Security
Can internet outages really disrupt crypto networks?
In the wee hours of Oct. 18, several parts of Europe, America and Asia were left without any internet due to several undersea internet cables being “cut,” causing a chain reaction of connectivity problems across the globe. France, Italy and Spain, in particular, were faced with significant outages, with many experts claiming that vandals were to be blamed for the same. According to Jay Chaudhary, CEO of Zscaler — an American cloud security company — there is no doubt that nefarious third-party agents were to be blamed for the cut cables that resulted in packet data losses as well as latency for various websites and applications, adding that despite their best efforts authorities have been unable to pin down the individuals responsible for the attacks. Furthermore, it bears mentioning that ...
How does a cyber criminal think?
Image sourced from Feed Navigator. How do cybercriminals think when they enter into your organisation? What do they look for? And how can you use this insight to protect your business? Hackers want in. They want into the business, its data and its details because cybercrime is a multi-billion-dollar business and there is plenty of profit in phishing, stolen data and ransomware. They dig into your business and they use every loophole and vulnerability they can find, whether that is your systems or your people. Their approaches follow several standard steps, although these can change depending on the target or the goal. After all, as Anna Collard, SVP Content Strategy & Evangelist at KnowBe4 Africa, points out: “Cybercriminals do have several steps they usually follow, although the...
5 ways to guard against Phishing
One significant finding published in our 1H 2022 FortiGuard Labs Threat Report is that ransomware is rampant. We’re seeing ransomware attacks becoming more sophisticated and aggressive, with attackers introducing new strains and updating, enhancing, and reusing old ones. What’s especially concerning as we look back at the first half of 2022 is that the number of new ransomware variants we identified increased by nearly 100% compared to the previous six-month period. How does ransomware make its way into an organization in the first place? Ransomware can be delivered to an unsuspecting victim in many ways. Yet according to research, phishing is the number one attack vector associated with ransomware. This is why it’s critical for all employees to be cyber aware and cybersecurity training ca...
Be warned: Identity theft is laughably easy
Covid-19 was a boon to perpetrators of commercial identity theft around the world. The Global Consumer Pulse Study reports that 37% of South African consumers have recently been targets of Covid-19 related digital fraud. TransUnion reports that the percentage of suspected fraudulent digital transaction attempts against businesses that originate from South Africa increased by 44% from March 2019 to March 2021. Worryingly, a FICO Consumer Fraud Survey 2021: South Africa found that only 8% of respondents said the type of fraud they were most concerned about was a fraudster tricking them into sending a payment, even though this kind of scam is growing fast and is a major focus for banks. This type of identity theft refers to someone stealing your personal information typically for their financ...
SBF: FTX to filter assets it thinks are securities from US listings until registration in place
Sam Bankman-Fried (SBF) has written a set of suggested standards for the crypto industry “while waiting for full federal regulatory regimes,” which were posted on the FTX Policy blog on Oct. 19. The post covers many of the questions facing regulators and operators, with specific reference to the United States at points. In particular, SBF outlined a plan for treating assets in the U.S. in regard to their status as securities or commodities. FTX will implement his plan, SBF wrote. In the United States, SBF wrote, the FTX legal team will analyze assets using the Howey test, case law and guidance to determine whether an asset is a security or commodity. Non-security assets will be classed as commodities by default. Moreover: “If we do find an asset to potentially be a security, we will not li...
2TS launches Vulnerability Remediation-as-a-Service: a highly scalable solution fit for large enterprises through to SMEs
The launch of Vulnerability Remediation-as-a-Service (vRaaS) by cybersecurity solutions provider 2TS combines the use of an international industry-leading vulnerability management solution, together with unified endpoint management technologies, to detect and remediate vulnerabilities within your IT environment. At the same time, this offering is available across the board, for both large-scale enterprises (LE) right through to small and medium enterprises (SMEs). 2TS CEO Charl van Niekerk explains: “Two leading international technology vendors, which are involved in vulnerability management and unified endpoint management respectively, recognised that new vulnerabilities are discovered every month, but that the vast majority of all organisations, both LE and SME alike, are not able to imp...
HP Launches Sure Access Enterprise to Protect High Value Data and Systems
Sourced from Silicon Angle HP Inc today announced enhancements to its HP Wolf Security endpoint protection portfolio, with the launch of Sure Access Enterprise (SAE)[i]. SAE protects users with rights to access sensitive data, systems, and applications. It prevents attackers from hi-jacking these privileged sessions – even if the users’ endpoint device is compromised, the access to high value data and systems can remain secure. This stops minor endpoint breaches turning into major security incidents. Available for both HP and non-HP devices, SAE leverages HP’s unique task isolation technology to run each privileged access session within its own, hardware-enforced virtual machine (VM). This ensures the confidentiality and integrity of the data being accessed, isolating it from any malware i...
Think your business is too small to be held to ransom? Think again.
Gilchrist Mushwana, Director at BDO South Africa and Head of Cybersecurity Service Line Ransomware attacks are real, ever-present and wreaking havoc across the board for businesses. The bad news is that this type of cybercrime does not just target large multinationals. In fact, these are most likely avoided as an attack is expected, making SMEs a much easier target. Gilchrist Mushwana, Director at BDO South Africa and Head of Cybersecurity Service Line, discusses the evolution of ransomware and the impact of the growing sophistication of these attacks on the country’s small and medium sized business sector. According to research done by Kaspersky, ransomware attacks in South Africa have doubled over the comparative period of 2021. Transnet, Citypower, Dischem, Uber… these are just some of ...
Are you confident that ex-employees can’t access your company’s digital assets?
A recent global Kaspersky study on the behaviour of small and medium businesses during crises shows staff reductions may cause additional cybersecurity risks. Yet only 51% of organisations’ leaders are confident that their ex-employees don’t have access to company data stored in cloud services, and just 53% are sure that former workers can’t use corporate accounts. While, according to studies team retention was the top priority for almost half of organisations throughout the pandemic, many businesses still might have to resort to job cuts in order to reduce costs during hard times. Kaspersky surveyed more than 1,300 business leaders in small and medium-sized organisations across the globe to learn what tactics they chose to keep their business afloat, and what cybersecurity risks anti-cris...
Celestia Foundation raises $55M for modular blockchain architecture
Celestia Foundation announced on Oct. 18 that it had raised $55 million in a funding round led by Bain Capital Crypto, Polychain Capital, Placeholder, Galaxy, Delphi Digital, Blockchain Capital, NFX, Protocol Labs, Figment, Maven 11, Spartan Group, FTX Ventures, Jump Crypto, and angel investors; Balaji Srinivasan, Eric Wall, and Jutta Steiner. Celestia is building a modular blockchain architecture with the hope of solving challenges inherent when deploying and scaling blockchains. The company suggested that it intends to build infrastructure that will make it easy for anyone with the technical know-how to deploy their own blockchain at minimal expense. The company indicated that its modular blockchain architecture will focus on improving scalability, shared security, and sovereignty issues...
Security versus functionality: avoiding end user revolt
One of the biggest challenges facing any CISO today is a term we call end user revolt – when users circumvent all security measures and protocols in order to do their jobs. When the business puts mechanisms in place to secure its infrastructure but these hinder users from being productive, users will always find a way around them. For example, if they are unable to copy a phone number from their email to WhatsApp for business purposes, they will simply forward the mail to their private email or a web application and copy it from there to get the job done. Typically, they are not doing this with malicious intent, but to make life easier. Not delivering what users need, or actively hampering their ability to work, inevitably leads to workarounds and Shadow IT, which raises security, budgetar...
BNB Chain responds with next steps for cross-chain security after network exploit
BNB Chain, the native blockchain of Binance Coin (BNB) and the Binance crypto exchange, has been subject to security-related developments over the last month. On Thursday, Oct. 6 the network experienced a multi-million dollar cross-chain exploit. The incident caused BNB Chain to temporarily suspend all withdrawal and deposit activity on the network. Initially, the announcement of the network outage cited “irregular activity” with an update stating it was “under maintenance.” As rumors were confirmed the CEO of Binance, Changpeng Zhao tweeted out an apology for any inconvenience to the BNB Chain community. However the suspension was brief, as the BNB Chain Team announced the network was back online early on Oct. 7, just hours after the attack. As the network regained activity its validators...
