Perhaps the primary reason why vulnerability scanning is taken for granted is because vulnerabilities are considered to be issues which are fixed through patch management. It is a common misconception that with a patch management strategy, the vulnerabilities found on the network are also being taken care of. This is partially true when considering how a chunk of vulnerabilities are in fact software issues that are fixed by patching, however it is not always the case. Vulnerabilities can be caused by mis-configurations, software that is inherently problematic or even software issues for which the vendor has not yet released a patch.

What can we do about vulnerabilities?

The first step is to see if your system does in fact have any vulnerability and employing an independent QA tester is a good idea. For this you need to use a vulnerability scanner or, although not recommended if your budget is limited, you can run a vulnerability scan manually.

Running a vulnerability scan manually:

It is possible to do a vulnerability assessment without the use of any software, although this will have an intrinsic amount of inaccuracy and will be very time consuming. In order to determine if there are vulnerabilities on your network through a manual vulnerability scan, you should first get a list of applications / services installed on your network. Once the list is available, check each software’s official site to see if there are any issues / insecurities reported by the vendor. Some vendors will also offer guides on how their application should be configured securely. Generally, such guides will also contain information on what configuration options to avoid. This information is very useful and it is definitely a good idea to read them. The next step is to check vulnerability database sites for the latest lists. Sites like the National Vulnerability Database and Bugtraq are a central location for known vulnerabilities – checking these sites regularly in relation to what software is running on your network is highly important.

Running a vulnerability scan using a vulnerability scanner:

A more effective way to do vulnerability scanning is through the use of a vulnerability scanner. These scanners will have a database of vulnerabilities that is automatically updated by the vulnerability scanner vendor whenever a new vulnerability is discovered. An administrator can set up the scanner to automatically scan the network periodically and issue reports when a new vulnerability is detected. It might also offer remediation options or a detailed description of what is causing the vulnerability and what should be done to fix that vulnerability.

Regardless of whether you run a vulnerability scan manually or using a vulnerability scanner, your network should be monitored for vulnerabilities.  Most vulnerabilities will lead to a system compromise of some degree which in turn can result in serious consequences for the business.  Vulnerability scanning is a preventive measure that can potentially save your business’s reputation and assets.

This guest post was provided by Emmanuel Carabott on behalf of GFI Software Ltd. GFI is a leading software developer that provides a single source for network administrators to address their network security, content security and messaging needs. More information: GFI vulnerability scanner

*All product and company names herein may be trademarks of their respective owners.

NTT Security report shows education is a new entry to five most attacked industries, with an increase in coin mining campaigns largely to blame

NTT Security, the specialized security company, has launched its 2019 Global Threat Intelligence Report (GTIR) which reveals finance as the most attacked sector for six of the past seven years, accounting for 17% of all attacks. The technology sector joined finance this year with 17% of the attacks. Education and government are both new entries in the list of global top five industries – rising from 4% to 11% and 5% to 9% respectively – with coin mining campaigns largely to blame for the increased attacks in educational environments.

NTT Security summarizes data from trillions of logs and billions of attacks for the 2019 GTIR, which analyzes threat trends based on log, event, attack, incident and vulnerability data from NTT Group operating companies. In the new report, NTT Security continues its analysis of attacks against 18 industry sectors and shares its observations of the challenges faced by organizations globally.

The GTIR also reveals how coin mining is leading the evolution of malware and how cyber attackers are increasingly adapting their attack patterns and intrusion sets to include coin mining in their toolkits. Illicit coin mining accounted for a significant amount of activity during the past year, with the technology and education sectors making up over 86% of all coin mining detections. The most active coin miners detected were XMRig (62%) – commonly used by Rocke, 8220 Mining Group and Tor2Mine – followed by CoinHive (24%) and Coin Miner (13%).

In the GTIR, credential theft and web-application attacks were found to be among the most prevalent activities during the past year. The most common technical attack used to commit credential theft was phishing (67%) with attackers targeting credentials for Microsoft (45%), Google (27%), PayPal (15%) and DocuSign (10%) in an attempt to gather usernames and passwords.

Globally, organizations experienced an average of 32% of all attacks as web attacks, a number which has crept up slightly from 29% in 2017. Finance became the most targeted industry, accounting for 46% of web attacks, reinforcing its vulnerability to these types of cyberattacks.

John South of the Threat Intelligence Communication Team, Global Threat intelligence Center at NTT Security, says: 
“Finance is yet again on the top spot when it comes to targeted attacks, which surely is enough evidence to convince the board that cybersecurity is a must-have investment. Many financial organizations are moving forward with digital transformation but without prioritizing security as a core business requirement. While legacy methods and tools are still effective at providing a solid foundation for mitigation, new attack methods are continually being developed by malicious actors. Security leaders should ensure basic controls remain a primary focus but they must also embrace innovative solutions if they provide a good fit and true value.”

Mr. Fumitaka Takeuchi, Security Evangelist, Vice President, Managed Security Service Taskforce, Corporate Planning at NTT Communications, says: 
“Many organizations are caught up in simply buying solutions to problems that either don‘t really exist, or a solution which costs more than the potential loss being prevented. Our advice for organizations, regardless of the industry they operate in, is to leverage existing relationships with trusted experts and to keep an eye on professional and managed service maturity in the cybersecurity space. First and foremost, it is essential to know where the real risks lie and then develop solutions accordingly.”

Matthew Gyde, Group Executive – Cybersecurity at Dimension Data, says: 
“This year’s GTIR clearly demonstrates that cybersecurity attacks are constantly evolving. While attack volumes don’t always increase, new threats are certainly being introduced. In fact, 2018 set a record for the number of new vulnerabilities identified and reported in a single year. NTT Group has spent the last 15 years working with our clients to help them defend against the evolving threat landscape which is increasingly complex. Understanding the threat environment helps our clients predict and mitigate potential threats in the digital world.”

“The threat report indicates the variety of attacks is not as broad as it would seem, while the United States and China are also often identified as the most common attack sources,” said Mike Barch, VP of Security Services, NTT DATA Services. “As frequently attacked industries, such as health care and financial services, safeguard their businesses from sophisticated cybercriminals, leaders must ensure a completely secure infrastructure, from endpoint to core, that allows them to focus on daily operations.”

Summary of other key global findings: 

• Finance is one of just two industries (alongside the technology sector) to appear in the top five in every geographic region (Americas, Asia-Pacific and EMEA as well as globally)
• Like finance, the technology industry accounts for 17% of all attacks (albeit both of which saw a drop from 26% and 19% last year respectively). It is followed by business and professional services (12%), education (11%) and government (9%)
• The technology sector accounted for 46% of all coin mining detections followed by education (40%), health care (9%), business and professional services (2%), and finance (1%) sectors to round out the top five industries impacted
• Coin mining ran on systems in which the malicious application was using as a host (75%), as opposed to JavaScript (web-based) coin mining (25%). Education was the most observed sector for coin mining malware, at 52%, followed by technology (46%)
• 73% of all hostile activity falls into four categories: web attacks, reconnaissance, service-specific attacks, and brute-force attacks – up from 52% the previous year
• Application-specific and web-application attacks doubled over the past year. Attacks targeting bash, Apache Struts and Samba accounted for 54% of all hostile activity
• Web attacks accounted for 32% of all hostile traffic – rising to over 53% of hostile activity against the most attacked industries in EMEA
• 35% of all attacks originated from IP addresses within the United States and China. The remaining attack sources varied across regions, with EMEA and APAC each showing a significant amount of attacks from within their own region.

To learn more about the how this year’s GTIR offers organizations a robust framework to address today’s cyber threat landscape, follow the link to download the NTT Security 2019 GTIR: www.nttsecurity.com/2019gtir

NTT Security summarizes data from trillions of logs and billions of attacks for the 2019 GTIR. NTT Security gathers security log, alert, event and attack information, enriches it to provide context, and analyzes the contextualized data. This process enables real-time global threat intelligence and alerting. The size and diversity of our client base, with over 10,000 security clients on six continents, provides NTT Security with security information which is representative of the threats encountered by most organizations.

The data is derived from worldwide log events identifying attacks based on types or quantities of events. The use of validated attack events, as opposed to the raw volume of log data or network traffic, more accurately represents actual attack counts. Without proper categorization of attack events, the disproportionately large volume of network reconnaissance traffic, false positives, authorized security scanning and large floods of DDoS monitored by Security Operations Centers (SOCs), would obscure the actual incidence of attacks.

The inclusion of data from the 10 SOCs and seven research and development centers of NTT Security provides a highly accurate representation of the ever-evolving global threat landscape.

Source: NTT Security

Today, we’re giving you 8 handy tips along with answers to some most asked questions related to this issue. 

8 Quick Tips for Online Gaming Security

1. Always choose a username that does not resemble your actual name. Make sure that you reveal the least amount of your personal information to other players while playing online.

2. The importance of using strong passwords for your online accounts cannot be stressed anymore. Everyone is aware of how important your username and passwords are. So make sure it is strong and do not share it with anyone else.

3. When you are done playing online games, make sure that you log out of the website before you close the browser. Many of us tend to simply close the browser when we are done with our task. But this can prove risky as you still seem active for the online game and some hacker can exploit this vulnerability.

4. When you gamble online, you tend to win and lose, and the amount is credited or debited from your account accordingly. So go through your bank statement carefully and see if the transactions are correct and that no fraud has taken place.

5. Before you go online for your gambling session, make sure that you have a good antivirus, and it is fully updated and the firewall is running.

6. If you get emails from companies which you don’t recognize, DO NOT REPLY!

7. When you are gambling, keeping a constant check on your spending should be your number 1 habit.

8. The Basics of Random Number Generators (RNGs): Gambling works on numbers. Online casino’s use “Random Number Generators” (RNGs) tool to create a truly random number. You have absolutely no way to identify if the number generated in the game at the casino is fair or not. Online casino’s use virtual slot reels and decks of cards. Therefore, the RNG is the only tool which can ensure that the spin of the slot or the deal of the card is truly based on chance and is not rigged by any outside force.

A reputable online casino will always provide complete information about their RNG to the users. They will also employ third-party independent companies to regularly test and verify their RNG. The results of these verifications should be easily available on the casino’s website.

Be Aware of Fairness in Online Gaming, Here are some most asked questions…

What is eCOGRA?

e-Commerce and Online Gaming Regulation and Assurance, shortly known as eCOGRA, is an organization that audits and monitors online gambling operators globally. This organization is recognized globally by all reputed online casino’s worldwide.

The casinos certified by eCOGRA will display the eCOGRA seal on their website. You can click on this seal to know more about the particular aspects of the casino’s operation that were audited or tested by eCOGRA. This seal is a sign of trust for the users.

What is TST?

Technical Systems Testing (TST) is a globally recognized organization for testing and compliance of casinos and other online gaming companies. This organization provides various auditing services to secure online gaming companies and casinos.

What is the Payout Percentage?

The average rate of return for a given game is called as a payout percentage. Example: If a slot machine has a return rate of 90%, then this means that in aggregate, if $1.00 is wagered, then $0.90 will be returned to the players in winnings

Why do Payout Percentages vary across games?

There are a lot of reasons for this. Not each game has the same structure. Due to the different structure of the games, the payout is different. You may see that games with big-ticket jackpots will give you a worse payout percentage overall. Some casino’s, to promote themselves, will offer a higher payout percentage. And some games can offer better odds than other games.

2017 Cyber Monday and Black Friday Broke Record in Spending

Black Friday is generally perceived as one of the top spending days for retailers across the globe – and much of that money is spent on online purchases. In 2017 alone, online shopping reached $5.03 billion, which marked an almost 17% rise from the $4.3 billion spent the year before that. Smartphones contributed a large chunk of that figure, as it was estimated that 54% of visits and 37% of spending were carried out through mobile devices – with smartphones up by over 16% and tablets up by 13% in conversion rates from the year before. These figures were boosted by the following Cyber Monday, which set a record of $6.59 billion in online retail sales, up by 16.8% from the $5.46 billion spent in 2016.

You will find more infographics at Statista

Web Security Key to Boosting Sales

Shoppers are eager to take advantage of sales season, especially on a day that advertises a blink-and-you’ll-miss-it approach to unmatched discounts, but that does not mean that they are not looking for opportunities to spend all year long. The general trend is clear: in-store traffic keeps declining, as consumers are drawn to the convenience of online shopping. Easier browsing from your couch, comparing items and prices in a matter of seconds, and delivery straight to your door are among the advantages that online shoppers enjoy. By appealing to a wider consumer base, online retailers can enjoy Black Friday figures all year long – and it seems that apart from referring to an Internet Marketing agency there is onemore way to do that – by offering a secure online shopping experience.A recent study suggests that web security, which includes safeguards such as a WAF to protect against web application attacks, two-factor authentication to prevent unauthorized access, and protection from advanced persistent threats, are crucial for businesses looking to convert more consumers.

                                                                  Source: Pexels

67% of Consumers Value Safety When Shopping Online

This survey reveals that almost 85% of all shoppers buy at least some of the products they need online, with roughly 45% stating that more than 50% of their purchases are made online. According to the same source, most of those who shop online are worried about the cybersecurity of the websites they make their purchases on. 43.6% of respondents worry that their credit card information might be hacked and 34% have stated that they are afraid their credit card details might be stolen through a malware attack, and only 33.1% store their payment details on the websites they buy from. Yet, 67% stated that they would prefer buying online from a website that they know had security measures in place.

In the age of ransomware and bots, it is only natural that consumers are beginning to take note of cybersecurity measures when shopping online – the real question is, are online retailers doing everything they can?