Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Security Risks. Show all posts
Technolony
CyberCrime Cybercriminaks Cyberhackers Cybersecurity CyberThreat IoT Security Risks Technolony

Addressing the Security Risks Posed by IoT Devices

 


There has been a marked change in daily life as a result of the proliferation of IoT devices, and Transforma Insights estimates that 14 billion such devices are connected globally, indicating that this type of technology has profound effects. In today's modern lifestyle, the Internet of Things has become deeply integrated into our everyday lives, from smart home appliances to advanced automotive systems. IoT-enabled technology is increasingly prevalent thanks to the ubiquity of smartphones and wearables, which means that individuals are interacting with it nearly constantly. 

Although these interconnected devices are convenient and efficient for consumers, they also represent serious cyber threats, particularly for insurers and the people they insure on commercial policies. A growing reliance on the Internet of Things is being met with a growing number of threats, making it imperative to develop robust risk management strategies and implement enhanced protection mechanisms to combat these threats as they emerge. 

There is a vast network of internet-connected devices being used in the Internet of Things (IoT), which collects and exchanges data across a wide array of different devices, from smart appliances to systems critical to infrastructure. The Internet of Things involves making sure that devices are properly inventoried, visible and secure within interconnected ecosystems to ensure that they are monitored and controlled, as well as providing your data with the appropriate level of protection. We call this IoT security. Although IoT security is of the same kind as traditional network security, it is more complex as a result of the high stakes connected with IoT systems.

There is a serious risk of cyber attacks associated with IoT devices, as they can control power plants, healthcare systems, and surveillance systems differently than standard computers can. Security measures, authentication protocols, and proactive risk management are essential for safeguarding these systems from potential breaches that could have severe consequences if not taken care of promptly. There has been an explosion of the Internet of Things (IoT), which embraces a broader range of applications than just consumer applications, including critical sectors such as healthcare, utilities, and transport,t when it comes to security vulnerabilities. This has far-reaching consequences, both for consumers and for these sectors. 

In industries such as banking, health care, and information technology, data breaches can hurt the reputation of the organization, resulting in the loss of sensitive personal data, disruption of operations, and the potential for more serious problems. IoT technology is becoming increasingly reliant on security frameworks as a consequence of its use, and as a consequence, we need to reassess them. There is a need to strengthen device security, implement more rigorous industry standards, and create a culture in which security is valued, as these are crucial steps that will allow industries and infrastructure to be protected from threats. 

IoT has fundamentally changed industries across the globe, transforming them from devices that were initially used in smart homes to a system that is designed to integrate agricultural practices, healthcare, transport, and manufacturing all in one intricate, interconnected ecosystem. The Internet of Things has the potential to transform businesses, automate complex processes, and increase operational efficiency at unprecedented scales by enabling real-time decision-making and automating complex processes. However, despite its transformative potential, significant security vulnerabilities pose substantial risks, which may undermine its potential.

IoT devices often lack the basics of security, such as encryption, regular firmware updates, and secure boot processes, which leaves them vulnerable to cyber threats if they are not secured. In addition to the overwhelming number of IoT devices being deployed, cyber attackers can exploit each device as a potential entry point for a cyber attack. This makes the situation even more difficult. Once an IoT device is compromised, it can serve as a gateway for more critical systems that enable malicious actors to take advantage of the interconnected nature of networks and escalate security breaches across interconnected networks. Because infrastructures are interconnected, there is a greater risk of widespread vulnerabilities cascading into the entire infrastructure, which can lead to compromise.

There is an urgency for security gaps, as well as a need to take a comprehensive approach that includes the development of robust authentication protocols, standardizing security measures across industries, and committing to continuous risk assessment as a proactive measure. In a rapidly evolving digital ecosystem driving innovation and efficiency, it is important to protect these devices from emerging cyber threats to ensure the integrity and resilience of the ecosystem as it continues to grow. IoT devices have grown rapidly over the past few years, providing businesses with considerable convenience and operational efficiency as a result of their internet-connected nature. This expansion, however, presents significant security challenges that must be addressed if sensitive information is going to be safeguarded and essential infrastructure is going to be protected from malicious threats posed by cybercriminals. 

Weak default passwords pose a primary vulnerability, as well as insufficient software updates and a breach in data protection can all lead to unauthorized access, operational disruptions, and serious security breaches, all of which pose a serious threat. Since IoT systems are increasingly being relied upon for several tasks, effective measures must be implemented to mitigate cyber risks and increase the defences against potential cyberattacks. As a result of the use of robust authentication methods like multi-factor verification and biometric authentication, IoT systems need to be protected from unauthorized access.

A rigorous application of encryption protocols is required for secure data exchanges to ensure that sensitive information is protected from interception and exploitation. As a further step towards strengthening IoT security frameworks, the use of encryption protocols and firewalls can also be used to establish secure network connections. Furthermore, IoT devices need to be regularly updated and constantly monitored to be able to detect vulnerabilities and to be able to respond proactively to potential threats. 

A further enhancement to IoT infrastructure protection is the implementation of physical security measures, including tamper-resistant device designs and secure storage solutions. IoT ecosystems can only be strengthened by utilizing a comprehensive, multi-layered approach that integrates policy enforcement, software security, and network segmentation. In an increasingly interconnected digital environment, organizations need to take steps to mitigate cybersecurity risks to ensure IoT systems remain secure, resilient, and capable of sustaining critical operations to combat emerging cyber threats. 

IoT (Internet of Things) adoption is becoming more and more prevalent in both personal and industrial environments, thus posing the need to consider the associated security risks critically. In today's ever so complex and interconnected world, every interconnected device presents a unique set of challenges, leading to the need for companies and governments to adopt a proactive and comprehensive security strategy to ensure sensitive data is protected, system integrity is maintained, and unauthorized access is prevented. There is no single approach to IoT security, and the framework should incorporate multiple elements that encompass device discovery, risk analysis, and continuous monitoring as part of the overall approach.

To ensure effective security management, it is essential to identify and classify all connected devices so that visibility and control can be maintained across the entire network. As a result of conducting comprehensive risk assessments, organizations may be able to identify vulnerabilities in real-time and implement targeted security measures to mitigate any potential threats to their business. For continuous protection to be ensured, regular monitoring and sophisticated defence mechanisms are essential, allowing rapid detection of emerging cyber risks and enforcing rapid response to them. 

It is imperative for maximizing IoT security that advanced security tools and platforms are incorporated into the design. As organizations are aware of the importance of cybersecurity, solutions such as Continuous Automated Asset and Security Management (CAASM) and Cyber Risk Quantification (CRQ) provide an organization with the capability of automatically identifying and profiling IoT devices as well as dynamically assessing risks and implementing effective security protocols. Utilizing these advanced technologies can enable organizations to enhance their cybersecurity posture, minimize the exposure of their IoT ecosystems to cyber threats, and ensure the resilience of their system against cyberattacks. 

IoT security should be viewed as a strategic and systematic approach to mitigate risks, maintain a secure digital infrastructure and mitigate the potential risks of the Internet of Things. Investing in cutting-edge security solutions will empower businesses to take proactive moves in addressing vulnerabilities, assuring network defences are strengthened, and safeguarding critical assets in the face of an ever-evolving cyber threat landscape.
Read more »
Twilio Alerts
CyberCrime Cyberhackers Cybersecurity CyberThreat Data Leak Mobile Security Phone number Security Risks Twilio Alerts

Twilio Alerts Authy Users of Potential Security Risks Involving Phone Numbers

 


The U.S. messaging giant Twilio has been accused of stealing 33 million phone numbers over the past week as a result of a hacker's exploit. Authy, a popular two-factor authentication app owned by Twilio that uses the phone numbers of people to authenticate, has confirmed to TechCrunch today that "threat actors" can identify the phone numbers of users of Authy. It was recently reported that a hacker or hacker group known as ShinyHunters entered into a well-known hacking forum and posted that they had hacked Twilio and received the cell phone numbers of 33 million subscribers from Twilio. 

As a spokesperson for Twilio Ramirez explained to TechCrunch, the company has detected that threat actors have been able to identify phone numbers associated with Authy accounts through an unauthenticated endpoint, however, it's yet to be known how this happened. According to a report by TechCrunch earlier this week, someone has obtained phone numbers related to Twilio's two-factor authentication service (2FA), Authy, of which it is a part. 

An alert from Twilio on Monday warned of possible phishing attacks and other scams using stolen phone numbers, which the company described as "threat actors" trying to steal personal information. An incident that happened in 2022 occurred following a phishing campaign that tricked employees into using their login credentials to gain access to the company's computer network. During the attack, hackers gained access to 163 Twilio accounts as well as 93 Authy accounts through which they were able to access and register additional devices. It has been revealed that Twilio traced this leak to an "unauthenticated endpoint" that has since been secured by the company. 

As the dark web was abuzz last week with the release of 33 million phone numbers from Authy accounts, the threat actor ShinyHunters published a collection of the data. The threat actor, as pointed out by BleepingComputer, appears to have obtained the information by using the app's unsecured API endpoint to input a massive list of phone numbers, which would then be checked to see whether the numbers were tied to the application. 

During the investigation into the matter, it was found that the data was compiled by feeding an enormous number of phone numbers into the unsecured API endpoint for an unsecured API. Upon validity of the number, Authy's endpoint will return information about the associated accounts registered with Authy once the request is made. Since the API has been secured, these are no longer able to be misused to verify whether a phone number is being used with Authy because the API has been secured.

Threat actors have used this technique in the past, as they exploited unsecure Twitter APIs and Facebook APIs to compile profiles of tens of millions of users that contain both public and private information about the users. Although the Authy scrape contained only phone numbers, such data can still prove to be valuable to users who are interested in conducting smishing and SIM-swapping attacks to breach the accounts of their consumers. 

A CSV file containing 33,420,546 rows is available for download. Each row contains an account ID, phone number, an "over_the_top" column, the account status of the account, as well as the number of devices according to the site. According to reports on Authy's blog, the company has acknowledged that it was attacked. Twilio has confirmed a recent data breach affecting its Authy two-factor authentication app users. 

While the company experienced two separate cyberattacks in 2022, it emphasized that this latest incident is not related to the previous breaches. In light of this development, Twilio is urging all Authy users to exercise extreme caution when dealing with unsolicited text messages that appear to be from the company. According to Sean Wright, Head of Application Security at Featurespace, the primary threat stemming from this incident is the potential for targeted phishing attacks. Exposure to users' phone numbers significantly increases the risk of such attacks. 

Wright reassures users that direct access to their Authy accounts remains unlikely unless the attackers can obtain the seeds for the multi-factor authentication (MFA) tokens stored within the app. Despite this, he stresses the importance of remaining vigilant. Users should be particularly wary of messages from unknown senders, especially those that convey a sense of urgency or threaten financial loss if no action is taken. 

To enhance security, Wright suggests that users consider switching to an alternative MFA application or opting for more secure hardware keys, such as the Yubico YubiKey. Additionally, if any user experiences difficulty accessing their Authy account, Twilio advises immediate contact with Authy support for assistance. Furthermore, Twilio recommends that users update their Authy app on iOS and Android platforms to address potential security vulnerabilities. 

Keeping the application up-to-date is critical in safeguarding against future threats and ensuring the highest level of protection for user accounts. This proactive approach will help mitigate the risks associated with the recent breach and reinforce the security of the authentication process for all Authy users.
Read more »
Technology
Android app ecosystem app sideloading Google Google Play Store Safety Security Risks Technology

Google CEO Warns of Potential Security Risks Associated with Sideloading Apps

 

In recent years, sideloading apps, the practice of installing apps from sources outside of official app stores, has gained significant traction. While Android has always embraced this openness, Apple is now facing pressure to follow suit. 

This shift in dynamics is evident in the ongoing legal battle between Google and Epic Games, where Epic Games accuses Google of stifling competition by imposing high fees on app developers.

Google CEO Sundar Pichai has defended Google's stance, citing security concerns associated with sideloading apps. He emphasizes that Google's policies, exemplified by Android's diverse device designs, foster innovation and provide users with choices.

However, Pichai's emphasis on security raises eyebrows, as Android has always been known for its open-source nature and embrace of sideloading. His focus on potential malware infections seems to be a tactic to instill fear among users. In reality, Google's Play Protect feature is only a recent addition for screening sideloaded apps.

Critics argue that sideloading empowers Google with greater control over the apps users can access. While Google maintains that the Play Store provides the highest level of security, a study by Kaspersky Labs contradicts this claim, revealing that over 600 million malicious app downloads occurred from the Google Play Store in 2023 alone.

Apple's staunch opposition to sideloading stems from its desire to retain control over the app distribution process on iPhones. However, both Apple and Google are undoubtedly aware of the 30% commission they charge developers for hosting apps on their respective app stores. This hefty fee has driven companies like Epic Games to explore alternative distribution channels.

The debate over sideloading highlights the growing tension between app developers, app store operators, and users. As the battle for app distribution intensifies, it remains to be seen whether sideloading will become a mainstream practice or remain a niche alternative.
Read more »
Vulnerabilities and Exploits
AI/ML vulnerabilities exploitable flaws Safety Security Risks Vulnerabilities and Exploits

AI/ML Tools Uncovered with 12+ Vulnerabilities Open to Exploitation

 

Since August 2023, individuals on the Huntr bug bounty platform dedicated to artificial intelligence (AI) and machine learning (ML) have exposed more than a dozen vulnerabilities that jeopardize AI/ML models, leading to potential system takeovers and theft of sensitive information.

Discovered in widely used tools, including H2O-3, MLflow, and Ray, each boasting hundreds of thousands or even millions of monthly downloads, these vulnerabilities have broader implications for the entire AI/ML supply chain, according to Protect AI, the entity overseeing Huntr.

H2O-3, a low-code machine learning platform facilitating the creation and deployment of ML models through a user-friendly web interface, has been revealed to have default network exposure without authentication. This flaw allows attackers to provide malicious Java objects, executed by H2O-3, providing unauthorized access to the operating system.

One significant vulnerability identified in H2O-3, labeled as CVE-2023-6016 with a CVSS score of 10, enables remote code execution (RCE), allowing attackers to seize control of the server and pilfer models, credentials, and other data. Bug hunters also pinpointed a local file include flaw (CVE-2023-6038), a cross-site scripting (XSS) bug (CVE-2023-6013), and a high-severity S3 bucket takeover vulnerability (CVE-2023-6017).

Moving on to MLflow, an open-source platform managing the entire ML lifecycle, it was disclosed that it lacks default authentication. Researchers identified four critical vulnerabilities, with the most severe being arbitrary file write and patch traversal bugs (CVE-2023-6018 and CVE-2023-6015, CVSS score of 10). These bugs empower unauthenticated attackers to overwrite files on the operating system and achieve RCE. Additionally, critical-severity arbitrary file inclusion (CVE-2023-1177) and authentication bypass (CVE-2023-6014) vulnerabilities were discovered.

The Ray project, an open-source framework for distributed ML model training, shares a similar default authentication vulnerability. A crucial code injection flaw in Ray's cpu_profile format parameter (CVE-2023-6019, CVSS score of 10) could result in a complete system compromise. The parameter lacked validation before being inserted into a system command executed in a shell. Bug hunters also identified two critical local file include issues (CVE-2023-6020 and CVE-2023-6021), enabling remote attackers to read any files on the Ray system.

All these vulnerabilities were responsibly reported to the respective vendors at least 45 days before public disclosure. Users are strongly advised to update their installations to the latest non-vulnerable versions and restrict access to applications lacking available patches.
Read more »
User Security
AI Cyber Security data security Security Risks User Security

Businesses Need to Ramp Up Their Security to Counter Future Attacks

 

The report, which was published by Perception Point and Osterman Research this week, found that firms typically spend $1,197 per employee each year to deal with cybersecurity incidents, which can add up quickly over time. Because of this, Deloitte believes that employees and board members will be better equipped to thwart cyberattacks in 2023. 

Moreover, Deloitte anticipates that securing emerging technologies, bolstering connected device visibility, and data security practices will be priorities for organizations in 2023. Security supply chains, in addition to security talent shortages and issues, are also likely to continue. The talent shortage, however, is likely to persist as security supply chains continue to struggle, the company leaders mentioned. 

The experts predicted that future-forward preparedness and organizational resilience will play an important role in helping enterprises better manage their vulnerability to adversary actors in the future, in addition to cybersecurity. 

Mulesoft, a Salesforce-owned company, also made predictions about the businesses in 2023. It noted that, up until now, companies have remained committed to digital transformation, speeded up by automation, composable agility, low-code, and no-code tools, data automation, and layered cyber defenses to continue to grow. 

Quantum Growth 

While tech giants like Google, IBM, Microsoft, and Intel made headlines this week, they are also pushing ahead with cloud services and other tools to test quantum algorithms. 

Sandeep Pattathil, a senior analyst at IT advisory firm Everest Group, told VentureBeat that quantum computing’s algorithmic improvements will remain the biggest challenge. He said that IBM, Microsoft, and Google are all working on cloud services to test quantum algorithms. It will also be difficult for them to develop speedy quantum computing programs. 

 AI Needs Change 

According to Kevin McNamara, CEO, and founder of synthetic data vendor, Parallel Domain, which just raised $30 million in a series B round led by March Capital, Artificial intelligence (AI) may be eating the world as we know it, but Ai itself is also starving — and needs to change its diet. 

“Data is food for AI, but AI today is underfed and malnourished,” stated Kevin McNamara. “That’s why things are growing slowly. But if we can feed that AI better, models will grow faster and in a healthier way. Synthetic data is like nourishment for training AI.”
Read more »
Technology
Blockchain Security cryptocurrency Security Risks Technology

5 Harsh Truths Regarding Blockchain Security

 

Cryptocurrencies are based on blockchain technology, which comprises multiple security features, such as cryptography, software-mediated contracts, and identity controls. However, the rise in popularity of cryptocurrencies has encouraged threat actors to employ new strategies to target the underlying blockchain. 

According to Atlas VPN, decentralized finance-related attacks constituted 76% of all major hacks in 2021, with over $1 billion lost in the third quarter alone. The third quarter of 2021 also had 20% more blockchain-based hacking incidents than in all of 2020, SlowMist reported. 

Here are five factors that have created issues for the blockchain security landscape.

1. 51% attacks 

51% of attacks involve the hacker being able to secure control of more than 50 percent of the hashing power. In 2018, three renowned cryptocurrency platforms experienced issues from 51% attacks. The three platforms were Ethereum Classic, Verge Currency, and ZenCash (now Horizen). 

2. Susceptibilities at Blockchain Endpoints 

Threat actors exploit every minor flaw, therefore it’s important to remember that most blockchain transactions have endpoints that are vulnerable. For example, the result of bitcoin trading or investment may be a large sum of bitcoin being deposited into a “hot wallet,” or virtual savings account. These wallet accounts may not be as hacker-proof as the actual blocks within the blockchain. 

To facilitate blockchain transactions, several third-party vendors may be enlisted. Some examples include payment processors, smart contracts, and blockchain payment platforms. These third-party blockchain vendors often have comparatively weak security on their own apps and websites, which can leave the door open to hacking. 

3. Regulation issues 

Many advocates of blockchain believe that regulation will result in innovation delays. However, it is quite opposite because regulations and standards can indeed benefit security and innovation. The current market is suffering from high fragmentation, where different firms have their own rules and protocols. This means developers can't learn from the mistakes and vulnerabilities of others -- never mind the risk of low integration. 

4. Lack of talented cybersecurity professionals 

The current blockchain security space is suffering from a major skills shortage of cybersecurity professionals who have blockchain expertise or a tight hold on novel security risks of the emerging Web3 decentralized economy.

5. Phishing Attacks 

Phishing is one of the most common methods employed by attackers. It is basically a scamming attempt to obtain the credentials of a user. Hackers send emails to wallet key owners by posing as an authentic, authoritative source. 

How to mitigate such attacks? 

The attacks can only be prevented by strengthening the security processes. And it comes at various levels. Here are a few tips recommended by experts to mitigate the risks in blockchain technology: -

  • Two-factor authentication
  • Ensuring proper wallet management 
  • Using different wallet addresses 
  • Keep off phishing links 
  • Regularly checking wallet approvals
Read more »
Weapons Programs
Cyber Security Defense DOD Security Risks Weapons Programs

U.S. DOD Weapons Programs Struggles to Add 'Key' Cybersecurity Measures

 

The U.S. Defense Department failed to communicate cybersecurity guidelines to contractors tasked with building systems for its weapon programs, according to a new watchdog report, released on Thursday. While the agency has developed a range of policies aimed at strengthening the security for its weapon programs, the guidance misses out a key point – the contracts for securing various weapons. 

The U.S. government sanctions hundreds of billions of dollars each year for contracting various manufacturers, from military contractors to small businesses. In a new report released on Thursday, the U.S. Government Accountability Office (GAO) said, 60 percent of the contracts meet zero requirements when it comes to cybersecurity measures. 

According to the GAO report, three out of five contracts reviewed by them had no cybersecurity requirements written into the contract language when they were awarded, with only vague requirements added later. The Air Force was the only service with broad guidance to define cybersecurity requirements and incorporate them in contracts.

“Specifically, cybersecurity requirements should be defined in acquisition program contracts, and criteria should be established for accepting or rejecting the work and for how the government will verify that requirements have been met,” according to the GAO’s report.

The Defense Department (DOD) has a huge network of sophisticated weapons systems that need to resist cyberattacks in order to operate when required. But the DOD also has a documented history of discovering mission-critical security flaws within those programs due to what the GAO says is a lack of focus on weapon systems cybersecurity. 

“As we reported in 2018, DOD had not prioritized weapon systems cybersecurity until recently, and was still determining how best to address it during the acquisition process. The department had historically focused its cybersecurity efforts on protecting networks and traditional IT systems, and key acquisition and requirements policies did not focus on cybersecurity. AS a result, DOD likely designed and build many systems without adequate security,” the report read.
Read more »
Subscribe to: Posts (Atom)