Hackers Are Using Google Analytics to Steal Your Credit Card Information

Search Engine Journal | June 29, 2020

Hackers are using Google Analytics to steal credit cards, passwords, IP addresses... basically everything shared with a hacked site. An investigation by Kaspersky Lab has uncovered a new hacking technique that uses Google Analytics to steal credit card numbers, user agents, IP addresses, passwords… basically everything. This isn’t an exploit in Google Analytics itself. Hackers are exploiting the trusted status given to Google Analytics by all browsers in order to steal information from hacked sites by using Google Analytics as a way to transfer that data. Kaspersky’s report noted that the exploit is stealing everything that is shared with the affected website, including credit card information but presumably that means password information as well. The exploit apparently steals “everything” from passwords, name and address, credit cards and even the personal information of the person sharing their information.

Spotlight

The insider threat is one that organizations often want to overlook. But it’s hard to ignore when they are losing critical assets. Lockheed Martin’s Douglas Thomas tells how to sell an insider threat program. The first hurdle is to convince senior leaders that they even have an insider threat problem, says Thomas, Director, Counterintelligence Operations and Investigations for Lockheed Martin Corporation. “It’s becoming harder and harder to justify to leadership that they need to invest in a program, when it’s overhead,” Thomas says.


Other News
DATA SECURITY,ENTERPRISE IDENTITY

Keeper Security's Cybersecurity Census Finds U.S. Businesses are Unprepared for Escalation in Cyberattacks

Keeper Security | September 15, 2022

Keeper Security, the leading provider of zero-trust, zero-knowledge and FedRAMP Authorized cybersecurity software, today released findings from its second annual Cybersecurity Census. The report explores insights from IT decision-makers at businesses and organizations across the U.S., revealing that most respondents expect the onslaught of cyberattacks to intensify over the next year, yet 32% lack a management platform for IT secrets–posing a significant risk to organizational security. The 2022 U.S.Cybersecurity Census Report explores the ongoing threats of cyberattacks and the need for cybersecurity investment. The report maps the evolving cybersecurity landscape as hybrid and remote work have transformed businesses over the past two years. According to survey findings, the average U.S. business experiences 42 cyberattacks annually—between three to four each month. Still, fewer than half (44%) of respondents provide their employees with guidance or best practices for governing passwords and access management. IT leaders reveal a lack of preparedness for cyberattacks U.S. businesses face many cyberattacks each year, significantly impacting their organizations. Most respondents agree the total number of attacks will increase over the next year, with 39% predicting the number of successful cyberattacks will also rise. Most organizations in the U.S. believe they're prepared to fend off cyberattacks, with 64% of respondents rating their preparedness at least an eight on a 10-point scale and 28% rating themselves as a 10/10. At the same time, the majority of respondents (57%) say it is taking longer to respond to attacks and only 8% say responses are getting faster. Though most report feeling prepared for attacks, leaders admit their tech stacks lack essential tools. Nearly one-third of respondents (32%) lack a management platform for IT secrets, such as API keys, database passwords and privileged credentials. 84% are concerned about the dangers of hard-coded credentials in source code but 25% don't have software to remove them. More than one-quarter of respondents (26%) said they lack a remote connection management solution to secure remote access to IT infrastructure. With the rise in hybrid work and remote work, this is a significant security gap. This lack of investment in cybersecurity tools is alarming, especially considering the lasting impact of cyberattacks that survey respondents revealed. Nearly one-third (31%) suffered a disruption of partner or customer operations in the wake of a cyberattack and the same percentage experienced theft of financial information. 18% of organizations experienced theft of money, with the average amounting to more than $75,000, while 37% lost $100,000 or more. 23% experienced the inability to carry out business operations. In addition to direct costs, cyberattacks can cause lasting damage to business perception and client trust. More than one-quarter of respondents (28%) suffered reputational damage due to a successful cyberattack and 19% reported losing business or a contract. "The volume and pace at which cyberattacks are hitting businesses is increasing and with that come severe financial, reputational and organizational penalties," said Darren Guccione, CEO and co-founder of Keeper Security. "Leadership must prioritize cybersecurity, enabling their security teams to address rapid shifts in technology and distributed remote work. The impact these shifts have on cybersecurity are both pervasive and extreme. Building a culture of trust, accountability and responsiveness is critical." U.S. businesses must take immediate action against cyber threats Cybersecurity is a pillar of every good business and these findings underscore the need for business leaders to make cybersecurity a part of organizational culture. U.S. business leaders are working to source the necessary talent to stay secure. Nearly three-quarters (71%) of respondents have made new hires in cybersecurity over the past year and 58% say they've increased cybersecurity training. A devastating cyberattack is one stolen password away, but despite this threat, fewer than half (48%) of respondents state they have plans to invest in password management, visibility tools for network-based threats or infrastructure secrets management. Only 44% of respondents provide their employees with guidance and best practices governing passwords and access management. 30% of respondents allow employees to set and manage their passwords and admit that employees often share access to passwords. A mere 26% have a highly sophisticated framework for visibility and control of identity security. Many organizations are considering future investments with 73% of respondents expecting their cybersecurity budgets to increase. However, they face being outmatched by rising external threats and the demands created by existing weaknesses. Cybersecurity in company culture Employees understand the dangers of both external and internal threats. An overwhelming 79% of IT professionals are concerned about a breach from within their organization and 47% have suffered a breach of that nature. As more employees work remotely, businesses must rethink their investments in order to maintain security. In fact, 40% of respondents highlighted remote and hybrid work as a top concern, with rising external threats close behind at 39%. IT leaders themselves admit a lack of transparency in cyber incident reporting within their organizations, with nearly half of respondents (48%) being aware of a cyberattack, but keeping it to themselves. Businesses must foster a sense of trust and transparency in their organizations, creating an open dialogue to recognize the scale of the cybersecurity challenges their organization faces. Only with that recognition can resources be devoted to education and embedding a cybersecurity mindset into the organization's culture. Keeper's 2022 U.S. Cybersecurity Census Report demonstrates that cyberattacks present a profound and ongoing threat. Preventative measures, including investment, education and cultural shifts, are essential for businesses to drive resilience and protect their organizations from cybercriminals. Methodology The report yielded results from 516 IT leaders and decision-makers in businesses across the U.S. About Keeper Security Keeper Security, Inc. ("Keeper") is transforming the way organizations and individuals protect their credentials, secrets, connections and sensitive digital assets to significantly reduce the risks of identity security-related cyberattacks, while gaining visibility and control. Keeper is the leading provider of zero-trust and zero-knowledge security cloud services trusted by millions of people and thousands of organizations for password management, secrets management, privileged access, secure remote infrastructure access and encrypted messaging.

Read More

DATA SECURITY,PLATFORM SECURITY

Resecurity Named as One of America's Fastest-Growing Private Cybersecurity Companies by Inc. Magazine

Resecurity | August 19, 2022

Resecurity, Inc., a cybersecurity company based in Los Angeles, California, was recently recognized by Inc. magazine's annual Inc. 5000 list, the most prestigious ranking of the nation's fastest-growing private companies. Ranked as one of the fastest-growing private cybersecurity companies, Resecurity was number 2477 on the list for achieving 234 percent of revenue growth in past three years. The list represents a unique look at the most successful companies within the American economy's most dynamic segment—its independent small businesses. Intuit, Zappos, Under Armour, Microsoft, Patagonia, and many other well-known names gained their first national exposure as honorees on the Inc. 5000. Among the 5,000, the average median three-year growth rate soared to 230 percent and total revenue reached $317.2 billion. Together, those companies added more than one million jobs over the past three years. The recognition comes after a record year for the company, including a recent acquisition of Cybit Sec, a vulnerability assessment and penetration testing company, and the launch of their latest product offering, the Digital Identity Protection Platform. Resecurity has fueled its growth with strategic investments into R&D, expanding its international and channel sales presence, and scaling its industry partnerships. "The Inc. 5000 list is home to some of the most innovative companies in the market today. Resecurity is proud to have earned a top spot on this prestigious list. This growth is a testament to cybersecurity's critical role in the future. We're committed to accelerating this growth with strategic partnerships and investments in R&D, allowing us to help more individuals and enterprises combat ever-evolving cyber threats." Gene Yoo, Resecurity CEO Resecurity's SaaS solution combines XDR/endpoint protection, cyber threat intelligence and digital risk management, enabling customers ranging from Fortune 500 corporations to governments to protect their ecosystem. The innovative platform allows administrators to reduce potential blind spots and security gaps by quickly seeing in-depth analysis and specific artifacts obtained through the dark web, botnets activity, network intelligence and high-quality threat intelligence data. "The accomplishment of building one of the fastest-growing companies in the U.S., in light of recent economic roadblocks, cannot be overstated," says Scott Omelianuk, editor-in-chief of Inc. "Inc. is thrilled to honor the companies that have established themselves through innovation, hard work, and rising to the challenges of today." Methodology Companies on the 2022 Inc. 5000 are ranked according to percentage revenue growth from 2018 to 2021. To qualify, companies must have been founded and generating revenue by March 31, 2018. They must be U.S.-based, privately held, for-profit, and independent--not subsidiaries or divisions of other companies--as of December 31, 2021. (Since then, some on the list may have gone public or been acquired.) The minimum revenue required for 2018 is $100,000; the minimum for 2021 is $2 million. As always, Inc. reserves the right to decline applicants for subjective reasons. Growth rates used to determine company rankings were calculated to four decimal places. About Resecurity Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine. An Official Member of Infragard, AFCEA, NDIA, SIA, FS-ISAC, the American Chamber of Commerce in Saudi Arabia (AmChamKSA) and Mexico (AmChamMX).

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Palo Alto Networks 5G-Native Security Now Available on Microsoft Azure Private Multi-Access Edge Compute

Palo Alto Networks | September 26, 2022

Palo Alto Networks, a Microsoft Azure private MEC ecosystem partner, today announced availability of VM-Series Virtual Next-Generation Firewall (NGFW) technology on the Azure Marketplace. Delivering end-to-end Zero Trust security at the enterprise edge, VM-Series virtual firewalls can now extend best-in-class NGFW capabilities to help protect Azure private MEC applications, providing centralized defense against cyberattacks. Azure private MEC combines network functions, applications and edge-optimized Azure services managed from the cloud to deliver high-performance, ultra-low-latency 4G/5G private wireless solutions that address the modern business needs of enterprise customers. "Our long-standing partner solutions with Azure and our VM-Series virtual firewalls have been protecting customer cloud environments for years. "The new VM-Series 5G capabilities enable enterprises to secure mission-critical applications in industry verticals like manufacturing, healthcare, utilities and public sector, all of which demand the latest in private wireless network technology." Prem Iyer, vice president, Ecosystems GSI and CSP, Palo Alto Networks Mobile 5G networks with multi-access edge compute combine AI and cloud technologies to transform enterprises and industries. Customers choose this next-generation mobile technology for its security and reliability, but increasingly sophisticated networks must be safeguarded against a complex and escalating "threatscape." Palo Alto Networks 5G-Native Security on the VM-Series brings advanced Layer 7 security capabilities to help detect and block known exploits, malware, malicious URLs, spyware, and command and control (C2) to 5G-powered edge computing use cases. The VM-Series Next-Generation Firewall enables enterprises to achieve comprehensive security for end-user application traffic that traverses the Azure Private 5G Core, securing edge infrastructure and helping detect and mitigate malicious activity within the user traffic. Key benefits of the solution include: Faster time to market with a fully tested and validated solution. Simpler deployment at scale from the Azure marketplace, facilitating a rapid rollout of NGFWs. Predefined configuration templates for comprehensive zero-day security. The Panorama management solution, integrated with Azure, allows for common management of VM-Series virtual firewalls deployed across all cloud and edge environments from a single console and provides centralized visibility and actionable insights into network traffic, logs and threats. "We're pleased to add Palo Alto Networks 5G security products to Azure Marketplace and our Azure private MEC ecosystem," said Shriraj Gaglani, general manager, Azure for Operators. "This adds an important option for customers when architecting critical end-to-end security frameworks that underpin Industry 4.0 use-cases built on our Azure private MEC solution." About Palo Alto Networks Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Read More

DATA SECURITY,PLATFORM SECURITY,SOFTWARE SECURITY

Upstream Deepens Investment in Michigan, US with a New Vehicle Security Operation Center

Upstream | September 08, 2022

Upstream, the creator of industry-leading cloud-based cybersecurity and data management platform for connected vehicles and smart mobility, is opening its first U.S.-based vehicle security operation center (vSOC) in Ann Arbor, Michigan, to closely surveil and mitigate emerging cyber threats and risks for its U.S.-based automotive clients. Data and connectivity are the foundation of the automotive industry's transformation, unlocking new revenue streams and business opportunities for automotive stakeholders and users. But, connectivity and mobility applications bring a wide range of cyber risks. "Upstream enables OEMs to build trust into the connected vehicles ecosystem. "Our platform monitors over 12 million vehicles worldwide. We see new attack surfaces and threats on a regular basis, fueled by a wide variety of vulnerabilities, including EV charging networks, expanded use of smartphone apps that control basic car functions and infotainment systems. This is the right timing to open our U.S.-based vSOC, and Michigan is a natural choice." Yoav Levy, CEO and co-founder of Upstream "Companies continue to invest in Michigan because of our world-class talent, quality of life, low cost of doing business and culture of innovation," said Trevor Pawl, Michigan's Chief Mobility Officer. "Michigan remains committed to being the global epicenter of the next revolution of the automotive industry and we applaud Upstream's continued success and investment in Michigan's autonomous and electrified future." "Vehicles are benefiting from a wave of technology innovation, producing transportation that is safer and smarter thanks to connectivity," said Faye Francy, executive director of Auto-ISAC, a global information sharing community established by automakers to address cybersecurity risks. "The very technology that provides us with these new efficiencies also introduces potential cyber risk to the vehicle, and vSOC operations is an application for the automotive industry to proactively address the risk." In fact, Upstream found more than 50 percent of all reported automotive-related cybersecurity incidents took place during the past two years alone. "Customer experience applications, by OEMs and smart mobility providers, are one of the fastest growing attack surfaces and account for 6 percent of total attacks in 2022 so far compared to 2 percent in 2021, explains Yaniv Maimon, Upstream's director of vSOC. "Charging stations and infrastructure have also become a significant concern, especially given range anxiety concerns and the constant pressure to accelerate EV adoption." At the Michigan vSOC, Upstream is hiring and training experienced local cyber and automotive experts to operate the vSOC, offer cross-functional response and mitigate attacks in real time. "Southeast Michigan's emergence as a high-tech mobility hub and its proximity to our automotive customers, their Tier-1 suppliers and cybersecurity talent makes it a perfect setting for our new vSOC," Levy said, adding that traditional security operation centers focus on compliance and IT assets and lack the holistic and contextual view required to mitigate cybersecurity threats against vehicles, services and entire fleets. The Michigan-based vSOC is expected to be fully operational by the end of the year. It adds to Upstream's growing network of automotive-specific security centers already active in Israel, and coming soon in Japan. Additional vSOC investments are expected in Europe in the near future. About Upstream: Upstream provides a cloud-based data management platform purpose-built for connected vehicles, delivering unparalleled automotive cybersecurity detection and response (V-XDR) and data-driven applications. The Upstream Platform unlocks the value of vehicle data, empowering customers to build connected vehicle applications by transforming highly distributed vehicle data into centralized, structured, contextualized data lakes. Coupled with AutoThreat® Intelligence, the first automotive cybersecurity threat intelligence solution, Upstream provides industry-leading cyber threat protection and actionable insights, seamlessly integrated into the customer's environment and Vehicle Security Operation Centers (vSOC).

Read More

Spotlight

The insider threat is one that organizations often want to overlook. But it’s hard to ignore when they are losing critical assets. Lockheed Martin’s Douglas Thomas tells how to sell an insider threat program. The first hurdle is to convince senior leaders that they even have an insider threat problem, says Thomas, Director, Counterintelligence Operations and Investigations for Lockheed Martin Corporation. “It’s becoming harder and harder to justify to leadership that they need to invest in a program, when it’s overhead,” Thomas says.

Resources