Connect with us

Cyber Security

IOTW: Ransomware Attack Closes Colonial Pipeline

Published

on

Signs point to the fact that it was DarkSide, a Robin Hood-like hacking group who successfully executed a ransomware attack that shutdown the Georgia-based Colonial Pipeline. There are conflicting reports about how the incident will further impact the distribution of U.S. domestic oil to the Eastern states and gas prices. 

Private companies working with U.S. government agencies shutdown the cloud servers from which the attacks on the Colonial Pipeline and 12 other companies were launched. They also retrieved the stolen data which was bound for Russia.

The main pipeline has been closed for several days. While the smaller pipelines were also affected, they were restored first as part of a phased plan. The Pipeline stretches from Texas to the Northeast, delivering about 45% of the fuel consumed by the East Coast.

The Facts

On Friday, May 7, the Colonial Pipeline announced its operations had been halted as a result of a ransomware incident that shutdown the main pipeline and smaller pipelines. Incident response began the day before, on Thursday. 

By Sunday, the smaller lines were operational again. However, the mainline remains down at the time of this writing. Early in the week, President Joe Biden worked with the Department of Transportation to lift oil trucking hour restrictions to keep the gas products flowing. On Wednesday, the White House released an Executive Order on Imrpoving National Cyber Security. The Colonial Pipeline is now fully operational, but not before panic-stricken consumers started hoarding gas and complaining about price gouging.

The Colonial Pipeline transports more than 2.5 million barrels a day of diesel, gasoline, jet fuel and natural gas via Gulf Coast pipelines that span more than 5,500 miles.

Reuters reported that the hackers stole more than 100 GB of data and that the FBI and other government agencies had successfully collaborated with private companies to take down the cloud servers the hackers used to steal the data. The ransom amount remains undisclosed and so does Colonial Pipelines’ response to the extortion attempt.  

DarkSide claims it does not target schools, hospitals, nursing homes or government organizations and that it donates part of its bounty to charity. The group reportedly demands payment for a decryption key and is increasingly demanding additional payment not to publish stolen data. DarkSide also stated on its website recently that it is not geopolitically motivated.

The Colonial Pipeline attack has been deemed “the worst attack on critical infrastructure to date.” 

Lessons Learned

U.S. critical infrastructure has become a popular cyberwarfare target. The weak underbelly has been aging tech and industrial control systems (ICSs) which may lack adequate physical and cyber security.

The problem isn’t a new one, but the number of attacks continue to rise.

Quick Tips

No business is immune from a ransomware attack.

  • Limit administrative privileges.
  • Limit the use of hardware and software to authorized hardware and software. While this may not be possible in all organizations, it is important for critical infrastructure organizations.
  • Monitor system, application, network and user behavior for anomalous activity.
  • Do a thorough cybersecurity assessment that involves white hat penetration testing. Critical infrastructure organizations should check for physical and cyber weaknesses.
  • Fortify the soft spots.
  • Have an incident response plan in place that involves operations, finance, legal, compliance, IT, risk management and communications.
  • Patch software as soon as possible.
  • Train and update the workforce on cyber hygiene.
  • If your company is attacked, engage a firm that specializes in forensics. Contact local and federal law enforcement, as appropriate.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.cshub.com/attacks/articles/iotw-ransomware-attack-closes-colonial-pipeline

Cyber Security

How Much Does A Cyber Security Specialist Make?

Published

on

How Much Does A Cyber Security Specialist Make
How Much Does A Cyber Security Specialist Make

How Much Does A Cyber Security Specialist Make- It is well known that people in the information technology industry earn far more than those in most other professions. The median wage in the IT business is twice as high as the overall average wage in the US, according to the CompTIA Cyberstates guide to the tech economy. This is true across the board in the IT industry, including cybersecurity. But how much money does a cybersecurity expert make?

Cybersecurity is a broad phrase that encompasses a wide range of job titles in the technology industry. Each role has a separate compensation range, from pentester to information security analyst to security engineer to chief information security officer. Your personal earnings will be determined by a variety of criteria, including your degree of education and experience, the type of industry your company is in, its size, geographical location, and more.

All of the salary averages in this post come from Glassdoor, a popular site for comparing and contrasting companies and employers, Payscale, a startup that helps manage employee remuneration, and the US Bureau of Labor Statistics (BLS), which provides accurate wage records.

Table of Contents

Salary Factors

Education and experience

A cybersecurity specialist’s CV must include their education.

A cybersecurity specialist’s work is critical to a business since they deal with data loss prevention and data protection in general, security incidents, risk assessment, and fending off digital attacks. Employers prefer to know that their specialists have at least a bachelor’s degree in computer security or a similar discipline to ensure that they know what they’re doing. Computer science, data administration, network administration, and other related fields are examples of related fields.

While a bachelor’s degree may be required for entry-level positions in the IT security sector, a master’s degree is not required. Only 23% of tech workers with a master’s degree or higher felt that their advanced degrees helped them earn more money.

In comparison, even if you are just starting your cybersecurity job, having experience is always beneficial. Your initial wage will be minimal if you don’t have much experience. Your superiors will be more inclined to give you a raise if you improve your abilities and get more knowledge (both theoretical and practical).

Job titles in the IT business are typically classified as ‘junior’ or ‘senior’ based on experience. Even if their job descriptions are similar, a junior security analyst will be paid less than a senior security analyst.

Industry type

Despite the fact that this article focuses on the IT industry, a person can work in IT in a variety of other businesses. No matter what type of business a company undertakes, computer security is critical.

The aerospace and defence, communications, public relations, advertising, pharmaceutical, medical, biotech, government (military and homeland security), and system and VAR integration industries pay the highest average salaries for IT experts and, as a result, cybersecurity specialists. In these businesses, the identical IT job position is likely to pay more than in other areas.

Business size and revenue

Average salary estimations are also influenced by the organization’s size and profitability. At principle, finding a position in a relatively small firm with significant income (less than 100 or, even better, less than 50 employees) would be a terrific option. Most certainly, your cybersecurity compensation would be greater than the industry average.

However, no matter how successful a small business is, it will never be able to generate the same amount of profit as a large organisation.

The problem with large corporations is that they employ hundreds of thousands, if not tens of thousands, of people all over the world. As a result, they are more likely to provide lower starting pay than their smaller counterparts. The beginning compensation for a cybersecurity professional at companies like Google, CISCO, Amazon, and others is not outstanding.

Your yearly compensation at one of these conglomerates will be higher than at other organisations once you have enough experience and reach senior position. Not to mention that some of them, like Google, give their employees stock in the firm that they may sell at any time.

Business location

The IT business has a distinct advantage in this era of working from home and social isolation. As long as they have a strong internet connection, most computer workers can work from home without trouble. Remote IT work is slowly but steadily becoming the norm in the IT industry.

While where you work as an employee is unimportant, the magnitude of your salary will be determined by where your firm is located. A tech career in Washington, DC does not pay the same as a similar job in San Francisco, CA. In fact, because Silicon Valley is arguably the worldwide heart of technology, typical tech incomes are highest in the San Francisco area.

In 2019, the typical income for a tech worker in San Francisco was $145k per year, $138k in Seattle, WA, $133k in New York, NY, $117k in Denver, CO, and ‘only’ $113k in San Diego, CA.

Average IT Security Salaries

Finally, the income you earn will be determined by the cybersecurity position you occupy. Here are some of the most prevalent cybersecurity job titles and their median salaries:

Computer Forensics Analyst

Despite the fact that this job looks interesting and represents a dynamic work environment, it is one of the lowest-paid positions on our list. According to Glassdoor, a computer forensics analyst earns an average of $57,755 per year, and $73,892 per year according to Payscale.

Cyber Security Specialist

The post of cybersecurity specialist is considered entry-level. This occupation is also known as a computer security specialist or an information security specialist. In the United States, average incomes for this career range from $69,123 to $76,336 per year.

Information Security Analyst

The compensation of an information security analyst is usually higher than that of a cybersecurity professional. An information security analyst earns an average of $99,730 per year, or $47.95 per hour, according to the US Bureau of Labor Statistics. Based on 4.595 anonymous salary submissions from information security analysts across the United States, Glassdoor lists an average yearly income of $76,410 for the same position.

Penetration Tester (Pentester)

According to Payscale, a pentester’s income ranges from $52k to 137k. This corresponds to Glassdoor’s statistics, which show that the average pentester earns $69,123 per year.

Security Engineer

According to Glassdoor, cybersecurity and data security engineers earn an average of $99,834 per year. These figures match those found on Payscale, where the average yearly security engineer pay is $91,598.

Keep in mind that a network security engineer earns less than the positions listed above – on average, $79,686 per year.

Security Architect

Security architects earn six-figure salaries thanks to their highly specialised skills and broad list of responsibilities. The typical base compensation for a security architect is $106,362, according to Glassdoor, and $124,051 according to Payscale.

Chief Information Security Officer (CISO)

Given that the chief information security officer is a senior executive-level role, the average base compensation is $179,763.

Conclusion

The topic of how much a cybersecurity expert makes is a difficult one to answer. The typical compensation for this difficult work is determined by a number of factors. It is directly related to an employee’s level of education and years of experience. If you’re interested in working for a huge, well-known company, keep in mind that your beginning wage will be low at first.

Not every part of the United States has the same average income, which should be included into your decision. (Don’t forget to account for the cost of living in various parts of the country.)

Finally, a cybersecurity specialist’s position is just the beginning. You can then construct out your own professional path based on your preferences and skillsets. There’s no reason why you shouldn’t command a six-figure income in the future if you work hard, get computer security training, interact well with your team, and demonstrate that you’re a benefit to your company.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/how-much-does-a-cyber-security-specialist-make/

Continue Reading

Cyber Security

Google’s Ongoing Struggles With in-the-Wild Zero-Day Attacks

Published

on

Google

Google’s persistent battles with zero-day assaults against its Chrome browser in the wild aren’t going away anytime soon.

For the sixth time this year, Google has released a Chrome point-update to address code execution flaws that are already being exploited by malevolent hackers, according to the firm.

In a Thursday advisory, Google stated, “Google is aware that an attack for CVE-2021-30554 exists in the wild.” It’s a use-after-free flaw in WebGL, the JavaScript API for rendering graphics without the need for plugins.

The weakness has been classified as “high-risk” by Google, which has begun sending the latest patch to users via the browser’s automatic-update mechanism.

Google provided no other information about the attacks other than the fact that they were reported anonymously two days ago, on June 15, 2021.

Users of Microsoft Windows, Apple macOS, and Linux can download Chrome version 91.0.4472.114.

Google also corrected three other memory corruption vulnerabilities in WebAudio, TabGroups, and Sharing, in addition to the zero-day attack.

There have been a record number of zero-day assaults this year, with Google fixing six of them in its Chrome browser. A total of 47 in-the-wild assaults targeting software weaknesses unknown even to the manufacturer have been disclosed by zero-day trackers.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/googles-ongoing-struggles-with-in-the-wild-zero-day-attacks/

Continue Reading

Cyber Security

Using APIs for Better Cyber Security

Published

on

Computer internet cyber security background. Cyber crime vector illustration. digital
Computer internet cyber security background. Cyber crime vector illustration. digital

Table of Contents

What is an API?

What is an API? – For the general users of the internet and computer interface, it is normally understood that the screens, keyboards, monitors, etc. are the only computer interfaces in front of them. These are the visible computer interfaces with which we interact with the machine and the internet. There is another type of interface that we come across every day, but is hidden from our view. These interfaces enable software components to interact with each other. For a long time, this process was not standardized and developers of the operating system Unix made protocols for interprocess communication (IPC).

By the early 2000s, the need for a standard, open software-to-software interface was felt by the technology industry. This led to the development of the application programming interface, commonly known as API. API’s could provide a standardized interface through which software could communicate amongst themselves by sharing data and managing shared memory. APIs made software services available to workloads and applications. They facilitate bidirectional communication between two processes. An API includes all information needed to carry out a task and, unlike a web form, an API does not need multiple user transactions to successfully complete a process.

Cyber security and API

API security encapsulates integrity protection of the APIs you use or own. API’s are used by microservices and containers to communicate among themselves. With the development of API’s, we find ways to connect everyday things to smart devices, like a refrigerator with an android smartphone. As integration of computers increases, interconnectivity becomes more important, and so do APIs and their security. With the rise of the Internet of Things (IoT) applications, API security has become a growing concern.

Web scraping and APIs

Other than communicating within the software, an API is also used for providing access to the data of an application, web page, or operating system. Similarly, web scraping refers to the process of ‘scraping’ data from a webpage or multiple web pages.

Web scraping is used to extract data from a  given web page, whereas an API provides the data directly. This poses a problem where the developer has not provided the API with the data. Sometimes APIs can be given at a charge, and that fee might not be affordable. In these scenarios, web scraping is necessary to obtain the data you need.Web scraping with software written in Python is one of the more common methods used to extract data from web pages.

Security threats with API

Some common threats associated with APIs are:

    1. Man in the Middle (MITM): An MITM attract refers to an attacker secretly intercepting communication between two APIs to obtain sensitive information. MITM attacks can grant access to personal financial and credential details to the attacker.
    2. API injections: API injection refers to the insertion of malicious code into vulnerable software. Malicious commands can also be inserted into an API message, like a SQL command. All web APIs that require parsers and processors are susceptible to API injections.
    3. Distributed denial of service (DDOS): DDoS attacks lead to the crashing of a website by flooding the bandwidth or resource of the attacked system. A DDoS attack topples the functioning of the memory and bandwidth by injecting a huge number of concurrent connections and sending/requesting huge amounts of data with every transaction. The machine resource will eventually crash under such pressure.

SOAP and REST API

SOAP and REST are the two most common approaches to implement APIs.

SOAP (Simple Object Access Protocol) is based on XML and used for communicating among computers. SOAP uses a built-in WS security standard that utilizes XML Encryption, XML Signature, and SAML tokens for messaging security considerations.

REST (Representational State Transfer) makes use of HTTP to get data and perform operations on remote computers. SSL authentication and HTTPS are used in REST for securing communication. It is easier to track and maintain all of these security protocols if you deploy to a centralized cloud deployment platform suited to creating and hosting APIs.

How to improve cyber security

A hacked API can cause a serious data breach. Owing to their vulnerability, it is important to take additional steps to ensure security.

    1. Using tokens: Assigning tokens to trusted identities and controlling access to data can protect your machine from malicious attacks.
    2. Authentication verifies the identity of the end-user. Authentication is implemented using the TLS protocol in REST APIs. OAuth 2 and OpenID are even more secure than the TLS protocol.
    3. Using an API gateway can secure your APIs. These gateways check the API traffic. A good gateway allows you to authenticate traffic. You can also control and analyze how your APIs are used.
    4. Using sniffers to detect vulnerabilities is a safe practice to secure your APIs. In addition, be updated about your API components and major leaks and threats.
    5. Authorizing what data a user can access from the API prevents malicious users from accessing data that is beyond their role. This keeps them away from being able to access admin functionality.

Conclusion

This article covered everything you need to know about API’s and cybersecurity. API security protects the integrity of APIs and is something that should be a concern for organizations and individuals with the evolution and constant development of IoT.

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://cybersguards.com/using-apis-for-better-cyber-security/

Continue Reading

Big Data

Konsentus Verify supports checking of UK-RTS compliant certificates

Published

on

Konsentus Verify supports checking of UK-RTS compliant certificates

Konsentus today confirmed that its open banking third party provider (TPP) identity and regulatory checking solution, Konsentus Verify, can validate the identity of TPPs regardless of whether a UK-RTS compliant digital certificate or EEA issued eIDAS certificate is presented. 

This follows OBIE’s recent announcement that UK-regulated TPPs must complete their migration from OBIE Legacy Certificates to UK-RTS compliant certificates (OBWACs/ OBSEALs) no later than 30 June 2021 by which time they must also have revoked any active OBIE Legacy Certificates. 

From the end of June 2021, ASPSPs must reject the use of OBIE Legacy Certificates for PSD2 identification purposes ensuring they only accept certificates that are compliant with the UK-RTS. 

Konsentus Verify provides TPP identity and regulatory checking services to protect Financial Institutions from the risk of open banking fraud.  The identity checking element of the Konsentus solution is based on the validation of a TPP’s digital identity certificate.  

Konsentus Verify checks in real-time a certificate’s validity and whether it has been issued by a trusted certificate issuer. In addition, Konsentus Verify checks the Payment Services a TPP is authorised to provide by its home country National Competent Authority.

However, digital identity certificates are not usually updated over a certificate’s lifespan and do not list the roles a TPP can perform outside the TPP’s home country. Any ‘Passporting’ information must be obtained for each country the TPP wants to provide services into.

Any EEA TPP wanting to access accounts held by a UK-based ASPSP must either be on the FCA’s Temporary Permissions Regime list or registered directly with the FCA. Konsentus Verify validates in real-time the legitimacy and current authorisation status of TPPs providing payment services in the UK regardless of whether an eIDAS or UK-RTS compliant certificate is presented.

Mike Woods, CEO Konsentus commented, “With over 200 UK TPPs regulated to provide open banking services in the UK, we can offer our customers a single solution that means both UK-RTS compliant certificates and eIDAS certificates can be checked without having to introduce additional processes or delays. No matter where the transaction is taking place or where the TPP is located, we offer our customers a single solution providing identity and regulatory checking at the time of the transaction.”

Coinsmart. Beste Bitcoin-Börse in Europa
Source: https://www.fintechnews.org/konsentus-verify-supports-checking-of-uk-rts-compliant-certificates/

Continue Reading
Big Data29 mins ago

Exclusive-Pacific undersea cable project sinks after U.S. warns against Chinese participation

Big Data30 mins ago

Japan industry minister says Harvard fund thanked adviser

Big Data30 mins ago

Taiwan allows Foxconn’s Gou, TSMC to negotiate for vaccines

Big Data30 mins ago

China new energy vehicle sales to grow over 40%/yr in next 5 years -industry body

Big Data30 mins ago

U.S. House panel to vote Wednesday on bills targeting Big Tech

Blockchain News45 mins ago

BTC & ETH Have Been the Best Risk-Adjusted Assets over the Last Year

HRTech48 mins ago

Tanaya Mishra joins Strides Pharma as global CHRO

HRTech55 mins ago

Companies in the US seek vaccination details of staff

Aviation1 hour ago

Qatar Airways Innaugurates New Abidjan Route

Blockchain1 hour ago

Sam Bankman-Fried Claims Institutional Demand for Crypto is Growing

Payments1 hour ago

Alt Lending week ended 18th June 2021

Aviation2 hours ago

Air New Zealand offers employees NZ$1,000 worth of shares

Aviation2 hours ago

Five Passenger Jets Damaged In Unexpected Ahmedabad Thunderstorm

Aviation2 hours ago

RAAF to perform ‘high-complexity’ combat training in the NT

Cyber Security2 hours ago

How Much Does A Cyber Security Specialist Make?

Energy2 hours ago

Electric Car Chargers Market will have an Incremental Spend of USD 24.47 Billion by 2025 | SpendEdge

Crowdfunding3 hours ago

UK’s Invoice Financing Platform MarketFinance Shares how they Helped Bantham Technologies Access Affordable Financing

Cyber Security3 hours ago

Google’s Ongoing Struggles With in-the-Wild Zero-Day Attacks

Blockchain3 hours ago

PINASining II: More Advice from Past Winners as Contest Deadline Draws Near

Crowdfunding3 hours ago

Swedish Firms Collaborating on Green Crytpo

Blockchain3 hours ago

Blockchain Intelligence Firm TRM Labs Secures $14 Million in Funding

Blockchain3 hours ago

The Winklevoss Brothers Have Formed a Musical Band

Blockchain3 hours ago

New Crypto Venture Fund to Invest in African Startups

Esports3 hours ago

New Apex Legends Trick Bounces Players ‘To The Moon’

Esports3 hours ago

Can You Pre-Order Jurassic World Evolution 2?

Blockchain3 hours ago

Miami Mayor Sets Up Stage to Attract Bitcoin Miners With Low-Cost Nuclear Power

Blockchain3 hours ago

Mark Cuban calls for stablecoin regulation in wake of Iron Finance ‘bank run’

Bitcoin Price
Blockchain3 hours ago

TA: Bitcoin Trims Gains, What Could Trigger Fresh Drop To $35K

Aviation4 hours ago

Central Mountain Air Adds Campbell River to Network

Blockchain4 hours ago

Shiba Inu: Subreddit Grows by 59, 381%, Coinbase Listing and ShibaSwap

Trending