Sunday, November 29, 2015

Issue 40 - Week of Nov 23rd

1. The Target breach, two years later: It was exactly 2 years ago that Target was hacked, even today it remains the most significant breach in history because it was the first time the CEO of a major company was fired because of a data breach. Target says it has since taken a number of actions to repair and improve its security posture - the retailer brought in new senior leadership with cybersecurity know-how, the retailer also rolled out EMV-compliant POS terminals in all of its stores (the ones that accept chip and pin), several changes were made in the network and its structure. Until some time ago Organizations would not take security seriously until they had breach but it is now slowly changing with several of them taking proactive measures. 

2. RSA warns of Zero detection Trojan: Zero-day vulnerabilities and zero detection malware threats continue to bother cyber security professional worldwide. Last week RSA announced the discovery of GlassRAT, a zero detection malware that has been around for more than 3 years. RSA also presented evidence that GlassRAT's command and control (C2) infrastructure has some historical overlap with other malicious malware campaigns that have previously targeted Asia-based organizations. The malware comes with reverse shell capabilities and allows for data exfiltration, file transferring, process listing, and other typical RAT capabilities. It is also known to have used the trademarked icon of Adobe Flash Player and to have been named "Flash.exe" in the past. 

3. Stealthy ModPOS is 'Most sophisticated PoS malware' ever: Researchers are warning retailers about ModPOS malware in their systems that is nearly impossible to detect, can do a whole lot more than just scrape customers credit card data. ModPOS is modular. In addition to the PoS card scraper module, it also has a keylogger, an uploader/downloader (with which it could add other pieces), and plug-ins for scraping credentials, and gathering local system and network information. The malware is able to stay persistent and obfuscated because every module is a rootkit (operates in kernel mode). 

4. Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware: All earlier verisions of Cryptowall were being spread through spam and Phishing emails, last week researchers have found that for the first time Cryptowall 4.0 has been infecting machines via an exploit kit. The move to Nuclear, won’t be exclusive; industry expects other exploit kits, including Angler, to eventually redirect compromised sites their way. Attackers will continue moving Cryptowall 4.0 via spam as well. 

5. United Airlines waits 6 months to patch critical flaw submitted to bug bounty program: A security researcher found and reported a critical vulnerability to United Airlines that could allow an attacker to “completely manage any aspect of a flight reservation using United’s website.” He claims United Airlines, which announced a bug bounty program about six months ago, didn’t deploy a fix for five months and only plugged the holes after he threatened to publicly disclose the unpatched vulnerability. 

6. Blackhole Exploit Kit Makes a Comeback: The once-popular Blackhole exploit kit has returned, attempting to infect using old exploits but also showing signs of active development. The return of Blackhole suggests that cyber-criminals may be reusing the code (a lot of criminals do not reinvent the wheel), they will use older infrastructure and build on top of it. Exploit kits are software programs used by cyber-criminals to infect victims and install malicious software (Dropper file). They are a basic building block for creating botnets and infecting users' systems to steal information. 

7. Starwood and Hilton suffer data breach: Starwood Hotels and Resorts is investigating data breaches at 54 locations. A malware breached and affected point-of-sale systems at all the 54 locations. The attackers gained access to credit card information, including cardholder name, card number, security code and expiration dates. In a separate incident, Hilton publicly disclosed last week that it was hit by a cyber-attack and noted that unauthorized malware targeted payment card information at its Worldwide hotels. It's not uncommon for attackers to use malware and tactics across entities within the same industry as most of them use very similar software that have similar vulnerabilities. 

8. Dell acknowledges security hole in new laptops: Last week, Dell said that a security hole exists in some of its recently shipped laptops that could make it easy for hackers to access users’ private data. This flaw is being compared to Superfish (adware preinstalled on Lenovo computers earlier this year). The Flaw: Dell PCs were found to have the eDellRoot certificate and private key preinstalled, and worse, they were found to be the same across all of Dell's affected laptops. Using this anyone could launch a Man in the Middle Attack and redirect browser traffic to spoofs of real websites. 

9. CISO Forum in India: In a hall full of CISOs of key Indian private companies during an event in Chandigarh, many CISOs present did not know which authority in government needs to be approached in case of a cyber-attack. A few mentioned that they would approach Indian Computer Emergency Team (CERT-In), few mentioned that they will go to National Critical Information Infrastructure Protection Centre (NCIIPC), few mentioned that they will go to the cyber police station in their city while a few were of the opinion that they will go to the local police station. One of the CISOs narrated an interesting situation when local police demanded a photograph of data which was stolen. :-)

10. Indian hackers deface Pakistani websites on 26/11 anniversary: Underground Indian hacking groups have launched an attack on Pakistani websites on the seventh anniversary of 26/11 Mumbai attacks. Cybercrime experts' claim several hacking groups carried out a mass defacement operation on key Pakistani websites to pay "homage to the martyrs of 26/11 terror attacks". Recently, hacking group Mallu cyber soldiers claimed to have hacked several Pakistani websites and servers to avenge Pakistani attacks.

Sunday, November 22, 2015

Issue 39 - Week of Nov 16th

1.       Following Paris attack, Clinton tells Silicon Valley to be a team player: Hillary Clinton wants Silicon Valley to stop being so stubborn. That's the message from the Democratic front runner in the US presidential race following attacks in Paris last week that renewed debate about technology's role in terrorism. Clinton told the tech industry it can't simply ignore the federal government's need to track down extremists and tech companies should not view government as its adversary. Federal officials have repeatedly requested an option that wouldn't weaken encryption for everyone but still make it possible for law enforcement to track potential foreign spies and violent extremists.

2.       Counter view: Tech group rejects push to let Govt. into encrypted data: In its first comments since the attacks, which killed at least 129 people and wounded hundreds more, the Information Technology Industry Council (ITI) argued that ensuring access to encrypted devices would be ruinous for global security. "We deeply appreciate law enforcement's and the national security community's work to protect us," said ITI CEO in a statement. "But weakening encryption or creating backdoors to encrypted devices and data for use by the good guys would actually create vulnerabilities to be exploited by the bad guys, which would almost certainly cause serious physical and financial harm across our society and our economy.

3.       Dyre banking malware: Windows 10 and Edge browser now targets: The notorious Dyre banking malware has been updated to take on Windows 10 machines and hook its claws into the Edge browser. Dyre appeared on the cybercrime scene in July 2014 and has quickly gained a reputation as a nasty piece of malware that aims to steal credentials. It's been found to target Salesforce users and banking customers. When a Dyre infected user tries to open any banking site, the credentials are first stolen and then the malware tricks users to call a telephone number and the person on the other end scams these victims.

4.       Crooks use old-school Conficker virus to infect police body cams: It is not surprising when Chinese phones come with pre-installed malware but it is definitely surprising when police body cams come with pre-installed malware. The malware infects PCs physically connected to the body cams and it spreads quickly across the network. Conficker was a major concern a few years ago, mostly for Windows devices.  IoT vendors are driven by time to market, functionality, and pricing pressures, meaning they will invest very little time, effort and money on IoT device security. This puts the onus of securing the devices before and after installation, very much on the users.

5.       2015 has been very successful year for hackers: The number of data records lost (in the first 10 months) to hackers is more than twice that of 2014. Researchers have now found that the Exploit kit activity is on a massive upswing and that the command and control (CnC) infrastructure behind these kits has mushroomed last quarter. The cybercrime economy thrives on this infrastructure and hackers rent it for as low as $500/month and earn $80k in returns. Angler, Magnitude, Neutrino, and Nuclear are the 4 major exploit kit families, with Angler estimated to have 82% market share. If these patterns remain consistent, one can expect 2016 to be deadlier than 2015.

6.       A 23-year-old Windows 3.1 system failure crashed Paris airport: A Paris airport was forced to shut down earlier this month after a computer running Windows 3.1, a prehistoric operating system, crashed in bad weather. The system connected the weather Bureau to ATC and this crash grounded flights for several hours. Older / obsolete systems are likely to have several known vulnerabilities and these remain prone to attacks and crashes, with rarely any support from OEM.

7.       Thousands of sites infected with Linux encryption ransomware: We discussed this last week, now there are several reports of infections coming in from various parts of the world. Researchers say the ransomware is designed to infect Linux machines set up to host websites by exploiting vulnerabilities in the Magento e-commerce platform and various content management systems (CMSs). It is estimated that there are over 3000 infections and the number will continue to rise. This infection does not depend on Social engineering it is exploiting a known vulnerability and hence it is strongly encouraged to update any outdated software.

8.       HDFC bank to monitor ATM fraud transactions on real time basis: Almost everybody carries a smart phone today and location of the phone can be easily found out. The Bank will be able to use this data and match it with the ATM location data. If the ATM card is being used at a location which is at a different location from the phone, then it will raise an alert. The bank's software can then either decline the transaction or seek a confirmation from the user before allowing the transaction. The bank is yet to lay down rules regarding the distance between  the ATM where the transaction is taking place and the mobile phone.

9.       Indian hackers target Pak Govt. entities: Two India-based cyber hacking groups have attacked defense and government establishments of Pakistan and some West Asian countries last month. The attacks were in the form of spear phishing, where an email with an attachment or link is sent to targeted individuals to gain unauthorized access to confidential data, the links used were that of spoofed new agencies websites to attract clicks. These APT attacks were only targeted to Govt. agencies.


10.   Spy firm publishes Price List for secret hacker techniques: The buying and selling of secret hacker techniques known as “zero day exploits”, has long taken place in the dark, hidden from the companies whose software those exploits target, and from the privacy advocates who criticize the practice. But one zero-day broker is taking the market for these hacking techniques into the open, complete with a full price list.  See below. In related news, a different firm that paid $1M for latest Apple hack is also in the business of selling Zero day exploits.

Sunday, November 15, 2015

Issue 38 - Week of Nov 9th

1.       U.S. charges three Israelis in huge cyber-fraud targeting JPMorgan, others: U.S. Attorney Preet Bharara in a press conference last week unveiled criminal charges against the three men accused of running a sprawling hacking and fraud scheme that included a huge attack against JPMC and generated hundreds of millions of dollars of illegal profit.  This fraud is described as a vast, multi-year criminal enterprise centering on hacks of at least nine big financial and publishing firms and the theft of information on 100 million of their customers that fueled a web of stock manipulation, credit-card fraud and illegal online casinos. From 2012 to mid-2015, the suspects and their co-conspirators successfully manipulated dozens of publicly traded stocks, sent misleading pitches to clients of banks and brokerages whose e-mail addresses they’d stolen, and profited by using trading accounts set up under fake names, prosecutors said.

2.       Linux hit by crypto-ransomware - but attackers botch private key: Admins are facing a variant of Linux malware (Linux.Encoder.1) that encrypts files on infected web servers. But the good news for now is the private key that locks down those files is predictable. The crypto-ransomware is aimed at Linux system administrators and demands exactly one Bitcoin (~$350) to restore access to key files. Researchers analyzed the malware and said it was extremely similar to more widespread ransomware for Windows machines, such as CryptoLocker and TorLocker, which have reportedly made tens of millions of dollars for their operators.

3.       No two factor authentication- FBI got basic security wrong: Hackers earlier this month were able to access a US law enforcement arrest database, and posted screenshots to Twitter. The hackers also gained access to a police file transfer service, and an instant messaging service for police, and a real-time intelligence-sharing platform, among others.  A servers were located in one centralized location, and were accessible by a single sign-on process -- using one username and one password. What's more surprising is that the FBI trumpets two-factor authentication as one of the prime ways of keeping data safe. FBI warned that it takes this very seriously and will hold accountable those who engage in illegal activities in cyberspace.

4.       Bug bounty programs help but researchers need a platform to report: Many computer-security researchers think the world would be a safer place if they could easily report bugs to software creators, so the holes could be patched before hackers exploit them. But there's a problem: 94% companies don't advertise a way for users to report bugs, such as J.P. Morgan Chase, Bank of America, Allstate Insurance, Ford Motor, etc. The exceptions who do are: Facebook, Microsoft, Apple, Amazon, etc. As discussed in Week of Aug 10th post, Oracle's CSO had equated recreating and testing the source code behind Oracle products with 'sinning', Oracle has since removed the post.

5.       New Ransomware business cashing in on CryptoLocker's name: A new service launched last week is offering a new Ransomware product under the name CryptoLocker service to anyone willing to pay ten percent of the collected ransom. CryptoLocker Service requires a $50 USD fee to begin with, which customers (other hackers) pay in order to get the basic Ransomware payload. Once the payment is done, customers will be allowed to specify the amount of ransom money they want to receive and account details for Bitcoin transfer. When crytpolocker file is executed on the victim's machine it encrypts all files. If the victim pays the demanded ransom, the payment address will forward the funds – less a ten percent fee – to the Bitcoin wallet designated by the CryptoLocker Service customer. MaaS – Malware as a Service.

6.       Latest Android phones hijacked with tidy one-stop-Chrome-pop (does not require multiple chained vulnerabilities to work): Google's Chrome for Android has been hacked in a single exploit that could lead to the compromise of any Android handset. The exploit, showcased at MobilePwn2Own at the PacSec conference in Tokyo last week, targets the JavaScript v8 engine. It can probably hack all modern and updated Android phones if users visit a malicious website. As soon as the phone accessed the website the JavaScript v8 vulnerability in Chrome was used to install an arbitrary application without any user interaction, thereby taking complete control of the phone.

7.       Apple and Google remove Instagram password-stealing app from app stores: Google and Apple have removed a malicious third-party Instagram app that stole passwords – but only after it had become a top-grossing app in the App Store and gained over 100,000 users from Google Play. iOS developers raised the alarm over the app 'Who Viewed Your Profile - InstaAgent', posting on Twitter that it was storing Instagram usernames and passwords and sending it in clear-text to a remote server. As discussed in Issue 31, Apple had earlier discovered dozens of apps in the China App Store laced with the XCodeGhost malware.

8.       All Windows users should patch these two new 'critical' flaws: The software giant [Microsoft] released the patches Tuesday as part of its monthly release of security updates. All users running Windows Vista and later - including Windows 10 - are affected by two flaws, which could allow an attacker to install malware on an affected machine. The patch, MS15-112 addresses a memory corruption flaw in Internet Explorer. If exploited, an attacker could gain access to an affected machine, gaining the same access rights as the logged-in user, such as installing programs, and deleting data.

9.       Tax talks - Central Board of Direct Taxes will be using email for correspondence with taxpayers: In order to improve services, CBDT will be using email for correspondence with taxpayers for notice on scrutiny and getting responses from them. To start with, it will be on a pilot basis in five cities — Delhi, Mumbai, Bengaluru, Ahmedabad and Chennai. This will reduce the need for taxpayers to personally meet the tax officers. To avoid impersonation authorities will only be using '@incometax.gov.in' domain. The 'Tax notice' will now be an eNotice and will be followed up with a SMS to ensure people read those emails and respond. An online portal is also being mooted which will enable all tax payers to upload returns and communicate to CBDT directly.


10.   Japan its own enemy in push to improve cybersecurity: Apart from rogue hackers, criminal organizations or even state-backed cyber-warfare units, Japan's businesses and government agencies are facing a unique cybersecurity foe: themselves. The primary reason is the widespread corporate culture that views security breaches as a loss of face, leading to poor disclosure of incidents or information sharing at critical moments.  Rank-and-file workers fear reports of security lapses may get them punished, the problem reflects a broad lack of understanding of cybersecurity among the top ranks of Japanese executives. The cybersecurity industry around the world, not just in Japan, frequently echoes the call for greater transparency within and among organizations. In many ways, several other countries including India suffer from such cultural barriers.

Sunday, November 8, 2015

Issue 37 - Week of Nov 2nd

1.       Dridex malware is behind the recent draining of over £20 million from UK bank accounts. The malware harvests banking details which are then used to steal cash. The victims get infected when they open documents from seemingly legitimate emails. The National Crime Agency in the UK said there might be thousands of infected computers out there and most of these are Windows. An interesting development last week was a regional move to target Australia. Dridex botnet related email were being sent to potential victims in the land down under. The focus on Australia in the email lure targeting was further confirmed by analysis of the botnet configuration file. The configuration file downloaded by infected computers included directions to take "Clickshots" when potential victims access certain Australian banking websites.

2.       Vodafone admits hack, customer bank details stolen: Vodafone has admitted to a security breach which has led to the theft of sensitive information belonging to 1,827 customers in the United Kingdom. Last week, the telecommunications provider released a statement saying that "unauthorized account access" took place between midnight on Wednesday 28 October and midday on Thursday 29 October. The company says the cyber-attack took place through email address and password credentials "from an unknown source" outside of Vodafone, and the firm's systems have "not been compromised or breached in any way. Be that as it may - 1,827 customer accounts were accessed, giving the hackers data including names, telephone numbers and the last four digits of their bank account -- potentially leading to identity theft and fraud.

3.       Anonymous exposes identities of 1000 KKK members: Under the informal handle #opKKK, Anonymous revealed the impending reveal several days ago and now has released the identities of 1000 alleged KKK members in a data dump online.

4.       In Issue 31 we did discuss this offer - "Cybersecurity firm offers $1 million for Apple hack". In less than 2 months - Hacker claims $1 million iOS 9 exploit bounty: Last week the cybersecurity firm has announced the payout of a seven-figure prize to a team which has provided a remote exploit for Apple's latest mobile operating system. They said a team has managed to provide an exclusive exploit for use against iPhone users running iOS 9, leading to an award of $1 million. The winning team setup a compromised web page and when the victim visited this webpage through Safari or Chrome browsers, an arbitrary app was remotely installed, the compromise is also possible through a text or multimedia text message.

5.       BlackBerry promises monthly Android patches; can override carriers for critical hotfixes: BlackBerry has joined other Android phone makers by promising timely security fixes. The smartphone maker said last week - it will join other device makers by rolling out security patches within about a month of their initial disclosure. BlackBerry, now an Android phone maker, following the debut of its first phone running Android, said in a blog post that it was "critical" to fix Android flaws in a timely fashion.

6.       Hacking Team returns with encryption cracking tool pitch to customers: As law enforcement grumbles over the uptake in encryption services offered by technology firms, Hacking Team is keen to get back in the game and restore its client list through a new set of encryption-breaking tools. Companies including Apple and Google are taking the personal security and privacy more seriously. Google's latest mobile OS, Android L, will offer encryption by default, mirroring and keeping up with Apple's iOS 8 operating system. In retaliation to these movements, the FBI is complaining that encryption will cause terrorist and criminal cases to " go dark," hampering efforts to prevent criminal incidents. In middle of all this Hacking team finds a market. This blog reported the hacking team hack on July 12th 2015.

7.       Mobile malware evolves: Adware now breaks and roots your phone: Mobile threats just raised their game with adware-based malware which can root your device without your consent. In the past, adware was little more than a nuisance and hackers had to entice users to click on the banner or ad to infect the machine/device. Times have now changed and it may only take a victim viewing a compromised Web page for third-party apps to be installed without user consent. Another issue is Repackaged apps. The cyber-attackers repackage and rebuild apps (ex: Candy Crush, Facebook, GoogleNow, Twitter, Snapchat and WhatsApp) with malicious code before releasing them back into the wild and third-party app stores. The problem? It's not easy to tell what is legitimate and what isn't.

8.       Racket on prowl for OTPs, too: The one-time password (OTP) security feature is your best friend for online transactions. Cyber fraudsters are trying every trick in the book to get past it. Most e-commerce sites now insist on a third-level authentication — the four-digit or six-digit OTP. Given the nature of transactions now, time-barred OTPs are sent by the banks only to the registered mobile number of the customer. A roadblock which the fraudsters are trying to breach. They call and try to convince or feign to be an authentic bank employee and ask for the OTP. Banks are going to great lengths to create awareness about this, Banks will never call customers seeking account or card related information. Callers may have all the details of the victim's credit or debit card number, expiry date and even CVV number. But given the third-level authentication systems in place, they would need the OTP to carry out any net-based transaction with the card.

9.       Raytheon | Websense Security Labs researchers have identified a recent malvertising campaign affecting a popular Indonesian technology news site, Tabloid Pulsa. Users browsing to this site are being redirected to an exploit kit and served up malware, due to a compromised advertising script that is being used by the site. The website has close to 1 million hits per month. It is worth noting that no user interaction was required at any point--simply visiting the compromised website was enough to end up with malware being executed on the victim’s machine. Raytheon | Websense customers are protected against this threat via real-time analytics in ACE, the Websense Advanced Classification Engine.


10.   Class 12 student finds Gauhati University website highly insecure, says can be hacked through phone: Students of the prestigious Gauhati University aren't aware that their mark sheets stored on the servers of the university could be easily accessed by a mid-level cyber expert with chances of serious compromise to the data. Last December, a class 12 student found flaws in the network server of the university and had accessed their complete database through his Android phone. He informed the university registrar through a mail immediately. While he thought the vulnerabilities he pointed out to the university were rectified, he was shocked to find that the issue wasn't resolved till last week. He again mailed to the university, but nothing was done. He told media, "I am a web security enthusiast and while researching on security faults, I managed to access the Gauhati University control panel with ease through my Android phone. What if someone with bad intentions exploits the vulnerabilities and play with the future of thousands of students studying in the university?"

Sunday, November 1, 2015

Issue 36 - Week of Oct 26th

1.       TalkTalk Hack: UK ISP TalkTalk which was hacked recently has conceded that it could face a compensation bill running into millions, for customers whose bank accounts were raided after the telecom company was targeted in a huge cyber-attack. While TalkTalk was forced to shut down its website temporarily, Police arrested two teenage boys in relation to the "significant and sustained cyber-attack", they were later given bail. A 20 year old has also been arrested. The CEO of TalkTalk has apologized to customers and said, "This is a crime, a criminal has attacked TalkTalk systems and we are not the only ones, whether it is the US government, Apple, a whole host of companies."

2.       Train rider has his contactless card e-pickpocketed: Contactless bank payments usually rely on RFID or on Near Field Communication (NFC). These cards enable fast, low-value payments, typically with no signature or PIN required, merely by holding a card near a reader. Last week, in a crowded train, a man deliberately bumped into another man for a bit too long. The Victim did suspect the incident and called his bank to realize that his card was used in the train for an unauthorized transaction of £20. Users of such cards are using special sleeves, pouches and wallets but they do not always help, best thing is to always keep an eye on your bank statements, If you notice anything that doesn't look right, contact your bank immediately.

3.       Joomla flaw exploited in the wild within hours of disclosure: Joomla is a free and open-source content management system (CMS) for publishing web content. Joomala released 3.4.5 last week and announced that the new release patches three vulnerabilities, including a critical SQL injection issue. Within 4 hours of this release, hackers began to exploit the older versions of Joomla. It is reported that there have been 12000 daily hits on websites using Joomla. This data tells us is that the webmaster of an average site has less than 24 hours to patch after a serious disclosure like this and only a couple of hours for a popular site.

4.       000webhost hacked, 13 million customers exposed: Free website hosting service 000webhost has suffered a data breach which has placed the service's security practices under scrutiny. 000webhost is a free web hosting service which supports both PHP and MySQL, catering for millions of users worldwide. Last week, the firm told users in a Facebook message that the company had suffered a data breach on its main server. A hacker used an exploit in an old, unpatched version of PHP to upload malicious files and gain access to the service's systems. Not only was the full database containing the usernames, plain text passwords and email addresses compromised, but this information has been dumped online as well.

5.       Google to Symantec - Clean up your act or be branded unsafe: Google is evidently not very pleased about security firm Symantec's recent performance when it comes to issuing secure Web certificates and has outlined a list of demands to prevent the same mistakes from happening again. In September, Symantec fired a number of employees following glaring mistakes in issuing transport layer security (TLS) certificates. The company said "employee error" caused cryptographic certificates to be issued online without the consent of either Google or Symantec, allowing attackers to impersonate Google pages protected by HTTPS.

6.       MySQL servers hijacked with malware to perform DDoS attacks: Attackers are compromising MySQL servers with the Chikdos malware to force them to conduct DDoS attacks against other targets. Researchers have discovered malware that targeted MySQL servers to make them conduct distributed denial-of-service (DDoS) attacks against other websites. The majority of the compromised servers are in India, followed by China, Brazil and the Netherlands.

7.       Pentagon creates cybersecurity exchange program with industry: The U.S. Defense Department is sending its personnel on tours with private cybersecurity companies and bringing in specialists from those companies to gain the skills necessary to defend military networks from hackers. Last week Pentagon's CIO said, "There's not a time when I'm not being attacked somewhere in the world and We're looking to industry to help us solve problems in some specific areas."

8.       A security researcher claims that all Fortune 500 companies have been hacked: In an interview with Bloomberg the researcher has said that all Fortune 500 companies have experienced successful hacks. He said - If you have a big enough infrastructure, you won’t be able to secure all of it. In a related study it has been found that media coverage and awareness of data breaches is actually a top factor driving increased budgets and board level support for cybersecurity.

9.       Cybersecurity skills gap continues to grow: Cybersecurity is finally getting the attention - and dollars - it deserves from the C-Suite. The challenge now is finding the talent to take full advantage of these technology investments. Several CISOs in a recent study reported that they weren’t able to take full advantage of their technology investments because security staff couldn’t fully consume all of the features and advanced applications. In another survey, young adults just aren't flocking to the cybersecurity field, despite the industry's hot job market and talent gap. There's a lack of awareness of cybersecurity career opportunities, and young women are less interested and informed about the field than men.


10.   Online swindlers stalking e-commerce sites: E-commerce is growing and so is fraud on such sites. Times of India has reported that experts are witnessing a disturbing trend across the country where fraudsters are setting up fake e-commerce portals to trap victims. Fraudsters even advertise their websites in Facebook to attract victims. The primary objective of such sites is to steal credit card information. The mantra with ecommerce is go for Cash on Delivery whenever possible and remember - If a deal seems too good to be true, it probably is not true. Bigsop[.]com, was one such site that was based in Bangalore and had reportedly cheated public for over $200k before it was busted (in Nov 2014).