IKERLAN Joins ISASecure as a Certification Body for Automation and Control Systems Security
NAGRA Wins CSI Award for Holistic Cyber Protection
Freemium VPN provider Atlas VPN introduces Linux support
GTPL Provides its Subscribers with the Highest Level of Security and Enhanced User Experience
CineSend Adopts NAGRA’s Highest Level of Security to Protect Movies Delivered through its Streaming Platforms
Key Hires Add to Momentum as Black Box Quality Division Unifies Global Operations, Expands T&D Programs
Cloud servers are now the most common method of entry for cyberattacks at 41%
ISASecure Announces ISA/IEC 62443 IIoT Component Security Assurance (ICSA) Certification Launch
Cybersecurity unicorns projected to reach an all-time high in 2022, data suggests
United Cloud Leverages NAGRA Forensic Watermarking Solutions to Shutdown Piracy in Real Time at the Source
-
Cobalt Iron Compass Named in DCIG Top 5 Report for Large Enterprise AWS Cloud Backup
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that its Compass® enterprise SaaS backup platform for monitoring, managing, provisioning, and securing the entire enterprise backup landscape has earned a place in the DCIG Top 5 Report for Large Enterprise AWS Cloud Backup. "Our aim with the Top 5 report is to give data center administrators clear and well-researched information about the standout solutions in this space. With Compass' analytics, automation, immutability, and ability to integrate with enterprise management tools, Cobalt Iron has really set Compass apart," said Jerome Wendt, president and founder, DCIG LLC. According to the report, "Compass' differentiators show up in two broad ways. First, Compass uses AWS EC2 instances to deliver backup in the AWS cloud. This minimizes or eliminates the need for enterprises to deploy Compass or perform ongoing software and backup storage management. Second, Compass monitors, accelerates, analyzes, and then orchestrates backup and recovery activities in AWS." The report highlighted three characteristics that distinguish Compass from the other Top 5 large enterprise AWS cloud backup solutions on the list: A comprehensive analytics engine that automates back-end backup operations — Compass constantly monitors and evaluates all aspects of the backup environment, including any occurrences of cyberattacks, and automatically acts on the information to optimize the infrastructure for faster backups and better utilization. Backups stored in an immutable, inaccessible format — Through the Compass Cyber Shield feature, Compass encrypts all backups and stores them in an immutable format that no one except authenticated, properly credentialed Compass users may access. Integration with leading enterprise management tools — Enterprises may use tools such as Ansible, Chef, Puppet, ServiceNow, and vRealize to manage Compass. "Thanks to its analysis and research, DCIG is an authority for anyone in the IT industry who is responsible for keeping data safe," said Andy Hurt, chief marketing officer at Cobalt Iron. "With AWS being so widely used in enterprise IT infrastructure today, Cobalt Iron continually enhances the Compass platform to make sure data to, from, and within the AWS cloud is airtight." More information about Cobalt Iron and Compass can be found at www.cobaltiron.com
-
Revealed: Top 10 most privacy-invasive educational apps on Android
While it is not secret that app manufacturers collect insights and information about their users, it is a much bigger issue among educational apps since they are highly used by children. As study season is approaching, the Atlas VPN team decided to look at the privacy of 50 popular educational apps and see how much user data they gather. According to the Atlas VPN research, 92% of educational apps on Android collect user data. Language learning app HelloTalk and learning platform Google Classroom developed by the tech giant, top the chart as the most privacy-invasive, collecting user information across 24 segments within 11 data types. A segment is a data point such as name, phone number, payment method, and precise location that are grouped in broader data types such as personal information, financial information, and location. Meanwhile, the online education subscription platform MasterClass collects user information across 17 segments, followed by the interactive learning platform Seesaw, which gathers data from 15 segments. Other apps in the top ten include the learning management app Canvas Student (14), education communication app Remind (14), digital education app for children ABCmouse (14), and knowledge-sharing student community app Brainly (14). The most commonly collected data type includes personal information, such as name, email, phone number, address, user ID, gender, or similar. It is collected by 90% of educational apps. Over a third (36%) of apps also collect location data, followed by audio (30%), messages (22%), files and documents (16%), calendar (6%), contacts (6%), health and fitness (2%), and web browsing (2%). - 70% of educational applications share your data with third parties While many apps were found to collect user data, some apps go a step further and share user data with third parties. In total, 70% of educational applications on Android were found to disclose some of their user data to third parties. Personal information is the most commonly shared type of user data. In total, 46% of apps were found to share this information with third parties. All in all, while some of the collected user information might be necessary for the provision of the services of these educational apps, we found many of the collection practices excessive. Even more problematic is that most apps transfer sensitive data to third parties, ranging from user name to user location, contact details, and photos, that can be later used to create a profile of who you or your children are. To read the full article, head over to: https://atlasvpn.com/blog/revealed-top-10-most-privacy-invasive-educational-apps-on-android
-
Black Box, A Global Systems Integrator, Achieves Integration Certifications for Zoom Rooms and Zoom Phone
Black Box, an industry leading global systems integrator and Certified Integrator for Zoom Rooms announced that the company has become a Zoom Phone Certified Integrator, bringing Zoom's video communications platform and its feature-rich cloud phone system to market. With accredited individuals across its engineering, sales and delivery teams, Black Box is equipped to provide value-added services such as design, deployment and management for Zoom Rooms and Zoom Phone globally, helping customers get up and running quickly with these robust communications tools. "Work is being reimagined. After working remotely and growing accustomed to increasingly sophisticated and intuitive online tools for meetings, communications and collaboration, people have much higher expectations for inclusive work experiences," said Jim McKenna, vice president of strategic partnerships at Black Box. "As a flexible, feature-rich, software-based solution, Zoom is the perfect complement to the digital workplace, enterprise networking and connected building solutions Black Box supplies and integrates into modern workspaces. Backed by Black Box's renowned integration and support services, Zoom eases the transition to hybrid and in-person work while improving the overall communications experience for all participants." Zoom Rooms and Workspaces solutions are used around the world in board, conference, huddle and training rooms, as well as executive offices and classrooms, to help users work together comfortably and effectively across spaces and devices, in the office environment. The solution supports virtual check-ins with Zoom Workspace Reservation; room status and scheduling displays content sharing through Zoom Digital Signage; and Zoom Rooms meeting management through personal mobile device or voice-activated controls. Zoom Phone enables users to make secure voice calls across the globe using a variety of supported devices with the same ease and familiarity as participating in Zoom video meetings. "Black Box is a services-led business with a rich heritage of providing advanced connectivity solutions to address critical workplace and workflow requirements," said Gilbert Vendryes, head of partner programs at Zoom. "As a Zoom Certified Integrator for Zoom Rooms and Zoom Phone, Black Box has the knowledge and resources to assist customers globally as they build these robust tools into today's hybrid workspaces." Further information about Black Box and its full product portfolio is available at www.blackbox.com
-
Americans lost an unprecedented $3.56 billion to online fraud in H1 2022
A recent analysis by Atlas VPN reveals that US citizens lost a record $3.56 billion to various types of online fraud in the first half of 2022, an increase of almost 53% over the same period last year. Americans submitted more than 793 thousand fraud complaints in the first six months, and over 27% of those reports indicated a financial loss, amounting to the aforementioned total sum. The data for the analysis was extracted from a publicly accessible database managed by the Federal Trade Commission (FTC). US Citizens can submit fraud reports to the FTC for further investigation. The FTC shares this data to inform the nation about the state of the cybercrime landscape in the US. This year's most commonly reported scam category was imposter scams, with more than 361 thousand complaints, 22% reporting a loss and totaling $1.33 billion in damages. Since 2018, imposter fraud has been the most commonly reported as well as the most damaging type of online fraud. However, in H1 2022, investment-related scams caused even more financial losses to US citizens than imposter fraud. Even though the number of investment scam complaints is relatively low at 52 thousand, an average investment scheme lures out $40,000 per victim, while other types of scams rarely swindle more than a three-digit sum. The potential to earn a typical half-year salary from a single scam sounds appetizing to cybercriminals, which is why they are focusing more of their efforts in this direction. To read the full article, head over to: https://atlasvpn.com/blog/americans-lost-an-unprecedented-3-56-billion-to-online-fraud-in-h1-2022
-
Cobalt Iron Ranks High Among Leaders in GigaOm 2022 Radar Report for Enterprise Hybrid Cloud Data Protection
Cobalt Iron Inc., a leading provider of SaaS-based enterprise data protection, today announced that GigaOm has named Cobalt Iron an industry Leader in its 2022 GigaOm Radar Report for Hybrid Cloud Data Protection: Large Enterprises. The company earned the ranking based on the features and capabilities of the Cobalt Iron Compass® enterprise SaaS backup platform. Every year, GigaOm studies multiple hybrid cloud data protection vendors for large enterprises. Its report — which includes the signature "radar"-style chart — offers the company's forward-looking perspective on various vendors based on their products' technical capabilities and feature sets. Among the 18 companies GigaOm evaluated, Cobalt Iron is one of only five companies in the Leader tier of the radar chart and one of only three that GigaOm calls out as noteworthy. According to the report, "Cobalt Iron impressed with a compelling BaaS offering based on a versatile and efficient architecture, strong cyber resiliency, and analytics. ... It has robust ransomware protection mechanisms, advanced analytics, and comprehensive workload support, including Kubernetes." GigaOm highlights Cobalt Iron's ability to support not only virtualization systems and all major cloud services (AWS, Azure, Google Cloud, IBM Cloud, and Alibaba) but also a wide variety of platforms and applications (including mission-critical databases such as Oracle and SAP HANA) and a comprehensive range of operating systems. The report also details Cobalt Iron's impressive protection in the face of cyberthreats: "Cobalt Iron provides strong cyber resiliency features at both the predictive and remediation levels. Cyberattack detection includes monitoring multiple anomalies and abnormal behaviors, including baselining the normal environmental behavior and observing deviations. These capabilities are regularly improved and made available to customers. The architecture includes isolation and strengthened security measures, and backups are immutable, with the ability to place data in multiple locations." "IT organizations turn to the GigaOm report to help them compare solutions because they know GigaOm does a thorough job of evaluating products fairly based on strict criteria," said Chris Snell, solutions architect, EMEA at Cobalt Iron. "Cobalt Iron works hard to remain a leader and to continue delivering effective solutions in the challenging data protection industry. This report is another validation of Cobalt Iron Compass for enterprises that are looking for the best in hybrid cloud data protection."
-
Industry IoT Consortium and ISA Help Companies Secure Industrial Automation & Control Systems
The Industry IoT Consortium® (IIC™) and the International Society of Automation announced the IoT Security Maturity Model (SMM): 62443 Mappings for Asset Owners, and Product Suppliers, and Service Suppliers. “This new guidance adds the service provider role. It extends the previously published IoT Security Maturity Model (SMM): Practitioner’s Guide to provide mappings to existing 62443 standards and specific guidance for the asset owner, product supplier, and service provider roles,” said Ron Zahavi, Chief Strategist for IoT standards at Microsoft and IoT SMM co-author. The IIC IoT SMM helps organizations choose their security target state and determine their current security state. By repeatedly comparing the target and current states, organizations can identify where they can make further improvements. The ISA99 committee developed the 62443 series of standards, which the International Electrotechnical Commission (IEC) adopted. The standards address current and future vulnerabilities in Industrial Automation and Control Systems (IACS) and apply necessary mitigation systematically and defensibly. The ISA/IEC 62443 standards focus on maturity, but only on the maturity of security programs and processes. “Achieving security maturity targets can be difficult to put into practice without concrete guidance,” said Frederick Hirsch, co-chair of the IIC ISA/IIC Contributing Group. "These 62443 mappings enable practitioners to better achieve security maturity by relating IIC IoT SMM practice comprehensiveness levels to ISA/IEC 62443 requirements. In this way, IACS asset owners and product suppliers can achieve appropriate maturity targets more easily." Eric Cosman, co-chair of the ISA99, said, "While standards such as ISA/IEC 62443 are needed to codify proven and accepted engineering practices, they are seldom sufficient. Joint efforts such as this provide the practical guidance necessary to promote and support their adoption." Pierre Kobes, a member of both ISA99 and IEC Technical Committee 65, said, “It is not about more security but about implementing the appropriate security measures. IoT SMM: 62443 Mappings for Asset Owners and Product Suppliers helps companies select the adequate security levels commensurate with their expected level of risk.” You can download IoT SMM: 62443 Mappings for Asset Owners, Product Suppliers and Service Providers from IIC and ISA websites. You will find a complete list of the contributing authors in the document. Work is underway to add the service provider role to the document in a future revision.
-
One in four Russians downloaded VPN apps in H1 2022, a global study reveals
The latest updates for the Global VPN Adoption Index created by Atlas VPN reveal that in H1 2022, VPN downloads reached 215 million. The most significant shift in the market was recorded in Russia, where nearly one-fourth of the population downloaded VPN services. Prior to H1 2022, VPN penetration in the Russian Federation was somewhere between 3% to 9%. However, in March 2022, the Russian court banned Facebook and Instagram, labeling its parent company Meta as “extremist”. These restrictions caused an unprecedented upshift in VPN demand. The VPN usage in Russia reached record heights, totaling 35 million downloads in six months, putting VPN adoption at 23.94%. In other words, nearly 1 in 4 Russian citizens downloaded a VPN application in H1 2022. On a similar note, Ukraine made it to the tenth position of VPN adopters globally, with 4.2 million downloads and a 9.62% penetration rate. The VPN Adoption Index by Atlas VPN overviews country-by-country VPN statistics and explores why VPNs are so prevalent in those nations. VPN adoption refers to the percentage of the country's population that downloaded VPN applications in the given period. The data for the analysis was extracted from Google Play Store and Apple App store using Sensor Tower and App Tweak services. To read the full article, head over to: https://atlasvpn.com/blog/one-in-four-russians-downloaded-vpn-apps-in-h1-2022-a-global-study-reveals
-
Top 5 ransomware statistics in the last year
Cybercriminal gangs launch ransomware attacks to encrypt businesses' sensitive data and get paid a significant ransom. Sometimes hackers even use a method called double extortion. They threaten the organization to sell the stolen information online if the ransom is not paid. In this article, Atlas VPN presents the most significant ransomware statistics from the past year. #1 Ransomware hackers drained over 30 terabytes of sensitive data in 2022 Ransomware has become more efficient and devastating in its attacks. Ransomware hackers stole over 30 terabytes (TB) of personal and other sensitive data in 320 incidents in 2022. The total number of ransomware attacks could be even bigger. Many companies lack transparency when reporting ransomware incidents. The largest semiconductor chip company Nvidia suffered one of the most significant ransomware attacks of H1 2022. Hackers from the group Lapsus$ claimed they stole 1TB in exfiltrated company data and demanded a $1 million ransom. #2 Ransomware volume doubles in 2021, surpassing 600 million Usually, if an organization has not backed up its information in the cloud, it is doomed for big trouble. They either have to pay a hefty ransom or lose data forever. Research revealed that global ransomware volume surged by 105% in 2021. The total number of ransomware attacks represents nearly 20 attempts every second in 2021. In addition, The United States suffered significantly more ransomware threats than any other country — 421.5 million. Cybercriminals launched 34.2 million ransomware attacks at Germany and 33.5 million at the United Kingdom. #3 Over 70% of organizations suffered two or more ransomware attacks in the past 12 months Once hackers know the company has vulnerabilities they can exploit, cybercriminals target it multiple times. According to Veeam 2022 Ransomware Trends Report, 73% of organizations suffered two or more ransomware attacks in the past 12 months. The majority — 44% of ransomware infections entered through phishing emails, links, and websites. One of the reasons why ransomware is so successful is because businesses keep paying the ransom. A whopping 76% of organizations affected by ransomware in the past twelve months went through with the ransom payment. However, nearly one in four (24%) companies still could not recover their data afterward. Lastly, we have compiled a detailed overview of 60 Worrying Cybercrime Statistics for people who want to obtain a more comprehensive cybercrime landscape. To read the full article, head over to: https://atlasvpn.com/blog/top-5-ransomware-statistics-in-the-last-year
-
Russia and China-sponsored hackers threaten the world with cyberattacks
State-sponsored cyberattacks are carried out to espionage secret government data, disrupt services or identify and exploit national infrastructure vulnerabilities. According to the data collected by the Atlas VPN team, Russia and China sponsored over 50 cyberattacks in 2022, with Ukraine being the most targeted country. Russian-backed hackers carried out 27 cyberattacks in 2022. The attacks mainly targeted Ukraine due to the war started by Russia. Ukrainian government websites, organizations, and broadcasting companies suffered a total of 23 espionage, data destruction, or denial of service attacks. China has sponsored 24 cyberattacks this year so far. State-backed hackers attacked the United States, Indian and Taiwanese governments and organizations. With the growing tensions between China, Taiwan, and the US, such cyberattacks could happen even more often in the year's second half. North Korea-sponsored hackers engaged in 9 cyberattacks. Their main targets were the US and South Korea. Iran sponsored 8 cyberattacks in 2022. Most of their attacks were against countries in the Middle East or the US. Besides Ukraine as the most attacked country, the US was the second most targeted with 10 attacks. Russia and India followed next, as both suffered 7 state-sponsored cyberattacks. Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on state-sponsored cyberattacks: “As geopolitical tensions rise, so does the possibility of state-sponsored cyberattacks. It is hardly a surprise that mainly China and Russia are responsible for many of the threats that governments and businesses face. Their hackers are well-funded and persistent, which makes them capable of extremely damaging cyberattacks.” - Government espionage Cyberattacks carried out with the support of governments are typically well-resourced and highly sophisticated, allowing them to inflict tremendous harm on their victims. State-sponsored hackers carried out 44 cyberattacks against government entities in 2022. Some hackers use malware, which destroys sensitive government information, causing unrepairable damages. The private sector suffered from 37 state-sponsored cyberattacks. Hackers targeted civil society in 29 state-sponsored cyberattacks. Civil society refers to activists, journalists, and politicians from the opposition party. State-sponsored threat actors carried out 6 cyberattacks on military officials. Espionage on government, private sector, civil society, and military accounted for 66 cyberattacks. To read the full article, head over to: https://atlasvpn.com/blog/russia-and-china-sponsored-hackers-threaten-the-world-with-cyberattacks
-
Over 80% of malware attacks target education sector as back-to-school season nears
With the school season approaching, parents hurry to get their children supplies while students enjoy their last days of summer. However, barely anyone realizes that enterprises in the education sector are currently under a barrage of malware attacks. Data presented by Atlas VPN reveals that the education industry has been the primary target for cyberattacks in the last 30 days. Over 80% of malware attacks globally were aimed at companies in the education sector, totaling 5.13 million attacks for the period, which comes out to an average of 171 thousand attacks daily. The data for the analysis was extracted via Microsoft’s Security Intelligence platform. One of the reasons why the education industry became the main target is the shift towards digitalization. The pandemic forced e-institutions to employ technologies that enable students to complete the curricula and exams. In turn, a lot of new companies sprang up as they saw the opportunity in the market. However, video conferencing programs, e-learning software, and other digital tools expanded the cyberattack surface exponentially. It is worth noting that the aforementioned attacks are directed toward enterprises, not institutions. In other words, the data provided shows the number of attacks on businesses in the educational sector, not on schools, colleges, and universities. To read the full article, head over to: https://atlasvpn.com/blog/over-80-of-malware-attacks-target-education-sector-as-back-to-school-season-nears
-
Ransomware hackers drained over 30 terabytes of sensitive data in 2022
Ransomware attacks have been terrorizing businesses of all sizes and industries worldwide. According to the data presented by the Atlas VPN team, ransomware hackers stole over 30 terabytes (TB) of personal and other sensitive data throughout more than 300 attacks in 2022. In January, ransomware hackers stole 5 TB of personal data. Ransomware attacks in February locked out businesses out of 7 more TB of data. Ransomware hackers stole 16 TB of personal data during March, the most out of all months. In April, ransomware hackers locked 3 more TB of data. While during May, the total amount of stolen personal data through ransomware attacks accumulated to 34 TB and remained the same until the end of June. In February, the largest semiconductor chip company Nvidia suffered a major ransomware attack. Hackers from the group Lapsus$ claimed they stole 1TB in exfiltrated company data and demanded a $1 million ransom. Cybersecurity writer at Atlas VPN Vilius Kardelis shares his thoughts on ransomware attacks: “Ransomware has become more efficient and devastating in its attacks. Businesses should be prepared for their most confidential information to be taken and potentially exposed or sold on the internet. To mitigate the impact of ransomware attacks, companies must build resilience and report the cases to competent authorities.” Ransomware remains dangerous While some hackers might have taken a summer break, the ransomware threat continues to loom. Throughout the first half of 2022, businesses suffered 320 ransomware incidents. In January, businesses reported 25 ransomware incidents. Next month, ransomware attacks skyrocketed by 116% to 54 incidents. Hackers performed 92 attacks against companies in March, bringing the total incident count in the first quarter of 2022 to 171. The second quarter started with 113 total ransomware attacks in April, the most so far. Despite that, businesses suffered 32 incidents in May, about 72% less than the previous month. Throughout June, hackers attacked businesses with ransomware just 4 times. To read the full article, head over to: https://atlasvpn.com/blog/ransomware-hackers-drained-over-30-terabytes-of-sensitive-data-in-2022
-
Record-breaking number of router security flaws discovered in the last few years
The data presented by Atlas VPN reveals that router vulnerabilities have surged to record heights in the past few years. It is argued that routers have received more attention due to the increase in remote work, which opens up the possibility for hackers to breach corporate security by abusing old and unpatched home routers. Router security flaws are hazardous as they may expose individuals and corporate networks to cybersecurity dangers such as hacking, data breaches, financial fraud, industrial espionage, and others. The figures for the analysis were extracted by Kaspersky from cve.mitre.org and nvd.nist.gov. Even though these data sources show a different number of flaws, they both depict a clear upward trend in vulnerabilities. According to cve.mitre.org, researchers found a record-breaking 321 vulnerabilities in 2021, the highest in over a decade. Yet, the increase started a year before, when flaws jumped from 130 in 2019 to 206 in 2020, representing a growth of 58%. On the other hand, data from nvd.nist.gov informs us that 2020 was the worst year for router flaws, with a total of 603 vulnerabilities, a substantial increase of 191% over 2019. However, 2021 was not much better, as vulnerabilities remained alarmingly high. More importantly, out of 506 vulnerabilities identified last year, 87 of them were marked as critical. Of these vital flaws, 29.9% remained unpatched and without updates of any kind from the vendors. Another 26% of critical flaws were only acknowledged by the vendors but not fixed as of June 8, 2022. To read the full article, head over to: https://atlasvpn.com/blog/record-breaking-number-of-router-security-flaws-discovered-in-the-last-few-years
-
Keypoint Intelligence security validation testing highlights Kyocera’s signature feature of security strength
Kyocera’s Evolution Series, which encompasses ten A3 MFP devices such as the TASKalfa 3554ci, has passed the Penetration Testing level of Keypoint Intelligence’s rigorous BLI Security Validation test program. The volume and complexity of security threats facing today’s organization is increasing daily. The need for robust data protection has never been greater – and once again, Kyocera Document Solutions America, Inc. has risen to the challenge. Kyocera was awarded the prestigious Keypoint Intelligence Security Validation Testing seal and certificate during its REIMAGINE dealer conference, which took place between June 1-3, 2022, in San Antonio, Texas. In presenting the recognition crystal, Anthony Sci, President and CEO of Keypoint Intelligence, explained the two-pronged process whereby Keypoint Intelligence and its testing partner Accenture Security test devices: through automated cyberattacks and hands-on white hat hacking. On the value of the assessment, Sci said, “[Keypoint’s assessment process] is really a good way to verify the equipment you sell is safe to sell to your clients.” He revealed how, after testing the TASKalfa 3554ci, “Kyocera passed with flying colors.” There were no noteworthy security weaknesses detected. The validation extends to all other ten devices in the Evolution Series. Speaking to a large audience of Dealers, Sci explained the relevance of this recognition: “I think it’s important for our Dealer community to have a competitive advantage over the competition and this is one of the arenas that you can really do that. Salespeople can put this certificate in their bag and show it to their clientele.” One such competitive advantage is that the Evolution Series firmware comes with the ability to enable advanced level of security installed as part of the initial configuration to reduce human error or any security threat*. With quick security set up, this range of devices provides outstanding data protection from the get-go. With the crystal in hand, Óscar Sánchez, President and CEO of Kyocera Document Solutions America, Inc. said, “This recognition means a lot to us, and we are very proud. A big thanks must go to our team in Japan for developing and designing such a great product.” Having had time to reflect on Kyocera’s latest recognition, Sánchez was keen to reiterate just how important security is for Kyocera: “Cybersecurity is now top of mind for everyone. Our customers trust us with their information, and we have a duty to ensure it remains safe.” Reflecting on the validation testing itself, Kyocera’s President is clearly very proud. “To be recognized by an organization as reputable and respected in our industry as Keypoint Intelligence is hugely gratifying, and it tells us we are doing a lot of things very well with our TASKalfa devices. Having said that, we will continue to raise the bar because we know that security threats today do not stand still.” * To learn more about Kyocera’s K-Level of security, please visit the security page on our website.
-
Linux malware on a rise reaching all-time high in H1 2022
Until recently, cybercriminals have largely ignored Linux compared to other more popular operating systems. However, the new data shows that cyber attack trends are shifting. According to the data presented by the Atlas VPN team, based on AV-ATLAS statistics, the number of new Linux malware reached record highs in the first half of 2022, as nearly 1.7 million samples were discovered. Compared to the same period last year, new Linux malware numbers soared by close to 650%. If we look at the new Linux malware sample numbers quarter by quarter, in the first quarter of this year, they dropped by 2%, from 872,165 in Q4 2021 to 854,688 in Q1 2022. Moving on to the second quarter, the malware samples decreased again, this time by 2.5% to 833,059. Yet the cumulative number of new Linux malware samples in H1 2022 was 31% higher than the number of such samples in the whole year of 2021. In fact, the first half of this year alone saw more new Linux malware samples than any other year since 2008. New Windows malware still leads the way Although Linux was the only operating system that saw growth in new malware samples in the first half of this year, Windows had the most significant number of new malware applications overall. In total, 41.4 million newly-programmed Windows malware samples were identified in H1 2022. Although Linux holds only 1% of the operating system market share, it occupies the second spot on the list with 1.7 million malware samples in H1 2022. Meanwhile, the most popular operating system, Android, had 716,201 newly developed malware samples in H1 2022, followed by macOS with 4,922. All in all, while Linux is not as popular among computer users as other operating systems, it runs the back-end systems of many networks, making attacks on Linux highly lucrative. As Linux adoption rises, so will attacks against it. To read the full article, head over to: https://atlasvpn.com/blog/linux-malware-on-a-rise-reaching-all-time-high-in-h1-2022
-
Social Media data leaks account for over 40% of all breached records
Social media is quickly turning into a primary security weak point. A single data breach within one of the major social media networks can result in millions of records being stolen. Within the past few years, we have seen multiple large-scale data breaches involving companies like Facebook and Twitter. Yet, we rarely see the bigger picture. Luckily, data presented by Atlas VPN gives insight into the scope of the issue. It turns out that 41% of all compromised records in 2021 originated from social media data leaks, which is a significant upsurge compared to 25% in 2020. The data presented is based on the 2022 ForgeRock Consumer Identity Breach Report, which gathered data from various sources, such as 2021 Identity Theft Resource Center, IBM Ponemon, TechCrunch, Forrester Research, as well as UpGuard, and IdentityForce. A few other factors make social media a security weak point within the current online landscape. First, criminals can prey on business clients by posing as the company in order to obtain credentials. This is becoming especially prevalent since companies increasingly use social networks to communicate with customers. Second, fraudsters frequently attempt to infiltrate businesses by leveraging mutual connections, which create a false sense of security. Moreover, people who overshare on social media make it simple for thieves to locate personal information that aids in company breaches. To read the full article, head over to: https://atlasvpn.com/blog/social-media-data-leaks-account-for-41-of-all-records-breached
-
Top 5 phishing statistics of 2022
While 2022 is not over, phishers have already launched various attacks. Atlas VPN team compiled a list of the top five most notable phishing statistics and findings of 2022 so far to shine the light on the current cybercrime landscape. #1 Almost 70% of email scammers leave the 'subject' line empty If there is a tell-tale sign that the email one received is a phishing attempt is an empty subject line. Research finds that 67% of cybercriminals leave the subject line blank when sending malicious emails. Other subject lines attackers use, although much less frequently, include 'Fax Delivery Report' (9%), 'Business Proposal Request' (6%), 'Request' (4%), 'Meeting' (4%), 'You have (1*) New Voice Message' (3.5%) , 'Re: Request' (2%), 'Urgent request' (2%), and 'Order Confirmation' (2%). #2 LinkedIn users targeted in 52% of all phishing attacks globally in Q1 2022 Cybercriminals often utilize big brand names in their phishing attempts in hopes receivers will not notice the message is coming from an illegitimate source. In the first quarter of 2022, attackers most frequently chose LinkedIn as they go to brand. Linkedin was used in over half (52%) of phishing scams worldwide — a 44% upshift from 8% in the previous quarter. It was the first time a social media brand outranked tech giants like Apple, Google, and Microsoft as phishers' favorites. #3 Blockchain.com, Luno, and Cardano are the top-most phished crypto projects Even with the cryptocurrency market going through hard times, cybercriminals continue to use crypto brands in their scams. One of their tactics is to set up fraudulent websites that look like legitimate brands with hopes of stealing sensitive information. Cryptocurrency financial service company Blockchain.com was the most spoofed crypto brand, with 662 phishing websites in the last 90 days (till June 22, 2022). Crypto investing app Luno is the second on the list with 277 phishing pages, followed by proof-of-stake blockchain platform Cardano with 191. If you would like to learn more about the online crime landscape, we have prepared a report that overviews 60 Worrying Cybercrime Statistics. To read the full article, head over to: https://atlasvpn.com/blog/top-5-phishing-statistics-of-2022
-
Microsoft Office flaws exploited in nearly 80% of malware attacks
One quarter after another, Microsoft Office remains the most widely exploited software for malware delivery. The primary reason is that a significant portion of Office users delay essential security updates, which keeps the doors open for fraudsters to inject malicious code through various loopholes, even if they are already known publicly. Data presented by Atlas VPN shows that in Q1 2022, as many as 78.5% of malware targets Microsoft Office vulnerabilities. While Securelist, the online warehouse for malware research from Kaspersky, does not share malware statistics for Q4 2021, they provide data for Q3 2021, revealing that Microsoft Office was targeted in 60.68% of attacks back then. Based on the findings, it is safe to say that hackers abuse Microsoft Office more and more. As it is shown in the graph, the main difference between Q1 2022 and Q3 2021 is found in percentage changes regarding Office and browser exploits. Researchers believe browser exploits are becoming increasingly rare because they get updated automatically, which is not the case for Microsoft Office. Hackers primarily target users that do not follow the basic cybersecurity practices of patching their software as soon as the update is available. Since Office is used by over one billion people from across the world, coupled with the fact that security updates can be delayed, it’s no surprise to see it at the top of the list. To read the full article, head over to: https://atlasvpn.com/blog/microsoft-office-flaws-exploited-in-nearly-80-of-malware-attacks