security

state of cybersecurity in 2021

covid-19 changed the world, risks evaluated diffently, top trio of most critical scenarios for companies are business interruption for sure pandemic outbreak (again or further) and gain a top concern are cyber incidents

source: https://www.agcs.allianz.com/news-and-insights/reports/allianz-risk-barometer.html

every 39 seconds happens a cyber attack, on average, 2,244 times a day – your should be aware of and please don’t use common useraccounts and passwords

source: https://eng.umd.edu/news/story/study-hackers-attack-every-39-seconds

protact private devices, utalize BYOD and enable your workforce, take care with data loss prevention against insider as well as external attacker

source: https://pages.bitglass.com/cd-fy20q3-bringyourowndevice_lp.html?_ga=2.235220038.618124391.1595289181-1524125646.1582567517?&utm_source=blog&hsCtaTracking=cd233e49-f2ba-4af6-82ba-924b704c2fe9%7C4f956294-2451-4a11-bee2-609ab19d370c

NCSC warns for VPN vulnerabilities, get up-to-date and prepare for future demands, 60% of companys will eleminate VPN in favour of cloud until 2023

source: https://www.ncsc.gov.uk/news/alert-vpn-vulnerabilities

source: https://www.gartner.com/teamsiteanalytics/serveP DF?g=/imagesrv/media-products/pdf/Qi-An-Xin/Qi-An-Xin-1-1OKONUN2.pdf

cloud first, when your users aren’t inside your perimater, why should the data, prepare to migrate as 80% other will shut down datacenter until 2025

source: https://blogs.gartner.com/david_cappuccio/2018/07/26/the-data-center-is-dead

new changes, news technologies – support your workforce and prevent credential related attacks with passwordless technologies #ZeroSignOn

source: https://enterprise.verizon.com/resources/reports/2020-data-breach-inves tigations-report.pdf

as well, all facts are shown in video below (german)

security

the state of cyber security in 2020

let’s get an overview about actual threads in 2020 – especially regarding spaming, phishing, whaling, vishing, etc.

30,000% increase in #COVID19 threats

The Evil Internet Minute 2020

as Jack Johnson already sang “Well I was sitting, waiting, pishing” … *just kidding*

phishing

is the primary way malicious actors trick people into downloading malware, which ultimately can allow attackers to access their organization’s network and steal sensitive corporate data

alongside with COVID19 phishing raised in importance and is further growing

since then google added proactive monitoring in place for COVID-19 related malware and phishing – 63% of the malicious docs blocked and block more than 100 million phishing emails per day with Machine Learning

Safari/iOS

it’s Safe Browsing feature also use Google, but be aware that “These safe browsing providers may also log your IP address”

Screenshot from Safari Setting at iOS

chrome

since a hyperlink doesn’t always target the name of the link, often pointing to another website URL

<a href='https://attack.com'>https://safe.com</a>

chrome is experimenting to easy spot spoof to determine the identity and authenticity of a site @blog

android

an example: an android app offers Coronavirus Safety Mask but delivers SMS trojan @zscaler

machine learning

“ML is rapidly becoming core to organizations’ value propositions (with a projected annual
growth rate of 39% for ML investments in 2020)” and it’s only natural that organizations
invest in protecting their crown jewels – Cyberattacks will further ultilize Artificial Intelligence (AI) @Microsoft Digital Defense Report

spear phishing vs. whaling

more tragetet with a reference to company, project or proposal – while whaling targets CEOs, CFOs, and other executives to gain access or steal bitcoin, with reported success rate up to 90% – even froms attackers that “not extremely technically advanced” @decrypt

new domains aren’t blocked and look as from corporate @zscaler

vishing

“criminal phone fraud, using social engineering over the telephone system to gain access to private personal and financial information” targeting remote workers with social engineering and fake VPN page – the FBI warn in an Advisory

ransomware

it has been sneaking into our world at a remarkable rate, huge increase in the daily average of ransomware attacks, compared to the first half of the year – parallel is malware 39% down overall … “but trending upward”

Denial of Service

25% increase during the pandemic lockdown – unprecedented number of shorter, faster, more complex attacks – Hidden Impact: consume payed bandwidth & throughput

stay secure and healthy – both private and business

… use 2-Factor-Authentication

switch to modern authentication – sms as second factor is insecure

not only since twitter ceo jack dorsey was a victim with activated additional sms authentication for it’s account – now twitter disabled “temporarily” the ability to tweet via sms …that phone numbers and sms’s were not designed to be used as two-factor authentication systems, as they are insecure. Fabio Assolini, Senior Security Researcher at Kaspersky… Continue reading switch to modern authentication – sms as second factor is insecure

apple

jailbreaking made easy for everyone [update: fix out now]

even with the current release of iOS13.5 it is possible to jailbreak an iOS device, to either customize your design or even worse to get around systemlevel security

  • first your need to download AltStore, also sideload any ipa without a jailbreak
  • trust App as developer in settings on your device
  • open unc0ver.dev and select “Open in AltStore”
  1. open unc0ver to perform jailbreak
  • done, now check Cydia App for Tweaks e.g. OpenSSH
we’re connected via putty

but in my opinion…

  • require a desktop macOS/Win10/LInux perform
  • AltServer works just for a single device at a time
  • unc0ver needs to be excuted after a device reboot
  • iOS 13.5.1 beta already fixed is [update: is fixed right now]
  • minor benefit for personal
  • enterprise are aware of this issue and scan device with UEM and Advance Thread Detection

it will always be a cat-and-mouse game