MENTIS

Week of January 13, 2017

MENTIS
news

Week of January 13, 2017

Your Business, Staff and Technology Are Not Prepared For Cyber-Attacks*:

  • Eighty-three percent of global businesses say their organizations face security risks because of complex business and IT operations, according to yet another damning enterprise cyber-security survey.
  • More than one billion Yahoo accounts were compromised, the Democratic National Committee (DNC) was hacked, and millions of Internet of Things (IoT) devices were victims of distributed denial of service (DDOS) attacks, to name just a few of last year's worst breaches.
  • Seventy-five percent of respondents don't believe their organizations are fully prepared to deal with the security risks resulting from the IoT.
  • A similar number of respondents believe that an entirely new IT security framework is needed to improve security and reduce risk.
  • Companies that are not prepared to secure their business should take a four-step approach to fixing the situation.
    • Understand there is a problem.
    • Understand the scope and scale of the problem.
    • Bring in people to help them understand what needs to be done.
    • Recruit additional talent needed to properly maintain technology.
  • Organizations also need to properly train existing employees and emphasize the importance of enforcing prudent computing practices.

*Source: PC mag, January 10, 2017

 


A Hacker Just Proved That Apple May Have Been Right About the FBI*:

  • A major security breach reveals that phone-hacking company Cellebrite’s clientele ranges from the KBI to the Kremlin.
  • Last year, when the F.B.I procured a court order forcing Apple to unlock an iphone belonging to one of the San Bernardino shooters, CEO Tim Cook refused, sparking a battle between the tech company and the federal government.
  • Building a back-door would set a “dangerous precedent” and compromise the security of the iPhone, Cook argued.
  • The FBI withdrew its case and reportedly hired a private Israeli security firm called Cellebrite to extract the data.
  • Cellebrite has received more than $2 million in purchase orders from the F.B.I over the past four years.
  • A new report from Motherboard says Cellebrite has been hacked, and its data – including confidential customer information, databases, and technical product details – has been stolen.
  • The same technology built by Cellebrite to allow the FBI to unlock iPhones could now be sold to the highest bidder.
  • Cellebrite’s main forensics product, the universal Forensic Extraction Device, can collect all manner of data from cell phones including text messages, e-mails, and more all without the need for passwords.
  • The stolen data indicates its services have been sold to authoritarian regimes in countries including Turkey, Russia, and the United Arab Emirates.
  • Human rights and technology experts have expressed concern over the use of similar tools by authoritarian regimes to squash dissent.

*Source: Vanity Fair, January 13, 2016

 


CryptoWall Ransomware*:

  • The CryptoWall Ransomware is a ransomware Trojan that carries the same strategy as a number of other encryption ransomware infections such as Cryptorbit Ransomware or CryptoLocker Ransomware.
  • The CryptoWall Ransomware is designed to infect all versions of Windows, including Windows XP, Windows Vista, Windows 7 and Windows 8.
  • As soon as the CryptoWall Ransomware infects a computer, the CryptoWall Ransomware uses the RSA2048 encryption to encrypt crucial files.
  • The CryptoWall Ransomware claims that it is necessary to pay $500 USD to recover the encrypted data.
  • The payment is demanded using TOR and Bitcoins in order to maintain the recipients' anonymity.
  • Malware researchers strongly advise against paying the CryptoWall Ransomware ransom.
  • This only encourages ill-minded persons to continue carrying these types of attacks and does not guarantee that you will recover your data.
  • The CryptoWall Ransomware is distributed as a fake update for applications such as Adobe Reader, Flash Player or Java Runtime Environment or using spam email attachments.

*Source: Enigma Software, January 13, 2017

 


Shadow Brokers Offers Database of Windows Exploits For Sale*:

  • Anyone with the equivalent of about $680,000 can now purchase an entire database of exploits and toolkits for attacking Windows systems from a hacking crew called Shadow Brokers.
  • The attack tools range in price from 10 Bitcoins, or around $9,000, to 250 Bitcoins, or about $228,000.
  • The Shadow Brokers advertised the sale on Twitter late last week and claimed the exploit tools belong to The Equation Group, and outfit believed affiliated with the NSA.
  • One of the listed plugins suggests that the Shadow Brokers have in their possession a tool for editing and tampering with the Windows event logs that incident response and forensics experts rely on during investigations.
  • If Shadow Brokers release this code to the world (as they’ve done previously), it will undermine the reliability of event logs in forensic investigations.
  • Some believe the Shadow Brokers are Russian operatives based on some of their past exploits.

*Source: Dark Reading, January 10, 2017

 


‘Zero Trust’: The Way Forward in Cyber-Security*:

  • Following the OPM breach, the US issued a report recommending that federal agencies should adopt the Zero Trust Model of Cybersecurity, which centers on the belief that both internal and external networks cannot be trusted.
  • Zero Trust, a widely accepted term originally coined by Forrester, is a data-centric network design that puts micro-perimeters around specific data or assets so that more-granular rules can be enforced.
  • Zero Trust networks solve the "flat network" problem that helps attackers move undetected inside corporate networks.
  • The shift to Zero Trust is applicable across all industries from government to retail, healthcare, and everything in between.
  • Here are five steps to get companies started on the path to Zero Trust:
    • Identify Your Sensitive Data
    • Map the Data Flows of Your Sensitive Data
    • Architect Your Network
    • Create Your Automated Rule Base
    • Continuously Monitor the Ecosystem

*Source: Dark Reading, January 10, 2017

 

Get in Touch With Us!

Are you interested in receiving more information about our products? Do you have questions about sensitive data security? Would you like a demo? Complete the details below and one of our specialists will get in touch with you.

We love to help our customers solve their data security problems. Please tell us about what you are trying to accomplish, details about your environment, and any other information that will help us understand your needs better.

Image CAPTCHA
scroll top