Connect with us

Uncategorized

Endpoint Malware and Ransomware in First Three Quarters of 2021 Topped All of 2020, WatchGuard Reports — THE Journal

Published

on

Internet Security Report

Endpoint Malware and Ransomware in First Three Quarters of 2021 Topped All of 2020, WatchGuard Reports

WatchGuard Technologies, a global network security and intelligence provider, said in a new Internet Security Report released today that endpoint malware and ransomware attacks during the first three quarters of 2021 totaled more than in all of 2020.

The report, highlighting malware trends and network security threats for Q3 2021, is based on analyses by WatchGuard Threat Lab researchers. “While total perimeter malware detection volume decreased from the highs reached in the previous quarter, endpoint malware detections have already surpassed the total volume seen in 2020 (with Q4 2021 data yet to be reported),” WatchGuard said in a news release, also noting that “a significant percentage” of malware continues to arrive over encrypted connections, a trend noted in previous quarters.

“While the total volume of network attacks shrank slightly in Q3, malware per device was up for the first time since the pandemic began,” said Corey Nachreiner, chief security officer at WatchGuard. “Looking at the year so far as a whole, the security environment continues to be challenging. It’s important that organizations go beyond the short-term ups and downs and seasonality of specific metrics, and focus on persistent and concerning trends factoring into their security posture.”

Notable findings from the report include:

Nearly Half of Zero-Day Malware Delivered Via Encrypted Connections: The percentage of malware that arrived via Transport Layer Security jumped from 31.6% to 47%. “A lower percentage of encrypted zero-days are considered advanced, but it is still concerning given that WatchGuard’s data shows that many organizations are not decrypting these connections and therefore have poor visibility into the amount of malware hitting their networks,” the report states.

As Users Update Microsoft Windows and Office, Attackers Are Focusing on Newer Vulnerabilities: “In Q3, CVE-2018-0802 – which exploits a vulnerability in the Equation Editor in Microsoft Office – cracked WatchGuard’s Top 10 gateway antivirus malware by volume list, hitting number 6, after showing up in the most-widespread malware list in the previous quarter,” the report states. “In addition, two Windows code injectors (Win32/Heim.D and Win32/Heri) came in at Numbers 1 and 6 on the most-detected list, respectively.”

Attackers Disproportionately Targeted the Americas: Network attacks targeting the Americas accounted for 64.5% of Q3 threats; Europe came in at 15.5% and APAC, 20%.

The Top 10 Network Attack Signatures Are Behind a Majority of Threats Detected: Of the 4,095,320 hits detected in Q3, 81% were attributed to the top 10 signatures. “In fact, there was just one new signature in the top 10 in Q3, ‘WEB Remote File Inclusion /etc/passwd’ (1054837), which targets older, but still widely used Microsoft Internet Information Services (IIS) web servers,” the report states. “One signature (1059160), a SQL injection, has continued to maintain the position it has held atop the list since early 2019.”

Scripting Attacks On Endpoints Continue At Record Pace: By the end of Q3, WatchGuard’s AD360 threat intelligence and Endpoint Detection and Response had recorded 10% more attack scripts than in all of the previous year. As hybrid workforces start to look like the rule rather than the exception, a strong perimeter is no longer enough to stop threats.

Even Trusted Domains Can Be Compromised: A protocol flaw in Microsoft’s Exchange Server Autodiscover system allowed attackers to collect domain credentials and compromise several normally trustworthy domains. “Overall, in Q3, WatchGuard Fireboxes blocked 5.6 million malicious domains, including several new malware domains that attempt to install software for cryptomining, key loggers and remote access trojans, as well as phishing domains masquerading as SharePoint sites to harvest Office365 login credentials,” the report states. “This highlights the critical need for organizations to focus on keeping servers, databases, websites, and systems updated with the latest patches to limit vulnerabilities for attackers to exploit.”

Ransomware Continuing To Increase: After a decline in 2020, ransomware attacks reached 105% of 2020 totals by the end of September 2021 and were on pace to reach 150% once all of the 2021 data is analyzed. “Ransomware-as-a-service operations continue to lower the bar for criminals with little or no coding skills, providing the infrastructure and the malware payloads to carry out attacks globally in return for a percentage of the ransom,” the report says.

WatchGuard’s quarterly research reports are based on anonymized data from active WatchGuard Fireboxes whose owners have opted to share data in direct support of the Threat Lab’s research efforts. In Q3, WatchGuard blocked a total of more than 16.6 million malware variants (454 per device) and more than 4 million network threats. Visit WatchGuard’s website to view the full report, which includes details on malware and network trends, a deep-dive into threats detected at the endpoint, security recommendations and critical defense tips for businesses of all sizes and in any sector, and more.

Source link

Uncategorized

Inventionland Course and Contest Leads to Product License for Middle School Students — THE Journal

Published

on

STEM & STEAM

Inventionland Course and Contest Leads to Product License for Middle School Students

Two eighth-grade students in the Grove
City (PA) Middle School
have garnered a product
license for their invention following completion of Inventionland’s
K–12
Innovation Curriculum
course and winning both their
middle school and regional contests. The course, which Inventionland
describes as a “cross-discipline STEAM toolbox,” uses the same
proprietary
nine-step invention process
the company follows in its
own commercial applications.

The
Innovation Curriculum is divided into elementary, middle, and high
school sections, with age-appropriate activities for various grades.
Students work in teams to develop a new product. Upon completion,
teams can enter their inventions in local, regional, and national
contests. Inventionland also helps schools to design and reconfigure
classrooms and underutilized spaces into “innovation
labs
” that facilitate immersive learning.

In
Inventionland’s nine-step process, steps 1 to 3 focus on
discovering a problem and inventing ideas to solve it using STEAM
skills. In steps 4 to 6, students sketch and create concept models of
their invention. In steps 7 to 9, they make a working model, create
packaging, and develop a marketing presentation.

They
are then ready to enter their inventions in contests
,
starting at the local level, with winners moving on to regional and
national levels, as the Grove City students did. Inventionland’s
founder, George Davis, impressed with the two girls’ invention,
contacted a product distribution company, who offered a licensing
agreement.

Visit
this page for more background on Inventionland’s history and its
education curriculum
. See
a video about how Grove City Middle School implements the Innovation
Curriculum.

Source link

Continue Reading

Uncategorized

Texas CIO Report Calls for New Law Requiring K–12 Schools to Report All Cyber Incidents — THE Journal

Published

on

Cybersecurity & Data Privacy

Texas CIO Report Calls for New Law Requiring K–12 Schools to Report All Cyber Incidents

Expansion of Digital Signatures, Regional Joint IT Operations for Local, State Agencies Also Proposed

The Texas Department of Information Resources, in its newly released Biennial Performance Report, has asked the state legislature to require Texas school districts to report cybersecurity incidents to its office within a minimum reporting timeframe.

Currently, public schools in Texas are required to notify the Texas Education Agency of cyber incidents that result in unauthorized theft, duplication, transmission, use, or viewing of student information that is “sensitive, protected, or confidential as provided by state or federal law.” And the Texas Business and Commerce Code says that includes encrypted data, too, if the threat actor has the decryption key.

But, as the Texas Association of School Board discusses at length in several website guides for districts, neither of those laws explain much beyond that — and neither law requires the TEA to publish or share any accounting of the cyber incidents that are reported by school districts. Historically, the TEA has considered such data to be exempt from Freedom of Information laws.

The BPR, released Nov. 16, also requested legislative action to expand DIR’s pilot program with Angelo State University in West Texas that established a Regional Security Operations Center to provide university students with hands-on cybersecurity experience and give boots-on-the-ground support to local taxpayer-funded agencies — including K–12 school districts — that need assistance with major cybersecurity incidents.

The BPR tracks state-funded agencies’ technology progress in fiscal years 2021 and 2022; highlights their technology accomplishments; lists areas of concern; and recommends policy and legislative changes to improve the effectiveness of IT operations at state and taxpayer-funded agencies.

“Over the past two years, state agencies in Texas showed significant progress in delivering secure, innovative technology that makes government more efficient, effective, transparent, and accountable,” said Amanda Crawford, DIR’s executive director and Texas’ Chief Information Officer, in a statement announcing the report’s release. “I applaud the hard work and effort of state agencies which, along with the support of the Texas Legislature, drive the state of Texas to lead the nation in delivering a secure, digital government through well-designed, innovative, and efficient technology solutions.”

The 2022 BPR is available on the DIR website at https://dir.texas.gov/strategic-planning-and-reporting/biennial-performance-report.

Other legislative recommendations relevant to public schools included in the new BPR:

  • Enable private sector peer-to-peer payment solutions commonly used by the public to provide additional payment methods for government services
  • Enable broader access to digital government services, streamlined processes, and digitization by expanding the use of digital signatures

In discussing the need for better, thorough incident reporting, the BPR states:

“Sharing information is essential for protecting public sector assets, personal or sensitive information, and critical infrastructure. State agencies and institutions of higher education are required to report certain types of security incidents to DIR within a minimum timeframe … suspected cybersecurity incidents, including breaches and ransomware attacks, to DIR. School districts report cybersecurity incidents to the Texas Education Agency and county election officials are required to notify the Secretary of State,” the report reads.

“Also, Texas law does not set a standard timeframe for local governments to report cyberattacks. This incongruent reporting of cybersecurity incidents may hinder Texas in tracking trends and understanding the scope and complexity of cyberattacks as well as how they may be related to another cyberattack. By requiring municipalities, school districts, and counties to report cybersecurity incidents to DIR, the state will have a more complete picture of potential threats and may be able to prevent future attacks, avoiding costly response and recovery efforts.”

About the request for funds to expand the RSOC pilot program, the report states:

The law authorizing the RSOC pilot program states the RSOC “may offer network security infrastructure that local governments can utilize and provide real-time network security monitoring; network security alerts; incident response; and cybersecurity educational services. Eligible customers of the RSOC include counties, local governments, school districts, water districts, and hospital districts,” according to the BPR summary.

“DIR’s vision for the RSOC initiative is to partner with additional public universities and establish RSOCs throughout the state to serve local entities and assist in protecting the state from cyber threats,” Crawford wrote in the report. “This vision aligns with a whole-of-state approach to cybersecurity that increases the threat protection and cyber maturity of all of Texas through collaboration and partnerships. DIR is requesting funding from the 88th Legislature to establish two additional RSOCs including one in the Rio Grande Valley and one in central Texas.”

Calls for More Digital Signatures and Blockchain Guidance

Another DIR recommendation that would impact public schools statewide, if lawmakers act, is for new legislation to enable broader access to digital government services, streamlined processes, and digitization by expanding the use of digital signatures.

“Currently, a digital signature can be used to authenticate a written electronic communication sent by an individual to a state agency or local government if the signature complies with DIR’s rules as well as rules adopted by the state agency or local government,” the BPR explained. “Allowing more digital signatures in lieu of handwritten signatures, without additional rule-making, could lead to improved administrative efficiency and reduced costs.”

A final recommendation for lawmakers spelled out in the BPR is “provide guidance for distributed ledger and blockchain technology best practices.”

Nationally, a handful of U.S. universities have piloted using blockchain technology to store and share digital credentials such as academic records; although widespread adoption of blockchain for academic records at any level isn’t seen as likely to happen anytime soon, the DIR noted that 10% of state agencies have said they’re considering adopting distributed ledger-based systems.

View or download the full 2022 BPR at https://dir.texas.gov/strategic-planning-and-reporting/biennial-performance-report.

Source link

Continue Reading

Uncategorized

Smart Technologies Rolls Out Android 11 Update as Part of iQ 3.12 Release for Smart Boards — THE Journal

Published

on

Classroom Technologies

Smart Technologies Rolls Out Android 11 Update as Part of iQ 3.12 Release for Smart Boards

Interactive whiteboard maker Smart Technologies has announced its iQ 3.12 release, which includes an over-the-air upgrade to the Android 11 operating system. The company says the automatic update includes better performance, features, and security and privacy upgrades, allowing more product cycle control and convenience for users.

Smart Technologies announced in Spring 2022 it was the first manufacturer to launch interactive displays supporting Android 11, with functions that relieve users from having to purchase new panels or modules. The November 2022 over-the-air update provides:

  • Android 11 upgrades to SMART V3 interactive displays with the iQ platform;
  • Greater interoperability and support for 64-bit apps; and
  • Improved iQ platform longevity using the Android 11 support timeline for patches and security updates.

In addition, all supported iQ displays will automatically receive these features, the company said:

  • Whole-class collaborative whiteboard improved with content attribution for student contributions from their devices;
  • New pedagogically designed ready-made resources for student contribution from devices;
  • Single-question assessments such as polls;
  • ‘Shout it Out’ brainstorming templates; and
  • Exit tickets and knowledge gathering.

Visit this page to learn more about Smart interactive boards for education and see this page for a comparison of Smart board displays and specs.

Source link

Continue Reading

Trending

URGENT: CYBER SECURITY UPDATE