[metaslider id=2951] … Read More
SAN FRANCISCO, Feb. 14, 2017 /PRNewswire/ — SnoopWall, Inc, the global leader in Breach Prevention, today announced receiving the coveted Cybersecurity Excellence Award for its tiny, powerful, cost-efffective NetSHIELD Nano breach prevention appliance.
“We’re humbled and honored to receive this prestigious award from our peers in the cyber and information security space,” said Gary S. Miliefsky, CEO of SnoopWall, Inc. “When small to medium enterprises (SMEs) are looking for a cost effective way to prevent breaches on their intranet networks, they look towards SnoopWall. Our NetSHIELD Nano is an incredibly tiny, powerful and cost-effective breach prevention solution that any SME can afford.”
The Cybersecurity Excellence Award is a prestigious award that honors individuals, products and companies that demonstrate excellence, innovation and leadership in information security. This independent awards program is produced in cooperation with the Information Security Community on LinkedIn, tapping into the experience of more than 300,000+ cybersecurity professionals to recognize the world’s best cybersecurity products, individuals and organizations.
“Congratulations to SnoopWall for winning the 2017 Cybersecurity Excellence Award for Network Access Control (NAC) hardware with their tiny breach prevention Nano appliances,” said Holger Schulze, founder of the 350,000-member Information Security Community on LinkedIn which organizes the awards program. “With over 450 entries, the 2017 awards are highly competitive. All winners and finalists reflect the very best in leadership, excellence and innovation in today’s cybersecurity industry.”
Fitting within the palm of your hands, the patented NetSHIELD Nano is the world’s smallest network access control (NAC) and breach prevention intranet security appliance. This is a tiny, powerful, plug-in-and-protect solution that detects and blocks zero-day malware (0day), ransomware, remote access Trojans (RATs). In addition, in milliseconds it blocks rogue devices, manages the Bring Your Own Device (BYOD) dilemma and, with pinpoint accuracy, finds all vulnerabilities in trusted network assets/devices including on wired and wireless networks and all internet of things (IoT) devices. It has a complete standalone secure web-management interface, as well as support for all major switches, hubs, wireless devices and can send threat feeds to all SIEMs and SIMs over Syslog or SNMP traps plus email alerts. In addition, for larger organizations and MSSPs it can be completely managed remotely through the Command Center of the NetSHIELD Enterprise appliances.
About SnoopWall, Inc.
SnoopWall is the world’s first breach prevention security company delivering a suite of network, mobile and app security products as well as cloud-based services protecting all computing devices from prying eyes and new threats through patented counterveillance cloaking technology. SnoopWall secures mission critical and highly valuable confidential information behind firewalls with our award winning patented NetSHIELD appliances and with WinSHIELD on windows and MobileSHIELD on Google Android and Apple iOS mobile devices with next generation technology that detects and blocks all remote control, eavesdropping and spying. SnoopWall’s software products and hardware appliances are all proudly made in the U.S.A.
Ransomware attackers are getting more aggressive, destructive, and unpredictable.
RSA CONFERENCE 2017 – San Francisco – The data-hostage crisis isn’t going away anytime soon: In fact, it’s starting to get a lot scarier and destructive, and with a more unpredictable outcome.
Security experts long have warned that ponying up with the ransom fee only plays into the hands of ransomware attackers; it doesn’t necessarily guarantee victims get their data back and unscathed, even though most of these bad guys thus far honor their promise of decrypting hijacked data after they receive their payment. Ransomware is rising dramatically, growing by a rate of 167 times year over year, according to SonicWall, with some 638 million attack attempts in 2016, up from 4 million the previous year. Kaspersky Lab data as of last October shows there’s a ransomware attack every 40 seconds.
James Lyne, global head of security research at Sophos Labs, warns that ransomware attacks are starting to become more of a no-win for victims, as some attackers are also now stealing the data they encrypt for further monetization, destroying it altogether, and even waging subsequent attacks on a victim. The attackers are more sophisticated with their encryption methods, and more aggressive, instituting tighter payment deadlines and including organized-crime style threats that sound more like a physical hostage negotiation, he explains.
He describes their brazen demands and attacks as a “shock-and-awe” approach that’s catching fire among cybercriminals hoping to more efficiently strong-arm their victims and potentially cash out more quickly.
“We’re seeing more and more inclusion of a timer” and a warning that the victim has X amount of time to pay the ransom or the attackers will begin to delete the files, or purge the data entirely, he says. In one attack Lyne investigated, the attackers warned the victim if he or she balked at payment or contacted law enforcement, they would delete the keys for decrypting the data so it wouldn’t be retrievable at all.
“Not even the cybercriminals can recover the data” then, he says.
“It irrevocably shreds them. You’re not going to get the data back even if you go to a forensics specialist,” Lyne says. “They’re starting to move toward a more aggressive approach of ‘hand over the money more quickly.'”
“It’s a really interesting tactic because it invokes panic in the user” so they are afraid to talk to tech support for help, he says.
Reinfection is also becoming a trend, where attackers who have successfully forced a victim to pay up to get their data back later target the same victim multiple times. “Traditional blackmailers know if someone pays once, they are probably going to pay again,” he says.
Lyne plans to show such case of a repeat attack during his RSAC session entitled Reversing the Year: Let’s Hack IoT, Ransomware and Evasive Payloads. “I’m going to show an example of where they got infected and the user pays, cleans up, and the attacker waits a period of time before doing the exact same thing again,” he says.
So the days of cleanup post-ransomware infection meaning the event is over may soon be gone. Variants such as Ranscam actually erase the victim’s files after promising to relinquish the files after the ransom is paid. The Ranscam attackers basically fool the victim into thinking the data is retrievable; they didn’t even invest in encryption, so it’s a rather evil but ingenious way to wage a low-cost, high-return attack, according to Cisco’s Williams.
Lyne says another big worry is ransomware attackers pilfering the data they locked for future monetization after the victim pays up. To date, most ransomware attacks have been opportunistic rather than targeted, even though industries such as healthcare and law enforcement have been among the hardest hit.
“In truth, most of these we’ve heard of weren’t targeted … the samples I look at have no example that they targeted specific types of businesses,” he says.
Even so, he’s seeing ransomware attackers stealing credentials and other potentially valuable data from their marks. “It encrypts your data, you pay money to get it back and it then nicks your data” as well, says Lyne, who will demonstrate one such attack here.
“It’s not widespread … but it’s something people need to be aware of now,” he says. “You can’t just pay money and consider the incident over.”
Another thing to watch for: ransomware targeting databases, which indeed is a sign of fishing for valuable data.
Headless But Deadly
Another sign of the times with the ransomware boom is campaigns that are abandoned by the attackers but still spread to victims, leaving them stranded with encrypted data and no ransom payment option. “We see this quite a lot,” Lyne says, and it tends to be lower-level, older variants such as Vipasana and Satana, and campaigns where the email or payment contact channel are shut down. “Now there’s ransomware floating around that’s shredware: there isn’t a way to get your data back,” he says.
Craig Williams, senior technical leader and security outreach manager for Cisco Talos, points to CryptoWall 3 as an example of this: “When it was abandoned, it stopped working and there was no key exchange,” which made it benign, he says.
The Talos team was seeing 130,000 ransomware samples per day in December of last year.
With the newer generation of more sophisticated and businesslike ransomware, more of the old-school rudimentary variants are likely to be scrapped in favor of more effective attack tools. Even so, the phishing emails and other ransomware-rigged places will still infect users. “This is a sign of things to come. So you should prepare,” Lyne says.
Meantime, ransomware variants such as Samsam, which included a self-propagation feature that let it spread like a worm, rather than just via email or malicious web content. Worm-like ransomware spreading could infect more victims more quickly, Cisco’s Williams says.
Be Prepared Or Prepare To Lose Data
The best defense from ransomware is preparation: expect the worst, and run regular backups. “Have a backup that works, one that’s not constantly connected to your computer such that you end up with an encrypted backup that’s also infected with ransomware,” Lyne says. There are even ransomware variants that target backups, so offline data backups are the best bet.
Cloud-based backups can be helpful as well, Cisco’s Williams says. “Don’t put your eggs in one basket … Have unique usernames and passwords” for those types of services, he says
Activists and academics are calling on Canada’s privacy commissioner to investigate after an executive order from President Donald Trump last week stripped Canadians and other foreigners of the limited digital privacy protections they had enjoyed previously in the U.S.
The move could affect up to 90 per cent of Internet traffic in Canada, which is commonly routed through the U.S.
In an order signed last Wednesday, Trump declared that federal agencies “shall, to the extent consistent with applicable law, ensure that their privacy policies exclude persons who are not United States citizens or lawful permanent residents from the protections of the Privacy Act regarding personally identifiable information.”
The Department of Homeland Security in 2007 extended certain Privacy Act protections to include “non-U.S. persons including visitors and aliens.” The original Privacy Act of 1974 did not cover non-U.S. citizens.
Trump’s order “has enormous implications for the privacy of everyone living outside the United States,” wrote Michael Geist, a professor of e-commerce law at the University of Ottawa.
“Given the close integration between U.S. and Canadian agencies — as well as the fact that Canadian Internet traffic frequently traverses into the U.S. — there are serious implications for Canadian privacy.”
Ronald Diebert of the University of Toronto’s Citizen Lab estimated that some 90 per cent of Canadian Internet traffic is routed through the United States. When it comes to the Internet, “there is no border,” he said in 2013.
Many have wondered whether any privacy protections really exist for Internet traffic in the U.S., given the 2013 revelations from Edward Snowden’s leaked documents showing mass, warrantless surveillance of telecommunications in the U.S. The Obama administration expanded the ability of intelligence agencies to share surveillance data, shortly before leaving office.
Trump’s new executive order “has real life implications,” consumer activist group OpenMedia said in a statement. “Everything from your financial status, to your medical history, your sexual orientation, and even your religious and political beliefs are exposed.”
The group said some Canadians “have had their lives ruined” due to inappropriate disclosure of data, even when they did no wrong.
“Some have faced career limitations, while others have had to deal with travel restrictions. When health records are wrongfully shared with U.S. border agents, even an encounter with the mental health system 20 years ago can be grounds to deny entry,” OpenMedia’s statement said.
Both OpenMedia and Geist are calling on the office of Canada’s Privacy Commissioner to open an immediate investigation.
OpenMedia is also calling for “a reassessment of what information our government chooses to share with the U.S.”
Recent cases of potential health data breaches include a cybersecurity breach, unauthorized access, and a stolen desktop computer.
– Flint, Michigan-based Singn and Arora Oncology Hematology is notifying 22,000 patients that some of their information may have been accessed in a cybersecurity breach, according to an ABC12 report.
An unauthorized user reportedly accessed one of the organization’s servers between February 2016 and July 2016. However, the practice did not become aware of the incident until August 2016.
Patient names, Social Security numbers, and insurance information were contained in the files. While there is no indication that the data was used for malicious purposes, Singn and Arora explained in its letter that it cannot say with complete certainty that the information was not compromised.
Potentially affected patients are being offered one year of complimentary free credit monitoring services.
10K impacted by unauthorized website access in Calif.
Verity Health System in California recently reported that an unauthorized third party may have accessed the personal information of “more than 9,000 individuals.”
Verity Health detected the access on January 6, 2017, and that it occurred on the Verity Medical Foundation-San Jose Medical Group website. The website is no longer in use but “immediate steps” were taken to secure it. The access reportedly took place between October 2015 and January 2017.
Potentially affected information included patient names, dates of birth, medical record numbers, addresses, email addresses, phone numbers and the last four digits of credit card numbers. However, full credit card numbers and Social Security numbers were not included. The data was also from 2010 to 2014.
While Verity reported 9,000 affected individuals in its statement, the OCR data breach reporting tool states that 10,164 were likely impacted.
“Verity Health System takes the security of our patients’ information seriously, and we regret that this incident occurred,” Verity Health CEO Andrei Soran said in a statement. “We took immediate steps to investigate this incident, notify the affected individuals and appropriate authorities, and ensure enhanced protection of our information systems going forward. We are working with a leading cyber-security firm to further evaluate the integrity of our information systems.”
Verity established a call center to answer questions and will also be offering potentially affected patients one free year of credit monitoring services.
Microsoft’s offers to users yielded results: Windows 10 installations for corporate users are constantly increasing and have already reached roughly 25 percent worldwide. That’s why the experts at AV-TEST decided to examine 12 corporate solutions for Windows 10.
Normally companies are slow to upgrade to new systems. For Windows 10, however, this trend is moving more quickly than expected. The worldwide share of Windows 10 among all operating systems is already at 25 percent. That is almost four times the market share of Windows 8.1.
Yet even with the new Windows 10, companies cannot rely on the built-in resources when it comes to security. A good client and server security solution is indispensable here. AV-TEST examined 12 security solutions for corporate users in the categories of protection, performance and usability. The tests took place over a two-month period in November and December 2016.
Two products achieve a top rating
The products can score up to 6 points in each test phase. This means a maximum of 18 points can be achieved. If a product reaches 18 or 17.5 points, it is rated a “top product”. The solutions from Bitdefender and Kaspersky Lab (Small Office Security) garnered this special recognition. A total of four products attained excellent results of 17 points: the packages from Symantec, Seqrite, Trend Micro and Kaspersky Lab (Endpoint Security).
All other corporate solutions tested still delivered good results of 14.5 to 16.5 points. This is also the range achieved by the free Microsoft System Center Endpoint Protection module.