Tag: Symantec

Facebook gives sensitive user information to advertisers, White House emails not protected, Discounted cyber insurance, Intel’s unethical conduct

These are some of the cybersecurity stories CTOvision is tracking. For others see our portal into all things cybersecurity and cyberwar.

Facebook lets advertisers target users based on sensitive interests

CTOvision has been tracking the Facebook data issues for quite a while and will continued to keep you in the loop (see The Ethics Of AI and Big Data: Facebook and Cambridge Analytica Are Writing New Case Studies For Us All). One high interest piece in related to the Cambridge Analytica data breach scandal highlights how Facebook has been under vigorous scrutiny from users as well as many governments across the world. Now a new investigation will further mar Facebook's reputation. With GDPR imminent, a new Guardian investigation had found that Facebook lacks privacy controls for information inferred about users, including sensitive details used in ad targeting. Read about how Facebook may be letting ad providers access sensitive user information on The Guardian.

What The Board Needs To Know About the GDPR

Executives in businesses around the globe have been tracking The European Union's (EU) General Data Protection Regulation (GDPR), which goes into effect 25 May 2018. Those who operate primarily in the EU have had plenty of time to focus on this and no excuses for not paying attention. Those who operate primarily elsewhere also have no excuse to not be aware of the GDPR and should have already assessed how things should change because of these new rules. We have found, however, that many firms in the EU and the US and elsewhere are still not paying enough attention to these very serious rules. Admittedly our sample size is small and this may not be reflective of the majority of firms, but we have seen indications that many firms are adopting a strategy of putting their collective head's in the sand or not really doing a serious assessment of the potential impact of GDPR on the firm. For more see: GDPR

Get DMARC Done To Help Fight Cyber Attacks

The Domain-based Message Authentication, Reporting & Conformance (DMARC) security protocol enables organizations to protect their email domains from being used by spammers and phishers to trick employees, customers and trading partners.  Without DMARC implemented, scammers and criminals can easily “spoof” an email domain to steal money, trade secrets or even jeopardize national security. DMARC weeds out fake emails (known as direct domain spoofing) deployed by spammers and phishers targeting the inboxes of workers in all sectors of society.  According to the 2017 Symantec ISTR report, 1 in 131 emails contained malware, the highest rate in 5 years. One of the most helpful providers of actionable information on DMARC is the Global Cyber Alliance.

For more on DMARC see: Global Cyber Alliance Release: Perhaps the most important of the 2018 RSA Conference Season and: Government Matters TV Explores Email Security Standards, DoD IT and Cloud Security with Bob Gourley

Companies Turn to War Games to Spot Scarce Cybersecurity Talent

Companies have found a new way to tap scarce cybersecurity talent. Profile of UK government's annual Cyber Security Challenge that tests contestants' abilities during cyberwar simulations and is used by companies to hire staff — Realistic scenarios help wannabe cybersecurity experts strut their stuff — A major shipping company is under attack. Source Bloomberg.

Intel did not tell U.S. cyber officials about chip flaws until made public

A new revelation that Intel did not disclose the Spectre and Meltdown flaws even though it knew about it could mean that Intel could be fined by the US authorities. Letters from Intel, Alphabet, and Apple to Congress say Intel didn't disclose Spectre and Meltdown flaws to US cyber security officials before news leaked. Source Reuters.

There are also new reports of vulnerabilities in hardware summarized by Bloomberg here. This report features insights from Yuriy Bulygin, expert in computer vulnerabilities. He spent most of his career at Intel Corp. studying security flaws in chips, including several years as the company’s chief threat researcher, until last summer. So you can believe him when he says he’s found something new: His latest research, set to be published on May 17, shows hackers can exploit previously disclosed problems in microprocessors to access a computer’s firmware—microcode that’s stored permanently inside processors and other chips—to get to its most sensitive information. “The firmware has access to basically all the secrets that are on that physical machine,” he says.

Apple, Cisco team up with insurance companies to offer cyber policy discounts

While cyber insurance is the best way to protect your business against data breaches and hacking attacks, expensive policies deter small and medium businesses from buying cyber insurance. Apple and Cisco have decided to tap into this lucrative market in partnership with insurer Allianz and insurance broker Aon. The foursome will offer discounted cyber insurance to businesses that primarily use their equipment. Read about the discounted cyber insurance on Reuters.

Are you on distro for our Cybersecurity and Cyberwar weekly? Sign up for that one plus others at CTOvision Newsletters.

Global Cyber Alliance Release: Perhaps the most important of the 2018 RSA Conference Season

Every year the RSA conference brings together members of the cybersecurity community for a week of presentations, discussions, tech demos and socials. Concurrent with the event there is always a flurry of press releases. Many are designed to highlight a company’s product or service. Many, like the annoucement of the new Microsoft led coalition of tech firms, might be well intentioned but highlight something that will have zero impact. But there are always a few releases that are worth focusing on.

Which leads us to the Global Cyber Alliance. The Global Cyber Alliance is an international, cross-sector effort designed to confront, address, and prevent malicious cyber activity. It is led by an icon of the cybersecurity community, Phil Reitinger, and Phil is a guy known for focusing on action that can be measured (the motto of the alliance is “Do something. Measure it”.

While any organization under Phil will make a difference, this one is unique in that it spans across borders, sectors, and industries. Like the Internet, it is not bound by geography.

The press release that caught my attention pasted below. This is clear evidence that the Global Cyber Alliance is making a difference.

Review it and then please realize now it is your turn for action. Use the tools and information provided by the Alliance to improve your own email security and better defend your part of cyberspace, and also use their tools to help your business partners and supply chain better defend their part of cyberspace.


From: GlobalCyberAlliance.com

SAN FRANCISCO, CA, April 17, 2018 – The Global Cyber Alliance today released two new free, open-source tools to enable organizations to reduce cybersecurity risks associated with website and email born cyberattacks.

GCA McScrapy enables organizations to lock down their website to remove potential security issues from third-party services and other unnecessary functionality. In addition, a new email security tool – the GCA DMARC Risk Scanner – allows organizations to determine if the organizations on which they depend, such as their trading partners and supply chain, are protecting their email domains from being spoofed or phished.

“Reducing risk is the best cyber defense,” said Philip Reitinger, president and CEO of the Global Cyber Alliance. “Among the most popular open doors that cyber criminals exploit are phishing attacks and compromise of an organization’s website. The tools we released today are designed to help stop these attacks and prevent loss to businesses.”

GCA McScrapy: Locking Down Websites

While GCA McScrapy can be used on websites developed with any content management system, nearly 60 percent of websites are designed using the WordPress platform. While WordPress is a popular platform, by its nature, its functions raise the risk of potential compromise. WordPress dynamically composes web pages using PHP and JavaScript and thus carries with it a risk for bugs and security vulnerabilities that serve as an attack vector. According to a WP WhiteSecurity October 2017 report on WordPress vulnerabilities, there are 2407 known vulnerabilities, more than half those vulnerabilities (54%) are from WordPress plugins and 31.5% are core WordPress vulnerabilities. The two most prevalent vulnerabilities are cross-site scripting and SQL injection.

GCA McScrapy converts a website into a set of static files, removing unnecessary functionality. Using a static website nullifies many concerns of cross-site scripting and SQL injection since there is no communication with the website’s content management system for dynamic content. The tool evaluates every part of a website and renders it into simple form, keeping as much functionality as possible, while removing potential security issues such as third-party services.  Not all functionality can be maintained, however, and updating websites takes extra steps, making GCA McScrapy best for websites for which security is very important.  GCA McScrapy is also highly configurable and can be adjusted to reduce scan times and scrape mobile sites. GCA McScrapy is free for anyone to use. Learn more about GCA McScrapy at github.com/GlobalCyberAlliance/.

GCA DMARC Risk Scanner: Holding Partners Accountable

 The Domain-based Message Authentication, Reporting & Conformance (DMARC) security protocol enables organizations to protect their email domains from being used by spammers and phishers to trick employees, customers and trading partners.

The GCA DMARC Risk Scanner can be used to scan hundreds of domains at one time to determine the level of DMARC and Sender Policy Framework (SPF) protections used by an organization’s partners, including the third parties with whom it works, its supply chain, and its trading partners.  This enables an organization to better understand, and act upon, the risk imposed on it by its partners who have not employed DMARC.

Without DMARC implemented, scammers and criminals can easily “spoof” an email domain to steal money, trade secrets or even jeopardize national security. DMARC weeds out fake emails (known as direct domain spoofing) deployed by spammers and phishers targeting the inboxes of workers in all sectors of society.  According to the 2017 Symantec ISTR report, 1 in 131 emails contained malware, the highest rate in 5 years.

Like all GCA tools, the GCA DMARC Risk Scanner is freely available at github.com/GlobalCyberAlliance/. Learn more about DMARC at dmarc.globalcyberalliance.org.

About the Global Cyber Alliance

The Global Cyber Alliance (GCA) is an international, cross-sector effort dedicated to eradicating cyber risk and improving our connected world. We achieve our mission by uniting global communities, implementing concrete solutions, and measuring the effect. GCA, a 501(c)3, was founded in September 2015 by the Manhattan District Attorney’s Office, the City of London Police and the Center for Internet Security. Learn more at www.globalcyberalliance.org.

How Do I select a Cloud Access Security Brokers (CASB)?

Cloud Access Security Brokers (CASB) have been hot for the last 5 years. But how do you select a CASB?

It has gotten to the point where every firm is either using one, evaluating one, or studying how to use them. This makes sense, since any successful cloud transition strategy should including appropriate attention being placed on how to secure, control and manage corporate use of cloud services.

We believe by 2020, 100% of large firms will use CASB and the majority of mid-sized firms will as well.

Since the market is so hot, the CASB firms themselves are acquisition targets and there has been quite a bit of M&A activity in this space. There is also room for innovation and there are many new entrants into the market, so expect many more changes in offerings available to the enterprise.

CASB products provide capabilities that give control over cloud offerings. They protect data, provide proof of compliance with corporate standards and regulatory requirements, provide visibility into actions being taken by staff and metrics over cloud application use and performance. In short, CASB enable appropriate enterprise-grade governance over cloud services.

Please log in to view the full post.

How Can I Protect My Personal and Financial Information?

How Can I Protect My Personal and Financial Information? Good question.

It’s evident that the essential aspect in your network or personal computer is the data that you have created. The main reason why most people are in a network or possess a personal computer is to store their data in a way that can easily be accessible.

Whenever you want to input protective strategies such as endpoint security in your PC, the bits and bytes of information stored become your number one priority. Computer applications and operating systems can always be replaced, unlike the created user data which is unique in its own respect and may be irreplaceable if lost. Sometimes, some of the information stored on the network or personal computer is confidential.

Any owner would not only want to guard it against being loss, but to protect unauthorized third parties from accessing it. For instance, when information such as your debit/credit card number, employee identification number, bank account number or social security number is left exposed, it is likely that you will be a victim of identity fraud. There may also be confidential information held in some documents of a company such as personal information regarding clients or employees, the company’s financial records, and trade secrets.

In this article, we are going to highlight some of the ways that you can protect your data from unauthorized access by third parties or eventual loss.

Read a full report at CrucialPointLLC.com in our Collection of Best Practices in Cybersecurity: Protecting Your Personal Information At Home




Early and frequent backup

One of the single most important incentive that you can undertake to protect your data is to have it backed up as early as possible and also do it on a regular basis. The frequency of data back depends on the amount of information that you are likely to lose if your computer crashes in a way that it can longer be recovered. The backup may be at intervals of monthly, weekly or after every 24 hours depending on the amount of data that your company creates. You may make use of a built-in backup offered by the Windows operating system to perform the most basic forms of data backup.

You can simplify the mode of creation and restoration of backups by making use of the wizard mode. You can also manually configure the backup settings or set an automatic backup schedule for the data you have created in a given amount of time. Other sophisticated data backup options are provided for by third-party programs. It is critical to store a copy of your backup offsite to avoid losing your data in case of a fire or any other natural calamity.

Password-protect documents

Productivity computer applications such as Adobe Acrobat and Microsoft Office applications have a feature that allows you to set passwords to individual documents. To access the document, you must know the password and enter it for it to open. For instance, in Microsoft Office documents, there is the option of setting a password which will be required for access or whenever you are making any changes to it. However, it is quite easy to crack through Microsoft office passwords. There are software currently available in the market such as Elcomsoft's Advanced Office Password Recovery (AOPR) which are designed to recover passwords for Microsoft Office. This form of protection using passwords will deter the access of confidential documents by third-parties or other unauthorized users.

Disk encryption

There are many third-party software available in the market today that will allow you to encrypt a whole disk. When you encrypt your disk entirely, you lock up the whole content inside the disk and its partitions which makes the information transparent to the user. Such software ensures that information is encrypted automatically before it is stored on the disk and also automatically decrypted before it is loaded into the computer memory for access. Some of this software can create containers inside the disc partitions that are invisible and disguise in the form of another disc within the disc. Programs used for disc encryptions can be used to encrypt flash drives, hard drives, and USB drives. They can also be used to come up with master passwords and secondary passwords.

Leveraging Social Media to Expand Business Data Globally

Social media has become an integral part of society, and having a presence on these platforms is a must for businesses in the present world. Barely a decade ago, only a small proportion of the globe were exposed to social media. A few years later, the list of social media networks has continued to grow and impact the society. In 2008, only 24 percent of the United States population had joined a social network as compared to the 81 percent who have a social media profile in 2017. With millions of users accessing various online platforms on a monthly basis, businesses should take advantage of these figures to expand their operations.

Social media through the web- and-mobile-based technologies has provided ways of altering the business landscape, serving and retaining customers, and building internal online communities. Leveraging the right social media audience can lead to successful operations at the local and global level. However, there are several strategies that a business should adopt to capitalize on the power of social media.

Set Social Media Goals

A business can use social media platforms to interact with consumers at a personal level, showcase products, and services, provide customer care, receive reviews and criticisms for their product, and make online sales. The first step to the successful use of social media for organizations is setting objectives.

How do you intend to use Facebook, Twitter, YouTube, Linkedin, Instagram, and other platforms for the benefit of your business? The highest-level goal of every business should be to engage customers and potential clients at an individual level. While the end objective is to increase market exposure, generate revenue, and reduce organizational costs, your priority should be deepening customer relationships. As the business engages with consumers to share its expertise, ties are strengthened, and this inspires online conversations about the brand. This, in turn, improves brand awareness and recognition in the marketplace.

Define Your Audience

There are millions of social media users in the world today, and not all may be the business’ potential customers. The business has to define and filter its audience from the millions of users to realize expansion. There are numerous ways to identify audiences by generation, age, gender, specific groups such as homeowners, college students, and so on. Segmenting your audience is critical in determining the most appropriate platform for your business.

For instance, if your company is targeting young adults, a platform such as Snapchat would be an ideal option. Similarly, if your business is targeting professionals in various fields, LinkedIn would be a perfect platform to use. Defining your audience will help your own organization to select the best platforms to further its cause, mission, and values. It will also enable you to go for the right tools, such as Symantec DLP, to protect business information across various platforms and networks. However, it is important to have a presence in most, if not all, social media platforms.

Focus on the Content

Once a business has defined its objectives and selected the right platforms based on their target audience, the next thing is to grow their social media following. Content is king when it comes to expanding a business on social media. What kind of information is the organization availing on social media? The absence of captivating and relevant information can frustrate your plans to use social media as a business expansion tool. The company should consistently showcase its products and services, provide expert information, and educate its users.

Combine video captioning with high-quality photos and videos to create captivating posts that will draw more users to your profile. Provide links to the business website and other platforms so that the existing users can get an opportunity to access them.

Social media is a powerful tool that when implemented effectively can expand your business operations globally and generate exponential revenues. Put these strategies to work, whether you are working on a personal brand or developing the reputation of your entire company.