HOTTEST
A new Kaspersky survey found that internet users in the US and Canada increasingly believe the internet to be a stressful place. The findings coincided with a more general increase in internet usage due to the COVID-19 pandemic.In its “Dealing with a new normal in our digital reality” report, Kaspersky researchers found that almost 70% of the 2,500 consumers surveyed said they find news about data breaches to be stressful.More than half of respondents said their use of online services increased during the pandemic and 56% said being online has become a source of stress for them. A quarter of those surveyed said their time online has increased significantly. The numbers were also far higher for millennials, 64% of whom said their internet usage increased compared to just 45% of Baby Boomers. Surprisingly, the figures represent a decrease compared to previous reports released in 2019 and 2018. Nearly 80% of respondents in 2018 said data breaches caused them stress, a 7% increase compared to the findings in 2021. More than 60% also said ransomware was a “top concern.”Despite the stress caused by news of data breaches, there was an increase in the percentage of respondents who said they felt more prepared to protect their digital accounts from attack. Thirty six percent of respondents said they felt more prepared to deal with an attack while 23% said they felt less prepared. Just 30% of those surveyed said they use any kind of security platform to protect their devices and personal information. Kaspersky researchers found that 46% of respondents believe they have a basic understanding of cybersecurity while 17% said they were “experts.” Those figures represented a decrease compared to 2019, when 52% of respondents said they had a basic understanding of cybersecurity.
As a way to cut down stress, 53% of respondents said they watched TV while 32% used online workout tools and 14% used meditation apps. Despite the stress of the internet and news, 51% of Gen Z respondents and 49% of millennials told the researchers that they used social media as a way to relax.Archie Agarwal, CEO at ThreatModeler, said the report shows a paradox as respondents are extremely worried about security incidents and yet this does not necessarily translate into action. For example, 64% feel having their bank account compromised would be more stressful than losing their job and yet 44% do not use PINs to protect their mobile devices. “With the prevalence of mobile banking this outwardly seems puzzling. As fear may not necessarily be a good motivator to action, organizations should be mindful of using fear to motivate employee behavior regarding good security practices and look for positive reinforcements,” Agarwal said. “The continual slew of cyber security news will not slow down anytime soon and barring desensitization will continue to be a major stressor in our society. From the research it is clear most respondents consider themselves to be under-equipped in terms of cyber security knowhow. Fear is often a consequence of not knowing or understanding and feeling ill-prepared.” More
StackCommerce
Has the frustration of the last 18 months or so made you want to completely change your life? If you’re ready to get serious about that, you’ll find everything you need to get started in The StackSkills, KeepSolid VPN Unlimited, & Sticky Password Lifetime Subscription Bundle.StackSkills Unlimited Online CoursesThe StackSkills Unlimited Online Courses will train you in skills ranging from marketing, business, and finance to blockchain technology, and more. They are designed for all levels of experience, from complete novices to advanced professionals. You’ll get over 1,000 existing courses plus more than 50 new ones are added every single month. Best of all, these classes offer certifications that will make your resume shine and you will have access to premium customer support.Use the engaging content delivered by StackSkills Unlimited Online Courses to generate a side income or to completely change careers. The impressive 4.5 out of 5 stars rating on TrustPilot says it all.VPN Unlimited: Lifetime SubscriptionIf you’re hoping to use your new skills to work remotely from exotic locations, then you will need to be super cautious about security. A lifetime subscription to VPN Unlimited can relieve you of a great deal of worry. You can enjoy blazing connection speeds with no bandwidth or speed limits. With access to over 400 servers in 80 locations, you can watch any content you like, without buffering or geo-restrictions.
ZDNet Recommends
The best password manager
Everyone needs a password manager. It’s the only way to maintain unique, hard-to-guess credentials for every secure site you and your team access daily.
Read More
You’ll get military-grade encryption, a kill switch, and a strict zero-logging policy, plus 24/7 customer support. It’s no wonder that VPN Special said:”KeepSolid VPN Unlimited offers amazing services and its advanced features make it a solid VPN service provider.”Sticky Password Premium: Lifetime SubscriptionStill, to guarantee the ultimate protection, you really should have a strong password manager. A lifetime subscription to Sticky Password Premium ensures that you’ll never forget another password again. You’ll get an automatic one-click log-in and mega-secure data protected by AES-256 and true two-factor authentication. Cloud backup is included as well as syncing on both cloud and local WiFi. Priority support means there is really nothing left to ask for.
If you’d prefer to spend your hard-earned funds on gaming accessories instead of commuting expenses, don’t miss this opportunity to change your life and protect your data. Get The StackSkills, KeepSolid VPN Unlimited, and Sticky Password Lifetime Subscription Bundle while it’s on sale for just $49.99.
ZDNet Recommends More
Minnesota-based farm supply and grain marketing cooperative Crystal Valley has become the latest agriculture business hit with a ransomware attack. The company released a statement on its website Tuesday afternoon, but the website is currently down as of Wednesday.
On Facebook, Crystal Valley Cooperative confirmed that it had been hit with a ransomware attack on Sunday, September 19.”The attack has infected our computer systems and interrupted the daily operations of our company. Due to this computer breach, all systems of the Mankato-based cooperative have been shut down until they can be restored safely and securely,” the company said. “Due to this, we are unable to accept Visa, Mastercard, and Discover cards at our cardtrols until further notice. Local cards do work. As we continue to navigate through this with the help of experts, we appreciate your patience and understanding. We will continue to update with information as it becomes available.”In messages to ZDNet, a spokesperson for the company confirmed that their phone system is also down. Based in Mankato, Minnesota, Crystal Valley Cooperative is a local full-service agricultural cooperative focused on helping crop farmers and livestock producers in southern Minnesota and northern Iowa.
The Free Press in Minnesota reported that the company works with 2,500 farmers and livestock producers while employing 260 full-time workers. CEO Roger Kielholz told the newspaper that the company is “working diligently with our internal IT team along with multiple outside technology vendors to restore our data and return to full-service operation in a matter of days, especially now with fall harvest getting underway.”The ransomware attack is the second in the last week targeting an agriculture cooperative. Iowa-based farm service provider NEW Cooperative was hit with a ransomware attack last week. The BlackMatter ransomware group took credit for the attack and was demanding a $5.9 million ransom.In that case, many observers noted what Kielholz mentioned in his statement: that this was a particularly bad time for a cyberattack considering this is when harvests begin to ramp up for farmers. Curtis Simpson, CISO at cybersecurity firm Armis, said the agriculture industry struggles with the sheer fact that every type of technology from today to decades past is part of a larger supply chain. Budgets, technical projects, cybersecurity, and business risk mitigation efforts are all impacted by the spiderweb of integrated old and new technologies, Simpson explained. “Older, larger organizations are often trying to catch up with technical debt across the organization while trying to keep up with acquisitions of smaller, less secure operations — all while running a fundamentally low-margin business. The smaller operations often outsource security and technology efforts,” Simpson said.”Unfortunately, and once again, many attackers are more than aware of the potential impacts and what this may mean to the number of zeros in a potential ransom payment.”Darktrace director of strategic threats Marcus Fowler added that with two attacks on critical grain cooperatives this week so close together, all organizations in critical infrastructure, specifically the food and agriculture sector, should be on high alert. “If these two attacks were both conducted by BlackMatter, this could indicate a broader supply chain attack or campaign targeting the food chain, which means there may be other companies that were breached and don’t know it yet or have failed to report,” Fowler said. “These ransomware attacks forced both companies to take their systems offline, which could have significant and longer-term consequences. Ceasing operations could cut off feed supply for animals and, in turn, cut meat processing, dairy production, and more, creating enormous unintended consequences and potentially food scarcity nationwide.”Earlier this month, the FBI released a notice warning companies in the food and agriculture sector to watch out for ransomware attacks aiming to disrupt supply chains.”Food and agriculture businesses victimized by ransomware suffer significant financial loss resulting from ransom payments, loss of productivity, and remediation costs. Companies may also experience the loss of proprietary information and personally identifiable information and may suffer reputational damage resulting from a ransomware attack,” the FBI said. The notice goes on to list multiple attacks on the food and agriculture sector since November, including a Sodinokibi/REvil ransomware attack on a US bakery company, the attack on global meat processor JBS in May, a March 2021 attack on a US beverage company and a January attack on a US farm that caused losses of approximately $9 million. JBS ended up paying an $11 million ransom to the REvil ransomware group after the attack caused meat shortages across the US, Australia and other countries. In November, the FBI also cited an attack on a US-based international food and agriculture business that was hit with a $40 million ransom demand from the OnePercent Group. More
Microsoft is shining a light on a phishing-as-a-service operation that’s selling fake login pages for cloud services like OneDrive that help non-technical cybercriminals steal business user passwords and usernames. Phishing kits are nothing new, but this phishing-as-a-service service caught the attention of Microsoft’s security teams because it lowers the bar to quality phishing even more.
ZDNet Recommends
The best cyber insurance
The cyber insurance industry is likely to go mainstream and is a simple cost of doing business. Here are a few options to consider.
Read More
That business, called BulletProofLink and a few other names, provides email and web site templates as phishing kits do, but also offers email delivery, hosting services, credential theft. It also claims to provide ‘fully undetected’ (FUD) links and logs and is available for purchase as a weekly, bi-weekly, monthly, or annual subscription. SEE: Half of businesses can’t spot these signs of insider cybersecurity threatsAs Microsoft outlines, phishing service providers are one link in the chain that can help ransomware gangs unload file-encrypting ransomware pain on targets, chiefly by providing passwords to attackers who can try them out on compromised networks. If the ransomware buyer is lucky, the credentials can include passwords for high-value admin accounts, allowing for greater movement within a compromised network. “These [FUD] phishing service providers host the links and pages and attackers who pay for these services simply receive the stolen credentials later on. Unlike in certain ransomware operations, attackers do not gain access to devices directly and instead simply receive untested stolen credentials,” the Microsoft 365 Defender Threat Intelligence Team notes in a blogpost. Microsoft is concerned about businesses like these because they offer dozens of templates for the login pages of popular web services and allow anyone on a small budget to beat a path to theft or extortion. It currently offers “login scam” pages for Microsoft OneDrive, LinkedIn, Adobe, Alibaba, American Express, AOL, AT&T, Dropbox, and Google Docs.
It’s also worried about “double theft”, where the phishing service provider captures the credentials on behalf of one customer and then sells the credentials to other customers.BulletProofLink markets itself openly on the web and on underground forums, and is also known as BulletProftLink or Anthrax. It’s even published ‘how-to’ videos on YouTube and Vimeo to help customers use its fraud tools. Microsoft published its research into this operation to help customers refine email-filtering rules and adopt security technologies it offers. While phishing kits are sold once in a ZIP file with phishing templates to set up a bogus login page or emails, phishing-as-a-service includes the whole package. The company caught Microsoft’s attention while it was investigating a phishing campaign that was using BulletProofLink services. The campaign used a whopping 300,000 subdomains with a technique Microsoft calls “infinite subdomain abuse”, which is where an attacker has compromised a website’s domain name system server (DNS) or when a compromised site is configured with a DNS that allows wildcard subdomains.
These subdomains “allow attackers to use a unique URL for each recipient while only having to purchase or compromise one domain for weeks on end”, Microsoft says. They’re useful before the attacker can simply compromise the DNS of a site and not bother with hacking the site itself. It also allows phishing businesses to create a ton of unique URLs that are hard to detect. SEE: Four months on from a sophisticated cyberattack, Alaska’s health department is still recoveringRansomware service provider models are also influencing how phishing businesses operate. One notable ransomware technique is to steal data before encrypting it and then either sell that data or use it as leverage during extortion attempts. “We have observed this same workflow in the economy of stolen credentials in phishing-as-a-service,” Microsoft says. “With phishing kits, it is trivial for operators to include a secondary location for credentials to be sent to and hope that the purchaser of the phish kit does not alter the code to remove it. This is true for the BulletProofLink phishing kit, and in cases where the attackers using the service received credentials and logs at the end of a week instead of conducting campaigns themselves, the PhaaS operator maintained control of all credentials they resell.” More
Concept photo in high contrast black and white of hacker’s fingers on keyboard Getty Images Cyber criminals are exploiting security vulnerabilities in Microsoft Office which have been known about for years to infect PCs with malware in attacks which demonstrate the importance of applying cybersecurity updates. As detailed by cybersecurity researchers at Fortinet, cyber criminals […] More
Internet of Things
Samsung Spotlights Next-generation IoT Innovations for Retailers at National Retail Federation’s BIG Show 2017
That’s Fantasy! The World’s First Stone Shines And Leads You to The Right Way
LG Pushes Smart Home Appliances To Another Dimension With ‘Deep Learning’ Technology
The Port of Hamburg Embarks on IoT: Air Quality Measurement with Sensors