Category: Security News

New research into password usage for new accounts during the onboarding process, has revealed a worrying trend where easily guessable passwords are left unchanged for new starters, presenting significant security risks for organisations.

The findings from Secops Software, an Outpost24 company, analysed 651 million compromised passwords which highlighted a list of 120,000 commonly used password for new team members.

At the top of the list was the term “User”, appearing 41,683 times. “Temp” was second appearing “28,469” times with “welcone” ranking third.

Other common terms found were “guest”, “starter”, and “logon” and highlights a serious issue with these phrases being used as security credentials. The need for stronger passwords being used is vital otherwise hackers can crack weak passwords in a matter of minutes.

Darren James, Senior Product Manager at Specops Software, said this about the findings: “Each time you’ve started a new job, there’s a decent chance you’ve been given a temporary password to get you into your system for the first time. These passwords are usually generated by the IT team, and in theory, should be as strong as any other password. Unfortunately, many organizations do not follow the best practices for password security, such as using long and random passphrases. These first day passwords are also often shared in plaintext.

The post Commonly used passwords for new accounts include “User” & “Welcome first appeared on IT Security Guru.

The post Commonly used passwords for new accounts include “User” & “Welcome appeared first on IT Security Guru.

The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individuals familiar with the internet. The technology service, LabHost, aided scammers in sending deceptive messages and directing victims to fake websites resembling legitimate online payment or shopping services.

The criminals obtained identity information, including card numbers and Pin codes, resulting in significant financial losses. Though the exact amount stolen remains unknown, LabHost reportedly generated nearly £1m in profits. In the UK alone, around 70,000 victims are thought to have been deceived into providing their details online, with 25,000 identified victims receiving warning text messages about potential fraudulent sites.

Victims are advised to seek guidance on the Metropolitan Police website, and their cases have been reported to fraud investigators. Personal details discovered in data obtained from LabHost have been secured by authorities.

In light of this story, the cybersecurity community has been positive in hearing this news:

Adam Pilton, Cyber Security Consultant at CyberSmart, and former Detective Sergeant investigating cybercrime at Dorset Police: “This is another fantastic result for UK and international law enforcement. 

“In February, we saw the takedown of Lockbit, the largest ransomware gang. This was an international operation which stemmed from fantastic work by the South West Regional Organised Crime Unit.

“This operation will be no different, and we should not underestimate the amount of work put into operations such as this. It took two years to reach this point and there would have been many people involved. This kind of incident would most likely have started from the intelligence gathered by law enforcement and investigative agencies. 

“This is why it is so important to report cybercrime: Even reporting phishing emails helps to build that intelligence picture, which enables law enforcement to protect us.

“One area of particular concern is the increasing tendency to see cybercriminals offering services to unskilled criminals who want to venture into cybercrime. This, along with the continued evolution of AI means that we must continue to build our cyber defences, staying aware of the latest threats and how we can protect ourselves. As the NCSC stated in their 2023 annual review “We have the information and tools at our disposal to defend ourselves. We just need to use them better.”

 

Martin Kraemer, security awareness advocate at KnowBe4: “News like this is important when they hit the national media. These stories are timely reminders that cybercrime is omnipresent, and it would be foolish to assume that one could not be a target.

“Cybercrime gangs are becoming more common. Law enforcement must reduce the accessibility and attractiveness of online fraud schemes. We must put a stop to the increasing trend of cybercrime turning into an opportunity business for aspiring cyber criminals. Sending out videos to all 800 users of the illegal services to scare them off is therefore a good step by law enforcement.

“Taking down cybercrime networks is the way to go. Shutting down websites alone will obviously not stop people, but seizing their services, and resources, and arresting key people will have an effect.

“Phishing-as-a-service offerings like LabHost contribute to the massive growth of phishing scams worldwide. The quality of these offerings is remarkable. They include entire tool sets to harvest a range of private information including credit card information, multi-factor authentication, or address information. The platform also offered features such as email phishing, SMS phishing, and even management of stolen credentials. Criminals use such service offerings to target businesses and private individuals. Organisations must assume responsibility for empowering their workforce by educating them to make smarter security decisions.

“It is great to see international law enforcement collaborations in taking down cybercrime groups. This is another important step. The first big takedown that tackles phishing after the Lockbit ransomware takedown earlier this year. Phishing is the most used attack vector and ransomware as the most common monetisation scheme are two important areas to tackle. Law enforcement is clearly stepping up the game and rightly so.”

Mayur Upadhyaya, CEO at APIContext: “The recent takedown of LabHost, a service used for online scams, highlights the evolving tactics of cybercriminals and the need for proactive security measures. APIContext commends the collaborative efforts of law enforcement and financial institutions.

“This case emphasises the critical role of robust API security. APIs are often gateways to sensitive data, and the LabHost incident demonstrates how criminals exploit vulnerabilities. Organisations must prioritise API security with advanced protocols to control and monitor access, preventing unauthorised activity like the creation of fake payment services seen in this case.

“Law enforcement’s use of behavioural psychology to deter criminals further emphasises the need for a multi-layered approach to cybersecurity. APIContext advocates for a combination of robust API management, real-time threat detection, and ongoing education to combat cybercrime. This incident serves as a reminder for all sectors to strengthen their defences with comprehensive security frameworks that address both technological and human vulnerabilities.”

Simon Newman, CEO, Cyber Resilience Centre for London & International Cyber Expo Advisory Council Member. “Phishing continues to be the most common type of cyber-attack used by cyber criminals and its impact can be devastating for victims. Clicking on a malicious link that encourages users to input personal information can be used by criminals to commit fraud. This is a fantastic result demonstrating the importance of international collaboration between law enforcement agencies around the world. It also shows the importance of reporting cyber-crime to the authorities with nearly 70,000 victims in the UK alone”

Brian Higgins, Security Specialist at Comparitech: “Crime as a Service (CaaS) has been around for a long time, going back to the days of off-the-shelf banking Trojans, but ever more inventive criminal enterprises constantly research contemporary attack vectors if they think there is money to be made. One more modern aspect of their targeting strategies is to match vulnerable communities with CaaS methodologies and products, as in this case predominantly messaging younger, more tech-immersed victims via Text. Whilst the size of this disrupted operation is fairly small in terms of profit, the tools employed by law enforcement show a distinct evolution in online fraud countermeasures, particularly behavioural science input and follow-up messaging. Multi-jurisdictional physical arrests are also an encouraging impact of any operation of this kind so the deterrent effect, whilst near impossible to quantify, could also be counted as a win for the agencies involved.”

The post Police apprehend global cyber gang implicated in large-scale fraud first appeared on IT Security Guru.

The post Police apprehend global cyber gang implicated in large-scale fraud appeared first on IT Security Guru.

Third-party cyber-attacks remain one of the most significant threats facing organisations across the globe. Most recently, Bank of America, a multinational investment banking and financial services corporation, began notifying customers that a November 2023 hack against one of its service vendors resulted in the exposure of personally identifiable information (PII). 

The breach occurred following a security incident against Infosys McCamish Systems (IMS), a subsidiary of Infosys that provides deferred compensation plan services to Bank of America. According to the IMS notification letter filed with the Maine Attorney General, “On or around November 3, 2023, IMS was impacted by a cybersecurity event when an unauthorized third party accessed IMS systems, resulting in the non-availability of certain IMS applications.” 

The notice revealed that while only 57,028 of Bank of America’s millions of customers were directly impacted in the breach, the PII exposed included Social Security Numbers, credit card and account numbers, as well as names, and addresses. An incendiary mix of data—one that could be easily leveraged by threat actors to launch social engineering attacks against any and all of the impacted individuals. 

Then, on November 4th, IMS notified Bank of America that data relating to their customers may have been exposed. The infamous ransomware gang, LockBit, on the same day claimed responsibility for encrypting over 2,000 IMS systems in the attack.  

“Vendor risk is continuing to become more of a concern,” commented Erich Kron, Security Awareness Advocate at KnowBe4. “Bad actors are finding that attacking the large organizations with significant budgets for cybersecurity and data protection can often be less effective than attacking those that process the same information but may not have the same budget to protect it.” 

 

While Kron explained that using third-party vendors isn’t a bad thing on its own, he also pointed out how “it’s critical to ensure that policies and procedures exist related to the protection of any data being shared. Making sure that contracts define what information is being processed and how long it’s been retained is a very important part of this data management with third parties. In addition, information should be limited as much as possible and anonymized whenever it’s an option.” 

 

Interestingly, this is not the first time Bank of America has been impacted by a third-party cyber-attack. In May 2023, Ernst & Young, an accounting firm providing services to the bank, was hacked by the Cl0p ransomware gang by way of the MOVEit file transfer zero-day exploit. In this incident, personal data like SSNs and financial information of Bank of America customers were also exposed.  

The fallout from the MOVEit hack was explosive, impacting mainly third-party vendors and, as a result, their many, varied customers.  

Indeed, Ray Kelly, fellow at the Synopsys Software Integrity Group, said, “[The MOVEit] issue caused massive amounts of stolen data from large organisations and even the US Government. Ensuring the trust chain between organisations, while not a simple task, is essential to protecting consumers’ private information.” 

Hackers have certainly cottoned on to the weakness of third-party, supply-chain vendors. Where big enterprises like Bank of America most likely have mature cybersecurity protocols, vendors like ISM might not prioritise cyber posture like they ought to. But really—they ought to. The malicious moxie of cybercriminals and cybergangs continues to evolve daily. Vendors can no longer neglect cybersecurity experts.  

As Tom Kellermann, SVP of Cyber Strategy at Contrast Security, commented, “By targeting these less secure vendors [cybercriminals] can successfully compromise major banks. The regulators must mandate higher standards of cybersecurity for shared service providers.” 

 

And yet, this doesn’t dissolve organisations like Bank of America from responsibility either. Sure, ISM (and previously, Ernst & Young) were the actual hacked parties, but it was Bank of America customers that were impacted. Did the bank do its due diligence to ensure that data was being handled by vendors in a sophisticated manner? In the wake of these events, the answer is probably no. The question then becomes: how much longer will banks, enterprises, and even government organisations accept lacklustre cybersecurity standards from their vendors? 

 

Erfan Shadabi, cybersecurity expert with data security specialists comforte AG, commented, “Financial institutions, particularly banks, have long been prime targets for cybercriminals due to the vast amount of sensitive information they hold. This breach underscores the need for financial institutions to adopt a proactive approach to cybersecurity, embracing continuous monitoring and threat intelligence capabilities to detect and respond to threats in real-time.”  

 

Al Lakhani, CEO of IDEE, added, “Protecting the supply chain is critical. Especially when they can cause these kinds of attacks. Therefore, relying on first generation MFA that requires two devices and lacks the capability to prevent credential phishing attacks is a non-starter.  

“To fortify supply chains effectively, they must be protected using next-generation MFA solutions, which protect against credential, phishing and password-based attacks, including adversary-in-the-middle attacks by using same device MFA.” 

Darren James, a Senior Product Manager at Specops Software, an Outpost24 company, commented,When outsourcing services to 3rd parties that handle personally identifiable or sensitive information, both for employees and customer, appropriate risk assessments should always be made.”  

 

In fact, James suggested asking the following questions when it comes to risk assessing third parties:  

  

  • Do they regularly scan for breached passwords? 
  • Do they have strong MFA controls in place especially with access to customer data? 
  • Do they scan the internal and external attack surface of their IT systems? Can you see a summary of recent results? 
  • Where is the data held, under what countries jurisdiction, is your data always encrypted in transit and at rest? 
  • What security, backup, disaster recovery policies and procedures do they have in place? 
  • Do they comply with regulatory requirements for your industry? 
  • What guarantees and insurance do they offer if their systems are compromised? 
  • Do they outsource your data to any other parties? 

 

Sean McNee, VP of Research and Data at DomainTools, concluded, “The deeply interconnected nature of running business online generates tremendous value for consumers and business owners alike, but it also fundamentally changes the threat landscape businesses must defend themselves against. Supply chain attacks such as this highlight the unique challenges operating today. Unfortunately, customers end up suffering long term effects from these events.” 

 

“Stay frosty out there,” McNee warned. The best thing consumers can do is to stay vigilant, alert, and proactive. And—if you are one of the impacted — make sure to take advantage of that free credit monitoring service. 

 

 

The post Cyber gaps in the supply chain — Bank of America breached in another vendor cyberattack first appeared on IT Security Guru.

The post Cyber gaps in the supply chain — Bank of America breached in another vendor cyberattack appeared first on IT Security Guru.

Salt Security, the API security company, has been named the winner of the API Security category in the 2023 CISO Choice Awards. Judged by a panel of distinguished CISOs at large organisations across the world, the CISO Choice Awards honour security vendors who provide top-tier differentiated security solutions, valuable to CISOs and their enterprises. Salt, utilising powerful cloud-scale big data and time-tested artificial intelligence (AI) algorithms, protects APIs across their full lifecycle and delivers the adaptive intelligence required to identify and defend against today’s increasing API attacks.

 

According to the Salt Security State of the CISO Report 2023, 95% of CISOs state that their organisation is making API security a planned priority over the next two years. This comes as API-based attacks continue to increase with 94% experiencing security problems in production APIs within the past year, per the Salt Labs State of API Security Report, Q1 2023. With its signature platform, the Salt Security API Protection Platform, Salt provides CISOs and security teams with deep insights into API threats and vulnerabilities to easily and quickly detect the reconnaissance activity of cyber criminals and block them before they can successfully reach their objective.

 

“Modern applications run on APIs. However, as they are highly complex and still relatively new, many companies do not have robust mechanisms in place to secure them,” said Michael Nicosia, COO and co-founder, Salt Security. “As they often boast access to an organisation’s most sacred assets and data, attackers are increasing their exploits against APIs at an exponential rate. As the first entrant into the API security market, we have developed a solution enriched with mature algorithms and AI to provide organisations with unmatched visibility into their API ecosystem. We are honoured to receive this prestigious recognition by industry CISOs who acknowledge the breadth and depth of our API security offering, ensuring that APIs remain protected at all stages of their lifecycle.”

 

CISO Choice Award judges hail from organisations across industries, and their choices were rooted in first-hand knowledge and insights from building and maintaining their own security programmes. Criteria for selecting the CISO Choice Award winners were clear and based on the experiences and perspectives of end-user executives. By applying its ML and AI algorithms, Salt can capture and baseline all API traffic over days, weeks, and even months, providing real-time analysis and correlation across billions of API calls to protect organisations from API threats.

 

“I would like to congratulate Salt for winning the 2023 CISO Choice Awards API Security Category. The field was exceptionally competitive this year, and our esteemed CISO Board of Judges was very impressed by the level of innovation that solution providers put forth to safeguard our organisations,” said David Cass, CISOs Connect and Security Current President, and Global CISO at GSR.

 

For more information on the Salt Security API Protection Platform or to request a demo, please visit: https://content.salt.security/demo.html.


The post Salt Security Named 2023 CISO Choice Award Winner for API Security first appeared on IT Security Guru.

The post Salt Security Named 2023 CISO Choice Award Winner for API Security appeared first on IT Security Guru.

New research this week has given warning to employees to be on alert to emails seemingly from human resources (HR) as they could be fraudulent. In fact, the findings from KnowBe4’s latest phishing report has highlighted that fraudulent HR emails remain a prevalent tactic employed by cybercriminals.

Such deceptive emails may encompass subjects like alterations in dress code policies, updates on training sessions, changes in vacation policies, or a wide range of other topics.

These deceptive tactics prove effective as they often prompt individuals to react impulsively, bypassing logical scrutiny of the email’s legitimacy. Consequently, they possess the potential to disrupt both an employee’s personal life and professional workday, as cautioned by the company.

Image preview

Holiday Season Phishing Emails

With the year now on the doorstep of ‘Holiday Season’, hackers will also use this time of year to craft phishing messages centered around seasonal events. Notably, four out of the top five email subjects during the quarter were related to Halloween. Furthermore, phishing emails concerning IT and online service notifications, as well as those associated with tax matters, consistently yield favorable results.

Moreover, KnowBe4 also found nearly one in three users are inclined to click on a suspicious link or comply with a fraudulent request.

Cybersecurity is not the sole responsibility of cybersecurity staff, but rather of everyone in an organisation. While there is a shortage of cybersecurity staff it’s important that employees are aware of the dangers out there and be the human firewall to secure data.

The post Be On Alert; That HR Email Could Be A Phishing Email! appeared first on IT Security Guru.

Keeper Security has announced the Keeper Password Manager app for iOS, which features a brand new, more modern User Interface (UI). This highly-anticipated release includes improved usability, smart searching and faster sync times for customers with large vaults, such as Managed Service Providers (MSPs). Promoting a sleek new look and a more intuitive user experience, the updates are designed to make it easier to take advantage of Keeper’s powerful password and passkey management features, with enhanced clarity and searchability.

“We are excited about this update for iOS that will enhance user experience without sacrificing our world-class security,” said Keeper CTO and Co-Founder, Craig Lurey. “The overhaul gives a fresh, updated look with modern styling that is consistent with other Keeper solutions and allows our users to take full advantage of Keeper’s powerful features. Our engineering and design team has done an amazing job increasing the performance and functionality of the app while staying mindful of the importance of the familiarity and consistency Keeper users are accustomed to.”

Keeper has also made iOS device-specific improvements to enhance the mobile app experience. Upon logging in, users are presented with friendly elements and a clean design for easy reading and navigation on smaller screens. Most notable may be the performance improvements demonstrated in the initial login to a large vault – enabling users to sync, view and search their vaults with lightning speed – even if they have tens of thousands of records.

Highlights to the updated UI include:

  • Friendlier Interface: Keeper’s streamlined UI reduces grid lines, and introduces cleaner colours and adjustable panes.
  • Streamlined Usability: More efficient user workflows reduce the number of clicks necessary to complete a task.
  • Accessibility and Inclusion: Upgraded UI provides colours, contrast and font/icon sizes compliant with Web Content Accessibility Guidelines (WCAG) standards.

Just like with Keeper’s Web and Desktop apps, iOS users can now choose record and folder colours for improved organisation, while icons in the app have been updated to be friendlier, more informative and consistent across all of Keeper’s platforms.

The post Keeper Introduces Major Password Manager Update for iOS appeared first on IT Security Guru.

Comparitech recently conducted research into exactly this, looking at the top 100 stadiums in world football around the world, to figure out which football fans are the most watched. They have collated the number of cameras found in each stadium, focusing on the number of cameras recording the public in and around the grounds but excluding those that record and stream matches on television.
Football matches are always closely monitored, whether it be the World Cup, Premier League, the Bundesliga, Major League Soccer, La Liga, or beyond. And football fans travel in their thousands to stadiums to catch a glimpse of their favourite players. For instance, 1,977,824 fans attended the Woman’s World Cup this summer.
What many may not consider is the surveillance systems that are watching their every move, whether upon entry, exit or during the game.
According to Comparitech’s research team:
  • 2 stadiums have over 1,000 cameras–the Luzhniki Stadium in Russia and the Vivekananda Yuba Bharati Krirangan Stadium in India
  • 25 stadiums use facial recognition technology to monitor their fans. A further four have considered and/or are trialing its use
  • 17 stadiums claim that facial recognition is not in use. Certain leagues (e.g. the Premier League) ban stadiums from implementing the technology

Additionally, the top 20 most surveilled football stadiums, based on the number of cameras per 1,000 fans were found to be:

  1. Luzhniki Stadium – Russian National Team/FC Torpedo Moscow – Russia
  2. Turk Telekom Arena – Galatasaray S.K. – Turkey
  3. Vivekananda Yuba Bharati Krirangan (“Salt Lake Stadium”) – Indian National Team – India
  4. Mercedes-Benz Stadium – Atlanta United FC – United States
  5. Donbass Arena – FC Shakhtar Donetsk – Ukraine
  6. Azadi Stadium – Persepolis FC, Esteghlal FC, Iran National Team – Iran
  7. Parc des Princes – Paris Saint-Germain FC – France
  8. Santiago Bernabeu – Real Madrid CF – Spain
  9. Mineirão Stadium – Cruzeiro Esporte Clube/Clube Atlético Mineiro – Brazil
  10. Stade Geoffroy-Guichard – AS Saint-Étienne – France
  11. Mane Garrincha – Legião FC – Brazil
  12. Arena Corinthians (Neo Química Arena) – SC Corinthians Paulista – Brazil
  13. Elland Road – Leeds United FC – United Kingdom
  14. Stamford Bridge – Chelsea F.C. – United Kingdom
  15. St. James’ Park – Newcastle United FC – United Kingdom
  16. First National Bank (FNB or Soccer City) – Kaizer Chiefs FC – South Africa
  17. Itaipava Fonte Nova Arena – Esporte Clube Bahia – Brazil
  18. The Maracana – Fluminense FC, Clube de Regatas do Flamengo – Brazil
  19. Stade Pierre-Mauroy (Decathlon Arena) – LOSC Lille – France
  20. Estádio Cícero Pompeu de Toledo (Morumbi) – São Paulo FC – Brazil

As the findings suggest, surveillance is growing under the guise of providing protection to the public. That being said, another study on the most surveilled cities in the world, indicates that there is no correlation between the number of cameras in a city and the existing crime rates.

Ultimately, CCTV cameras are useful for deterring and solving crime, but they are also an invasive surveillance tactic, which is exacerbated by the use of technology like facial recognition.

The post The most surveilled football stadiums around the world appeared first on IT Security Guru.

Cato Networks has announced today that Gartner, Inc. has recognised the company as a Challenger in the Gartner® Magic Quadrant™ for Single-Vendor SASE.

“We are SASE. Four years before SASE was even defined, Cato was founded on the vision of converging networking and security into single, global, cloud service,” said Shlomo Kramer, co-founder and CEO of Cato Networks. “We have spent every moment since then building the Cato SASE Cloud, one platform that seamlessly and effortlessly connects and secures any user or location to any application, anywhere in the world, at any scale, with full resiliency. It’s the fulfillment of a vision we call the ‘Cato Experience.’

This recognition comes after an incredible week for Cato.  Cato saw recognition as the SASE “poster child”  and “Leader” by Forrester Research in the Forrester Wave™: Zero Trust Edge Solutions, Q3 2023 Report. Zero Trust Edge (ZTE) is Forrester’s name for SASE.  Cato also announced that it was selected by Carlsberg, the world-famous brewer, for a massive global SASE deployment spanning 200+ locations and 25,000 remote users.

“Cato is so much simpler to deploy and use than competing solutions. We started referring to them as the Apple of networking,” says Tal Arad, Vice President of Global Security & Technology at Carlsberg.  Carlsberg joins Häfele, Vitesco, O-I Glass, and other global multinationals to adopt Cato SASE Cloud.

Cato SASE Cloud: The SASE Platform Loved by IT Leaders

Cato has been relentless in its focus on developing a true SASE platform that enables IT to operate at the speed of business. It’s that focus that has led Cato to fulfil the vision of SASE: Converging the capabilities enterprises require, packaged in a way that can be consumed by every organisation, anywhere in the world, no matter their size, resources, or skill sets.

The Cato Experience  is this commitment to introduce the most sophisticated security and networking capabilities demanded by enterprises but only in a way that they operate seamlessly together, at scale, under all conditions, anywhere in the world.

It’s a focus acknowledged by industry leaders and appreciated by our customers. On Gartner Peer Insights™, Cato SASE Cloud has an overall rating of 4.7 out of 5 for single-vendor SASE from 77 verified reviews as of 21st August 2023. Not only is that the highest rating of any single-vendor SASE platform but it’s also based on 10x more reviews than any other vendor in the Single-Vendor SASE market.

“Our experience with Cato has shown that they are a ‘security first’ company that truly listens to their customer base and implements changes based on their feedback. We’ve been very impressed with the continued development of their product, the quality of their service desk, and the assistance from our account team,” writes one VP of Technology Infrastructure Services.

“We’ve had the perfect experience with the Cato project. Product evaluation, final selection, implementation, and support have been first-class. The end result has shown an improvement in the service delivered to our end users of around 200%,” writes an ICT director at a construction firm.

The post Cato Networks: Challenger in Gartner Magic Quadrant for Single-Vendor SASE appeared first on IT Security Guru.

Over the past couple of years, the cost of living in the UK has increased significantly. The annual rate of inflation reached 11.1% in October 2022, which was the highest we’ve experienced for 41 years. Consequently, small to medium sized enterprises (SMEs) have found themselves struggling to stay above water, as the cost of sustaining their operations continuously increases.

In fact, a recent study has shown that over 1 in five UK SMEs (21%) are worried that their business will not survive the current economic uncertainty or expect they will have to make a significant business pivot in order to survive. There are approximately 5.5 million SMEs in the UK, and according to the survey this would potentially leave 1.155 million businesses in a precarious position and risk of collapse.

Remarkably, the survey also revealed that some SME senior leaders would go to great lengths to ensure the survival of the business, from engaging in cybercriminal activity and committing accounting fraud to neglecting compliance requirements.

Among the activities that SME senior leaders would consider engaging in, are committing account fraud and lying to bankers/investors to secure funding or committing tax fraud/evasion (15%). Additionally, 14% admitted that they would cut employe salaries or benefits while 11% would leverage proprietary information from partners or clients, like selling off their data. 11% also said they would neglect compliance requirements due to the additional costs they incur. A concerning 10% even admitted they would engage in cybercriminal activity such as hitting a rival company with a cyber attack. Lastly, 9% would mortgage their house to pay for costs.

The results also showed that a third of SMEs have either decreased cybersecurity spending since the economic uncertainty or admitted to never really investing in it. In fact, as many as 42% of SME senior leaders do not believe it is worth investing in cybersecurity, with over 1 in 5 (21%) believing they are not a target. A further 16% claim it is not worth it because they have cyber insurance and 10% assert it is not a priority. Only 25% realised it was worth investing in cybersecurity because they could not afford to be breached.

“As a business owner myself, I can understand the pressure many SME decision-makers are currently facing to keep their companies running and ensure their employees are taken care of, all while budgets tighten. It is during these times that emotions run high, and people might make irrational decisions that go against their own, and their company’s, best interest,” said Jamie Akhtar, CEO and co-founder of CyberSmart. “It goes without saying that we would never condone criminal behaviour. Moreover, we would strongly recommend that businesses do invest in cybersecurity and compliance.”

 “The business ecosystem has become highly intertwined, so no business is immune from cyberattacks. In fact, SMEs could prove to be an easy entry point for cybercriminals looking to hit others within their supply chain, if they have weak cybersecurity postures,” Akhtar continued. “While cyber insurance is important for risk transfer, it should not be relied on either. A comprehensive and continuous cybersecurity and compliance strategy is needed to avoid the financial, reputational and even, physical repercussions of a breach. Fortunately, there are solutions today that can help in doing so, without breaking the bank.”

The post Economic uncertainty leaves over 1 mil UK SMEs at brink of collapse appeared first on IT Security Guru.

Cybersecurity firm Rootshell Security has had a busy month, earning recognition for its recent work that led to the identification of three significant vulnerabilities within Microsoft’s suite of applications.

 

Its RedForce team, known for a persistent commitment to a safer digital world, has been instrumental in uncovering the vulnerabilities, officially known as Microsoft Outlook Spoofing Vulnerability (CVE-2023-33151), Microsoft OneNote Spoofing Vulnerability (CVE-2023-33140), and Microsoft Power Apps Spoofing Vulnerability (CVE-2023-32024). The flaws could have had potentially dire implications for users worldwide if left unnoticed.

 

These vulnerabilities, characterised by their potential to enable an attacker to spoof a user interface, could have misled users into believing that they were interacting with legitimate data or applications when, in fact, they were not. Microsoft, acknowledging the severity of these vulnerabilities, has been swift in implementing and deploying patches to safeguard its global userbase.

 

“We’re incredibly proud of our team’s achievement. Our main focus is, and will always be, ensuring a safer digital environment,” stated Shaun Peapell, VP of Global Threat Intelligence for Rootshell Security. “Our recent recognition from Microsoft underscores the valuable role we play in protecting the digital landscape.”

 

“Recognising these vulnerabilities, addressing them, and working closely with Microsoft to ensure they are patched directly impacts the security and peace of mind of millions of users worldwide,” said Shaun. “This accomplishment is a testament to the expertise and dedication of our team, reinforcing Rootshell Security’s position at the forefront of cybersecurity.”

 

The company says it continues to extend its collaborative efforts with other industry leaders, constantly striving to uncover potential cybersecurity threats.

The post Rootshell Security works with Microsoft to identify three vulnerabilities appeared first on IT Security Guru.