Security
Customers of Microsoft Azure Cloud Warned of Potential Security Flaws
Image sourced from NS Energy. Microsoft has issued a warning to some of its Azure Cloud customers that a flaw discovered by a security research team could have allowed threat actors to access their data. According to Reuters, the tech mega-conglomerate said in a blog post, written by its security response team, that the flaw reported by researchers from Palo Alto Networks has been fixed, and that there had been no evidence that cybercriminals were able to access any Azure cloud data. The blog post continues to say that Microsoft has notified some of its customers to change their login credentials as a precaution. Researchers from the Palo Alto team discovered an exploit around a widely-used system in Azure called ‘containers’, which store programs for users. According to Palo Alto research...
With IoT in Healthcare on the Rise, Security Must Be A Priority says Fortinet
Image sourced from Alpine Security. South Africa is poised to start benefiting from a plethora of healthcare technologies that could dramatically improve patient care at a lower cost, boost preventative healthcare, and take the best medical practitioners virtually to the most underserved regions of the country. However, exciting new developments in healthcare technology could also put patients at risk in both the cyber and real world. This is according to Fortinet South Africa security experts Doros Hadjizenonos and Matthew Taljaard, who warn that the promise of emerging healthcare technologies could be derailed by security risks. Hadjizenonos, Regional Sales Director SADC at Fortinet, says Internet of Things (IoT) and Internet of Medical Things (IoMT) devices are increasingly being adopte...
3 Most Common Cyberscams that Compromise Business Emails
Image sourced from Forbes. Online security firm Kaspersky reports that its cybersecurity experts are increasingly observing BEC (Business Email Compromise) attacks online. Between May and July 2021, Kaspersky says that its security products prevented more than 9,500 BEC attacks globally, including those against businesses in air transportation, industry, retail, IT, and delivery. Such attacks demand significant time and resources, and preparation for them may last from a few weeks to several months. One successful attack may lead to damage worth many millions for a company. During a BEC attack, fraudsters usually initiate an email exchange with a company employee in order to gain their trust and encourage actions that are detrimental to the interest of the company or its clients. To do thi...
Today’s New Business Normal Creates Threat Opportunities
Image sourced from Feed Navigator. The COVID-19 pandemic forced businesses of all shapes and sizes to make rapid changes in how they operated, with employees predominantly working remotely and sensitive data and systems being accessed from outside the office. For many, this triggered an increased reliance on remote-access infrastructure and cloud-delivered services. IT departments rushed to install, expand, or upgrade remote desktop access (RDA) servers, virtual private network (VPN) concentrators, and remote access routers to meet surging workforce demand for remote access to data centres. Moreover, widespread reliance on video conferencing apps forced many businesses to upgrade enterprise wide-area network and local-area network capacity, as well as to re-evaluate routing and DNS re...
Over 1,500 Malicious Resources Are Targeting Potential Crypto Investors in Africa
Image sourced from Shutterstock. Globally, cryptocurrency mining malware wreaked havoc in 2018, infecting more than five million people in the first three quarters of that year. Recent Kaspersky’s research shows that in some African countries, the threat of malicious crypto miners remains prevalent. Currently, in South Africa, the share of all users targeted by malicious crypto miners in H1 2021 was 0.60%. In Kenya, the share of all users targeted was 0.85% and in Nigeria, 0.71%. “Although these percentages may be interpreted as low and may not seem significant to users, crypto-miner malware has been identified as one of the top 3 malware families rife in South Africa, Kenya and Nigeria at present,” says Bethwel Opil, Enterprise Sales Manager at Kaspersky in Africa. Kaspersky believes thes...
5.8-Million Attacks Detected in Malware Disguised as PC Games
Image sourced from Wccftech. Over 5.8 million attacks by malware and unwanted software disguised as popular PC games were detected and prevented by Kaspersky and its cybersecurity solutions globally from Q3 2020 to Q2 2021. This increased volume may be connected to the rapid growth of gaming activities during the pandemic. The data comes from the latest game-related cyberthreats report by Kaspersky, in which researchers assessed the changes of gaming-related threats during the pandemic. The gaming industry witnessed unprecedented growth over the past 18-months, in part, thanks to users being forced to find alternative means of entertainment as they stayed at home. Even though the world has become safer this year, the demand for games persists, and the industry is predicted to grow even fur...
When Ransomware Strikes, Can You Recover Fast Enough?
Sourced from Kaspersky Ransomware attacks have become increasingly common, and they are even available on the dark Web to purchase as a service. There have been many incidents in the news, where major companies have been left with little choice other than to pay the ransom to get their data back, often amounting to hundreds of thousands of dollars. The reality is that ransomware and other cyberattacks have become a question of when not if. The ability to respond and recover quickly has therefore become an essential part of successful ransomware defence, but it is something many organisations, especially in South Africa, struggle with. Consider Some Statistics The State of Ransomware report from security firm Sophos reveals that, over the last year, the average cost of remediating a ransomw...
Malware Spreading Through Popular WhatsApp Mod Uncovered
Image sourced from YoMZanzi A malicious version of a popular WhatsApp messenger mod (unofficial modification of the app) called FMWhatsapp has been discovered by cybersecurity firm Kaspersky. This mod spreads the Triada mobile Trojan, which downloads other Trojans and can launch ads, issue subscriptions, and intercept a user’s SMSs. Even though WhatsApp is one of the most popular apps for instant mobile messaging, not all users are satisfied with its features. Looking for the most user-friendly version, people can be tempted to install modified versions of WhatsApp, which provide many more options than the official one (such as choosing dynamic templates or the ability to read deleted messages). However, these modified apps do not have the same security and encryption features that the off...
Take Steps Now to Protect Your Organisation as Ransomware-as-a-Service Ramps Up DDoS Attack Offerings
Image sourced from Ben Kerckx, Pixabay. The services industry has traditionally included sectors ranging from social assistance and health care to transportation and scientific services. However, it doesn’t end there, because the human talent for innovation can turn almost anything into a service. We also find – rather less top-of-mind for most people – the offer of hitmen-as-a-service, usually associated, at least in Hollywood, with large and well-muscled men in expensive suits and sunglasses. A few years ago, this area of business moved into the cyber arena as well. And so we present: ransomware-as-a-service. Today, one of its latest offerings is a ‘triple threat’ that turns Distributed Denial of Service (DDoS) attacks into an even more lethal cyber weapon against organisations. Carole H...
6 PoPIA Tips to Ensure Security and Compliance
The full implementation of the Protection of Personal Information Act (PoPIA) heralds a new era of control and privacy for South African citizens and organisations, and holds the promise of deepening trust between organisations and their customers – provided organisations remain fully compliant. According to Cameron Beveridge, Regional Director Southern Africa at SAP, trust is the key to success in the digital economy. “Privacy and trust are essential elements in building strong connections with customers and ensuring a positive customer experience (CX) in today’s business environment. In fact, some studies have found that up to 90% of customers believe how their data is treated is indicative of the way they will be treated as a customer, and 91% won’t purchase from a company if they don’t...
Ozone Builds a World of Cybersecurity Solutions for SA Businesses
Ozone Information Technology Distribution [Ozone] has developed a comprehensive portfolio designed to provide organisations with robust cybersecurity, file sharing, digital forensics, and business continuity. This solutions-driven portfolio includes Neverfail, Nuix, WhatsUp Gold, MoveIT, Kerio Control, GFI Languard, and Keeper Password Management, among others. “The current cybersecurity climate is extremely challenging for local organisations,” says Henk Olivier, MD at Ozone Information Technology Distribution.” “Companies need better tools and solutions to help protect them from the increasingly complex and intelligent threat actors that put their data and employees at risk. This complex environment, and the rigorous compliance requirements now mandated by the Protection of Personal Info...
Why Balancing Customer Experience with PoPIA Compliance is Critical
Image sourced from Innoverse 365. Meeting growing customer demand for relevant, personalised experiences while managing the regulatory demands of protecting data is emerging as one of the most significant challenges facing South African businesses today. Aspects such as managing customer consent and conforming to data privacy legislation create complexities for cloud-based data and analytics solution providers, the brands that use them, and the customers themselves. Given how the management of personal information (PI) is driven by the likes of the General Data Protection Regulation (GDPR) in Europe and the Protection of Personal Information Act (PoPIA) in South Africa, companies and providers need to navigate a minefield of compliance requirements to avoid significant financial fines and ...
