×
 

NiSystemsBlog

ViewFines suffered a data breach

ViewFines suffered a data breach

In May 2018, the South African website for viewing traffic fines online known as ViewFines suffered a data breach. Over 934k records containing 778k unique email addresses were exposed and included names, phone numbers, government issued IDs and passwords stored in plain text.

Breach date: 7 May 2018
Date added to HIBP: 24 May 2018
Compromised accounts: 777,649
Compromised data: Email addresses, Government issued IDs, Names, Passwords, Phone numbers

To check if you are a victim you can click here  https://haveibeenpwned.com/

 

Read More   

What it's like to constantly monitor cybersecurity threats

Cybercriminals may be getting smarter, but so are Cisco cybersecurity experts. Meet two of them in this original documentary video.

As a kid, Craig Williams, Director or Talos Outreach, found computers fascinating and would tinker with them.  "An Apple 2GS was my first computer and I remember figuring out how to get the control panel to change the colors in second grade because they made me play Number Munchers and I didn't like the color scheme," Williams recalls.  "I got in a lot of trouble because none of the teachers knew how to change it back and I just thought that was hilarious, and from then on, I was hooked."

Fast forward a few decades and Williams still lights up when talking about computers, but now it's not just fun and games. It's his passion. Williams is serious about security and if you want to get him fired up, ask him about security stereotypes. "One that always come around is people think that in order to get into cybersecurity, you need to be a criminal. Absolutely not!"

His colleague, Franc Artes, an architect in the Security Business Group, feels exactly the same way. "You meet people and they say things like ‘so you used to break into things, and now you're doing it legitimately.' Well no, but thank you very much," says Artes. "It is a very bad stereotype to see."

See also: Beers with Talos is Cisco's most unfiltered podcast

Both Williams and Artes make it their mission to not only help secure Cisco customers, but also stay one step ahead of cybercriminals. In fact, Artes is a reserve detective with law enforcement reserves. "I do a lot of teaching on cybercrime investigation, forensics, and security in general," says Artes. "If you're going to catch a cybercriminal, you should know how they break into bank accounts or people's email accounts, or cell phones."

See also: Setting the cybersecurity bar higher

Cisco's Talos Team, the industry-leading threat intelligence group, has seen all kinds of new threats in 2017. Take for example the Nyetya attack. Williams says that's the type of attack that keeps his team up at night and very different than WannaCry. "If you looked at the way WannaCry worked, WannaCry is alike a 1986 rusty Honda Civic," Williams explained. "If you look at a Ferrari, that would be Nyetya. Nyetya was polished, fast, and efficient."

In the 2018 Cisco Annual Cybersecurity Report, attacks like WannaCry and Nyetya exposed how unprepared many businesses are to the evolution of malware.

When attacks like these happen, it's the job of defenders, people like Williams and Artes, to react and respond quickly. "We're a lively bunch," Artes says describing his co-workers. "It's also an amazing group of individuals, especially within Talos."

 


Read More   

The WannaCry Malware Attack

The WannaCry Malware Attack

On May 12, 2017, many organizations around the world and the critical systems they depend on were victims of malicious “WannaCrypt” software. Microsoft is working to ensure they are taking all possible actions to protect their customers. Below we have given further details of the threat and steps every individual and business should take to stay protected. Additionally, Microsoft is taking the highly unusual step of providing a security update for all customers to protect Windows platforms that are in custom support only, including Windows XP, Windows 8, and Windows Server 2003. Customers running Windows 10 were not targeted by the attack today.

 

In March, Microsoft released a security update which addresses the vulnerability that these attacks are exploiting. Unfortunately, the malware appears to have affected computers that have not applied the patch for these vulnerabilities. While the attack is unfolding, we remind users to install MS17-010 if they have not already done so. Microsoft anti malware telemetry constantly monitors for such threats, and alerted us to this attack. These systems gave us the visibility and context around the attach, allowing Windows Defender Antivirus to deliver real-time defense. Through automated analysis, machine learning, and predictive modeling, Microsoft was able to protect many up-to-date systems against this malware.

 

Steps to prevent and protect against this threat

 

To get the latest protection from Microsoft, upgrade to Windows 10. Keeping your computers up-to-date gives you the benefits of the latest features and proactive mitigation built into the latest versions of Windows.

We recommend customers that have not yet installed the security update MS17-010 do so as soon as possible. Until you can apply the patch, we also recommend two possible workarounds to reduce the attack surface:

Windows Defender Antivirus detects this threat as Windows Defender Antivirus as of the 1.243.297.0 update. Enable Windows Defender Antivirus to detect this ransom-ware. Windows Defender Antivirus uses cloud-based protection, helping to protect you from the latest threats.

Use Office 365 Advanced Threat Protection, which has machine learning capability that blocks dangerous email threats, such as the emails carrying ransom-ware.

Monitor your network with Windows Defender Advanced Threat Protection, which alerts security operations teams about suspicious activities. Download this playbook to see how you can leverage Windows Defender ATP to detect, investigate, and mitigate ransom-ware in networks: Windows Defender Advanced Threat Protection – Ransom-ware response playbook.

For enterprises, use Device Guard to lock down devices and provide kernel-level virtualization-based security, allowing only trusted applications to run, effectively preventing malware from running.

Below are Frequently Asked Questions to help you further understand the nature of this malware attack, and to answer some of the questions you might have. For more information on support options please visit our support site: https://support.microsoft.com/en-us/gp/support-options-for-business

In case you have any further questions or require any assistance from our side, please do not hesitate to let me know. 

Read More   

Cisco VPN Client Instalation

Preparation:

  1. First uninstall the Cisco VPN Client
  2.  Reboot the Computer

Go here:

  1. http://www.citrix.com/go/lp/dne.html

Download these Files:

  1. ftp://files.citrix.com/winfix.exe
  2. ftp://files.citrix.com/dneupdate64.msi
  3. Reboot the machine
  4. Run winfix
  5. Reboot the machine
  6. Run dneupdate64
  7. Reboot the machine

Reinstall the VPN client using the .MSI file and not the .EXE file.  This will bypass Windows 10 checking the compatibility.  Next just make the registry edits.

In WindowsWindows 10, a common problem with the Cisco VPN client has been an inability to enable the adapter. That is easily resolved within regedit.exe by editing the following string:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CVirtA\DisplayName

You will see it have some junk along the lines of:@oem8.inf,%CVirtA_Desc%Cisco Systems VPN Adapter for 64-bit Windows

Just remove the first part of that so the string is only
Cisco Systems VPN Adapter for 64-bit Windows

I’d done it several times, so no problem. 

Cisco VPN 5.0.07.0440 can be found here. 

http://www.asc.edu/downloads/CiscoVPN/Windows/

Rejoice now you should have a working Cisco VPN client

Read More   

Killer Websites that Make You Cleverer

Killer Websites that Make You Cleverer

The internet is great for catching up with what your friends are doing on Social networks, but more than that, the internet is a great source of information. There are countless websites out there that are geared to make you smarter and more brilliant for either a low or no cost.

Read More   

2,000 year old 'computer' discovered: How tech and shipwrecks are rewriting human history

2,000 year old 'computer' discovered: How tech and shipwrecks are rewriting human history

Under oceans across the world, hundreds of shipwrecks lie silent and forgotten. Having set sail to discover, trade, or wage war, the boats never reached safe harbour and exist now as time capsules beneath the waves.

When they took to the seas, some of these vessels were the state of the art, laden with some of the most advanced technology of their era. Now, thanks to the most advanced tech of our time, some long-sought wrecks are finally being found and explored for the first time.

TechRepublic talked to the teams behind some of the most high-profile shipwrecks to be discovered in recent years to find out how they've located the ships and uncovered their secrets—including a 2,000 year old device that may have been the world's first computer.

 

Read More   

The 2015 Rugby World Cup and Cybersecurity

The 2015 Rugby World Cup and Cybersecurity

The 2015 Rugby World Cup and Cybersecurity

Teams have gone through months of preparation, including diet, sleep and fitness analysis, with much of this data gathered through manual and automated wearable means. Before the game, video analysts working parallel to the coaches and players consume hours of tape to understand offensive and defensive plays, reviewing all the data and creating plays to counter

 

Read More   

Digital Signage

Digital Signage

What Goes Into a Digital Signage Solution?

A digital sign can be standalone or part of a network of hundreds or thousands of signs. It can be managed one-by-one or centrally managed from a remote location. Whatever the size or scope of a digital signage solution, the basic components include:

  • Display: HD flat-panel screens (LCD or plasma), handling a wide range of media inputs, increasingly with touch capabilities and the ability to interact with mobile devices
  • Content management: Today’s powerful digital media players capable of managing video graphics, web feeds and other sources of content
  • Content: Sources of content include video, graphics, web feeds and more; developed in-house and/or by a media agency; may include third-party advertising
  • Network: LAN and/or WAN, wired or wireless

Read More   

Disk wiping and data forensics: Separating myth from science

Disk wiping and data forensics: Separating myth from science

Decommissioning systems for disposal or resale requires the secure deletion of data originally stored on the drives; however, the process of doing this is often based more in superstition than in science. These methods may have had some utility 20 years ago, but are not valid for newer drive formats.

Before moving forward, there are a few considerations to be mindful of in this inquiry.

  1. From a data security standpoint, destroying hard drives is preferable to wiping them. This is not always possible, and — depending on your level of precaution — you may want to wipe the drives before handing them off to a third party for destruction.
  2. The data on the drive should be encrypted to begin with, particularly on solid-state drives. Data recovery is basically impossible in cases where the drive data is encrypted.

Read more on http://www.techrepublic.com/article/disk-wiping-and-data-forensics-separating-myth-from-science/ By  

Read More   

Three baseline IT security tips for small businesses

Three baseline IT security tips for small businesses

When massive organizations like Sony, Home Depot, and the Office of Personnel Management are hacked they grab equally massive headlines. Yet, while they rarely grab headlines, small and middle-market companies are particularly susceptible to hacks, said Chris Crellin, Vice President of Product Management at Intronis, a data protection firm, because many SMBs can't afford to employ a security team, or are uninformed of the risks posed by attackers.

"A lot of companies rely on the idea of 'security through obscurity,'" said Crellin. "They're focused on running their business and probably don't spend a lot of time thinking about hackers."

These attackers probably aren't interested in any one particular small business, said Crellin, but they tend to rely on a shotgun strategy. "Small and middle-market businesses are targets because there are so many of them. It's like a thief in a parking lot looking for one unlocked car." If your organization is unlocked, he said, you're a likely target.

Read the rest of the article on http://www.techrepublic.com/article/three-baseline-it-security-tips-for-small-businesses/ By  

 

Read More   

IBM says carbon, oxygen essential to advancing resistive memory

IBM researchers said they overcame stubborn challenges in building computer memory out of carbon instead of silicon, which could allow for systems that are faster and sturdier than conventional flash memory or RAM.

Carbon electronics research began at the end of the 20th century, but there were at least two nagging problems. The material must survive at the high temperatures needed in the circuit manufacturing process and in the data read/write process. Also, it must be pliable enough to quickly change states — from a zero to a one and back — yet stable enough to remain non-volatile when needed.

Read more on TechRepublic.com.

 

Read More   

The 18 scariest computer viruses of all time

The 18 scariest computer viruses of all time

Anna Kournikova (2001)

The Anna Kournikova virus is so named because it tricked its recipients into thinking they were downloading a sexy picture of the tennis star. Financial damages associated with Kournikova were limited, but the virus had a big pop culture impact: It became a plot point in a 2002 episode of the sitcom Friends

 

Read more on Techrepublic

 
http://tek.io/1PQfkdV

 

 

 

Read More   

The Internet of Screens has arrived.

The Internet of Screens has arrived.

The Internet of Screens has arrived.

 

Read More