June 29, 2017 by The GLS Team
Secure coding standards are a set of uniform guidelines that software developers can apply in order to provide safeguards against security vulnerabilities. The guidelines are set by the project or organization rather than going by what the programmer is familiar with in terms of the information security issues that need to be addressed.
Why is Secure Coding Necessary for Organizations?
In the information-based society we live in, security threats are constantly evolving. IT departments need to constantly try to outwit cyber criminals and be one step ahead of them. Organizations put themselves at serious risk by not employing best practices for secure coding, because even the best and brightest programmers can miss security shortfalls in any given project. Software, websites, and mobile applications can be subjected to any kind of threat ranging from phishing to ransomware and these threats can be internal or external.
By having one unified set of guidelines that project managers and other key decision-makers can refer to for projects, organization policy, and other parameters for information security this makes it easier to define security protocols. Moreover, an entire community of web coders, project managers, security researchers, and other thought leaders contribute to secure coding guidelines to provide their unique perspectives instead of simply relying on what one team of programmers is knowledgeable in.
OWASP and its Role in Software Security
The Open Web Application Security Project (OWASP) is a nonprofit organization dedicated to the endeavor of keeping software secure, and the processes surrounding security transparent and visible so that individuals and organizations can make informed decisions when it comes to secure coding. Individuals, policy makers, trade organizations, governmental entities, universities, and corporations of all sizes have come to rely on OWASP for setting industry standards for secure coding.
All of the information on OWASP is free and available to the public, and the organization also has several chapters and conferences that discuss application security and the threats that programmers must constantly work around. OWASP has helped shaped information and application security policy for governments around the world and continues to be a trusted resource for secure coding standards whether organizations need to set guidelines for projects or individuals would like to learn best practices in their own coding projects.
Secure Coding Training for Your Organization
Global Learning Systems has been recognized by OWASP as a Top 10 instructor for our role-based secure coding training that relates to the latest computer threats. Given that OWASP's knowledge base is a vast ocean of information that can make it difficult to isolate which areas to focus on, our online course identified the areas that every software and web developer should be trained in to best mitigate organization-wide security threats.
By investing in proper OWASP-recognized computer security threat training, you can be assured that your staff will have detailed instruction in looking for the cracks that need to be sealed in any given network's or project's security. Recognition of risks will not only be covered, but also how to deal with them.
Secure coding refers to a set of standards, created and collaborated on by several contributors in the application security and software and web development spheres, that organizations adopt for organization-wide or project-specific use.
Computer threats are always evolving and even the most proficient programmers and web developers can miss security vulnerabilities since their job is to create a functional project rather than prioritize mitigation of threats.
OWASP is the main organization that sets the guidelines for secure coding.
OWASP-approved training by role is a valuable investment for your IT talent.
Global Learning Systems' online secure coding training can be accessed 24/7 and can be customized to other roles in addition to software and web developers. Contact us today to learn more!
June 29, 2017 by Michelle Lopez
Widespread, global outbreaks of a new malware called Petya has government agencies and organizations of all sizes scrambling to regroup. This robust malware has been labeled “ransomware” by many news outlets, including PCWorld, but is far more insidious than a simple ransomware outbreak. Since Petya has already impacted over 12,000 machines in the Ukraine alone and is beginning to spread, awareness of how this malware works, how it spreads and how to stop it is essential for organizations and businesses around the world.
McAfee swiftly released a map detailing where its clients have been impacted by Petya; with some prominent locations showing in the United States. While Petya is being billed as ransomware (and previous, less widespread versions charged victims a Bitcoin ransom), the latest version is even worse than traditional ransomware. According to the Verge and other media outlets, Petya’s creators have no intention of restoring victim’s files – even if they pay the ransom. While victims are traditionally advised not to pay the ransom, many do and in previous ransomware attacks, have had files restored. Petya is set up to run as a wiper, deleting and overwriting files instead of merely encrypting them.Petya spreads like a worm, allowing it to access and infect all the machines on your network in record time. A single employee who falls for a phishing scam or otherwise lets the malware in could expose your entire organization to risk.
How Can You Protect your Business from Petya?
Petya uses vulnerabilities in the Microsoft environment to exploit your network. When the WannaCry ransomware was launched earlier this year, it spotlighted key vulnerabilities in the system and a patch was released. If you have not yet downloaded the patch, you should do so immediately. In addition to downloading the official patch, you should take immediate action by covering the following details:
- Perform regular backups of your data and keep files in a secure place offline. In the event of a ransomware or wiper attack your data will still be secure. Update backups frequently to ensure your current files are always available.
- Keep your software up to date to ensure that any identified vulnerabilities won’t impact your own network. Patches and updates are not replacements for anti-virus software; you should have a system in place and set it to update regularly as well.
- Educate employees about phishing and about passwords; your most loyal employees could derail your entire business if they can’t identify a phishing scam. This training is essential; your employees are less likely to fall for a ransomware or wiper scheme once they can spot it and your business will be far more secure. Employees should know not only how to spot a problem but what to do if they see something suspicious.
- Monitor your network for outdated programs and app permissions and make sure your regularly used software remains up to date; you should also have a clear mobile device policy in place and know who is accessing your network.
The right training for your team can make the difference between days or even weeks of downtime as you struggle to recover your data and averting a crisis entirely. As ransomware threats continue to evolve and change, it is more important than ever to protect your business and network. Our Anti-phishing training ensures your entire team can spot and avoid phishing and similar techniques and helps you stay ransomware and malware free. Contact us to learn how easy it is to protect your network and get peace of mind about your business; we’re here to make sure you stay in control of your data.
June 28, 2017 by The GLS Team
Phishing scams continue to be a problem for organizations of all sizes. A single unaware employee can cause an entire business to shut down for days, simply by falling for a phishing scam. Once a cybercriminal gets access to your network, they can exploit your data, steal information or even lock you out of your own systems. Phishing is serious business for hackers; the average cost of a phishing attack in 2016 was $1.6 million.
Google Docs and Gmail were recently victimized by hackers, who created malware to infiltrate user’s real accounts and send copies of itself via a legitimate looking email. Once the malware got into a system, it could replicate itself and forward itself to everyone on the victim’s contact list. Entire organizations were threatened and Google took an unprecedented step of warning users about this specific phishing attempt.
Google took additional steps this spring to halt the spread of phishing. In most versions of this scam, hackers send emails that tempt users into clicking links or opening attachments. Once the victim does so, the malware is delivered to their network and where it can continue to spread on its own. Almost all phishing attempts in 2016 contained ransomware, which would lock users out of their own accounts and systems until a ransom was paid. Businesses of all sizes, schools and even healthcare facilities have been impacted and the FBI has warned that ransomware is a rapidly growing threat. Understanding what phishing is and how it works can help you avoid an outbreak in your own organization.
What Google’s New Anti-Phishing Tools Mean for You
Google engineers worked to create an early phishing detection system that uses algorithms to identify suspicious emails. Once identified, the suspect email is further analyzed using a safe browsing test; this delays delivery by only a few minutes and enhances security. So far, the algorithm uses machine learning to quickly identify spam and phishing patterns; according to Google, up to 70% of the email that passes through Gmail each day is spam, making the new tools a much-needed upgrade for security conscious users.
In addition to the updated and more comprehensive algorithm, Google has incorporated click time warnings to further cut user risk. An unintended external reply warning has also been implemented; this alert is intended to reduce risk by identifying new or different external email addresses or addresses not already in the user’s contact list.
Anti-Phishing Tools are Helpful, but Don’t Replace Traditional Security
While Google’s recent steps can help keep your organization safe, their newly developed tools are designed to enhance your security suite, not replace it. Keep all malware and other protective features in place to ensure your network stays secure.
Anti-phishing training is an essential security component for any organization. Every employee in your business needs to be able to spot and identify suspicious emails, links and attachments and they need to know what to do if they encounter what looks like a phishing attempt. When employees can access your network via workstations, laptops, mobile devices and smartphones, your entire network is in their hands. They need to be capable of detecting threats if you want to keep your business safe and prevent costly downtime.
Regularly backing up your systems and creating a recovery plan can also help you reduce your risk; when you have a recent point to restore to, you can recover quickly, even if you do fall victim to a hacker.
Global Learning Systems Helps You Protect your Business
Every year, there are more cybercriminals and more methods being developed to exploit your systems. By empowering your employees with our anti-phishing training, you can be sure that they won’t fall for these increasingly common scams. Contact us to learn how easy it is to educate your entire team and to protect your business from the cybercriminals who wish to harm you. We’re here to give your team the skills they need and to give you peace of mind about your data and network.
June 28, 2017 by The GLS Team
They might sound like Bond villains, but Hidden Cobra, hackers from North Korea, pose a very real threat to public safety. The Department of Homeland Security and the FBI issued a rare joint warning this week., highlighting some of the cyberattacks this group has been responsible for; some date as far back as 2009.
This state-sponsored group may have a new name, but their previous exploits made headlines. Formerly known as the Lazarus Group, this North Korean government based organization was behind a highly publicized breach at Sony Pictures in 2014. While the freshly named Hidden Cobra has focused largely on attacking South Korea they have also been responsible for attacks around the globe – and there is evidence that more, larger threats are coming.
Hidden Cobra is known for using a variety of malicious tools to exploit victims, from wiper malware to DDoS botnets, Remote Access Tools (RATs) and keyloggers. Government agencies, businesses, organizations and even individuals running older, unsupported versions of Windows are most often targeted; the group has also discovered and used vulnerabilities in programs like Adobe Flash Player and Microsoft Silverlight to victimize their targets.
DeltaCharlie Causes Concern
The US-CERT alert that was released this week by DHS and the FBI deals mostly with a new botnet malware, DeltaCharlie. This malicious botnet is designed to launch crippling, massive DDoS attacks; the FBI named financial, infrastructure, aerospace and media targets as prospective victims both in the United States and around the world. DeltaCharlie uses Network Time Protocol (NTP), Domain Name Service (DNS) and Character Generation Protocol attacks to exploit victims.
While DeltaCharlie is causing the most immediate concern, Hidden Cobra has also been responsible for the Destover “wiper” malware, which erases victim’s data and was used on Sony Pictures and the Hangman virus, which allowed hackers to seize remote control of victim’s computers.
Who is a Target of Hidden Cobra?
Any organization that uses data has a computer network is at risk. In some cases, the software could already have infiltrated an organization; in the recent alert, the FBI identified 633 IP addresses that are in use by Hidden Cobra. Network admins can use these addresses to determine if there is already malicious action happening on their own networks. In addition to this information, YARA network signatures and rules are included for further review.
What to Do to Protect your Business or Organization from Hidden Cobra
Review the FBI notice and all provided data and add the identified IP addresses to your watch list to spot malicious activity in your organization. Any hacking tools found should be reported to FBI Cyberwatch (CyWatch) or the DHS National Cybersecurity Communications and Integration Center (NCCIC). The following steps can help prevent your business from becoming a victim:
- Regularly Update your Systems: Your system is less likely to be vulnerable if your network and all software is up to date. When potential vulnerabilities are discovered, businesses like Microsoft issue patches to improve security. These patches can’t help you unless you use them.
- Educate Employees: The more your team knows about the current risks and malware, the better; employees who know how to protect your network and who react correctly when they detect a problem can significantly reduce your risk. Providing your team with anti-phishing and security awareness training and helping them learn what to do in an emergency is essential if you want to keep your network safe.
- Perform Regular Backups: Regularly backing up your system ensures you can quickly recover if you are targeted by Hidden Cobra or any organization wishing to do you harm.
Protect your Business from the Latest Threats
At Global Learning Systems, we stay on top of the latest trends when it comes to cybercrime and hacking – and take steps to ensure that everyone on your team knows how to spot the first signs of trouble. Whether you want to make sure your organization is safe from ransomware and phishing or need to know your entire team knows what to do when you are under cyberattack, we can help. Contact us to learn about our easy and user-friendly security awareness training and how it can help you protect your business in an increasingly dangerous global marketplace.