Security News

Microsoft is going to release its Windows Defender ATP antivirus software for Mac computers. Microsoft on Thursday announced that the company is bringing its anti-malware software to Apple’s macOS operating system as well and to more platforms soon, like Linux.

As a result, the technology giant renamed its Windows Defender Advanced Threat Protection (ATP) to Microsoft Defender Advanced Threat Protection (ATP) in an attempt to minimize name-confusion and reflect the cross-platform nature of the software suite.

For all those wondering if Mac even gets viruses—macOS is generally more secure than Windows, but in recent years cyber criminals have started paying attention to the Mac platform, making it a new target for viruses, Trojans, spyware, adware, ransomware, backdoors, and other nefarious applications.

Moreover, hackers have been successful many times. Remember the dangerous FruitFly malware that infected thousands of Mac computers, the recently discovered cryptocurrency-stealing malware CookieMiner and DarthMiner.

Microsoft Defender ATP Antivirus for Mac

Microsoft has now come up with a dedicated Defender ATP client for Mac, offering full anti-virus and threat protection with the ability to perform full, quick, and custom scans, giving macOS users “next-generation protection and endpoint detection and response coverage” as its Windows counterpart.

“We’ve been working closely with industry partners to enable Windows Defender Advanced Threat Protection (ATP) customers to protect their non-Windows devices while keeping a centralized “single pane of glass” experience,” Microsoft says in a blog post.

Microsoft also promised to add Endpoint Detection and Response, and Defender ATP’s new Threat and Vulnerability Management (TVM) capabilities in public preview next month.

TVM uses a risk-based approach to help security teams discovery, prioritize, and remediate known vulnerabilities and misconfigurations using a mixture of real-time insights, added context during incident investigations and built-in remediation processes through Microsoft’s Intune and System Center Configuration Manager.

For now, the tech giant has released Microsoft Defender ATP for Mac (compatible with macOS Mojave, macOS High Sierra, or macOS Sierra) in limited preview for businesses that have both Windows and Mac computer systems.

 

//www.youtube.com/watch?v=26z6SwScYx4

Like MS Office for Mac, Defender for Mac will also use Microsoft AutoUpdate software to get the latest features and fixes on time. While Microsoft has announced its plans to launch Defender ATP for more platforms in the future, the company has not explicitly named those platforms.

Also, it is not clear if Microsoft is also planning to launch a consumer version of Microsoft Defender for Mac users in the future. Microsoft’s business customers can sign up here for the limited preview.

In the attempt to make its security software available to more people, Microsoft just last week released Windows Defender extensions for Mozilla Firefox and Google Chrome as well.

 

The information contained in this website is for general information purposes only. The information is gathered from The Hacker News while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.

People should stop using patterns to unlock their devices, researchers have warned.  A new study has found that it’s a lot easier for people who might be looking over your shoulder as you unlock your phone to memorise a pattern than a passcode. So-called “shoulder surfing attacks” can be easy for a criminal to plan and execute, but you can protect yourself by switching to a PIN code and increasing its length from four digits to six, the researchers say. They got over 1,000 volunteers to act as attackers, challenging them to memorise a range of unlocking authentications – four- and six-digit PINs, and four- and six-length paŠtterns with and without tracing lines – by watching a victim over their shoulder from a variety of angles. The 5-inch Nexus 5 and 6-inch OnePlus One were the two handsets used in the study, as the researchers say they “are similar to a wide variety of displays and form factors available on the market today, for both Android and iPhone”. The researchers also considered single and multiple views for the attacker and two different hand positions for the victim – single-handed thumb input and two-handed index-€finger input.

 

The study found that four-length patterns with visible lines were far easier to crack, as a result of shoulder surfing, than any other type of unlocking authentication they tested. “We €find that PINs are the most secure to shoulder surfi€ng attŠacks, and while both types of paŠttern input are poor, pattŠerns without lines provides greater security,” the researchers, from United States Naval Academy and the University of Maryland, said. “ŒThe length of the input also has an impact; longer authentication is more secure to shoulder sur€fing. Additionally, if the attŠacker has multiple-views of the authentication, the aŠttacker’s performance is greatly improved.”

 

In tests, 10.8 per cent of six-digit PINs were cracked after one observation. This figure rose to 26.5 per cent after two observations. 64.2 per cent of six-length patterns with tracing lines, meanwhile, were cracked after one observation. This rose to 79.9 per cent after two observations. 35.3 per cent of six-length patterns without tracing lines were cracked after one viewing, rising to 52.1 per cent after two viewings. “Shorter paŠtterns were even more vulnerable,” said the researchers, who added that even people who use fingerprint or face-scanning technology to unlock their phones should be ary of their findings.  “Biometrics are a promising advancement in mobile authentication, but they can be considered a reauthenticator or a secondary-authentication device as a user is still required to have a PIN or paˆttern that they enter rather frequently due to environmental impacts (e.g., wet hands),” they said.

“ThŒere are also known to be high false negatives rates associated with biometrics. Further, users with biometrics o‰ften choose weaker PINs as compared to those without, suggesting that the classical unlock authentication remains an important aŠttack vector going forward.”

A separate study published earlier this year found that the majority of lock patterns can be cracked within five attempts.

 

he information contained in this website is for general information purposes only. The information is provided by independent and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
Through this website you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control

Online Trust Alliance spells out best practices for testing, purchasing, networking and updating IoT devices to make them and the enterprise more secure.

Here’s a handy list of tips that can help you avoid the most common mistakes that business IT pros make when bringing IoT devices onto enterprise networks. The list centers on awareness and minimizing access to less-secure devices. Having a strong understanding of what devices are actually on the network, what they’re allowed to do, and how secure they are at the outset is key to a successful IoT security strategy.

  • Every password on every device should be updated from the default, and any device that has an unchangeable default password shouldn’t be used at all. Permissions need to be as minimal as possible to allow devices to function.
  • Everything that goes on your network, as well as any associated back-end or cloud services that work with it, needs to be carefully researched before it’s put into production.
  • It’s a good idea to have a separate network, behind a firewall and under careful monitoring, for IoT devices whenever possible. This helps keep potentially insecure devices away from core networks and resources.
  • Don’t use features you don’t need – the OTA gives the example of a smart TV used for display only, which means you can definitely deactivate its microphone and even its connectivity.
  • Look for the physical compromise – anything with a hardware “factory reset” switch, open port or default password is vulnerable.
  • Gizmos that connect automatically to open Wi-Fi networks are a bad idea. Make sure they don’t do that.
  • If you can’t block all incoming traffic to your IoT devices, make sure that there aren’t open software ports that a malefactor could use to control them.
  • Encryption is a great thing. If there’s any way you can get your IoT devices to send and receive their data using encryption, do it.
  • Updates are also a good and great thing – whether you’ve got to manually check every month or your devices update on their own, make sure they’re getting patches. Don’t use equipment that can’t get updates.
  • Underlining the above, don’t use products that are no longer supported by their manufacturers or that can no longer be secured.

 

The information contained in this website is for general information purposes only. The information is gathered from Computer World while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.

As the world becomes more connected, it also opens up myriad cybersecurity threats. It is important for enterprises, no matter the size, to take cybersecurity seriously because the impacts can be adverse and prove to be extremely costly. Therefore, a risk-based approach can be the best course of action to take when dealing with cybersecurity. A risk-based approach enables enterprises to conceive a more comprehensive plan by understanding the critical assets and the regulatory, financial and reputational risks of exposing assets. This allows organizations to meet the changing needs of a plan that needs constant re-evaluation for consistent improvement.

A risk-based assessment requires a significant amount of work to locate all vulnerabilities in an enterprise’s workflow. These risks are then assigned a risk score based on the severity of the vulnerability, which allows the enterprises to focus its efforts on the risks that have a higher chance of compromising their workflow. The risk scores are based on a combination of the likelihood of a risk materializing and the impact that will have on the organization, should it become a reality. Security risks are more than just technology, it includes operational risks as well, which is why this approach must not be made in isolation.

A risk-based security program aligns closely with the enterprise’s goals. Technical decisions that are made within security programs have dramatic effects on how organizations can achieve those goals, which is why risk-based approach must take this into account. Enterprises that do not consider risk-based approaches become easy targets for hackers that use the latest in cutting-edge technology when looking for vulnerabilities.

 

The information contained in this website is for general information purposes only. The information is provided by Cyber Security Overview and while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.

Through this website you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.

Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control

Cyber-attacks cost affected small business an average of A 10,000 in 2017 – a 56% increase over 2016 said Norton by Symantec.

Its Norton SMB Cyber Security Survey Australia 2017 reveals 23% of Small to Medium businesses had a cyber-attack last year.

Some 37% of SMBs don’t think they would remain in business if denied critical information for just one week.

“Cyber attacks have the potential to significantly affect how a business operates. How it is perceived by customers, particularly in the event of lengthy downtime or a data breach is vital. Cyber attacks have the power to cripple SMBs, regardless of industry,” said Mark Gorrie, Director, Norton Business Unit, Symantec Pacific Region.

Ransomware is still the preferred method of cyber-attack

Given data is so valuable and lack of effective backup it is not surprising that ransomware affected 10% of SMBs and 16% paid.

Interestingly 22% of SMBs that had experienced a cyber-attack before were more likely to pay the ransom.

Back-up or crack-up

Only 32% of SMBs bother to regularly backup valuable data. Let’s not even discuss whether its real back-up that works – tested, replicable, restorable and stored off-site.

But the message is getting through – back up ‘continuously’ to an off-site location and back-up both the operating environment and data so that a restore is quick.

Internet security is no longer a luxury

Sign-ups for internet (cloud) based security protection was up 19% to 87%.

Internet security sign-ups to prevent potential threats was 60%. Some 34% believed it was simply good business practice.

Older business operators (50-59 years) were more likely to implement internet security solutions as part of good business practice.

Password protection of company devices (laptops, PCs, tablets and smartphone) was up in 2017 (80-88%). This compares to 72-82% in 2016.

There were fewer opportunities for compromise/access of sensitive information by unauthorised persons. Fewer micro-and-small business operators accessed financial data from a mobile (36%) or personal device (46%) compared to those surveyed in 2016.

A scam in sheep’s clothing

Phishing (54%) remains the primary point of cyber-attack. But, hacking (36%) is next – if a computer is exposed to the internet hackers can find and try to penetrate it.

Employees stealing, losing or compromising data was way down – education is working.

Public Wi-Fi is dangerous

40% now use VPN’s with public Wi-Fi. A further 35% will not use Public open Wi-Fi but look for coffee shops etc., that require a password.

But that leaves 25% without protection in a public Wi-Fi minefield.

Norton says you can reduce cyber-attacks

  • Don’t wait for a cyber-attack – go on the defensive and harden your cybersecurity by installing cybersecurity software
  • Invest in comprehensive backup – not a USB or external hard disk
  • Keep equipment patched and up-to-date. Too many cyber-attacks use old vulnerabilities.
  • Get employees involved – cybersecurity is everyone’s business if they want a business to employ them
  • Use strong passwords. Never share and never use convenient, obvious passwords.
  • Think about your risk and investigate if cyber insurance is a good idea

“As the financial and operational impact of cyber attacks become harder for SMBs to ignore, business owners and operators are beginning to knuckle down and get the basics right. From using passwords, two-step verification and back up, to the more complex tasks of regulating access to Company data. With the introduction of Australia’s new mandatory data breach disclosure laws, we expect more Australian SMBs will go from seeing cybersecurity as a ‘nice to have’ to a critical piece in securing the future success of their business,” said Gorrie.

 

The information contained in this website is for general information purposes only. The information is gathered from Gadget Guy while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk.
Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them.
Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.