Author

IT Blogr

Browsing

Throughout the year 2019, we kept an eye on cyber attack and data breach reported in mainstream publications, releasing our findings in our monthly blog series. 

This allowed us to see how many security incidents were occurring, how many records were involved and which industries were worst affected. 

Did you know, for example, that July was the worst month of the year in terms of breached records? Or that the leading cause of data breaches was internal error? 

With 2019 in the books, we’ve summarised these and other facts in infographics below

Source: IT Governance

 

November 2019 was a big month for data breaches, with a confirmed 1,341,147,383 records being exposed in 87 incidents.

However, almost all of those came from one leaked database, the origin of which is unclear as at the time of this writing.

Here is a full list of data breaches in November, showing the 1.34 billion records breached

Cyber Attacks

Ransomware

Data Breaches

Financial Information

Malicious insiders and miscellaneous incidents

Source: IT Governance

Popular social media app TikTok has been banned from United States Navy devices due to security fears.

A Navy bulletin sent to personnel declared that the video sharing app, owned by Chinese firm ByteDance, would be banned from government-issued mobile devices as it posed a “cybersecurity threat.”

Anyone found to be using government-issued mobile devices who did not uninstall TikTok would be blocked from the Navy Marine Corps Intranet, the note said.

Threats

In a statement sent to Reuters, Pentagon spokesman Lieutenant Colonel Uriah Orland said the order was part of an effort to “address existing and emerging threats”.

The “Cyber Awareness Message”, which was sent out to personnel on December 16, “identifies the potential risk associated with using the TikTok app and directs appropriate action for employees to take in order to safeguard their personal information.”

TikTok, which has over a billion users worldwide, has come in for increased scrutiny over the past months from US lawmakers as they look to clamp down on possible security threats.

Although popular mainly with teenagers, US army cadets were last month instructed not to use TikTok following concerns raised by Senator Chuck Schumer.

A Navy spokesman said Naval and Marine personnel who use government-issued smart devices are generally allowed to use popular commercial apps, including common social media apps, but from time to time specific programs that present security threats are banned. He would not give examples of apps that are allowed or those considered unsafe.

TikTok has not commented on the story, but its parent company is currently facing a national security review in the US following the $1 billion acquisition of American social media app Musical.ly last month.

Source: Tech Radar

The CISSP qualification

The Certified Information Systems Security Professional (CISSP) certification has become a prerequisite for anyone developing a senior career in information security. It provides information security professionals with an objective measure of competence and a globally recognized standard of achievement. The CISSP credential suits mid- and senior-level managers who are working towards, or have already attained, positions such as CISO, CSO or senior security engineer.

Path to passing the CISSP examination at one attempt: Here is a collection of resources that have helped previous CISSP test takers pass the test at one attempt

How to qualify for the CISSP certification

To qualify for the CISSP certification, you must:

  • Have a minimum of five years’ experience in two or more of the eight CBK domains.
  • Pass the CISSP examination.
  • Complete the endorsement process and subscribe to the (ISC)² Code of Ethics.
  • Maintain certification through continuing professional education (CPE) credits.

CISSP CBK

CISSP was developed and is maintained by (ISC)², the International Information Systems Security Certification Consortium. At the heart of CISSP is an information security common body of knowledge (CBK), which is divided into eight domains:

  1. Security and Risk Management
  2. Asset Security
  3. Security Engineering
  4. Communications and Network Security
  5. Identity and Access Management
  6. Security Assessment and Testing
  7. Security Operations
  8. Software Development Security

The Official (ISC)2 Guide to the CISSP CBK is the essential guide for those preparing for the CISSP exam.

Who Earns The CISSP?

According to the official ISC2 website, CISSP is ideal for experienced security practitioners, managers, and executives interested in proving their knowledge across a wide array of security practices and principles, including those in the following positions:

  • Chief Information Security Officer (CISO)
  • Chief Information Officer (CIO)
  • Director of Security
  • IT Director/Manager
  • Security Systems Engineer
  • Security Analyst
  • Security Manager
  • Security Auditor
  • Security Architect
  • Security Consultant
  • Network Architect

Cybersecurity certifications can be a great way of fast-tracking your career. The right course can get you that promotion you want. However, they require an investment of both time and money, and you don’t want to waste either of these on the wrong course. This is why it’s worth taking some time to choose carefully.

Are you looking for a definitive list of the best Cyber Security Certifications in 2020?  Ranging from the most basic certifications (ITIL foundation, CompTIA A+) up until the most recognized within the cybersecurity industry (CISSP)? Below is a list of over 200 accredited certifications, detailing their tracks and distinct categories for year 2020

2020-CyberSecurity-Certification-Chart

How Passwords are stolen – Cheatsheet

While having one of your accounts breached is a scary occurrence, you might wonder how it could actually happen. Chances are that a hacker wouldn’t target your account since you’re not famous or rich, right?

Well, hacking isn’t the only way to steal passwords. There are several other methods someone could use to discover and steal the password to an online account, your phone, or other important credentials. Let’s look at some of the most common.

Here is a reference sheet showing the most common ways passwords are stolen.

How passwords are stolen

A foundational element of innovation in today’s app-driven world is the API. From banks, retail and transportation to IoT, autonomous vehicles and smart cities, APIs are a critical part of modern mobile, SaaS and web applications and can be found in customer-facing, partner-facing, and internal applications. By nature, APIs expose application logic and sensitive data such as Personally Identifiable Information (PII) and because of this have increasingly become a target for attackers. Without secure APIs, rapid innovation would be impossible.

API Security focuses on strategies and solutions to understand and mitigate the unique vulnerabilities and security risks of Application Programming Interfaces (APIs)

Download the OWASP API Security Top 10 2019 today!

Loader Loading...
EAD Logo Taking too long?
Reload Reload document
| Open Open in new tab

Ransomware Hostage Rescue Manual

Ransomware can take different forms, but in its essence, it denies access to a device or files until a ransom has been paid.
In this manual, we discuss ransomware as PC or Mac-based malicious software that encrypts a user or company’s files and forces them to pay a fee to the hacker in order to regain access to their own files.

The hackers primarily use the following vectors to infect a machine: phishing emails, unpatched programs, compromised websites, poisoned online advertising, and free software downloads.

Download full document addressing Ransomeware Hostage today.

Loader Loading...
EAD Logo Taking too long?
Reload Reload document
| Open Open in new tab

Read and download Hackerone’s official 2019 Hacker-Powered Security report, focusing on the latest industry-wide cybersecurity tactics and events from the hacker’s perspective.

With hacker-powered security testing, organizations can identify high-value bugs faster with help from the results-driven ethical hacker community.

This Hacker-Powered Security Report 2019 is the most comprehensive report on hacker-powered security, having the largest repository of hacker activity and vulnerability data on display in one comprehensive report.

Inside you will find:

  • Year over year bug bounty program growth by industry
  • Vulnerabilities by type found across different industries
  • Average time to resolution and reward
  • Percentage of bounties found by severity level
  • Bug bounty payout trends and highest awarded bounties ranked by industry
  • Customer success highlights and hacker quotes and motivations
Loader Loading...
EAD Logo Taking too long?
Reload Reload document
| Open Open in new tab

The CVE or Common Vulnerabilities and Exposures, a platform aimed at sharing details about  Zero-day and disclosed vulnerabilities.

Webopedia also defines CVE as a dictionary-type list of standardized names for vulnerabilities and other information related to security exposures. CVE aims to standardize the names for all publicly known vulnerabilities and security exposures.

Useful tips about CVE:

  • It is run by the MITRE Corporation, a non-profit organization. (attack.mitre.org)
  • The CVE aims to share vulnerability information easily and provide a standard for naming them.
  • The CVE IDs are in the format ‘CVE-YYYY-NNNNN’, where YYYY stands for the year the vulnerability was made public or the CVE ID was assigned.
  • It also provides the Common Vulnerability Scoring System (CVSS) that defines the severity of a disclosed security flaw. The CVSS score ranges from 0.0 to 10.0; a higher score indicates a higher severity level.
  • The common vulnerabilities and exposures (CVE) program has been around for quite some time now, helping organizations improve their cybersecurity posture by providing a wealth of knowledge about vulnerabilities and exposures.
  • It creates a standardized identifier for every vulnerability or exposure disclosed, so they can be accessed easily across multiple sources.

In this article, we’ll explore the basics of CVE. But before that let’s quickly recap what vulnerabilities and exposures are.

Vulnerability

Vulnerability is a security flaw that may be exploited to perform cyber attacks. Criminals use a number of ways including SQL injection, cross-site scripting, and buffer overflows to look for vulnerabilities to exploit.

Many organizations invest in specialized teams that test for vulnerabilities and provide security patches. The causes of vulnerability include weak passwords, operating system flaws, unintentional development bugs, and unchecked user input, among others.

Exposure

Exposures are unintentional issues or errors that allow unauthorized access to a network or system.

Some of the massive data breaches are the result of exposures. A recent example of this is a record showing data breaches and cyber attacks in October 2019  alone, where 421 million records were breached.

These attacks usually come in form of Cyber attacks, Ransomeware, Data breaches, Financial information or PII data leaks,  malicious insiders and miscellaneous incidents

CVE: Weighing the benefits and risks

CVEs are publicly available and may be exploited by malicious actors to launch cyberattacks. However, the benefits overshadow this risk.

  • CVE only lists publicly disclosed vulnerabilities and exposures. This allows individuals and organizations to be aware of the security flaws and available patches.
  • While organizations need to take care of several vulnerabilities to ensure security, a hacker needs to find just one flaw to exploit. This reinforces the importance of sharing details about vulnerabilities and exposures.

This article provides an elemental outline of CVE. For more details, you can refer to the official CVE website.