City of Del Rio Hit by Ransomware Attack

Infosecurity Magazine | January 15, 2019

City of Del Rio Hit by Ransomware Attack
Another ransomware attack has made headlines with the city of Del Rio, Texas, announcing on January 10, 2019, that the servers at City Hall were disabled, according to a press release. “The first step in addressing the issue, was for the City’s M.I.S. (Management Information Services) Department to isolate the ransomware which necessitated turning off the internet connection for all city departments and not allowing employees to log into the system. Due to this, transactions at City Hall are being done manually with paper.” As has been the alternative method of communication for many organizations that have been impacted by cyber-attacks, Del Rio turned to social media, using Facebook to inform citizens of alternative payment options available to them. After reporting the attack to the FBI, Del Rio was referred to the Secret Service. “The City is diligently working on finding the best solution to resolve this situation and restore the system. We ask the public to be patient with us as we may be slower in processing requests at this time,” the press release said.

Spotlight

We empirically assess whether browser security warnings are as ineffective as suggested by popular opinion and previous literature. We used Mozilla Firefox and Google Chrome's in-browser telemetry to observe over 25 million warning impressions in situ. During our field study, users continued through a tenth of Mozilla Firefox's malware and phishing warnings, a quarter of Google Chrome's malware and phishing warnings, and a third of Mozilla Firefox's SSL warnings. This demonstrates that security warnings can be effective in practice; security experts and system architects should not dismiss the goal of communicating security information to end users. We also find that user behavior varies across warnings. In contrast to the other warnings, users continued through 70.2% of Google Chrome's SSL warnings. This indicates that the user experience of a warning can have a significant impact on user behavior. Based on our findings, we make recommendations for warning designers and researchers.

Related News

DATA SECURITY

InCite and CyberCube Partner to Deliver Cyber Analytics to Insurance Agents and Brokers

InCite | October 25, 2021

InCite Performance Group has announced a strategic partnership with market-leading cyber analytics expert CyberCube. Under the partnership, InCite agent and broker partners will be able to gain exclusive access to CyberCube's Broking Manager platform, the first software-as-a-service application CyberCube has built specifically for the insurance broking community. “We’re thrilled that InCite has chosen us as a strategic partner. InCite is dedicated to empowering insurance agents and brokers to be effective partners in helping insurance buyers better quantify, transfer and manage their risk. Cyber risk is clearly high on its agenda. This relationship will enable InCite’s members to effectively communicate cyber risk to their clients when time is of the essence.” Nate Brink, CyberCube Sales Manager Gordon Zellers, Partner & Advisor with Incite, said: “By teaming up with CyberCube, we will be using a solution that provides a streamlined approach to quantifying the financial exposure impact of our client’s cyber risk, their specific security posture, and business practices. This not only allows us to educate our clients about the nature of cyber threats they face, but also empowers them to make informed decisions with analytics that tie back to insurance product features, coverages and limits.” Broking Manager complements CyberCube’s two other products: Portfolio Manager and Account Manager, which are designed for risk carriers and are used by leading companies across the insurance ecosystem. About CyberCube CyberCube delivers the world’s leading cyber risk analytics for the insurance industry. With best-in-class data access and advanced multi-disciplinary analytics, the company’s cloud-based platform helps insurance organizations make better decisions when placing insurance, underwriting cyber risk and managing cyber risk aggregation. CyberCube’s enterprise intelligence layer provides insights on millions of companies globally and includes modeling on thousands of points of technology failure. The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company exclusively focused on the insurance industry, with access to an unparalleled ecosystem of data partners and backing from ForgePoint Capital, HSCM Bermuda, MTech Capital and individuals from Stone Point Capital. About InCite Performance Group InCite Performance Group is a private client group and membership program for some of the top Independent Insurance Agencies and Brokerages in the United States, Canada, and Latin America. InCite Performance Group is comprised of over 125 members representing approximately $4 billion (U.S.) in premiums.

Read More

DATA SECURITY

ISARA, Carillon and Crypto4A Partnership enables a world first Canadian fully integrated Quantum-Safe Now PKI solution

Crypto4A | October 23, 2021

Crypto4A Technologies Inc., ISARA Corp., and Carillon Information Security Inc. today announced their partnership agreement focused on providing organizations with a next generation Quantum Safe NowTM Public Key Infrastructure (PKI) solution. The Quantum-Safe Now™ PKI solution integrates ISARA's Radiate Quantum-safe Toolkit and Catalyst Agile Digital Certificate Methodology, which provide hybrid crypto-agility, with Carillon's world class PKI CertServ ID Management Suite operating on Crypto4A's QxEDGE™ and QxCloud™ Hybrid Security Platform (HSP). By working together, the three Canadian organizations provide a world first quantum safe PKI solution running on purpose-built hybrid crypto-agile hardware. As part of the partnership, the companies intend to develop and market seamless, easy to use quantum-safe PKI cryptographic solutions that ease digital transformations, enable cryptographic agility and simplify cryptographic management. Today's connected economies, identity based digital transformations, DevSecOps teams and cloud-based deployments require new cryptographic capabilities based on quantum-safe software and hardware to provide enterprises with the forward agility, seamless access, security and controls required for cloud, edge, and end user environments. "ISARA's suite of proven crypto-agile capabilities effectively complements the proven capabilities of both Carillon's PKI software and Crypto4A's hardware based crypto-agility resulting in a more robust and easier to use Quantum-Safe Now™ PKI solution. Our approach is to enable customers to discover and manage their cryptographic capabilities in an agile, quantum-safe and trusted way. Our collective experiences, knowledge and integrated Quantum Safe Now™ PKI solution de-risks digital transformations and migrations to address the evolving security requirements for today and tomorrow," said Scott Totzke, CEO and Co-founder at ISARA. Identity based digital environments, applications and relationships rely on cryptography for their trust, innovation, security and privacy. By working with ISARA and Carillon, we demonstrate the power of the Canadian cryptography industry to elevate the original PKI architecture as well as demonstrate the agile capabilities of our FPGA based QxTrust Architecture™(QxTA™). As progress is made in better cloud and edge security, privacy and data management, new requirements are emerging that place material stress on the foundations of today's cryptographic hardware. This new collaborative offering helps to remove some of these stresses and represents our approach to cooperation John Scott, CEO of Crypto4A "We are excited to be partnering with Crypto4A and ISARA on this common PKI initiative. The experience that they both bring from a cryptography and an engineering perspective, provides Carillon and its customers with an integrated approach to an agile Quantum Safe Now™ PKI solution. Quantum Safe Now™ demonstrates our ongoing commitment to meet the emerging needs of the connected enterprise for innovation with digital trust", said Patrick Patterson, President and Chief PKI Architect of Carillon. About Radiate™ Quantum-safe Toolkit and Catalyst Agile Digital Certificate Methodology The ISARA Radiate™ Quantum-safe Toolkit is a high-performance, lightweight, standards-based quantum-safe software development kit, built for developers who want to test and integrate next-generation post-quantum cryptography into their commercial products. ISARA Catalyst™ Agile Digital Certificate Methodology enables a seamless, cost-effective and simplified migration to quantum-safe security today to protect investments in durable connected devices and the Internet of Things (IoT) and complex public key infrastructures with no impact to end-users. Catalyst certificates support two cryptographic algorithms within a single certificate and can support both classic and quantum-safe public keys and signatures. About CertServ ID Management Suite CertServ ID Management Suite is the first, single technology PKI platform that is designed with the users in mind. It offers a simple, easy to use, easy to deploy series of components that facilitate all aspects of PKI credential management. From devices to people, hardware or software-based credentials are simple to issue, manage, and maintain. About QxEDGETM and QxCloudTM QxEDGETM and QxCloud™ HSP's provide a suite of next generation capabilities that are an alternative to traditional HSM capabilities. Architected to be native for quantum-safe crypto-agility in cloud, zero trust and remote working environments. QxEDGETM and QxCloud™ enable the adoption of hybrid certificate techniques and post quantum cryptographic algorithms, ensuring cost and security effective crypto-agility for identity-based application environments. About ISARA ISARA, with its knowledge and experience in cybersecurity over the years, is a global leader in crypto-agile technologies and quantum-safe security solutions that can continue to protect current computing ecosystems into the quantum age. Capitalizing on know-how garnered in using agile methods to develop these cryptography implementation and public key authentication technologies, ISARA will target the development of crypto agility and quantum-safe security solutions compliant with the international standardization of quantum secure cloud technology. About Carillon Information Security Carillon Information Security Inc. provides a complete spectrum of identity management solutions that are designed to prevent identity theft, promote the migration from paper to electronic authentication, and avoid the loss of intellectual property. From consulting services, to credential issuance and validation software to managed identity services, Carillon can provide the skill sets and tools to help companies take control of their corporate digital credentials. About Crypto4A Crypto4A QxTrust Architecture™(QxTA™) helps enable crypto agility for Zero Trust environments. Developed by founders who created previous crypto key and HSM architectures, our patented QxTA™ helps secure and accelerate digital transformations, cloud migrations and crypto-agility by deploying, managing and protecting digital keys, workloads, data and applications from anywhere in the world.

Read More

NETWORK THREAT DETECTION

Cybersixgill's industry-leading, automated threat intelligence is now available on the Swimlane Platform.

Cybersixgill | March 18, 2021

Cybersixgill, the pioneer in danger knowledge enablement, today reported that Darkfeed will be accessible through Swimlane's security robotization stage. Presently, Swimlane users can upgrade their danger research and occurrence response by coordinating noteworthy alerts from the industry's broadest and most comprehensive insight assortment from the profound and dull web. "Accurate and actionable intelligence is the key to successfully scaling cyber security operations," said Ron Shamir, VP products and technology alliances at Cybersixgill. "With Darkfeed, Swimlane users gain access to an automated stream of threat intel that they can tailor to meet the needs of their organization's risk posture and tolerance. This marks the beginning of a growing partnership with Swimlane." Controlled by the broadest computerized assortment from the profound and dim web, Cybersixgill Darkfeed is a feed of malicious indicators of compromise (IOCs), including domains, URLs, hashes and IP addresses. With Darkfeed, IOCs are consequently extricated and conveyed progressively. It is noteworthy, permitting Swimlane customers to get and preemptively block items that undermine their association straightforwardly from the Swimlane stage. "Cybersixgill is a natural partner for us as we continue to help customers identify new ways to automate some of security's most time and resource-intensive processes," said Karen Rhys Wood VP global alliances, at Swimlane. "By integrating Darkfeed directly into Swimlane's extensible security automation platform, which was designed with an automation engine as its core and differentiates our platform from other SOAR solutions out there, security operations teams gain industry-leading threat intelligence while eliminating time consuming, manual tasks." Through this joining, common customers can computerize a response to threats ahead of time by using a superior, mechanized danger insight solution based on the most comprehensive information sources from the profound, dim and surface web. Users will actually want to improve their danger chasing activities and direct profound analysis of malware accessible on the dim web. Likewise, they can clandestinely screen basic assets and priorities, as well as respond to threats straightforwardly from the Swimlane stage.

Read More

Spotlight

We empirically assess whether browser security warnings are as ineffective as suggested by popular opinion and previous literature. We used Mozilla Firefox and Google Chrome's in-browser telemetry to observe over 25 million warning impressions in situ. During our field study, users continued through a tenth of Mozilla Firefox's malware and phishing warnings, a quarter of Google Chrome's malware and phishing warnings, and a third of Mozilla Firefox's SSL warnings. This demonstrates that security warnings can be effective in practice; security experts and system architects should not dismiss the goal of communicating security information to end users. We also find that user behavior varies across warnings. In contrast to the other warnings, users continued through 70.2% of Google Chrome's SSL warnings. This indicates that the user experience of a warning can have a significant impact on user behavior. Based on our findings, we make recommendations for warning designers and researchers.