SEO Texas, Web Development, Website Designing, SEM, Internet Marketing Killeen, Central Texas
SEO, Networking, Electronic Medical Records, E - Discovery, Litigation Support, IT Consultancy
Centextech
NAVIGATION - SEARCH

BEC: Business Email Compromise Attacks Are On The Rise

The BEC (Business Email Compromise) attack is a scam that usually targets corporates that conduct wire transfers to overseas suppliers. They target official email accounts of executives and high-level employees working in administration or finance departments. Such email addresses, involved with conducting wire transfer payments are either spoofed or compromised through keyloggers or phishing attacks. Corporations lose hundreds of thousands of their revenue every year via these fraudulent transfers.

Attackers in the BEC, also known as the Man-in-the-Email scam, rely on social engineering tactics. They trick the employees and executives working in non-tech roles. They usually impersonate employees from the board of directors/management, or executives who are authorized to do wire transfers. Additionally, fraudsters also research and closely monitor their potential target victims, their organizational movements, and likewise.

Security Professionals in any organization usually encounter these 5 types of BEC scams:

  1. Fraud invoice: Firms with overseas suppliers are targeted wherein attackers impersonate suppliers requesting fund transfers for payments to account(s) owned by fraudsters.
  2. Executive fraud: Attackers impersonating executives send the email(s) to finance, administration, or procurement department employees requesting them to transfer money to account(s) that the hackers’ control.
  3. Account compromise: Executive(s) or employees’ email account(s) are hacked to request invoice payments to vendors or clients listed in their email contacts.
  4. Attorney impersonation: Attackers impersonate any person from the legal team or from any legal firm in charge of important and urgent matters regarding your organization.
  5. PII theft: PII (Personally Identifiable Information) of employees and tax-related statements in possession of the HR department are harvested to carry out future targeted attacks on potential individual victims.

GreatHorn, a cloud email security provider, released a BEC landscape report in 2021 that is based on information provided by 270 IT and cybersecurity professionals. 30% of them confirmed receiving 50% of malicious links in emails while a similar number of participants from the BFSI sector revealed being a victim of spear-phishing attacks. 35% of organizations disclosed that BEC attacks account for 50%+ of their incidents while a similar percentage of firms encounter spear-phishing emails on a weekly basis. Half of the professionals have dealt with a security incident in the past 12 months where every 1 out of 4 companies received at least 76% of the malware they detected via email. Usually, these email(s) do not contain any malicious links or attachments, hence they easily evade traditional as well as advanced security solutions deployed. BEC attacks are becoming more expensive than ransomware and are usually unbeatable.

 How would you protect yourself from getting tricked by these cyber fraudsters? 

  1. Check the source of email including the domain name from where it has been sent.
  2. Be alert to see anything suspicious regarding payment requests over emails.
  3. Protect email systems with advanced software capable of tracking spam and filtering out emails.
  4. Don’t make presumptions over the email, always confirm the wire transfer requests with the sender over a phone call or a video call.
  5. When in doubt, contact cybersecurity teams in your organizations as you encounter such emails in your inbox.
  6. By training the employee staff, executives, partners, clients, and customers in end-user security awareness. This can help detect and prevent being a victim of BEC attacks.

For cybersecurity and IT solutions for business, contact Centex Technologies at (972) 375 - 9654

What Is A Fuzzing Attack?

Fuzzing is a software testing technique which is used to find implementation bugs that can be hacked by using malformed/semi-malformed data injection in an automated fashion. The data injection consists of different permutations of data that are fed into target program until one of these permutations reveals a vulnerability that can be exploited by the cyber criminals.

A fuzzer may try different combinations of attacks on:

  • Numbers (signed or unsigned integers, floats, etc.)
  • Characters (urls, command line inputs, etc.)
  • Metadata (user input text such as id3 tag)
  • Pure Binary Sequences

The most common approach for a fuzzing attack is to define a list of ‘fuzz vectors’ (known to be dangerous values) for each type and inject these vectors or their recombination into the program.

Here is a list of common fuzz vectors:

  • For Integers: Zero, possibly negative or very big numbers
  • For Chars: Escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands…)
  • For Binary: Random ones
  • For Chars: Escaped, interpretable characters / instructions (ex: For SQL Requests, quotes / commands…)

Types Of Fuzzing Attacks:

Application Fuzzing: A web application fuzzer tests for buffer overflow conditions, error handling issues, boundary checks, and parameter format checks. Irrespective of the type of system to be fuzzed, the attack vectors are in it’s Input or Output system. Attack vectors for a desktop app are:

  • The UI (testing all the buttons sequences / text inputs)
  • The command-line options
  • The import/export capabilities

In case of a web app, attack vectors can be found in urls, forms, user-generated content, RPC requests, etc.

Protocol Fuzzing: To launch a protocol fuzzing attack, a fuzzer sends forged packets to the tested application and eventually acts as a proxy to modify requests sent to the server and replay them to find a vulnerability.

File Format Fuzzing: In a file format fuzzing attack, the fuzzer generates multiple malformed samples and opens them in a sequence. When the program crashes, the sample is kept for further investigation. Using a file format fuzzing attack, hackers can attack-

  • The Parser Layer (Container Layer): These attacks target file format constraints, structure, conventions, field sizes, flags, etc.
  • The Codec/Application Layer: These are lower-level attacks which aim at the program’s deep rooted information.

Centex Technologies provide complete IT security solution to clients. For more information, contact Centex Technologies at (972) 375 - 9654.              

What Is SQL Injection Attack?

SQL injection (SQLi) attacks exploit existing vulnerabilities to alter SQL queries by injecting malicious code. If successful, SQL injection attacks can allow the cyber attackers to modify database information, access sensitive data, execute administrator tasks on the database, and recover files from the target system. In extreme cases, attackers can also issue commands to the database operating system.

In order to defend against SQL injection attacks, it is imperative to understand the working of the attack.

How Does A SQL Injection Attack Work?

Cyber criminals may use several different types of SQL injections to execute an attack. Here are some common variants of SQL injections:

  • SQL Injection Based On User Input: In this type of SQL attack, the user inputs are used to inject malicious code and gain access to the system. Web applications accept user inputs via forms. The information collected by these forms is then passed on to the database for processing. If the web application server does not screen the forms, the attacker can inject SQL statements via user input form fields and delete, copy, or modify the contents of the database.
  • SQL Injection Based On Cookies: In this approach to SQL injection, the cookies are modified to infect database queries. Web applications often load cookies to use data stored in them as part of database operations. The malicious users or a malware installed on the system can modify the cookies to inject SQL statement in the backend database. Once infected, cyber attackers can access the database to steal, modify or delete the data stored in the database.
  • SQL Injection Based On HTTP Headers: Some web applications are designed to accept inputs from HTTP headers. In such cases, malicious actors create fake headers containing arbitrary SQL statements. When the web application accepts input from these fake HTTP headers, the malicious code is injected into the database.
  • Second Order SQL Injection: These are most complex SQL injection attacks because they are designed in a way that allows the SQL code to lie dormant in the system for a long time.

What Is The Impact Of SQL Injection Attacks?

SQL injection attacks can cause various harms to the victim system:

  • Steal user credentials resulting in identity theft.
  • Access information stored in database server.
  • Alter or add new information to infected database.
  • Delete database records leading to DoS attacks.

 For more information on SQL injection attack, call Centex Technologies at (972) 375 - 9654.

Importance Of Regular Software Updates

When working on a computer, it is common to receive pop-ups suggesting you that ‘a software update is available’. It is tempting to click on ‘Cancel’ or ‘Remind Me Later’ button, when you are busy with some work. However, it is not a healthy practice to put off software updates for a long time or even worse neglecting them.

The sooner you update your system, the higher will be your confidence in the security of the system. But it is common for users to ask why it is so important to install software updates.

Here are some points that emphasize on the importance of software updates:

  • What Do Updates Do? : Software updates offer an array of benefits & revisions. The updates might include fixes to security loopholes detected in previous versions of the software. Another benefit of software updates is that they may include fixes to combat or remove software bugs for an improved efficiency and performance. Installing updates to the operating system can help in improving the speed and performance of the complete computer system. It also makes the system ready for new types of software that are designed to be compatible with latest OS versions.
  • Patch Security Flaws: Software vulnerabilities are security flaws found in the programming of the software. They tend to offer easy entry point for the hackers. Hackers take advantage of these vulnerabilities by creating a code to target these security holes. The code is packed into malicious software which then infects the system to steal confidential data or cause other damage. Software updates contain security patches that cover the security holes to keep hackers out of the system and create a secure environment.
  • Secure Your Peers: Undoubtedly, installing a software update helps in preventing security attack on the system, it is also essential to protect other systems connected to the same network as the system in question. The reason being that if a system is infected by a malware, it can result in lateral spread of the malicious code in the connected devices.
  • Enhance Software Features: Software updates may be designed to enhance some features of the software or add new features to the software. These updates ensure that the performance of the software is improved. While these updates may be considered to be non-essential and low priority in nature, these software updates help in ensuring that the business uses a software version that is fully compatible with what clients and customers are using.

For more information on importance of software updates and how to maintain computer systems for enterprise, call Centex Technologies at (972) 375 - 9654.       

Importance Of Genuine Anonymization Of Patient Data In Healthcare

Data anonymization is the process of protecting private or individual sensitive information by either erasing or encrypting the personal identifiers that form the connection between an individual and stored data. This helps in retaining the data while keeping the source anonymous.

What Is the Need For Anonymization Of Patient Data?

  • Data science including collection and analysis of patient data is of immense importance for improving healthcare. It forms the basis of healthcare research for improving drug discovery, predicting epidemics, designing advanced cures, etc.

However, the law requires healthcare researchers to keep the PHI (Personal Health Information) of people secure. So, the only way of using patient’s data for research is to get their consent beforehand. This places a limitation on the data sets as some patients may decline the consent. Data anonymization lifts certain restrictions as it removes the patient’s identifiers and renders the data anonymous. It provides healthcare researchers the ability to access extensive, coherent, and historic data that can be built upon without damaging patient trust.

  • Second reason that emphasizes the importance of genuine anonymization of patient data is that patients may be reluctant to seek medical attention if they fear that their PHI may be shared with someone. Genuine anonymization helps the healthcare institutes in offering privacy assurance to their patients.
  • An information leak or disclosure that an individual has tested positive for STIs such as HIV/AIDS can invite discrimination or social stigma. Anonymization of such data helps in reducing the risk of such disclosure and maintaining the privacy and confidentiality of patient data.
  • Another reason for incorporating genuine anonymization of patient data in the healthcare industry is to keep the data secure from cyber criminals who may cause a data breach and negatively affect the patients.

What Data Anonymization Techniques Can Be Used?

Data Masking: Real data is hidden by altering values. For example, a mirror of a dataset may be created and the value characters may be replaced with symbols such as ‘*’ or ‘x’.

Pseudonymization: The private identifiers such as name, address, etc. are replaced with face identifiers or pseudonyms.

Generalization: Some of the identifier data is removed while retaining a measure of data accuracy. For example, removing house number from the patient’s address while retaining the road name.

Data Swapping: It is also known as shuffling or permutation. The dataset attribute values are rearranged so that they don’t correspond with original values.

Data Perturbation: The original data set is modified by adding noise to the data and rounding off the numbers such as age or house number of the patient.

Synthetic Data: An artificial data set is created instead of altering the original dataset based on patterns and statistical analysis.

For more information on the importance of genuine anonymization of patient data and methods of implementation in healthcare, call Centex Technologies at (972) 375 - 9654.