news
As quarantine
continues, online
shopping and
streaming phishing
multiplies
aspersky experts have reported
K
on the rapid growth of phishing
attacks with websites that
imitate online shopping and streaming
platforms. Comparing the numbers
for Q1 2019 and the same period this
year, the share of users attacked by
fake e-shops doubled, growing from
9% to 18% of users, while the figure for
streaming services tripled up to 4%.
While millions of people who would
usually be out socialising or shopping
in the evening and on weekends are
staying home, streaming and e-markets
are becoming more and more popular.
Unfortunately, cybercriminals follows
trends too, setting traps for any popular
activities online: they either create
a copy of a web page that imitates
a landing of popular retailers and
streaming platforms or create new ones
that offer users free access in return for
their credentials or bank card details.
Tatiana Sidorina, Security
Researcher at Kaspersky, said: “Not
being able or not wanting to leave the
house at the moment is bound to create
a higher demand for online shopping
and services as people seek to buy food,
entertainment and other items online.
This, coupled with boredom shopping,
as well as desirable offers from retailers
trying to stay afloat as the economy takes
a hit, often creates a situation where
cybercriminals are prowling.”
TREND MICRO RESEARCH FINDS
MISCONFIGURATION AS NUMBER ONE
RISK TO CLOUD ENVIRONMENTS
rend Micro Incorporated,
T
a global leader in cloud
security, has released the
findings from research into cloud
security, which highlights human error
and complex deployments open the
door to a wide range of cyberthreats.
Gartner predicts that by 2021, over
75% of midsize and large organisations
will have adopted multi-cloud or hybrid
IT strategy. As cloud platforms become
more prevalent, IT and DevOps
teams face additional concerns and
uncertainties related to securing their
cloud instances.
This report reaffirms that
misconfigurations are the primary
cause of cloud security issues. In fact,
Trend Micro Cloud One – Conformity
identifies 230 million misconfigurations
on average each day, proving this risk
is prevalent and widespread.
“Cloud-based operations have become
the rule rather than the exception
and cybercriminals have adapted
to capitalise on misconfigured or
mismanaged cloud environments,” said
Indi Sirinwasa, Vice President SSA at
Trend Micro. “We believe migrating to
the cloud can be the best way to fix
security problems by redefining the
corporate IT perimeter and endpoints.
However, that can only happen if
organisations follow the shared
responsibility model for cloud security.
Taking ownership of cloud data is
paramount to its protection and we’re
here to help businesses succeed in
that process.”
The research found threats and
security weaknesses in several
key areas of cloud-based computing,
which can put credentials and
company secrets at risk. Criminals
capitalising on misconfigurations
have targeted companies with
ransomware, cryptomining,
e-skimming and data exfiltration.
Misleading online tutorials compounded
the risk for some businesses leading
to mismanaged cloud credentials
and certificates. IT teams can take
advantage of cloud-native tools to help
mitigate these risks but they should not
rely solely on these tools.
10 Issue 25 | www.intelligentciso.com