6 Reasons We Need to Boost Cybersecurity Focus in 2019

Posted: 19 Jan 2019 06:03 AM PST

Paying attention to cybersecurity is more important than ever in 2019. But, some companies are still unwilling to devote the necessary resources to securing their infrastructures against cyberattacks, and naive individuals think they’re immune to the tactics of cybercriminals, too.

For people who still need some convincing that cybersecurity is an essential point of focus, here are six reasons.

1. The Average Cost of a Cyberattack Exceeds $1 Million

It’s no surprise that cyberattacks are costly, but some people will likely be shocked at the massive expenses that could result. According to a recent report from Radware, the total costs are more than $1 million. Additionally, victims report issues not directly related to financial losses, such as decreases in productivity or negative customer experiences.

Based on the above statistic, enterprises should conclude that although it costs money to invest in cybersecurity strategies, the expenses could be more substantial if organizations choose not to put enough of their resources toward experts and tools that minimize threats.

2. The U.S. Government Says It’s Time to Come Up With a Better Plan

The U.S. government, as well as the authorities from other nations, continually struggle to safeguard against digital attacks from rivals. The challenges are so immense that government bodies and officials warn that the United States needs an improved way to stop adversaries.

A State Department report warned that the country is increasingly dependent on networked information systems, and foes from other nations have learned to exploit that dependence and use it to disrupt the lives of Americans.

Most people who live in the U.S. can at least imagine the consequences of a severe cyber attack that affected the country’s ability to proceed with normal operations. Since government authorities researched the possibility and asserted there’s no time to waste in coming up with an improved approach to cybersecurity, that’s all the more reason to take action this year.

3. The Methods of Attack Are Diversifying

A decade or so ago, people typically felt sufficiently secure online by installing anti-virus software on their computers. That’s still a worthy precaution to take, but it’s no longer adequate for preventing all or even most of the attacks a hacker might try.

According to a 2014 report, cybercriminals orchestrated 75 percent of attacks through publicly known software vulnerabilities. But, they also try to gain people’s credentials through phishing attacks, lock down their systems with ransomware or infiltrate poorly secured connected devices to name but a few possibilities.

People have a growing number of ways to use technology and rely on connected devices, but that also means the likelihood goes up for potentially unfamiliar kinds of attacks. Focusing on cybersecurity this year requires, in part, understanding the most recent and common types of threats and protecting networks against them.

4. Recent Breaches Victimized Millions

Equifax and Starwood/Marriott dealt with breaches that compromised the data of well over 100 million victims. The earlier revelation about the financial costs of cyber attacks is damning in itself, but it’s crucial for brands — and consumers themselves — to recognize that data breaches can be unintentional or malicious, but in any case, they could affect millions of people.

Then, affected companies have to engage in damage control in an attempt to restore lost trust. Even when those entities put forth the effort, they may still find that customers behave differently following breaches.

More specifically, an April 2018 study examined the connection between consumer trust and spending. It involved respondents giving a trust score to businesses. The survey revealed that 15 percent of low-trust customers decreased how much they spent at companies. But, in cases of high instances of trust, the decrease in consumer spending was only 4 percent.

5. It Takes Months to Identify and Contain Breaches

If a person or business has a significant water leak in a well-used area, the problem is usually easy to spot and fix. But, it’s typically not so straightforward with cyber-related issues.

Research from 2018 published by IBM found that, on average, it takes 197 days to identify a breach and 69 days to contain it. Those timeframes give hackers plenty of time to do damage that may prove irreparable. Then, once headlines indicate how long a breach remained unnoticed, the reputational damage could be severely harmful, too.

Making cybersecurity a focal point this year could minimize the time spent looking for areas of concern within a network, especially if using artificial intelligence-based strategies that learn normal conditions and give warnings about deviations.

6. Cybercrime Is Extremely Profitable

Some criminals alter their methods once it becomes apparent that their current wrongdoings are no longer profitable. But, that probably won’t happen for a while concerning online-based crimes. Research from a criminology expert published in April 2018 highlighted how the worldwide revenues from cybercrime are at least 1.5 trillion annually.

The investigation talked about how cybercrime represents an interconnected web of profit possibilities with blurred lines between legal and illegal activities. If people don’t fight back against online criminals at both personal and organizational levels, hackers will have more opportunities than ever to continue making income while others suffer.

Failing to Focus on Cybercrime This Year Could Cause an Assortment of Issues

This list highlights some of the most prominent reasons why it’s essential to make cybersecurity a priority in 2019. Hackers get progressively more skilled at carrying out attacks, and they can cause significant catastrophes on unprotected or poorly defended

About the author

Kayla Matthews is a technology and cybersecurity writer, and the owner of ProductivityBytes.com. To learn more about Kayla and her re

Pierluigi Paganini

(Security Affairs – 2019 Cybersecurity predictions, cyberattacks)

The post 6 Reasons We Need to Boost Cybersecurity Focus in 2019 appeared first on Security Affairs.

Posted: 19 Jan 2019 04:57 AM PST

A bug in Microsoft partner portal ‘exposes ‘ support requests to all partners, fortunately, no customer data was exposed.

The Register in exclusive reported that Microsoft partner portal ‘exposed ‘every’ support request filed worldwide.’ Tickets submitted from all over the world were exposed to all Microsoft support partners due to the glitch.

"At the moment in the Microsoft Partner Portal you can see every ticket title for every support request worldwide!" Stuart Crane of IT biz Everon told The Register.

Microsoft partner

“Another Microsoft small biz specialist contacted us to say “Logged on to my Microsoft Partner portal to check status of a ticket I have open with them only to see lots of tickets which are not ours”.” reported The Register.

According to another Microsoft partner quoted by The Register, the bug exposed case number and title of the tickers, but not their content. This means that the problem will not cause Microsoft big problems with data protection laws or watchdogs.

Microsoft quickly addressed the flaw and downplayed the issue explaining that only a limited number of features in the Partner Centre portal were affected.

“We've addressed an issue that impacted a small subset of functions on our Partner Centre portal and we're working to restore normal operation.”
said a spokesperson for Microsoft.

Pierluigi Paganini

(SecurityAffairs – Microsoft partner portal, data leak)

The post appeared first on Security Affairs.

ES File Explorer vulnerabilities potentially impact 100 Million Users

Posted: 19 Jan 2019 03:02 AM PST

Security expert Robert Baptiste (akaElliot Alderson) discovered a vulnerability (CVE-2019-6447) in the ES File Explorer that potentially expose hundreds of million Android installs.

The ES File Explorer is an Android file manager that has over 100,000,000 installs and more than 500 million users worldwide according to its developer.

Baptiste discovered that the application uses a local HTTP server that listen on the open port 59777.

The expert noticed that even is the app is closed the server will still run until the user will kill all the background services of ES File Explorer

An attacker can connect the server and retrieve many device info, including the list of installed apps. The scary aspect of the flaw is that a remote attacker can get a file from the victim’s device and launch an app on the phone.

“The ES File Explorer File Manager application through for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi network.” reads the description provided by the Mitre.

“This TCP port remains open after the ES application has been launched once, and responds to unauthenticated application/json data over HTTP.”

The attack works even if the victim will not actually grant the app any permissions on the Android device.

Baptiste published by PoC code on GitHub that could be used by an attacker that share the same Wi-Fi network to use to list and download files from the victim’s device and SD card, and launch apps and view device information.

With the following Proof Of Concept (POC), you can:

  • List all the files in the sdcard in the victim device
  • List all the pictures in the victim device
  • List all the videos in the victim device
  • List all the audio files in the victim device
  • List all the apps installed in the victim device
  • List all the system apps installed in the victim device
  • List all the phone apps installed in the victim device
  • List all the apk files stored in the sdcard of the victim device
  • List all the apps installed in the victim device
  • Get device info of the victim device
  • Pull a file from the victim device
  • Launch an app of your choice
  • Get the icon of an app of your choice

As reported by Bleeping Computer, a few hours after Baptiste disclosure the CVE-2019-6447 flaw, the cybersecurity expert Lukas Stefanko from ESET announced the discovery of another local vulnerability in ES File Explorer.

A local attacker could exploit this second flaw to carry out a Man-In-The-Middle (MitM) attack that will allow it to intercept the app’s HTTP network traffic and exchange it with his own.

ES File Explorer versions up to are affected by this MitM flaw.

At the time the ES File Explorer’s development team announced the fix for “the http vulnerability issue,” but there are other bugs to fix.

Pierluigi Paganini

(SecurityAffairs – Liberia, DDoS)

The post ES File Explorer vulnerabilities potentially impact 100 Million Users appeared first on Security Affairs.