Additionally, over 40% of parents who admitted that they didn’t know how to create strong passwords, still give their child access to their mobile phones and almost a third (32%) give them access to their computers.

Conducted in 2023 by Censuswide, the comprehensive survey engaged 4005 parents across diverse backgrounds in the US, UK, France and Germany. The research delved into parental comfort levels and frequency that parents discussed cybersecurity with their children, who is deemed responsible for these conversations, and the digital platforms their children are allowed to access.

The report found, unsurprisingly that cybersecurity was less taboo than sex, with 57% of respondents saying that they found greater comfort discussing password security than sex education. 16% felt more comfortable talking about sex though. Significantly, almost one in five (19%) expressed discomfort discussing either subject.

When it comes to which parent educated their children about cybersecurity, the research found that mothers conducted the majority of cybersecurity discussions, with 56% of parents saying mums were responsible for cybersecurity talks with their children.

Alarmingly, 30% of parents confessed to not addressing cybersecurity with their children at all. Meanwhile, 75% of parents with 12-16-year-olds and 62% with 8-11-year-olds had engaged their children in these discussions. Younger children’s internet exposure without cybersecurity guidance raises serious concerns, as 44% own mobile phones and 46% have online gaming accounts.

Children’s access to digital accounts varied by age, with 73% of 12-16-year-olds owning mobile phones. Of the one in three parents that said their child does not understand how to create a secure password, almost half (48%) have their own phone and their own online gaming accounts (44%).

Only 45% of parents believed their 8-11-year-olds could create strong passwords, while 70% held the same confidence for 12-16-year-olds. Parents with insufficient password security knowledge themselves admitted to granting their children access to their devices, highlighting a potential risk.

“In an era marked by digital immersion, parenting responsibilities extend beyond the traditional concerns. As children spend more time online, the discourse around cybersecurity has become a crucial element of modern parenting,” said Darren Guccione, CEO of Keeper Security. “This study highlights the need for increased awareness and education on digital safety among parents, as well as the importance that schools play in filling this gap, and perhaps, taking action at an earlier age.”

To view the full study, please visit: https://www.keeper.io/hubfs/Reports/Parental-Practices-Report-2023-UK.pdf

The post Almost One in Three Parents Have Never Spoken to Their Children About Cybersecurity appeared first on IT Security Guru.

• 2 stadiums have over 1,000 cameras–the Luzhniki Stadium in Russia and the Vivekananda Yuba Bharati Krirangan Stadium in India
• 25 stadiums use facial recognition technology to monitor their fans. A further four have considered and/or are trialing its use
• 17 stadiums claim that facial recognition is not in use. Certain leagues (e.g. the Premier League) ban stadiums from implementing the technology

Additionally, the top 20 most surveilled football stadiums, based on the number of cameras per 1,000 fans were found to be:

1. Luzhniki Stadium – Russian National Team/FC Torpedo Moscow – Russia
2. Turk Telekom Arena – Galatasaray S.K. – Turkey
3. Vivekananda Yuba Bharati Krirangan (“Salt Lake Stadium”) – Indian National Team – India
4. Mercedes-Benz Stadium – Atlanta United FC – United States
5. Donbass Arena – FC Shakhtar Donetsk – Ukraine
6. Azadi Stadium – Persepolis FC, Esteghlal FC, Iran National Team – Iran
7. Parc des Princes – Paris Saint-Germain FC – France
8. Santiago Bernabeu – Real Madrid CF – Spain
9. Mineirão Stadium – Cruzeiro Esporte Clube/Clube Atlético Mineiro – Brazil
10. Stade Geoffroy-Guichard – AS Saint-Étienne – France
11. Mane Garrincha – Legião FC – Brazil
12. Arena Corinthians (Neo Química Arena) – SC Corinthians Paulista – Brazil
13. Elland Road – Leeds United FC – United Kingdom
14. Stamford Bridge – Chelsea F.C. – United Kingdom
15. St. James’ Park – Newcastle United FC – United Kingdom
16. First National Bank (FNB or Soccer City) – Kaizer Chiefs FC – South Africa
17. Itaipava Fonte Nova Arena – Esporte Clube Bahia – Brazil
18. The Maracana – Fluminense FC, Clube de Regatas do Flamengo – Brazil
19. Stade Pierre-Mauroy (Decathlon Arena) – LOSC Lille – France
20. Estádio Cícero Pompeu de Toledo (Morumbi) – São Paulo FC – Brazil

As the findings suggest, surveillance is growing under the guise of providing protection to the public. That being said, another study on the most surveilled cities in the world, indicates that there is no correlation between the number of cameras in a city and the existing crime rates.

Ultimately, CCTV cameras are useful for deterring and solving crime, but they are also an invasive surveillance tactic, which is exacerbated by the use of technology like facial recognition.

The post The most surveilled football stadiums around the world appeared first on IT Security Guru.

“Continuing to educate global businesses about the evolving and increased risk being introduced to their attack surface through managed and unmanaged assets is a key mission of ours,” said Nadir Izrael, CTO and Co-Founder of Armis. “This intelligence is crucial to helping organisations defend against malicious cyberattacks. Without it, business, security and IT leaders are in the dark, vulnerable to blind spots that bad actors will seek to exploit.”

Armis’ research, analysed by the Armis Asset Intelligence Engine, focuses on connected assets with the most attack attempts, weaponised Common Vulnerabilities and Exposures (CVEs) and high-risk ratings to determine the riskiest assets.

Assets With The Highest Number of Attack Attempts 

Armis found the top 10 asset types with the highest number of attack attempts were distributed across asset types: IT, OT, IoT, IoMT, Internet of Personal Things (IoPT) and Building Management Systems (BMS). This demonstrates that attackers care more about their potential access to assets rather than the type, reinforcing the need for security teams to account for all physical and virtual assets as part of their security strategy.

Top 10 device types with the highest number of attack attempts: 

–> Engineering workstations (OT)

–> Imaging workstations (IoMT)

–> Media players (IoT)

–> Personal computers (IT)

–> Virtual machines (IT)

–> Uninterruptible power supply (UPS) devices (BMS)

–> Servers (IT)

–> Media writers (IoMT)

–> Tablets (IoPT)

–> Mobile phones (IoPT)

“Malicious actors are intentionally targeting these assets because they are externally accessible, have an expansive and intricate attack surface and known weaponised CVEs,” said Tom Gol, CTO of Research at Armis. “The potential impact of breaching these assets on businesses and their customers is also a critical factor when it comes to why these have the highest number of attack attempts. Engineering workstations can be connected to all controllers in a factory, imaging workstations will collect private patient data from hospitals and UPSs can serve as an access point to critical infrastructure entities, making all of these attractive targets for malicious actors with varying agendas, like deploying ransomware or causing destruction to society in the case of nation-state attacks. IT leaders need to prioritise asset intelligence cybersecurity and apply patches to mitigate this risk.”

Assets With Unpatched, Weaponized CVEs Vulnerable to Exploitation 

Researchers identified a significant number of network-connected assets susceptible to unpatched, weaponised CVEs published before 1/1/2022. Zooming in on the highest percentage of devices of each type that had these CVEs between August 2022 and July 2023, Armis identified the list reflected in Figure A. Unpatched, these assets introduce significant risk to businesses.

Assets with a High-Risk Rating 

Armis also examined asset types with the most common high-risk factors:

• Many physical devices on the list that take a long time to replace, such as servers and Programmable Logic Controllers (PLCs), run end-of-life (EOL) or end-of-support (EOS) operating systems. EOL assets are nearing the end of functional life but are still in use, while EOS assets are no longer actively supported or patched for vulnerabilities and security issues by the manufacturer.
• Some assets, including personal computers, demonstrated SMBv1 usage. SMBv1 is a legacy, unencrypted and complicated protocol with vulnerabilities that have been targeted in the infamous Wannacry and NotPetya attacks. Security experts have advised organizations to stop using it completely. Armis found that 74% of organisations today still have at least one asset in their network vulnerable to EternalBlue – an SMBv1 vulnerability. 
• Many assets identified in the list exhibited high vulnerability scores, have had threats detected, have been flagged for unencrypted traffic or still have the CDPwn vulnerabilities impacting network infrastructure and VoIPs.  
• Half (50%) of pneumatic tube systems were found to have an unsafe software update mechanism.

The post Top 10 riskiest assets threatening global business appeared first on IT Security Guru.

Serious cyber incidents affecting manufacturing companies can lead to significant disruptions to production lines. As a result, customer orders can be left unfulfilled and day-to-day operations come to a standstill.

Comparitech recently analysed how widespread these types of attacks on the manufacturing sector are to find out their true cost. Using their worldwide ransomware tracker, the Comparitech team searched for reports on the amount of downtime caused, how much data was stolen, how much the ransom demands were, and whether or not these ransom demands were met.

Some key findings include:

Between 2018 to July 2023 there were:

• 478 confirmed ransomware attacks on manufacturing companies.
• More than 7.5 million individual records were breached as a result of these attacks–at least.
• Ransom demands were found to be between $5,000 and $50 million.
• Hackers demanded an average of $11.2 million. Approximately $5.5 billion in ransom has been demanded in total.
• Only four companies are known to have paid the ransom but many organisations will withhold this information in fear it makes them more vulnerable to these attacks. A confirmed $750,000 was paid across two of these attacks.
• Downtime varied from several hours to 76 days.
• Manufacturers within the transportation/automotive sector saw the highest number of attacks (92), closely followed by electronics/appliances manufacturers (80).
• Egregor and Conti were the most dominant strains of ransomware in 2020 and 2021 (respectively) with LockBit dominating in 2022 and 2023 (so far).

Ultimately, these numbers show yet another example as to why manufacturers are so susceptible to attacks and why they must better secure themselves.

The post Ransomware on manufacturing industry caused $46bn in losses appeared first on IT Security Guru.

The results of the survey found that 11% of Brits were tempted to engage in ‘illegal or illicit online behaviour’ in order to help manage the fallout from the cost of living crisis. This statistic becomes even more concerning when focused on younger people, with almost a Quarter of 25-35 year old respondents (23%) willing to consider illegal or illicit online activity, reflecting Britain’s endemic problem of generational wealth inequality. 

While it is obviously concerning that so many Britons are willing to engage in this kind of activity, the reasons underpinning this decision are reflective of the bleak state of the nation in 2023, as the cost of living crisis continues to squeeze many households: Of those willing to engage in this kind of behaviour, 56% suggested it was because they are desperate, and struggling to get by, and need to find alternative means of supporting their families. 

While these results show that the general public are responding to the cost of living crisis, previous results from the same survey show that cybercriminals are responding in kind: 44% of respondents have also noticed an uptick in online scams hitting their inboxes since the cost of living crisis began in late 2021/early 2022. Another worrying finding is that this uptick is proving devastatingly effective for scammers: Over one in ten (13%) of UK respondents have already been scammed since the cost of living crisis began. This rises to a Quarter (26%) of respondents in the 18-25 age range, reflecting a hyper-online lifestyle and culture which scammers can work to exploit effectively. 

Perhaps most worrying is that these scams appear to be working:. For example, a quarter (25%) of those who have noticed more scams in their inbox since the beginning of the cost of living crisis have fallen victim to a scammer, compared to just 3% of those who have not. 

“These findings paint a bleak picture of both the current mood of many UK residents responding to the cost of living crisis, and of the cybercriminal landscape in which scammers are seeking to exploit the corresponding desperation.” said Yvonne Eskenzi, Founder of Eskenzi PR. 

“The completely natural human desire to protect and support your family is a commendable one, but as experts in the online cybercrime landscape, we would advise anyone tempted to engage in illegal or illicit online behaviour to exercise extreme caution; Adding fuel to this fire simply works to ensure the cycle of misery created continues, and continues to wreak havoc on an already vulnerable general public. The best thing that people can do in response to illegal online behaviour is to remain hyper-vigilant to the kind of scams we have seen such a dramatic rise in, and follow expert guidance and advice”.

Top tips for identifying and avoiding online scams include: 

• Checking the email address against known legitimate communications from an organisation 
• Not clicking on unverified links 
• Checking the message for spelling errors or typos 
• Checking the legitimacy of a domain
• Doing a quick search to see if any similar message has been reported online as a scam 
• See if the message conveys a sense of urgency: If it does, it is more likely to be a scam 
• Check if this is the first communication you’ve had from the sender; this is often suspicious

The post IT Security Guru study shows over one in ten Brits are willing to engage in ‘illegal or illicit’ online behaviour as the Cost of Living crisis worsens appeared first on IT Security Guru.

With data from its SecurityCoach product, KnowBe4 has revealed the top 10 risky behaviours that employees have engaged in on their work devices.

SecurityCoach helps IT/security professionals to develop a strong security culture by enabling real-time security coaching of their users in response to risky security behaviour. Leveraging an organisation’s existing security stack, IT/security professionals can configure their real-time coaching campaigns to immediately deliver a SecurityTip to their users related to a detected event.

The findings from the top 10 risky behaviours of employees that organisations have detected by integrating SecurityCoach with their existing security offerings include:

1. Entertainment domain/streaming services
2. Gaming website
3. Greymail
4. Adult website
5. Unauthorised or malicious application
6. Risky website detected
7. Unauthorised removable media
8. Sharing of personal identifiable information (PII)
9. Cloud backup or cloud storage
10. Malicious email attachment opened

The human factor is involved in 82% of data breaches, according to the 2022 Verizon Data Breach Investigations Report. However, according to IDC, less than 3% of IT spending is allocated to help secure the human layer.

“With the proliferation of social engineering attacks, employees continue to be the biggest risk factor,” said Stu Sjouwerman, CEO, KnowBe4. “However, with proper training and coaching, they can become a human firewall and your last line of defence. These findings from our new SecurityCoach product are definitely concerning and reiterate the importance of developing a strong security culture.”

The post Top 10 Risky Behaviours of Employees appeared first on IT Security Guru.

The study also found that:

• Government employees received an average of 2,245.88 malicious emails each in 2022
• 250 government organisations received an estimated 2.75 billion malicious emails in 2022
• Each government employee received an average of 355.92 spoofing emails, 32.2 emails containing malware/viruses, 184.6 phishing emails, and 832.57 spam/junk emails
• An average of 0.04 percent of the malicious emails were opened by staff in 2022, meaning 1.1 million malicious emails were potentially opened by government staff
• Of those opened, 0.21 percent of these malicious emails resulted in staff members clicking on suspicious links = 2,311

Having conducted a similar study 2 years ago, Comparitech was able to conclude that 2021 saw a slightly higher rate of emails per government employee–2,399.

Unfortunately, this doesn’t necessarily mean governments are under any less of a threat. In fact, Comparitech previously looked at worldwide ransomware trends, which indicated, ransomware attacks on government departments have remained a consistent and dominant threat in recent years.

It’s also important to understand that the government departments with high volumes of malicious emails aren’t necessarily bigger targets for hackers or have “weaker” security systems. Rather, their IT systems may be doing a better job at filtering out malicious emails. Equally, IT systems may differ in their tracking and calculating of malicious email volumes, which impacted the results.

Government departments that received the most malicious emails were:

1. Government of Northern Ireland: 1.05bn malicious emails received by 24,324 employees = 43,003 emails per employee.
2. NHS England (which has recently merged with NHS Digital): 473.2m malicious emails received by 1,410,430 employees (the entire NHS staff force) = 336 emails per employee.
3. The British Council: 44.3m malicious emails received by 1,299 employees = 34,124 emails per employee.
4. Network Rail Limited: 25.4m malicious emails received by 44,010 employees = 578 emails per employee.

The post UK government employees receive average of 2,246 malicious emails per year appeared first on IT Security Guru.

The OAuth misconfigurations could have allowed for both large-scale account takeover (ATO) on customers’ accounts and server compromise, enabling bad actors to manipulate platform users to gain complete control over their accounts; leak Personal Identifiable Information (PII) and other sensitive user data stored internally by the sites; or perform any action on behalf of the user, such as booking or cancelling reservations and ordering transportation services. The company says these types of flaws could affect many other websites using the social log-in capabilities.

Salt Labs researchers discovered security vulnerabilities in the social login functionality used by Booking.com, implemented with an industry-standard protocol called OAuth. Popular across websites and web services, OAuth lets users log into sites using their social media accounts, in one-click, instead of via “traditional” user registration and username/password authentication.

“OAuth has quickly become the industry standard and is currently in use by hundreds of thousands of services around the world,” said Yaniv Balmas, VP of Research, Salt Security. “As a result, misconfigurations of OAuth can have a significant impact on both companies and customers as they leave precious data exposed to bad actors. Security vulnerabilities can happen on any website, and as a result of rapid scaling, many organizations remain unaware of the myriad of security risks that exist within their platforms.”

While OAuth provides users with a much easier experience in interacting with websites, its complex technical back end can create security issues with the potential for exploitation. By manipulating certain steps in the OAuth sequence on the Booking.com site, Salt Labs researchers found they could hijack sessions and achieve account takeover (ATO), stealing user data and performing actions on behalf of users.

Any Booking.com user configured to log in using Facebook might have been affected by this issue. Given the popularity of using the “log in with Facebook” option, millions of users could have been at risk from this issue. Kayak.com (part of the same parent company, Booking Holdings Inc.) could have also been affected, as it allows users to log in using their Booking.com credentials, increasing the number of users susceptible to these security flaws by millions.

Upon discovering the vulnerabilities, Salt Labs’ researchers followed coordinated disclosure practices with Booking.com, and all issues were remediated swiftly, with no evidence of these flaws having been exploited in the wild. Booking.com made the following statement:

“On receipt of the report from Salt Security, our teams immediately investigated the findings and established that there had been no compromise to the Booking.com platform, and the vulnerability was swiftly resolved. We take the protection of customer data extremely seriously. Not only do we handle all personal data in line with the highest international standards, but we are continuously innovating our processes and systems to ensure optimal security on our platform, while evaluating and enhancing the robust security measures we already have in place. As part of this commitment, we welcome collaboration with the global security community, and our Bug Bounty Program should be utilized in these instances.”

According to the Salt Security State of API Security Report, Q3 2022, Salt customers experienced a 117% increase in API attack traffic while their overall API traffic grew 168%. The Salt Security API Protection Platform enables companies to identify risks and vulnerabilities in APIs before they are exploited by attackers, including those listed in the OWASP API Security Top 10. The platform protects APIs across their full lifecycle – build, deploy and runtime phases – utilizing cloud-scale big data combined with AI and ML to baseline millions of users and APIs. By delivering context-based insights across the entire API lifecycle, Salt enables users to detect the reconnaissance activity of bad actors and block them before they can reach their objective. The exploits the Salt Labs team performed would have immediately triggered the Salt platform to highlight the attack.

The post Serious API security flaws now fixed in Booking.com could affect many more websites appeared first on IT Security Guru.

As cybersecurity threats continue to grow, IT leaders are seeking effective PAM solutions that can provide visibility, security, control and reporting across every user, on every device, the company said. PAM adoption is widespread, with 91% of survey respondents saying their organisations use a PAM product. But the findings show traditional PAM products are failing to meet organisational needs. More than two-thirds of IT managers (68%) say their current PAM product is too complicated or has too many features they don’t use, and 87% of respondents would prefer a pared down form of PAM that is easier to deploy and use.

Additional noteworthy report findings show:

• On average, IT teams only use 62% of their current PAM functionality. Fifty-eight percent of respondents agree there is waste in their PAM solution.

• Roughly two-thirds of survey respondents indicate that pricey and superfluous PAM features create too much complexity for users, reducing user satisfaction.

• More than half of all IT teams (56%) report they tried to deploy a PAM solution but never implemented it. Of those, 92% said it was because their PAM solution was too complex. 

• Most organisations (85%) say their PAM product requires dedicated staff to manage and maintain. 

• Two-thirds of IT leaders (66%) say they need a better PAM solution, but 58% say they do not have one because it is too expensive.

“Organisations must secure their privileged credentials, accounts and sessions to protect themselves,” said Darren Guccione, CEO and co-founder of Keeper Security. “The Privileged Access Management Survey: User Insights on Cost & Complexity reveals why IT and security leaders are dissatisfied with traditional PAM products. The industry needs modern, unified PAM solutions that address perimeterless, multi-cloud IT environments and distributed remote workforces.  These solutions must provide essential functionality with zero-trust security, and at the same time, be cost-effective, easy to implement and engaging for end users.” 

Streamlined PAM solutions meet new operational challenges

Alarmingly, nearly two-thirds of IT leaders (62%) say the downturn in economic conditions will likely cause them to scale back their current PAM platform. Today’s IT and security leaders require a PAM solution that protects their most sensitive systems without the complexity and unnecessary features that drive up costs. The research shows their top criteria include solutions that are quick to deploy, affordable, and simple to understand and integrate.

Based on the survey results, the top five benefits IT leaders seek in a PAM solution include: 

1. Managing and monitoring privileged user access
2. Protecting against compromise of privileged credentials by external threat actors
3. Preventing data breaches
4. Protecting against accidental or deliberate misuse of privileged access by company insiders
5. Ensuring privileged user access is updated to prevent “privilege creep”

Respondents also share the top five benefits of a simplified PAM solution:

1. Easier to deploy
2. Easier to integrate into other systems
3. Cost savings
4. Consolidated platform
5. Requires less staff

The digital landscape continues evolving beyond the average IT professional’s control. To maintain visibility and stay ahead of the next wave of cyberthreats, IT and security leaders must adapt, automate and advance with the ever-changing workplace. While PAM solutions are primarily designed to protect IT staff, executive leadership, and research and development staff, the accelerated digital transformation and current high-risk security climate make protecting all end-users within an organisation increasingly essential.

The post Traditional PAM solutions aren’t working, Keeper Security study finds appeared first on IT Security Guru.

Companies have acquired multiple identity tools to deal with the surge in digital identities (or digital profiles accessing enterprise data and applications), creating identity sprawl that weakens their cybersecurity postures. More than half of companies (52%) manage more than 10,000 identities, which include access rights given to employees, devices, machines, digital identities,  and customers. For over half of UK respondents, this indicates the identities they manage have more than doubled over the past two years

“Legacy approaches to identity and access management have caused organizations to adopt multiple identity solutions, and the lack of interoperability between these tools has a direct business and security impact,” said Mark Logan, CEO of One Identity. “Our research shows that organizations see the negative impact that multiple, fragmented identity tools have on their business. By shifting security professionals’ mindset from a disparate, tool-based approach to a platform approach, businesses can improve their identity security defenses to protect against the modern threat landscape.” 

Elsewhere, other key findings from the survey include:

The need for shoring up identity-based defenses is significant. Nine in 10 organizations were hit by an identity-based attack in the last year, with almost 70 percent of companies experiencing a phishing attack. According to 80 percent of respondents, better identity management tools could have prevented the impact of many such attacks.

Essentially all companies (99 percent) report that identity tool inefficiencies have a direct cost on their business. In fact, 42 percent of businesses report that those inefficiencies are costing businesses over $100,000 per year. This kind of loss is further outweighed by spending on these tools, which 61% of UK respondents placed at between £50 and £50,000.

The deployment of multiple identity management tools impacts security posture and drains productivity. Consider that for those with multiple tools:

• 44% reported increased risk due to potential gaps in coverage
• 46% reported IT admins are spending too much time managing redundancies
• 46% reported IT admins are managing too many tools to gain in-depth expertise in any of them
• 41% report that IT team’s productivity is lower because they have to learn similar tasks across multiple systems

The good news is that companies are looking to improve their identity security, with an overwhelming 90 percent of companies surveyed planning to consolidate their security or identity management tools. Of that 90 percent, more than half plan to do so in the next year. More than half (54%) of respondents also believe that a unified identity platform for access and identity management would benefit their organization’s identity management strategy.

A free executive summary and key findings of the survey results announced today is available online here.

The post The state of Identity Security: Widespread attacks, wasted investment and identity sprawl appeared first on IT Security Guru.