3 Tips and Tricks to Reduce Your Cybersecurity Risk

3 Tips and Tricks to Reduce Your Cybersecurity Risk

The number of firms that fall prey to cyberattacks continuously grows every year. The epidemic has also shown a spike in hacked and compromised data, with remote employees creating a security breach in 20 percent of firms. While falling prey to such assaults is not always directly connected with an organization’s lack of security, there are strategies to enhance organizational and individual practices to assist reinforce security and drastically minimize risk. In this post, we have highlighted three techniques to lessen the danger of cyberattacks.

1. Investing in Cyber Security & IT solutions

A cyber-attack may bring your firm to its knees. If you cannot access your own systems networks, you can’t possibly conduct business. It is thus necessary to invest in the correct sort of technological infrastructure that can safeguard you from assaults and cyber thieves. You can source cybersecurity from managed IT service companies for reliable services.

Investing in your staff, helping them upskill via cyber incident response online courses, and enabling them to expand their general knowledge linked to cybersecurity may also go a long way in enhancing productivity. It is a well-known reality that when workers feel that their expertise is being strengthened and the firm invests in their development, they feel more inspired to perform better at their professions.

In the case of cyber security training, it pays off twice the returns since your staff will not simply be more motivated to perform at work. They’ll also have the essential information to adjust their conduct healthily from a security standpoint. They’ll be less likely to click on dangerous links and download suspicious files and more likely to know what to do in case an unintended error does occur.

2. Monitor the risk environment

Risk specialists should regularly evaluate possible risks and study new patterns as they occur to decide what will be most likely to affect the firm. Quantify exposures and vulnerabilities on a big-picture scale to build a full knowledge of the risk environment.

New cyber risk factors might include a shift in popular hacker techniques, a newly detected weakness in the security system, or an upgraded technology that makes present systems out-of-date.

A transfer is possible via cyber liability insurance. A new trend soon projected to be as common as ordinary liability insurance. This insurance may cover interruption and recovery charges, liability claims, cyber theft and extortion fees, and more. Allianz Group’s Guide to Cyber Risk examines cyber risk policies in depth.

Each unique risk may lend itself to one or more of these tactics; the right response may be created via experience and industry expertise.

3. Prepare staff

It’s crucial to underline that cyber risk is not entirely the responsibility of the risk department or IT. The risk management role should no longer be isolated; all departments should be encouraged to participate.

All personnel should be informed and educated to behave most suitably about cyber dangers. The risk team should aggressively increase awareness of problems and foster a safety culture. The cyber risk protocol should be thoroughly defined, and the human aspect of cyber risk: many breaches occur from an inside source, whether from an accidentally established vulnerability or purposeful malevolent activity.

One typical problem that emerges from workers is social engineering, which employs tactics like phishing to deceive individuals into exposing personal information. Working with workers on cybersecurity decreases the possible incidence of both of these situations.

When clients know that a company website is safe and the firm has a track record of protecting customer data thoroughly, they are more inclined to make purchases/buy services. Modern customers are incredibly alert and careful when it comes to their data protection & security. They recognize the significance of their sensitive data and the implications that might ensue if that data is exploited. Hence, companies that have incorporated good cybersecurity and IT support solutions into their everyday operations often fare better in the long run since customers feel secure when shopping with them.

Cybersecurity risk mitigation is a work that should never actually finish since new threat actors are entering the scene quickly. To keep today’s dynamic environments secure, enterprises will need to adopt proactive cybersecurity monitoring to guarantee that threats are being recognized and remediated as rapidly as feasible.

How Frauds Are Costing Agencies Millions

You know how disheartening a fraudulent payment can be if you have experienced it in your agency. A recent study showed that a typical agency loses close to six percent of its yearly income to fraudsters. Times have changed, so all agencies need to acknowledge the risks of fraud and take necessary action.

Agencies can use fraud deterrence to know the cause of fraud and eliminate it. Fraud deterrence lies in the belief that the fraud occurred in the right condition, not by accident.

Financial loss is the main effect of fraud in any agency. It is hard to track where every penny goes in a business because businesses have become more complex. Investors avoid brands that deal with frauds because they do not trust them.

The tiniest slip downwards can lead to a reduced client number, even though you offer high-quality services. Below is everything you need to know about fraud in a business. If you ever ask yourself what is billing fraud? or What is bot fraud? This guide is for you.

How Frauds Cost Agencies Millions

Frauds cost companies millions yearly, but its effect goes beyond. Fraud fallout ruins an agency’s reputation and breaks clients’ trust in the agency. Fraud is becoming more popular because fraudsters have become more innovative.

Your brand is at risk of many frauds, such as professional fraud and client fraud. The total amount lost to these frauds varies from one agency to another, but it still has the same result – financial loss.

Many duties come with owning and managing a successful agency, but fraud detection does not appear at the top of the list. The agency owners might fail to acknowledge the fraud threat mainly if they have long-term employees. Some known frauds to an agency include:

  • Skimming – this is when employees take money from a client but do not record it.
  • Billing fraud – creating another brand and sending invoices for non-existing items.
  • Check to alter – this is using an agency’s checks to steal outgoing items.
  • Corruption – this is taking part in extortion or bribery in exchange for services.

Most frauds are undetected, and they have negative effects on an agency like:

  • Ruining the agency’s reputation – news of fraud in your agency will reach many people, and this will tarnish the organization’s name. Remember that a tarnished name means no client dealings, meaning you will lose a lot of money in the process.
  • It prevents the agency from attracting sponsors and employees – very few sponsors would want to work with an agency with fraud scandals. You might lose millions in endorsements if you do not prevent a fraudulent attack.

Workers also want a trustworthy work environment, meaning you might fail to attract them.

  • Frauds might also make the agency compromise banking covenants. They can also make the company fail to retain its competitive advantage.

How to Prevent Fraudulent Attacks

Private agencies are the main targets for fraud, according to recent research. These agencies can use the following tips to prevent a fraudulent attack:

  • Make permanent “footprints” in the financial system
  • Question things that look strange to the agency
  • Use two unrelated parties whenever there is a money flow in the agency

How Can You Detect and Prevent Fraud?

To prevent fraud in your agency, you first need to have a strong management team that lives by honesty and integrity. Workers should have easy access to resources, and they should blow the whistle whenever they detect any suspicious activity.

A good management team will also prevent fraud by creating a positive working environment. In addition, they will staff the important departments with the right employees. Even though fraud is not the main priority in an agency’s development, it is impossible to ignore it, or else you will face dire consequences.

How to Keep Your Agency Free From Frauds

First, it would be best to ensure you manage your funds well, starting with the bank accounts. It would help if you also made sure an individual who is not entangled with disbursements does the bank reconciliation process.

It is also advisable to make sure the bank statement is handled by a person who has not taken part in the agency’s functions.

Frauds make agencies lose millions every year. It would be best if these agencies took the necessary steps to fight fraudulent activities.

Why Cyber Security Is Integral for eCommerce Success

Photo by Negative Space from Pexels covered by the Creative Commons Zero (CC0) license

Why Cyber Security Is Integral for eCommerce Success

There’s a lot of money to be made in e-commerce. This is demonstrated by the fact that online shopping continues to expand even while other sectors of the economy do not. However, operating an e-commerce business is extremely different from running a brick-and-mortar store. Unlike brick and mortar operations, many of the biggest threats to your business may be completely invisible to you and originate from thousands of miles away. If you want to succeed in e-commerce, cybersecurity is absolutely integral to your business’s long-term survival.

Your Customers Could Be Targeted

While upholding high standards for cybersecurity is important for any business, it is even more important for companies that sell goods and services over the internet. These businesses are especially at risk of having sensitive data connected to customer accounts and transactions accessed and leaked after a security breach. When this happens, the results can be disastrous. Your customers could be defrauded of thousands or even millions of dollars after their identities are stolen using this information. After that occurs, you may end up on the receiving end of a class-action lawsuit. If you did not uphold high cybersecurity standards in your company, you will likely be found negligent in court and be forced to pay out large sums of money for the damage that was done by those hackers and cybercriminals. Your business may not be able to survive the fallout. The average cost of a business-targeted hack is $200,000.

You Need to Have a Cyber Security Framework in Place

Unfortunately, most business owners lack the expertise to institute working cybersecurity protocols for their own businesses. That is understandable. The technology and software in question is extremely complex and requires a high level of technical expertise and knowledge to understand and operate. This is why you should consider implementing the NIST cybersecurity framework when developing your cybersecurity programs instead of going about it on your own. NIST stands for National Institute of Standards and Technology. The NIST is part of the US Department of Commerce and helps to create standards, regulations, measurements, and more for the benefit of technological advancement in the United States in both regards to the government as well as American businesses.

In regards to your own business, using the NIST cybersecurity framework can be extremely advantageous due to the functions it provides for your company. NIST CSF functions should include the ability to better identify potential gaps in your own network, systems, and assets that could lead to a security breach. The system can allow you to better protect the confidentiality of sensitive data. It can allow you to detect threats in real time and allow you immediately respond to cybersecurity events before they cause significant damage. It can allow you to immediately restore any services or capabilities after such an event as well. You will be able to much better weather any kind of security event, intrusion, or attack.

You Could Lose Your Credibility as a Business

Business relationships of any kind involve a great deal of trust to maintain. The relationships customers build with the businesses they purchase products or services from indeed involve a good amount of trust. Those customers trust that they will receive what they pay for without any unexpected negative consequences. After a significant hack, this trust can quickly evaporate. Consumers may assume it is too risky to even visit your online store to make a purchase. The same can be said of other companies you do business with. Vendors, suppliers, and other partners expect that you will run a professional operation in which the sensitive data they share with you will not be leaked to bad actors. If that trust is broken, it could lead to the loss of business relationships you need to compete in your market.

Overall, you don’t really have a choice when it comes to whether or not you should place a strong emphasis on cybersecurity for your e-commerce business. If you don’t, you will certainly be targeted by hackers and cybercriminals. The results of that negligence could be disastrous for your company. If you want to survive in the long term, implementing strong cybersecurity protocols is an absolute necessity. Consider integrating the NIST cybersecurity framework and other measures to ensure that your company is protected.

Windows Update April 2021 Edition

Patch Tuesday includes updates patching 110 vulnerabilities, of which 88 are important and 19 critical. There are 19 Elevation of Privilege, 17 Information Disclosures, 55 Remote Code Executions, 9 Denial of Service, 6 Security Feature Bypass, and 2 Spoofing Vulnerabilities patched with this update.
Some of the most interesting patches are yet another update of the Microsoft Exchange server. Some of these vulnerabilities were brought to you courtesy of the NSA rating the high end of the CVSS rating system at 9.8 each. The other two rank 8.8 and 9.0 respectively. All Four of the vulnerabilities that affect the Microsoft Exchange server are considered critical Remote Code Execution vulnerabilities, but also are labeled to include High Compromise in Confidentiality, Integrity, and Availability of the affected product. These Microsoft Exchange server vulnerabilities are addressed in CVE-2021-28480(9.8), CVE-2021-28481(9.8), CVE-2021-28482(8.8), and CVE-2021-28483(9.0). These affect Microsoft Exchange server versions 2013, 2016, and 2019.
The CISA has issued an alert to Patch Microsoft Exchange Servers Immediately and wishes to clarify these patches are in ADDITION to the Patches from last month and are just as dangerous, but just have not been exploited yet.
The update patch for Windows 10 does have some interesting updates. One update includes a patch which “(a)ddresses an issue in which a principal in a trusted MIT realm fails to obtain a Kerberos service ticket from Active Directory domain controllers … This occurs on devices that installed Windows Updates that contain CVE-2020-17049 protections and configured PerformTicketSignature to 1 or higher. These updates were released between November 10, 2020 and December 8, 2020. Ticket acquisition also fails with the error, “KRB_GENERIC_ERROR”, if callers submit a PAC-less Ticket Granting Ticket (TGT) as an evidence ticket without providing the USER_NO_AUTH_DATA_REQUIRED flag.”
Another patch resolves an issue in CVE-2020-1036 brought up by a security researcher concerning the RemoteFX vGPU feature and this patch actually deprecates the feature. Microsoft if wanting to use vGPU use the Secure vGPU feature that is included in the Discrete Device Assignment (DDA) in Windows Servers 2016 and 2019.
An elevation of privilege vulnerability addressed in CVE-2021-27092 This is an Azure Active directory Web sign-in vulnerability which “allows arbitrary browsing from the third-party endpoints used for federated authentication”.
CVE-2021-28310 is a “Win32k Elevation of Privilege Vulnerability” in the Windows Desktop Manager discovered by Boris Larin of Kaspersky which is currently being exploited in the wild with a CVSS score of 7.8. This vulnerability is an out of bounds write vulnerability in the Desktop Windows Manager that allows an attacker “to write controlled data at a controlled offset using DirectComposition API. DirectComposition is a Windows component that was introduced in Windows 8 to enable bitmap composition with transforms, effects and animations, with support for bitmaps of different sources (GDI, DirectX, etc.) ”. Full writeup of this vulnerability is in Boris’ blog post here.
There are a total of 27 Vulnerabilties in the Remote Procedure Call Runtime with 15 Important and 12 Critical Impacts listed. All of these vulnerabilities are remotely exploitable and all have a CVSS score of 8.8. A remote attacker maybe able to make a specially crafted RPC request that allows for Remote Code Execution on the targeted machine. It is possible that the higher Criticality levels of these RPC vulnerabilities are for higher privileged access, though it is unclear due to the description of these vulnerabilities provided by Microsoft. Microsoft has listed Yuki Chen as the security researcher who found 26 of the 27 vulnerabilities.

Important Critical
CVE-2021-28434CVE-2021-28343
CVE-2021-28358CVE-2021-28339
CVE-2021-28357CVE-2021-28338
CVE-2021-28356CVE-2021-28337
CVE-2021-28355CVE-2021-28336
CVE-2021-28354CVE-2021-28335
CVE-2021-28353CVE-2021-28334
CVE-2021-28352CVE-2021-28333
CVE-2021-28346CVE-2021-28332
CVE-2021-28345CVE-2021-28331
CVE-2021-28344CVE-2021-28330
CVE-2021-28342CVE-2021-28329
CVE-2021-28341 
CVE-2021-28340 
CVE-2021-28327 
Remote Procedure Call Vulnerabilities

A couple of Windows Media decoder vulnerabilities in CVE-2021-27095 and CVE-2021-28315 allow for an attack to host a specially crafted website and trick a user into visiting it to exploit these vulnerabilities. These vulnerabilities rank a 7.8 on the CVSS rating system. These Vulnerabilities were discovered by yangkang(@dnpushme)
There is an Azure Active Directory Web Sign-in vulnerability addressed in CVE-2021-27092 “Addresses a potential elevation of privilege vulnerability in the way Azure Active Directory web sign-in allows arbitrary browsing from the third-party endpoints used for federated authentication.” This vulnerability has been assigned a CVSS score of 6.8.
Other windows component updates include Microsoft Office, SharePoint, DNS Server, Microsoft Edge (Chromium), Windows Speech, Windows Diagnostics Hub, Visual Studio, AppX Deployment Extensions, Event Tracing, Windows Installer, Windows Kernel, Windows Resource Manager, Portmapping, Registry, Remote Procedure Call Runtime, NTFS, Network Files System (NFS), SMB, and TCP/IP.
Microsoft removed the old Microsoft Edge web browser in this update, if it hasn’t already been removed and installed the new Microsoft edge in its place.
Also a note, if you are using Windows 10 version 1909 it goes end of life next month at the next windows update Patch Tuesday. So, may be a good time to upgrade your version 1909 to the latest version of windows 20H2.

Sources:
https://krebsonsecurity.com/2021/04/microsoft-patch-tuesday-april-2021-edition/


https://www.zdnet.com/article/microsoft-april-patch-download-covers-114-cves-including-new-exchange-server-bugs/


https://msrc.microsoft.com/update-guide/releaseNote/2021-Apr


https://msrc.microsoft.com/update-guide/


https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28481


https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-28480


https://www.ghacks.net/2021/04/13/microsoft-windows-security-updates-april-2021-overview/


https://support.microsoft.com/en-us/topic/april-13-2021-kb5001330-os-builds-19041-928-and-19042-928-cead30cd-f284-4115-a42f-d67fec538490


https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2020-1036


https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28310


https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-28315


https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-27095


https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/


https://techcommunity.microsoft.com/t5/exchange-team-blog/released-april-2021-exchange-server-security-updates/ba-p/2254617


https://msrc-blog.microsoft.com/2021/04/13/april-2021-update-tuesday-packages-now-available/

https://us-cert.cisa.gov/ncas/current-activity/2021/04/13/apply-microsoft-april-2021-security-update-mitigate-newly


https://securityaffairs.co/wordpress/116767/uncategorized/exchange-server-flaws-nsa.html


https://securelist.com/zero-day-vulnerability-in-desktop-window-manager-cve-2021-28310-used-in-the-wild/101898/


https://www.computing.co.uk/news/4029847/microsoft-patches-zero-day-bugs-april-2021-patch-tuesday-update


https://www.tomsguide.com/news/microsoft-patch-tuesday-april-21

533 Million Facebook accounts exposed Phone numbers, Facebook ID, and other sensitive data

Data from FaceBook Hack Re-emerges its ugly head with free give-a-ways of the data on the Dark Web / Hacker Forums

On April 3, 2021, Alon Gal, the CTO of Hudson Rock (which is a cyberintelligence firm), reported via twitter that 533 Million records of Facebook users Is posted in a Hacker forum for free.

According to Facebook via a Bleeping Computer Article, this is a hack from August 2019.

Facebook told Bleeping Computer “This is old data that was previously reported on in 2019. We found and fixed this issue in August 2019”.

Facebook responded to this news stating that the hack is not new and they have already fixed the problem with the “Add a Friend” feature that allowed the phone #s and other data out.

It is unknown at this time if this “Add a Friend” feature gathered all the information, or if the phone #s were just added to an already existing scrape of Public Profile data. The hacker used to sell the information via a bot using Telegram messaging for just a few dollars a record. The data maybe from 2019, however, most people have not changed or cannot change the information that is in Facebook such as FaceBook ID, Birth Dates, Full names, Locations, Previous Locations, Phone numbers, Employers, some email addresses, and provided Bios from the user.

Even the Facebook Founders Mark Zuckerberg, Chris Hughes, and Dustin Moskovitz are also included in the breach showing most of the above information. But, now the Hacker is offering the information for free.

Hacker claims 106 countries were affected including the Egypt with 44 million, Italy 35 million, United States with over 32 million, United Kingdom 11.5 Million, India 6 million, Turkey 19.6 Million, Tunisia 39 Million, Mexico 13.3 Million, Germany 6 million, Saudi Arabia 28.8 million and many more records stolen from many other countries.

If you would like to see if you have been affected by this breach, Haveibeenpwned also has the information. HaveIBeenPwned is a good site to find if your information is included in a breach or not. The site also gives pertinent information about the breach and what information was exposed and when. However, the site was recently only searchable by email address. Since only 2.5 million email addresses were included in this breach, HaveIBeenPwned has now added international phone numbers to the search for breaches so you can see if you have been affected by this breach by phone or by email.

Sources / More Information

https://www.bleepingcomputer.com/news/security/533-million-facebook-users-phone-numbers-leaked-on-hacker-forum/

https://www.businessinsider.com/stolen-data-of-533-million-facebook-users-leaked-online-2021-4?r=US&IR=T

https://www.msn.com/en-us/news/technology/how-to-check-if-your-facebook-account-was-hacked-in-the-massive-breach/ar-BB1fjIHM

https://www.vice.com/en/article/xgz7bd/facebook-phone-numbers-bot-telegram

https://haveibeenpwned.com/PwnedWebsites#Facebook

Previous Breach Information