Majority of small businesses doesn't give a lot of attention to ensuring their cybersecurity these days, that's why they are the usual target of cybercriminals according to the report from Hendren Group Global Facts blog.
Kaspersky Lab recently introduced the latest edition of the company's security platform, dubbed as Kaspersky Small Office Security (KSOS), designed specifically to serve the needs of small businesses with less than twenty five employees.
The platform is user-friendly and provides excellent protection. It also makes much easier for small businesses to keep track on their valuable information while keeping the customer, employee and operations data protected.
Senior Product Marketing Manager at Kaspersky Lab North America, Andrey Pozhogin said that it requires a lot of effort and expertise to create a working solution out of available single-purpose applications.
One might need to protect Windows and Mac-based workstations, mobile devices, have clean virtual machines set up for online banking, create a backup solution, encrypt sensitive data and use time consuming IT policies regarding the use of strong passwords. This type of policy can be changed with a password manager that will not just recommend the use of strong and unique passwords, but will also save a lot of time.
The updated version of Kaspersky Small Office Security includes enhanced protection from all known, unknown and advanced threats, with multi-layered protection for Windows and Mac computers, servers and Android-based mobile devices. A cloud-based management console that allows users manage IT security and devices anywhere with a web browser.
It also has a new cloud-based password management that holds important company login information and enables users to have a different, unique password for every secure site, across all devices, while only needing to remember one master-password.
Furthermore, the platform provides security for financial data that protects online business and personal transaction from financial fraud through its improved 'Safe Money' module.
KSOS protects Windows-based or Mac-based desktops or notebooks, Windows file servers, and Android smartphones and tablets. Each user will get protection for one Windows or Mac computer and one mobile device and Kaspersky Password Manager. File Server protection is included based on the number of protected users.
In a nutshell, the solution provides anti-malware and online transaction security, cloud management, backup and password management. It is also straightforward to install, simple to configure, and easy to maintain.
Pozhogin added that small businesses aim for an effective security solution, however, it has to be easy to manage considering the lack of expertise that some security administrator might have. It is also believed that sophistication is the top enemy of security and this is especially true in the case of small businesses.
Because of today's increasing threats on cybersecurity, a lot of people believe that it is not just enough to utilize a comprehensive security solution.
However, the company still believes that the demand for highly integrated user-friendly solutions such as KSOS will continue to grow significantly. They will continue to listen to their customers and partners, and will further develop KSOS to fulfill the needs of small businesses.
We provide information on all aspects of human necessities now and then to improve lives as the world progresses itself at http://hendrengroup.biz/blog/
Tuesday 26 May 2015
Thursday 21 May 2015
Google Chrome extension 'Password Alert' helps protect your Google account from phishing attacks
Security breaches is one of the
most alarming issue happened in the recent years. Even though how many times Hendren
Group Global Facts warns the public not to open suspicious emails, and
click on the links and open the attachments inside it, people are still
clicking and unsuspectingly handing their personal information to hackers.
No matter how sophisticated your
security is, there is always a possibility of becoming a victim to this simple
phishing scheme. It's a difficult problem to solve, but Google has a new
solution for you and other Chrome users that might help you avoid serious data
loss.
The search giant recently released
a new Chrome extension, dubbed Password Alert, designed to serve as an early
warning system against phishing attacks wherein it can detect if you're using
your Google password on any non-Google site.
Product manager of Google Ideas,
Justin Kosslyn said that phishing should be a real concern for everyone. He
also defined the project as a useful and quiet line of defense against a real
challenge.
If the extension detects that you
have entered your Gmail password to anywhere other than accounts.google.com, it
will redirect you to a warning page and will tell you that your password was
just exposed and you should immediately reset your password to keep your Gmail
account secure. You can ignore the alert if you are sure you've not been
hacked. Gmail users can also mute website alerts.
Because Password Alert only keeps
the hashed version of your password, it can execute the scan without revealing
your actual password to any further risk. Any individual using Google for work
account can also make a Password Alert mandatory across their domain. Each time
an employee gets an alert, same goes with the administrator.
Here is the bad news, Password
Alert biggest weakness is that it can only scan a password that has been
successfully submitted, so the user will only be alerted after they have been
successfully phished. However, even a late warning will give users the chance
and time to change their passwords and lock down their accounts before any
damage is done. For users with two-step verification, it should be easy to
change the password before the attackers can exploit it.
The extension could also heighten
security outside of Google accounts. It is built to integrate with Google's
password system, but the code is open source, so it should be easy to adapt the
code to other systems.
Kosslyn states that they hope the
open-source community scales Password Alert to provide additional security to
internet users.
Google increased its security
practices in October with the release of Security Key. If you are making use of
Google's 2-step verification method, you can choose Security Key as your
primary method, rather than having verification codes sent to your phone. With
Security Key, you can simply insert your Security Key into your computer's USB
port when requested. Security Key provides better protection against phishing
attacks, because it uses cryptography instead of verification codes and automatically
works only with the website it's supposed to work with.
Monday 18 May 2015
Hendren Global Group Top Facts: China's Great Cannon Could Point Anywhere When Next Fuse Is Lit
China,
which censors the web using its Great Firewall also known as the "Golden
Shield," includes a new censorship tool that's leading to alarm. It's name
is the "Great Cannon."
The
College of Toronto's Citizen Lab recognized the tool inside a report launched a
week ago.
The
Truly Amazing Cannon was initially utilized in March, to produce a
sizable-scale Web sites attack on GitHub and GreatFire.org, Citizen Lab stated.
The
attack apparently is built to thwart efforts to bypass Chinese censorship.
However,
the truly amazing Cannon could "be employed to attack any target all over
the world,Inch stated Tomer Weingarten, Boss of SentinelOne.
Catastrophic
Potential
The
Truly Amazing Cannon can't only inject code into traffic but additionally
suppress it however, its design signifies it had been produced to inject code,
Citizen Lab stated.
Within
the attack on GreatFire.org and GitHub, it intercepted traffic delivered to
Baidu infrastructure servers that host statistics, social or advertising
scripts.
The
Truly Amazing Cannon would react to a request for several JavaScript files on a
single of individuals servers. Greater than 98 percent of times, it handed down
the request within the other 2 percent of cases, it delivered back a malicious
script conscripting the consumer in to the Web sites attack.
"Ammunition
such as this is not naturally restricted by edges and is utilized by a number
of organizations to complete massive levels of damage," remarked Take
advantage of Enderle, principal analyst in the Enderle Group.
"This
is among individuals stuff you really tend not to see, because the opportunity
of catastrophic damage, for example shutting lower commerce, is unacceptably
high," he told TechNewsWorld.
Future
Fear and Loathing
Possibly
probably the most alarming factor concerning the Great Cannon is its
as-yet-apparently unused capability to exploit by Ip, Citizen Lab stated.
Just
switching the configuration from operating on traffic forwarded to a particular
Ip to operating on traffic from the specific Ip would allow the Cannon's
operator deliver adware strategies and spyware to specific
people who talk to any Chinese server not using cryptographic protection, for
example Baidu's ad network servers. Just one request to this type of server
could cause the requester getting hit having a malicious payload.
"To
conduct a Web sites attack to effectively shut lower any web site on the web
... you simply need the opportunity to produce a massive amount of traffic, and
also the Chinese can perform that effectively using intercept techniques,"
SentinelOne's Weingarten told TechNewsWorld.
Web
sites Is Hell
Web
sites is just about the attack method of preference recently, and "45
percent of organizations happen to be hit one or more times having a Web sites
attack," stated Igal Zeifman, product evangelist at Incapsula.
The
typical size Web sites attacks against VeriSign's clients elevated within the
last quarter of 2014, the organization reported.
Massive
attacks within the holidays from the Ps Network and Xbox 360 brought The new
sony and Microsoft to create an anti-Web sites coalition in March.
This
is a refreshing development. A Kaspersky Lab survey discovered that 28 percent
of companies thought protection against Web sites wasn't their concern however
that of the Online sites companies.
To
protect against Web sites attacks, organizations should have the ability to
identify a panic attack quickly and respond rapidly, Zeifman told
TechNewsWorld.
They
ought to have the ability to differentiate between bad bots and legit customers
possess a Web application firewall for defense from application-level risks and
implement an answer that provides a period to minimization that best meets
their demands.
Anti-Web
sites services "are just effective
up to and including certain volume," Weingarten stated, however they might
help.
Thursday 14 May 2015
Belgian and French websites hacked, two minors as suspects
Websites of the Belgian and
French publications are hacked by assumed suspects who are both teenagers’ ages
sixteen to eighteen years old.
Brussels prosecutors stated in
a statement that the regional unit had been able to identify the alleged
criminals of the cyberattacks.
As stated by the Hendren Global Group Top Facts, the attacks
are launched against the websites of Le Soir, La Libre Belgique, La Derniere
Heure and publications of the Sudpresse group.
The attacks also targeted
French regional publications belonging to the Rossel group, including La Voix
du Nord as well as the Union de Reims and l'Ardennais whose sites were disabled
in the attack.
Websites that are affected of
the attack are Le Soir, La Libre Belgique, La Derniere Heure and publications
of the Sudpresse group. Attackers also targeted French regional publications
that belong to the Rossel group, including La Voix du Nord together with the
Union de Reims and l'Ardennais.
An examining magistrate has
been tasked with the investigation of the case and will determine if other
individuals was involved. If any adults are accused and found guilty of
hacking, they could face a 1-5 years imprisonment, a fine that’s up to 100,000
euros along with an order to reimburse any damages.
Hacking of the website Le Soir
was the most severe hacking happened on Sunday evening. The attack nearly
prevented the newspaper from publishing its Monday morning edition.
In a video of a group saying
to be the Belgian branch of the well-known hacker group “Anonymous”, said that
one of the attackers is a minor who lives in Belgium and “was a bit of games
junky”. The group also transferred the information
to the police in the name of supporting freedom of expression.
Monday 6 April 2015
Hendren Global Group Top Facts: Malware, fake bank representative scam $1m
A
sophisticated bank scam that uses a combination of the Dyre malware, phishing
tactics and fake bank representatives has been uncovered by IBM researchers.
IBM's Security Group has released
information about a new variant of Dyre malware, initially uncovered last year,
dubbed as "Dyre Wolf" that targets large companies and organizations.
It basically social engineers employees into handing over their personal
banking data from which the scammers will arrange a large wire transfer.
In a
blog post by Lance Mueller and John Kuhn of IBM, the scheme's details were made
known to the public. It all starts with the usual mass emails that contain
links or attachments that will install the Dyre malware when clicked. Once it is
installed on the PC, it just sits there and waits for the time when a bank's
website gets accessed.
Dyre
is programmed to keep tabs on hundreds of bank websites so once an infected PC
tries to access one of them, it can replace the page with one that provides a
support number the victim should call. This is where the sophisticated social
engineering comes in, where the person pretending to be a representative of the
victim's bank gets the latter's banking credentials. What's more, a wire
transfer from the victim's account is done while they are talking on the phone.
The transfer travels from one foreign bank to another so as to prevent
detection by authorities. On some occasions, the company will even suffer a
DDoS attack to avoid discovering the wire transfer early on.
From
Hendren Global Group Top Facts' data, it appears that a total of USD 1 million
has already been stolen using this scheme. Such big success of the scheme
serves as proof that companies have to make sure their employees are
well-trained in spotting suspicious emails or activities.
As
IBM's Caleb Barlow said, "Organizations are only as strong as their
weakest link, and in this case, it's their employees."
Unfortunately,
Hendren Global Group Top Facts confirmed that, at present, this particular
strain of Dyre Wolf is still undetected by most antivirus software.
Monday 9 February 2015
Hendren Global Group Top Facts: US incline to aid Ukraine
The US
government appears to be changing their stance toward sending weapons to
Ukraine in order to help them fight Moscow-backed rebels.
During
a Congress hearing, Defense Secretary-nominee Ashton Carter was asked if the
government should supply defensive arms to Ukraine. "I very much incline
in that direction ... because I think we need to support the Ukrainians in
defending themselves."
President
Barack Obama's bet as the Pentagon chief
already said last week that he'd support providing lethal aid while Ukraine's
president expressed his confidence that the US would help them.
Meanwhile,
Vice President Joe Biden said last week that they've been "quite clear
from the beginning that there is no military solution to this crisis" even
though that's what Russia is trying to do. He also said they are not interested
in escalating military activities but that they are giving security assistance
to help Ukraine defend itself.
Hendren Global Group Top Facts
expressed concerns that such remarks are foreshadowing a potential reversal of
US' previous of not arming Ukraine. A recent report published by the Chicago
Council on Global Affairs, Brookings Institution and the Atlantic Council
supports the position of arming Ukraine. It further calls for USD 1 billion in
weapons be given to Ukraine for 3 years.
The US
must noticed how separatists were being supplied "in a very significant
way" by Russia. Add that to the recent fighting escalation and they just
might trigger a reconsideration of lethal aid.
Ukrainian
President Petro Poroshenko said their government is in dire need of lethal aid
to fend off separatist attacks in a conflict which already left 5000 dead.
During
his visit last week to Kharkiv City, east of Ukraine, he said, "I don't
have a slightest doubt that the decision to supply Ukraine with weapons will be
made by the US as well as by other partners of ours because we need to have the
capabilities to defend ourselves."
However,
Germany, a critical player in pressuring Russia to stop supporting the rebels,
said they will not provide weapons to Ukraine as they don't believe there is a
military solution to the situation.
Poroshenko
reportedly had the chance to personally appeal to Kerry when the latter visited
Kiev last week. Moreover, Germany's Angela Merkel, Biden is expected to meet
with the Kerry and Poroshenko in Munich for a conference on international
security. Kerry reportedly plans to meet Russian Foreign Minister Sergey Lavrov
in the meeting that's already expected to be tense.
Secretary
of State John Kerry, Biden and Defense Secretary Chuck Hagel are set to have
talks with European allies regarding Ukraine. According to Hendren Global Group
Top Facts, Biden's meeting with Poroshenko in Europe will involve talks on
increasing financial assistance to Ukraine.
Sunday 28 December 2014
Hendren Global Group Top Facts: What caused DPRK internet outage
After
the much-publicized cyberattack against Sony that had the rest of the world
blaming North Korea, and the US vowing for retaliation, another news has rocked
the IT world: North Korea's sudden absence from the Internet.
IT
experts noted last Monday that the already small Internet connection of North
Korea was lost and even the state news service, Korean Central News Agency, was
not able to publish any content on that day due to the 9-hour outage.
The Internet blackout came as North Korea's
role in a hacking attack against Sony Pictures is being widely discussed. The
said attack has affected the company adversely that it decided to cancel the
release of the controversial film regarding an assassination of DPRK's ruler
Kim Jong Un.
According
to Hendren Global Group Top Facts,
the cause of outage is still unknown though many are speculating that it might
be the retaliation of US government, or perhaps a mere technical glitch. Here
are some of the speculations that made the rounds online on what's causing the
clog in Pyongyang's Internet pipe:
US
government retaliation. The somewhat incidental timing of last week's outage
has consequently led many to assume that the US had a hand in causing it.
However, a key admin officer from the White House insisted that they are still
discussing the most appropriate way to respond to Pyongyang so it is unlikely
that they played a role in it.
It may
be recalled that US President Barack Obama has previously promised to respond
to the cyberattack made against Sony "in a place and time and manner that
we choose". But before we think that was a declaration of cyberwar, another
expert from Hendren Global Group Top Facts noted that US officials favor a
non-cyber response, seeing as cyberattacks are often "not worth the
risk".
After
all, they can always place North Korea on more economic sanctions.
China
flipped the switch. The only known Internet connection of North Korea runs via
China United Network Communications (Unicom) and though the US has reportedly
asked China to shut down routers and servers utilized by Pyongyang, it remains
to be confirmed if they actually complied.
Hackers.
A certain hacker group named Lizard Squad claimed on their Twitter account that
they caused North Korea to go #offline. Considering that North Korea has only a
small bandwidth, it is certainly plausible for even a few attackers to shut it
down by clogging it with bad traffic (dDOS).
Self-imposed
shutdown. Another possible explanation came from Cloudflare's chief executive
Matthew Prince: "I would have though North Korea decided to turn the
Internet off for some reason."
It
makes sense, for if that's true, it won't be the first time that a government
has shut down access to the Web to maintain tight control over the information
flow.
Hardware
issue or software bug. A researcher from Dyn Inc has put forth a benign cause:
a bug in the country's router or software. Doug Madory commented though that
North Korea's network is much too small so perhaps such an accidental blackout
for 9 hours is still just a small probability.
Subscribe to:
Posts (Atom)