Search This Blog
Powered by Blogger.

Blog Archive

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Digital Infrastructure. Show all posts
third party
Cyber Security Cyber Threats Risk Digital Infrastructure DNS DOH Domain Name System domains IP Address third party

Understanding the Domain Name System (DNS): How It Works and Why It Matters


The Domain Name System (DNS) serves as a critical element of the internet’s infrastructure, acting like a phone book that translates human-friendly domain names into the numerical IP addresses that computers use to communicate. Without DNS, accessing websites would be far more complicated, requiring users to remember lengthy strings of numbers instead of simple names like “google.com.” When you enter a website URL into your browser, the DNS process begins. This request, known as a “DNS query,” first goes to a DNS resolver—typically provided by your Internet Service Provider (ISP) or a third-party DNS service like Google Public DNS or Cloudflare. 

The resolver acts as an intermediary, starting the process to find the corresponding IP address of the domain name you’ve entered. The DNS resolver contacts one of the 13 root servers that make up the top level of the DNS hierarchy. These servers don’t hold the IP address themselves but provide information about which “Top-Level Domain” (TLD) server to query next. The TLD server is specific to the domain extension you’ve entered (e.g., “.com,” “.net,” “.org”) and points the resolver to the authoritative name server responsible for the particular website. The authoritative name server then provides the IP address back to the resolver, which, in turn, sends it to your browser. 

The browser then connects to the web server using this IP address, loading the website you want to visit. This process, though complex, happens in milliseconds. Security is a vital aspect of DNS because it is a frequent target for cyberattacks. One common threat is DNS spoofing, where attackers redirect traffic to fraudulent websites to steal data or spread malware. DNS hijacking is another risk, where hackers manipulate DNS records to divert users to malicious sites. These threats emphasize the importance of DNS security protocols like DNS over HTTPS (DoH) and DNS over TLS (DoT), which encrypt DNS requests to prevent interception by malicious entities, thus protecting users’ data and privacy. 

Switching to a third-party DNS service can enhance your internet experience in terms of speed, reliability, and security. Services like Google Public DNS, OpenDNS, or Cloudflare’s 1.1.1.1 offer faster query response times, better privacy protection, and can help circumvent geographical restrictions imposed by ISPs. These alternatives often provide built-in security features, such as blocking malicious sites, to offer an extra layer of protection. 

DNS is the backbone of internet browsing, seamlessly converting domain names into IP addresses. By understanding its role and the importance of security measures, users can better appreciate how DNS keeps the internet functional and secure. Whether ensuring that websites load correctly or protecting against cyber threats, DNS plays an indispensable role in our everyday online activities.
Read more »
Trend Micro
Cyber Attacks data security data theft Trend Mirco Digital Infrastructure Digital Security ransomware attacks Trend Micro

Rise in Ransomware Attacks in Southeast Asia Driven by Rapid Digitalization and Security Gaps

 

A wave of ransomware attacks across Southeast Asia during the first half of this year marks just the beginning of a larger trend. Companies and government agencies, particularly in countries like Thailand, Japan, South Korea, Singapore, Taiwan, and Indonesia, have experienced a dramatic rise in cyberattacks, outpacing the rate of ransomware growth in Europe, as shown by data from Trend Micro. 

With incidents like the June attack by the ransomware group Brain Cipher, which disrupted more than 160 Indonesian government agencies, the frequency of such attacks is expected to increase as the region’s economies expand. Many organizations in Southeast Asia are rapidly digitizing their infrastructure, often prioritizing speed over security. Ryan Flores, a senior manager at Trend Micro, points out that the rush to launch digital services often sidelines security measures. 

This rush, combined with a lack of stringent cybersecurity practices, makes organizations in Asia prime targets for cybercriminals. Recent incidents, such as the ransomware attack on a major Vietnamese brokerage in March and malicious code injections in Japan, indicate that cyber attackers are increasingly focusing on this region. Although North America and Europe remain the primary targets for ransomware, the Asia-Pacific region is experiencing a significant surge in attacks. In 2023, ransomware incidents in Asia grew by 85%, according to cybersecurity firm Comparitech. 

Countries like India and Singapore have become major targets, ranking among the top six countries affected by ransomware, based on Sophos’ “State of Ransomware 2024” report. Ransomware groups are especially targeting critical sectors in the Asia-Pacific region. Manufacturing saw the highest number of attacks, followed by government and healthcare sectors. Rebecca Moody of Comparitech suggests that the absence of strict breach notification laws in many Asian countries contributes to underreporting, which in turn reduces the focus on cybersecurity. While ransomware attacks in Asia are increasing, experts like Trend Micro’s Flores believe this rise is not due to targeted efforts but rather the sheer number of potential victims as companies in the region adopt digital tools without adequately upgrading their security. 

Cybercriminals are opportunistic, targeting any vulnerable infrastructure, regardless of its location. National governments in Asia are beginning to take steps to enhance their cybersecurity regulations. For instance, Singapore updated its Cybersecurity Act in May, and Malaysia introduced new legislation requiring cybersecurity service providers to be licensed. However, experts stress that organizations must prioritize basic security practices, such as regular software patching, strong password policies, and multifactor authentication, to mitigate risks effectively.
Read more »
Reddit
Cyber Attacks Digital Infrastructure Hacker attack Hacking Tools North Korea Online Security Reddit

Hacker Who Took Down North Korea’s Internet Reveals Key Insight

 

Alejandro Caceres, known online as P4x, recently revealed himself as the hacker who managed to take down North Korea’s internet for over a week. This feat, conducted entirely from his home in Florida, has drawn significant attention, and Caceres recently took to Reddit to allow people to “ask him anything” about his experience hacking into one of the world’s most secretive and isolated nations. 

Caceres, a 38-year-old Colombian-American cybersecurity entrepreneur, was unmasked as the hacker behind this attack by Wired magazine. He explained that his actions were in retaliation after he was targeted by North Korean spies attempting to steal his hacking tools. In response, he decided to hit back by attacking North Korea’s internet infrastructure, a move that kept the country’s limited public websites offline for over a week. He told Wired, “It felt like the right thing to do here. If they don’t see we have teeth, it’s just going to keep coming.” In his Reddit thread, Caceres discussed the simplicity of his attack, saying, “Honestly, I’ve been asked this a lot. And I can’t really tell haha. I used to say nah it wasn’t that hard.” 

He later clarified, “People told me it wasn’t hard only because I’m trained in this.” Caceres took advantage of North Korea’s outdated and minimal internet infrastructure, which he described as “little sticks and glue.” He noted that North Korea has only two routers for internet ingress and egress, making it easier for a skilled hacker to disrupt the system. When asked about the possible consequences of his actions, Caceres admitted he had faced little to no backlash. “Everyone seems to sort of like it but cannot say that officially. Honestly, I expected a LOT more negativity just because that’s the natural order of things,” he remarked. 

The only attention he has received so far has been from intelligence agencies interested in learning how he managed the hack. He recounted how these meetings sometimes took place in basements, joking, “It was super X-Files type s**t but also like any normal meeting. Weird dissonance…” Reddit users also asked about the possible risks and repercussions of his actions. Caceres expressed surprise at not having faced any direct threats or legal actions. “I have not yet been murdered or arrested, so that’s pretty good,” he joked. 

As of now, Caceres has not faced any significant consequences beyond curiosity from intelligence agencies wanting to understand his methods. Caceres’s hack on North Korea serves as a reminder of how vulnerable even the most secretive and controlled nations can be to cyberattacks, especially when dealing with experienced hackers. While his actions have garnered admiration and a certain level of respect in online communities, they also raise questions about the potential consequences for international relations and cybersecurity norms. 

As the world increasingly relies on digital infrastructure, incidents like this highlight both the possibilities and the dangers of hacking in a hyperconnected world. Caceres, for his part, remains unrepentant and open about his motivations, positioning his actions as a form of digital self-defense and a warning against further provocations from hostile entities.
Read more »
World Economic Forum
Cyber Security Cyberattacks 2023 Digital Infrastructure Network Security Risk Management safeguard WEF World Economic Forum

Critical Infrastructure and the Importance of Safeguarding it in the Digital Age

 

In today's digital age, our society relies heavily on critical infrastructure to function smoothly. These infrastructures, including power grids, water systems, and communication networks, form the backbone of our daily lives, facilitating everything from electricity distribution to internet connectivity. 

However, with the increasing interconnectedness brought about by technology, these vital systems have become prime targets for cyberattacks. Cyberattacks on critical infrastructure have surged by 35% globally in the past year alone, according to a 2023 report by the World Economic Forum. These attacks pose significant risks, potentially resulting in city-wide blackouts, disruptions in healthcare services, and compromised communication networks. 

The consequences of such breaches can be devastating, not only impacting economic stability but also endangering public safety. Despite these challenges, there is hope on the horizon as governments, businesses, and security experts recognize the urgent need to address cybersecurity vulnerabilities in critical infrastructure. Traditional approaches to cybersecurity, characterized by perimeter defenses and technological fortifications, are proving inadequate in the face of evolving threats. 

Instead, a paradigm shift is underway towards viewing critical infrastructure as a living ecosystem, where every individual plays a vital role in safeguarding the whole. This holistic approach emphasizes the importance of human vigilance alongside technological solutions. While advanced technologies like artificial intelligence and threat intelligence platforms are valuable tools in detecting and mitigating cyber threats, they must be complemented by robust employee training and a culture of security awareness. 

Every employee, from top executives to frontline staff, must be equipped with the knowledge and skills to identify and respond to potential threats effectively. Furthermore, securing critical infrastructure requires a commitment to continuous improvement. Organizations must regularly conduct risk assessments, update protocols, and actively test their defenses to stay ahead of evolving threats. 

This agility and flexibility are essential in adapting security strategies to address emerging vulnerabilities and technological advancements. Malicious actors often exploit human error and social engineering tactics to bypass technological defenses. Therefore, educating and empowering employees to recognize and report suspicious activity is paramount in strengthening overall cybersecurity posture. 

Moreover, collaboration between public and private sectors, as well as international cooperation, is essential in building a comprehensive and resilient defense network. By sharing intelligence, best practices, and resources, stakeholders can effectively combat cyber threats and mitigate their impact on critical infrastructure. 

Securing critical infrastructure in the digital age is not merely a technical challenge but a multifaceted endeavor that requires a united and concerted effort. By embracing a human-centric approach, leveraging advanced technologies, and fostering collaboration, we can create a future where our essential systems operate securely, safeguarding the well-being and prosperity of society.
Read more »
Technology
Blockchain Technology Credential Reuse Data Privacy Digital Infrastructure Online Safety Technology

Deloitte Launches Blockchain Integration for Digital Credentials

 

One of the "Big Four" accounting firms, Deloitte, is in the forefront of the adoption of blockchain technology to transform the issue of digital credentials. 

KILT's blockchain technology will be used to create reusable digital credentials for Know Your Customer (KYC) and Know Your Business (KYB) processes, the firms stated in partnership with BOTLabs GmbH, creator of the KILT Protocol. Streamlining verification procedures and enhancing data privacy are the two goals of the creative solution. 

Reusable credentials for transforming verification 

Commonly requiring several data points and paper-based credentials, traditional KYC and KYB processes are repetitious and wasteful. 

Deloitte hopes to address these issues and give clients more control and flexibility over their digital credentials by utilising KILT's identity infrastructure. 

Customers can pick who they share their information with and which data points to divulge by storing their credentials in a wallet on their devices. 

With the help of a browser plugin that serves as a credential wallet created by Deloitte, consumers can easily set up and manage their credentials without any prior blockchain expertise.

Digital credentials anchored on the KILT blockchain, according to Micha Bitterli, Head of Deloitte Managed Services, have the potential to develop new digital marketplaces, ranging from e-commerce and decentralised finance (DeFi) to gaming. 

The credentials are digitally signed by the company, and if a customer's circumstances change after issue, it can revoke them using blockchain technology. 

Verifiable digital credentials built on KILT may be utilised across numerous applications while enabling users to maintain control over their personal information, according to Ingo Rübe, CEO of BOTLabs GmbH and creator of the KILT Protocol.

Growing interest in crypto currency 

Late in April 2023, Deloitte started actively looking for people with bitcoin knowledge to join its team. Over 300 opportunities are open in the US, including titles like Tax Manager for Blockchain & Cryptocurrency and Blockchain & Digital Assets Manager, according to a LinkedIn search. 

Contrasting with its "Big Four" rivals Ernst & Young, KPMG, and PricewaterhouseCoopers, which currently display no results for crypto-related job postings, Deloitte's rising interest in the domain of cryptocurrencies. 

Deloitte's decision to increase the number of employees with a focus on cryptocurrencies shows that it continues to support Web3 and digital assets. In order to offer immersive experiences across diverse industries, Deloitte teamed up with Web3 platform Vatom in February. 

Another illustration of Deloitte's commitment to modernising established procedures and embracing the future of digital asset technology is the incorporation of KILT's blockchain technology for digital credentials.
Read more »
Online Security
Cyber Security Digital Infrastructure IT Firms Large Firms Medium Sized Firms Online Security

For Your Mid to Large-Sized Firm, Here Are Four Best Cybersecurity Practices

 

As technology advances and becomes more sophisticated, cybercriminals continue to look for new ways to take advantage of enterprises. A cyber attack could result in financial loss, loss of reputation, and legal repercussions, among other catastrophic and permanent harms. Effective risk-reduction initiatives must be implemented immediately by enterprises.

Cybersecurity standards have increased along with digitization, putting firms in danger of data loss, manipulation, and theft. Particularly medium- to large-sized firms are particularly susceptible to fraud since they have extensive IT infrastructures and complex organisational structures. Owing to the rising risks, medium-sized and large-scale businesses have a hard time finding security solutions that are both reasonable and suitable for their particular company demands. 

Medium to large-sized enterprises ought to be able to thwart more sophisticated attacks because they have bigger finances and resources than their smaller counterparts. IT security accounted for an average of 12.7% of an organization's overall IT spending in 2022. The only way to improve cybersecurity protection, however, is to devote more funds. A collection of cybersecurity solutions that are suited to each organization's unique requirements must be able to be purchased and implemented within the allocated budget. 

Businesses need to have a complete grasp of their cybersecurity needs, resources, potential threats, and overall security posture in order to ensure successful budget usage and the proper purchase. To cover every eventuality, it is not always viable to offer resources and knowledge from within. So, firms look for outside assistance from specialists to find the best cybersecurity solution that satisfies their needs while staying inside any financial constraints.

2023: Reassessing the necessity for cybersecurity 

The effects on the cyber environment have been unprecedented as a result of new socio-economic issues including the Russia-Ukraine conflict and chronic economic uncertainty. As cybercrime activity regularly exceeds organisational security efforts, teams must constantly adapt to a threat environment that is constantly changing. 

Due to the changing threat landscape, a cybersecurity strategy or solution that was suitable for a business the year before may not be as successful now. Based on the environment in which they operate, businesses must reassess their cybersecurity requirements. There is no doubt that this analysis of the cybersecurity requirements for medium- to large-sized enterprises calls for the highest level of subject-matter expertise. In order to increase effectiveness, businesses can identify critical gaps and weaknesses and receive suitable advice by obtaining external support. 

Outsourcing cybersecurity acquisition to get the best solution 

The cybersecurity market is incredibly fragmented and changing quickly, making it difficult for clients to choose the best service or product. Medium-sized and large-scale enterprises should use outside assistance by outsourcing the purchase of IT security solutions. They receive a high degree of experience in the field that may not be available internally as a result, and they are also able to purchase economical yet customised cybersecurity solutions. This is essential in the current economic climate when businesses are trying to save costs. 

Today, an organization's ability to succeed in business is largely determined by how it makes use of emerging technology. Digital technology is heavily used by businesses to maintain, adapt, and improve their operations. Digital assets, however, are more prone to mistakes and breaches. By providing cutting-edge security solutions and the knowledge of highly qualified employees, outsourcing cybersecurity services helps secure a company. The subject of how companies may choose the best partner for outsourcing cybersecurity procurement continues. Organizations must seek out impartial third-party companies to ensure unbiased comparisons. 

The function of unbiased evaluation in selecting the best vendor 

It may seem impossible to navigate the cybersecurity environment. Several solutions may look similar, have a great track record, and provide different levels of value when choosing a cybersecurity partner. Enterprises must first assess how well the solution satisfies their demands and unique security criteria in order to choose the finest cybersecurity solutions provider for their business. An unbiased assessment of cybersecurity vendors and solutions is required to put effectiveness before bias because not all solutions are a good fit for every organisation. 

Regardless of the solution provider selected, the reputation of the firm is jeopardised when an outbreak or targeted attack takes place. Organizations should rely on unbiased testing to determine which cybersecurity providers are the best. The best procurement service providers compare cybersecurity solutions for enterprises using an anonymous tendering procedure, allowing them to remain impartial and objective and find the best set of options. 

Looking forward

In today's enterprises, cybersecurity is now a crucial component. It is essential that companies, especially medium-sized and big ones, have the right cybersecurity solutions, strategies, and best practises in place because they handle vast volumes of sensitive data. When partnering with a cybersecurity solution provider, the comparison should focus on the product rather than just the provider's name, relationship with the customer, or pricing. This will ensure the partnership is effective for the business. Due to this, businesses must carefully outsource their cybersecurity purchases.
Read more »
Web Admin
Cyber Security Digital Infrastructure Microsoft 365 saaS Security Survey Web Admin

Influence of Digitalization on IT Admins

A SaaS software business named SysKit has released a report on the impact of digital transformation on IT administrators and the present governance environment. According to the report, 40% of businesses experienced a data breach in the last year. This can have a serious impact on an organization's productivity and lead to costly fines, downtime, and the loss of clients and certifications that are essential to its operations.

The research, held out in November, included 205 US IT managers who are in charge of overseeing the IT infrastructures of their firms, and it fairly depicts the target demographic. As per SysKit, improper zero trust and full trust implementation can result in data breaches. Based on the survey, 68% of respondents believe that the zero trust approach restricts the ability to collaborate, while 50% of respondents think that the full trust approach to governance is ideal.

The majority of IT administrators (82%) agree that non-technical staff who are resource owners must be more proactive in data reviews and workspace maintenance. Furthermore, when enquired about one‘s specific IT governance skills, 50% of the respondents stated that non-tech employees do not know how to properly apply external sharing policies, 56% believed they did not know how to properly apply provisioning policies, and 30% stated that their coworkers are not taking care of their inactive content. According to SysKit, this lack of knowledge can result in data leaks, unchecked workspace sprawl, and higher storage expenses.

The survey also revealed that excessive workloads, a lack of comprehension from superiors, and a misalignment of IT and business strategy are among the main issues for IT administrators. As technology continues to develop, organizations will face new opportunities and difficulties. Future applications of AI-based technologies have not yet been defined since they are still in their initial stages. 
Read more »
Ransomware
Bots Cryptominers Digital Infrastructure Firewalls Linux Linux Servers malware Ransom Ransomware

This Linux Malware Bombards Computers with DDoS Bots and Cryptominers

 

Security experts have discovered a new Linux malware downloader that uses cryptocurrency miners and DDoS IRC bots to attack Linux servers with weak security. After the downloader's shell script compiler (SHC) was uploaded to VirusTotal, researchers from ASEC found the attack. It appears that Korean users were the ones who uploaded the SHC, and Korean users are also the targets. 

Additional research has revealed that threat actors target Linux servers with weak security by brute-forcing their way into administrator accounts over SSH. Once inside, they'll either set up a DDoS IRC bot or a cryptocurrency miner. XMRig, arguably the most well-liked cryptocurrency miner among hackers, is the miner that is being used.

It generates Monero, a privacy-focused cryptocurrency whose transactions appear to be impossible to track and whose users are allegedly impossible to identify, using the computing power of a victim's endpoints.

Threat actors can use the DDoS IRC bot to execute commands like TCP Flood, UDP Flood, or HTTP Flood. They can execute port scans, Nmap scans, terminate various processes, clear the logs, and other operations. Malicious deployments are continuously thrown at Linux systems, most frequently ransomware and cryptojacking.

"Because of this, administrators should use passwords that are difficult to guess for their accounts and change them periodically to protect the Linux server from brute force attacks and dictionary attacks, and update to the latest patch to prevent vulnerability attacks," ASEC stated in its report. "Administrators should also use security programs such as firewalls for servers accessible from outside to restrict access by attackers."

The continued success of Linux services in the digital infrastructure and cloud industries, as well as the fact that the majority of anti-malware and cybersecurity solutions are concentrated on protecting Windows-based devices, according to a VMware report from February 2022, put Linux in a risky situation.
Read more »
Subscribe to: Posts (Atom)