Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.
Enel Group hit by ransomware again, Netwalker demands $14 million
https://www.bleepingcomputer.com/news/security/enel-group-hit-by-ransomware-again-netwalker-demands-14-million/
=================================================================
Investing in Wave solutions is a small price to pay to prevent these ransomware attackers from having a field day with your data!! So many companies/organizations have tried other products for ransomware and failed. Why not try solutions that work, Wave solutions!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Attackers finding new ways to exploit and bypass Office 365 defenses
https://www.helpnetsecurity.com/2020/10/26/exploit-and-bypass-office-365-defenses/
=================================================================
Wave solutions protect against phishing, malware and other network security threats by storing authentication credentials in hardware. Wave solutions can protect against phishing in this article!!! Simple to use and better security!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
78% of Microsoft 365 admins don’t activate MFA
https://www.helpnetsecurity.com/2020/10/27/activate-microsoft-365-mfa/
=================================================================
Wave VSC 2.0 (MFA) is simple to use and could protect Microsoft 365 more easily and securely for users and organizations. Because the MFA for Microsoft 365 is difficult may be why the admins don't activate MFA!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Swedish Authorities, Banks Hit by Security Data Leak: Report
https://www.securityweek.com/swedish-authorities-banks-hit-security-data-leak-report
Details of bank vault floor plans, alarm systems and the security arrangements for Swedish authorities have been leaked online after a security company was hacked, local media reported Tuesday.
A total of 19 gigabytes of information and around 38,000 files were stolen from security group Gunnebo by one or more hackers in August, according to newspaper Dagens Nyheter.
"It's of course unfortunate that we've had a theft of data," Gunnebo CEO Stefan Syren was quoted as telling the paper.
"We are now reviewing the material and in the cases where there is sensitive information we are contacting the client," he said.
Among the leaked documents are details of the security arrangements for the Swedish parliament and confidential plans of the Swedish Tax Agency's new office on the outskirts of Stockholm, the paper said.
Plans for bank vaults in at least two German banks were leaked, while other documents show the alarm systems and surveillance cameras at a branch of the SEB bank in Sweden, it reported.
Headquartered in Sweden, Gunnebo is a multinational company with nuclear power plants, hospitals and airports among its international customers.
The hack was reported to the Swedish Security Service in August.
"We can only speculate on what the target of the attack was, but as we cannot rule out that it was an attempt at industrial espionage, it has been important to follow the regulations and we have therefore decided to inform Sapo," Syren said in a statement at the time.
The company also said it had concluded that the attack was "well organized," but no details of what data had been compromised was disclosed.
AFP has contacted Gunnebo for a comment.
Dagens Nyheter said hacking attacks based on extortion have hit many companies in recent times, in which criminals steal sensitive information and then demand a ransom not to leak the data online.
Neighboring Finland is currently dealing with an unprecedented hack after the private records of thousands of psychotherapy patients were stolen from the private healthcare company Vastaamo.
The records were first used to try to blackmail the company but then emails demanding ransoms were sent directly to patients at the weekend.
=================================================================
Gunnebo and other companies with sensitive data could have helped prevent disasters such as this by using the Wave Alternative!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Neural Networks Help Users Pick More-Secure Passwords
https://www.darkreading.com/endpoint/authentication/neural-networks-help-users-pick-more-secure-passwords/d/d-id/1339283
Typically, blocklists are used to prevent users from picking easily guessable patterns, but a small neural network can do the same job and suggests that complex password requirements are not necessary
==================================================================
Does a user need Neural Networks when he/she and his/her organization should use Wave VSC 2.0?!!! Does the above work with phishers?? Use better security, use Wave VSC 2.0!! Simpler and more secure!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Massive Nitro data breach impacts Microsoft, Google, Apple, more
https://www.bleepingcomputer.com/news/security/massive-nitro-data-breach-impacts-microsoft-google-apple-more/
Please read this interesting article.
==================================================================
It's a shame that data breaches like Nitro's occur when there are cybersecurity solutions like Wave solutions. Wave solutions allows IT to entrust that only known and approved devices are accessing your network. Therefore, unknown and unapproved devices don't get access to the network, and therefore don't get access to 1TB of sensitive data as in this case.
Wave solutions is a small price to pay for what could turn out to be an expensive disaster (70 million user records) if Wave is not used.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Cybersecurity is failing due to ineffective technology
https://www.helpnetsecurity.com/2020/10/23/cybersecurity-is-failing-due-to-ineffective-technology/
Excerpts:
A failing cybersecurity market is contributing to ineffective performance of cybersecurity technology, a Debate Security research reveals.
Based on over 100 comprehensive interviews with business and cybersecurity leaders from large enterprises, together with vendors, assessment organizations, government agencies, industry associations and regulators, the research shines a light on why technology vendors are not incentivized to deliver products that are more effective at reducing cyber risk.
The report supports the view that efficacy problems in the cybersecurity market are primarily due to economic issues, not technological ones. The research addresses three key themes and ultimately arrives at a consensus for how to approach a new model.
Cybersecurity technology is not as effective as it should be
90% of participants reported that cybersecurity technology is not as effective as it should be when it comes to protecting organizations from cyber risk. Trust in technology to deliver on its promises is low, and yet when asked how organizations evaluate cybersecurity technology efficacy and performance, there was not a single common definition.
Please see the rest of the article at the link above.
==================================================================
The Wave Alternative is unique. The technology works effectively and efficiently!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
US Army Base's Twitter Account Hacked
https://www.infosecurity-magazine.com/news/us-army-bases-twitter-account/
Excerpt:
This was not the work of our admins. Our account was hacked.
==================================================================
It would be nice if Bill Solms were still with Wave. The two previous posts relate to this. I don't use Twitter, Facebook, or LinkedIn, but others may find them very effective for things they have learned.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
5 Tips for Fighting Credential Stuffing Attacks
https://www.darkreading.com/edge/theedge/5-tips-for-fighting-credential-stuffing-attacks/b/d-id/1337896
With stolen credentials an easy find online, what are some measures to put in place to keep hackers from breaking into secure accounts?
Sumit Agarwal takes credit for coining the term "credential stuffing." He served as deputy assistant secretary of defense under President Obama, and in 2011, while working at the Pentagon, he began to notice a pattern of brute-force attacks on public-facing military websites, where threat actors were using credentials, like usernames and passwords, stolen from one site and to gain access to other sites.
Today, Agarwal is co-founder and CTO of Shape Security, and credential stuffing has gone mainstream, making life miserable for security managers in many types of organizations.
"Credential-stuffing attacks are a massive problem today, especially with the extreme shift to online-only services due to COVID-19," says Agarwal. "Something becomes spontaneously popular - we saw this with Disney+ as soon as it came out - and is overwhelmed with targeted credential-stuffing attacks. Any time a service gets any substantial amount of traffic, they see surges in credential stuffing. We're going to see these attacks increase for online grocers, delivery services, and telehealth providers."
Simply put, credential stuffing takes place when cybercriminals obtain stolen credentials through some means – usually on the Dark Web – and then use botnets or other automation tools to try and use these stolen usernames and passwords to gain fraudulent access to multiple, other user accounts.
"Credential stuffing is a type of cyberattack where the hacker attempts to sign into a user's account using usernames and passwords that have been leaked during a data breach," says Charlotte Townsley, director of security engineering at Auth0. "During the attack, a hacker can steal a user's credentials and sell them on the Dark Web for other hackers to purchase. Other hackers can gain access to billions of leaked credentials and use bots to try different combinations of passwords, quickly, into hundreds of accounts from social platforms to banking apps."
"Credential stuffing is really a subset of brute force attacks," adds Adam Darrah, director of intelligence with Vigilante. "The major difference is the fact that threat actors are working with previously cracked or dehashed passwords, and passwords that were compromised by other attack vectors, like keyloggers and other malware, so they already have an attack-ready set of credentials at their disposal. Threat actors utilize a litany of brute force checkers, varying in sophistication, to run targeted account takeover campaigns against corporate infrastructure and websites alike."
Once in, of course, that means corporate sensitive assets could be leaked, or the attacker can possibly gain access to other private accounts or trick unsuspecting colleagues into sharing information. The potential for damage is limitless.
Attacks Are Growing and Easy to Execute
From Agarwal's early days of identifying credential-stuffing attacks on government sites, the problem is now pervasive. The most recent Verizon Data Breach Investigations Report (DBIR) from 2019 finds credential stuffing was used in 29% of all data breaches. And currently HaveIBeenPwned.com (HIBP), a free site that offers data breach notification, has information on nearly 9 billion compromised credentials from hundreds of data beaches.
I's unsurprising that criminals are drawn to it for quick success as its fairly easy today to obtain stolen credentials cheaply.
"The skills required to purchase credentials to a victim's bank account or online retail account could be learned in an afternoon of Google searches," says Darrah. "There are seemingly endless deep and Dark Web marketplaces offering account credentials for as little as $2, depending on the service or website. In some cases, they even offer refunds if the credentials don’t work as advertised."
But there are some tools and techniques security managers can put in place to mitigate credential-stuffing attacks. Security researchers we spoke with recommend the following.
1. Boost user awareness on password management: With many users still reusing passwords across accounts, one place to start is education, says Townsley: "Improving user password habits is a great start in defending against credential stuffing-attacks. Educating employees on best practices and reminding them to change their passwords on a more regular basis can make it harder for hackers to pull off a successful attack."
2. Implement multifactor authentication: Two-factor/multifactor authentication should be enabled on every account where it is allowed and available. This adds another layer that makes it more difficult for a threat attacker to penetrate.
3. Use anomaly detection tools: "These could be either free or enterprise-grade online threat intelligence tools that can help identify risk signals – such as a breached password or a higher than usual number of failed authentication attempts," says Townsley. "These can also be used to determine a sudden or unusual increase in the amount of IP addresses visiting a website – this can be a tip off that there is malicious activity happening."
4. Deploy password managers: Several enterprise password managers are available, free of charge, that can help users create unique and strong passwords for every secure account and can help cut down on the common password reuse problem. A variety of password managers suitable for both enterprises and small businesses alike, are available, among them, according to recent market research from Ovum (now part of Omdia), 1Password Business, Dashlane Business, Keeper for Business, LastPass Enterprise, ManageEngine Password Manager Pro, Pleasant Password Server, and RoboForm for Business are the leaders. Ovum also gave kudos to Bluink, Passwork, Bitwarden, TeamPassword and Passbolt for unique features.
5. Embed security into website design: "Security professionals and web developers can make a threat actor's job a little tougher by ensuring that websites use any available bruting countermeasures, including CAPTCHAs and MFA," says Darrah. "Simple changes to website functionality can also be implemented - the prompt given after a login attempt, for example.”
=================================================================
#246172 was a post on credential stuffing and so this post might help explain that post.
=================================================================
For those who do or do not believe their Twitter account can be hacked, I think this article shows what hackers can do. Check out Wave VSC 2.0 and Wave Knowd which could prevent hackers from hacking your online accounts. Both authentication solutions use the TPM as a factor of authentication to stop hackers. What is a TPM? and "Hardware-based encryption is the key to future proofing", posts 246168 and 246170. Hardware and software is stronger than software only. After reading this article, it becomes quite apparent that the TPM could help in providing better security than what exists on Twitter now! Intended messages may not find their destination without the help of readers. Thank you readers!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Researcher: I Hacked Trump’s Twitter by Guessing Password
https://threatpost.com/researcher-hacked-trumps-twitter-password/160473/
Excerpts: It took only five attempts to guess the password to President Donald Trump's Twitter account - "maga2020"
2FA requires users to have a one-time generated code, sent by email or text which needs to be entered to login. This keeps bad actors from accessing the account even if they have the username and password. "elderly people often switch off two step verification because they find it too complicated."
=================================================================
Thinking outside of the box, it would seem so easy for Mr. Trump to have the benefits of either Wave VSC 2.0 or Wave Knowd! Other users could also enjoy simpler and more secure authentication as well. They're simple so you don't have to turn them off, and for security they can't be turned off. The technology could be available, why not use it?
=================================================================
wavesys.com
=================================================================
Wave solutions, better security
French IT giant Sopra Steria hit by Ryuk ransomware
https://www.bleepingcomputer.com/news/security/french-it-giant-sopra-steria-hit-by-ryuk-ransomware/
Excerpt:
Sopra Steria is a European information technology company with 46,000 employees in 25 countries worldwide.
==================================================================
Post #246140 could show organizations that they have another way (investing in Wave solutions) to deal with ransomware. This investment could alleviate the possibility that insurance carriers could drop their insurance!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
US Treasury Department ban on ransomware payments puts victims in tough position
https://www.csoonline.com/article/3587108/us-treasury-department-ban-on-ransomware-payments-puts-victims-in-tough-position.html
The Treasury Department's advisory warns companies not to pay ransoms to sanctioned entities. The move complicates ransomware incident response and might encourage insurance carriers to drop ransomware coverage.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Retail, Hospitality and Travel Hit by 64 Billion Credential Stuffing Attacks
https://www.infosecurity-magazine.com/news/retail-hospitality-travel-64-bn/
Over 60% of credential stuffing attacks detected over the past two years have been targeted at retail, travel and hospitality businesses, according to Akamai.
The security vendor’s latest report, Loyalty for Sale, is compiled from internet traffic flowing through its extensive global content delivery network.
It revealed that, during the period July 1 2018 to June 30 2020, it detected over 100 billion credential stuffing attempts. Almost 64 billion of these were aimed at cracking open user accounts in the retail, travel and hospitality sectors.
Further, retail accounted for the vast majority (90%+) of the attacks aimed at these verticals.
Such attacks remain popular given the continuous surge of breached log-ins onto underground sites and the potentially rich pickings to be found inside cracked accounts.
“Criminals are not picky — anything that can be accessed can be used in some way,” said Steve Ragan, Akamai security researcher and report author.
“This is why credential stuffing has become so popular over the past few years. These days, retail and loyalty profiles contain a smorgasbord of personal information, and in some cases financial information too. All of this data can be collected, sold and traded, or even compiled for extensive profiles that can later be used for crimes such as identity theft.”
Akamai also claimed that during the early days of the COVID-19 crisis as consumers flooded online sites to purchase goods, cyber-criminals began recirculating old credential lists in an attempt to identity new vulnerable accounts.
The report identified not just credential stuffing activity but also attempts to compromise sites directly via SQL Injection (SQLi) and Local File Inclusion (LFI) attacks.
Akamai detected nearly 4.4 billion web attacks against the retail, hospitality and travel sectors, comprising 41% of the total across all verticals. Once again, retail (83%) was the most popular target, while SQLi attacks (79%) were the number one choice of cyber-criminals across the three verticals.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Cybersecurity company finds hacker selling info on 186 million U.S. voters
https://www.nbcnews.com/politics/2020-election/cybersecurity-firm-finds-hacker-selling-info-148-million-u-s-n1244211
The cybersecurity company Trustwave said the hacker was offering 186 million U.S. voter records and 245 million records of other personal data.
WASHINGTON — A cybersecurity company says it has found a hacker selling personally identifying information of more than 200 million Americans, including the voter registration data of 186 million.
The revelation underscored how vulnerable Americans are to email targeting by criminals and foreign adversaries, even as U.S. officials announced that Iran and Russia had obtained voter registration data and email addresses with an eye toward interfering in the 2020 election.
Much of the data identified by Trustwave, a global cybersecurity company, is publicly available, and almost all of it is the kind that is regularly bought and sold by legitimate businesses. But the fact that so many names, email addresses, phone numbers and voter registration records were found for sale in bulk on the so-called dark web underscores how easily criminals and foreign adversaries can deploy it as the FBI said Iran has done recently, by sending emails designed to intimidate voters.
"An enormous amount of data about U.S. citizens is available to cyber criminals" and foreign adversaries, said Ziv Mador, vice president of security research at Trustwave, which found the material.
"In the wrong hands, this voter and consumer data can easily be used for geotargeted disinformation campaigns over social media, email phishing and text and phone scams," he added, "before, during and after the election, especially if results are contested."
The data is a mix of material stolen in various hacks of companies in recent years and publicly available data retrieved from government websites, he said. In most states, voter registration information is publicly available, for example.
Trustwave monitors dark web forums for threat information, and it came across a hacker calling himself Greenmoon2019 who was offering the data for sale. Trustwave used fictitious identities to induce the hacker to provide more information, including a Bitcoin wallet that Greenmoon2019 used to collect payment.
Bitcoin wallets — virtual storage facilities for the most commonly used cryptocurrency — publicly display transactions but not the identities of those making them. Trustwave was able to trace payments to a larger wallet, created in May, that has taken in $100 million in what the company believes is illicit proceeds, Mador said. Not all of that was from data sales, he said.
The wide availability of personal information is not new, but the idea that such a huge cache is for sale as the election approaches underscores how easy it would be for malicious actors to cause trouble. Trustwave said the hacker was offering 186 million voter records and 245 million records of other personal data.
National Intelligence Director John Ratcliffe said Wednesday night that Iran had obtained voter registration information and used it to send threatening emails to Democrats while posing as the Proud Boys, a white supremacist group. Ratcliffe said the Russian government had also obtained voter registration information.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Hardware-based encryption is the key to future proofing data protection concerns
http://digitalmarketingmagazine.co.uk/digital-marketing-data/hardware-based-encryption-is-the-key-to-future-proofing-data-protection-concerns/5077
?With recent changes to data protection laws, the data protection landscape is rapidly changing in scope, breadth and depth. Data protection is no longer simply a part of risk management, but also governance and compliance – meaning organizations today must keep up with all that is happening in the world of data protection.
The permanent physical loss of key information such as customer account information could have a severe negative impact on a business and bring about huge penalties and legal costs. The loss of confidentiality of information through a data breach can carry high security threats and put businesses of all sizes at risk. With such high security risks and huge penalties at stake, the protection of electronically stored information – in all its different expressions – should be at the forefront of any business.
As data and business processes evolve with technological advances, enterprises are actively examining how to improve the data protection function from the perspectives of people, processes and technology. In order to select the right data protection technology, the business needs to understand the overall data protection infrastructure portfolio into which individual data protection technologies should fit.
The growing advantages of hardware-based encryption
The disadvantages of software-based encryption have become increasingly apparent in the industry over the years. In software encryption, there are more possible attack vectors that can lead, among others, to the ability for a hacker to crack the password. Software encryption tools also share the processing of your computer, which can cause the whole machine to slow down as data is encrypted/decrypted.
Despite the apparent disadvantages of software-based encryption, some users remain unaware of the potential to solve these problems with hardware-based encryption. Through an industry-wide, open specification for hardware-based Self Encrypting Drives (SEDs), e.g., Opal Family Specifications, developed by Trusted Computing Group (TCG), the issues caused by software-based encryption are being addressed and the reasons for using a SED continue to grow.
Compared to software-based encryption, hardware-based encryption built into a drive offers simplified management, interoperability among drives from different vendors and most importantly no performance impact. In fact, using a SED is much more cost-effective than buying higher performance main laptop processors when software Full-Disk Encryption (FDE) is used. SEDs integrate to systems and image the same as non-encrypting drives, with no initial encryption necessary, nor re-encryption when drives are re-imaged.
SEDs and TPMs – the perfect match for future security threats
Strong user authentication is critical for better security. With a SED, access to the platform is based on secure authorization from the SED and not by the software that can be fooled into allowing unauthorized access to data. Mixing hardware-based encryption with Trusted Platform Modules (TPMs) can provide even stronger security benefits. Through combining hardware-based technologies like SEDs with TPMs, enterprises add another layer of security to their systems, ensuring the possibility of any loss of data is drastically reduced.
Hardware-based encryption brings a lot of necessary advantages including compliance, stronger security, integrated authentication and low total cost of ownership with an additional benefit of rapid data destruction or crypto-erase. While these convincing reasons remain valid, additional security scenarios provide even more compelling justification for organizations.
With ever-increasing data demands and the potential for new security threats in the future, corporations are investing in the technology to futureproof their business processes. New approaches such as SEDs, give corporations a way to obtain improved security without the shortcomings of software-based encryption. Once potential users correctly and completely understand the capabilities of SEDs and the misconceptions are corrected as well, the increasing availability of SED options will provide the solution to cope with data security threats both now and long into the future.
?Written by By TCG Storage Workgroup.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Is Encryption the Answer to Data Security Post Lockdown? #NCSAM
https://www.infosecurity-magazine.com/opinions/encryption-answer-lockdown/
Remote work and working from home has grown exponentially over the past decade. In fact, a 2018 study from Apricorn found that 100 per cent of surveyed IT decision makers noted that they had employees who work remotely at least some of the time.
However, the COVID-19 pandemic and resulting lockdown have forced a large number of employees into unfamiliar territory, not just remote work, but full-time working from home (WFH). While some businesses may have long adopted remote work strategies as part of increased flexibility, others have resisted due to the risks posed to data security and compliance efforts.
Worryingly, a more recent (2020) survey by Apricorn found that more than half (57 percent) of UK IT decision makers still believe that remote workers will expose their organization to the risk of a data breach. Employees unintentionally putting data at risk remains the leading cause of a data breach, with lost or misplaced devices the second biggest cause.
More than a remote risk
Whilst some are already transitioning back into the workplace, many are questioning whether WFH could become the new norm. The issue remains however, that remote working brings a number of challenges to data protection: be it an increased risk of external attacks, or employees’ tendency to relax security practices when working from home. Whatever the case, sensitive information leaving the confines of the office walls will always be more vulnerable than when it is safely secured on the corporate network.
Employees may well be tempted to use personal devices when working from home, or businesses may have introduced the need for video conferencing tools, or document sharing services, but it is critical that businesses take the onus on securing information before employees further put data at risk.
Our survey found that, of those with an information security strategy that covers employees’ use of their own IT equipment for mobile/remote working, forty two per cent said they permitted only corporate IT provisioned/approved devices, and have strict security measures in place to enforce this with endpoint control. Additionally, seven percent tell employees they’re not allowed to use removable media, but don’t have technology in place to prevent this.
Every organization should cover the use of employees’ own IT equipment for mobile and remote working in their information security strategy. If businesses want to secure data on the move, it is essential that encryption and endpoint control is applied to all devices, whether that be laptops, mobile phones, or removable devices such as USBs.
Data must remain on lockdown
Despite COVID restrictions showing some signs of easing, data must always remain on lockdown. Whether working from home or not, the GDPR has clear mandates for data encryption; firstly for compliance (Article 32); secondly to mitigate the impact on any organization who suffers a breach (Article 34) which removes the obligation to individually inform each citizen affected if the data remains unintelligible.
Additionally, article 83 suggests that fines will be moderated where the company has been responsible and mitigated any damage suffered by data subjects. Businesses will find that they are in a stronger position to defend themselves in the event of a breach should they be able to demonstrate the use of encryption practices.
The good news is that we have seen an increase in encryption and endpoint control. Nearly all survey respondents (94%) say their organization has a policy that requires encryption of all data held on removable media. Of those that encrypt all data held on removable media, more than half (57%) hardware encrypt all information as standard.
Businesses are seeing the value of encryption, but this is an ongoing process and it needs to cover all devices. The research highlighted that a number of those surveyed have no further plans to expand encryption on USB sticks (38%), laptops (32%), desktops (37%), mobiles (31%) and portable hard drives (40%). With so much data now moving beyond the corporate perimeter, it’s imperative to address the importance of encryption in protecting sensitive information, whilst giving staff the flexibility required to work remotely.
The value of encryption
Hardware encryption offers much greater security than software encryption and PIN pad authenticated, hardware encrypted USB storage devices offer additional, significant benefits. Being software-free eliminates the risk of keylogging and doesn’t restrict usage to specific Operating Systems; all authentication and encryption processes take place within the device itself, so passwords and key data are never shared with a host computer. This makes it particularly suited for use in highly regulated sectors such as defense, finance, government and healthcare.
By deploying removable storage devices with built-in hardware encryption, a business can roll this approach out across the workforce, ensuring all data can be stored or moved around safely offline. Even if the device is lost or stolen, the information will be unintelligible to anyone not authorized to access it.
The pandemic has thrown up many challenges this year, but data protection should not have been one of them. It should not be an afterthought, something incorporated into the business strategy as a result of an incident, but one that’s core to business operations and security best practice.
Organizations should analyze their data, identify everything that should be protected, understand where it exists and how it is transported, and ensure that it is encrypted at all stages of its lifecycle. Encryption and endpoint control can ensure that data remains secure and businesses can be prepared for the risks that come with an enduring remote workforce.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
What is a TPM?
https://securityboulevard.com/2020/10/what-is-a-tpm/
A TPM, also known as a Trusted Platform Module, is an international standard for a secure cryptoprocessor and is a chip found on the computer’s motherboard. The function of a TPM is to generate encryption keys and keep a part of the key inside the TPM rather than all on the disk. This is helpful for when an attacker steals the disk and tries to access the contents elsewhere. The TPM provides hardware-based authentication so if the would-be attacker were to try and remove the chip and place it onto another motherboard, or try to tamper with the motherboard to bypass the encryption, it would deny access.
What is the Difference Between HSM and TPM?
For the most part hardware security modules (HSM) and TPMs are similar in function and are used for encryption, but there are two notable differences that can be made between the two. A hardware security module is typically an external device while TPMs are chips that are embedded into the motherboard. The other difference is that you can easily add an HSM to a computer or network, while a TPM is usually not considered feasible to add after the computer is in use.
Does My Computer Have a TPM?
Off-the-shelf computers have a TPM soldered onto the motherboard, however, if you are building your own computer then you can easily buy one as an add-on module for a relatively cheap price. Installing a TPM in your computer is very simple, just find the port on your motherboard (if it supports a TPM module) and plug it in.
Can You Remove a TPM chip?
This depends on the type of computer you owned. Like previously stated, if you purchased your computers off-the-shelf then the TPM is typically soldered onto the motherboard, meaning that removal of the TPM would damage both the TPM and motherboard rendering both useless for the attacker. However if you had the TPM as an add-on and installed it yourself, it can easily be removed, but the encrypted contents would still be safe as the TPM uses hardware-based authentication meaning that it can’t be used when affixed onto another motherboard.
Can You Clear a TPM?
Yes, all you need to do is go into your security center app. However, it is not recommended as it can lead to data loss and you would lose all created keys associated with the TPM. If you must clear your TPM, then it is strongly recommended to have a backup and recovery for any data that is stored in your TPM.
Can a TPM be Hacked?
For the most part, TPMs are secure, however a new attack found by Christopher Tarnovsky found a way to break chips that carry a TPM by essentially spying on them like a phone conversation. This attack was used on Infineon Technologies AG flagship model, which is regarded as one of the top makers of TPM chips.
So does that make TPMs a liability? Well, not exactly. This attack was so resource heavy that Tarnovsky stated that unless you are a multi-million dollar corporation, this attack just isn’t worth it and is incredibly difficult to pull off in a real-world environment.
Key Attestation
A key attestation with a TPM is like a signature where it proves the origin of the certificate to the certificate authority to acknowledge that the TPM that is making the request is the same TPM that the certificate authority trusts. Key attestation is important because it allows the private key to not only be stored on the disk, but another key to be isolated and stored inside the TPM on that device so that you can benefit from a higher level of security due to the non-exportability of the TPM key.
Trusted Platform Module with Certificates
Using a TPM as your only protection against attackers is not recommended, as although a TPM protects your files from a physical attack, the ever-present threat of the infamous MITM attack can still grant access to your files. SecureW2 uses certificates to prevent over-the-air attacks and our management portal also supports security key attestation, as our software client can attest to the location a private key has been generated on a security key, or any other device with a TPM. Our industry-leading PKI makes it easy to configure BYOD and managed devices for 802.1x authentication and self-enrollment for certificates in just a few clicks.
We have affordable options for organizations of every size. Check out our pricing here.
The post What is a TPM? appeared first on SecureW2.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Morgan Stanley Fined $60m Over Data Disposal
https://www.infosecurity-magazine.com/news/morgan-stanley-fined-60m-over-data/
American multinational investment bank and financial services company Morgan Stanley has been fined $60m for improperly disposing of personal data.
The substantial fine was imposed on Morgan Stanley Bank, N.A., and Morgan Stanley Private Bank, N.A. by the US Office of the Comptroller of Currency (OCC), which discovered deficiencies in the banks' data decommissioning practices.
The federal banking agency found that in 2016, the banks "failed to exercise proper oversight of the decommissioning of two Wealth Management business data centers located in the United States."
Among the issues flagged by the OCC were inadequate risk assessment and monitoring of third-party vendors and a failure to keep track of customer information.
A consent order for the assessment of a civil money penalty states that the banks "failed to effectively assess or address the risks associated with the decommissioning of its hardware; failed to adequately assess the risk of using third party vendors, including subcontractors; and failed to maintain an appropriate inventory of customer data stored on the devices."
Morgan Stanley, which is headquartered in New York City, was also found to have failed to exercise adequate due diligence in selecting the third-party vendor engaged by Morgan Stanley and failed to adequately monitor the vendor’s performance.
Three years on from the decommissioning of the two data centers, the OCC found data disposal at the banks was still not as it should be.
"In 2019, the banks experienced similar vendor management control deficiencies in connection with decommissioning other network devices that also stored customer data," stated the comptroller.
Morgan Stanley, at the OCC’s direction, notified potentially impacted customers of the 2016 incident, and voluntarily notified potentially impacted customers of the 2019 incident. The bank has undertaken initial corrective actions, and the OCC states that it "is committed to taking all necessary and appropriate steps to remedy the deficiencies."
The OCC found the noted deficiencies constitute "unsafe or unsound practices" and resulted in noncompliance with 12 CFR Part 30, Appendix B, "Interagency Guidelines Establishing Information Security Standards."
The $60m civil money penalty will be paid to the United States Treasury.
=================================================================
What about ABC Investment Bank that retires computers that show up on EBAY. It seems that investing in Wave SED management would be a lot better than a massive fine. Disposing of computers' hard drives is so much easier using the crypto erase feature with Wave SED management than the other methods!!! It's these difficult methods that could be the reason that the data remains on these hard drives and could lead to noncompliance and drives getting into the wrong hands, and fines!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Trump ‘Nobody Gets Hacked’ Video Goes Viral
https://www.forbes.com/sites/kateoflahertyuk/2020/10/20/trump-nobody-gets-hacked-video-goes-viral/
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Cybersecurity And Your Passwords
https://www.forbes.com/sites/forbestechcouncil/2020/10/19/cybersecurity-and-your-passwords/#e62b50137320
==================================================================
Wow, those are the recommendations. No wonder every user on the internet is fed up. Try Wave VSC 2.0 (2FA)!!! Its more secure and simpler to use (for enterprise). Wave Knowd (no passwords and unfortunately in retirement - but shouldn't be) could make the experience on the internet like no other! These two Wave solutions could make users much happier and more secure!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
CyberArk Discover Numerous Vulnerabilities In Popular Antivirus Solutions
https://latesthackingnews.com/2020/10/09/cyberark-discover-numerous-vulnerabilities-in-popular-antivirus-solutions/
Researchers from CyberArk Labs have found serious vulnerabilities in multiple antivirus solutions. Briefly, they found privilege escalation bugs in these programs that exposed the devices to cyber threats. Vulnerabilities in antimalware products are significantly threatening since these programs usually run with high privileges, often at the admin level. Hence, any bugs here, especially the privilege escalation found by CyberArk, could give elevated access to an adversary.
Briefly, the researchers observed that in most cases, the issues existed because of the default DACLs of the C:\ProgramData directory. This director, on Windows, is accessible by all users, unlike the %LocalAppData% that specifies to the logged-in user only. It means any user can read/write files in ProgramData and will have full control of the data present here. Thus, any process created by a non-privileged user that a privileged user executes later will give rise to security issues. Such exploitation could allow for symlink attacks, whilst deleting arbitrary files and point to malicious files. Also, they found DLL hijacking flaw affecting some antivirus programs. Technical details about these vulnerabilities are available in the researchers’ post. Whereas, following is the list of all programs that had the vulnerabilities, with the respective CVEs. Kaspersky: CVE-2020-25045, CVE-2020-25044, CVE-2020-25043 Trend Micro: CVE-2019-19688, CVE-2019-19689 +3 Symantec: CVE-2019-19548 McAfee: CVE-2020-7250, CVE-2020-7310 Checkpoint: CVE-2019-8452 Fortinet: CVE-2020-9290 Avira: CVE-2020-13903 Microsoft: CVE-2019-1161 Avast + F-Secure: Waiting for Mitre
Please see the link for the rest of the article.
=================================================================
Wave Endpoint Monitor sounds better and better!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Google Says Chinese Hackers Are Impersonating McAfee to Trick Victims Into Installing Malware
https://gizmodo.com/google-says-chinese-hackers-are-impersonating-mcafee-to-1845399061
=================================================================
The same Chinese government-linked hackers who targeted the campaigns of both 2020 presidential candidates earlier this year have been trying to trick users into installing malware by posing as the antivirus provider McAfee and using otherwise legitimate online services like GitHub and Dropbox.
Shane Huntley, the head of Google’s Threat Analysis Group, offered new details about the suspected state-sponsored cyberattackers, known as APT 31, and their latest tactics in a company blog post on Friday. In June, Google’s security team uncovered high-profile phishing scams by APT 31 and Iranian state-sponsored hackers intended to hijack the email accounts of campaign staffers with President Donald Trump and Democratic nominee Joe Biden. (All of these phishing attempts appeared to have failed, Google said at the time).
On Friday, Huntley said that one of APT 31's latest hacking techniques involved emailing links that would download malicious code hosted on the open-source platform GitHub. The malware was built using the Python computing language and “would allow the attacker to upload and download files as well as execute arbitrary commands” through Dropbox’s cloud storage services, he wrote.
“Every malicious piece of this attack was hosted on legitimate services, making it harder for defenders to rely on network signals for detection,” Huntley said.
Another phishing scam saw the group impersonating McAfee, a legitimate and popular antivirus software provider, as a facade to quietly slip malicious code onto the target’s machine.
“The targets would be prompted to install a legitimate version of McAfee anti-virus software from GitHub, while malware was simultaneously silently installed to the system.”
Google did not specify which organizations or individuals were targeted in these latest APT 31-sponsored attacks or whether they affected either candidate’s political campaign. The tech giant only said that it had seen “increased attention on the threats posed by APTs in the context of the U.S. election” and shared these latest findings with the Federal Bureau of Investigation.
“U.S government agencies have warned about different threat actors, and we’ve worked closely with those agencies and others in the tech industry to share leads and intelligence about what we’re seeing across the ecosystem,” Huntley said.
He added that in the event that Google’s anti-phishing safeguards detect a government-backed attack, the company sends the intended victim a warning explaining that a foreign government may be targeting them.
Google isn’t the only tech giant seeing an increase in cyberattacks ahead of the election. In September, Microsoft reported that Chinese, Russian, and Iranian government-backed hackers had launched similarly unsuccessful attacks on high-profile individuals associated with both the Trump and Biden campaigns. Last week, the FBI and U.S. Cybersecurity and Infrastructure Security Agency also released details about campaigns by foreign government-linked hackers to exploit federal, state, and local government networks.
=================================================================
Wave Endpoint Monitor keeps sounding better and better!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Twitter hack probe leads to call for cybersecurity rules for social media giants
https://techcrunch.com/2020/10/14/twitter-hack-probe-leads-to-call-for-cybersecurity-rules-for-social-media-giants/?renderMode=ie11
=================================================================
Wave knowd tested under the NSTIC, and with Wave Scrambls could be two solutions where both Twitter and Facebook could have better security for them and their users: from the brilliant minds of Michael and Steven Sprague and others!!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Robinhood Internal Probe Finds Hackers Hit Almost 2,000 Accounts
https://www.bloomberg.com/news/articles/2020-10-15/robinhood-estimates-hackers-infiltrated-almost-2-000-accounts
=================================================================
Users of 2FA in this article did not stop the hackers!!
=================================================================
Robinhood users, if given the choice of having 2FA or no passwords, Wave VSC 2.0 and Wave Knowd could have saved them a lot of money and stress that goes with losing money that is stolen. These two Wave solutions could have protected their other online accounts as well. Because these two solutions were created by The Trusted Computing Company, Wave, security is second to none.
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Cybercrime Losses Up 50%, Exceeding $1.8B
https://www.darkreading.com/vulnerabilities---threats/cybercrime-losses-up-50--exceeding-$18b/a/d-id/1339041
Fewer companies are being hit by cyber incidents, but those that do get hit are hit harder and more often.
The world is rightly obsessed with the COVID-19 pandemic right now, but there's also a growing cybercrime pandemic. The good news is that fewer firms are reporting breaches. The bad news is that for those who are victimized, the attacks are more severe — and more expensive.
According Hiscox, a Bermuda-based insurance provider, cyber losses rose nearly sixfold worldwide over the past 12 months. Its recently released "Cyber Readiness Report 2020" pins the total cyber losses among affected firms at $1.8 billion — up a sobering 50% from the previous year's total of $1.2 billion. Overall, more than 6% of the respondents in the report paid a ransom, and their collective losses totaled $381 million.
Interestingly enough, Hiscox says that companies are 15 times more likely to experience a cyberattack (30% in UK) than a fire or theft (2% in UK).
Who Was Most at Risk?
Not surprisingly, larger organizations were the most common targets — and shelled out the most money — for cybercriminals. The financial impact differed widely across countries, verticals, and firm sizes. According to Hiscox, the energy, manufacturing, and financial services sectors are especially at risk. This is the result of low maturity in cyber resilience and low tolerance to what is often a high-impact outage.
Irish and German companies reported the biggest median losses, but the pain was widely shared. Among the attacked organizations, the median losses for energy firms increased over 30-fold, while a number of other sectors faced losses many times greater than the previous year. The biggest recorded loss for a single organization was $87.9 million (for a UK financial services firm), and the greatest loss stemming from a single attack was $15.8 million (for a UK professional services firm).
Cybercriminals demanded ransoms from roughly 17% of the companies they attacked, and caused dire financial consequences for the targets. The highest loss from ransom was more than $50 million for one unfortunate organization.
According to the Hiscox report, malware, ransomware, business email compromise, and distributed denial-of-service (DDoS) are still the most commonly used attack vectors. Besides malicious encryption imposed through ransomware, other extortion campaigns include DDoS attacks that causes the victim's IT infrastructure to crash over and over due to a constant flood of bogus IP traffic. Recently, the stock exchange in New Zealand weathered a barrage of DDoS attacks that disrupted business operations and trading for four consecutive days. CNBC reported that the exchange's websites and markets announcement platform were also affected.
Large Number of "Don't Knows"
According to Hiscox, this year the share of firms that revealed they'd suffered a cybersecurity incident in the last year shrank from 61% to 39%. At least that's positive. The flip side is that the financial blowback has been far greater than before. Larger companies were more likely to be targeted than smaller ones. Just over half (51%) of all enterprise-level firms — those with 1,000-plus employees — reported at least one cyber incident, and the most cyber incidents by far (median: 100) and breaches (80). The most heavily targeted sectors were financial services; manufacturing; and technology, media, and telecoms (TMT) — with 44% of firms in each sector reporting at least one incident or breach.
Of particular concern is that 11% of the respondents said they weren't sure how many times they were targeted. (That's 4% more than the previous year.) Even more worrisome is that the greatest share of "I don't knows" (15%) came from enterprise firms.
Surge in Spending
The report revealed that a large and broad increase in cybersecurity spending has occurred over the past year. The average spending among the respondents was $2.1 million, up from $1.5 million the previous year. (Roughly 75% of the respondents provided figures for their cybersecurity spending.) Assuming the numbers are an accurate reflection of what's going on more broadly, the total cybersecurity spending in the past year was a staggering $11.4 billion. That compares with $7.9 billion a year ago for a sample of companies that was 3% smaller. Nearly three-quarters of firms (72%) intend to boost cybersecurity spending by 5% or more in the next year — that's up from two-thirds (67%) from the 2019 number.
As one might expect, the companies that dedicated double-digit percentages of their IT budget were less likely to have suffered a breach than those that spent less than 5%. But those big spenders, typically larger firms, had higher average costs stemming from breaches. Greater size means more customers, higher notification expenses, and bigger ransoms.
Preparation Pays Off
A notably higher percentage of this year's respondents reported that they had a harder time attracting new customers (15% of firms were targeted, up from 5% last year) after a cyber incident. They also lost more customers (11%, compared with 5% in 2019) and/or business partners (12% compared with 4%).
When asked about the adverse effects of a breach, 14% of the respondents mentioned bad publicity that tarnishes the brand or the company's reputation. Only 5% said the same thing in 2019. Thirteen percent said business performance indicators — such as their share price — were affected, up from 5% last year.
In terms of cyber readiness, size matters. Hiscox reports that large companies have more resources and can spend an order of magnitude more on warding off online evildoers than their smaller counterparts. No surprise there. Among the smaller firms that were ready to face off with the cybercriminals, 16% were digitally savvy TMT companies. Retail and wholesale and construction were also well prepared (11% and 10%, respectively). The Hiscox report concludes that most of the best-protected organizations achieved their preparedness by "taking cyber security seriously."
=================================================================
An increase of $3.5 billion was spent on cybersecurity, and there was an increase of $600 million in loss due to cybercrime. The cybersecurity dollars could be spent in a more efficient and effective place: Wave solutions!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
Iranian state hacker group linked to ransomware deployments
https://www.zdnet.com/article/iranian-state-hacker-group-linked-to-ransomware-deployments/
Amidst rising tensions between Israel and Iran, security researchers fear new escalation.
=================================================================
Iranian APT Group Targets Global Universities Again
https://www.infosecurity-magazine.com/news/iranian-apt-group-targets-global/
An Iranian state-backed APT group known for targeting universities for research materials has been detected in a new campaign coinciding with the start of the new academic year.
Silent Librarian (aka TA407, Cobalt Dickens) is once again casting the net wide geographically. It has registered phishing sites for universities in: Australia (Victoria, Adelaide and Melbourne Victoria), the UK (Glasgow Caledonian, King’s College London, Bristol, Cambridge and others), the US (North Texas, McGill, Stony Brook), Singapore (Nanyang Technological), Canada (Western, Toronto) and in Sweden, Germany and the Netherlands.
Using a similar pattern to that spotted in previous campaigns, the group keeps most of the domain intact but simply swaps the TLD, which can happen if organizations don’t defensively register enough variants.
Although Silent Librarian is using Cloudflare to hide the true location of its servers, Malwarebytes said it was able to identify several based in Iran.
“It may seem odd for an attacker to use infrastructure in their own country, possibly pointing a finger at them,” the firm’s Threat Intelligence Team wrote in a blog post. “However, here it simply becomes another bulletproof hosting option based on the lack of cooperation between US or European law enforcement and local police in Iran.”
It warned that although sites are being taken down as quickly as possible, the group has amassed a sizeable number in order to continue its phishing campaign unabated.
“IT administrators working at universities have a particularly tough job considering that their customers, namely students and teachers, are among the most difficult to protect due to their behaviors. Despite that, they also contribute to and access research that could be worth millions or billions of dollars,” said Malwarebytes.
“Considering that Iran is dealing with constant sanctions, it strives to keep up with world developments in various fields, including that of technology. As such, these attacks represent a national interest and are well funded.”
Silent Librarian has been spotted in 2018 and 2019 performing similar attacks.
=================================================================
Given these cyber incidents, Wave and its partners could be doing a superior job helping prevent these problems from occurring in the first place. Better security in Wave solutions could alleviate a lot of stress and save a lot of money in these instances. A good offense needs a great defense!!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
PwC 3200+ businesses and IT leaders share their views on what's changing and what's next in cybersecurity
PwC Twitter tweet Oct. 8.
==================================================================
The TPM is marching on as Methinks showed with Infineon. And this PwC cybersecurity report from 3200+ businesses at first glance shows no mention of hardware security or the TPM. What is remarkable is that 10 years ago and for a period of time PwC successfully used Wave software and the TPM in their 2FA. Wave VSC 2.0 was an improvement and organizations are able to set it up much faster than the PwC installation. It seems with this success with such a large and important company, and Infineon's continued success, a large global financial services company with TPMs that hardware security and Wave or partners should be helping a lot more organizations with Wave solutions.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Iran acknowledges cyberattacks on government departments
https://abcnews.go.com/International/wireStory/iran-acknowledges-cyberattacks-government-departments-73626268
=================================================================
Are governments prepared for Iran or other countries defensively? Using Trusted Computing and Wave solutions now could help governments' cyber defenses tremendously!!
=================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
President Trump Can’t Use $3.6 Billion in Military Funds for Border Wall Construction, Federal Court Rules
https://www.govexec.com/oversight/2020/10/president-trump-cant-use-36-billion-military-funds-border-wall-construction-federal-court-rules/169193/
==================================================================
Emergency funds at this point should be earmarked for cybersecurity/trusted computing!! Wave has better security, and these funds could go a long way in shoring up the government's cyber defenses!! What else is working really effectively like Wave solutions could? It only takes one threat to get through to potentially lose many gigabytes of important data!!! By not allowing unauthorized (unknown and unapproved) devices on the network, Wave solutions doesn't allow for unauthorized threats on the network.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Carnival Corp. Confirms Personal Information Compromised in Ransomware Incident
https://www.securityweek.com/carnival-corp-confirms-personal-information-compromised-ransomware-incident
==================================================================
'IT ensuring that only known and approved devices are accessing your network' comes with certain Wave solutions, and would be very helpful to Carnival which found that someone had unauthorized access to personal data. Thus unauthorized (unknown and unapproved) devices wouldn't have access to the Carnival network by using Wave solutions.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
German tech giant Software AG down after ransomware attack
https://www.zdnet.com/article/german-tech-giant-software-ag-down-after-ransomware-attack/
Exclusive: The Clop ransomware gang is demanding more than $20 million from German tech firm Software AG.
Software AG, one of the largest software companies in the world, has suffered a ransomware attack over the last weekend, and the company has not yet fully recovered from the incident.
A ransomware gang going by the name of "Clop" has breached the company's internal network on Saturday, October 3, encrypted files, and asked for more than $20 million to provide the decryption key.
Earlier today, after negotiations failed, the Clop gang published screenshots of the company's data on a website the hackers operate on the dark web (a so-called leak site).
The screenshots show employee passport and ID scans, employee emails, financial documents, and directories from the company's internal network.
Software AG disclosed the incident on Monday when it revealed it was facing disruptions on its internal network "due to [a] malware attack."
The company said that services to customers, including its cloud-based services, remained unaffected and that it was not aware "of any customer information being accessed by the malware attack." This statement was recanted in a later press release two days later, when Software AG admitted to finding evidence of data theft.
The message about the attack remained on its official website homepage all week, including today.
Software AG did not return phone calls today for additional details or comments about the incident.
A copy of the ransomware binary used against Software AG was discovered earlier this week by security researcher MalwareHunterTeam. The $20+ million ransom demand is one of the largest ransom demands ever requested in a ransomware attack.
The ID provided in this ransom note allows security researchers to view the online chats between the Clop gang and Software AG on a web portal managed by the ransomware group. At the time of writing, there is no evidence the German company paid the ransom demand.
Software AG is Germany's second-largest company with more than 10,000 enterprise customers across 70 countries. Some of the company's most recognizable customers include Fujitsu, Telefonica, Vodafone, DHL, and Airbus.
Its product line includes business infrastructure software such as database systems, enterprise service bus (ESB) frameworks, software architecture (SOA), and business process management systems (BPMS).
==================================================================
Many organizations could have been tremendously helped by Wave when it comes to ransomware! data breaches! phishing! malware! unauthorized access! Organizations could find that they have underestimated the capabilities of Wave when it comes to these cyber issues!!! A small company like Wave can have surprisingly very positive results that are much better than the current results in the marketplace. Why should the market continue to suffer with the status quo?
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Boards Increase Investment in Cybersecurity in Face of Threats and Regulatory Fines
https://www.infosecurity-magazine.com/news/boards-increase-investment-fines/
Board decisions on cybersecurity spending are slowly improving following the impact of regulatory fines and COVID-19.
According to research by Thycotic surveying 908 senior IT security decision makers working within organizations with more than 500 employees, 58% plan to add more security budget in the next 12 months.
Amid growing cyber threats and rising risks through the COVID crisis, CISOs report that boards are listening and stepping up with increased budget for cybersecurity, with 91% agreeing that their board adequately supports them with investment.
In an email to Infosecurity, Joseph Carson, chief security scientist at Thycotic, said he believed the retro-fixing of security to remote working tools was “a path and direction most organizations have been going down, however it was always a lower priority.”
He claimed COVID-19 has accelerated the investment into both cloud and remote working budgets, and this includes the need for secure remote access and the ability to access from any location. “Having a CISO on the board is helping ensure technology that supports remote working environments are also secure by design,” he said.
Terence Jackson, CISO for Thycotic said while boards are definitely listening and stepping up with increased budget for cybersecurity, they tend to view any investment as a cost rather than adding business value. “However, there is still some way to go,” he continued. “The fact boards mainly approve investments after a security incident or through fear of regulatory penalties for non-compliance shows that cybersecurity investment decisions are more about insurance than about any desire to lead the field which, in the long run, limits the industry’s ability to keep pace with the cyber-criminals.”
The research also showed that 77% of respondents have received boardroom investment for new security projects either in response to a cyber incident in their organization (49%), or through fear of audit failure (28%).
Asked if the fear of regulatory fines is an effective way to win budgets, Carson said: “It really depends on how the risk of compliance fines are communicated to the board. If it is done in a way that shows the financial exposure, it highlights a real business risk that must be reduced. The CISO needs to be able to speak the same language as the board and compliance exposure is a way that the CISO can effectively show tangible financial risks.”
However, 37% of participants’ proposed investments were turned down because the threat was perceived as low risk, or because the technology had a lack of demonstrable ROI. One-third (33%) believe senior management does not comprehend the scale of threat when making cybersecurity investment decisions.
Asked if this is proof that boards are able to understand cybersecurity if they are able to determine risk levels, Carson said he believed boards are improving at understanding risks, however this can also be related to the problem that security teams struggle to relate those security investment into business risk or how it helps the business ROI.
“The main area for security improvement is always going to be how to convey business ROI from security investments and all security teams need a business financial risk analyst who can convert security risk into business risk,” he said.
=================================================================
With all the continuous billions of dollars in cyber damage being done to economies around the World, isn't it time for organizations to go with cybersecurity that works effectively and efficiently - Wave solutions!!!
==================================================================
wavesys.com
=================================================================
Wave solutions, better security!!!
HEH P2P Botnet Sports Dangerous Wiper Function
https://threatpost.com/heh-p2p-botnet-wiper-function/159974/
=================================================================
Excerpt:
Users can protect themselves by making sure Telnet ports 23/2323 aren't open to the public internet, and by ensuring strong passwords on devices.
=================================================================
One could go the strong password route or go on the simpler and more secure path of using Wave VSC 2.0!! This is where the TPM and PIN are needed by the botnet and the botnet would have a much more difficult time in getting those. There wouldn't be complicated passwords to forget or lose! This is a WIPER!!! Use better security in Wave VSC 2.0!!
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
3 Ways Companies are Working on Security by Design
https://www.darkreading.com/application-security/3-ways-companies-are-working-on-security-by-design/d/d-id/1339111
==================================================================
I'm really surprised that after 10+ years of developing the TPM and its proven capability that the TPM is not in the conversation of the above article. Or that it doesn't show up on Cybersecurity Awareness Month website. Here, cybersecurity in the World is lacking big time, and the activated TPM should be promoted at this site. Why would it not be when there is many billions of dollars in cyber damage being done to World economies???
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Corporate Credentials on the Dark Web Up by 429% This Year
https://www.infosecurity-magazine.com/news/corporate-credentials-dark-web/
There has been a 429% growth in the number of corporate credentials with plaintext passwords on the dark web so far this year, according to Arctic Wolf’s 2020 Security Operations Annual Report. This amounts to an average of 17 separate sets of credentials per a typical organization, leaving businesses particularly vulnerable to account takeover attacks (ATO).
This is despite a year-on-year decline in publicly disclosed data breaches, which Arctic Wolf attributes to “alert fatigue”, in which overworked IT and security professionals increase alert thresholds, leading to less reporting of incidents.
The study also found there was a 64% rise in phishing and ransomware attempts in Q2 of 2020 compared to Q1, with cyber-actors seeking to use the topic of COVID-19 as a lure as well as target remote workers. The banking sector experienced the biggest increase in these types of attacks, at 520%.
Additionally, since the start of the COVID-19 pandemic in March, critical vulnerability patch time has gone up by 40 days, which the authors said was driven by higher common vulnerabilities and exposures (CVE) volumes, more critical CVEs and the shift to remote workforces. Another major security concern is that there has been a 240% increase in unsecured Wi-Fi usage since March due to the emergence of home working.
The need for organizations to closely monitor their network, endpoint and cloud environments at all times was underscored by the finding that 35% of high risk incidents observed by Arctic Wolf took place between the hours of 8.00pm and 8.00am while 14% occurred on weekends, when many in-house security teams are not online.
Mark Manglicmot, vice-president, security services, Arctic Wolf, commented: “The cybersecurity industry has an effectiveness problem. Every year new technologies, vendors, and solutions emerge. Yet, despite this constant innovation, we continue to see breaches in the headlines. The only way to eliminate cybersecurity challenges like ransomware, account takeover attacks, and cloud misconfigurations is by embracing security operations capabilities that fully integrate people, processes, and technology.”
==================================================================
All it takes is one set of corporate credentials in an attacker's hands to do serious damage to a corporation. Wave could be protecting these corporations and stopping the damage from happening with Wave VSC 2.0 and Wave ERAS.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!
Ransomware threat surge, Ryuk attacks about 20 orgs per week
https://www.bleepingcomputer.com/news/security/ransomware-threat-surge-ryuk-attacks-about-20-orgs-per-week/
==================================================================
There was an important job(s) to be done and Everybody was sure that Somebody would do it. Anybody could have done it, but Nobody did it.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security.
TCG Executive Director Stephanie Schultz Wins a 2020 Public Relations and Marketing Excellence Award
October 2020 by Marc Jacob
https://www.globalsecuritymag.com/TCG-Executive-Director-Stephanie,20201006,103522.html
The Business Intelligence Group announced that Stephanie Schultz, Executive Director of Trusted Computing Group (TCG) has today won the Marketing Executive of the Year award at the 2020 Public Relations and Marketing Excellence Awards.
TCG is a not-for-profit organization formed to develop, define and promote open, vendor-neutral, global industry specifications and standards. Its standards have been deployed worldwide to protect against cyberattacks for today and beyond. This award recognises Stephanie’s achievements in leading TCG’s marketing strategy and corporate vision to prepare TCG for the cybersecurity challenges ahead.
==================================================================
Its interesting that with some 2,000,000,000 TPMs in the marketplace, and with the maturation and proven capability of the TPM, why aren't they all activated by now given MANY security incidents that have occurred over the last several years. Why isn't the TPM really being used when the market really needs them to be activated? Wave could help in a BIG WAY!!
Congrats, Stephanie.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!
This new "linkless" phishing scam is even tricking tech experts
https://flipboard.com/topic/cybersecurity/this-new-linkless-phishing-scam-is-even-tricking-tech-experts/a-AIOlHKwlQFqaULhchOU6tg%3Aa%3A3642466-201ed23c85%2Ftechradar.com
The cybersecurity firm Sophos has observed two new phishing campaigns in the wild that use a new trick to help them avoid detection. Email phishing...
==================================================================
When the contents of this article are combined with post 246139, there could be a dangerous combination of phishing happening: receiving HTML attachments from phishing emails that are sent as replies to genuine emails. Don't take a chance with this potentially dangerous phishing combination.
Use Wave solutions, better security!!!
==================================================================
wavesys.com
Custom-made UEFI bootkit found lurking in the wild
https://arstechnica.com/information-technology/2020/10/custom-made-uefi-bootkit-found-lurking-in-the-wild/
Attackers are going to great lengths to gain the highest level of persistence.
==================================================================
An activated TPM being used with Wave Endpoint Monitor could accomplish better things for organizations' computers!!! A lot of organizations should be using Wave solutions with activated TPMs!! It could help the situation in the above article!!
==================================================================
wavesys.com
==================================================================
Nice post Methinks!
Wave solutions, better security!!!
Ransomware victims aren't reporting attacks to police. That's causing a big problem
https://www.zdnet.com/article/ransomware-victims-arent-reporting-attacks-to-police-thats-causing-a-big-problem/
Europol's annual cyber crime report says ransomware is under-reported by victims - some of which appear to be simply hoping that nobody finds out they were a victim.
Many victims of ransomware aren't reporting attacks to police, making it harder to measure the level of crime and to tackle the gangs involved.
Europol's Internet Organised Crime Threat Assessment 2020 report details the key forms of cyber crime which pose a threat to businesses right now and ransomware remains one of the main concerns, especially as these gangs increasingly display high levels of skill and sophistication.
In many cases, ransomware gangs don't just encrypt the network with malware and demand hundreds of thousands or millions of dollars in bitcoin, they'll also threaten to leak stolen sensitive corporate files or personal data if they don't receive a payment.
And while ransomware is one of the most high profile forms of cyber attack, Europol's report warns that it remains an under-reported crime as many organisations still aren't coming forward to law enforcement after falling victim.
Several law enforcement agencies across Europe say they've only heard of ransomware cases via reports in local media.
The report suggests that approaching police to start a criminal investigation was "not generally a priority" for victims, who are more concerned with maintaining business continuity and limiting reputational damage. For some, the idea of getting law enforcement involved could be seen as a risk to their reputation.
That's why some businesses are choosing to engage with what Europol describes as "private sector security firms" to investigate attacks or negotiate ransom payments, instead of approaching the authorities.
Companies do this so evidence of the attack and their response to it can remain outside the public eye, especially given how law enforcement agencies recommend that organisations should never give into the demands of cyber criminals. But many businesses still view paying the ransom as the quickest and easiest way of restoring operations, even if cyber criminal groups can't always be trusted to keep their word.
And on top of the moral quandaries when it comes to dealing with cyber criminals or private negotiators, police warn that not reporting ransomware attacks is detrimental to others.
"By using such companies, victims will not file an official complaint, which increases the lack of visibility and awareness concerning real figures of ransomware attacks among law enforcement," says the Europol paper.
"Not reporting cases to law enforcement agencies will obviously hamper any efforts, as important evidence and intelligence from different cases can be missed".
But it isn't just businesses which were actively attempting to avoid publicity which don't report ransomware attacks; the report notes that some victims just don't think that law enforcement is able to do anything to help.
However, the report adds that investigating every attack possible helps the authorities build up a better picture of the ransomware landscape and how to potentially prevent attacks or aid organisations which fall victim.
For example, Europol's No More Ransom portal provides free decryption keys for various families of ransomware. The keys are provided by both cybersecurity companies and law enforcement agencies which have been able to break the encryption following investigation of the ransomware. If organisations don't report ransomware attacks, it could prevent other victims from being able to use free tools like this.
==================================================================
For solutions that protect against ransomware, please see post 246140. This could avoid having to call the police altogether.
==================================================================
wavesys.com
==================================================================
Wave solutions, better security!!!