VPN in Business: It’s Time to Recheck Your Remote Access!

A few weeks ago, a list of usernames, passwords and IP addresses from more than 900 Pulse Secure VPN servers was published online. This list also contained the SSH keys associated with each server, a list of all local users and their password fingerprints, admin account details, VPN session cookies and the latest connections to these devices. So how did cybercriminals get their hands on so much information?

The leaked list highlighted the firmware version of each VPN server and it turned out that all affected servers were running an older version exposed to a well-known vulnerability: CVE-2019-11510, a vulnerability at the heart of Pulse Secure, the most deployed type of corporate SSL VPN.

These issues need to be addressed to prevent such attacks from happening again, while bestvpncanada.com recommends that companies use telework as much as possible to slow the spread of coronavirus.

According to the researchers, the cybercriminals behind the compromise scanned all IPv4 internet addresses and then exploited the vulnerability to gain access to data from each company’s sensitive servers and systems. The time stamp revealed that the stolen information was collected between 24 June and 8 July 2020.

In addition, at the time of the analysis, 617 of the 913 stolen and published IP addresses were still vulnerable to the CVE-2019-11510 vulnerability, although the vulnerability was made public a year earlier, in August 2019. This is despite the fact that users have been encouraged to install the update and change the associated passwords.

The use of VPN servers has skyrocketed with the increase in remote work – a Statista study shows a 124% increase in March 2020 alone. In order to access their company’s network remotely, employees and external stakeholders use VPNs to access the company’s admin accounts and confidential applications. However, these virtual private networks are not designed to provide secure access to critical systems; cybercriminals have seized this opportunity to use VPN devices to spread cyberattacks.

Exploiting VPN server vulnerabilities and accessing sensitive systems allow hackers to deploy ransomware, encrypt entire networks and demand exorbitant ransoms. For example, in the United States, the average ransomware ransom demand is $84,000 and incidents typically result in 16 days of interruption. This represents an approximate cost of $10,000 per day. While VPNs have played an undeniable role in this high-profile data leak, organizations need to completely reassess how they provide users with remote access to their corporate network.

As a result, companies can build on the progress made on Zero Trust – a device that allows progressive access to a critical system, rather than the entire network – multifactorial biometric authentication (MFA) and just-in-time sourcing to enable organizations to strike a balance between security and collaboration, at a lower cost, in order to connect employees and external stakeholders. Such approaches, combined with the isolation and management of privileged sessions, eliminate, in some cases, the need for a VPN, and with it, the operational workload that this device entails for IT teams.

There are more and more teleworkers and organizations are increasingly dependent on third parties to carry out their operations, so it is essential to use innovative means to grant secure access to privileges to employees remotely without disrupting operations, in order to ensure the protection of the data and systems used by users, regardless of where they are located.…

Cyber ​​Espionage On Our Cell Phone

Many times we sin naive against the permissions we grant to some applications, or to the information we deliver. The goes far beyond what we imagine, it is everywhere, by all means, because technology makes it easy for their work.

That is, social engineering is cyber espionage since it involves the manipulation of people influencing them to execute a certain action. That way, confidential information is delivered to third parties, without realizing that we are victims of a cyber attack.

Cyber ​​Espionage Methods

Generally, applications ask for permission to access the microphone, but there is an alternative method in which user permission is not required. This happens on Android, as applications do not need permission to access the phone’s accelerometer. Therefore, the researchers used it as a listening device, through the vibrations emitted by the phone. They are useful for fitness applications.

This type of attack “uses a combination of signal processing and machine learning to convert vibration samples into voice. The technique works whether the phone is on a table or in the user’s hand, as long as the phone plays the sound through the speaker and not through a headset. ”

In order for this type of attack to be carried out, a cybercriminal would have to install the malicious software on the phone, which is possible if the user was currently browsing a fake or malicious page.

Obviously, one way to prevent this type of attack is to activate the controls that have to do with the permits for the accelerometer as Google has done well in GPS sensors.

Another form of cyber espionage is Vishing (a combination of the words Voice and Phishing); they are phishing scams that are made over the phone. The objective of this attack is to obtain confidential and personal information of the attacked user, especially the bank.

How does the Vishing technique work?

The scammer must be very skilled to be as credible as possible through the phone, prepare a whole plan of what to say, a very credible scheme. The technique he uses is as follows:

  • Correct information: they have all the personal information of the person they are going to cheat. Therefore they are credible.
  • Urgency: they make the victim believe that their money is at risk. Therefore, the person acts out of fear and without thinking.
  • Telephone skills: they make believe that the telephone comes from another site.
  • Business atmosphere: a lot of background noise is heard, so it seems to be a call-center

Vishing attacks are very difficult to track because they use a technology called VoIP (voice over IP), which means that the call starts and ends on a computer, which can be anywhere in the world.

How to protect yourself from this attack called Vishing?

Never call the number you have been given or the one that was registered in the caller ID. Check if the number corresponds to the real one, for example, of a bank if they were impersonated by a banking entity.

  • Never give personal information to anybody.
  • If you receive a suspicious call, it is better to hang up.

There are many forms of cyberattacks, increasingly sophisticated, according to the advancement of technology. If we spend many hours connected to the different devices, we must be cautious and continually inform ourselves of the possible threats to which we are exposed. Take preventive measures, and if you are victims of a cyberattack, be prepared to act. It is always better to be defensive than very confident, especially when it comes to technology since its progress is vertiginous.…

The Dangers Of Cybersecurity By 2020

As technology advances, vertiginously, cybercrime advances. Cybersecurity professionals must be very well prepared for everything that comes to them, if this year was complicated with computer attacks, by 2020 it is expected even more difficult. When one thinks that he has already seen everything about cyber attacks, we are surprised that there is always something new up his sleeve, and cyber-attack trends progressively progress.

It is inevitable that technology advances, but perhaps, it is avoidable that the cybercriminal takes the lead in this technological career. According to cybersecurity experts, the threats for next year, that is within 20 days, would be the following, according to Trend Micro in its report for 2020:

Incomplete and hasty patches: attackers will overcome this type of vulnerability.

  • Open Banking and Malware for ATMs: banking systems will be more vulnerable, as mobile online payments thrive.
  • The deepfakes: the use of counterfeit images, videos, or audios generated by IA, will be used to manipulate businesses.
  • Malware distribution and attacks on the supply chain: Managed service providers (MSP) will be compromised.
  • It will increase espionage and extortion: Machine Learning (ML) and Artificial Intelligence (AI) will be used to spy on personal and business conversations.
  • 5G technology: increasing the implementation of 5G will pose new challenges, due to the novelty of such technology and the lack of preparation of suppliers.
  • Critical Infrastructures: they will be affected by more attacks and production stops, and Ransomware will be the favorite weapon.

Code injection attacks on Cloud platforms: through third-party libraries.

In reality, most public and private companies will be affected in one way or another by cybercriminal threats and attacks. It is essential here, the role played by Cybersecurity, implementing new security strategies every day to protect the information of the company and workers.

At the user level, there are also many threats and attacks on the operating systems, this happens many times due to the lack of information of some users and to the very confident attitude towards threats, therefore, the attitude of any technology user You must be cautious and defensive. Updating operating systems and being aware of the new threats and attacks will always be beneficial.

According to CyberArk specialists, the Drone is an instrument that will be relevant in 2020, so far its use has been questioned for the physical damage it causes to third parties if it is handled by inexperienced or for being used in a military form to attack the enemy. Everything has its positive and negative side.

In this advancement of technology, it seems that the Drone is more useful in regards to the information it collects and how to exploit that information. In unscrupulous hands, obviously that such information will be used to spy, since they collect, steal and manipulate confidential information.

More control is needed with respect to the use of drones and with greater reason more control with the information that this device collects and stores. It must be treated as one more device and have the same precautions against cyberattacks, therefore, it must have protection.

CyberArk emphasizes the butterfly effect of Ransomware, as it will continue to increase next year. As the objective of these attacks is set in the disruption and destabilization of the systems, cities must focus on cyber resistance.…

Fake News In Politics

The Fake News relates “to misinformation and lack of information, or simply a manipulation of information and even wealth of information, intoxication”, according to Paul A Mazurier, professional expert in hybrid threats and Director of the Observatory on Threats HYBRID INISEG.

With the Spanish elections just around the corner, the influence that fake news can have is very worrying. Spaniards fear that fake news interferes with the elections, and a total of 70% of people believe so.

The Spanish company S2 Grupo has warned that Cybersecurity will be key on election day and throughout the previous process. The main risks are cyber attacks and fake news for the 28A (April 28).

We have already learned of several cases where fake news has influenced, such as the Donald Trump campaign, the Brexit referendum, and in Brazil with Bolsonaro.

Social networks have become true political weapons, since they can generate opinions for or against political parties, before the elections. The users of social networks when they read a news do not worry about looking for the source of that news, about finding out who wrote it, they only trust that it is true and share it, that way it reaches thousands and thousands of users and on the way, No one thought it could be a fake news.

The political parties now have a new tool that benefits, social networks. If there were previously door-to-door campaigns, in newspapers, radio and television, now with social networks, the fake news is camouflaged, to the end of influencing users and their political tendencies. Finally, they can alter the outcome of an election.

Cybersecurity In Action

It is necessary, more than ever, to take precautions and security measures in the systems, to avoid the possible access of cybercriminals to the information and to alter or manipulate it.

Cybersecurity is vital in this regard, in order to prevent, detect, and avoid cyber attacks as much as possible.

One of the social networks has taken action on the matter; Facebook “has already announced the creation of a team to combat misinformation.” It will also supervise the advertisements of political content. This happened after meeting with senior international managers of technology and with the heads of the strategy of PSOE, PP, Podemos, Ciudadanos, and Vox.

Facebook is preparing in advance of the Spanish elections, as it will force political parties that want to advertise to register first, the same on Instagram. The ads and data on the page will be stored in a public file. And those who have not registered will be blocked.

The Vulnerability Of Social Networks

The vulnerability of social networks goes beyond fake news; behind this, there are powerful networks that are responsible for spreading false information, especially in election times. It is not possible to know exactly how many people saw political advertising and changed their vote since people are faithful to their political beliefs, as well as their soccer preferences; they do not change their tendencies from one moment to another.

What must be taken into account, in order to evaluate the assertions made about an immense persuasive effect of doubtful online content, is the following:

How many people actually saw the questionable material: statistics can be alarming, but they can also be inflated or exaggerated.

If the exposed people are easy to convince: it is very likely that fake news will reach people who already have strong opinions, which are not exactly who will change their vote.

The proportion of false news seen by people: perhaps the worry is the amount of “likes” or the times in which false news was shared and that bots attract, maybe it can sound huge until it is considered how much That information circulates online.…