Mobile Fraud Attacks Spiked 300% In Q1

Fraud attacks from mobile apps spiked by 300% in the first quarter of 2019, according to new researcher from RSA.

Published today, the Fraud Attack Trends: Q1 2019 report found that the total fraud attacks from rogue mobile applications on January 1 was 10,390 but had jumped to 41,313 by March 31.

Rogue mobile apps are those designed to duplicate legitimate apps of trusted brands, which are a fast-growing phenomenon among cyber-criminals and a huge digital risk for consumers and businesses, according to the report.

In addition, the report found that fraud attacks introducing financial malware increased 56%, from 6,603 in Q4 2018 to 10,331 in Q1 2019. Of all the fraud attacks RSA observed in the first quarter, phishing accounted for 29%, though the overall phishing volume grew less than 1% quarter over quarter. Additionally, phishing decreased rather significantly in terms of overall fraud attacks, which the report said was due to the exponential growth of attacks from rogue mobile apps.

An increasing threat for e-commerce business is fraud attacks on card-not-present (CNP) transactions, which grew by 17% in the first quarter of 2019. Of those attacks, 56% originated from mobile.

The old username/password combination is simply no longer sufficient as a form of consumer authentication. The use of multi-factor, adaptive authentication and transaction risk analysis to watch for signs of fraud based on device, user behavior and other indicators is another critical layer to prevent the onslaught of account takeover in the event of a successful login attempt.

source:  Info Security

New Cortana and Google Assistant Updates Have Greater Workplace Potential

Microsoft and Google laid out their respective visions for the next generation of virtual assistants this week, with enhancements to Cortana and Assistant, respectively, designed to support workplace productivity.

Though voice assistants have yet to arrive in force in the workplace, analysts see plenty of potential. By 2021, 25% of digital workers are expected to use a virtual assistant on a daily basis, according to analyst firm Garner, up from 2% who do so now.

On Monday at its Build developer conference, Microsoft offered a glimpse of where Cortana is headed, with plans for the virtual assistant to support more fluid, back-and-forth conversations.    

A demo video during Microsoft CEO Satya Nadella’s keynote presentation showed an office worker managing a calendar via Cortana on a mobile device. In the demo, Cortana answers numerous questions and carries out multiple actions during a long, continuous interaction with the user that lasted more than 30 “turns.” That included viewing upcoming plans, scheduling and rescheduling meetings, checking availability and booking rooms. The user is also able to to pull in relevant information such as local weather and traffic information, and send directions to an in-car virtual assistant. The ability to engage in more complex and dynamic interactions improves on current iterations of AI assistants by keeping track of context.

Appealing to business users

Once the technology is integrated into Microsoft products, users will be able to retrieve information from a variety of applications, with Cortana acting as the interface.

“We want it to be less cognitive load, less feeling like, ‘I have to go to PowerPoint for this or Word for that, or Outlook for this and Teams for that,’ and more about personal preferences and intents,” Andrew Shuman, Microsoft’s corporate vice president for Cortana, said.

Microsoft is confident of Cortana’s future in the office. Although it’s available on 800 million Windows 10 devices, it has largely failed to capture consumer mindshare as much as rivals. There are now plans to connect Cortana with other AI assistants rather than compete head-on; Microsoft struck a partnership with Amazon to integrate Cortana with Alexa in 2017.

Google unveils smarter, faster Assistant

Microsoft is not the only tech firm hoping to popularize virtual assistants in the workplace.

Amazon has Alexa for Business as its beachhead into the enterprise, offering management tools to support deployments of thousands of Echo devices into offices and meeting rooms.

Apple, whose strategy relies on sales of HomePod devices, has not shown a strong intention to target Siri at the workplace – yet. It did, however, announce a partnership with Salesforce last year that will see the CRM vendor integrate Siri deeper into its mobile apps, which are often used by sales and marketing professionals. And Apple’s reputation for stringent protection of customer data could help allay privacy worries about deploying voice-activated assistants in the office.

Meanwhile, Google Assistant, typically seen as the strongest competitor to Alexa in the consumer arena, has indicated plans to tailor its virtual assistant for business use. That lines up with plans, announced at Google Cloud Next last month, to link Assistant with calendars in G Suite, Google’s business productivity app suite.

At this week’s Google I/O developer conference, the company talked up the “next generation” of Google Assistant, which is faster and more personal.

Voice interactions are very natural to humans and as we start using more VPA speakers in our homes, we would find the desire to use voice as a way of interaction with devices in the workplace, too.

source:  Computer World

Phishing Exploit in Chrome Exposed

There are many telltale signs of a fake site, but it’s hard to keep up with all of them — which is why most users rely on their browser’s address bar to determine if a site is legitimate or not.

A developer has now demonstrated an exploit that can dupe people into believing they’re on a legitimate site by showing a fake version of Chrome for Android’s full address bar.

Chrome For Android Address Bar Phishing Trick Exposed

When scrolling down on any page in Chrome for Android, the topmost user interface, which includes the address bar and the tabs button, slide up from view so as not to obstruct the page. But as developer Jim Fisher wrote on his blog and first reported by 9to5Google, a website can easily replace this UI element via a handful of web design tricks.

Fisher found that the entire address bar can “jail” the scrolling of the page, which allows the user to scroll back up the page without the address bar UI appearing again. So, when the user scrolls back up, the page can display an image of a fake address bar at the top of the screen where the legitimate address bar UI would normally appear, complete with the “lock” icon that indicates whether a site is safe.

Perhaps the most concerning implication of this exploit is that a user can’t easily leave the page without access to Chrome for Android’s address bar. Yes, it should be easy as hitting the back button on their device, but plenty of websites have shown that this is easy to override. Google is currently developing a fix for this, though.

How To Check If You’ve Been Tricked

The best way to check whether Chrome for Android is showing a legitimate address bar is to lock the phone and unlock it again. It should force the app to show its real address bar supposing it’s been tampered with a fake one. It will show both the legitimate address bar and the exploited one. It’s not an ideal solution, but it’ll do for now.

Fortunately, this trick is focused on Chrome and is only a proof of concept for now, but when leveraged by ill agents and malicious sites, it could theoretically display fake address bars not just on Chrome but on a variety of other browsers, as well. A phishing campaign could generate not just a convincing page, but an address bar, too.


source:  Tech Times

Millions Of People Still Using Easy-To-Guess Passwords

In today’s digital age where most consumers know their modems from their motherboards, one might imagine that the quality of people’s passwords has improved. But a recent study shows that isn’t the case, with terrible, easy-to-guess passwords still being used by millions.

The report by the UK’s National Cyber Security Centre (NCSC) analyzed passwords found in public databases of breached accounts to find out popular words, phrases, and strings. It appears that the worst password of 2018—123456—remains the most popular, appearing in more than 23 million passwords.

The second-most popular string was the equally bad 123456789, while the other top five entries include “qwerty,” “password,” and 1111111.

People’s names are still commonly used as passwords, the most popular being Ashley, followed by Michael, Daniel, Jessica and Charlie. And when it comes to using band names, Blink182 is the most common, followed by 50cent. Superman, meanwhile, is the most popular fictional character name used as a password.

passwords are still to easy

The report was put together in collaboration with Troy Hunt, the Australian security researcher responsible for the Have I Been Pwned website, which reveals if your email addresses or passwords appear in data breaches.

Most users know that it’s inadvisable to reuse the same credentials across multiple websites—even Mark Zuckerberg is thought to have been guilty of this practice in the past. Remembering multiple passwords isn’t easy, of course, so the best solution is to use a password manager such as LastPass. It’s also advisable to enable two-factor authentication wherever possible, but the most important thing is to not use terrible passwords.

“Making good password choices is the single biggest control consumers have over their own personal security posture. We typically haven’t done a very good job of that either as individuals or as the organisations asking us to register with them,” said Hunt.

“Recognizing the passwords that are most likely to result in a successful account takeover is an important first step in helping people create a more secure online presence.”


source:  TechSpot

Cloud Security Spending Set to Top $12bn by 2023

Global spending on cloud security is set to grow nearly 18% to reach $12.7bn by 2023, with protection for public cloud deployments prioritized over the coming years, according to a new report from Forrester.

Organizations spent $178bn on public cloud services last year, a figure that will grow to $236bn by 2020 — making security increasingly important to protect mission critical systems and sensitive data.

Infrastructure decision makers are particularly concerned about cyber risk, with over half (54%) implementing cloud solutions, the analyst claimed in its report, Forrester Analytics: Cloud Security Solutions Forecast, 2018 To 2023 (Global).

The sheer complexity of cloud deployments, often covering multiple providers and hybrid deployments, also requires enhanced security to monitor data, detect anomalies, and intercept threats.

Public cloud remains the biggest focus for security investment. Some $4bn was spent on public cloud native platform security in 2018, accounting for over 70% of total cloud security spend and this will be the fastest-growth area to 2023, when it will reach $9.7bn, Forrester claimed

The good news is that these efforts appear to be working: just 12% of breaches targeted public cloud environments, while 37% of global infrastructure decision makers cited improved security as an important reason to move to the public cloud, according to Forrester.

The analyst was also keen to point out that there’s no single solution which can meet all an organization’s cloud security needs.

As mentioned, public cloud native solutions are growing fastest. These cover areas like: data classification, categorization and segmentation; server access control; user IAM; encryption; and logging, auditing, and anomaly detection.

Then there are cloud workload solutions designed to centralize and automate cloud security across multiple platforms and environments. This market is set to grow at 17.3% CAGR to reach $1.9bn by 2023.

Finally, cloud security gateways succeed where traditional security tools fail by encrypting data before it’s sent to SaaS applications; detecting shadow IT; data loss prevention (DLP); malware detection; and cloud access anomaly detection.

Source:  Info Security

US Government Issues Another Warning About North Korean Malware

Officials at the US Department of Homeland Security (DHS) have issued another warning about North Korean malware, this time a new variant dubbed “Hoplight.”

The backdoor trojan malware is linked to the notorious Hidden Cobra group, also known as the Lazarus Group.

“This artifact is a malicious PE32 executable. When executed the malware will collect system information about the victim machine including OS version, volume information, and system time, as well as enumerate the system drives and partitions,” the alert warned.

“The malware is capable of the following functions: Read, Write, and Move Files; Enumerate System Drives; Create and Terminate Processes; Inject into Running Processes; Create, Start and Stop Services; Modify Registry Settings; Connect to a Remote Host; Upload and Download Files.”

The malware uses a public SSL certificate for secure communications from South Korean web giant Naver, and employs proxies to obfuscate its activity.

“The proxies have the ability to generate fake TLS handshake sessions using valid public SSL certificates, disguising network connections with remote malicious actors,” the report claimed.

This is the latest in a long line of alerts warning of new North Korean malware, now in the double-digits.

This is the 16th report compiled by the DHS and FBI over the past two years on malicious activity associated with Hidden Cobra. Hoplight primarily consists of proxy applications used by Hidden Cobra to disguise its efforts to ‘phone home,’ which is the traffic sent by the malware back to its command and control (C&C) server.

source:  Info Security

Best Antivirus Software: Tested On Protection, Performance, and Usability.

The AV-TEST Institute recently tested the most popular Windows 10 client antivirus products on three primary criteria: protection, performance, and usability. Only four of the 16 products tested earned a perfect rating of 6 for each of those criteria: PSB Computer Protection 18 and 19, Kaspersky Lab Endpoint Security 11, Symantec Endpoint Protection 14.2 and Symantec Endpoint Protection Cloud 22.16. The top nine antivirus offerings shown here in alphabetical order scored at least 17.5 points out of a possible 18. You can drill down on the full results at The AV-TEST Institute’s website.

How to use these antivirus test results

Keep in mind that these tests were done in a lab environment. Different enterprise systems with different threat models will see different results for each of the products listed below. In other words, don’t expect that a 100 percent detection rate in the lab means that a product will detect all antivirus threats on your network. One reason is that it can take days for a newly submitted malware sample to make it into any given antivirus product’s database.

What the AV-TEST results show is which Windows antivirus products are consistently the best at the fundamentals of malware detection and have minimal impact on system performance. That makes a good starting point as you evaluate which products work best for your environment.

Best Windows 10 antivirus tools

1. Avast Business Antivirus Pro Plus 18.8

Avast Business Antivirus Pro Plus could have had a perfect score with just a slight improvement on performance. It stopped 100 perscent of all zero-day malware attacks, but the biggest issue was with slow-downs when launching popular websites. It was 7 percentage points slower on a standard PC than industry average. Otherwise, it had a perfect score for usability with no false warnings, detections or blockages.

2. Bitdefender Endpoint Security 6.6

Bitdefender Endpoint Security stopped all zero-day malware web and email attacks tested, and all malware discovered in the last four weeks. Performance degradation when using applications and websites was mostly minimal in and in some cases better than industry average. However, it was 8 percentage points slower than industry average for launching standard applications. For the latest round of tests, the product gave no false warnings.

3. F-Secure PSB Computer Protection 18 and 19

PSB Computer Protection had perfect scores in all categories, improving in performance over the last round. It detected 99.4 percent of zero-day attacks and 100 percent of more common malware. The software did block an action while installing or using legitimate software.

4. Kaspersky Endpoint Security 11.0

With its perfect scores across the board, Kaspersky Endpoint Security continues its run in the top tier of anti-malware products. It stopped 100 percent of all zero-day and known attacks tested. On the performance side, the product had minimal impact on the launching or installation of websites or applications. It flagged one legitimate software sample as malware out of a sample database of more than 1.6 million.

5. Kaspersky Small Office Security 6

Kaspersky Small Office Security scored similarly to the company’s endpoint protection product. It had a slightly higher impact on website launches.

6. McAfee Endpoint Security 10.6

For protection and usability, McAfee Endpoint Security ranks with the best of its competitors. However, it falls a little short on performance, particularly during launch or installation of software. The McAfee product slowed launching standard applications by 16 percent, well above the industry average of 12 percent. It was worse during installation of frequently used applications—48 percent slower. The industry average there is 33 percent.

7. Sophos Endpoint Security and Control 10.8

You can count on Sophos Endpoint Security and Control to stop attacks as well as any other product in this group. AV-TEST penalized the product a half point for performance, but test results show it was on par with the industry average in all categoroies.

8. Symantec Endpoint Protection 14.2

In addition to a perfect protection score, Symantec Endpoint Protection is one of the better-performing anti-malware tools tested. It scored above industry average in every category. It blocked no actions while installing and using legitimate software and gave no false warnings.

9. Symantec Endpoint Protection Cloud 22.16

Symantec Endpoint Protection Cloud scored similarly to its non-cloud counterpart.

source:  IT News

Data Protection a Priority 365 Days a Year

In today’s world, with growing threats to organizations and customer data, IT pros need to remain vigilant and ensure that everyone in the business, from the CEO through to the administrative team, is educated on the importance of data protection, 365 days of the year.

With more than a billion customers affected by corporate data breaches in 2018, data protection needs to be a priority for organizations 365 days of the year. Four points IT pros continuously consider so that company’s and its customer’s data remain secure are:

Data-driven forensics are essential

IT professionals are their organizations’ undercover detectives. They have to stay on top of what’s normal and the direction of travel for data flowing throughout the business. Even for something as innocuous as an increase or drop in traffic, IT professionals need to ask themselves, why has this happened? Could this be a risk to the business? Should I look into this in more detail?

Patch, patch, and patch

Over the last couple of years, large-scale, global attacks such as WannaCry pointed to the need for something as simple as a routine patch test. IT pros need to be rolling out tests regularly. Sure, patches are thought of as a protective measure, but if they aren’t installed and rolled out frequently, this can be the same as having a massive sign hanging over your organization showing cyber-criminals exactly where to hit so it hurts the most.

The cost of downtime vs. the cost of staying down

In today’s ‘always-on’ world, downtime is not an option. Applications and servers need to be online 24 hours a day, 365 days a year, and 100% available, to avoid unhappy customers and potential lost revenue. Otherwise, the resulting downtime can be costly, but the key thing to remember is that with routine testing and upgrades, we’re talking about losing a few hours through a process that’s entirely within the organization’s control and that can be arranged at a time that causes the least disruption. Compare this to the sheer impact a business would experience in the face of a data breach—it’s always worth taking a moment to consider this alternative.

Humans are targeted as often as machines

While you might have the best security strategy in place and on file, none of this matters if you cannot effectively educate the entire organization on best practices. If certain business departments or individuals aren’t abiding by the basics, then the whole company may as well be opening the front door to hackers. IT pros must insure all other departments not only understand what the policies are but why they exist and the consequences for breaking them.

Security has no day off, and with these considerations looming ahead for IT professionals in 2019, the role of monitoring tools will become ever more important in anticipating vulnerabilities, detecting threats, and spotting anomalies. Establishing best practices when it comes to monitoring will help IT pros be the eyes and ears behind the screens, safeguarding organizations from attack.

Cybersecurity Tips for Companies

Small and medium businesses are the most vulnerable to cyber threats. Various surveys show that about 60% of them would close within six months of a major cyber attack. Despite that, few SMBs have an active and up-to-date cybersecurity strategy.

Cultivating a secure mindset should be the entire team’s responsibility. Yet many businesses have not taken even the basic steps to protect their customers’ data, resources, or their employees. If an attack or data leak occurs, even huge corporations face serious problems, and for smaller ones, it could be the end of the road.

A vast majority of businesses focus on detecting a cyber attack rather than avoiding it in the first place. However, industry analysis shows, that usually cyber attacks remain undetected for 5-6 months. During this time the damage is already done.

Tips on how to ensure online safety at work

Understand which assets are the most important

Cybersecurity is not just about the computer or smartphones. Almost any connected device can be hacked, so you need an accurate list of all work-related inventory and accounts. Each employee must have their own credentials with an assigned role for each account used. Admin privileges are not for all, especially for accounts that have access to the most important documents.

Learn how to protect your business assets

Make sure that all of your computers, tablets, smartphones and, other devices are updated regularly. Do the same for software. New updates often make you more secure by fixing vulnerabilities and system bugs. Of course, don’t reuse passwords for different accounts or devices and make sure the passwords are strong. Finally, encrypting your data makes it very difficult to hijack and exploit.

Learn how to understand if something has gone wrong

Keep employees informed about the dangers of clicking on links or attachments from unknown sources. Educate them about phishing attacks or social engineering. Create a cybersecurity test or use one provided online to understand how much your employees know about security online.

Have an action plan and react quickly to minimize the impact

Nowadays, even small businesses need to have strict, company-wide policies and steps to tackle cyber crimes effectively. If having such strategy sounds complicated, start with using examples provided online.

Understand what resources are needed to recover after a breach

First of all, regularly back up your data – offsite and offline. If you lose access to important documents or client CRM, you will be able to restore them quickly.


source:  BCW

Top IT Trends Shaping Enterprises

Consumer demands are transforming what it means to be a successful business. In today’s digital world, we expect every aspect of our lives to be seamlessly connected. For businesses, this means digital is just the threshold for competition; to come out on top, IT and business leaders must tackle a new set of challenges.

Here are the top three IT trends shaping global enterprises today.

IT’s role is evolving into a catalyst for change

Digital transformation, which started as an IT initiative, has become a business-wide charge to enhance customer experiences. This has led to a shift in IT’s role, from traditionally operations-focused to a key driver of business strategy.

As a result, IT and business leaders report being more aligned than ever before. This year, 72% of IT leaders report they are aligned with the business versus 57% in 2018. The alignment between the two functions goes as deep as shared KPIs – their top goals for digital transformation initiatives are increasing efficiency in IT and the wider business and improving the customer experience.

Connecting business is increasingly important

In the race to meet growing customer expectations and enable richer interactions, business units across companies need quick and easy access to data. As the key enabler of integration within the organization, IT now faces demands for integration that span beyond the IT department for 92% of organizations to a variety of functions across the business. From business analytics and data science to HR and marketing, each job function is using numerous, often disconnected, systems — placing even more demand on IT to deliver.

Top IT teams tap into lego-style API strategies

As businesses invest in new and disconnected technologies, IT teams are being stretched to deliver more projects than ever before. Despite the fact that IT project demands will increase by 32% this year, the majority of IT respondents will see a budget increase of less than 10%.

In order to do more with less, many businesses have tapped into APIs as the building blocks for a more evolutionary architecture. This approach allows anyone, from developers to major enterprises, to assemble and reuse those API “legos” based on changing business needs. And while APIs indeed have technical benefits, they also provide significant business value. Organizations that own APIs report an array of business results, including increased productivity and innovation and greater agility across teams to self-serve IT.

source:  Mule Soft