Cyber Security - Tech Like This https://techlikethis.com Technology News Daily Sat, 05 Aug 2023 08:20:31 +0000 en-US hourly 1 https://wordpress.org/?v=6.4.3 215328379 Top Technology Inventions or Innovations of 2022 for Cybersecurity Technologies https://techlikethis.com/2023/08/01/top-technology-inventions-or-innovations-of-2022-for-cybersecurity-technologies/?utm_source=rss&utm_medium=rss&utm_campaign=top-technology-inventions-or-innovations-of-2022-for-cybersecurity-technologies Tue, 01 Aug 2023 10:15:18 +0000 https://techlikethis.com/?p=3543 Here are some of the top technology inventions and innovations for cybersecurity in 2022: • Multi-factor authentication became more widespread, with the use of biometrics, one-time passwords and other second factors in addition to passwords. This has helped increase security for many accounts and services. • Zero-trust security models continued to gain traction as a […]

The post Top Technology Inventions or Innovations of 2022 for Cybersecurity Technologies first appeared on Tech Like This.

]]>
Here are some of the top technology inventions and innovations for cybersecurity in 2022:

• Multi-factor authentication became more widespread, with the use of biometrics, one-time passwords and other second factors in addition to passwords. This has helped increase security for many accounts and services.

• Zero-trust security models continued to gain traction as a more effective approach compared to traditional perimeter-based defenses. The zero-trust principles focus on verifying any request or transaction before granting access.

• Blockchain technology was increasingly applied for purposes beyond cryptocurrency, including for supply chain security, identity management and device attestation. The promise of blockchain for security remains an area of active innovation.

• Artificial intelligence and machine learning were further leveraged to detect threats through techniques like anomaly detection, pattern recognition and natural language processing of threats. However, challenges remain around AI bias and explainability.

• Cybersecurity mesh architectures emerged to monitor and defend all points of access for devices, working around the limitations of traditional network perimeter defenses. A mesh combines multiple security controls.

• Quantum-safe cryptography continued to advance as a potential solution to future-proof networks against the threat of quantum computers breaking current encryption. However, a large-scale transition to quantum-safe crypto has yet to occur.

• Cybersecurity for the Internet of Things and operational technology expanded to address the growing attack surface from billions of interconnected devices and systems. Security by design is critical for IoT.

These represent some of the main areas of innovation for cybersecurity defense in 2022. The core themes were wider adoption of security best practices like zero trust and multi-factor authentication, as well as emerging technologies like blockchain, AI and quantum-safe crypto that offer promising new approaches to common problems.

The post Top Technology Inventions or Innovations of 2022 for Cybersecurity Technologies first appeared on Tech Like This.

]]>
3543
10 Best VPN Providers of 2022 https://techlikethis.com/2022/10/28/10-best-vpn-providers-of-2022/?utm_source=rss&utm_medium=rss&utm_campaign=10-best-vpn-providers-of-2022 Fri, 28 Oct 2022 11:30:34 +0000 https://techlikethis.com/?p=2001 A virtual private network (VPN) provides an extra layer of privacy, enables you to access foreign websites, and can even provide secure connections for transferring sensitive business information. While they are typically used by individuals, VPNs also offer businesses the ability to manage multiple user accounts, block certain types of content and keep your data […]

The post 10 Best VPN Providers of 2022 first appeared on Tech Like This.

]]>

A virtual private network (VPN) provides an extra layer of privacy, enables you to access foreign websites, and can even provide secure connections for transferring sensitive business information. While they are typically used by individuals, VPNs also offer businesses the ability to manage multiple user accounts, block certain types of content and keep your data safe from prying eyes.

With more people traveling and using public Wi-Fi hotspots, they’re increasingly susceptible to security threats. One way to protect your data is to use a virtual private network, or VPN, to veil your data from unscrupulous hackers and prying eyes. These networks encrypt your traffic so no one can see your activity.

Not all VPNs are created equal, and some can be quite costly. That’s why Forbes Advisor has compiled a list of the nine best cheap VPNs. We’ve analyzed the key features you should consider in order to choose the best VPN service for your needs. Here are our top picks in 2022.

Show Summary

The Best Cheap VPNs of 2022


Best for Plug-and-Play Solutions

CyberGhost

Rating: 4.6

One-Year Plan Price

$51.48

Money-Back Guarantee

45 days

Server locations

Located in 91 countries

Best for Tech-Savvy Users

Private Internet Access

Rating: 4.5

$39.95

Money-Back Guarantee

30 days

Server locations

Located in 84 countries

Best for Beginners

Surfshark

4.4

One-Year Plan Price

$47.88 (renews at $59.76)

Money-Back Guarantee

30 days

Server locations

65 countries

Best for International Travelers

TorGuard

4.2

One-Year Plan Price

$59.99 (or $9.99 per month)

Money-Back Guarantee

7 days

Server locations

More than 3,000

Best for Streaming

Hotspot Shield

4.0

One-Year Plan Price

$95.99, plus free option available

Money-Back Guarantee

45 days

Server locations

More than 80 countries

Hotspot Shield

Learn More

Read Forbes’ Review
Why We Picked It
Pros & Cons

Best for Security

VyprVPN

4.0

One-Year Plan Price

$100

Money-Back Guarantee

30 days

Server locations

More than 70

VyprVPN

Learn More

On VyprVPN’s Website
Why We Picked It
Pros & Cons

Best for Unlimited Connections

IPVanish

3.7

One-Year Plan Price

$39.99

(renews at $89.99)

Money-Back Guarantee

30 days

Server locations

More than 2,000

IPVanish

Learn More

On IPVanish’s Website
Why We Picked It
Pros & Cons

Best for Remote Workers

Bitdefender Premium VPN

3.1

One-Year Plan Price

$29.99

(renews at $49.99)

Money-Back Guarantee

30 days

Server locations

More than 4,000

Bitdefender Premium VPN
Why We Picked It
Pros & Cons

Best Free VPN

Windscribe

3.1

One-Year Plan Price

Free; or $69 per year

(for premium plan)

Money-Back Guarantee

3 days

Server locations

More than 63 countries

Windscribe

Our Advisor Ratings

Company Forbes Advisor Rating One-Year Plan Price Money-Back Guarantee Server locations LEARN MORE
cyberghost_logo_512 CyberGhost 4.6
4.5-removebg-preview
$51.48 45 days Located in 91 countries Learn More

On CyberGhost’s Website

private_internet_access_logo_Horizontal Private Internet Access 4.5
4.5-removebg-preview
$39.95 30 days Located in 84 countries Learn More

On Private Internet Access’ Website

Surfshark-1-removebg-preview Surfshark 4.4
4.5-removebg-preview-1
$47.88 (renews at $59.76) 30 days 65 countries Learn More

On Surfshark’s Website

torguard-vpn_w45w TorGuard 4.2
4-removebg-preview-2 (1)
$59.99 (or $9.99 per month) 7 days More than 3,000 Learn More

On TorGuard’s Website

Hotspot Shield Hotspot Shield 4.0
4-removebg-preview-2 (1)
$95.99, plus free option available 45 days More than 80 countries Learn More

Read Forbes’ Review

vypr_1200x630-1 VyprVPN 4.0
4-removebg-preview-2 (1)
$100 30 days More than 70 Learn More

On VyprVPN’s Website

IPVanish IPVanish 3.7
3.5-removebg-preview
$39.99 (renews at $89.99) 30 days More than 2,000 Learn More

On IPVanish’s Website

bitdefender-removebg-preview Bitdefender Premium VPN 3.1
3-removebg-preview
$29.99 (renews at $69.99) 30 days More than 4,000 View More

windscribe Windscribe 3.1
3-removebg-preview
Free; or $69 per year (for premium plan) 3 days More than 63 countries Learn More

Read Forbes’ Review


Methodology

To find the best cheap VPNs, we first looked at 17 different providers across 35 data points to narrow it down to the top five options. Each provider can score up to 55 points based on the following criteria:

  • Price: We looked at the price of each provider’s one-year plan.
  • Free Trial: While rare for VPN services, we noted which provider offers a free trial.
  • Money-Back Guarantee: If the provider offers a money-back guarantee, how long is it?
  • Server Locations: We looked at the number of server locations each provider offers.
  • Number of Devices: How many devices can you use with one subscription?
  • Encryption: What type of encryption does the provider use?
  • No-Logs Policy: Does the provider have a no-logs policy?
  • Kill Switch: A kill switch is a must-have security feature for any VPN. It prevents your traffic from being exposed if your connection drops.
  • Malware Protection: Does the provider offer malware protection?
  • Customer Support: How can you contact support, and what are its hours?

We then weighted each criterion based on how important it is to a cheap VPN. For example, price is more important than customer support because you’re looking for a cheap VPN, not the best customer support. After scoring each provider, we ranked the scores to get our final rankings.


What Makes a Good, Cheap VPN?

When looking for a cheap VPN, there are a few things to keep in mind. First, you’ll want to make sure the provider has a no-logs policy. This means it won’t store or track your data, which is important for privacy.

You’ll also want to make sure the provider has a kill switch. This is a security feature that prevents your traffic from being exposed if your connection drops.

Finally, you’ll want to make sure the provider offers malware protection. This is important because VPNs are a popular target for malware and hackers.


What Does a VPN Do?

A VPN, or virtual private network, is a tool that allows you to change your IP address and encrypt your traffic. This makes it difficult for your ISP or government to track and block your traffic.

VPNs are also a great way to unblock websites and streaming services that are blocked in your country. They can also improve your online security and privacy.


How Does a Cheap VPN Affect Your Speed?

One thing to keep in mind when looking for a cheap VPN is that you may experience some speed loss. This is because the encryption process used by VPNs slows down your traffic. However, the loss is usually minimal and won’t affect most activities, such as browsing the internet or streaming video.


Frequently Asked Questions (FAQs)

What is the best VPN?

There is no one-size-fits-all answer to this question. The best VPN for you depends on your needs and budget. However, after a thorough analysis of the best cheap VPNs available, we determined CyberGhost is the best option across many data points. It scored 4.6 out of 5 stars in our review.

Is a cheap VPN worth it?

A cheap VPN is a great option for those on a budget. However, you may experience some speed loss when using a cheap VPN. Additionally, cheap VPNs may not have all the features that more expensive options have. But, overall, a cheap VPN is a great option if you’re looking to improve your online security and privacy on a budget.

Are cheap VPNs secure?

No matter the price of your VPN, there are many with encryption as strict as what the U.S. military uses, which is AES-256 encryption. Go with any of the providers on our list and you’ll have secure encryption.

Can I use a VPN for streaming services?

One of the most popular use cases for VPNs is accessing streaming content in other territories. If a VPN offers service locations in a given country, there’s a good chance that you can access geo-restricted content. However, some streaming services do have anti-VPN measures in place, so your mileage may vary.

Can I host my own VPN?

Technically, you can set up and host your own VPN on your home computer. It’s not the best idea to do so though, because you’ll miss out on the main reasons to use a VPN. Connecting to a third-party VPN can change your location, which lets you access otherwise blocked content, and you won’t be masking your location with a VPN. Plus, a VPN requires a bit of bandwidth, which you likely don’t have with your home internet connection.

The post 10 Best VPN Providers of 2022 first appeared on Tech Like This.

]]>
2001
VERT Threat Alert: Patch Tuesday Analysis October 20,22 https://techlikethis.com/2022/10/11/vert-threat-alert-patch-tuesday-analysis-october-2022/?utm_source=rss&utm_medium=rss&utm_campaign=vert-threat-alert-patch-tuesday-analysis-october-2022 Tue, 11 Oct 2022 20:55:58 +0000 https://techlikethis.com/2022/10/11/vert-threat-alert-october-2022-patch-tuesday-analysis/ Tag CVE Count CVEs windows Workstation Service 1 CVE-2022-38034 Microsoft Office Word 2 CVE-2022-38049, CVE-2022-41031 windows USB Serial Driver 1 CVE-2022-38030 windows Mobile Device Enumerator Services 1 CVE-2022-38032 windows Group policy 1 CVE-2022-37975 windows LSM: Local Session Coordinator 2 CVE-2022-37998, CVE-2022-37973 windows Distributed File System 1 CVE-2022-38025 windows Protocol for Internet Key Exchange (IKE). 1 […]

The post VERT Threat Alert: Patch Tuesday Analysis October 20,22 first appeared on Tech Like This.

]]>

Tag CVE Count CVEs windows Workstation Service 1 CVE-2022-38034 Microsoft Office Word 2 CVE-2022-38049, CVE-2022-41031 windows USB Serial Driver 1 CVE-2022-38030 windows Mobile Device Enumerator Services 1 CVE-2022-38032 windows Group policy 1 CVE-2022-37975 windows LSM: Local Session Coordinator 2 CVE-2022-37998, CVE-2022-37973 windows Distributed File System 1 CVE-2022-38025 windows Protocol for Internet Key Exchange (IKE). 1 CVE-2022-38036 Active Directory Domain Services 1 CVE-2022-38042 Microsoft Office SharePoint 4 CVE-2022-41036, CVE-2022-41037, CVE-2022-38053, CVE-2022-41038 Remote Access Service Point-to-Point Tunneling Protocol 1 CVE-2022-37965 windows Manage your web account 1 CVE-2022-38046 Visual Studio Code 3 CVE-2022-41034, CVE-2022-41083, CVE-2022-41042 windows Perception Simulation Service 1 CVE-2022-37974 windows Secure Channel 1 CVE-2022-38041 windows Telemetry and connected user experiences 1 CVE-2022-38021 windows Security Support Provider Interface 1 CVE-2022-38043 Microsoft Graphics Component 5 CVE-2022-33635, CVE-2022-37986, CVE-2022-38051, CVE-2022-37985, CVE-2022-37997 windows Kernel 8 CVE-2022-38022, CVE-2022-37988, CVE-2022-38037, CVE-2022-38038, CVE-2022-37990, CVE-2022-38039, CVE-2022-37991, CVE-2022-37995 windows DWM Core Library 2 CVE-2022-37970, CVE-2022-37983 windows Subsystem Service for Local Security Authorities (LSASS). 1 CVE-2022-37977 windows Point-to-Point Tunneling Protocol 7 CVE-2022-30198, CVE-2022-22035, CVE-2022-24504, CVE-2022-33634, CVE-2022-38047, CVE-2022-38000, CVE-2022-41081 Microsoft Office 3 CVE-2022-38048, CVE-2022-38001, CVE-2022-41043 windows Driver ODBC 1 CVE-2022-38040 Client NuGet 1 CVE-2022-41032 Client Server Run-time System (CSRSS). 2 CVE-2022-37987, CVE-2022-37989 windows Defender 1 CVE-2022-37971 windows NTLM 1 CVE-2022-35770 windows CryptoAPI 1 CVE-2022-34689 windows Local Security Authority (LSA). 1 CVE-2022-38016 windows Client Preference Group Policy 3 CVE-2022-37999, CVE-2022-37993, CVE-2022-37994 windows Event Logging Service 1 CVE-2022-37981 Microsoft WDAC OLE DB provider for SQL 2 CVE-2022-37982, CVE-2022-38031 windows Active Directory Certificate Services 2 CVE-2022-37976, CVE-2022-37978 Service Fabric 1 CVE-2022-35829 windows Win32K 1 CVE-2022-38050 Azure 1 CVE-2022-38017 windows TCP/IP 1 CVE-2022-33645 windows Resilient File System – ReFS 1 CVE-2022-38003 windows Remotely accessible Registry Keys for Servers 1 CVE-2022-38033 windows Service COM+ Event System 1 CVE-2022-41033 windows Server service 1 CVE-2022-38045 windows Print Spooler Parts 1 CVE-2022-38028 Role: windows Hyper-V 1 CVE-2022-37979 windows Storage 1 CVE-2022-38027 windows WLAN Service 1 CVE-2022-37984 Microsoft Edge (Chromium-based). 12 CVE-2022-3304, CVE-2022-3307, CVE-2022-3308, CVE-2022-3310, CVE-2022-3311, CVE-2022-3313, CVE-2022-3315, CVE-2022-3316, CVE-2022-3317, CVE-2022-3370, CVE-2022-3373, CVE-2022-41035 Azure Arc 1 CVE-2022-37968 windows ALPC 1 CVE-2022-38029 windows DHCP Client 2 CVE-2022-38026, CVE-2022-37980 windows Driver CD-ROM 1 CVE-2022-38044 windows NTFS 1 CVE-2022-37996

The post VERT Threat Alert: Patch Tuesday Analysis October 20,22 first appeared on Tech Like This.

]]>
1036
Cybersecurity in Poland https://techlikethis.com/2022/10/07/cybersecurity-in-poland/?utm_source=rss&utm_medium=rss&utm_campaign=cybersecurity-in-poland Fri, 07 Oct 2022 03:01:00 +0000 https://techlikethis.com/2022/10/06/the-state-of-security-poland-the-state-of-security/ Poland is preparing for the August 2023 Presidential Elections in a highly volatile geopolitical climate. The war in Ukraine has caused more than 3 million people to flee Ukraine. The new energy crisis has caused a rise in fuel costs and price inflation that is placing local economies at great risk. The future of Poland […]

The post Cybersecurity in Poland first appeared on Tech Like This.

]]>

Poland is preparing for the August 2023 Presidential Elections in a highly volatile geopolitical climate. The war in Ukraine has caused more than 3 million people to flee Ukraine. The new energy crisis has caused a rise in fuel costs and price inflation that is placing local economies at great risk. The future of Poland is being shaped by cyber threats.

Cyjax, a software company specializing in a specific field of work is Cyjax. thorough report This report offers insight and an evaluation of Poland’s cyber posture ahead the 2023 election. “With the importance of Poland strategically, as a developed market, and tactically through its economic and geographic position within the EU, we felt it was vital to provide people employed in and travelling to the country a holistic understanding of the risks posed by Cybercriminals towards them,” Chris SpinksCyjax Head, Operations. Following a thorough analysis of all the risk factors, the Cyjax team assesses that “the cyber risk to the Polish elections and to staff working in the country is Medium.”

Background Information

The Polish National Cyber Security Strategy (2019-2024) aims at “Increasing the level of resilience to cyber threats and protection of information in the public, military and private sectors, as well as promoting knowledge and good practices to enable the citizens to better protect information.” The Strategy details four objectives, namely:

  1. A national cybersecurity system is being developed.
  2. Enhancing resilience in both public and private sector information systems, and improving ability to respond to and prevent emergencies.
  3. A national capacity to enhance its cybersecurity capabilities.
  4. Poland’s Republic should have the ability to establish an international presence within cybersecurity.

Poland is also a signatory to the Cybercrime Convention of Council of Europe. However, the government is cognizant that additional investment is required to enhance the nation’s cybersecurity capabilities, and that new legislation will be necessary to assure the successful execution of any new measures.

Cyberattacks against computers and other devices are on the rise.

A 2022 survey called “Cyber Security Barometer,” carried out by the global consultancy KPMG, found that since 2021, 29% of Poland’s businesses have been the subject of at least one cyber-attack. This is 5 percent more cyber-attacks than in 2020.

Cyberattacks increased in Poland by 5% but overall have remained below the global average of 8.8%,” notes Jovana Macakanja, Intelligence Analyst at Cyjax.

Numerous cyber-events that have been reported from Poland contain malware attacks, such as rootkits, viruses, trojans, and viruses. Ransomware is being used by hackers to launch malicious/phishing attacks on an increasing frequency.

This country is home to the majority of internet-hostile activities, including spamming and hate speech. The biggest threat facing Poland in 2020 is online abuse. Internet abuse can also result in illegal or hazardous information. This is not an emerging threat. However, there are concerns about illegal or harmful information.

Ukrainians were grateful for the support of Poland. reported in May 2022 DDoS attacks on domestic institutions have been increasing. These DDoS attacks can hinder the access of websites offering services. Russian hackers have admitted to being responsible for these attacks. However, it is not clear that they have had an impact on the Polish institutions.

Since the beginning of 2022, cyber-related incidents directly affected Poland. They were unrelated to the Ukrainian conflict.

  • The state-sponsored North Korean threat group was formed on July 20, 2022. APT37 launched a fresh effort to disseminate the Konni RAT Targeted were high-value organizations in Poland and Czech Republic, along with other countries. Phishing mails were used to send malware in this instance.
  • Cloudflare repelled a record-setting DDoS attack in June 2022 It was aimed at the media, internet and banking sectors in Poland and Russia.
  • Researchers found that the virus had a second version in May 2022. ERMAC Android banking trojanERMAC2.0 was a Polish-specific attack that targeted Polish users. It was most often detected on fraudulent sites posing as prominent food delivery websites and fake browser upgrades.
  • It BRATA Android malware The website was updated with new features in February 2022. To increase awareness, we targeted online banking customers in Latin America and Poland.

It is possible that more terrorist acts will be committed as the 2023 elections approach. This could include both foreign and domestic actors working to alter the results.” comments Jovana Macakanja. “By following cybersecurity best practices you can reduce the risk to individuals’ lives, including using VPNs and not connecting to public WiFi networks.

Important concern is the state surveillance of citizens

It is extremely concerning to see spyware software being used in monitoring state activities. While the government recognizes these risks, they cannot ignore them. initially rejected the accusations of using the spyware Pegasus in 2019Later on, the spokesperson admitted The government was accused of purchasing the software. Following the allegations, The Citizen Lab Two well-known members of the opposition had their phones infected with spyware repeatedly, it was found.

This, and other illegal practices are also prohibited by the governmental control of many Polish newspapers and TV stations In the context of the upcoming elections, these areas will be of concern. Similar instances of spyware being exposed in EU countries like Spain Greece, indicate that this is a threat to the very essence of democracy – the freedom of expression and the protection of human rights and dignity.


Editor’s Note: Tripwire, Inc. cannot be held responsible for guest author’s opinions.

The post Cybersecurity in Poland first appeared on Tech Like This.

]]>
630
Pico to Human Interface Device (HID) https://techlikethis.com/2022/10/06/pico-to-human-interface-device-hid/?utm_source=rss&utm_medium=rss&utm_campaign=pico-to-human-interface-device-hid Thu, 06 Oct 2022 15:15:00 +0000 https://techlikethis.com/2022/10/06/turning-a-pico-into-a-human-interface-device-hid-the-state-of-security/ I just walked out of room 716 at SecTor here in Toronto, where I shared details on my Raspberry Pi Pico project. I’m happy that I was finally able to share this and even happier to announce that the GitHub repo This code is now accessible to everyone. I won’t walk you through the code, but you […]

The post Pico to Human Interface Device (HID) first appeared on Tech Like This.

]]>

I just walked out of room 716 at SecTor here in Toronto, where I shared details on my Raspberry Pi Pico project. I’m happy that I was finally able to share this and even happier to announce that the GitHub repo This code is now accessible to everyone. I won’t walk you through the code, but you can reach out to me Ask questions.  

Repo stores all data. As I mentioned in the announcement for my SecTor session, I looked at turning a Pico (or any device running an RP2040) into a Human Interface Device (HID). I started out creating a Stream Deck and had such a great time building that and turning it into a tool to teach Python to teens, that I decided to dig deeper into the functionality of the Pico’s HID functionality. SecTor 2021 was a demonstration of Picos which emulate keyboards, issue commands rapidly and display them on the screen. Over the past year, I’ve extended that and created example code.  

While BadUSB attacks are not new, I’m hoping that this makes them more accessible and opens the door for further education about how these attacks are performed and the damage they can do. To give security awareness training to employees, you can conceal these devices with USB-compatible gadgets. While they can service malicious individuals, there’s a lot of harmless fun that can be had demonstrating the dangers of these devices to non-technical individuals.  

Within the GitHub repo, you’ll find the keycode library (one already exists within CircuitPython, but I wasn’t happy with the approach it used), a template for the BadUSB attack, sample code, and plenty of example payloads. These tools are useful for both security awareness training and remote system administrators, who may need to send configurations out to non-networked systems. Anything you can do with a keyboard; you can do with a Pico using this code and that provides extensive flexibility and functionality.  

If you explore the repo or use the code, I’d love to hear how you are using it and what you think of the code. I’m sure there are plenty of improvements that could be made and I’m happy to hear your suggestions. Enjoy! 



The post Pico to Human Interface Device (HID) first appeared on Tech Like This.

]]>
628
Respecting Egypt’s Financial Cybersecurity Framework https://techlikethis.com/2022/10/05/respecting-egypts-financial-cybersecurity-framework/?utm_source=rss&utm_medium=rss&utm_campaign=respecting-egypts-financial-cybersecurity-framework Wed, 05 Oct 2022 10:57:13 +0000 https://techlikethis.com/2022/10/05/complying-with-the-egypt-financial-cybersecurity-framework/ Which security system would best suit your company?  This is the most frequently asked question by cybersecurity professionals.  It is not always an easy answer. This is in line with explanations regarding the fact there are many solutions and their advantages and disadvantages.  Cybersecurity professionals find it difficult to believe one solution will work for […]

The post Respecting Egypt’s Financial Cybersecurity Framework first appeared on Tech Like This.

]]>

Which security system would best suit your company?  This is the most frequently asked question by cybersecurity professionals.  It is not always an easy answer. This is in line with explanations regarding the fact there are many solutions and their advantages and disadvantages.  Cybersecurity professionals find it difficult to believe one solution will work for them. It is essential that they learn all the frameworks and decide which ones are most applicable to them.  Confirmation bias is often a problem. The C-Suite is then convinced by the one they choose.

A huge thanks to all the hard work of Central Bank of Egypt (CBE)This makes it much simpler to accomplish a lot.  The Egypt Financial Cybersecurity Framework combines many of the most well-respected frameworks and makes them available in one place.  CBE gathered the best practices and produced a document for the financial industry. CBE identified potential areas to tailor a cybersecurity structure to Egyptian needs.

CBE Framework graphics give a snapshot of all highlights. These controls can be linked to five functions.  This document also includes definitions of roles, responsibilities and team memberships. 

This framework provides the base for building cybersecurity capabilities within this vital sector. CBE is now launching a larger-scale initiative in order to create a resilient and secure cybersecurity infrastructure for the financial sector.  The framework includes security controls as the first level of compliance. Baselining and hardening involve completing prudent and specific tasks to reduce an organization’s attack surface.

CBE Framework has no impact on existing controls implementation methods.  The framework can also be implemented using existing tools.

Tripwire Enterprise Policy Manager proactively hardens systems by assessing configurations against internal and external security standards, benchmarks and industry regulations and continuously assesses changes against security, policy and compliance requirements for “good” vs. “bad” change and “policy drift”.

Tripwire Enterprise Policy Manager provides the largest range of policies and platforms in the sector. It includes all CBE Framework frameworks.

Tripwire Enterprise maps perfectly to the CBE Framework’s requirements and controls.

Identity and Access Management

Identity and Access Management aims to provision or revoke access for users and systems to operate on the organization’s enterprise. IAM serves another purpose. It makes sure core functions can still be done with minimum access.

Privacy and Data Protection

Data Protection and Privacy are about data integrity and privacy. Data protection has the goal to safeguard client data, intellectual property and personally identifiable information. This is true regardless of whether data is owned or used by employees.

App Security

Application Security was created to reduce the risk of software programs that are used in support of business operations. Application Security focuses on safeguarding applications from exploitation by adversaries throughout an application’s life.

Endpoint Security

The objective of Endpoint Security is to protect servers, desktops, and workstations that employees, third parties, and contractors use to connect to the organization’s network. To prevent breaches, endpoint security can use strict standards and technical controls.

  • Malware infections
  • Command and Control Activities
  • Data exfiltration
  • Ransomware/Data destruction
  • Privilege escalation
  • Lateral Movement

Network Security

Network Security concerns the protection of information and data while in transit. This also allows for proper network visibility. Malicious activity can only be corrected by authorized endpoints. Authorized endpoints have limited network access. To prevent these threats, comprehensive network security and technical controls are necessary.

Digital Channels

Digital Channels supports security controls needed to protect against threats to today’s technology and those on the horizon as society shifts towards a digital and largely cashless economy. It is particularly important for the financial industry, as it protects against identity theft and money laundering.

Cloud Security

Cloud Security aims to address unique risks posed by using Infrastructure-as-a-Service (IaaS), Platform-as-a-Service (PaaS), or Software-as-a-Service (SaaS) cloud computing offerings. Cloud Security addresses the following problems:

  • Unauthorized Access
  • Privacy
  • Lateral movement between and within cloud tenants
  • Virtualization vulnerabilities
  • Expansive attack surface
Tripwire Enterprise Executive Dashboard showing compliance overview for Egypt Financial Cybersecurity Framework

Monitoring data integrity

To monitor for any changes to assets, integrity monitoring is necessary. It will enable you to regularly review the files and inform security personnel if any modifications are not authorized. Tripwire has several methods for identifying low-risk or high-risk files. This part is part the priority, prioritizing system that reconciles, reports on and report any changes detected. Auto-promoting changes in the business as usual reduces noise so IT can focus more on investigating security and risk-related changes.

Tripwire used its host-based intrusion detector software to detect changes in files or folders. Tripwire then added File Integrity Monitoring (FIM) to its solution. This allows Tripwire to monitor detailed system integrity including directories, files, registry, configuration parameters, DLLs, and directories. SIEM, an enterprise integration tool that provides intelligence for threat detection, is another option. This tool generates event data that is rich in context and helps to determine what immediate investigations are required. It allows for better alerting workflows, and correlations.

Tripwire Enterprise Executive dashboard for Integrity Monitoring
Tripwire Enterprise Executive Dashboard to Integrity Monitoring

The CBE cybersecurity framework was carefully designed but it would be unrealistic to extend beyond Egypt’s borders.  Most countries would not accept this as an authority.  We can only wish this trend reverses.  However, regardless of this hesitancy of global recognition, it should be added to every cybersecurity professional’s list of reliable guidance.

Click here for more information about Egypt’s financial security framework.

The post Respecting Egypt’s Financial Cybersecurity Framework first appeared on Tech Like This.

]]>
636
What to Know about APIs, the “On-Ramps to the Digital World” https://techlikethis.com/2022/10/05/what-to-know-about-apis-the-on-ramps-to-the-digital-world/?utm_source=rss&utm_medium=rss&utm_campaign=what-to-know-about-apis-the-on-ramps-to-the-digital-world Wed, 05 Oct 2022 03:00:00 +0000 https://techlikethis.com/2022/10/05/what-to-know-about-apis-the-on-ramps-to-the-digital-world/ An API (or programming interface) is a standard process that allows data to be shared between applications or programs. An API is an ensemble of guidelines and rules that regulate how data communications take place between clients, servers and other programs. APIs need to be able to identify what data is being shared. They also […]

The post What to Know about APIs, the “On-Ramps to the Digital World” first appeared on Tech Like This.

]]>

An API (or programming interface) is a standard process that allows data to be shared between applications or programs. An API is an ensemble of guidelines and rules that regulate how data communications take place between clients, servers and other programs. APIs need to be able to identify what data is being shared. They also have requirements for authentication and encryption. how to It is yours to share.

It is possible to use APIs to enable users to login to a site using the credentials that they already have on websites like Facebook or Google. When payment information is transmitted using third party applications like PayPal, it’s called Third-Party Payments. These APIs enable data collection from an external program to make it easier to login to online payments or submit them.

APIs make it easier to shop online. These APIs make it easy to integrate businesses with organisations and allow them to communicate easily. Developers can create new ways to modify and update APIs. APIs combine information from multiple sources into one place, which makes it easier for users to find the data they need. Over the past year, APIs have increased in number by 221%. APIs can be hacked because they are practical and necessary. This is what same article that detailed the Salt Labs research report with recent API security trends, describes APIs as “the on-ramps to the digital world”.

API Security: What are the Biggest Threats?

Cybercriminals exploit the huge attack surface by increasing API traffic. The API traffic has increased 321% over the past twelve months. But, the API attack traffic has grown by 681 percent. API development happens quickly, so the landscape has rapidly changed. API security As the internet is constantly changing, it can be difficult to keep up with security procedures. API attacks can prove difficult to prevent because every attack is unique and involves probing for vulnerability.

API security is most at risk when an attacker tries to break object-level authorization. A hacker could modify the API object without informing the server. BOLA flaws cannot be detected by static or dynamic testing. These flaws allow criminal actors to alter or delete sensitive data. To prevent BOLA attacks, a security system should be able to detect abnormal API behavior.

Another common attack is the breaking of user authentication. When attackers take advantage of weak security features in user authentication, this is a common type of API attack. Hackers have various ways to gain access to the victim’s user accounts as well as transaction data, such credential stuffing and credential cracking.

An attacker can often access too much information through API attacks. Many APIs can provide more information than is necessary to complete the task of sharing or obtaining data. This data can be used to gain sensitive information by an attacker. Even though many APIs let clients filter data and make their own decisions, attacks can still be made on the API’s redundant information.

Cybercriminals can learn information about APIs and program components to create attacks. A security setting in an API isn’t properly defined or has default settings, making it susceptible to hackers searching for both infrastructure and data. API security problems can be difficult to spot and fix. API attacks usually succeed because they exploit weaknesses in business logic. 

API Security Best practices

APIs can be difficult to secure. It is not possible to guarantee that they will be protected against hackers. These practices will make your API more vulnerable to hackers if you follow them. You can increase API security through the incorporation of these practices into development, testing, and production.

It is essential to secure API design and development. It ensures APIs are built using secure code and configuration processes. This is a great idea right from the beginning. Business logic is also an excellent idea for design reviews. This increases the likelihood of flaws being discovered early. Although security testing is capable of identifying vulnerabilities in APIs and misconfigurations, business logic issues can be detected with analysis and fuzz.

API security is dependent on the documentation of APIs. This allows internal security staff and others to understand and see the API structure, as well as how it was tested and protected. It also allows them to identify possible attack points for any API they’re using. Accurate documentation is crucial to ensure problems and solutions are easily traced.

You can use many tools to maintain API security even after you have completed development or testing. Monitoring and logging APIs can help you monitor the normal behavior of APIs and spot unusual events so they can be fixed. To determine when APIs are changing, automatic systems will compare API behavior with documentation. This allows documentation to automatically be updated. To make APIs safer, API gateways can be encrypted. Identity store, key management, and public key infrastructure are all possible. Bad actors cannot get authorization, authentication.

Although APIs play an essential role in the operations of many applications, API security is not the same as security for applications. It is essential to understand the security issues that APIs present and how you can address them. API security does not require you to be proficient in every area or step of API development. Many people overlook it. Every stage of an application should be able to understand API defenses and attacks. They also need documentation on what they can do to help protect their APIs.


Information on the Author PJ Bradley, a passionate writer on a variety of subjects and deeply committed to helping others is a prime example. Holding a bachelor’s degree from Oakland University, PJ enjoys using a lifelong desire to understand how things work to write about subjects that inspire interest. Most of PJ’s free Two of the most time-consuming tasks are writing and reading. PJ writes also regularly at Bora.

Editor’s Note: Tripwire, Inc. cannot be held responsible for guest author’s opinions.

The post What to Know about APIs, the “On-Ramps to the Digital World” first appeared on Tech Like This.

]]>
639
CISA gives direction to federal agencies who catalog networks in order to search for bugs https://techlikethis.com/2022/10/04/cisa-gives-direction-to-federal-agencies-who-catalog-networks-in-order-to-search-for-bugs/?utm_source=rss&utm_medium=rss&utm_campaign=cisa-gives-direction-to-federal-agencies-who-catalog-networks-in-order-to-search-for-bugs Tue, 04 Oct 2022 15:20:16 +0000 https://techlikethis.com/2022/10/04/cisa-orders-federal-agencies-to-catalog-their-networks-and-scan-for-bugs/ You need to know what is in your network. You could be at risk. In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed – and this can present an opportunity for malicious hackers to take advantage of improperly secured systems. Many organizations don’t know […]

The post CISA gives direction to federal agencies who catalog networks in order to search for bugs first appeared on Tech Like This.

]]>

You need to know what is in your network. You could be at risk.

In any organisation it’s normal for different devices, on- or off-prem, wired or wireless, to be constantly added or removed – and this can present an opportunity for malicious hackers to take advantage of improperly secured systems.

Many organizations don’t know how many assets are in their possession or where they are all located.

It is a smart idea to run regular automated scans to check for vulnerabilities and identify assets that are connected to your infrastructure.

Cybersecurity and Infrastructure Security Agency of the United States – (CISA). told On Monday federal agencies were mandated to inspect assets and find vulnerabilities in networks.

Federal Civilian Executive Branch agency agencies must take the following actions before April 3rd 2023.

  • Automate asset discovery every 7 days. At a minimum, this must include all IPv4 addresses used by agency.
  • Each 14-day period, start vulnerability enumeration for all assets. This includes all nomadic/roaming equipment (e.g. laptops).
  • Automatically feed details of detected vulnerabilities into CISA’s Continuous Diagnostics and Mitigation (CDM) dashboard within 72 hours.
  • Develop and maintain the capability to initiate on-demand asset discovery and vulnerability enumeration, in order to identify specific assets or vulnerabilities within 72 hours of receiving a request from CISA – and then provide the results back to CISA within 7 days of request.

CISA’s Jen Easterly highlighted SolarWinds, a hacker group that had been able to use the poisoned software update for network management to target critical infrastructure networks in government agencies over months.

“If you’ve heard us talk at all about this, we have said consistently that we are on an urgent path to gain visibility into risks facing federal civilian networks,” said Easterly. “This was obviously a gap illuminated by SolarWinds.”

It is vital for organisations to identify compromised software quickly in order to defend themselves against attacks like SolarWinds.

CISA says it will publish a common vulnerability-reporting data format within six months which agencies can use when feeding information into the CDM dashboard.

The post CISA gives direction to federal agencies who catalog networks in order to search for bugs first appeared on Tech Like This.

]]>
642
| https://techlikethis.com/2022/10/04/652/?utm_source=rss&utm_medium=rss&utm_campaign=652 Tue, 04 Oct 2022 03:00:00 +0000 https://techlikethis.com/2022/10/04/see-yourself-in-cyber-4-steps-to-stay-safe/ Cybersecurity Awareness Month was declared by the President of the United States (and Congress) in October due to increasing threats to private and technological information. The initiative is intended to help people protect themselves online. Under the guidance of the NSA, government and businesses are working in tandem to raise cybersecurity awareness at both the […]

The post | first appeared on Tech Like This.

]]>

Cybersecurity Awareness Month was declared by the President of the United States (and Congress) in October due to increasing threats to private and technological information. The initiative is intended to help people protect themselves online. Under the guidance of the NSA, government and businesses are working in tandem to raise cybersecurity awareness at both the national and global levels. National Cybersecurity Alliance (NCA), and Cybersecurity and Infrastructure Security Agency (CISA).

Cybertravel: Take a look at yourself

The slogan for this year’s campaign, “See Yourself in Cyber,” shows that although cybersecurity may appear to be a complicated topic, it ultimately comes down to people.

Everybody should feel comfortable in cyberspace regardless of their role. Individuals and consumers can make simple steps to protect their information and privacy online. Vendors and suppliers alike can be held accountable for the security of their supply chains and take control of their role in preventing any incidents at their locations. Owners and operators of critical infrastructure that are a part of a wider network of services and systems that rely on or support critical infrastructure can learn how their company contributes to the ecosystem’s overall cybersecurity.

Cybersecurity news stories tend to focus on data breaches or cybercriminals. However, this can make it seem overwhelming and impossible to manage. Cybersecurity Awareness Month reminds everyone that you have many options to protect your data. It doesn’t take much to make a difference in cybersecurity.

Enable multi-factor authentication

All agree that multi-factor authentication (MFA), is the best protection against password attacks. A CISA advisory highlights that “MFA is one of the most important cybersecurity practices to reduce the risk of intrusions—according to industry research, users who enable MFA are up to 99% less likely to have an account compromised.”

MFA should be enabled wherever possible. One mistake many businesses make is to limit the protection of their highly-privileged accounts (such as those IT admins) and only allow remote users to use multi-factor authentication. But criminals can target any employee or individual. To reduce the possibility of an attacker compromising an account, MFA should always be available to all employees.

Attacks on recent occasions Cisco Uber However, not all MFA options are equal in security. SMS-based authentication actually is safer than other methods. deprecated by NIST since 2017While attackers use tactics such as MFA fatigue It is possible to bypass OTP push-notifications authentication. The Office of Management and Budget memorandum on enabling a Zero Trust cybersecurity Asks companies to choose a phishing resistant MFA method such as FIDO2 security key. Organizations should be careful not to replace any existing authentication methods. OTP push authentications are safer than no MFA and can be used to protect less sensitive data.

Use a password manager for strong, unique passwords

Passwords hold the key to your digital castle. Your passwords are as important to secure your digital castle as your house keys. No matter what account they are protecting, all passwords must be created with these three principles in mind:

  • Long – At least 12 characters should be included in each of your passwords.
  • Unique – Each account must be secured by a separate, individual password. Use unique passwords only. This way, you can rest assured that your other accounts are secure even if they’re compromised.
  • Complex – Each password should be complex and contain a mix of capital and lowercase letters, digits, and special characters.

It is a good idea to not change a password that is long, unique, or complex unless it is discovered that another person is accessing the account, or that the password has been stolen in a data breach. Last updated recommendations from NIST This recommendation is supported. Since many years cybersecurity professionals have recommended that we change our passwords regularly. This is not a good idea if you have complicated passwords that are long, unique, or complex. You run the risk of using weak or duplicate passwords or repeating them if your passwords are frequently changed.

Our lives are becoming more digital and more complex. We may now have to manage 100 passwords or more. It can be tedious to create, store and remember all these passwords. But passwords are the first line of defense against hackers, data breaches, and other threats. You can use free, easy-to-use password managers to make it easier than ever to manage your passwords.

password manager This is the easiest way to create strong passwords and keep them secure for all the online accounts that we use. A password manager can help you avoid having to keep a messy sticky note with your most important passwords on it or keeping a notebook of them in a drawer. All you have to do to gain access to your password manager vault, is to create a strong password.

Password managers can be used to save hundreds of passwords on your online accounts. However, these programs have additional benefits.

  • Time-saving
  • All operating systems, devices and platforms can be used
  • Secure your identity
  • You should be wary of phishing websites
  • You will be notified if a password has been compromised

Make sure to keep your software current

One of the easiest ways to protect your information is by updating your software. Because hackers are constantly looking for ways to gain access to your information through insecure software, updates can help you stay ahead.

Below are some reasons why you should consider software updates immediately.

  • Security holes within easy reach Cybercriminals can gain access to a person’s computer because of software flaws. Software flaws can be viewed by cybercriminals as open access points that allow them to infect computer systems with malware. These open doors can be closed by software security updates to protect a system from attacks.
  • Seek out new features. You might be able add new features or get rid of outdated features by installing updates. Technology is constantly changing so updates are a great way to keep up with all the latest developments and features.
  • Safeguard your data. An attacker who gains access to software security holes will search for passwords and confidential documents. Security flaws can make data more difficult to protect.
  • Increased efficiency Each patch may not be related to security. Software developers may discover bugs in their software and realize the program must be fixed. The software’s performance is boosted by these modifications.
  • Check compatibility. Software developers offer updates in order to make certain that the program works with all new technology. Without updating, older software might not be compatible.

These are also two helpful tips when installing and downloading updates.

  • Software updates should only be downloaded from the original author. Use cracked software, pirated or used without permission. Even if a friend has given it to you. Many of these viruses can create additional problems than the software fixes.
  • Automate the entire process Software from well-respected vendors often offer the option of automatically updating your program. This notification will let you know when an update is available and allow you to start the process immediately.

Report phishing and recognize it

Phishing is a popular tactic for cybercriminals, but you don’t have to fall for it. Social engineering is used by criminals in cyberattacks. It’s effective and common. The right phish can catch anyone at any time. Social engineering has been used to compromise many other companies, such as Google, Sony and Twitter. people families.

Because we are more educated about obvious hoaxes, the cybercriminals seem to be convincing and persuading in many of these phishing scams. According to Jessica BarkerOne of the main reasons that social engineering is so successful is because it can manipulate our emotions in order to bias our judgement. How we receive information is crucial.

According to behavioral economists, each individual processes information in one of two ways: slowly or quickly. If we think slowly we can be composed, reflective, and rational. Cybercriminals demand that we think different. Cybercriminals want us to think fast while being emotionally and susceptible. Cybercriminals use our emotions to convince us to click suspicious links, to download potentially dangerous attachments and to reveal our credentials.

Be sure to take the time to ensure that your email and message are authentic before you open any attachments or click on any links. These are some guidelines. recognizing a phishing email:

  • It seems like a great deal.
  • Are you afraid of it?
  • Do you need to provide personal information in order for it to send the message?
  • Does it feel urgent to link with an unknown attachment?
  • Are you asking for a business emergency?
  • Is the sender’s email address correct? Attention to misspellings such as Anazon.com and Pavpal.com.

Recognizing a bogus email or message that is a part of a criminal’s phishing campaign is the challenging part. You can report it. You should immediately report it to your IT manager, security officer or workplace administrator if the email was sent to you at work.

You should not reply to the email if it was sent from your personal email account. You should not respond to an email and do not click links. Just click the “Delete” button. Blocking the sending address can help you increase security.

Everyone has a right to a safe internet, so let’s remember to #BeCyberSmart.



The post | first appeared on Tech Like This.

]]>
652
VERT’s Cybersecurity News for the Week of September 26, 2022 https://techlikethis.com/2022/10/03/verts-cybersecurity-news-for-the-week-of-september-26-2022/?utm_source=rss&utm_medium=rss&utm_campaign=verts-cybersecurity-news-for-the-week-of-september-26-2022 Mon, 03 Oct 2022 09:45:51 +0000 https://techlikethis.com/2022/10/03/verts-cybersecurity-news-for-the-week-of-september-26-2022/ All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 26th, 2022. I’ve also included some comments on these stories. Sophos Firewall Zero-Day Exploited in Attacks on South […]

The post VERT’s Cybersecurity News for the Week of September 26, 2022 first appeared on Tech Like This.

]]>

All of us at Tripwire’s Vulnerability Exposure and Research Team (VERT) are constantly looking out for interesting stories and developments in the infosec world. Here’s what cybersecurity news stood out to us during the week of September 26th, 2022. I’ve also included some comments on these stories.

Sophos Firewall Zero-Day Exploited in Attacks on South Asian Organizations

UK-based cybersecurity company Sophos has warned customers that a new zero-day vulnerability affecting some of its firewall products has been exploited in attacks, SecurityWeek reports. A Friday advisory stated that versions 19.0 MR1 (19.0.1), and earlier of Sophos Firewall were affected by a critical flaw that could be used for remote code execution.

Sophos Firewall version 19.0MR1 and older were subject to a zero-day attack. The vulnerability enabled attackers to execute malicious code on compromised systems. This vulnerability was found in Webadmin and User Portal components. Sophos released a patch for this vulnerability. Also, it is recommended that the User Portal or Webadmin interfaces are not exposed to the Internet.

windows-11-22h2-blocked-due-to-blue-screens-on-some-intel-systems”>windows 11 22H2 blocked due to blue screens on some Intel systems

Microsoft is now blocking the windows 11 22H2 update from being offered on some systems with Intel Smart Sound Technology (SST) audio drivers. The company also put a safeguard hold in place because this known issue triggers blue screens of death (BSODs) on affected systems, windows-11-22h2-blocked-due-to-blue-screens-on-some-intel-systems/amp/” target=”_blank” rel=”noreferrer noopener”>BleepingComputer notes.

Be cautious when upgrading to windows 11 22H2. Some systems equipped with Intel Smart Sound Technology sound drivers may experience BSOD after the update. This issue exists because there is an incompatibility issue with the Intel Smart Sound Technology on 11th Gen Core processors and windows 11. The Media Creation Tool should not be used to force an update. This could cause the system to turn blue. This issue is found in Intel Smart Sound Technology Audio Controllers that have a file named IntcAudioBus.sys. These files are either version 10.29.0.5152, or 10.30.0.5152. This issue may be patched on your system if you’re running version 10.30.0.5714 or version 10.29.0.5714.

New Microsoft Exchange zero-days actively exploited in attacks

BleepingComputer reports that threat actors are exploiting yet-to-be-disclosed Microsoft Exchange zero-day bugs allowing for remote code execution, according to claims made by security researchers at Vietnamese cybersecurity outfit GTSC, who first spotted and reported the attacks.

Microsoft Exchange has several zero-day weaknesses. GTSC Security Researchers discovered vulnerabilities that allow remote code execution. These vulnerabilities were used by attackers to create Chinese Chopper webshells. Zero Day Initiative has verified these vulnerabilities and they are now being tracked under ZDICAN-18333 and ZDICAN-1880.

There are two stages to executing code on a vulnerable system:
1. Malicious requests to the ProxyShell (not possible on fully patched systems)
2. Use the previous requests to gain access to the backend to execute code

GTSC suggests that a new rule using the URL Rewrite Rule module could mitigate these vulnerabilities. They suggest blocking requests to the Autodiscover on the Frontend by adding the string “.*autodiscover.json.*@.*Powershell.*“ to the URL Path and using the condition of {REQUEST_URI}.

Keep in Touch with Tripwire VERT

Want more insights from Tripwire VERT before our next cybersecurity news roundup comes out? Get our newsletter.

VERT Cybersecurity News Roundups

The post VERT’s Cybersecurity News for the Week of September 26, 2022 first appeared on Tech Like This.

]]>
656