Skip to main content
Tag

iot

||

Why Endpoint Detection and Response is Getting Harder in 2020

By Patch ManagementNo Comments

Why Endpoint Detection and Response is Getting Harder in 2020

As the severity of cyberthreats increases, the demand for endpoint detection and response solutions across the globe is growing.

The demand for endpoint detection and response solutions across the globe is currently quite strong, with no signs of slowdown any time soon: Recent research by London-based firm Technavio predicts that the market for this type of cybersecurity software will grow by $7.67 billion between 2020 and 2024, representing a compound annual growth rate of 10%.

Why such robust growth in this space? The answer is both simple and unfortunately discomforting. It’s becoming more difficult for businesses, government departments and other organizations to feel secure with the endpoint protections they have in place.

No wonder, given that the severity (and sheer number) of cyberthreats out there is constantly growing. Today, we’ll take a look at what challenges organizations aiming to bolster the effectiveness of their information security may face — and how they might be able to overcome such hurdles.

More Devices = More Potential Weaknesses

Analysis from the researchers at Gartner projected in August 2019 that there would be 5.8 billion open endpoints to the internet of things around the world by the end of the following year: a 21% uptick from 2019’s number.

There’s no denying the utility and communicability that the IoT fosters for so many, but while marveling at those positive attributes you must also note the risks it poses. As the number of endpoints increases across your network — both inside and outside of the IoT realm — so do the potential points of weakness.

In fact, Infosecurity magazine reported in October 2019 that there had been more than 100 million attacks on IoT-connected devices in the first half of that year. Applications run on such devices can be particularly vulnerable.

According to TechRadar, facing up to the security threat represented by IoT device proliferation requires use of an endpoint security solution that can offer comprehensive visibility of all internal and external vulnerabilities. This vigilance must be constant and in real time.

Mounting Danger of New and Established Cyberthreats

IoT-focused cyberattacks, while relatively new in the cyberthreat landscape, have already done plenty of damage, with Wired citing the Mirai and Reaper botnet attacks of 2016 and 2017, respectively, as major examples of such malicious campaigns. The latter of those infected more than 1 million networks. The new versions of the threats coming through IoT endpoints will have the ability to be even more devastating, manifesting as complex dedicated denial of service attacks.

Other attack styles that are even more well-established, like phishing, are becoming even more dangerous in similar ways, according to Security Boulevard. Malicious actors have diversified and variegated the former’s capabilities so that these social engineering scams are no longer confined to emails that are relatively easy to detect: They can be deployed via text messages and even phone calls. AI plays a significant role here, as hackers are using it to mimic an organization’s in-house jargon and speech and thus make phishing expeditions harder to discover.

Last but not least, ransomware looks to pose a more grave threat than ever before. The extortionists using this malware saw plenty of success in 2019, attacking local governments all over the U.S., including Atlanta, Baltimore and New Orleans.

In one particularly brazen, widespread attack, hackers simultaneously hit the municipal networks of 22 Texas cities and towns, disabling countless web-based civic services and operations.

Although not all of those attacks netted hackers the ransom sums they demanded, the disturbing effectiveness of such efforts has likely emboldened cyber attackers, so bigger and more devastating ransomware campaigns are surely on the horizon for 2020. The same is almost certainly true for IoT-based and social engineering attacks. Only the strongest, most versatile threat detection and solutions will be capable of meeting major cyberthreats head-on, be they new attack types or updated versions of old standbys.

The Need for Quicker Responses to Threats

Opinions vary on how long it takes cyber attackers to breach a target that they’ve picked to bear the brunt of their hacks. Some say it falls between 15 and 10 hours, while others consider it more a matter of minutes, according to TechTarget. Either way, that’s an effectively minuscule time frame.

In an interview with Dark Reading, Dan Basile, executive director of security operations at Texas A&M University, noted that it while it’s ideal to find cyberthreats before they can do any harm — like removing a tumor before cancer metastasizes uncontrollably — this perfect-world plan of action isn’t always possible. Therefore the focus switches to quickly directing infosec defenses at a detected threat before permanent damage occurs. EDR needs to be a part of a quick-response strategy, along with application firewalls, network traffic analysis and other systems.

EDR Can’t Do It Alone

That last sentence in the section above represents another key point: EDR is (and will continue to be) more difficult if you expect it to carry the weight of all infosec responsibilities on its own. It must be deployed in concert with firewalls, encryption, multi-factor authentication, threat hunting and other tools. The support of an organizational culture aware of and focused on the gravity of contemporary cybersecurity threats is also essential.

Choosing Syxsense as your EDR solution gives businesses a considerable head start on their journey to crafting a reliably secure environment for your digital assets. Coupled with our comprehensive managed IT and patch management services, Syxsense can provide your organization the peace of mind it deserves. Contact us today to learn more or sign up for a free trial.

Experience the Power of Syxsense

Syxsense has created innovative and intuitive technology that sees and knows everything. Manage and secure your environment with a simple and powerful solution.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

FBI PSA: IoT Devices Targeted by Attackers

By NewsNo Comments

The FBI has Released a New PSA

According to the alert, I-080218-PSA, actors with malicious intent have been actively using vulnerable IoT devices. Said devices act as proxies to route malicious traffic for cyber attacks and computer network exploitation.

This reinforces what we have been saying for a very long time. Ignoring or mismanaging IoT device security leaves organizations wide open to potentially devastating cyber attacks that could have far-reaching national and even international consequences.

The FBI warns that a large range of devices could be misused. Examples include routers, smart watches, IP phones, streaming devices, IP cameras, network attached storage devices, and network connected printers. The list goes on and on; any device connected to the internet could be targeted.

The alert states “Cyber actors typically compromise devices with weak authentication, unpatched firmware or other software vulnerabilities, or employ brute force attacks on devices with default usernames and passwords.”

How can companies protect themselves?

The PSA suggests several methods for protection, but here is one to review. Detect and identify all IoT devices within your networks and then ensure they are up to date with the latest security patches.

Syxsense is the IT solution with the ability to detect IoT devices. Our discovery scan will show every device with an IP address connected to your networks. It is impossible to manage vulnerable devices if you don’t know they are there in the first place.

There’s a better way to manage IoT devices. Start your trial with Syxsense.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||||

Ransomware in 2018 Has New Leverage

By NewsNo Comments

Ransomware’s Unexpected Ally: GDPR

While the intentions of GDPR are positive, analysts are predicting an unintended side effect. Actors using ransomware to extort companies could use GDPR as leverage.

With the strict requirements to stay within GDPR compliance, actors can put pressure on victims to pay out as quickly as possible.

In addition, because GDPR requires the reporting of a cyber breach, reputations will be immediately damaged regardless of how the event turns out. Such reputational damage can cost entities significantly.

Insurance claims are the aftershock of ransomware

In 2017, the UK supermarket chain Morrisons faced a lawsuit regarding compromised data. Those persons who had their data compromised sought compensation, and were granted it by the court. This ruling sets the stage for any number of similar cases of people seeking damages from having their data stolen.

After having already dealt with the costs of fixing the breach and reputational damage, the ransomware event bites back again with these new costs.

The IoT is the next cyber-crime minefield

While not getting the attention it deserves, IoT ransomware attacks are on the rise. In addition, IoT devices are getting smarter, more pervasive, and starting to collect valuable data. This is an already vulnerable field that is only getting more dangerous.

Companies need to get an understanding on just how many IoT devices they have in their networks. Security can’t be maintained if it’s unclear what could be vulnerable.

The bottom line is this: cybercrime costs continue to increase rapidly and are expected to hit $2 trillion in 2019. What will you do to prepare your systems?

Syxsense is prepared to address the threats of today and tomorrow. With our Patch Manager, you can easily identify vulnerable devices and patch them immediately.

Our discovery feature can also show you just how many IoT devices sit inside your networks. With a clear picture of your environment, you can implement a solid protection strategy.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

100 Million IoT Devices Exposed

By NewsNo Comments

Z-Wave IoT Devices Exposed

Z-Wave, a protocol primarily used for home automation, is vulnerable to security downgrade attacks.

According to the Z-Wave Alliance, an organization dedicated to advancing Z-Wave, the protocol is currently used by 700 companies in over 2,400 IoT and smart products. It is estimated that over 100 Million IoT devices are affected.

It turns out that a variant of this downgrade attack was discovered last year by cybersecurity consulting firm SensePost, but the vendor told experts at the time that the risk was being mitigated by users being notified when additional pairing of devices were established.

Manage the IoT

Syxsense will give you a simple view of all of the IoT devices and provide you the information you need to keep yourself better protected. Sign up for a free trial today to get started.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|

FBI Warning: Reset Your Routers

By NewsNo Comments

FBI, DHS, and UK Authorities issue warning over VPNFilter

The FBI, DHS and UK authorities have issued a warning for the VPNFilter malware threat. According to Alert TA18-145A, there are concerns that actors will use VPNFilter to target routers and “collect intelligence, exploit local area network (LAN) devices, and block actor-configurable network traffic.”

Cisco researchers have indicated the following devices are known to be vulnerable:

  • Linksys E1200
  • Linksys E2500
  • Linksys WRVS4400N
  • MikroTik RouterOS for Cloud Core Routers: Versions 1016, 1036, and 1072
  • Netgear DGN2200
  • Netgear R6400
  • Netgear R7000
  • Netgear R8000
  • Netgear WNR1000
  • Netgear WNR2000
  • QNAP TS251
  • QNAP TS439 Pro
  • Other QNAP NAS devices running QTS software
  • TP-Link R600VPN

The warning instructs that you install any new firmware for your routers and, after updating, reset your router. Even if you don’t have one of the listed devices, its recommended you update and reset your router as well.

Also, as a good practice and to protect yourself from repeat infection, ensure your router administration credentials are not set to the factor default.

According to Cisco’s Talos, the VPNFilter malware is known to have already infected at least 500,000 network devices across 54 countries.

This clearly illustrates an important IT lesson: relying solely on your firewall for protection isn’t enough. Malware is becoming more sophisticated and actors are looking for any way into your environment.

What to do:

IT departments need to keep their firmware up to date, but also keep patching regularly. Use a patching solution like Syxsense to ensure you’ll never have a lapse in important updates. CMS detects which devices need updates and the severity of those updates. Then you can schedule a time-frame in which to automatically deploy needed updates. This ensures every device is secured without interrupting business hours.

Check out a better way to manage your environment. Start a trial with Syxsense

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

The Rapid Rise of the IoT

By NewsNo Comments

The IoT is Here to Stay: Risks Included

Research from Metova has revealed the current scale of smart product adoption in the United States.  According to Metova, 90 percent of U.S users now own some form of smart device.

This shows the IoT has truly reached mass adoption across the country. This also presents inherent risks to everyone connected to the Internet of Things. At this scale of growth, taking action to manage the IoT is critical and urgent.

Other observations include:

  • Over 90% surveyed have made a purchase of a connected home device.
  • Nearly 70% already have a voice-controlled system such as an Amazon Alexa or Google Home.
  • 58% percent of people who own a connected home device are concerned about how it may impact their privacy.
  • 74% of respondents think connected home devices are the wave of the future.
  • Over 30% who do not have a connected home device plan to make a purchase within the year.

Manage the IoT

Robert Brown, Director of Services for Verismic said, “As our ownership of smart technology expands, there will become a moment in time when you will no longer have the instant knowledge of the devices in your home or office which could be used to expose critical vulnerabilities, breach your network or steal your identity.

Syxsense will give you a simple view of all of the IoT devices in your home or office, and provide you the information you need to keep yourself better protected.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||||

Third-Party Patch Update: April 2018

By NewsNo Comments

Cisco Patches Vulnerability in WebEx

Cisco has just released a CVSS 9 rated update for its WebEx software. In their own words, the unpatched vulnerability “could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.”

The malicious party would share a Flash file via WebEx’s sharing capabilities to gain control of targeted devices.

So what is the best option here? We recommend rolling out the update or removing WebEx. Syxsense can facilitate whichever approach is best for your situation.

Our patch management solution can easily identify which devices are running the WebEx software. From there, setting up a task to deploy the updates is incredibly straight forward.

If you decide to remove WebEx, it’s almost exactly the same process, but at the last step, you select “Uninstall” instead of ‘Install.”

Use an IT management solution that works with you, not against you. Syxsense offers a simple, but powerful approach to patching. Automatically keeps desktops, laptops and remote users up-to-date with patches and software updates.

Start a free trial of Syxsense today.

Third-Party Patch Updates

Below is a table of third-party updates from April 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

ActiveX: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

Flash Player Plugin NPAPI: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

Flash Player Plugin PPAPI: v29.0.0.140 – https://helpx.adobe.com/security/products/flash-player/apsb18-08.html

 

N/A
 

 

Evernote Corporation  

Evernote: v6.11.2.7027 – https://evernote.com/download

 

N/A
FileZilla FTP Solution v3.32 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v66.0.3359.117 – https://chromereleases.googleblog.com/2018/04/stable-channel-update-for-desktop.html

 

N/A
 

Malwarebytes

 

Antivirus  

Malwarebytes: v3.4.5.2467 – https://www.malwarebytes.com/support/releasehistory/

 

Oracle  

JavaJRE and JDK: v8u172 – http://www.oracle.com/technetwork/java/javase/8u172-relnotes-4308893.html

 

Wireshark Network Protocol Analyzer  

2.4.6 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.6.html

 

N/A

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Ocean’s IoT: Casino Hacked Through Fish Tank

By NewsNo Comments

Casino Infiltrated through Internet-Connected Fish Tank Thermometer

Picture this: Jazzy music underscores George Clooney’s Danny Ocean pulling off another daring heist. He’s gathered his crew and it’s go time. Their entry point? A fish tank in the lobby.

Okay, maybe that’s not the best physical access point, but it is how hackers stole data from an unnamed North American casino.

According to Nicole Eagan, CEO of Darktrace, malicious actors manipulated a vulnerability in an internet-connected fish tank thermometer and stole data the casino had collected on their high-roller gamblers.

This is yet another stunning example of how the IoT can create unconventional breaches.

The only way to protect your environment is to identify all connected devices. How can you expect to manage your environment if you don’t even know how many devices there are? Finding all those devices is no simple task; it’s estimated there are already over 8.4 billion connected devices!

Managing IoT Devices

Syxsense is at the forefront of IoT device management. Our discovery solution can detect every device connected to your network; not just desktops, laptops, and servers.

Plug the holes in your environment before they sink your ship.

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
||

Could Your IoT Devices be Hacked with a Google Search?

By NewsNo Comments

Most Companies Are Unprepared for the IoT

Researchers at Ben-Gurion University warn that hackers have an unexpected resource in exploiting your environment: a Google search. IoT device manufactures set a default password for their devices, sometimes even sharing passwords between brands.

“It only took 30 minutes to find passwords for most of the devices [used in the testing] and some of them were found merely through a Google search of the brand,” said Omer Shwartz, a Ph.D. student and researcher at Ben-Gurion.

Thanks to a survey by ForeScout and CensusWide, we also have an eye-opening view into how unprepared companies are for the Internet of Things.

500 CIOs and IT managers provided data and here are the take aways:

  • Approximately 15% do no keep security patches up to date.
  • 47% don’t change the default passwords on devices.
  • Up to 46% said they did not have a full view of the devices connected to their networks.

This is startling. Nearly half of the businesses involved in the survey couldn’t even begin managing their IoT devices. With no way to see which devices are connected to their network, they wouldn’t be able to patch or manage vulnerable devices.

Myles Bray, vice president of EMEA at ForeScout, stated: “IoT has expanded the attack surface considerably for all firms, and without basic security hygiene it is easy for bad actors to gain a foothold and then move laterally on a network to reach high-value assets and cause business disruption.”

When asked about the results of the survey Natan Bandler, CEO and Co-Founder of Cy-OT, added “What is needed is a dedicated cybersecurity solution that is monitoring both the IoT device and its activity…By doing this, an organization will be able to detect when and which devices are at risk.”

IoT Device Management

To detect all of your IoT devices, look to Syxsense. Our product is the first to be able to scan and identify the IoT devices connected to your environments.

Learn more about our IoT capabilities with our video and by starting a trial today!

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo
|||

Third-Party Patch Update: March 2018

By NewsNo Comments

Will the IoT bankrupt your business?

Research on the Internet of Things is not painting a pretty picture. According to research firm Gartner, approximately 20% of organizations have experienced at least one IoT attack in the past three years. There’s also a report from BullGuard showing that 37% of those surveyed had no idea how to protect IoT devices.

The biggest conclusion from this research: businesses are going to spend a lot trying to prevent IoT-based attacks. Gartner’s forecast conservatively estimates that IoT security spending will reach $1.5 billion this year, but will explode to $3.1 billion by 2021.

Compliance is expected to be the primary cost-increasing factor.

It’s believed more regulations will be created, causing more work for IT managers. With the proliferation of IoT devices, reporting for compliance may become nearly impossible.

However, Syxsense has an answer. Our Device Discovery feature can already detect the IoT devices within your environments. And with our comprehensive reporting, you can generate easy to understand reports for any compliance need.

Be prepared for the IoT and start a trial of Syxsense today!

Third-Party Patch Updates

Below is a table of third-party updates from March 2018:

Vendor Category Patch Version and Release Notes: CVSS SCORE
Adobe Media Software  

AIR: v29.0.0.112 – https://helpx.adobe.com/flash-player/release-note/fp_29_air_29_release_notes.html

 

Flash Player: v29.0.0.113 – https://helpx.adobe.com/flash-player/release-note/fp_29_air_29_release_notes.html

 

Shockwave Player: v12.3.2.202 – https://helpx.adobe.com/shockwave/release-note/release-notes-shockwave-12.html

 

N/A
Don Ho  

Notepad: v7.5.6 – https://notepad-plus-plus.org/news/notepad-7.5.6-released.html

 

N/A
Evernote Corporation  

Evernote: v6.10.3.6921 – https://evernote.com/download

 

N/A
FileZilla FTP Solution v3.31 – https://filezilla-project.org/versions.php

 

N/A
Google Browser  

Chrome: v65.0.3325.184 – https://chromereleases.googleblog.com/2018/03/stable-channel-update-for-chrome-os_23.html

 

N/A
 

Irfan Skiljan

 

IrfanView: v4.51 – https://www.irfanview.com/main_history.htm
 

Malwarebytes

 

Antivirus  

Malwarebytes: v3.4.4.2398 – https://www.malwarebytes.com/support/releasehistory/

 

Mozilla Brower and Email Client  

Firefox: 59.0.2 – https://www.mozilla.org/en-US/firefox/59.0.2/releasenotes/

 

Thunderbird: 52.7.0 – https://www.mozilla.org/en-US/thunderbird/52.7.0/releasenotes/

 

N/A
 

The Document Foundation

 

LibreOffice: v6.0.2 – https://www.libreoffice.org/download/release-notes/
 

 

VSRevoGroup

 

RevoUninstallerFree: v2.0.5 – https://www.revouninstaller.com/revo_uninstaller_full_version_history.html

 

RevoUninstallerPro: v3.2.1 – https://www.revouninstaller.com/revo_uninstaller_pro_full_version_history.html

 

 

WinSCP

 

WinSCP: v5.13 – https://winscp.net/eng/docs/history
Wireshark Network Protocol Analyzer  

2.4.5 – https://www.wireshark.org/docs/relnotes/wireshark-2.4.5.html

 

N/A

Schedule Your Syxsense Demo

Syxsense combines IT management, patch management, and security vulnerability scanning in one powerful solution. Get started today.

Schedule My Demo