https://www.wavesys.com/contact-information
Australian tech unicorn Canva suffers security breach
https://www.zdnet.com/article/australian-tech-unicorn-canva-suffers-security-breach/?ftag=COS-05-10aaa0g&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5cead0b52866ef00011c90a2&utm_medium=trueAnthem&utm_source=twitter
Hacker claims to have stolen the data of 139 million Canva users.
Canva, a Sydney-based startup that's behind the eponymous graphic design service, was hacked earlier today, ZDNet has learned.
Data for roughly 139 million users has been taken during the breach, according to the hacker, who tipped off ZDNet.
Responsible for the breach is a hacker going online as GnosticPlayers. The hacker is infamous. Since February this year, he/she/they has put up for sale on the dark web the data of 932 million users, which he stole from 44 companies from all over the world.
Hack took place this morning
Today, the hacker contacted ZDNet about his latest hack, involving Australian tech unicorn Canva, which he said he breached just hours before, earlier this morning.
"I download everything up to May 17," the hacker said. "They detected my breach and closed their database server."
Stolen data included details such as customer usernames, real names, email addresses, and city & country information, where available.
For 61 million users, password hashes were also present in the database. The passwords where hashed with the bcrypt algorithm, currently considered one of the most secure password-hashing algorithms around.
For other users, the stolen information included Google tokens, which users had used to sign up for the site without setting a password.
Of the total 139 million users, 78 million users had a Gmail address associated with their Canva account.
ZDNet requested a sample of the hacked data, so we could verify the hacker's claims. We received a sample with the data of 18,816 accounts, including the account details for some of the site's staff and admins.
We used this information to contact Canva users, who verified the validity of the data we received. We also contacted the site's administrators, informing them of the breach and requesting an official statement.
"Canva was today made aware of a security breach which enabled access to a number of usernames and email addresses," a Canva spokesperson told ZDNet via email.
"We securely store all of our passwords using the highest standards (individually salted and hashed with bcrypt) and have no evidence that any of our users' credentials have been compromised. As a safeguard, we are encouraging our community to change their passwords as a precaution," the company said.
"We will continue to communicate with our community as we learn more about the situation."
==================================================================
Getting the usernames will help the hackers since the passwords are probably being reused on many other sites and many of those passwords can be found on the Dark Web. So the hashing is not full protection to these users. The hacker would be an unknown device and an unapproved device trying to access the network if Wave VSC 2.0 and Wave ERAS had been used. He/she wouldn't have made it onto the network to obtain all of this data. Wave solutions could prevent a lot of these breaches from happening!!
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
==================================================================
Each of the Wave links above have a free trial at the link.
The link below is how to contact Wave for assistance!
https://www.wavesys.com/contact-information
Wave Systems Corp. Acquired by ESW Capital
https://www.prweb.com/releases/2016/08/prweb13639211.htm
Austin, TX (PRWEB) September 01, 2016
ESW Capital, LLC. announced today the acquisition of Massachusetts-based Wave Systems Corporation, a developer of enterprise security software solutions.
Wave's approach to data protection starts with the device, or endpoint. It gives organizations—especially in security-sensitive sectors such as healthcare, government, finance, and higher education—unprecedented yet straightforward control over exactly who has access to their data, with what devices, over what networks. It’s the simple, cost-effective solution to an increasingly mobile workforce, ever more sophisticated cyber threats, and a growing set of compliance issues.
Wave joins the ESW Capital group of companies through a Chapter 11 plan of reorganization. ESW will operate Wave under its Versata Enterprises affiliate as a stand-alone entity with a dedicated product and customer support team. Wave will be part of a corporate family of over 40 enterprise software companies acquired over the past seven years. Integration will begin with implementation of ESW's Customer Success program, a proven method for driving successful customer relationships and alignment of product development investments with customer priorities.
"The Wave Systems assets will be complemented by an international team that can deliver superior value to Wave customers through increased resources, world-class engineering, and exceptional support," said Greg Kazmierczak, Chief Technical Officer of Wave. “I am confident that this transition will be a positive one for Wave customers.”
Leela Kaza, a Versata veteran will take on the role of President for Wave. “The technology that Wave has built is incredibly innovative and has proven itself to be highly valuable to their customers," Kaza said. "We are excited and ready to take Wave into the future with enhanced support and a rigorous focus on customer success."
=================================================================
This was a Chapter 7 case converted to a Chapter 11 case. Chapter 11 cases can be reopened given certain circumstances. I believe that Wave was ahead of its time, and now could be its time!
Maker of US border's license-plate scanning tech ransacked by hacker, blueprints and files dumped online
https://www.theregister.co.uk/2019/05/23/perceptics_hacked_license_plate_recognition/
Perceptics confirms intrusion and theft, stays quiet on details
Exclusive The maker of vehicle license plate readers used extensively by the US government and cities to identify and track citizens and immigrants has been hacked. Its internal files were pilfered, and are presently being offered for free on the dark web to download.
Tennessee-based Perceptics prides itself as "the sole provider of stationary LPRs [license plate readers] installed at all land border crossing lanes for POV [privately owned vehicle] traffic in the United States, Canada, and for the most critical lanes in Mexico."
In fact, Perceptics recently announced, in a pact with Unisys Federal Systems, it had landed "a key contract by US Customs and Border Protection to replace existing LPR technology, and to install Perceptics next generation License Plate Readers (LPRs) at 43 US Border Patrol check point lanes in Texas, New Mexico, Arizona, and California."
On Thursday this week, however, an individual using the pseudonym "Boris Bullet-Dodger" contacted The Register, alerting us to the hack, and provided a list of files exfiltrated from Perceptics' corporate network as proof. We're assuming this is the same "Boris" involved in the CityComp hack last month. Boris declined to answer our questions.
The file names and accompanying directories – numbering almost 65,000 – fit with the focus of the surveillance technology biz. They include .xlsx files named for locations and zip codes, .jpg files with names that refer to "driver" and "scene," .docx files associated with presumed government clients like ICE, and date-and-time stamped .jpgs and .mp4 files.
And there many other types of files: .htm, .html, .txt, .doc, .asp, .tdb, .mdb, .json, .rtf, .xls, and .tif among others. Many of the image files, we're guessing, are license plate captures.
The files also include .mp3 files, presumably from someone's desktop or laptop PC. Among the songs: Superstition, by Stevie Wonder, and Wannabe by Spice Girls, and a variety of AC/DC and Cat Stevens songs.
The stolen files amount to hundreds of gigabytes and include Microsoft Exchange and Access databases, ERP databases, HR records, Microsoft SQL Server data stores, and so on. This information, which includes business plans, financial figures, and personal information, is presently available in multiple .rar files on the dark web.
The nature of the company's business – border security data acquisition, commercial vehicle inspection, electronic toll collection and roadway monitoring – means that it's likely to have a significant amount of sensitive information.
A spokesperson for Perceptics, reached by phone, confirmed that the company was aware that its network had been compromised. She said the biz is working with authorities to investigate, but declined to go into further detail.
With the CityComp hack, stolen files were released because a ransom was not paid; we have yet to determine whether a ransom was sought for the Perceptics files.
At the time of writing, the company's website redirected to Google.com. As we were about to publish this piece, however, we noticed the site was once again functioning properly. It's likely to take longer still for the business to recover from this cyber-break-in. ®
=================================================================
Many companies and contractors including Perceptics have got to be thinking, there must be better cybersecurity solutions in the marketplace for our organization. Wave Systems is the company they could find dramatically changes their cybersecurity for the better!! Why use what has shown not to work when they could use what works (Wave solutions)!! There are free trials for organizations at the three links below and contact information link below too for assistance!
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
https://www.wavesys.com/products/wave-self-encrypting-drive-management
==================================================================
https://www.wavesys.com/contact-information
New York Department of Financial Services Launches Cybersecurity Unit
https://www.securityweek.com/new-york-department-financial-services-launches-cybersecurity-unit
The New York State Department of Financial Services (DFS) this week announced that it has launched a new cybersecurity division whose role is to protect consumers and financial services organizations from cyber threats.
According to the DFS, this is the first time a banking or insurance regulator launches such a division. The new unit will be responsible for enforcing the DFS’s cybersecurity regulations, advising on cybersecurity examinations, issuing guidance for regulations, and conducting investigations. The cybersecurity division will also provide information on threats and trends.
Justin Herring, chief of the U.S. Attorney’s Office of New Jersey’s first Cyber Crimes Unit, will act as the new unit’s executive deputy superintendent.
Herring has been involved in several important cases, including the Newswire hacking operation, the scheme targeting SEC’s EDGAR system, the SamSam ransomware attacks on the Port of San Diego and the City of Atlanta, the Silk Road dark web marketplace, and the case of a Russian hacker who stole hundreds of millions of payment cards.
“I look forward to bringing my expertise to DFS to lead this new division to combat the growing problem of cybercrime, protect New Yorkers and their sensitive information from attacks, and ensure that DFS continues to be a leader in cybersecurity,” Herring stated.
In 2017, the DFS announced the nation’s first cybersecurity regulation to protect New York’s financial services industry and consumers from cyberattacks.
Earlier this year, New York announced the launch of a cybercrime brigade for coordinating digital law enforcement efforts. The NYC Cyber Critical Services and Infrastructure (CCSI) project is the result of a partnership between the NYPD, the Manhattan District Attorney’s Office, the New York City Cyber Command, and the Global Cyber Alliance.
==================================================================
If DFS wants to continue to be a leader in cybersecurity, they should be meeting with Wave Systems about that and protecting New Yorkers and their sensitive information from attacks. Wave could be helping DFS's situation in a big way for the organizations it serves with solutions such as Wave VSC 2.0 and Wave ERAS!! Some of the 1900 'reported' quarterly breaches (per Help Net Security) were probably in the financial services sector. Wave and its solutions could cause a massive improvement in those statistics.
==================================================================
Wave Announces 5-Year Master License Agreement for Virtual Smart Card 2.0 with Leading Global Financial Services Company
https://www.wavesys.com/buzz/pr/wave-announces-5-year-master-license-agreement-virtual-smart-card-20-leading-global
Wins competitive evaluation against market leader in two-factor authentication tokens
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
https://www.wavesys.com/contact-information
There is a link to a free trial in each of the above links!!
First American Financial Corp. Leaked Hundreds of Millions of Title Insurance Records
https://krebsonsecurity.com/2019/05/first-american-financial-corp-leaked-hundreds-of-millions-of-title-insurance-records/
The Web site for Fortune 500 real estate title insurance giant First American Financial Corp. [NYSE:FAF] leaked hundreds of millions of documents related to mortgage deals going back to 2003, until notified this week by KrebsOnSecurity. The digitized records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images — were available without authentication to anyone with a Web browser.
Santa Ana, Calif.-based First American is a leading provider of title insurance and settlement services to the real estate and mortgage industries. It employs some 18,000 people and brought in more than $5.7 billion in 2018.
Earlier this week, KrebsOnSecurity was contacted by a real estate developer in Washington state who said he’d had little luck getting a response from the company about what he found, which was that a portion of its Web site (firstam.com) was leaking tens if not hundreds of millions of records. He said anyone who knew the URL for a valid document at the Web site could view other documents just by modifying a single digit in the link.
And this would potentially include anyone who’s ever been sent a document link via email by First American.
KrebsOnSecurity confirmed the real estate developer’s findings, which indicate that First American’s Web site exposed approximately 885 million files, the earliest dating back more than 16 years. No authentication was required to read the documents.
Many of the exposed files are records of wire transactions with bank account numbers and other information from home or property buyers and sellers. Ben Shoval, the developer who notified KrebsOnSecurity about the data exposure, said that’s because First American is one of the most widely-used companies for real estate title insurance and for closing real estate deals — where both parties to the sale meet in a room and sign stacks of legal documents.
“Closing agencies are supposed to be the only neutral party that doesn’t represent someone else’s interest, and you’re required to have title insurance if you have any kind of mortgage,” Shoval said.
“The title insurance agency collects all kinds of documents from both the buyer and seller, including Social Security numbers, drivers licenses, account statements, and even internal corporate documents if you’re a small business. You give them all kinds of private information and you expect that to stay private.”
Shoval shared a document link he’d been given by First American from a recent transaction, which referenced a record number that was nine digits long and dated April 2019. Modifying the document number in his link by numbers in either direction yielded other peoples’ records before or after the same date and time, indicating the document numbers may have been issued sequentially.
The earliest document number available on the site – 000000075 — referenced a real estate transaction from 2003. From there, the dates on the documents get closer to real time with each forward increment in the record number.
As of the morning of May 24, firstam.com was returning documents up to the present day (885,000,000+), including many PDFs and post-dated forms for upcoming real estate closings. By 2 p.m. ET Friday, the company had disabled the site that served the records. It’s not yet clear how long the site remained in its promiscuous state.
First American wouldn’t comment on the overall number of records potentially exposed via their site, or how long those records were publicly available. But a spokesperson for the company did share the following statement:
“First American has learned of a design defect in an application that made possible unauthorized access to customer data. At First American, security, privacy and confidentiality are of the highest priority and we are committed to protecting our customers’ information. The company took immediate action to address the situation and shut down external access to the application. We are currently evaluating what effect, if any, this had on the security of customer information. We will have no further comment until our internal review is completed.”
I should emphasize that these documents were merely available from First American’s Web site; I do not have any information on whether this fact was known to fraudsters previously, nor do I have any information to suggest the documents were somehow mass-harvested (although a low-and-slow or distributed indexing of this data would not have been difficult for even a novice attacker).
Nevertheless, the information exposed by First American would be a virtual gold mine for phishers and scammers involved in so-called Business Email Compromise (BEC) scams, which often impersonate real estate agents, closing agencies, title and escrow firms in a bid to trick property buyers into wiring funds to fraudsters. According to the FBI, BEC scams are the most costly form of cybercrime today.
Armed with a single link to a First American document, BEC scammers would have an endless supply of very convincing phishing templates to use. A database like this also would give fraudsters a constant feed of new information about upcoming real estate financial transactions — including the email addresses, names and phone numbers of the closing agents and buyers.
As noted in past stories here, these types of data exposures are some of the most common yet preventable. In December 2018, the parent company of Kay Jewelers and Jared Jewelers fixed a weakness in their site that exposed the order information for all of their online customers.
In August 2018, financial industry giant Fiserv Inc. fixed a bug reported by KrebsOnSecurity that exposed personal and financial details of countless customers across hundreds of bank Web sites.
In July 2018, identity theft protection service LifeLock corrected an information disclosure flaw that exposed the email address of millions of subscribers. And in April 2018, PaneraBread.com remedied a weakness exposing millions of customer names, email and physical addresses, birthdays and partial credit card numbers.
==================================================================
This cloud application could be set up so that it is only accessed by approved and known devices. Wave ERAS and Wave VSC 2.0 could protect First American Financial Corp., companies that use this app, other related companies and their customers! That way everyone who is getting this information is authenticated and approved for this sensitive network!! There are probably a lot of companies involved in this, and Wave could be a great help to them and First American Financial Corp. with its cybersecurity!!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
Secure device & user authentication
Sometimes it feels like security is more effective at deterring your users than hackers. But you still have to protect your enterprise resources, and we’re here to help. We take pride in securing your network, data, and resources to an unprecedented level, without causing a revolt from either IT or your users. In fact, your users probably won’t even know we’re there.
Here’s how it works:
Trusted Platform Module (TPM) + Wave’s ERAS for TPM Management = hardware-secured, fully-managed authentication
Most of your devices already come with TPMs (check out our “What is a TPM?” brochure if you’re not sure why this is exciting). This security chip comes attached to the motherboard of most enterprise-class PCs. There’s nothing “add-on” about it. The TPM provides a verifiable, unique identity for each machine.
Wave’s ERAS for TPM Management gives IT remote, centralized management of all TPMs on enterprise computers and tablets.
With this control, IT can set policies and dictate which machines and users have authority to access which resources. IT can ensure that only known and approved devices are accessing your network. And what’s more, IT can prove it with detailed activity logs.
Moody's Downgrade of Equifax: A Wake-up Call to Boards
https://www.darkreading.com/attacks-breaches/moodys-downgrade-of-equifax-a-wakeup-call-to-boards/d/d-id/1334800
The event provides another spark to light a fire under CISOs to improve how they measure and communicate security risks to the board, security experts say.
Wall Street has been abuzz this week over drastic measures by credit ratings agency Moody's to downgrade its rating of Equifax, with expensive data breach fallout named as a major factor for the poor marks. While the action was not unexpected, the landmark nature of the downgrade should provide some needed emphasis to both boards of directors and CISOs of the modern business imperative for cyber resilience, security and risk experts say.
"Today's news puts a punctuation mark on the business reality of cybersecurity risks," says Kevin Bocek, vice president of security strategy and threat intelligence at Venafi, who believes this is going to push more boards to take in increasingly active role in understanding and managing cybersecurity risks. "They definitely need to do more than ask the CISO some high-level questions. Equifax is in the hot seat now, but most of the Fortune 500 CEOs and CISOs would do no better in the same situation."
CNBC broke the news last night of the note from Moody's on the downgrade that cited the $690 million in breach expenses — including costs for settling mounting class action lawsuits — and increased need for infrastructure investments to be made by the company through 2020 to address systemic cybersecurity weaknesses found in post-breach scrutiny.
Joe Mielenhausen, a Moody's spokesperson, told CNBC that "this is the first time the fallout from a breach has moved the needle enough to contribute to the change" in ratings outlook.
Equifax's record-breaking data breach, first disclosed in September 2017, was eventually found to have exposed the information of 147.9 million people. Technically the exposure was triggered through the exploitation of an unpatched Apache Struts vulnerability, but security industry experts and government officials say that more serious organizational problems and lack of executive oversight were the true culprit of what Congress called an "entirely preventable" breach.
The fallout from the breach included the ouster of Equifax's CISO and eventually its CEO, and the company is still feeling the effects of class action suits from consumers and shareholder derivative lawsuits.
"This is Moody's delivering on their intent last November to take cyber risk into account when grading companies," says Steve Durbin, managing director of the Information Security Forum. "This will certainly send a clear message to boards in a language that they understand that cyber risk is integral to business risk and that the implications of a breach or loss of data can have very real impact."
Durbin says he's been advocating for some time to both the insurance industry and credit rating agencies to take cyber risk into account as they set policy pricing and assess company value. He believes this action by Moody's will set the tone for assessment of business health in the future.
"Moving forward, this should become the norm since cyber risk is so integral to business risk that an assessment of business health without taking cyber risk and a company’s resilience into account will become meaningless," he says.
Indeed, CNBC reported that Moody's hinted as such in its Equifax note, stating that it will increasingly scrutinize cybersecurity "for all data oriented companies" in the future.
Security insiders say that this Moody's action should not only be a wake-up call to CEOs and boards, but it's also a crucial inflection point for CISOs.
According to Laurence Pitt, security strategy director at Juniper Networks, it's another "chance in conversation" for security leaders — one that they shouldn't blow by lacking the right data or insights about organization-wide cyberrisk.
"This incident changes how business will look at cybersecurity, so cybersecurity needs to change how it talks to business," he says.
==================================================================
Once boards of corporations and Moody's have some sense of the cybersecurtiy importance of a leading global financial services corporation signing a 5 year master license agreement with Wave after Wave won a competitive evaluation against a market leader in 2FA tokens, Wave VSC 2.0 should be signed up for in droves.
=================================================================
https://www.wavesys.com/
https://www.wavesys.com/sales
https://www.wavesys.com/products/wave-virtual-smart-card
GDPR, USA? Microsoft says US should match the EU's digital privacy law
https://www.zdnet.com/article/gdpr-usa-microsoft-says-us-should-match-the-eus-digital-privacy-law/?ftag=COS-05-10aaa0g&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5ce42b2fa78c460001091c55&utm_medium=trueAnthem&utm_source=twitter
Microsoft ratchets up its lobbying for federal EU-style privacy laws for the US.
As the first anniversary of the Europe Union's General Data Protection Regulation (GDPR) approaches, a senior lawyer at Microsoft has called for US Congress to adopt a parallel set of EU-style federal privacy laws.
Even Microsoft has been stung by GDPR's strict rules, albeit lightly compared to Google's €50m GDPR fine in January over "forced consent" after activist lawyer Max Schrems filed a complaint on the day the law arrived on May 25, 2018.
The big question now on the other side of the Atlantic is when and whether the US will introduce a GDPR-like law that puts a bigger burden on companies to protect the data of their users.
Microsoft's top legal officer, company president Brad Smith, recently predicted 2019 could be a turning point on this debate, thanks to the emergence of several state-based privacy acts, most notably the California Consumer Privacy Act (CCPA), which are the toughest in the nation.
Please see the rest of the article at the link above.
==================================================================
17 essential tools to protect your online identity, privacy
https://www.infoworld.com/article/3135324/17-essential-tools-to-protect-your-online-identity-and-privacy.html
Excerpts:
From secure chips to anonymity services, here’s how to stay safe and private on the web
Make no mistake: Professional and state-sponsored cybercriminals are trying to compromise your identity -- either at home, to steal your money; or at work, to steal your employer’s money, sensitive data, or intellectual property.
Most users know the basics of computer privacy and safety when using the internet, including running HTTPS and two-factor authentication whenever possible, and checking haveibeenpwned.com to verify whether their email addresses or user names and passwords have been compromised by a known attack.
But these days, computer users should go well beyond tightening their social media account settings. The security elite run a variety of programs, tools, and specialized hardware to ensure their privacy and security is as strong as it can be. Here, we take a look at this set of tools, beginning with those that provide the broadest security coverage down to each specific application for a particular purpose. Use any, or all, of these tools to protect your privacy and have the best computer security possible.
Everything starts with a secure device
Good computer security starts with a verified secure device, including safe hardware and a verified and intended boot experience. If either can be manipulated, there is no way higher-level applications can be trusted, no matter how bulletproof their code.
Enter the Trusted Computing Group. Supported by the likes of IBM, Intel, Microsoft, and others, TCG has been instrumental in the creation of open, standard-based secure computing devices and boot pathways, the most popular of which are the Trusted Platform Module (TPM) chip and self-encrypting hard drives. Your secure computing experience begins with TPM.
TPM. The TPM chip provides secure cryptographic functions and storage. It stores trusted measurements and private keys of higher-level processes, enabling encryption keys to be stored in the most secure manner possible for general-purpose computers. With TPM, computers can verify their own boot processes, from the firmware level up. Almost all PC manufacturers offer models with TPM chips. If your privacy is paramount, you’ll want to ensure the device you use has an enabled TPM chip.
==================================================================
Enabled TPMs, SEDs and Wave Solutions - a better recipe for security, privacy and good health!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/wave-self-encrypting-drive-management
Read about and try the above solutions for free and see why Wave Solutions should be at the top of every organizations' cybersecurity solutions list!!
The growing legal and regulatory implications of collecting biometric data
https://www.zdnet.com/article/the-growing-legal-and-regulatory-implications-of-collecting-biometric-data/
Although biometric technologies make the authentication experience easier, the actual collection and storage of the data is presenting new security risks.
In the last few years, biometric technologies from fingerprint to facial recognition are increasingly being leveraged by consumers for a wide range of use cases, ranging from payments to checking luggage at an airport or boarding a plane. While these technologies often simplify the user authentication experience, they also introduce new privacy challenges around the collection and storage of biometric data.
In the US, state regulators have reacted to these growing concerns around biometric data by enacting or proposing legislation. Illinois was the first state to enact such a law in 2008, the Biometric Information Privacy Act (BIPA). BIPA regulates how private organizations can collect, use, and store biometric data. BIPA also enabled individuals to sue individual organizations for damages based on misuse of biometric data.
Though it is a decade old, BIPA has gained renewed recent prominence owing to a January 2019 Illinois Supreme Court ruling,?Rosenbach v. Six Flags. In this case, parents of a minor sued the Six Flags Great America amusement park in Gurnell, Illinois, arguing that biometric data was collected without consent and violated BIPA. As a side note, amusement parks increasingly require individuals to scan their ticket, followed by a biometric scan at a turnstile. This process is primarily an anti-fraud measure -- if you manage to lose your ticket/pass, you provide your biometric data at a customer service counter to obtain a new one. This process reduces fraudsters from trying to get a free pass by claiming it is lost.
The Illinois Supreme Court reversed the lower court rulings and ruled that Six Flags had violated BIPA. Importantly, the Illinois Supreme Court ruled that plaintiffs did not have to demonstrate damages or harm (such as identity theft) from the collection of biometric data. The improper collection of biometric data was enough to enable individual consumers to sue organizations under BIPA.
This decision is a win for consumer and privacy rights and will lead to more legal challenges to BIPA, many of which are already working through the court system. One case to monitor is?Patel v. Facebook, which is currently under review in the Ninth Circuit Court of Appeals in San Francisco and involves challenges against Facebook's tagging of facial images uploaded to Facebook.
Massachusetts, New York, and Michigan all have privacy bills in development that have similar requirements to BIPA, and more states are likely to consider drafting laws governing the collection, usage, and storage of biometric data.
These developments do not mean the death knell of biometrics. They merely indicate that organizations that are considering collecting biometric data must adhere to privacy-by-design approaches and provide proper disclosure, consent, and opt-out requirements, as well as pay attention to this increasingly complex legislative environment to ensure that biometric data collection and retention is being done in accordance with these emerging laws.
This post was written by Merritt Maxim, Principal Analyst and originally appeared here. For more from Forrester on privacy and security, click here.
==================================================================
With the present security environment, how difficult will it be for a hacker to obtain biometric data from companies holding that information, laws or no laws? How strong will biometric authentication end up being given the information in this article? Important questions to consider when choosing a 2FA for cybersecurity protection!! Wave VSC 2.0 is a secure 2FA solution that is simple to use and administer! Try it free and use it to see why its better security at less than half the cost!!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
Get better security at less than half the cost
Passwords are weak. Tokens are expensive. Don’t compromise on security or price.
Wave Virtual Smart Card does anything your physical smart cards and tokens do, but it starts with hardware you already have: the Trusted Platform Module (TPM), a hardware security chip built into the motherboard of most business-class PCs. You may not even know you have it, but once you do, the TPM can be used in a myriad of ways. Wave turns it into a smart card, embedded directly into your laptop.
What can it be used for?
What do you use your smart card for today? With the exception of keying open the door at work, Wave Virtual Smart Card can perform any of the services or applications you rely on your smart card for today. Secure VPN, WiFi, remote desktop, cloud applications – it can all be done with a virtual smart card.
One helpdesk call you'll never get: "I lost my virtual smart card again..."
There are so many ways to lose a token – couch cushions, street drains, curious toddlers. In fact, up to 30% of all tokens are eventually lost. It’s much harder to lose a laptop, and you notice a lot faster when you do.
The user experience with a virtual smart card is simple: he or she logs in with a PIN (authentication factor number one). The TPM (authentication factor number two) then transparently identifies the device to the network and connects the user to all the approved services. It’s one less thing for users to carry around.
What will you do with >50% TCO savings?*
Tokens and smart cards require an additional hardware purchase, plus the time and money to ship to remote users. Use something that’s already in the users’ hands (the TPM), and your acquisition and deployment costs are lower.
Then consider the management savings in not having to replace lost and stolen tokens. That means fewer helpdesk calls, less interruption of user productivity, and fewer acquisition and shipping costs.
When we say “secure”…
…we mean it. Our solution starts with a proven hardware root-of-trust. Multi-factor authentication is an established best-practice for strong authentication: the TPM-based virtual smart card is one factor (something you have) and the user PIN is a second factor (something you know).
*Actual number may vary. Contact us today to receive more details and a free quote.
Windows 10 Migration: Getting It Right
https://www.darkreading.com/endpoint/windows-10-migration-getting-it-right/a/d-id/1334611
The transition to Windows 10 doesn't need to be a sprint. Organizations can still take advantage of the security in Windows 7 while gaining added management flexibility from the newer OS.
Organizations worldwide are still coming to grips with the migration from Windows 7 to Windows 10. Although many are already capitalizing on the transition as a chance to strengthen their overall IT and better protect endpoints for individual users, others are stalling.
Earlier this year, Microsoft announced that 184 million commercial PCs are still running Windows 7 across the world — and that's excluding the People's Republic of China. But as the deadline for Windows 7 extended support draws to a close in 2020, it's important for IT professionals to prepare and become better informed on the implications of the migration for their business today.
With this in mind, we've identified some of the key things that organizations should consider when transitioning to Windows 10.
Recognize Modern Security Challenges
Windows 10 is considered the most robust Windows operating system so far; therefore, it's little surprise that countless organizations trust in Microsoft's cloud-based modern management approach to facilitate heightened security and agile IT capabilities.
But mobile device management solutions mean that employees must have administrator rights to do their jobs on a daily basis — a potential security risk. So, while Microsoft is enabling organizations to deploy Windows 10 support and adopt modern management more easily, it's important that businesses understand that the operating system alone is unable to protect businesses from evolving threats.
To protect their organizations, CSOs, CISOs, and other IT security professionals need to think more strategically when migrating to Windows 10.
For example, in a survey of 500 global IT and cybersecurity professionals last year, vulnerable endpoints were the top security concern of migrating from Windows 7 to Windows 10 for 40% of respondents. Meanwhile, all regions except the United Arab Emirates claimed that the biggest challenge for securing remote workers and employees that use their own devices on Windows 10 was ensuring that endpoints are secure.
These concerns are not misplaced, with many breaches arising due to employees working remotely and enjoying access to data from their own devices. To help mitigate this threat, CISOs should remove admin rights wherever possible and implement a thorough training program to ensure that employees understand why this is happening, along with the correct steps that must be taken to continually mitigate the threat of exposed endpoints.
Privilege or No Privilege?
There have been two main types of account — administrator and standard user — in every version of Windows to date, and Windows 10 is no exception. But with the knowledge that removing admin rights could mitigate 80% of all critical Microsoft vulnerabilities reported in 2017, the specific security threat that overprivileged admin users pose to their businesses is clear.
Fortunately, the removal of admin privileges from employees is relatively simple on Windows 10. However, although this process does result in improved security, it can present some usability challenges. Because many day-to-day tasks and applications require admin rights, their loss can hamper a workforce's efficiency in carrying out their responsibilities.
This is a conundrum for businesses, which must aim for maximum security but also avoid locking too many users out of the systems they need. IT and security leaders must weigh this balancing act on a case-by-case basis and, if they do remove admin rights, ask which of their existing practices should be tweaked to avoid the challenges associated with them.
Getting the User Experience Right
Although Microsoft rolls out updates to its operating system twice yearly, its modern management still doesn't allow for a distributed set of employees to install key applications in a secure, user-friendly way. For example, when admin rights are taken away, IT staff can have difficulties in accessing the network and helping users to install software — ultimately detracting from the overall user experience.
But IT leaders should note that the transition to Windows 10 doesn't need to be a sprint. For example, by evaluating which devices require an upgrade, they can use previous operating systems for some areas of the business while simultaneously implementing Windows 10 for others. This will enable organizations to benefit from the security in Windows 7, for example, while also benefiting from the flexibility of newer systems.
Conclusion
The migration to Windows 10 is an opportunity for organizations worldwide to upgrade their Windows management. But it's vital that the flexibility that the new operating system offers is balanced with measures to maintain an organization's security against evolving threats. By thinking carefully about the points outlined in this post, IT leaders can plan a smooth transition to Windows 10.
=================================================================
Rather than having to take away admin rights to certain users to improve security, using Wave VSC 2.0 could protect both the admin endpoint and standard endpoint. This would improve security and take the hassle out of figuring who should have an admin account. Better security at less than half the cost!!! You need multi-factor authentication. Fast. You need Wave Virtual Smart Card!!!
==================================================================
Wave Endpoint Monitor could also play a role in securing Windows 7 endpoints. With the potential for nation states to launch cyberattacks given the present political instability, Wave solutions should be called on sooner rather than later!!
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/wave-endpoint-monitor
Companies' Stock Value Dropped 7.5% after Data Breaches
https://www.infosecurity-magazine.com/news/companies-stock-value-dropped-1/?utm_source=twitterfeed&utm_medium=twitter
After analyzing the top three breaches from the past three years, Bitglass found that in the aftermath of a data breach, a decrease in stock price was a notable repercussion identifiable for publicly traded companies.
The report, Kings of the Monster Breaches, identified the extensive damage done by improper security by looking specifically at the Marriott breach of 2018, the Equifax breach of 2017 and the Yahoo! breach of 2016. These top three breaches had a widespread impact on individuals, with a reported mean number of 257 million individuals directly affected by each breach.
Research also showed that these breaches have cost an average of $347 million in legal fees, penalties and remediation costs. “Marriott uncovered the breach while seeking GDPR compliance; the company is now being fined $912 million under the regulation,” the report said.
The top breaches resulted from outside attackers employing phishing campaigns, using malware or exploiting technical vulnerabilities, which was the case for Equifax. “Through this vulnerability, hackers were able to access sensitive data such as Social Security numbers, credit card numbers, full names, dates of birth, and home addresses. It took roughly two months for the breach to be discovered. The company’s CSO, Susan Mauldin, and CIO, David Webb, retired immediately after the security lapse had been announced,” according to the report.
Publicly traded companies suffered an average drop of 7.5% in their stock values and a mean market cap loss of $5.4 billion per company, and it reportedly took 46 days, on average, for those stock prices to return to their pre-breach levels. To date, the stock price of Equifax has not yet recovered.
"The largest breaches over the past three years have caused massive and irreparable damage to large enterprises and their stakeholders around the globe," said Rich Campagna, chief marketing officer of Bitglass.
"This should serve as a stark warning to organizations everywhere. If massive companies with seemingly endless resources are falling victim to external attacks, then companies of all sizes must remain vigilant in their cybersecurity efforts. It is only by taking a proactive approach to security that breaches can be prevented and data can truly be kept safe.”
==================================================================
Wow, look at the GDPR fine given the Marriott! Wave VSC 2.0 could have helped stop that breach!! Please see post 245641 for more details. An activated TPM, Wave ERAS and Wave VSC 2.0 could play an important role in securing many organizations, and keep their stock from falling 7.5%!! Better security at less than half the cost!!! For all of Wave's solutions and interesting press releases, please see the first link below.
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/embassy%C2%AE-remote-administration-server-tpm-management
How to ensure Windows Server is GDPR-compliant
https://securityboulevard.com/2019/05/how-to-ensure-windows-server-is-gdpr-compliant/
The General Data Protection Regulation (GDPR), an EU law regulating the processing of personal data, came into force on May 25th, 2018. Organizations who breach the GDPR may be subject to fines of up to 20 million euros or 4% of their annual global revenue turnover. Taking into account the importance of the GDPR and the severe sanctions, Microsoft has put forth new efforts to ensure compliance with the new law.
According to Brad Smith, Microsoft’s president, Microsoft used the services of more than 1,600 of its engineers to meet the requirements of the GDPR. The result of this hard work is a comprehensive portfolio of tools helping individuals and organizations to adhere to the GDPR.
In this article, we will focus only on tools for Windows Server. These tools can be grouped into two broad categories: tools aiming to facilitate the compliance with the GDPR’s requirement to implement adequate information security measures, and tools facilitating the compliance with the GDPR’s requirement to notify personal data breaches to the data protection authorities.
Implementing adequate information security measures
Below, we’ll briefly examine eleven tools that can be regarded as adequate information security measures within the meaning of the GDPR: Control Flow Guard, distributed network firewall relying on software-defined networking, enhanced security auditing, Host Guardian service, Just-in-Time Admin (JIT) and Just Enough Admin (JEA), Shielded Virtual Machines, Virtual Machine Trusted Platform Module, Windows Defender Antivirus, Windows Defender Credential Guard, Windows Defender Device Guard and Windows Defender Remote Credential Guard.
Control Flow Guard
Control Flow Guard prevents jump-oriented programming (JOP) attacks by limiting the execution of certain application code. JOP attacks modify jumps and other control-flow-modifying instructions, thus allowing the program to jump to a location defined by the attacker.
Distributed network firewall relying on software-defined networking
The software-defined networking (SDN) in (Read more...)
*** This is a Security Bloggers Network syndicated blog from Infosec Resources authored by Daniel Dimov. Read the original post at: http://feedproxy.google.com/~r/infosecResources/~3/ZTSsuwUWL3w/
==================================================================
If Virtual Machine TPMs are required for GDPR compliance for servers then it would seem that activated TPMs would be required for computers. Why take advantage of the TPM for servers when it is also just as important for computers?! It would seem that Microsoft and the TCG would be pushing for activated TPMs in computers for compliance within GDPR since software only security hasn't been very successful against cyber attacks.
==================================================================
https://www.wavesys.com/
https://www.wavesys.com/wave-alternative
Only 14% of organizations have completed migration to Windows 10
https://www.helpnetsecurity.com/2019/05/10/organizations-windows-10-migration/
Almost a quarter of organizations will not be ready for Microsoft to terminate public delivery of Windows 7 security updates on January 14, 2020, the official end of support date.
They will be increasingly vulnerable to cyberattack until they move to a secure, supported OS, according to the Adaptiva 2019 Windows 10 Enterprise Impact Survey.
“Our survey shows that although companies have made progress in their migration process over the past year, less than 15% have completed the move to Windows 10,” said Jim Souders, CEO of Adaptiva.
“Security ramifications for not meeting the deadline are significant, and Microsoft shows no signs of extending support for Windows 7 past January. The clock is ticking and IT departments are exploring all of their options, particularly how automated solutions can help them meet their goal.”
Over 450 people completed the survey. More than a third of the respondents come from enterprises with more than 10,000 endpoints, and another 21% come from organizations with over 30,000 endpoints. This year’s survey yielded a number of key insights into Windows 10 migration.
The state of migration
•Surprisingly, only 14% of organizations have completed the migration process to Windows 10.
•Twenty-two percent of respondents expect their companies to have systems still running Windows 7 after January 14, 2020.
•Large organizations will have the option of purchasing Extended Security Updates (ESUs) for Windows 7, which Microsoft offers as a last resort option that includes Critical and/or Important updates for up to three years.
How much longer?
•Forty-five percent of respondents indicated that their company will complete Windows 10 migration in six months or less, while another 29% expect it to take six months to a year.
•Just over a quarter (27%) plan to take more than a year to move all their systems to the new OS.
Hurdles to migration completion
•More respondents than ever indicated that their staff is stretched thin, an increase of approximately 6% from last year (28% in 2019 vs. 22% in 2018).
•The time-consuming nature of the migration process along with cost are also significant barriers to new OS adoption.
Migration motivators
•Windows 10 offers a number of enhanced security features that help IT teams, which figured prominently in migration decisions (72%).
•Organizations are primarily moving to Windows 10, however, because it is the only Windows OS that will be supported by Microsoft in the future (89%).
•As companies try to shore up systems and reduce vulnerabilities, they realize that unsupported systems pose far greater security risks.
•Interest in features like the touch interface and Cortana are waning slightly.
=================================================================
The intermediate transition from Windows 7 to Windows 10 could be helped by using Wave VSC 2.0 and Wave ERAS to protect Windows 7 and the other Windows versions before these organizations can make the transition from 7 to 10. With Russia's law of internet isolation taking effect in November of this year many organizations with Windows 7 will need further protection if a potential foreign cyberattack happens. 'You need multi-factor authentication. Fast. You need Wave Virtual Smart Card!! Organizations knowing that they can use Wave SED management on Windows 10 for defending against ransomware may speed up the transition to Windows 10!
==================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/products/wave-self-encrypting-drive-management
https://www.wavesys.com/
SHA-1 collision attacks are now actually practical and a looming danger
https://www.zdnet.com/article/sha-1-collision-attacks-are-now-actually-practical-and-a-looming-danger/?ftag=COS-05-10aaa0g&utm_campaign=trueAnthem%3A+Trending+Content&utm_content=5cdaa6d7df42390001125bfb&utm_medium=trueAnthem&utm_source=twitter
Research duo showcases first-ever SHA-1 chosen-prefix collision attack
==================================================================
Software only is still not more secure than hardware (TPMs) and (proven) software combined! Wave has this combination, and it could prevent a lot of cyber problems for organizations!
https://www.wavesys.com/
Are we winning the cyber security war?
https://www.wavesys.com/buzz/news/are-we-winning-cyber-security-war
Steven Sprague, CEO of Wave Systems says the situation is bad and getting worse as attacks get more frequent and more sophisticated. Moderated by John Dix, Network World Editor-in-Chief.
Author:
Network World Tech Debate
networkworld.com/community/techdebate -
Monday, January 23, 2012 -
In the cat and mouse game that is enterprise security, it is hard to determine who has the upper hand, so we put the question to two experts. Give their arguments a read, vote on the position you most agree with and add your thoughts in the forum below.
Moderator
John Dix, Network World Editor in Chief, sets up the debates and recruits the experts. Contact him with thoughts and ideas, jdix@nww.com.
The experts
Chirantan "CJ" Desai, Senior Vice President of the Endpoint & Mobility Group at Symantec says we are winning when you consider the headlines are driven by a tiny fraction of successful attacks while the vast majority of attempts are nipped in the bud.
Steven Sprague, CEO of Wave Systems says the situation is bad and getting worse as attacks get more frequent and more sophisticated.
Are we winning the cyber security war?
https://www.networkworld.com/article/2221522/are-we-winning-the-cyber-security-war-.html
==================================================================
This head to head (mentioned in the previous post) was more than just about antivirus vs. Wave Endpoint Monitor. It would be interesting to see what the vote breakdown would be for those for the Symantec executive and those for Steven Sprague if the vote was taken now. If organizational leaders listened more closely to what Mr. Sprague said in this article in 2012, the 1900 quarterly 'reported' breaches would most likely be a lot less!! Unfortunately, many companies could have thought with Wave's financials that buying from them might have been risky. Now Wave has the backing of ESW so that should be taken out of the buying Wave solutions equation.
=================================================================
Antivirus Makers Confirm—and Deny—Getting Breached by Hackers Looking to Sell Stolen Data
https://gizmodo.com/antivirus-makers-confirm-and-deny-getting-breached-afte-1834725136
Symantec and Trend Micro are two of the three top U.S. antivirus companies that a group of Russian-speaking hackers claim to have compromised, Gizmodo has confirmed.
Last week, Advanced Intelligence (AdvIntel), a New York-based threat-research firm, reported that a hacking group was attempting to sell internal documents and source code allegedly stolen from three major antivirus companies. Citing an ongoing law enforcement investigation and its own disclosure policies, AdvIntel did not reveal the names of the alleged victims.
The hackers, known as “Fxmsp,” are said to be offering to sell the stolen data—around 30 terabytes’ worth—for over $300,000. Gizmodo has not itself reviewed or verified any of allegedly stolen documents.
Symantec, the company that makes Norton Antivirus software, denied on Monday having been contacted by AdvIntel. “We have no indication that Symantec has been impacted and do not believe there is reason for our customers to be concerned,” it said.
That statement, however, was quickly refuted by AdvIntel, which said it first reached out to Symantec via a trusted partner on May 8. It then had two remediation calls with the company by the end of last week, it said. (Gizmodo reached out to Symantec about the discrepancy and will update if we hear back.)
Screenshots offered up as proof by Fxmsp appear to show stolen development documentation, an artificial intelligence model, and antivirus software base code, according to AdvIntel. Its researchers assessed the threat as highly credible, stating that Fxmsp—which is said to run in both Russian- and English-speaking circles—has already earned close to $1 million off verified corporate breaches.
Yelisey Boguslavskiy, AdvIntel’s director of research, confirmed last week that his company had been in contact with the potential victims. Following Symantec’s denial, Boguslavskiy said AdvIntel “reached out to Symantec via trusted partners on May 8, directly, and had two remediation calls on May 9 and May 10.”
Security software firm Trend Micro, meanwhile, told Gizmodo that data linked to one of its testing labs had been accessed without authorization. It labeled the incident as “low risk,” however, and said that neither customer data nor any source code had been accessed or exfiltrated.
Boguslavskiy also took issue with Trend Micro’s statement, saying it was “incorrect based on the portion of the data we have and the actor’s statement.”
Trend Micro said its investigation into the matter was still underway and that it was working “closely with law enforcement,” but that it wanted to “transparently share what we have learned.”
A spokesperson for McAfee, the maker of McAfee VirusScan, would not immediately confirm whether the company had been contacted about a potential breach. It is looking into the matter, they said, adding: “We’ve taken necessary steps to monitor for and investigate it.”
Update, 5/13: Updated with a statement from AdvIntel about its contact with Symantec and Trend Micro.
==================================================================
With these three companies apparently being breached, Wave Endpoint Monitor and Wave's Solutions should attract more buying since Wave's cybersecurity solutions successfully protect Wave and its customers. I recall years ago SKS going head to head with an executive from Symantec over what was a more beneficial product, antivirus, a blacklisting approach from Symantec or a whitelisting approach like Wave Endpoint Monitor from Wave. With 1900 breaches a quarter (via Help Net Security), it seems like Wave Endpoint Monitor and Wave Solutions have for years been overlooked to the detriment of a lot of companies and governments. Many organizations are using what is not working rather than seeing the opportunity that Wave offers with better cybersecurity solutions!!
=================================================================
https://www.wavesys.com/
https://www.wavesys.com/wave-alternative
The IT perimeter is gone
With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.
It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.
You have to start with the device
Wave has an alternative: security that’s built into each and every device.
We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.
We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.
Security that’s confirmed, not assumed
With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.
A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.
Do we need to say that with Wave, compliance is no problem?
Start closing your security gaps today, with what you’ve got
You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.
It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.
Questions? Read on, or contact our sales department.
A Massive Accounting Hack Kept Clients Offline and in the Dark
https://www.bloomberg.com/news/articles/2019-05-11/a-massive-accounting-hack-kept-clients-offline-and-in-the-dark
Dutch company Wolters Kluwer NV makes the software on which many of the world’s small and mid-sized accounting firms run. Earlier this week, a cyberattack took down that software and presented a case study in how not to communicate with customers over a hack.
The company told its followers on Facebook and Twitter on May 6 that, out of caution, it’d taken some of its cloud-based software applications offline. But the opaque 48-word statement didn’t explain why, and left customers frustrated and worried.
"Going dark as much as you have has done nothing to stop us from fearing the worst," one person replied on Twitter. "Has there been a security breach?" asked another.
Martin Wuite, chief information officer at Wolters Kluwer, was trying to find out, too. He’d become aware of anomalies in his company’s servers around 8 a.m. ET Monday after an automated monitoring system had flagged something was wrong.
"Customers were alerted immediately as soon as we discovered the issue," he said. "When we detected the malware, we proactively took a broad range of platforms offline to protect our customers’ data."
Wolters Kluwer, based in small town in the Netherlands and with a market value of around $19 billion, is a little known accounting software giant, providing services to health, tax and compliance industries. According to the company, 93% of Fortune 500 companies are its customers.
Please see above link for the rest of the article.
==================================================================
Given the success that Wave had with PwC's strong authentication, this accounting software firm could substantially benefit from Wave's solutions especially Wave ERAS and Wave VSC 2.0!!. Being set up on Wave VSC 2.0 and Wave ERAS is probably much faster now with Wave than when PwC was converted to the TPM!
==================================================================
https://www.cio.com/article/2415123/pwc-lauds-trusted-platform-module-for-strong-authentication.html
PwC lauds Trusted Platform Module for strong authentication
migrating 150,000 users to TPM-based storage of private keys
networkworld.com -
Wednesday, September 15, 2010 -
Auditing and business-services firm PricewaterhouseCoopers (PwC) today said it's built its next-generation authentication system by swapping out employees' older software-based private-key certificates for hardware-based storage of new certificates using the Trusted Platform Module (TPM).
What is TPM?
TPM is a small chip embedded in laptops, says Boudewijn Kiljan, solution architect for global information technology, infrastructure portfolio, at PwC, which is migrating 150,000 users to TPM-based storage of private keys. The vast majority of computers on the market ship with TPM inside, and by adding TPM-based software from Wave Systems, it was fairly easy for PwC, which already had a public-key infrastructure (PKI) in place, to switch to hardware-based storage of private keys, the foundation for employee desktop authentication.
In contrast, "private keys protected by TPM are not exportable," Kiljan said. The Microsoft-based software-only method that PwC had been using to store private keys does appear to be far more vulnerable to an attacker intent on stealing private keys, he noted.
TPM, developed as a specification by the Trusted Computing Group (TCG), is an open standard so there's less worry about vendor lock-in than if a more proprietary method were selected, Kiljan pointed out. One thing to note about TPM is that it's a restricted technology in the countries of China, Russia, Kazakhstan and Belarus, he noted.
But while making the conversion to TPM has been fairly easy by adding TPM-supporting software from Wave Systems, there were a number of processes that the IT department at PwC had to follow to make it all work.
These included issuing new certificates for TPM, installing TPM drivers, and a process called enabling and clearing the TPM in the BIOS.
Technically, the TPM specification doesn't yet have a specification that details a way to do this other than manually. But several vendors, including Wave Systems, now have toolkits to do this remotely and build management around it. That's what PwC used to activate TPM via administrator-controlled passwords.
PwC has already migrated about 35,000 employees to TPM, and expects to have all 150,000 over to TPM over the course of about a year or so. TPM works transparent to the user. Kiljan says estimates are that TPM is less than half the cost of going with a smartcard-based PKI device and a third of going with a USB PCI device.
Hackers breached 3 US antivirus companies, researchers reveal
https://arstechnica.com/information-technology/2019/05/hackers-breached-3-us-antivirus-companies-researchers-reveal/
Source code, network access being sold online by "Fxmsp" collective.
In a report published Thursday, researchers at the threat-research company Advanced Intelligence (AdvIntel) revealed that a collective of Russian and English-speaking hackers are actively marketing the spoils of data breaches at three US-based antivirus software vendors. The collective, calling itself “Fxmsp,” is selling both source code and network access to the companies for $300,000 and is providing samples that show strong evidence of the validity of its claims.
Yelisey Boguslavskiy, director of research at AdvIntel, told Ars that his company notified “the potential victim entities” of the breach through partner organizations; it also provided the details to US law enforcement. In March, Fxmsp offered the data “through a private conversation,” Boguslavskiy said. “However, they claimed that their proxy sellers will announce the sale on forums.”
Fxmsp has a well-known reputation in the security community for selling access to breaches, focusing on large, global companies and government organizations. The group was singled out in a 2018 FireEye report on Internet crime for selling access to corporate networks worldwide, including a global breach of a luxury hotel group—potentially tied to the Marriott/Starwood breach revealed last November. AdvIntel’s researchers say the group has sold “verifiable corporate breaches,” pulling in profits approaching $1 million. Over the past two years, Fxmsp has worked to create a network of proxy resellers to promote and sell access to the group’s collection of breaches through criminal marketplaces.
In March, the group “stated they could provide exclusive information stolen from three top antivirus companies located in the United States,” AdvIntel’s researchers reported in a blog post going live today. “They confirmed that they have exclusive source code related to the companies' software development.” And the group offered privately to sell the source code and network access to all three companies for “over $300,000,” the researchers said.
According to the AdvIntel report, Fxmsp had managed to steal source code that included code for antivirus agents, analytic code based on machine learning, and “security plug-ins” for Web browsers. “Fxmsp also commented on the capabilities of the different companies’ software and assessed their efficiency,” the researchers wrote.
In the past, Fxmsp’s breaches have typically focused on exploiting Internet-connected remote desktop protocol (RDP) and Active Directory servers. But more recently, the group has claimed to have developed a credential-stealing botnet—malware that collects usernames and passwords—to target high-value networks that are better secured. “Fxmsp has claimed that developing this botnet and improving its capabilities for stealing information from secured systems is their main goal,” AdvIntel’s researchers noted.
Update:
Boguslavskiy provided some additional details about the breach research in response to follow-up questions (and some of the feedback on this story). He said that AdvIntel first notified the FBI "through both Cyber Watch and the New York Cyber Task Force".
told Ars that in October of 2018, Fxmsp "had a conflict with their proxy seller, and this relationship was compromised." Since the proxy monitored Fmsp's accounts on the various forums that the group typically sold its data through, this caused Fxmsp to move all its communications to Jabber instant messaging.
On May 5, Boguslavskiy said, "Fxmsp stated that one of the two teams orchestrating the attack against the AV companies compromised one access [point] while navigating through a victim's client directory." The hackers are currently trying to regain access. THis may have disrupted their original plans to sell the data.
"According to them, they planned to offer accesses for some of the companies in mid-May," Boguslavskiy said, "most likely, by using forums (however, this is not confirmed: they used the term 'make a public sale')." But because of the compromise of one access point, he noted, the group now plans to continue to make private offers of the data, with the possibility that offers for the other companies may appear in forums later this month.
=================================================================
Wave Endpoint Monitor and Wave Systems unlike the antivirus companies in this article and others is protected by the premier cyber solutions company in Wave Systems!! The usernames and passwords collected by the hackers wouldn't allow them on Wave's network against Wave VSC 2.0 which uses a PIN and TPM for 2FA. It would make sense for potential advanced malware customers to prefer the capabilities of Wave Endpoint Monitor and the breach protection of Wave VSC 2.0 for WEM and Wave as well as for their organization. This article should help make Wave Endpoint Monitor and Wave VSC 2.0 even more sought after!!
=================================================================
https://www.wavesys.com/products/wave-virtual-smart-card
https://www.wavesys.com/malware-protection
https://www.wavesys.com/products/wave-endpoint-monitor
https://www.wavesys.com/