APT Hackers Using Custom Backdoor to Attack Government Orgs

andreasc
-
0
APT Hackers Using Custom Backdoor to Attack Government Orgs
[ad_1]
Lancefly APT Hackers

The cybersecurity researchers at Symantec Threat Labs recently discovered APT hacking group has been utilizing the specialized ‘Merdoor’ backdoor malware to conduct precise and prolonged attacks on the following sectors in South and Southeast Asia since 2018:-

  • Government
  • Aviation
  • Telecommunication

While apart from this, since 2018, Lancefly has been using the Merdoor backdoor malware in specific attacks.

Symantec researchers have observed the usage of this backdoor malware in multiple campaigns, spanning from 2020 to the first quarter of 2023, with the primary aim of spying and gathering intelligence reports.

Lancefly APT Hackers Attack Chain

Although Symantec has not identified the precise initial infection method employed by Lancefly, evidence suggests that the group has utilized techniques such as phishing emails, SSH credential brute forcing, and exploiting vulnerabilities in public-facing servers to gain unauthorized access.

The attackers inject the Merdoor backdoor through DLL side-loading into legitimate Windows processes, such as “perfhost.exe” or “svchost.exe,” to help the malware evade detection once it gains a foothold on the target system.

The Merdoor dropper contains three files, and it is a self-extracting RAR (SFX):-

  • A legitimate and signed binary vulnerable to DLL search-order hijacking
  • A malicious loader (Merdoor loader)
  • An encrypted file (.pak) containing the final payload (Merdoor backdoor)

The Merdoor dropper, upon execution, extracts embedded files and leverages older versions of five legitimate applications to facilitate DLL sideloading for loading the Merdoor loader.

After installing itself as a service that persists between reboots, the Merdoor backdoor establishes communication with the C2 server via several supported protocols. It awaits further instructions, enabling Lancefly to maintain access and a foothold on the victim’s system.

Here below, we have mentioned all the supported communication protocols:-

Merdoor functions as a backdoor that can receive commands through local ports and records keystrokes to gather potentially useful information.

To swiftly execute scheduled tasks on remote systems through SMB, Lancefly utilizes Impacket’s ‘Atexec’ feature. At the same time, it does so as a means to propagate through the network or eliminate output files generated by previous commands.

The attackers employ memory dumping, stealing registry hives, and encrypting files with a disguised WinRAR tool, followed by likely exfiltration using Merdoor to steal credentials and extract sensitive data.

Attack Chain Tools and TTPs

Here below, we have mentioned all the attack chain tools and TTPs:-

  • Impacket Atexec
  • Suspicious SMB activity
  • WinRAR
  • LSSAS Dumper
  • NBTScan
  • Blackloader
  • Prcloader

ZXShell Rootkit

Lancefly attacks incorporate an upgraded ZXShell rootkit, leveraging its advanced capabilities through the “FormDII.dll” loader, which enables the deployment of tailored payloads, execution of shellcode, termination of processes, and additional functionalities based on the host’s system architecture.

EHA

Lancefly uses a shared codebase for their tools, as evidenced by the common code between the rootkit’s installation and updating utility and the Merdoor loader, with the former also capable of:-

  • Creating services
  • Modifying the registry
  • Compressing its executable to evade detection

Possible Links

Although the ZXShell rootkit has been used by multiple Chinese APT groups, including APT17 and APT41, the connection to Lancefly is tenuous due to the rootkit’s public availability for years.

The rootkit loader name “formdll.dll” used by Lancefly has been observed in a previous APT27 campaign, but it remains uncertain if this choice intentionally confuses analysts and hinders attribution efforts.

The utilization of commonly employed PlugX and ShadowPad remote access trojans (RATs), shared by multiple Chinese APT groups, provides additional support for the proposition that Lancefly has Chinese origins.

Struggling to Apply The Security Patch in Your System? – 
Try All-in-One Patch Manager Plus


[ad_2]
Source link

OnePlus V Fold & OPPO Find N3 to feature the same design

andreasc
-
0
OnePlus V Fold & OPPO Find N3 to feature the same design
[ad_1]

According to a new report, the OnePlus V Fold and OPPO Find N3 will feature the same design. This information comes from 91mobiles, in collaboration with Yogesh Brar. One thing to note is that this tipster has a mixed track record, so take this info with a grain of salt.

The OnePlus V Fold & OPPO Find N3 tipped to feature the same design

Having said that, the OnePlus V Fold will become the company’s first foldable smartphone. OnePlus trademarked both the OnePlus V Fold and OnePlus V Flip names earlier this year. The ‘Flip’ name is presumably reserved for its clamshell foldable.

The tipster also says that the two devices will have the same cameras as the OPPO Find X6. That device includes a 50-megapixel main camera (Sony’s IMX890 sensor), a 48-megapixel ultrawide unit (Sony’s IMX581 sensor), and a 32-megapixel periscope camera. Hasselblad will also be a part of the picture.

Now, the OPPO Find N and Find N2 are quite compact when folded, and they unfold to a 7.1-inch form factor. Those two devices were rather unique in the book-style foldable market, though unfortunately neither made its way to global markets.

The OPPO Find N3 will be larger than its predecessors, based on rumors

The OPPO Find N3 is rumored to be larger, for better or worse. It’ll lose some of its appeal because of that, but that’s what the rumors are claiming. The same goes for the OnePlus V Fold, of course, if they end up being the same design-wise.

The rumors claim that the two devices will feature an 8-inch 120HZ display when they unfold. 20 and 32-megapixel selfie cameras were also mentioned in previous rumors. The same goes for a 4,805mAh battery.

If these rumors end up being true, the OPPO Find N3 and OnePlus V Fold could end up featuring the Google Pixel Fold-like form factor. If OPPO doesn’t change things around entirely, and doesn’t go for a vertically-oriented foldable, like the Galaxy Z Fold 4. We’ll see.

The OnePlus V Fold is expected to launch in Q3 this year, while the OPPO Find N3 will likely arrive in Q4.


[ad_2]
Source link

Top 5 best UK mobile blogs and websites

andreasc
-
0
Top 5 best UK mobile blogs and websites
[ad_1]

It’s not deniable that over the last decade, advancements in mobile technology have revolutionized how we interact socially, professionally and personally.

Perhaps, it will be difficult to keep up with the newest advancements and trends in the mobile industry due to the constant stream of new mobile devices and accessories. This is why both dedicated techies and occasional users should bookmark some of the best mobile-friendly websites and blogs.

Well, the following article goes over the finest five UK-based mobile blogs and websites, including reviews of new devices, news and in-depth analysis and opinion from industry professionals. So, let’s keep going!

UK mobile blogs image 839489384

NextGenPhone

First and foremost, if you’re looking for the latest news on mobile devices and technology developments, look no further than NextGenPhone, a top mobile technology website situated in the UK.

Smartphones, tablets, wearables and mobile accessories are just some of the subjects covered in the site’s wide variety of useful and entertaining articles.

Moreover, NextGenPhone’s team of experienced writers and professionals in the mobile sector provides the readers with the opportunity to catch up on the latest developments in the field. So, whether you’re a die-hard gadget geek or a first-time user, you’ll find plenty of useful information and tools here to help you find what you need.

ExpertReviews

Our next listed tech website is ExpertReviews – a UK-based tech website that focuses on reviewing and recommending consumer products such as mobile devices, computers and home appliances. They have a team full of experienced researchers and authors. To help customers in making informed purchases, they provide critical evaluations and in-depth explanations of the newest items. In addition, ExpertReviews has a vibrant user community that offers insightful criticism and debate on cutting-edge products.

MobileNews CWP

If you’re looking for the most up-to-date information about the mobile sector in the UK, check out MobileNews CWP. The site provides an all-encompassing perspective on the industry thanks to its expert team of writers and professionals, who cover everything from the newest smartphone launches to industry trends and market analyses.

MobileNews CWP also features exclusive interviews with prominent figures in the mobile phone industry, giving its readers access to new thoughts and viewpoints on the most recent innovations in the industry.

In addition to providing users with up-to-date news, the site also provides them with helpful how-to tips and reviews. Therefore, MobileNews CWP is the best place for everyone interested in the mobile phone industry to learn about the most recent developments.

MightyGadget

MightyGadget is a website founded in the United Kingdom that provides a unique perspective on the latest gadgets in consumer electronics. The site offers in-depth reviews and news on smartphones, laptops, and smartwatches and home appliances with an emphasis on comprehensive and technical analysis.

When compared to other sites, MightyGadget goes above and beyond to inform its viewers about emerging technology and specialised items. Expert authors and specialists in the industry often offer in-depth guides and advice on the site to help readers in making smart decisions.

GadgetsBoy

Last but not the least, GadgetsBoy is a technology blog that covers the most recent developments in consumer electronics, gadgets and other emerging technologies. The site’s creator is an enthusiastic technologist with plenty of experience in the industry and he uses his expertise to write insightful articles and reviews for his visitors.

GadgetsBoy provides a unique and interesting take on the current technological trends by covering a broad variety of issues, from smartphones and laptops to gaming and smart home technologies. All in all, GadgetsBoy is a go-to source for anybody who is interested in being abreast of the most recent technological news and advancements.

Conclusion

The mobile technology market in the United Kingdom is one of the most competitive and inventive in the world. Almost every day, new devices and accessories are introduced to the consumer market.

The good news is that customers have access to a multitude of materials that may assist them in being updated and informed about the most recent advancements in the industry. If you’re interested in keeping up with the rapidly developing field of mobile technology, the top five best UK mobile blogs and websites are excellent resources for you. So, be sure to check them out and keep yourself updated!


[ad_2]
Source link

Google Calendar and Microsoft Outlook finally play nice with each other

andreasc
-
0
Google Calendar and Microsoft Outlook finally play nice with each other
[ad_1]

Google is now rolling out a new update that’s supposed to make Calendar work smoother with Microsoft’s Outlook app. Those who missed appointments because the interoperability between the two apps was less than optimal, will be pleased to know that the latest update addresses many of these issues.

The recent improvements to “Calendar Interoperability” should solve any problems related to scheduling time and collaborative management for both calendar apps. Here is what’s in the newest Google Calendar update:

  • Microsoft Outlook users who also have a Google Calendar with the same email address can receive Google Calendar invitations and RSVPs in Outlook.
  • A default meeting reminder will be generated in Microsoft Outlook if the invitation was created in Google Calendar to help make sure guests using Outlook do not miss events.
  • Non-Google Calendar recurring events will be more systematically and accurately updated in Google Calendar.

The update is available to all Google Workspace customers, as well as legacy G Suite Basic and Business users. Those with personal Google Accounts are getting the updated version of Google Calendar too.As far as availability goes, there will be no rollout since these improvements are already live and available for everyone. If you’re an admin, you won’t have to do anything, as these update will be automatically deployed.

[ad_2]
Source link

ChatGPT Chief Testifies on AI risks To US Congress

andreasc
-
0
ChatGPT Chief Testifies on AI risks To US Congress
[ad_1]
ChatGPT Chief Testifies AI risks

To mitigate the threats posed by increasingly potent AI systems, government action will be essential, according to the CEO of the artificial intelligence company that produces ChatGPT.

The success of OpenAI’s chatbot, ChatGPT, provoked worries and an AI arms race among legislators during a Parliamentary session.

“As this technology advances, we understand that people are anxious about how it could change the way we live. We are too,” OpenAI CEO Sam Altman said at a Senate hearing.

For the most potent AI systems, Altman suggested the establishment of a U.S. or global agency with the capacity to “take that license away and ensure compliance with safety standards.”

Raised Concerns About The Next Generation

Concerns about the coming years of “generative AI” tools’ potential to deceive people, distribute false information, violate copyright laws, and displace some jobs have grown out of what began as an educator’s panic about ChatGPT’s usage to cheat on homework assignments.

The societal concerns that brought Altman and other tech CEOs to the White House earlier this month have prompted U.S. agencies to promise to crack down on harmful AI products that violate current civil rights and consumer protection laws.

Despite this fact, there is no immediate indication that Congress will draught comprehensive new AI rules, as European lawmakers are doing.

Sen. Richard Blumenthal, a Democrat from Connecticut and chair of the Senate Judiciary Committee’s subcommittee on privacy, technology, and the law, began the hearing with a recorded speech that appeared to be him but was a voice clone that had been trained on the Blumenthal’s floor speeches and was reading ChatGPT-written opening remarks.

The result was impressive, and he continued, “What if I had asked it, and what if it had provided, an endorsement of Ukraine surrendering or (Russian President) Vladimir Putin’s leadership?”

Except for stating that the sector may “significantly harm the world” and that “if this technology goes wrong, it can go quite wrong,” Altman largely avoided giving specifics.

Both Gary Marcus, a former NYU professor who criticized the AI hype, and Christina Montgomery, vice president and director of privacy at IBM, testify. 

Montgomery underlined the importance of striking a balance between innovation and ethical behavior and cautioned against fast AI development. Altman and Montgomery recognized that AI could both create and destroy jobs.

Recently, Altman demonstrated ChatGPT’s capabilities to Parliament politicians, and all attendees acknowledged the need for AI regulation. Altman has stated his commitment to the responsible development of AI while acknowledging its risks.

Elon Musk and others, however, call for a temporary halt to developing potent AI systems because of the grave societal concerns involved.

EHA

Government Involvement Is Crucial To Regulate AI

The fact that the committee hearing on AI in government took place simultaneously with the Parliamentary hearing shows how important AI is becoming to legislators. 

The government’s emphasis on ethical AI development is evident in Altman’s encounters with senior officials, including Deputy Prime Minister Kamala Harris and Prime Minister Joe Biden. Altman favors caution and greater safety precautions, but he doubts the efficacy of the open letter calling for a suspension of training as the best course of action.

Altman’s evidence emphasized the urgent need for government engagement to regulate AI, recognizing its transformative potential while emphasizing the significance of responsible development. The conversations highlight the numerous difficulties associated with AI and the ongoing attempts to balance innovation and risk reduction.

According to Montgomery, “We think that AI should be regulated at the point of risk, essentially,” by creating guidelines that control the application of particular uses of AI as opposed to the technology itself.


[ad_2]
Source link

Android TV users can now watch live TV

andreasc
-
0
Android TV users can now watch live TV
[ad_1]

Android TV users are getting a special treat from Google today with the arrival of live TV. As part of a new feature added to the Android TV platform called the Live Lab, users can watch a wide array of content from a collection of free channels.

As of right now this is a feature that only users in the US are getting access to. Google doesn’t mention when or if it will expand out to other regions, unfortunately. If you happen to use an Android TV device or have a TV with Android TV as the platform, and you’re in the US, you may start seeing the Live Lab today. Google does state though that this will be rolling out to users in the US over the next few weeks. So there is a good chance that most users won’t be able to access the free live TV yet.

You may also notice that some live TV content has been mixed into your recommendations. This is by design and is based on things like your favorite teams, channels, and shows.

Live TV on Android TV comes from multiple providers

You might be quite surprised at how much free TV there is out there to actually watch. With the Live Lab, users will get access to over 800 channels from Tubi, Plex, Pluto TV, and Haystack.

The channels included span a pretty wide set of broadcast networks. And will include news channels from CBS, NBC, ABC, and FOX. Additionally, Google says the Live Lab also includes global channels. And there’s support for more than 10 different languages including Japanese, Spanish, and Hindi.

The Live Lab also supports saving channels as favorites so you can easily get back to watching what you like most. It’s been a long time coming, but live TV is finally here. Although, Google TV users have been enjoying it since 2021.


[ad_2]
Source link

10 uncommon challenges and revolutionize your approach to customer support management

andreasc
-
0
10 uncommon challenges and revolutionize your approach to customer support management
[ad_1]

Managing customer support is a complex endeavor, requiring a strategic approach to overcome various challenges. In this uniquely crafted article, we delve into the depths of customer support management to explore ten uncommon problems that often hinder businesses. Prepare to embark on a journey of innovation and discover ingenious solutions to revolutionize your approach to customer support.

Transforming Tensions: The Art of Calming Stormy Seas

1. Effectively managing customer support entails defusing tensions and transforming difficult interactions into positive experiences. Discover unconventional techniques to harness empathy, active listening, and personalized problem-solving, ensuring customer satisfaction even in challenging situations.

Vanquishing the Waiting Game: Revolutionizing Response Times

2. Speed and efficiency are paramount in managing customer support. Explore cutting-edge methods to minimize wait times and optimize response rates. Embrace automation, intelligent routing, and proactive communication to create seamless support experiences that impress customers.

Breaking Language Barriers: Bridging the Communication Gulf

3. Managing customer support in a globalized world demands overcoming language barriers. Learn innovative strategies to provide effective multilingual support, including translation tools, language localization, and culturally sensitive communication, fostering deeper connections with diverse customers.

Unmasking Technical Gremlins: Triumphing Over Technological Hurdles

4. A key aspect of customer support is conquering complex technical challenges. Equip your support team with unconventional troubleshooting tactics, robust diagnostic tools, collaboration platforms, and expert resources to swiftly resolve even the most perplexing technical issues.

Empowering the Support Arsenal: Igniting Product Knowledge Prowess

5. To excel in managing customer support, empower your support agents with exceptional product knowledge. Unearth unconventional training techniques, immersive experiences, and gamified learning to cultivate a team of knowledgeable experts.

Creating a Symphony of Consistency: Orchestrating Support Harmony

6. Consistency is crucial in customer support across various channels and agents. Devise innovative support processes, standardize responses, establish knowledge repositories, and leverage automation to ensure a harmonious support experience.

Scaling Mountains of Calls: Conquering Peaks Without Sacrificing Quality

7. Scaling support operations is a challenge that successful customer support management must address. Implement unconventional strategies such as intelligent call routing, self-service options, and AI-powered chatbots to manage high call volumes without compromising quality.

Decoding Enigmatic Riddles: Mastering Complex Issue Resolution

8. Managing customer support involves effectively resolving complex issues. Foster problem-solving skills within your support team through continuous learning, collaboration, and resource-sharing, enabling them to unravel the most enigmatic puzzles.

Unveiling the Silent Voices: Channeling the Power of Customer Feedback

9. Customer feedback is a valuable asset in customer support. Craft unconventional feedback mechanisms such as sentiment analysis, social listening, and customer co-creation to uncover insights that drive meaningful improvements.

Nurturing Support Warriors: Cultivating Well-being Amidst the Chaos

10. Support agents play a critical role in customer support, so their well-being should not be overlooked. Prioritize their mental and emotional well-being through innovative initiatives, stress management techniques, and growth opportunities, ensuring a resilient and engaged support team.

Embark on this extraordinary journey to master the art of managing customer support. Embrace innovation, think beyond the ordinary, and transform challenges into catalysts for growth and customer satisfaction. By venturing into uncharted territory, you’ll pave the way for unrivaled support excellence that sets your business apart.


[ad_2]
Source link

Google may start deleting dormant Gmail accounts later this year

andreasc
-
0
Google may start deleting dormant Gmail accounts later this year
[ad_1]

It’s been a few years since Google announced that it would begin deleting data from dormant Google accounts in order to save storage space. At the time, this policy didn’t include deleting the accounts themselves but only some of the content, however, this policy has now been updated where unused free accounts are now in danger of being completely purged at the end of the year.
The old policy stated that starting on June 1st, 2021, files inside of Google’s suite of productivity applications — such as Google Docs, Sheets, Slides, Drawings, Forms and Jamboard files, as well as Google Photos — would count towards the 15GB of free storage. Additionally, it stated that accounts that were inactive in one of more of those applications for a period of 24 months, or over their storage limit, would be considered for content deletion. Of course, none of the above would happen without properly notifying the user so that action could be taken to avoid important data loss.
The updated policy was confirmed directly to 9to5Google but has not been officially updated in the Google One Help Center where recommendations are currently documented. According to 9to5, “If a Google Account has not been used or signed into for at least 2 years, Google will delete that personal account and its contents. In addition to the email address becoming inaccessible, Gmail messages, Calendar events, Drive, Docs, and other Workspace files, as well as Google Photos backups, will be removed.” This new practice is expected to begin in December 2023 and take place in stages, starting with the accounts that were obviously created but never really used.
It is important to note that, at the moment, Google is not planning to delete accounts that are associated with YouTube videos or Workspace accounts managed by a company or a school. Additionally, Google is also reiterating that none of this will happen without properly notifying the account owner and that multiple notifications will be sent prior to any deletion. Needless to say, if you do have a dormant Google account, this would be a good time to make sure you have a working recovery email associated with it and/or head over to the Inactive Account Manager to make sure you have all your ducks in a row.
This is all a big deal, considering that it’s no longer just the files that can be purged, but also the email address. I imagine there are a great deal of legacy Gmail accounts out there that are inactive and taking up desirable usernames that cannot be used. In fact, Google isn’t the only company practicing inactive account purges, as this has also been a recent concern for Twitter and Microsoft.

[ad_2]
Source link

Insurance Industry Suffers 12x More Cyber Attacks

andreasc
-
0
Insurance Industry Suffers 12x More Cyber Attacks
[ad_1]

The Insurance industry was the most targeted sector in Q1, 2023, according to Indusface’s State of Application Security report, with 12 times more attacks than any other sector.

Another report from the same year reveals that the insurance industry witnessed 49,844,877 cyber-attacks on 114 websites.

On average, each application in this sector was targeted by 430,000 attacks, which closely mirrors the average of 450,000 attacks per app across all industries.

Cybersecurity in Insurance: how are companies performing, and what actions should they prioritize?

What Makes Insurers A Target for Cyber Attacks?

Insurers are often on the radar of cyber-attacks because they handle sensitive and valuable data, including their customers’ personal and financial information. This makes them an attractive target for cybercriminals who seek to exploit vulnerabilities in their systems to gain access to this data for financial gain or other malicious purposes.

Insurers are also responsible for assessing and managing risk, which requires them to collect and analyze large amounts of customer data, including information about their assets, liabilities, and potential vulnerabilities. This information can be particularly valuable to cybercriminals who seek to gain a competitive advantage or target specific individuals or organizations.

Finally, insurers are also increasingly relying on technology to automate and streamline their operations, which can make them more vulnerable to cyber-attacks. Cybercriminals can exploit any technological infrastructure weaknesses to access sensitive data or disrupt their operations.

The Top Cyberthreats Facing the Insurance Industry

Bot/ Automated Threats

The report from Indusface discovered that 51% of Indian insurance websites were subjected to DDoS requests, considerably higher than the average of 30% of sites affected by such attacks. As well as this, the growth of bot attacks is a significant worry for the Indian insurance sector.

Attackers leverage the latest technology to improve their attacks’ sophistication, speed, and accuracy. That is why we are seeing increased bot-based automated threats facing cybersecurity in the insurance industry.

Ransomware Attacks

Ransomware attacks occupy a central place when discussing cybersecurity and the insurance industry. In recent years, attackers have leveraged them to get insurance companies to pay large ransoms. Ransomware attacks are where the attackers install and spread malware in the network to encrypt data and systems. This will disrupt operations and may even bring the company to a complete halt.

The company would have to pay a ransom to decrypt the systems and resume operations. Attackers typically use phishing attacks or social engineering scams to spread the malware.

Phishing and Social Engineering Scams

Ever since the onset of the pandemic, the level of fear and extreme emotions have been high. By exploiting these emotions, attackers orchestrate successful phishing and social engineering scams.

For instance, attackers may send a seemingly legitimate email to victims saying that their policy is blocked until they perform a KYC in a link provided in the email or furnish some documents on a (fake) website. The unsuspecting user may do the attacker’s bidding, downloading malware, giving out confidential information or credentials, transferring money, etc.

Real-Life Instances

AJG Breach, 2020: Arthur J Gallagher (AJG), a US-based global insurance brokerage and risk management firm, faced a massive ransomware attack. Investigations showed that the systems breached during this attack contained several types of sensitive information, including social security numbers, policy details, health and medical details, and much more, affecting 3 million of its customers. The company is facing class action suits and fines for non-compliance.

EHA

CNA Financial Corp Breach, 2021: CNA Financial Corporation, one of the largest insurance companies in the US, was the victim of a ransomware attack orchestrated by the Phoenix CryptoLocker group. CNA Financial had to pay a ransom of USD 40 million to regain control of its network from the attackers.

The attacker first targeted an employee’s workstation with a fake browser update delivered through a legitimate site, and a payload was installed, and the attacker gained privileges. Attackers moved laterally across the network, breaching and creating persistence on multiple devices in the network.

Attackers performed reconnaissance using legitimate tools to find and disable monitoring and security tools in the IT environment. They destroyed and disabled backups, so immediate containment may not be possible for CNA Financial.

More than 15000 systems were encrypted through this ransomware attack. 10% of its customers, employees, and others are said to have been exposed during this attack. The company is facing legal action.

The Impact of Cyberattacks on Insurance Companies

Loss of Confidential Information

When an insurer is attacked, the most significant risk is the exposure and loss of confidential corporate and individual client information. When such data is stolen, there is a high risk of identity theft, fraud, or stolen data being sold on the dark web.

Legal Action and Non-Compliance Penalties

Owing to the information the industry has access to and the work it does, it is one of the most regulated. When a data breach or cyberattack happens in the insurance sector, the company will be met with legal action, class action suits, and massive non-compliance penalties.

High Fraud Monitoring Costs

Insurance companies that don’t take cybersecurity seriously will face higher fraud monitoring costs. Why so? When customer data gets exposed during a breach, the company may be required to monitor fraudulent activities in affected customers’ accounts.

Business Interruptions and Downtimes

Another major cybersecurity impact on the insurance industry is that breaches cause business interruptions and downtimes. Recently, we have seen several high-profile ransomware and DDoS attacks that brought affected insurers to a grinding halt.

Loss of Trust and Reputation

Customers place immense trust while providing sensitive and confidential information to insurance companies. When their personal/ corporate data gets exposed or stolen owing to improper, inadequate security, it will lead to a loss of trust and massive reputation damage to the insurance company. And such reputational damage may be significant and even irreparable.

Customer Attrition

When sensitive data gets exposed, and customer trust erodes, customers may want to take their business elsewhere. So, the risk of customer attrition is high when a company doesn’t take cybersecurity in the insurance sector seriously.

Best Practices for Cybersecurity in Insurance Companies

Here are some ways that insurance companies can protect against cyber threats:

Conduct a risk assessment

The first step in protecting against cyber threats is to conduct a thorough risk assessment. This involves identifying vulnerabilities in your systems and processes and the potential impact of a cyber attack on your business. This assessment can help you identify where to focus your efforts to strengthen your cyber security defenses.

Deploy Web Application Firewall(WAF)

A WAF sits between a web application and the internet, analyzing traffic to detect and block attacks. It works by examining the traffic for malicious activity and blocking it before it can reach the web application. This is achieved through rules and policies designed to protect against known attack vectors.

One of the key benefits of a WAF is that it can virtually patch vulnerabilities in a web application. If a vulnerability is discovered, the WAF can be configured to block traffic that exploits it, even before a patch is released. This is particularly useful when a patch is not immediately available or the vulnerability is difficult to fix.

Implement strong password policies

One of the most common ways cyber attackers gain access to systems is by exploiting weak or easily guessable passwords. Strong password policies can go a long way in protecting against this attack. This includes requiring employees to use complex passwords that include a mix of letters, numbers, and special characters and to change their passwords regularly.

Educate employees on cyber security best practices

Employees can be the weakest link in your cyber security defenses, so educating them on best practices for staying safe online is important. This includes not clicking on suspicious links or email attachments, avoiding public Wi-Fi networks, and being wary of phishing scams.

Implement multi-factor authentication

Multi-factor authentication (MFA) adds an extra layer of security to your systems by requiring users to provide additional information beyond just a username and password. This could include a fingerprint scan, a one-time passcode sent to their phone, or a smart card. Implementing MFA can significantly reduce the risk of unauthorized system access.

Keep software up-to-date

Hackers often exploit vulnerabilities in outdated software to gain access to systems. By keeping your software up-to-date with the latest security patches and updates, you can help prevent these types of attacks.

Backup critical data regularly

In the event of a cyber-attack, having regular backups of your critical data can be a lifesaver. This can help you quickly restore your systems and minimize the damage from the attack.

Implement a disaster recovery plan

Even with strong cyber security measures in place, there’s always a risk of a cyber attack causing damage to your systems. That’s why it’s important to have a disaster recovery plan in place. This plan should include procedures for responding to a cyber attack, including steps for containing the attack, restoring systems, and notifying affected parties.

Work with trusted partners

Insurance companies often work with various third-party vendors, such as IT providers and data centers. It’s important to work with trusted partners who have strong cyber security measures in place themselves. You should also include provisions in your contracts with these partners that require them to adhere to your cyber security policies and procedures.

Stay up-to-date on the latest threats.

Cyber threats constantly evolve, so staying up-to-date on the latest threats and vulnerabilities is important. This includes monitoring industry news and reports and regularly reviewing your systems for vulnerabilities.

Have a cyber insurance policy.

Finally, it’s important to have a cyber insurance policy to help protect against the financial losses resulting from a cyber-attack. This policy can help cover costs such as legal fees, data recovery, and notification of affected parties.


[ad_2]
Source link

3 main reasons to use a VPN

andreasc
-
0
3 main reasons to use a VPN
[ad_1]

Most VPN users can be put in one of three categories. It all depends on your needs and your threat model.

There are many good reasons to use a Virtual Private Network (VPN), even if you are just casually scrolling. Privacy is a right that is yours to value and defend, and if you want to increase your online privacy then a VPN is one of the possible solutions. 

A VPN works like this: When you’re connected to the internet, all of your activity is logged and associated with your Internet Protocol (IP) address. Using a VPN creates an encrypted tunnel from your device to the VPN server, which is like creating a digital middleman between your device and the internet that blocks others from seeing what you’re doing. When you connect to a VPN, instead of your activity being associated with your IP address, now it’s the VPN server’s IP address that is associated with your data. Yours remains private.

Here are three reasons why you might want to use a VPN.

1. To stay private, at all times

Someone who is worried about being spied on — perhaps by their Internet Service Provider (ISP) or by someone that is on the same network, such as an employer or spouse — may choose to use a VPN. All these snoops will see when you are using a VPN is the fact that you are communicating with the VPN server. They are unable to see the content of the communications and where the traffic goes from there. Even if hackers are on the same WiFi network, that encrypted tunnel makes it impossible for them to capture any of your data.

2. To change your location

There are some basic reasons why someone would like to change their location. Some services have location-based restrictions and these services usually rely on your IP address to figure out where you are. So, if you want to evade such a restriction, you can pretend to be in a location where these restrictions don’t apply. Or the other way round if you want to restrict content: For example, if you don’t want your children to visit Pornhub you can set your location to Utah, because visitors from this state are blocked over an age verification law.

choosing a different location in Malwarebytes Privacy VPN

Switching your location is easy in Malwarebytes Privacy VPN

3. To protect when you need it the most

Some users only use a VPN when they feel they need its protection the most. For example, they might turn on the VPN when they are connected to a public WiFi, accessing their bank accounts, sending work-related or other sensitive information, or because they plan on visiting high-risk websites.

Malwarebytes Privacy VPN

Malwarebytes Privacy VPN helps protect your online privacy, shield your location, keep your data private even on public WiFi, and delivers speeds way faster than traditional VPNs. And it’s important to know that Malwarebytes does not log anything the user does. What you do is your business, not ours.


[ad_2]
Source link
1...1,2311,2321,233...1,458Page 1,232 of 1,458