Month: April 2021

Major Cyber attacks evidenced globally in Q1 2021

Posted on by Anteelo Master

Cyber crime has been on the rise for years now and it is not showing any signs of slowing down. To make it worse, the arrival of the COVID-19 pandemic in 2020 just fueled the situation. Those who were expecting relief from the increasing terror of cyber crimes in 2021 are to be disappointed as the number of attacks is only increasing day after day.

We have barely crossed the first quarter of 2021 and already several major cyber attacks have made the headlines. Here is a list of some of the major cyber attacks that took place in Q1 2021:

 

#1 Channel Nine

Australian broadcaster Channel Nine was hit by a cyber attack on 28th March 2021, which rendered the channel unable to air its Sunday news bulletin and several other shows. With the unavailability of internet access at its Sydney headquarters, the attack also interrupted operations at the network’s publishing business as some of the publishing tools were also down. Although the channel first claimed that the inconvenience was just due to “technical difficulties”, it later confirmed the cyber attack.

#2 Harris Federation

In March 2021, the London-based Harris Federation suffered a ransomware attack and was forced to “temporarily” disable the devices and email systems of all the 50 secondary and primary academies it manages. This resulted in over 37,000 students being unable to access their coursework and correspondence.

#3 CNA Financial

One of the biggest cyber insurance firms in the US CNA Financial suffered a ransomware attack on 21st March 2021. The cyber attack disrupted the organization’s customer and employee services for three days as CNA was forced to shut down to prevent further compromise. The cyber attack utilized a new version of the Phoenix CryptoLocker malware, which is a form of ransomware.

#4 Florida Water System 

cyber criminal attempted to poison the water supply in Florida and managed by increasing the amount of sodium hydroxide to a potentially dangerous level. The cyber criminal was able to breach Oldsmar’s computer system and briefly increased the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million.

#5 Microsoft Exchange Mass Cyber Attack

A mass cyber attack affected millions of Microsoft clients around the globe, wherein threat actors actively exploited four zero-day vulnerabilities in Microsoft’s Exchange Server. It is believed that nine government agencies, as well as over 60,000 private companies in the US alone, were affected by the attack.

#6 Airplane Manufacturer Bombardier

A popular Canadian plane manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of the confidential data of suppliers, customers and around 130 employees located in Costa Rica. The investigation revealed that an unauthorized party had gained access to the data by exploiting a vulnerability in a third-party file-transfer application. Also, the stolen data was leaked on the site operated by the Clop ransomware gang.

#7 Computer Maker Acer

The globally renowned computer giant Acer suffered a ransomware attack and was asked to pay a ransom of $50 million, which made the record of the largest known ransom to date. It is believed that a cyber criminal group called REvil is responsible for the attack. The threat actors also announced the breach on their site and leaked some images of the stolen data.

#8 University of the Highlands and Islands

A cyber attack targeted the University of the Highlands and Islands (UHI), forcing the university to close all its 13 colleges and research institutions to students for a day. Security professionals uncovered that the attack was launched using Cobalt Strike, a penetration testing toolkit commonly used by security researchers for legitimate purposes. This incident is just another in a series of cyber attacks targeting the education sector.

#9 Sierra Wireless

On 20th March 2021, the multinational IoT device manufacturer Sierra Wireless was hit by a ransomware attack against its internal IT systems and had to halt production at its manufacturing sites. Its customer-facing products weren’t affected and the company was able to resume production in less than a week.

#10 Accellion Supply Chain Attack

Security software provider Accellion fell victim to a breach targeting its file transfer system FTA. Many of its clients were affected by the breach. Some high-profile organizations that got caught in the crossfire include grocery giant Kroger, telecom industry leader Singtel, the University of Colorado, cyber security firm Qualys and the Australian Securities and Investments Commission (ASIC). A lot of confidential and sensitive data stolen from various companies by exploiting the vulnerabilities in Accellion’s FTA tool was leaked online.

How to Protect Your Organization Against Cyber Attacks?

Witnessing the extent of damage cyber attacks can cause should be reason enough to take the necessary preventive measures right away. So, here are some steps you can take to reinforce your organization’s cyber security framework and keep it shielded from cyber attacks.

 

  • Generate Cyber Security Awareness: Unaware employees can prove to be an organization’s biggest weakness when it comes to cyber security. Generating awareness among your employees about the prevalent and emerging cyber threats is one of the most effective ways of protecting your business against cyber attacks.

 

  • Implement a Phishing Incident Response Tool: Educating your employees will only take you so far if you don’t equip them with the means of dealing with cyber threats. A phishing incident response tool like TAB can empower your employees to detect and report suspicious emails right away, significantly reducing cyber risks.

 

  • Carry Out VAPT: Conduct periodic Vulnerability Assessment and Penetration Testing (VAPT) to detect any exploitable vulnerabilities in your organization’s IT infrastructure including applications, servers and networks. Make sure to fix the detected weaknesses on priority.

 

  • Keep the Systems Updated: Keep all your hardware and software up-to-date with the latest security updates and patches. Failing to do so can create weaknesses in your security infrastructure and lead to cyber attacks.

 

  • Implement MFA: Enable Multi-Factor Authentication (MFA) across all the applicable endpoints of your organization’s networks. This will not only add an extra layer of security but also protect you in case your employees’ user credentials are stolen.

 

So, don’t wait for your company’s name to be on the list of cyber attack victims and take the necessary precautions immediately.

Vulnerabilities in Critical Infrastructure and its mitigation

Posted on by Anteelo Master

With geopolitical tension rising in certain parts of the world along with the ambitions of cyber attackers, coming up with a holistic strategy to protect the nation’s critical infrastructure has become a priority for the enterprises handling them. Imagine what would happen if the nuclear plants or the space agencies of a country were hit by a cyber attack. The disruption caused due to a successful cyber attack on a nation’s critical agencies can be far-reaching. It has the potential of causing a major loss of money, time, and even lives. This can be illustrated by a recent incident.

After the release of the largest-ever compilation of breached usernames and passwords, COMB, a cyber attacker wrongfully entered the Oldsmar (Florida) water plant’s computer systems to poison the city’s water supply by changing its pH to dangerously acidic levels. Even though the attack was thwarted before completion, this incident has opened our eyes to the dangerous reality of such an attack being successfully executed in the future.

Tomorrow, this attack can take place in the form of manipulation of boiler pressure in a thermal power plant or a ransomware attack on the country’s top-tier healthcare institutions. All of such attacks are not only potentially life-threatening but also pose a huge risk of material damage.

Key tips for cybersecurity protection at your critical site - Secure Insights

Other Cyber Incidents Around the World Involving Critical Infrastructure

In February 2020, Saudi authorities reported that their public petroleum and natural gas company Saudi Aramco has seen an increase in cyber attack attempts. This public enterprise suffered a huge cyber attack back in the year 2012 when Shamoon Virus hit the facility and damaged around 30,000 computers.

A few months back, New Zealand’s central bank suffered a huge data breach, where commercially and individually sensitive information was stolen by cyber attackers.

In another event, an electricity grid in the state of Maharashtra (India) was hit by a cyber attack that resulted in a power outage. This incident took place in the month of October 2020 and the authorities suspect Chinese involvement in it.

Discussing the Deterrent

In today’s world, there is cut-throat competition between countries for production and use of resources. Therefore, it is all the more important for enterprises handling and managing the critical infrastructure to adopt a multipronged approach while planning a defense against cyber attacks.

At the organizational level, some of the following measures can help in stopping cyber attacks from affecting the enterprise-

  1. Access Management – Access management is the first basic measure that organizations should take to protect their control systems. Identity Access Management (IAM) in databases and other important IT infrastructure is necessary to limit access and prevent the misuse or leak of information.
  2. Awareness as Defense – One very effective way of preventing cyber attacks on an enterprise is to train the employees in the basics of cyber security. Cyber aware employees form a major defense against attempted cyber attacks on the enterprise.

ThreatCop Lifetime Deal | Security Attack and Awareness Simulator

  1. Email Domain Security – To ensure the security of an organization, it is imperative to address the cyber threats originating from its email domain. Using email domain security tools like KDMARC can be very effective in stopping spoofing of the email domain to protect the enterprise against spear-phishing and BEC attacks.
  2. Data Backup –  Frequent data backup in offline locations in a segmented manner is the best approach to defend against ransomware attacks.
  3. Incident Response – Use of incident response tools can facilitate quick detection of and response to a cyber attack. A phishing incident response tool like Threat Alert Button (TAB) can be quite helpful in identifying and removing phishing emails from the employees’ inboxes.
  4. Strong Password Policy – Employees should be encouraged to use strong passwords. This applies to both their work emails and other credentials used for accessing information and operations of critical systems in the enterprise.

 

CIOs and CISOs in 2021: Key Takeaways

Posted on by Anteelo Master

CIOs and CISOs with good foresight can have a positive impact on the overall cyber security outlook of an organization. Securing the organization against cyber threats is a process and every process needs a strong leader to spearhead it. A strong leader has ideas and methods to implement those ideas.

Qualities in a Good Information Security Officer

Next Generation CIOs and CISOs | AESC

Being in charge of the cyber security of an organization, CIOs and CISOs have a great amount of responsibility on their shoulders. Even a careless mistake can result in huge losses of time and money. So, what makes a good information security officer?

  1. Innovation
    CIOs and CISOs should have the ability to adapt to the growing pace of technology as well as the threats and opportunities arising from it. They should always be on the lookout for innovative ways to make cyber security easy, hassle-free and effective.
  2. Self-awareness
    The ability to be thoroughly aware of your strengths and weaknesses is a major quality in every good leader. It applies to information security officers too. CIOs and CISOs should be well aware of what they lack and how to fill that void.
  3. Hunger for learning
    “Leadership and learning are indispensable to each other.” – John F. Kennedy
    A good leader never stops learning. The evolution of skills is a prerequisite for finding creative solutions to tricky problems.
  4. Decisiveness
    As the leader of a very sensitive department of the organization,  CIOs or CISOs should be quick in making decisions. Cyber threats can proceed as a sequence of mixed events very quickly and it is imperative for information security officers to be quick on their feet when it comes to handling such situations.

Insights That Would Interest CIOs and CISOs in 2021

It is important for information security officers to figure out what needs to be done and how to prioritize each task in order to protect their organization against cyber threats. Some of the insights mentioned below would interest information security officers – 

  1. Information Security has Taken the Front Seat
    In Oct 2020, 451 Research’s Coronavirus Flash Survey revealed that information security has become a major technology objective for 44.7% of surveyed organizations due to the influence of Covid-19.
  2. Information Security Officers are Closer to Business than Ever
    Gartner’s 2021 CIO Agenda revealed the fact that as a result of Covid-19, CIOs are now working very closely with business heads of their respective organizations. The ever-increasing role of information security officers in improving the business potential of the organization has made their position all the more important.
  3. Nothing Can Replace Human Awareness
    An article published by CISO Mag in September 2020 revealed that 88% of data breach incidents are caused by employees’ mistakes. If an information security officer could prevent this from happening, imagine the overall business improvement that this will result in.It is possible for information security officers to bring about a positive change in the level of cyber security awareness in their organizations. Using security awareness tools can be a good starting point.A rational cost-benefit analysis would tell you that employee awareness will always be an important part of an organization’s cyber security policy. The benefits accruing to the organization from a more aware workforce can be HUGE!!

    4.Insider Threat is a Reality
    Covid-19 has tested our limits of patience and tolerance. However, some people handle this stress well, others don’t. It is important to understand that the risk of insider threats arising from malicious intent and abuse is now greater than ever. This is majorly due to job security concerns that have grown during this pandemic phase.

  1. Remote Work Culture is Here to Stay
    It is a well-known fact that many companies have now opted for remote working – covid or no covid. They believe that remote working can reduce many of their management costs. However, remote working can adversely affect the organization’s threat posture. This is one big reason for the elevated level of responsibility on an organization’s information security officers. Employee education and the use of a strong IAM (Identity Access Management) system can go a long way when it comes to the resolution of this problem.

Cyber security has become a board-level talk for many organizations now. Avoiding the loss of business due to cyber attacks is now a business strategy. Therefore, it is upon information security officers to improve the business potential of their organizations by choosing methods that help in defending against cyber risks.

For an even better understanding of how information security officers go about their business to defend their organization against cyber threats, you can view the following webinar on the topic – How to Guard Your Organization Against Phishing in a Remote Working World?

 

Phishing and Pharming: All of it You Must Know

Posted on by Anteelo Master

Today, the ever-evolving technology has taken society to the next level of evolution. However, it has also paved a path for malicious actors to misuse it and exploit unwary users. Day after day, cyber criminals are growing more sophisticated and smart. They have been honing their skills in order to bypass the latest security standards and obtain money and data illegally.

Phishing and pharming are two major types of cyber attacks that involve tricking others into providing their personal information. Although cyber criminals use both these tactics to obtain sensitive information, they work differently.

A Brief Guide on Phishing and Pharming - anteelo

What is Phishing?

Email Phishing, Vishing & Other Types of Attacks | Webroot

Phishing is basically a social engineering attack that uses emails as a disguised weapon. In short, the cyber criminals impersonate a legitimate source to trick the target into clicking on a malicious link or attachment to acquire their personal information.

 

The scary part is, cyber criminals are not only limited to using emails for launching phishing attacks. They can also phish over a website and sometimes go with SMS (smishing) or voice call/messages (vishing) to trick users. According to a report from Security Boulevard, 97% of the users are unable to recognize a sophisticated phishing email.

 

In another report from The National News, 94% of UAE businesses experienced phishing attacks in a year. The same report also highlighted that 77% of email spoofing attack victims had money and valuable data stolen in the UAE, as compared to the global average of 73%.

 

Example of a Common Phishing Scam Attempt

 

  1. A spoofed email impersonating incometaxindiaefilling.org.in to distribute it to as many taxpayers as possible.
  2. The email claims that the taxpayers are qualified to obtain a refund and prompts them to submit the tax refund request within 3 days.

Several things can happen if the users click on the link to submit the request. The users might be redirected to a bogus page, where they may be asked to submit their personal information.

 

The hackers can harness the information and use it for other malicious activities such as identity theft. This can often lead to more disastrous and grievous consequences. Furthermore, on clicking on the link, the users might end up downloading malware infections like ransomware.

 

What is Pharming?

What is Pharming and How to Prevent a Pharming Attack

Pharming is the combination of two words “phishing” and “farming”. Pharming refers to the redirection of the users to a fraudulent website without their consent.

 

For example, an employee routinely logging into a payroll account may be redirected to a forged website instead. And, if the fraudulent website looks legitimate enough, the victim may end up getting tricked.

 

The motive behind phishing and pharming attacks remains the same, however, the techniques used to carry out these attacks are different. In pharming, cyber criminals carry out a two-step procedure in order to succeed.

 

First, the malicious actors push a malicious code on the victim’s computer or server. Second, the code redirects the victim to a fraudulent website where they are asked to enter their personal information.

 

To completely understand how pharming works, one must understand how Domain Name System (DNS) servers work. Whenever a user enters a domain name, the DNS servers translate that domain name into an IP address. It is the IP address that indicates the actual location of the website.

 

So, once a user visits a certain website, a DNS cache forms to prevent the need for visiting the server each time the user returns to that site. However, cyber criminals can corrupt both the DNS cache and the DNS servers through pharming. As a result, the users assume the bogus website to be legitimate and end up submitting their personal information.

 

How to Prevent Phishing and Pharming?

Several enterprises are implementing security protocols and taking steps to protect customers from phishers and pharmers. For example, in April 2020, the UAE Banks Federation launched a fraud awareness campaign to prevent digital banking service users from falling for scams. However, all it takes is one click for someone to fall for a scam.

 

Though as harmful as these attacks are and as easy as it is to fall for these attacks, they can be easily prevented. Taking the basic precautions listed below can help you and your organization in mitigating the risk of these kinds of attacks:

 

  • Look Out for URLs

Make sure your employees pay attention to the URL of the website when browsing on the internet. Legitimate websites always have the upper domain or TLDs (Top Level Domains) such as  .org, .com, .edu, .net, etc. For example, www.google.com.

 

However, if on visiting the site, it is www.google.ad.com or www.Goodle.com – even a minor mistake in the website URL is a hint that the DNS cache has been compromised.

 

  • Brand Monitoring

As an organization, promoting your brand is essential to foster the identity of your company. If cyber criminals impersonate your brand for malicious purposes, it can bring down everything you have worked for. Therefore, it is highly recommended to keep track of how your brand is being represented online.

 

  • Avoid Clicking on Links

Make sure that your employees pay extra attention whenever they click on a link embedded in an email, especially one from an unknown source. It is advisable to make a habit of hovering over the link to check its destination before clicking on it.

 

Additionally,  implement a phishing incident response tool like TAB to enable the employees to report any malicious links or attachments getting delivered through an email.

 

Cyber Security Awareness Program

Cyber Security Awareness Programs

Even if your organization has implemented all the best cyber security tools, it all comes down to how cyber aware and vigilant its employees are. So, organizations should conduct regular cyber security awareness training programs to raise awareness amongst the employees.

 

For instance, an employee working in the accounts department is more likely to open an email or click on the link embedded in it if it is related to the organization’s financial statements. Simulating phishing attacks on the employees can help them understand how to spot phishing attempts and react to them in real life.

 

No matter how strong an organization’s IT security infrastructure is, addressing the employees is a must for every organization. Remember, all it takes is one simple click for an employee to jeopardize the whole organization.

 

TRENDS IN LOGO DESIGN

Posted on by Anteelo Master

Logos are like puzzles, they don’t make much sense to the users when it comes to influence. They don’t contribute in persuading the users, however they play a crucial role in identifying a brand or a product. Depending on the brand’s familiarity, logos can provoke a lot of emotions, from nostalgia to relief, it could be anything. When companies try to introduce new logos, they often face backlash and complaints from the users, which shows they significance of logos.One thing that branding gurus say about classic brand logos is, “if it ain’t broke, don’t fix it”. However, at times it becomes a necessity to revamp the logos or even completely change it, if it is hurting the brand image. Keeping up with changing trends, styles, colour combinations, etc., requires a lot of effort and that might make the company look like it is behind the times. But, if a company revamps and changes the outdated logo, it gives an impression that the company keeps up with the times and is forward thinking.

Sophisticated logos containing multiple colours might look appealing in digital mode, but sometimes there comes a huge difficulty in scaling it up and down and placing it effectively. In such a situation, considering re-designing is a good option.

Change in a company’s portfolio, due to value, mergers, etc., can also prompt re-designing of logos. They are dedicated to choosing a new logo that best represents them. 

For instance, HeroHonda was a single company, but when they separated they obviously discarded the signature hero-honda logo and chose brand new logos for their respective companies.

Designs are extremely sensitive and prone to losing relevance at a higher pace. There goes a lot of cultural, psychological research behind designing a logo. It is essential to know what relates best to the brand/product.

 

Let’s take a look at the top logo design trends

BROKEN LETTERS

The broken letter logo caught the fire amidst designers not long ago. The reconstruction, deconstruction of alphabets in a geometric sense, slicing them aesthetically, this is all what broken letter logo is about. This represents a modern shift in design, wherein with a touch of creativity, logos are designed in a way that it is clear to the users as to what the brand stands for.

ANIMATED LOGOS

By far the hottest trends, logos designed with animation and special effects. As a modern world, where digitisation plays a crucial role, the brand that sells on the web is clearly on top. An animated or a moving gif logo surprises the users in a way they didn’t expect to be coming. How would you feel when you look at a logp thinking it to be still, rather you find it in an animated form? Now how does something like that not catch the users’ eyes?

GEOMETRICAL SHAPES

Clean lines and clear shapes are satisfying to the eyes right? It is like an oddly satisfying element in design. From squares to trapeziums, almost all the shapes are in trend and that too, for all kinds of design. We are inevitably drawn towards geometric shapes and our designer-mates like multi-use design shapes. It is like a simple yet effective element in design.

VIBRANT COLOURS; SINGLE SHADE

Adding pop of colours generously lead to the creation of quirky, eye-catching logos. Of Late, many brands have reinvented their image by adding vivid and vibrant singular colours to their logos. This addition of hues enables the brands to attract users’ attention and leave an impact.

GRADIENT

Remember those days when designers used to create 3D logos to catch those eyes? Sadly and happily, those days are long gone. Here we are with the concept of ombre, i.e., gradients. The subtle mixing of colours to create a beautiful effect, mostly starting with darker tones and ending with a lighter tone. It is very pleasing to the eyes and as a bonus, it also opens up a lot of creative possibilities.

SIMPLICITY IS THE BEST

If designed the right way, simple and crisp logos become impactful in a soothing way. “Less is more”, best suits such logos that have set newer benchmarks everytime in the industry. Art can be creative and can be sleek, simple at the same time. It is not an impossible task to achieve, all you need is balance. And the best part is, such logos work for all sorts of brands and businesses.

HAND-DRAWN

Personal touch always leaves a mark and hand drawn logos are the perfect example. It brings back an ocean of nostalgia and memories. Such kinds of logos bring about a variety of senses: humaneness, grounded feeling, playfulness, quirkiness and happiness. They aren’t restricted by letter or technology, they set your hands free. However, whilst designing such a logo, make sure that it makes sense, looks legit and does not get affected by the doctor-like handwriting.

Before designing a logo, make sure that you’ve researched well into the trends and highlights. But that is just to keep you up with the times, the design that you create should be entirely unique and should solely belong to you. It shouldn’t be like, “oh this looks like..” that’s a huge NO.

There are a lot of expectations from logos and so make sure to create a beautiful combination of the trends and your innovation. This will lead to the production of a modern-looking, timeless logo. 

 

Phishing Attacks Preventative medicine for 2021

Posted on by Anteelo Master

Phishing attacks use deceptive emails to trick users. They have become one of the foremost attack vectors to deliver malicious content into computer systems.

There are two ways to carry out a phishing attack. The first uses website spoofing, in which the perpetrators create an almost perfect double of a legitimate website and then ask the victim to log in with their credentials there. The attacker then gets hold of these credentials. The second one uses a malicious attachment and tricks the victim into downloading it.

The Anatomy of a Spear Phishing Attack: How Hackers Build Targeted Attacks (and why they're so effective)Webinar.

Overall, the objective of phishing attacks can vary. It may be launched to-

  • gain access to the sensitive information of the victim
  • block the services from the legitimate user for ransom or other reasons
  • make undetectable changes to the crucial information held by the organization

 

Moreover, threat actors use phishing emails during crisis situations to create panic among users and lead them to spoofed websites. For example, the rise of phishing incidents during the recent coronavirus pandemic.

 

Phishing affects organizations in a major way. Additionally, it affects individuals and their cyber security negatively. For organizations, phishing attacks can also lead to a leak of organizational secrets. Consequently, this can cause a major loss to the reputation of the brand. An article published by CSO Online in March 2020 revealed that 94% of malware is delivered via mail.

 

Phishing Attacks: More Complex Than Ever

With each passing day, threat actors have evolved their phishing methods and taken their game up a notch. Presently, they are coming up with more sophisticated phishing email templates every day. As a result, these phishing emails are now almost impossible to differentiate from legitimate emails. Phishing can take various forms like-

 

  1. Spear Phishing – In spear phishing, the emails are targeted at a specific group of victims and the phishing email template is designed according to the targeted group. It is made to look like it’s coming from a trusted source.A phishing email may use the domain of an organization and a person sitting at a position of authority in that organization as the sender. For example, the sender ID in a phishing email meant to trap employees of an organization named ‘company’ may look like ceo@companny[.]com.
  2. Clone Phishing – Attackers may get hold of previously sent legitimate emails and design similar-looking emails. These phishing emails usually contain a malicious attachment or link to trap the victim after they download the attachment or click on the link.
  3. Whaling – Whaling is a type of phishing attack that targets high-profile executives of an organization. Attackers can fetch high returns through such attacks.

 

All things considered, defense against phishing includes everything from awareness and training to automated cyber security solutions. With the rise in the trend of emails being used as a medium to deliver malicious content, defense against phishing has become all the more important.

 

Measures to Prevent Phishing

Phishing Protection Checklist - How To Protect Yourself From Phishing

  1. Generate Awareness – Awareness training tools can help in generating cyber security awareness among employees. It uses cyber attack simulation to launch dummy attacks on employees of an organization. Moreover, after an attack campaign, it also imparts awareness and training to educate employees about how they should react in such situations.
  2. Be wary of offers too good to be true –  Employees should be on the lookout for emails that contain offers that are too good to be true. It is a common practice among cyber attackers to use such lucrative offers to prompt the victim to click on the link in the email.
  3. Encrypting Email Content – Attackers can get hold of legitimate email content in the inbox. They can then design their phishing attack templates accordingly. To avoid this, encryption can be a very effective method.
  4. Multi-Factor Authentication (MFA) – MFA is important to minimize chances of data theft if a threat actor gets hold of account credentials. Therefore, it provides an extra layer of protection in case someone loses their credentials in a phishing attack. In a way, it delays losses arising from human error.
  5. Keep Up With The Trend – Keeping up with the ongoing cyber trend is equally important. If your employees are aware of the cyber attack trends of the time, it is easier for them to tell a legitimate email apart from a phishing email. Consequently, they will not click on any suspicious links or attachments the phishing email contains.
  6. Use Phishing Incident Response Tools – Using phishing incident response tools like Threat Alert Button can help in removing malicious emails from the inbox of the users. Moreover, it also empowers the employees to report suspicious emails immediately.
  7. Secure Your Organization’s Email Domain – It is advised that organizations secure their email domain using tools like KDMARC to minimize the chances of spear-phishing attacks on their employees. Furthermore, this can also help in the maintenance of brand reputation and the prevention of domain misuse.

 

Conclusion

Phishing attacks can affect individuals and organizations by compromising their information security. In addition, threat actors have become more advanced in their methodology and this should be reason enough to become more watchful. They pose a threat to our privacy, our finances, and almost every other well-functioning system in the world. To sum up, phishing attacks exploit human negligence. Therefore, every internet user, irrespective of the value of the information they possess, should be alert and proactive in securing their cyber space.

Web Application Security : A Necessity, Not a Luxury

Posted on by Anteelo Master
Web application security is an all-encompassing term that covers the security of websites, web applications and web services. Web applications are one of the prime targets for cyber attackers due to the following reasons-

  1. The complexity of their source code increases the chances of manipulation of the code with malicious intent and unseen vulnerabilities.
  2. These attacks can be launched easily and target multiple targets at the same time.
  3. The rewards reaped by the attackers are huge. They can get hold of the financial information or other private data that belongs to the users of the application.

Web Application Security: Complete Beginner's Guide | Netsparker

Organizations need to be wary of such attacks on their web applications as it can result in the disruption of their relationships with their clients or can lead to legal action against them. According to a report published by Forrester in 2020, 35% of all external cyber attacks on organizations came in through a web application. In fact, Security Boulevard reported that as the first batch of COVID-19 vaccine vials was distributed, an increase of 51% web application attacks on healthcare targets was noticed.

 

Also, recently, a report by Business Standard revealed that a hacking group called ShinyHunters leaked 1.9 million user records stolen from an online photo editing application known as Pixlr. In another case, the same hacking group stole the data of users from an online dating website named MeetMindful.

 

All of this should be alarming for organizations, especially the ones dealing with sensitive user information. Web application security, an often ignored aspect of cyber security, should therefore be given priority in the cyber security policies of organizations.

Types of Web Application Vulnerabilities

 

Web application attacks can take various forms. This is done using different vectors mentioned below-

 

  1. Cross-site Scripting (XSS) – It is a type of injection attack that targets users to access their accounts, modify the content of a page or activate trojans. Direct injection of a malicious code into an application results in Stored XSS.  A Reflected XSS occurs when a malicious script is reflected off an application onto a user’s web browser.
  2. SQL Injection – SQL Injection is a malicious SQL code used to manipulate a back-end database in order to reveal information. This can result in unauthorized access to the administrative control of the web application and unwarranted modification of data.
  3. Remote File Inclusion – Injecting a file onto a web application server from a remote location is known as Remote File Inclusion. Hackers use this vector for the execution of malicious scripts within the application. It has also been seen that this vector is used for data manipulation and data theft.
  4. Cross-site Request Forgery – This kind of attack takes place when a malicious web application makes a user’s browser perform an unwanted action on a site where the user is logged in to. This attack can result in an unsolicited transfer of funds, changed passwords or data theft.
  5. Denial of Service (DoS) Attack – Denial of Service Attack (DoS) occurs when a server stops responding to the incoming requests of its legitimate users or starts responding very sluggishly due to its overloading with different types of attack traffic.
  6. Misconfiguration of Security Settings – Attackers pounce upon the chance of exploiting misconfigured security settings or settings that are set at default, verbose error messages with sensitive information and misconfigured HTTP headers.
  7. Insufficient Logging and Monitoring – This is one vulnerability that can help the attackers further attack systems or tamper, destroy and extract data. According to security experts, it takes 197 days on an average to detect a data breach.
  8. Buffer Overflow – Buffer Overflow is the overflowing of the buffer’s capacity, which is a space in memory, resulting in the overwriting of the adjacent memory locations with data. This can be used to inject malicious code into the memory.

Measures for Risk Mitigation

 

  • Using a Web Application Firewall – A Web Application Firewall is a hardware and software solution designed to defend against any attack attempts. It is a good way to compensate for any code sanitization deficiency.
  • Gathering Information – Classify third-party hosted content and review the application manually to identify client-side codes and entry points.
  • Authorization – Test the application for missing authorization, insecure direct object references and horizontal and vertical access control issues.
  • Encryption – Encrypt the specific data and avoid the use of weak algorithms.
  • Bot Filtering – Mass-scale automated attacks are launched using malicious bots. This bot traffic can be detrimental for the web application and is therefore dealt with Bot Filtering tools.
  • Conducting VAPT– VAPT (Vulnerability and Penetration Testing) is an essential service for organizations in their quest for safer use of IT infrastructure. VAPT is like a self-assessment service that brings the vulnerabilities related to the APIs, technology, platform, etc to the fore, thereby shaping the cyber security policies of the organizations and helping them upgrade their systems. Web application security assessment, therefore, goes a long way in ensuring the smooth functioning of the web application.

Vulnerability Assessment and Penetration Testing(VAPT) Services - BERRY9 IT SERVICES

Apart from this, web application security is also necessary for GDPR compliance. If an application processes personal data of EU residents, then the GDPR requires that organization to follow security “by design and by default” for data protection (Art 25). It is therefore recommended that organizations running web services or web applications put the requisite cyber security measures in place to tackle any kind of attack

Phishing: An Overview

Posted on by Anteelo Master

What is Phishing?

Phishing is a type of social engineering attack where cyber criminals trick users to give away their personal information. These cyber criminals use this attack to steal data like login credentials, financial details, confidential information, and much more.

It is infamous as one of the top cyber attack vectors for distributing malware. Cyber threat actors impersonate legitimate entities to dupe victims into clicking open emails that are used as baits. Victims fall for the bait and are tricked to click on malicious links or email attachments.

The malicious attachments lead to the installation of malware that locks the system and turns into a ransomware attack. Whereas, malicious links redirect victims to a fraud web page that asks for sensitive information, which is further exploited by cyber criminals.

Email cyber attacks: 4 lessons about phishing - OZON Cybersecurity Blog

The History:

The first phishing attempt was conducted back in the 90s. Phishers would conduct attacks by stealing passwords of users. They used algorithms to create randomized credit card numbers. Later, this phishing practice was brought to an end by the AOL (America Online) in 1995.

After this, phishers came up with another common but successful duping set of phishing techniques. They used AOL’s instant messenger and email system. They impersonated AOL employees to send messages to users regarding account verification for billing information.

This technique turned more sophisticated, ultimately leading AOL officials to enforce warnings in their emails and instant messages to their clients. The organization requested them to avoid providing their sensitive information to such phishing messages or emails.

 

What are Phishing Techniques?

The Ultimate Guide To Phishing Techniques: Things You Need To Know About Phishing | PhishProtection.com

Cyber criminals use various types of phishing techniques ranging from highly sophisticated to simple methods. These techniques are highly deceiving and can bypass endpoint security and secure email gateways.

The most common but ever-evolving phishing techniques are:

Pharming

Pharming is a malicious practice of altering IP addresses to redirect targeted users to forged websites. These fake websites target users to submit their sensitive information like login usernames and passwords. The submitted information is later accessed by hackers for a data breach or other malicious use. Today pharming and phishing are serious cyber threats to every organization.

 

Spear Phishing

A formulated professional phishing attack by cyber criminals, Spear phishing is a classic phishing campaign where emails are sent in bulk to targeted individuals. Hackers do in-depth research on their targets before launching a campaign on specific individuals or organizations. The purpose of this is to send legitimate-looking emails to get valuable information out of victims.

Smishing

SMS-phishing or smishing involves cyber scammers sending text messages to targets users while making themselves appear to be from reputable or authentic sources. These text messages contain malicious links that redirect message receivers to phishing landing pages. In some cases, these messages directly urge receivers to reply with sensitive information.

 

Vishing

Vishing is a voice phishing method wherein the scammer, calls users in an attempt to gain their personal information. These phishers use the Voice over Internet Protocol (VoIP) servers to sound like someone from credible organizations.

Vishing is currently one of the most leveraged forms of social engineering attacks in the cyber world. Vishers majorly impersonate banks or government agencies to lure users into giving away their sensitive details over the phone call.

 

Website Counterfeiting

Hackers design and develop forged websites that are look-alikes of legitimate ones. Their malicious purpose behind the website counterfeiting is to divert users from the legitimate website to the forged one.

These hackers defraud victim by obtaining their personal information or by luring them into downloading malware to launch ransomware attacks.

Domain Spoofing

Phishers have evolved their techniques by using highly sophisticated tricks to mislead targeted users. They use spoofed domain names to make the malicious email look as if coming from legitimate sources.

The most infamous examples of such email-based attacks are CEO fraud and Business Email Compromise (BEC) attacks. Phisher sends the victim an email that looks like to be from a higher authority in the organization. It lures the email receiver to wire transfer funds or some confidential information.

 

Ransomware

The most dangerous attack technique wherein the victim is denied access to the system or files unless the ransom is paid to the cyber criminal. In this technique, targeted users are tricked into clicking on a malicious email attachment or link or on a malware-laden pop-up. As soon as any user clicks on one of these, the system gets corrupted by ransomware.

 

How to Prevent Phishing Attacks with Security Awareness?

Phishing Protection Checklist - How To Protect Yourself From Phishing

Today, most of the organizations across the world are either running their businesses remotely or have adopted the new normal of the post-pandemic. However, cyber criminals are taking this as a newfound opportunity to launch phishing campaigns on every industry vertical.

 

Therefore, it is essential to implement cyber security solutions and practice security measures in the organization to mitigate emerging phishing attacks. Here are some of the best practices to follow:

 

  1. Educate employees with the best in class phishing security awareness training. Every employee should be aware of the evolving phishing techniques, ways to recognize them and how to combat them.
  2. CISOs must implement email domain security standards such as DMARC, SPF and DKIM in their organizations. It prevents outbound emails from email domain spoofing and other email-based cyber attacks.
  3. Use an SSL Certificate to secure your website traffic and prevent information from being leaked.
  4. Secure your brand online from website forgery with stringent online brand monitoring. Institute an anti-phishing and fraud monitoring tool to live track fraudulent activities online against the organization’s websites, mobile apps, and domains.
  5. Install all the latest security patches to remove vulnerabilities and mitigate the risk of cyber threats.
  6. Use a VPN to work in a secure network environment and avoid using public networks for any sensitive data transaction.
  7. Do not reuse old passwords and avoid using the same passwords for other accounts.
  8. Beware of pop-ups, unsolicited emails, unsecured websites and never respond to unexpected emails with sensitive information.

India: A witness of massive Cyber Attack

Posted on by Anteelo Master

Cyber Threat Report of 2019: 69% of Firms Face Serious Cyber Attacks in India!

69% Indian firms face serious cyber attack risk: Study

Do you know that India is in has been ranked the second position amongst the countries affected by cyber attacks between 2016-2018? According to a source, there was a 22% rise in cyber attack in India on IoT deployments. India has faced the most number of attacks in the IoT department this year. In fact, India has been consecutively facing cyber attacks, the second time in a row!

In a recent study, it was revealed that out of 15 Indian cities, Mumbai, New Delhi, and Bengaluru have faced the maximum number of cyber attacks. In the Annual Cyber Security Report by CISCO, 53% of cyber attacks caused more than $500K of financial loss to organizations in 2018.

cyber attack – The Siasat Daily

India has faced a rise of 7.9% in data breaches since 2017. Also, the average cost per data breach record is mounting to INR 4,552 ($64). Cyber attacks in India have risen up to such an extent that our country ranks fourth out of the top 10 targeted countries in the world. In a report by India Today, Chennai experienced the highest percentile of cyber attacks with a stat of 48% in the first quarter of 2019.

No survey or warning has brought any change in the cyber security policies of companies across the nation. In spite of witnessing several cyber attacks in India, people are still not aware of lucrative cyber security solutions to prevent their organization from any other attack. Here are some recent series of cyber attacks that massively brought loss to renowned companies in India.

The 2019’s Biggest Cyber Attacks  in India

Cyber criminals have adapted advanced cyber attack techniques for their targeted end-users. Various business sectors and geographical locations have faced recent cyber attacks in India.

Cosmos Bank Cyber Attack in Pune 

Cyber Attack at Cosmos Bank

A recent cyber attack in India in 2018 was deployed on Cosmos Bank in Pune. This daring attack shook the whole banking sector of India when hackers siphoned off Rs. 94.42 crores from Cosmos Cooperative Bank Ltd. in Pune.

Hackers hacked into the bank’s ATM server and took details of many visas and rupee debit cardholders. Money was wiped off while hacker gangs from around 28 countries immediately withdrew the amount as soon as they were informed.

ATM System Hacked 

4 ways to hack an ATM — video | Kaspersky official blog

Around mid-2018, Canara bank ATM servers were targeted in a cyber attack. Almost 20 lakh rupees were wiped off from various bank accounts. A count of 50 victims was estimated and according to the sources, cyber attackers held ATM details of more than 300 users. Hackers used skimming devices to steal information from debit cardholders. Transactions made from stolen details amounted from Rs. 10,000 to Rs. 40,000.

UIDAI Aadhaar Software Hacked

UIDAIs Aadhaar Software Hacked To Generate Unlimited IDs Experts Confirm

2018 started with a massive data breach of personal records of 1.1 Billion Indian Aadhaar cardholders. UIDAI revealed that around 210 Indian Government websites had leaked  Aadhaar details of people online.

Data leaked included Aadhaar, PAN and mobile numbers, bank account numbers, IFSC codes and mostly every personal information of all individual cardholders. If it wasn’t enough shocking, anonymous sellers were selling Aadhaar information of any person for Rs. 500 over Whatsapp. Also, one could get any person’s Aadhaar car printout by paying an extra amount of Rs.300.

Hack Attack on Indian Healthcare Websites 

Hackers Attack Indian Healthcare Website, Steal 68 Lakh Records: Report

Indian-based healthcare websites became a victim of cyber attack recently in 2019. As stated by US-based cyber security firms, hackers broke in and invaded a leading India-based healthcare website. The hacker stole 68 lakh records of patients as well as doctors.

SIM Swap Scam

Scam protection: How to prevent sim swap scam 2019? | Cryptopolitan

Two hackers from Navi Mumbai were arrested for transferring 4 crore rupees from numerous bank accounts in August 2018. They illegally transferred money from the bank accounts of many individuals. By fraudulently gaining SIM card information, both attackers blocked individuals’ SIM cards and with the help of fake document posts, they carried out transactions via online banking. They also tried to hack accounts of various targeted companies.

Aforesaid stats and events of the latest cyber attacks in India are the wake-up call for all those individuals and companies who are still vulnerable to cyber threats. It is very essential for organizations to implement cyber security measures and follow the below-mentioned security guidelines.

Cyber Security Measures for Organizations to Prevent Cyber Attacks

Bird Protect Stock Illustrations – 1,476 Bird Protect Stock Illustrations, Vectors & Clipart - Dreamstime

  1. Educate employees on the emerging cyber attacks with security awareness training.
  2. Keep all software and systems updated from time to time with the latest security patches.
  3. Implement email authentication protocols such as DMARC, DKIM and SPF to secure your email domain from email-based cyber attacks.
  4. Get regular Vulnerability Assessment and Penetration Testing to patch and remove the existing vulnerabilities in the network and web application.
  5. Limit employee access to sensitive data or confidential information and limit their authority to install the software.
  6. Use highly strong passwords for accounts and make sure to update them at long intervals.
  7. Avoid the practice of openly password sharing at work.

Delivering excellence, collaborating across time zones.

Take a look at our global hideouts.​

DMCA.com Protection Status

Contact

contact@anteelo.com

Twitter Instagram Dribbble Linkedin Facebook

India (HQ)

C-2073A, Sushant Lok, Phase-1, Gurgaon,
Haryana 122002

Atlanta, USA

120 West Trinity Place Decatur, GA 30030

London, UK

33 St James’s Square, London
SW1Y 4JS

Dubai, UAE

704, Saheel Tower 1 Al Nahda 1,
Dubai, UAE

Melbourne, Australia

291 -Blackburn Road, Burwood East Vic 3151

Surabaya, Indonesia

Jl. Hang Tuah 14 Sidoarjo Jawa
Timur 61212

India (HQ)

C-2073A, Sushant Lok, Phase-1,
Gurgaon, Haryana 122002

Atlanta

Atlanta, USA – 120 West Trinity Place
Decatur, GA 30030

London

33 St James’s Square,
London SW1Y 4JS

Dubai

UAE – Office # 704, Saheel Tower
1 Al Nahda 1, Dubai, UAE

Australia

Level 33, Australia Square 264
George Street, Sydney, 2000

Indonesia

Jl. Hang Tuah 14 Sidoarjo
Jawa Timur 61212

© 2018-2022 Anteelo Design Private Limited
A Quantum Oakmen Partner Venture

error: Content is protected !!