Today's Tech Digest - Mar 20, 2020

How to Spot Disruption Before It Strikes

In this modern age, everything is interconnected, which means that if you’re trying to see the future of one thing — let’s say your field — you really do have to pay attention to developments in adjacent areas to see which connections will catapult change forward into the future. That means you have to pay attention to things like wealth distribution and education. And in both of those cases, we’re talking about who has access to what. Are there groups that are gaining more agency and ability where they live? Are there changes happening to regulations and to permissions? Essentially, this new app was a way to help people make money while they sleep. Gollum got its idea from something that existed in the ’90s and in fact still exists today. In the ’90s, while you were asleep, you could donate the unused compute power of your computer to others — to researchers and academics who needed supercomputing networks but maybe couldn’t afford to get access to one. So instead, there were these distributed networks of computers all around the world where people had donated their unused compute time while they were asleep, for great projects.

Attack Surface, Vulnerabilities Increase as Orgs Respond to COVID-19 Crisis

Predictably, a lot of the activity has involved phishing and social-engineering campaigns where COVID-19 has been used as a thematic lure to get people to click on malicious attachments and links in emails or to download malware on mobile and other devices. There have also been reports about account takeover and business email compromise activity, a growth in domains serving up drive-by malware, and attempts to exploit virtual private networks (VPNs) and other remote access tools. The danger posed by these threats has been exacerbated by new requirements for "social distancing" and the resulting push by many organizations to widen or implement telework capabilities for their workforce. The sudden COVID-19-related surge in the use of videoconferencing, remote access, and VPN services — especially at organizations that have not used them before — is giving attackers more targets to go after and defenders a lot more terrain to protect.

France warns of new ransomware gang targeting local governments

CERT-FR said it is still investigating how the Pysa gang is gaining access to victim's networks. However, forensics clues left behind paint a picture of what could have happened on some of the infected/ransomed networks. For example, CERT-FR said there was evidence suggesting that the Pysa gang launched brute-force attacks against management consoles and Active Directory accounts. These brute-force attacks were followed by the exfiltration of a company's accounts & passwords database. Victim organizations also reported seeing unauthorized RDP connections to their domain controllers, and the deployment of Batch and PowerShell scripts. Furthermore, the Pysa gang also deployed a version of the PowerShell Empire penetration-testing tool, stopped various antivirus products, and even uninstalled Windows Defender in some instances. CERT-FR says that in at least one case they analyzed, they also found a new version of the Pysa ransomware, which used the .newversion file extension instead of the older .pysa.

How organizations can maintain a third-party risk management program from day one

Third parties certainly are having a lot to do with data breaches these days. You read any study, Deloitte, Ernst & Young, any of the unbiased studies out there, a number of the data breaches are actually coming from third parties and vendors, so that we recognize that you might have your four walls or your firewalls under control, but what you’re doing with other vendors and other folks in your supply chain, certainly puts your data at risk. We think that’s certainly important. A lot of these heavily regulated industries are actually getting audited and examined to understand how they understand the ecosystem of third parties. But we’re also seeing it go down-market. Not just the heavily regulated industries, but other areas and other verticals are starting to really think about how they interact with third parties, what data they’re sharing, and also what kind of value they could get from those third parties. Are they understanding the metrics, the measurements that they measure those vendors on? Are they getting what they paid for? Are they getting the level of performance they expect? And because of that, I think we can optimize a lot of those relationships and help them better understand that ecosystem in which they behave.

7 Spring Cleaning Tasks to Improve Data Security

Begin this year’s spring by reviewing your data assets. Move any sensitive information offline if it doesn’t need to be network-accessible. Keep in mind that any data not in your possession cannot be stolen from you. If you are storing information about other people or organizations and you can’t foresee any possible future use for that data, get rid of it. If you need it, move it to a secure offline facility. For instance, if you are storing credit card CVC codes — which you should not need to — get rid of them. There is no better method of ensuring data security than not having irrelevant data in the first place. Make sure you’re backing up properly and frequently. You should back up often enough that if something were to go severely wrong, you wouldn’t be panicking about lost personal or enterprise data. If you are responsible for ensuring that others back up, make sure that they understand the importance of doing so, and deploy technology that simplifies and automates the backup process. If you aren’t sure whether you’re backing up often enough, you probably are not.

Read more here ...