Hass and Associates Cyber Security: Web sites attacks around Australia are shorter but bigger

Web sites attackers are utilizing shorter bursts of activity to infiltrate servers and systems inside a large way, in comparison towards the relaxation of Web sites attacks in Asia-Off-shore.

Arbor Networks' first-quarter Active Threat Level Analysis System (ATLAS) set of distributed denial-of-service (Web sites) attacks demonstrated that Australia possessed a shorter time period of Web sites attack activity, however that the attacks were greater in scale, as compared to the relaxation of Asia-Off-shore.

Arbor Systems discovered that the attack length around Australia throughout the very first quarter of 2015 was 22 minutes, versus 46 minutes in Asia-Off-shore. Consequently, nearly all attacks were so short resided that 96 percent survived under 1 hour, in comparison to Asia-Off-shore, where 90 % of attacks survived under an hour or so.

However, the typical size Web sites attacks around Australia were 1.25Gbps roughly two times as large because the average attack recorded in Asia-Off-shore.

"Rapid time period of attacks reported in Q1 is interesting. Short bursts of Web sites attack activity require automated defences to safeguard against them," stated Nick Race, Australia country manager for Arbor Systems.

"Operators around Australia absolutely should be aware. On-premise Web sites protection is important for recognition and minimization of attacks, enabling bad visitors to be scrubbed within an immediate and automatic fashion."

Based on Arbor Systems, attackers utilized reflection amplification techniques on network time protocol, simple service discovery protocol (SSDP), and DNS servers.

Around Australia, SSDP capped their email list for many common individual reflection attack within the first quarter, using the biggest reported at 26Gbps. However the biggest individual attack was an NTP reflection attack which was recorded at 51Gbps.

Read more

NuData Security reveals improvements to online fraud detection engine

Software development company NuData Security recently revealed its enhancements to its online fraud detection engine called NuDetect, according to Hass and Associates Cyber Security.

They added new powerful anti-fraud tools, based on continuous behavioral analysis and compiled behavioral biometric data. This enables them to significantly reduce the probability of fraud while also avoiding false positives.

NuDetect's expanded array of behavioral biometric sensors achieves 97 percent accuracy in verifying a user's identity. Its improved user interface acts as an "early warning system" that makes high-risk events easily accessible to security teams. This enhancement allows detection as early as 15 days before a fraud attempt is made wherein it provided the client with sufficient time to track, discover and avoid fraudulent transactions from happening.

Institutions that fall victim to fraud are at risk of losing large amount of money and customers, and suffering long-term brand damage. To avoid additional damages, NuDetect provides an immediate solution through behavior-based fraud detection, real-time detection and mitigation, faster development, historical context awareness, invisible implementation, and reducing cost and workload.

Furthermore, NuDetect utilizes behavioral biometric to greatly improve on traditional device identity and deliver far more intelligence than traditionally available, without interrupting a user's experience. It monitors activity in real time that allows the client to easily take action against fraud because the system shows fraudsters' intent before they have a chance to penetrate and do damage. It also allows for deployment in just a couple of days so that companies are equipped to defend against fraud as quickly as possible.

NuDetect also uses historical cross-session and cross-cloud behavior patterns stored in the NuData cloud. This provides outstanding accuracy and security from day one. Institutions are able to determine risk and deploy necessary security countermeasures only to the most suspicious actors.

With this platform, more back-end work is completed in advance, therefore lowering institutions' expenses and developer needs. Moreover, these institutions need to do less work to customize how data is sent, further improving deployment time.

Nowadays, it is obvious that attackers become more sophisticated in terms of identity theft, therefore institutions must quickly implement strong fraud detection measures. NuDetect's improved features put highly effective anti-fraud tools into the clients' hands. It provides clients with a more in-depth view in how fraud attacks functions and the full fraud lifecycle, instead of focusing only at the fraudulent purchase of goods.

The company of NuData Security predicts and prevents online fraud, protecting businesses from brand damage and financial loss caused by fraudulent or malicious attacks. NuData Security analyzes and scores billions of users per year and services some of the largest e-commerce and web properties worldwide.

Read more

‘Trojan.Laziok’ malware targets energy companies

Malicious software called ‘Trojan.Laziok’ was recently revealed by the researchers of an American technology company called Symantec.

Based upon the report of Hass and Associates Cyber Security, the malware is known to be a part of an ongoing worldwide espionage campaign wherein it targets energy companies worldwide especially in the Middle East.

Attacks are launched through spam emails from a moneytrans.eu domain. Those emails contain an attached Microsoft Excel file wherein it activates a backdoor that gives the hackers a crucial view into the targeted computer.

The malware collects system data including the name of the computer, CPU and GPU details, installed software, hard disk and RAM size, as well as what antivirus software was installed. Immediately after, it uploads those data towards the attackers and then downloads additional malware such as Backdoor.Cyberat and Trojan.Zbot.

Petroleum, gas and helium companies were most often targeted in the United Arab Emirates, Saudi Arabia, Pakistan and Kuwait. Based on a report obtained by Hass and Associates Cyber Security, whoever is behind these attacks may have an intentional interest in the activities of the affected companies.

Attacks rarely happened on energy companies in other countries like India, United Kingdom, and the United States.

Symantec also claims that “the group behind the attack does not seem to be particularly advanced, as they exploited an old vulnerability and use their attack to distribute well-known threats that are available in the underground market.”

The attack is simple and outdated which clearly shows the significance of frequently updating all software because organizations nowadays fail to follow basic security guidelines which includes updating the software running on a secure system.

Read more

Hewlett-Packard partners with cybersecurity firm FireEye

The prominent cybersecurity firm FireEye, Inc. and tech giant Hewlett-Packard (HP) recently announced a partnership to develop advanced threat protection.

Hass and Associates Cyber Security perceives this as one of the coming wave of alliances between small and large tech companies aiming to strengthen their security.

The deal that will expand Milpitas-based FireEye’s reach was announced at the RSA Conference on security that is held in San Francisco.

This year’s conference has 500 exhibitors, compared with 400 last year.

The interest in cybersecurity has been heightened in the conference because of the attacks on big companies for the past two years such as Sony, Target Corporation, JPMorgan Chase, Anthem Inc., and Home Depot.

CEO and Chairman of the Board of FireEye, Dave DeWalt defined the deal as “capability meets scale” during an interview before the announcement.

In addition, the two other alliances announced by HP were cloud security partnerships with Los Angeles-based Securonix and Palo Alto-based Adallom.

Securonix is a provider of security intelligence platform for monitoring security events. It also identifies and access data to detect insider threats and advanced targeted attacks. While Adallom is a cloud security firm with research headquarters in Israel.

HP described the alliances as developing an advanced cyber defense emphasizing the protection of users’ interactions, applications and data, rather than the old practice of securing the perimeter, in which data flows were restricted in the interests of security.

Although HP has its own large security team, given the threat level, HP needs a FireEye which has a next-generation security platform.

HP’s own security professionals can now bring in FireEye’s technology and the investigative group from Mandiant.

On December 30, 2013, FireEye acquired Mandiant in a stock and cash deal worth in more than $1 billion.

In February 2013, Mandiant rose to prominence when it released a report documenting evidence of cyber-attacks by the Chinese People’s Liberation Army targeting at least 141 organizations in the United States and other English-speaking countries extending as far back 2006.

Mandiant’s main services are expensive. However, the deal will bring a co-branded version of its services to smaller companies.

Executive Vice President of HP Enterprise Services, Mike Nefkens said that the partnership will beef up HP’s security portfolio. HP and FireEye are making it possible for their clients to analyze and improve their defenses before the next attack with the most advanced cybersecurity protection available today.

HP also reaches many countries where FireEye has a smaller presence including Africa, Middle East, and Europe.

FireEye also announced a partnership with Israeli security provider Check Point Software Technologies to share threat intelligence to protect customers from modern advanced attacks.

Read more

Hass and Associates Cyber Security: Botnets inflate Twitch viewership

With the boom in online streaming these days, it's only expected that people will get creative and game the system to earn more money. In the case of streaming site Twitch — known for its community of gamers — it appears that some of its broadcasters are using botnet-for-hire services to illegally get those "millions" of viewers.

IT security company Symantec has released a report last week that some websites are openly advertising services that can generate big numbers of viewers on Twitch as well as on other streaming websites. One of the services identified claim to generate 5 separate streams from a single infected PC, with all the streams muted and hidden. Some add-ons on such services could also include automated chats that are programmed to send in comments during the live stream like normal users.

A botnet is a PC connected online that is used to do a task, so practically any PC can be used for this purpose even without the owner knowing. It can be hijacked to covertly perform a task from the attacker on the background and still function as it normally would, hence lowering the possibility of discovery. Aside from those, Hass and Associates Cyber Security also found out that botnets could replicate automatically to other legit viewers by links in the chat of a stream, for instance. The malware could also make itself look like an update from Google or Adobe to infect a PC.

According to Twitch's report in January, their stats for 2014 include 10,000 partnered channels, 100 million unique viewers every month and 1 million concurrent viewers. While there are partner channels that are operating legitimately, others are fraudulently boosting their viewership numbers in order to become a partner. No surprise there since becoming a Twitch partner comes with advantages like pre-stream ads and ability to get donations.

However, they have to get a consistent average of 500 viewers. That's where the botnet-for-hire comes in. Different packages are being offered with options to gain you followers, chatters and live viewers courtesy of bots. One of the service providers claims to give you 40 chatters and 100 viewers for as little as USD 30.

Lionel Payet of Symantec said, "While many broadcasters stream their gameplay online as a hobby, some have managed to turn it into a well-paid full time job. Over the past few years, this business model has grown sharply, so it's unsurprising that scammers are piggybacking on the industry in a parallel underground economy."

A connection between this discovery of botnet use and the security breach last week where stream keys, IP information and user credentials were compromised has yet to be proven, according to Hass and Associates Cyber Security. But as Payet puts it, "If a user's computer is compromised by any malware, then their info is always exposed."

Meanwhile, Twitch has responded with a statement from its Vice President of Marketing: "These illegal services are a long-standing issue that is not unique to Twitch. We detect when they are used and deal with them in a layered approach including legal action, tech solutions, and human monitoring."

There would certainly be backlash from the legit broadcasters of Twitch if this is proven to be true. For now, the question is, how many user accounts in Twitch are actually bots and just how many broadcasters have been availing of their services.

Read more

Hass and Associates Cyber Security: How to Avoid Phishing Scams

Phishing scams have been around for quite some time now. But not many people are aware of what it is and what it can do to them. It is simply a ploy used by fraudsters to lead you to divulge personal information by pretending to be legitimate online business companies. In fact, they trick you to believe they are popular companies, such as Facebook, in order to get your trust.

Beware! Once they have your information, they will then collect information or money from you through your computer or online bank accounts. Here are some tips on how to recognize phishing emails and also how you can protect yourself:

• Poor grammar and spelling. Often, fraudsters, unlike legit companies, are not (or do not employ) copy editors and post emails that are not well written. So, chances are, if you read an email with grammatical errors, it could be a scam dealer.

• Avoid clicking links in emails. Links included in dubious email messages could be traps. Simply move your cursor (without clicking) on the link and check if the address is the same as the one in the message.

Sometimes, the real web address (that pops up when you move the cursor) is not the same as the company’s supposed web address.

Links could also bring you to .exe files which could infect your PC with malicious software.

• Scammers often use threats. Fraudsters, and swindlers in general, are good at causing their victims to feel guilty or fearful. They will threaten to close your account or say that your security has been compromised in order to cause people to act according to their wishes. Such tactics are not used by professional companies. Get more information on how you can protect yourself from such ploys.

• Copying popular companies or sites. Cybercriminals employ logos, pop-up windows and other graphics that appear to link you to legitimate websites but in reality lead you to fake scam sites. One of the most-often spoofed companies is Microsoft. Protect yourself by getting more information on how scammers do it.

Here are some other tips to protect you from scammers:

• Only make use of dependable security software and set it to stay updated automatically. Moreover, learn standard security practices available on this link: computer security practices.

• Never give out your email personal or financial information. The email is not a protected means of sending out confidential information.

• Post personal or bank information only through a company’s website if you yourself typed in the web address and have checked that the site is secure. A URL that is secure will have this: https (the “s” means secure). This is not totally reliable though, as scam artist have also found a way around it.

• Inspect credit card and bank account statements right after you receive them to see if there are any unauthorized transactions. If your statement arrives a few days late, call to verify the billing address used and check out your account balances.

• Be careful when you click on attachments and downloading files from emails, regardless of who sent them. These files may contain viruses or other malware that can compromise your PC’s security.

The world has suddenly become not just convenient but also complicated. Yes, we can do banking and shopping online; but the burglars have also followed us on the virtual highway and found ways to steal our personal information and our money as well. We can protect ourselves from these criminals by knowing where they come from and how they operate.

Read more

Facebook sued over allegedly scanning users’ private messages

Class action lawsuit asks for a minimum of $10,000 for each user over scanning the content of private Facebook messages and following the enclosed link.

Facebook was sued by a class action lawsuit stating that the social network scans private messages sent by users in order to share this information with “advertisers, marketers, and other data aggregators”.

The suit states that what they do is “an especially profitable opportunity for Facebook, because users who believe they are communicating on a service free from surveillance are likely to reveal facts about themselves that they would not reveal had they known the content was being monitored.” Read more

Read more

Fastest-growing Internet virus ransoms computers

Terry Dent was certain that it was a scam the moment she read the warning message on her computer.

She knew she hadn’t downloaded any child pornography, this 57-year-old widow acknowledge that she is not the most computer- literate woman in the world but she is quite sure she hadn’t done any mistake. If in any case that she did, she knew the FBI wouldn’t be asking her to use a prepaid credit card to pay a $300 fine to unfreeze her computer.

“I’m not stupid,” she said. “I wasn’t going to send anyone anything.”

But the thing is other people do and will keep doing it. Details

Read more

Cops test latest crime-fighting gadgets at police expo

Australia’s New South Wales Police Force, SGT. DANIEL MOORE, wasn’t expecting that he would get to fulfill his all life fantasy the time he came to Philadelphia for last week’s International Association of Chiefs of Police conference.

In a suit and tie, SGT. DANIEL MOORE arrived at Pennsylvania Convention Center, waiting in the longest line at IACP’s expo hall.

“It’s always been a dream of mine to shoot a Taser at an alien,” Moore said.

And so, he did.

Get more info

Read more

For a unified cyber and telecom security policy

The preamble of the newly-ratified National Cyber Security Policy declares that information technology (IT) is one of the vital areas that exist in cyberspace. The major spotlight of the policy is the protection of this sector.

Another sector, just as important, that is now completely incorporated in cyberspace is telecommunications. Telecommunications and IT are widely engaged in computerized control and management of sectors like power, gas pipelines, nuclear energy, etc, which are commonly not associated with the Internet, but are still susceptible to malware attacks. Hence, the primary requirement at present is to protect all crucial sectors. Get more info

Read more

Rise of the Internet

The rise of the Internet is undeniable, and unrestricted access from multifarious smart gadgets with more rapid 4G connectivity means that consumers’ potential usages of these devices in terms of the tasks they can accomplish online at any time an at any place are growing fast. In this milieu, the subject of online retail and its correlation with personal communication (either face-to-face or via phone) is being fervently discussed in all sectors.

And so it goes for insurance as well. For the past thirty years, personal connections have been dominated by the contact centre, and while not many can question that the Internet has greatly aided in generating quotes, the accepted rule is that phone calls and in-the-flesh visits are still a vital part of the sales cycle and a major force in enhancing conversion rates.

While many situations may call for the application of the personal appearance, it is nevertheless the case that a rising share of everyday insurance tasks can be accomplished without it – in so far as the consumer agrees to it.

Read more

Read more

We know where you live

…..A social media warning for parents

Nowadays one of the hottest social networking sites for tweens is Instragram. But there is a bigger concern parents are discovering, kids may end up putting home on the map without even knowing it.

“Most older people don’t have Instagram,” said Molly Matysiak. “That’s like our kind of thing.”

Many thinks it’s cool because it isn’t their dad’s or their mom’s but what many do not know is just how much those pictures are revealing about those young people [...]

FURTHER INFORMATION

Read more

FTC probes

Investigations conducted on corporations and web companies that are suspected of different violations. One of the most common is not disclosing breaches and leaks against the entity that may affect their customers.

FURTHER INFORMATION

Read more

Tailgating

Also called piggybacking, this scheme is used in gaining access even without having any authorization by simply riding on another individual’s credentials. This includes faking an ID or presenting excuses in order to make the person believe the hacker is harmless.

Read full article

Read more

Baiting

Baiting is closely similar to a trojan horse, only it is conducted in the physical world. It involves leaving an infected media (e.g. flash drive, CD, floppy disk) in a public location with the intent of damaging a network or stealing from a PC.

GET MORE INFO

Read more

Phishing

Phishing is commonly seen in email messages, a very vulnerable avenue in illegally getting private data from unsuspecting users. A hacker can pose as a legit entity with a message that will compel the user to act at once.

READ FULL ARTICLE

Read more

Pretexting

Pretexting is basically used through inventing a scenario or pretending to be someone else in order to obtain the target’s desired information. Hackers can fake their way into gaining access to birthdate, social security number and bill amounts through establishing credibility. This is typically done more effectively when the impersonator has a confident and authoritative voice and have basic knowledge of the target.

FURTHER INFORMATION

Read more

Social Engineering

Social enginnering is a popular technique utilized by skilled hackers that is conventionally used on the phone or on a face-to-face encounter. It is called the art of handling people — the most vulnerable element in computer security — into divulging personal data and doing something that will benefit the hacker [...]

READ FULL ARTICLE

Read more

SQLi

SQL injection is a tactic used in attacking a database or a server via its front-end (e.g. website). Through putting parts of SQL statements in an entry field of the website, hackers can try and get the site to run the newly-created malicious command to the database itself, for instance, dumping its contents to a remote server under the control of the attacker [...]

CONTINUE READING

Read more

DDoS

Distributed Denial of Service attack is an onslaught of web traffic to a particular website that is launched to cripple its server. Flooding, or using up all of the website’s bandwidth and resources is a typical tactic for hackers who want to bring down the remote host, ergo the website along with it, for a period of time [...]

CONTINUE READING

Read more