Connect with us

Cyber Security

Still on XP? Here is Some Advice

Avatar

Published

on

Reading Time: 2 minutes

We would never advise using an unsupported operating system. Everytime Microsoft issues a security patch for its supported OSs, it provides information that hackers can analyze and exploit against the unpatched Windows XP.  However, one month after the end of Microsoft’s support for Windows XP there seems to be a hard core of users still on the venerable operating system and resisting upgrades. This in spite of a massive effort by the folks in Redmond to convince them to get off of XP.

Ultimately, we believe the user rules. If you are one of those hold outs, for whatever reason, here is some advice.

  1. Microsoft is still providing extended support and providing security patches, but at a considerable fee. If you are an XP user in a large organization that can afford it, you should investigate if it makes sense for your organization to participate. For some, like financial institutions that have ATMs using XP it is a no brainer and we would assume they are already on the Microsoft extended plan. Make sure you understand your organization’s position and be sure you are in compliance.
  2. Dump the Internet Explorer browser. There are numerous vulnerabilities already identified that are not going to be fixed in the older, Windows XP compatible versions.Comodo provides Firefox and Chromium based browsers that add security and privacy protection not found in other browsers. They have:Security enhancements that surpass those in Firefox and Chromium‘s technology.
    Domain Validation technology that identifies and segregates superior SSL certificates from inferior ones
    Privacy protection that stops cookies and other Web spies and prevents all Browser download tracking to ensure your privacy.
  3. Use a firewall. Many users think antivirus is enough to clean malware, but a firewall will detect and prevent intrusions in the first place.
  4. Use an antivirus that is committed to supporting Windows XP users. It just so happens that Comodo Internet Security is, and includes a firewall that can be installed with the suite or separately. Comodo Internet Security is a particularly appropriate choice. Its “Default Deny” architecture, that sandbox all programs that cannot be verified as safe, is the best protection against the type of “zero-day” threats that are growing for Windows XP

TEST YOUR EMAIL SECURITY GET YOUR INSTANT SECURITY SCORECARD FOR FREE Source: https://blog.comodo.com/pc-security/still-xp-advice/

Cyber Security

IOTW: Despite Patch, Zerologon Attack Still A Big Deal

Avatar

Published

on

A known Windows vulnerability is detected alive and well thanks to one man’s honeypot experiment.

Facts

Security vulnerability CVE-2020-1472, which was discovered and patched earlier this year, is still running rampant. Dubbed Zerologon, it is unique in its simplicity. It works by exploiting a Netlogon weakness. Netlogon is the always-on Windows service that enables end users to log into a network. The scripted hack runs incredibly quickly, searching for unpatched Active Directory systems and exploiting a weakness by adding the number zero in certain Netlogon authentication fields.

On October 16, a month after Microsoft released its first patch, independent researcher Kevin Beaumont drew the hack out by utilizing a honeypot he maintains to detect threats. Honeypots work by intentionally setting up vulnerabilities in order to bait and identify cyber security threats. Using an unpatched lure server, Beaumont discovered that hackers were able to backdoor the server by changing an admin password. From there, hackers have access to domain controllers that administrators use to create and manage accounts across an organization. The hacker can then impersonate any computer connected to the affected network, disable Netlogon security features, and change a network computer’s password.

The attack can only happen once inside a network. However, several noteworthy footholds include firewall and VPN vulnerabilities as well as third-party access through known issues with Citrix, Juniper, and Pulse Secure. Insider threats and phishing schemes can also leverage Zerologon in order to quickly infect an entire enterprise network. Once inside, hackers can deploy ransomware, steal data, commit espionage and other nefarious deeds.

Microsoft released the first patch in August 2020, but it wasn’t without its issues. It involved modifying billions of devices connected to corporate networks which temporarily paused enterprise operations. The temporary fix simply forces Netlogon security features on so the Zerologon attack can’t turn them off to sneak inside.

A more robust patch is scheduled to release in February of 2021. However, Microsoft predicts the new patch will permanently disable standing authentication procedures on some devices.

Related: Patchwork Of Privilege

The Cybersecurity and Infrastructure Security Agency (CISA) warned that Zerologon targets include government networks, potentially affecting election related networks. Their statement released on October 16 reads in part, “Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks.

CISA is aware of some instances where this activity resulted in unauthorized access to elections support systems; however, CISA has no evidence to date that integrity of elections data has been compromised.”

Quick Tips

In theory, threats like Zerologon should never pose much of a problem. After the initial discovery, a patch is made and released as a Windows update. Once the update is installed, the network is secure.

In practice, however, updates don’t always happen with any sort of urgency. Especially in the case of the Zerologon patch, its time-consuming nature may prompt careless employees to bypass updates in order to keep their system up and running. Certain organizations may decide that the downtime involved in their 24/7 operation is too costly for a fix that may never threaten them in the first place. Some networks are running on servers that will no longer be supported as of November 2020, meaning that, although they will have received the first patch, the second patch won’t automatically install.

Related: Developing A Culture Of Enterprise Cyber Security Resilience

These are simple fixes for a holistic IT team and a solid cyber security framework—for enterprises that have one. Additional mitigation measures include:

  • Applying the Microsoft patch ASAP
  • Using a relevant script or third-party cyber security team to ensure that all domain controllers are patched.
  • Monitoring for Group Policy Object (GPO) changes.
  • Enacting a least privilege access policy to minimize internal threats

Read More: Incident Of The Week

Source: https://www.cshub.com/attacks/articles/iotw-despite-patch-zerologon-attack-still-a-big-deal

Continue Reading

Cyber Security

Business Enablement By Way Of The BISO

Avatar

Published

on

Become a Member today!

PLEASE ENTER YOUR EMAIL TO JOIN FOR FREE

We respect your privacy, by clicking ‘Subscribe’ you will receive our e-newsletter, including information on Podcasts, Webinars, event discounts, online learning opportunities and agree to our User Agreement. You have the right to object. For further information on how we process and monitor your personal data click here. You can unsubscribe at any time.

Source: https://www.cshub.com/executive-decisions/articles/business-enablement-by-way-of-the-biso

Continue Reading

Big Data

Top 10 Big Data trends of 2020

Avatar

Published

on

Top 10 Big Data trends of 2020

By Priya Dialani

During the last few decades, Big Data has become an insightful idea in all the significant technical terms. Additionally, the accessibility of wireless connections and different advances have facilitated the analysis of large data sets. Organizations and huge companies are picking up strength consistently by improving their data analytics and platforms.

2019 was a major year over the big data landscape. In the wake of beginning the year with the Cloudera and Hortonworks merger, we’ve seen huge upticks in Big Data use across the world, with organizations running to embrace the significance of data operations and orchestration to their business success. The big data industry is presently worth $189 Billion, an expansion of $20 Billion more than 2018, and is set to proceed with its rapid growth and reach $247 Billion by 2022.

It’s the ideal opportunity for us to look at Big Data trends for 2020.

Chief Data Officers (CDOs) will be the Center of Attraction

The positions of Data Scientists and Chief Data Officers (CDOs) are modestly new, anyway, the prerequisite for these experts on the work is currently high. As the volume of data continues developing, the requirement for data professionals additionally arrives at a specific limit of business requirements.

CDO is a C-level authority at risk for data availability, integrity, and security in a company. As more businessmen comprehend the noteworthiness of this job, enlisting a CDO is transforming into the norm. The prerequisite for these experts will stay to be in big data trends for quite a long time.

Investment in Big Data Analytics

Analytics gives an upper hand to organizations. Gartner is foreseeing that organizations that aren’t putting intensely in analytics by the end of 2020 may not be ready to go in 2021. (It is expected that private ventures, for example, self-employed handymen, gardeners, and many artists, are excluded from this forecast.)

The real-time speech analytics market has seen its previously sustained adoption cycle beginning in 2019. The idea of customer journey analytics is anticipated to grow consistently, with the objective of improving enterprise productivity and the client experience. Real-time speech analytics and customer journey analytics will increase its popularity in 2020.

Multi-cloud and Hybrid are Setting Deep Roots

As cloud-based advances keep on developing, organizations are progressively liable to want a spot in the cloud. Notwithstanding, the process of moving your data integration and preparation from an on-premises solution to the cloud is more confounded and tedious than most care to concede. Additionally, to relocate huge amounts of existing data, organizations should match up to their data sources and platforms for a little while to months before the shift is complete.

In 2020, we hope to see later adopters arrive at a conclusion of having multi-cloud deployment, bringing the hybrid and multi-cloud philosophy to the front line of data ecosystem strategies.

Actionable Data will Grow

Another development concerning big data trends 2020 recognized to be actionable data for faster processing. This data indicates the missing connection between business prepositions and big data. As it was referred before, big data in itself is futile without assessment since it is unreasonably stunning, multi-organized, and voluminous. As opposed to big data patterns, ordinarily relying upon Hadoop and NoSQL databases to look at data in the clump mode, speedy data mulls over planning continuous streams.

Because of this data stream handling, data can be separated immediately, within a brief period in only a single millisecond. This conveys more value to companies that can make business decisions and start processes all the more immediately when data is cleaned up.

Continuous Intelligence

Continuous Intelligence is a framework that has integrated real-time analytics with business operations. It measures recorded and current data to give decision-making automation or decision-making support. Continuous intelligence uses several technologies such as optimization, business rule management, event stream processing, augmented analytics, and machine learning. It suggests activities dependent on both historical and real-time data.

Gartner predicts more than 50% of new business systems will utilize continuous intelligence by 2022. This move has begun, and numerous companies will fuse continuous intelligence during 2020 to pick up or keep up a serious edge.

Machine Learning will Continue to be in Focus

Being a significant innovation in big data trends 2020, machine learning (ML) is another development expected to affect our future fundamentally. ML is a rapidly developing advancement that used to expand regular activities and business processes

ML projects have gotten the most investments in 2019, stood out from all other AI systems joined. Automated ML tools help in making pieces of knowledge that would be difficult to separate by various methods, even by expert analysts. This big data innovation stack gives faster results and lifts both general productivity and response times.

Abandon Hadoop for Spark and Databricks

Since showing up in the market, Hadoop has been criticized by numerous individuals in the network for its multifaceted nature. Spark and managed Spark solutions like Databricks are the “new and glossy” player and have accordingly been picking up a foothold as data science workers consider them to be as an answer to all that they disdain about Hadoop.

However, running a Spark or Databricks work in data science sandbox and then promoting it into full production will keep on facing challenges. Data engineers will keep on requiring more fit and finish for Spark with regards to enterprise-class data operations and orchestration. Most importantly there are a ton of options to consider between the two platforms, and companies will benefit themselves from that decision for favored abilities and economic worth.

In-Memory Computing

In-memory computing has the additional advantage of helping business clients (counting banks, retailers, and utilities) to identify patterns rapidly and break down huge amounts of data without any problem. The dropping of costs for memory is a major factor in the growing enthusiasm for in-memory computing innovation.

In-memory innovation is utilized to perform complex data analyses in real time. It permits its clients to work with huge data sets with a lot more prominent agility. In 2020, in-memory computing will pick up fame because of the decreases in expenses of memory.

IoT and Big Data

There are such enormous numbers of advancements that expect to change the current business situations in 2020. It is hard to be aware of all that, however, IoT and digital gadgets are required to get a balance in big data trends 2020.

The function of IoT in healthcare can be seen today, likewise, the innovation joining with gig data is pushing companies to get better outcomes. It is expected that 42% of companies that have IoT solutions in progress or IoT creation in progress are expecting to use digitized portables within the following three years.

Digital Transformation Will Be a Key Component

Digital transformation goes together with the Internet of Things (IoT), artificial intelligence (AI), machine learning and big data. With IoT connected devices expected to arrive at a stunning 75 billion devices in 2025 from 26.7 billion presently, it’s easy to see where that big data is originating from. Digital transformation as IoT, IaaS, AI and machine learning is taking care of big data and pushing it to regions inconceivable in mankind’s history.

Source: https://www.fintechnews.org/top-10-big-data-trends-of-2020/

Continue Reading
IOT5 hours ago

Consumer Interest in IoT Devices Varies Among Gender, Need

Cyber Security10 hours ago

IOTW: Despite Patch, Zerologon Attack Still A Big Deal

AR/VR16 hours ago

Horror-Comedy Hello Puppets! Continues Performance on Steam

Energy17 hours ago

Global Electrical SCADA Market Report 2020: Developments in IoT Technology and Cloud Computing has Increased Growth

Energy17 hours ago

Global $855 Billion Bio-Refinery Product Market to 2026 with Neste Oil, Renewable Energy, Pacific Ethanol, UOP, Abengoa Bioenergy, and Valero Energy Dominating

Energy18 hours ago

U.S. Chemical Production Expanded In September

Energy18 hours ago

$9.8 Billion Worldwide Thermal Spray Coatings Industry to 2027 – Impact of COVID-19 on the Market

Energy18 hours ago

Valisure Expands Testing Capabilities With The Addition Of Elemental Analysis

AR/VR19 hours ago

Somnium Space’s Next Updates to Add Buildable Worlds, Web Access & More

AI19 hours ago

Beyond Limits and The Carnrite Group Create Alliance to Drive AI Innovation in Oil & Gas, Utilities, Power and Industrial Sectors.

Esports19 hours ago

BIG, OG, fnatic round out Flashpoint 2 team list

Crowdfunding19 hours ago

Earn $10,249 a Year in FREE “Crypto Income”

Energy20 hours ago

Ball Corporation and Kroenke Sports & Entertainment Announce Global Partnership to Advance Sustainability in Sports and Entertainment Through Aluminum Beverage Packaging, Improved Recycling Programs and Consumer Education

Energy20 hours ago

St. James Gold Announces Private Placement

Energy20 hours ago

Worldwide Water and Wastewater Treatment Equipment Industry to 2027 – Featuring SUEZ, Ecolab & DuPont Among Others

Energy20 hours ago

Automotive Refinish Coatings Market Size Worth USD 11.69 Billion by 2027 | CAGR of 3.7%: Emergen Research

AR/VR20 hours ago

Captain Toonhead vs the Punks from Outer Space Unleashes FPS Tower Defense in 2021

Germany
Esports21 hours ago

Vitality take down BIG to set up clash against Astralis in DH Open Fall

Energy23 hours ago

Dorian LPG Ltd Provides Update for the Second Quarter 2021 and Announces Second Quarter 2021 Earnings and Conference Call Date

Energy23 hours ago

SK Innovation Declares Ambition to ‘Lead the Efforts for Battery Safety, Charging Speed and Driving Range’ at InterBattery 2020

Energy23 hours ago

Canada Nickel Makes Third New Discovery at Crawford Nickel-Cobalt Sulphide Project

Energy24 hours ago

AEP Reports Strong Third-Quarter 2020 Earnings

Blockchain1 day ago

Eyeing EU Banks, Hex Trust Teams With SIA on Crypto Custody

Blockchain1 day ago

Collider Labs Raises $1M to Invest in Blockchain Startups

Blockchain1 day ago

Voyager Agrees to Buy LGO Markets and Merge 2 Firms’ Tokens

Cyber Security1 day ago

Business Enablement By Way Of The BISO

Ecommerce1 day ago

Turing Pi 2 – compact edge clusters with 32 GB RAM and new Raspberry…

Ecommerce1 day ago

The Top eCommerce Companies in October, According to eCommerce…

Ecommerce1 day ago

Footwear Manufacturer Otabo Steps Up Digital Strategy with Centric…

Ecommerce1 day ago

Cloud Sales Veterans Release Essential Read for B2B Salespeople

Ecommerce1 day ago

LaserShip Announces Its Time Of Need Philanthropic Program

Indonesia
Esports1 day ago

Gen.G in talks with Liazz – Report

Esports2 days ago

cogu joins MIBR as manager and coach

Energy2 days ago

Strategic Resources Files Mustavaara Technical Report

Energy2 days ago

Ur-Energy Announces Extension of State Bond Loan and Provides Update

Energy2 days ago

Pettit Marine Paint Develops the Most Effective Anti-fouling Paint to Hit the Market in Many Years – ODYSSEY® TRITON

Energy2 days ago

Core Lab Reports Third Quarter 2020 Results From Continuing Operations:

Blockchain2 days ago

Pelosi, Kudlow Signal Market-Moving US Stimulus May Wait Till After Election: Report

Energy2 days ago

A Difference-Making Disinfectant

Blockchain2 days ago

Market Wrap: PayPal Powers Bitcoin Past $12.8K as Ether Dominance Drops

Trending