Authentic8 Blog Category: Security

2017 in Review: Data Breach Statistics and Trends

Illustration: 2017 in Review: Data Breach Statistics and Trends - Authentic8 Blog

What were the biggest data breaches in 2017? Did the federal government's cybersecurity fare better, two years after the disastrous OPM hack in 2015?

Did ransomware live up to, or even beat, the dire predictions? Which industries were targeted or hacked most?

We have pulled together summaries, surveys and posts worth returning to, for use as a quick reference to consult when working on IT security presentations, cybersecurity plans and requests for budget or approvals in the year ahead:

The Biggest Hacks, Leaks and Data Breaches in 2017

...presented in 28 (illustrated) slides by ZDnet, with links to more in-depth information.

Source: ZDNet

ABA Tech Report 2017: Security

What does the American Bar Association’s 2017 Legal Technology Survey Report reveal about data security in the nation’s law firms? David G. Riess, attorney at Clark Hill PLC, summarizes.

Source: ABA Tech Report

2017 in Review: Data Breach Statistics and Trends - Authentic8 Blog illustration

Largest Healthcare Data Breaches of 2017

78 healthcare data breaches in 2017 that affected more than 10,000+ records

Breaking and Evading the Local Browser Sandbox (2)

Illustration: Breaking and Evading the Local Browser Sandbox (2) - Authentic8 Blog

by Amir Khashayar Mohammadi

In the first part of this mini-series, we examined which methods have been applied so far to break local browser and app sandboxes. Now let's look at how attackers gain an advantage with sandbox evasion techniques.

Sandbox escapes allow attacking local machines with exploit kits that are usually hosted on compromised web servers.

Such exploit kits then scan the “inside” of the browser to identify more weak spots and deliver a payload, like ransomware or spyware.

Once the sandbox is broken, nothing can prevent a malicious payload from being transferred. The privileges that were once given to the browser are now being used to render malware directly to your machine.

How attackers gain time with sandbox evasion techniques

No matter how sturdy the sandboxed environment turns out to be in the end, initially it creates an additional hurdle for web-borne attacks.

But the presence of sandboxing technology can also be read as a warning sign: “IT security researchers

Breaking and Evading the Local Browser Sandbox (1)

Illustration: Breaking and Evading the Local Browser Sandbox (1) - Authentic8 Blog

by Amir Khashayar Mohammadi

Is “sandboxing” the local browser really the cure-all for inherent browser vulnerabilities that the developers of supposedly “secure” browsers make it out to be?

Or is it just one more attempt to put lipstick on an aging pig with progressing health problems?

Much like with security patches and browser updates, the answer is not that simple. Putting the fix in can open the door for new and different exploits that allow attackers to pwn the local machine.

Which methods have been applied so far to break local browser and app sandboxes?

Let’s take a closer look. You will be surprised.

Breakouts from the beginning

Local browser sandboxing was first introduced by Google for the Chrome browser, as a layer of isolation designed to keep third-party processes confined to the browser and prevent them from harming the local machine’s environment.

The problem with this form of isolation is that it is far from perfect.

The smallest hole

Risk Management and Employee Cybersecurity

Illustration: Risk Management and Employee Cybersecurity - Authentic8 Blog

Risk management will be a central topic at the 3rd annual ALM cyberSecure conference in New York City this year.

The cross-industry gathering of thought leaders on December 4-5 aims to facilitate a holistic approach to data security, risk management and data governance.

Influential business leaders from the cybersecurity industry and high-ranking law enforcement officials will be convening with corporate risk management, compliance and law department leaders at the conference, which features speakers from numerous Fortune 100 companies.

Authentic8 Co-Founder and CEO Scott Petry will moderate a discussion panel on “Revamping Employee Cybersecurity Policies and Training to Mitigate Legal Risks” on December 4th.

Scott Petry will be joined on stage by Daniel Pepper, Vice President and Deputy General Counsel at Comcast; Adam Rubin, General Counsel of PrizeLogic; and Allen Brandt, Executive Director, Associate General Counsel and Chief Privacy Officer at the Depository Trust & Clearing Corporation.

Balancing IT security, data protection and privacy

Balancing IT security and data protection with the needs

The Long Con: Antivirus and Your Data

Illustration: The Long Con: Antivirus and Your Data - Authentic8 Blog

Officials and security researchers have named antivirus (AV) vendors as the new weak link in enterprise and government networks. They claim that sensitive files of the U.S. National Security Agency, the Republic of Korea Armed Forces and U.S. companies were targeted and exfiltrated thanks to the software that should be protecting the endpoint.

Antivirus solutions have been around since the mid-1980s. We gave them file system permissions to scan every file. Then we allowed access OS processes to scan active code. Then we allowed vendors to take our data to the cloud for “enhanced” security.

Now, as with many other services, our trust is used against us. The same AV tools that were supposed to help us fight malware are used as a backdoor to steal sensitive information and stage cyber attacks. This feels like a long con perpetrated by the antivirus industry.

Which vendors can you trust?

The irony is that for years we’ve been paying vendors to