ISSUE 96

29 July 2019

Article of the Month   Around the World


Data Security Lessons from Recent Anti-Virus Companies� Breaches


Unexpectedly, even enemy of infection organizations aren't insusceptible to ruptures. Just as of late, it was discovered that three noteworthy US cyber security organizations were hacked by a universal cyber crime bunch that calls itself Fxmsp.

The Fxmsp breach

Last April, a prominent Russian and English-talking hacking aggregate called Fxmsp assaulted three top enemy of infection organizations in the United States. The organization extricated delicate source code from the organizations' enemy of infection programming, security modules, and AI innovation, and is offering to sell the source code, just as access to the systems, for over $300,000.

The rupture keeps on being examined by the FBI, and the unfortunate casualties haven't yet been authoritatively recognized. A report by Bleeping Computer gives us a few pieces of information, proposing that the exploited people are McAfee, Symantec, and Trend Micro.

This isn't the first run through enemy of infection organizations have been hacked. In 2012, it was discovered that programmers ruptured the Symantec arrange six years sooner, taking Norton security's source code. In 2015, both Kaspersky and Bitdefender were assaulted. Each of the three organizations guarantee that the hacks had no noteworthy effect, however the assaults regardless uncover that nobody is insusceptible to assaults, and that even the specialists need to work to stay aware of regularly developing assault procedures.


Being smart about your data: The Fxmsp breach�s biggest lesson

Presently, after four years, the Fxmsp hack is another assault on real enemy of infection organizations. There's a great deal regardless we don't think about these breaks, yet what we can be sure of is that crowds of delicate information have been undermined.

The exercise we've learned, notwithstanding the way that these cyber security organizations may need to investigate their very own security, is that more information makes organizations increasingly powerless.
Individual data about clients is a significant objective for programmers that need to blackmail cyber security organizations or sell that information on the dark market. That implies if cyber security organizations didn't gather this individual data in any case, they wouldn't be such powerless targets, and the repercussions of assaults would be far less serious.
Cyber security organizations need to eliminate the inquiries they pose to their clients and on the measure of information they gather, both for the good of their customers and their own. While the unfortunate casualties in this specific case didn't gather such close to home subtleties as driver's permit and government managed savings numbers, CSO reports that the broke records included subtleties like conjugal status, salary, and race.
It's questionable whether the accumulation of such close to home information was really important for the organization to satisfy its business needs. A mindful cyber security organization isn't one that gathers information aimlessly in light of the fact that they can; unexpectedly, it's one that limits their clients' defenselessness to presentation by gathering just the information they truly need.
In a time of client centered business and tight information assurance guideline, the best cyber security organizations - notwithstanding the least defenseless - will be those that guarantee not exclusively to ensure their clients' information, yet additionally to gather as meager information as conceivable in any case.

Moving forward: How to strengthen your own data security

Organizations should have a solid enemy of infection program set up, however they shouldn't depend on that by itself. A rupture as terrible as this fills in as a profitable exercise for the means organizations must take to fortify their information security technique. Here are five different ways organizations can improve their information security.

1. Have a strong anti-virus program

The most essential component for averting assaults is to have a solid enemy of infection program. Search for hostile to infection programming that have high malware discovery rates and that are generally simple for representatives to utilize and get it.

2. Secure the entire network

Organizations ought to always analyze their system borders to screen any remotely uncovered information. This incorporates assessing the degree to which portable and IoT gadgets interface with the organization arrange, checking cloud servers, fusing two-factor confirmation, and implanting security programs inside the gadgets themselves.

3. Make employee training a priority

The Fxmsp break could have been caused, to some degree, by lance phishing messages. Showing representatives how to appropriately react to phishing and different sorts of dangers is a basic piece of verifying your organization.

4. Vet your accomplices

Whenever you contract an outsider organization - regardless of whether for their distributing arrangement, promoting stage, or more - you have to initially gone to an unmistakable comprehension about how that organization will utilize your information. You ought to likewise ensure that the outsider association has vigorous security conventions set up so your information will be protected with them.

5. Put in a safe spot time for "flame drills"

As we probably am aware from flame drills, reenacting a calamity sets us up for reacting in a genuine crisis. By mimicking assaults, organizations can locate their powerless connections, fortify their security frameworks, and build up a convention for reacting to ruptures.



Sivamoganathan Sutharsan

is an undergraduate of General Sir John Kotelawela Defense University, Faculty of Computing who is currently following Bachelor of Science honors degree in Information Technology, currently, he is working as an Intern - Information Security Engineer at Sri Lanka CERT|CC





















1 Statistics on the Internet growth in Sri Lanka
2.The Dragon Research Group (DRG)
3.TSUBAME (Internet threat monitoring system) from JPCERT | CC
4.Shadowserver Foundation
5. Team Cymru
  Ready or Not, Blockchain-Based Mobile Voting Is Getting Closer


"...This election season, the option to vote remotely via blockchain is coming to overseas voters from nine new U.S. cities. West Virginia became the first state to pilot the technology last year, with Denver following in May as the first city. In this August�s local elections, far-flung voters from Utah County, home to the city of Provo, will be able to log their votes on a mobile application, too......"


With FaceApp in the spotlight, new scams emerge


"...The FaceApp application, which offers various face-modifying filters, is available for both Android and iOS. While the app itself is free, some features, marked as �PRO�, are paid. Recent concerns about FaceApp privacy issues have generated a huge wave of media attention......."


Agent Smith Malware Infects 25M Android Phones to Push Rogue Ads


'..Researchers are warning of a new breed of Android malware, dubbed �Agent Smith,� that they claim has infected 25 million handsets in order to replace legitimate apps with doppelgangers that display rogue ads. The malware is tied to a China-based firm, according to Check Point researchers, and is targeting users in India, Pakistan and other parts of Asia......'

The 6 best password managers



'...One of the smartest moves you can make to protect yourself online is to use a password manager. It�s one of the easiest, too. We'll help you find the best password manager for you....'

Airbus A350 software bug forces airlines to turn planes off and on every 149 hours


'....Some models of Airbus A350 airliners still need to be hard rebooted after exactly 149 hours, despite warnings from the EU Aviation Safety Agency (EASA) first issued two years ago........'

Month in Brief
Facebook Incidents Reported to Sri Lanka CERT|CC in June 2019


  Statistics - Sri Lanka CERT|CC

Security Watch: Elon Musk�s NeuraLink Links Brains to iPhones via Bluetooth

'...Technologist Elon Musk has unveiled a plan for embedding Bluetooth-enabled implants into a human brain, to enable disabled persons to regain motor and cognitive function. IT experts however noted that along with FDA approval, the idea faces hurdles in the form of significant scrutiny on the cybersecurity front...'

Just Opening A Document in LibreOffice Can Hack Your Computer (Unpatched)

"...Are you using LibreOffice?
You should be extra careful about what document files you open using the LibreOffice software over the next few days.

That's because LibreOffice contains a severe unpatched code execution vulnerability that could sneak malware into your system as soon as you open a maliciously-crafted document file....."

Ransomware hits Louisiana schools; state of emergency declared

�...Louisiana Governor John Bel Edwards on Wednesday declared a state of emergency after three public school districts were seized by ransomware.

According to local news station KSLA, one of the affected school districts, Sabine Parish in northern Louisiana, released this statement on Wednesday night:....�
Russian Hackers Build Fake Skype, Signal, Pornhub Apps to Lure Victims

."..Be careful what apps you download, especially if you are in the Caucasus. Someone is packaging powerful malware in fake versions of popular Andriod applications such as Skype, Signal, and PornHub, according to a report released Wednesday by the Lookout cybersecurity firm. ..."

Notice Board

Training and Awareness Programmes - February  2019

Date Event Venue
03 - 04 August 2019
Wed Development Training ICT Lab, Ministry of Education

Brought to you by: