 Olympic Games are gaining popularity speedily. With searches for the term “Olympic tickets” climbing up the charts of the recent most searched terms, it is evident that this event will surely, be a hit among masses. This has also awakened the Scam community, to new possibilities of churning out scams and frauds, exploiting the public interest, using social engineering strategies, leading to numerous scams and malware attacks. Among these some common scams reported by Olympics organizers are: - Emails informing the recipient they have won an ‘Olympic lottery’ that they haven’t entered.
- Emails/letters to manufacturing companies, asking them to pay large fees in order to provide items for the Games.
- Emails/letters informing the recipient that they can apply for a job being involved with the Games for a fee.
Looking at these scams and attack attempts, Cyberoam offers few internet protection tips that will help you stay protected from probable Olympic scams. Primary focus of Scam attackers has been seen, in the area of fraudulent ticket selling. To ensure your web security it’s good to refer the official Olympics tickets page at the website, before you proceed with your process of buying tickets. The official Olympics website quotes, “Tickets for the London 2012 Games are only available for purchase through the London 2012 website and our appointed ticketing partners. If you receive offers of tickets from anyone else, they are likely…committing fraud by offering fake or non-existent tickets.” The website, also offers an online website checker, for those who are buying London 2012 tickets and can use the same, to ensure that the tickets are authentic. Apart from this, incidents where emails are sent falsely claiming to be from the Olympics 2012 group, or other organisations concerned to the Games, act as the first step in a scam. These mails ask the recipient to reveal sensitive information to win a prize. The Olympic council warns the users to look for a padlock icon at the browser window, whenever such information is being asked. If the padlock, icon is missing then one should not enter sensitive information at such a page. Also clicking on the padlock, should either reveal, London Organising Committee of the Olympic Games and Paralympic Games Ltd), or identify other pages as part of london2012.com. In addition to this users should also check whether the website address begins with ‘https://’ or not. Users can get more information on the same, at Stay Safe Online page at the Olympics website. The Olympics website also shares a list of other reported scams; one can also download the list of known scams.
 Security is always at the back of everyone’s mind, whether it’s using internet or web applications. Security concerns, have since long influenced the very way users, use Web. Realising this, service providers of today’s time are constantly on alert, to ensure overall security. Talking about one such service provider, we have Google who regularly studies the threat landscape and offers regular internet security updates – warnings. Lately, Google announced that they will warn their users with security warnings for suspected state-sponsored attacks. For users, who Google believe are being targeted, Google will flash a message on the top of the page reading ‘ Warning: We believe state-sponsored attackers may be attempting to compromise your account or computer. Protect yourself now’.
Google also emphasizes that, if a user sees such a warning it does not necessarily mean that the users account has been hijacked. It implies that Google believes that the user may be a target for malware or phishing. Google also clarifies that these warnings are not being shown because Google’s internal systems have been compromised or because of a particular attack, instead it is only to alert for the user to be prepared for probable chances of an attack. Taking a step further, Google also suggests few immediate steps, which can help the user secure their accounts. These steps include: - Creating a unique password that has a good mix of capital-lowercase letters- punctuation marks and numbers
- Enabling 2-step verification for additional security
- Updating the browser, operating system, plug-ins, document editors and so-on, regularly
- Look for https://accounts.google.com/ in your browser bar, while signing in to Google as attackers often send links through fake sign-in pages, to steal your password
Eric Grosse, VP Security Engineering, further highlights that Google’s detailed analysis along with victim reports; strongly suggest the involvement of states or groups that are state-sponsored. Being a leading network security provider, Cyberoam appreciates the proactiveness Google is endorsing in terms of ensuring user Security. It is really worth applause, that Google takes steps to notify users about attacks/ probable attacks, so that users can take the right step to protect their privacy.
 With increase in bring-your-own-device (BYOD,) among businesses of all sizes; data security, network security or web security issues have become more complex. The effects of extensive usage of tablets and smart phones can be clearly seen on organizations and the way they operate today. With more employees using their own tablets /smartphones at office for work purpose, the challenge for IT teams to tackle security risks has increased, creating the dilemma of whether the new BYOD culture is indeed a blessing or a curse in disguise. BYOD no doubt is flexible and highly useful, but it also comes along with some grave challenges to businesses, like network threats, data leakage and bandwidth crunch. Under the BYOD scenario, the challenge to monitor all the various devices has increased. In addition to this some devices can also infect the entire network with malware /viruses. Apart from security, the strain these devices can cause on networks is a cause of concern for many IT network administrators. Constant OS updates/upgrades, file downloads and data streaming, on these devices leads to huge strain on organization’s network resources; and with multiple devices in an organization, this impacts the network drastically! Having a solution to deal with these new looming threats, on network security and bandwidth control, is the need of the hour. And Cyberoam UTM can help IT teams in this regard. Cyberoam UTM’s unique Layer 8 Technology, allows network administrators to design identity-based policies, which extends throughout the network, irrespective of the device used by the employee to connect to the network. Along with Layer 8 Technology, Cyberoam UTM offers secure AAA (Authentication, Authorization, Audit) over a single device, allowing control and knowledge of who is connected to your network, using what device and what are they accessing. You can design security policies that allow you to decide, what each user /user group can access in terms of websites/applications over Internet and for how long, the amount of data transfer and bandwidth they can consume. Image Credits :- ifindkarma
The issue of Web Security is a prominent one in the task list of IT department. Web has emerged as the main source for criminals to leverage it for attacks on networks. Criminals push malware, spam & spyware, carry out phishing, pharming, intrusions, and more through malicious web sites, web based applications and emails in order to steal data and gain unauthorized access.Also, today the threats are increasingly complex, designed to appear low in profile and mutate easily to avoid detection and are the handiwork of extremely organized professional cyber criminal groups. This makes web security an important element in any IT security strategy in organizations. According to Web Security analysts, web based attacks are the biggest of all risks that affect the confidentiality, availability, and integrity of information assets on the networks of a business. How Web based Attackers Compromise SecurityThe modus operandi of criminals involves altering the backend database in order to retrieve confidential information from the networks, substitute information of the user to gain entry into the networks acting as the authentic user, redirecting user requests from a legitimate site to an illegitimate site and controlling a Web user session to masquerade as the authorized user. All these attack methodologies allow attackers to do anything the user is authorized to do on the network -a dangerous trend indeed that blows away security in a single stroke. Cyberoam Comprehensive Web Security agains web based ThreatsCyberoam offers a comprehensive security cover against web-based threats, including the entry of malware, phishing, pharming, intrusions and unauthorized data uploads. Cyberoam’s Check Mark Level 5 certified security features deliver comprehensive network and data security while offering web protection, maintaining employee productivity, meeting regulatory compliance and preventing data leakage. How Cyberoam Provides granular and Comprehensive Web Security- Cyberoam provides Wide Security Cover from Web Threats. Its Gateway Anti-Virus & Anti-Spyware scan the web, Instant Messaging, HTTPS and FTP traffic, delivering web security against emerging malware. Similarly Cyberoam IPS detects, blocks or drops intrusion attempts by detecting anomalous traffic. The Web Filtering feature detects and blocks third-party proxy and tunneling software, Google cache pages, embedded URLs and ‘safe search’ over search engines to prevent harmful websites from appearing in search results.
- Cyberoam offers Data Leakage Prevention - Cyberoam Web Filtering blocks file uploads over HTTP, HTTPS and FTP while Instant Messaging and Application Visibility & Control block file transfers over IM and P2P applications, ensuring data leakage prevention and meeting HIPAA, CIPA, PCI DSS and other compliance requirements.
- Unique Layer 8 Identity - based Controls in Cyberoam Web Filtering's internet access policies based on user, group, work function, web category and duration or time of the day, delivering high flexibility and web security and content security. Coupled with Bandwidth Management, it ensures bandwidth availability and data transfer limit based on duration and schedule of access for specific web categories.
- Layer 8 Identity-based Reporting adds teeth to Cyberoam’s web security offering with its on-appliance reporting giving complete visibility into user and system activities, enabling organizations to prevent illegal downloads, unproductive surfing, high bandwidth- consuming downloads and network attacks further putting a lid on web based attacks. Based on the Layer 8 Identity-based visibility, organizations can take instant and preventive action to meet compliance requirements and enhance web content security and productivity.
Image Credits : Jaymis
Life was much simpler in the days when there was limited number of applications going through the business network. Application visibility and application control were not relevant in these times as these applications followed the port-protocol combination – all HTTP applications followed port 80 while all SSL applications followed port 443. But that’s the story of the past. Applications rose exponentially in number and variety since then. There were business-critical applications like VoIP, SAP and Salesforce; socio-business applications like Facebook and Gmail; noncritical applications like YouTube and iTunes; and finally the undesirable applications like BitTorrent, gaming applications and more, fighting for bandwidth in business networks. The already-scarce bandwidth was consumed by a small group of applications, notwithstanding their little use to the business. Business-critical applications like VoIP suffered, in other words, business suffered! The need for application visibility and application control became urgent and foremost! Cyberoam’s Application Visibility & Control feature enables organizations to prioritize applications in their networks with visibility and controls over the Application Layer 7 and the Human Layer 8. It offers following features to organizations: - Application Security - User and time-based controls for application access - Bandwidth control for applications - Layer 8 Identity and bandwidth-based application control The Application Visibility & Control feature offers complete visibility on which applications are being accessed within the organization and by which user, irrespective of their ports and protocols. application-layer threats can be easily identified and firewall rules can be set to block them right at the network perimeter, ensuring Application security. Cyberoam allows application-based Bandwidth Management in organizations to accelerate business-critical applications, stagger non-critical applications, selectively accelerate socio-business applications and block undesirable or malware-infected applications. Business-critical applications can be given maximum bandwidth. In the same way, undesirable applications can be assigned zero bandwidth, blocking their entry into the organization. For applications that are bandwidth-critical but not time-critical, limiting their access to certain times of the day eliminates the strain on bandwidth. Cyberoam thus helps organizations to ensure application QoS by helping them manage the complex matrix of applications, users and time and eliminate bandwidth shortage in business networks!
 The advent of cloud computing brings in competition for bandwidth with internal applications moving to the cloud. Organizations cannot deploy new solutions for each new challenge thrown up by the cloud. The solution lies in what firewalls what firewalls can do. If we stopped looking at firewalls or UTMs as just security solutions that block bad traffic, we would be in a position to turn them into productivity solutions that function as business enablers. Making them operate at the Application Layer 7 and the User Layer 8 enables them to view application traffic not with an outdated port protocol combination but as a dynamic function which they can then enable effectively. Using the 4 Elements of who (user), which (application), when (time) and what (bandwidth), firewalls can introduce layer 7 and 8 visibility and control based on time and bandwidth requirements to lower the peaks and troughs in the bandwidth demand, give priority to white applications, block black applications, yet allow intelligent access to grey applications. With this, they enhance productivity, yet create an attractive work place. Cloud computing adds to this complexity in application access and control. By blurring the hitherto clear distinction between internal applications hosted within organizations' data centers and external applications available over the World WideWeb, the challenge of managing application access and control becomes far more complex than is garnering attention. Traditional firewall appliance paid attention to the source and destination address, the ports and protocols. It didn't seem to matter which packet was entering or leaving the network, as long as it met the rules created for these parameters, because applications themselves followed the port-protocol combination. Further, it didn't seem to matter who received the traffic in the organization as long as the destination or source address was acceptable because few people had access to Internet.
|
RSS Feed