New EU Data protection directive: Serious business impact

A recent research on data breach incidents in Europe found that people lost some 645 million personal records from 2005 to 2014. However, despite the din of media coverage discussing data breach and personal privacy, it was also found that over a third (36%) of citizens from Europe aren’t even aware of the EU Data Protection Regulation.

The new data protection laws integrate the “right to be forgotten,” which was strengthened by a positive ruling during the second quarter of 2014. This allows users to request for search engines to remove search results related to them on search results. In addition, businesses will be required to explicitly ask for consent when processing data, instead of just assuming that the user agrees to it. Breaches will stop being secret to customers as the new regulations dictates that a notification must be made within 24 hours after a breach has happened.

Businesses can be fined up to 5% of their annual turnover if they are in violation of the proposed regulations.
A interesting calculation example of how much 5% of annual turnover is:
Statoil: 40 billion EUR
IKEA: 1,5 billion EUR
Maersk: 2,5 billion EUR
H&M: 700 million EUR

This is business critical. 

eu tm

http://www.trendmicro.com/vinfo/us/security/news/online-privacy/a-visual-guide-to-the-eu-data-protection-law

All the best,
Frederick
Technical Lead Nordics
https://www.linkedin.com/profile/view?id=203862061

Frederick Wennmark - Trend Micro

Russian hackers infects via Powerpoint

Problem description:
A zero-day vulnerability was exposed today in desktop and server versions of Vista and Sever 2008 to current versions. It was believed to be associated in cyber attacks related to NATO by Russian cyber espionage group.

By using a PowerPoint document, an .INF file in embedded OLE object can be copied from a remote SMB share folder and installed on the system. Attackers can exploit this logic defect to execute another malware, downloaded via the same means. The severity of the vulnerability is highly critical because it fairly simple to exploit. Threat researchers at Trend Micro detected the exploit as TROJ_MDLOAD.PGTY, which in turn leads to the download of INF_BLACKEN.A when successfully exploited. This malware, on the other hand, downloads and executes the backdoor, which we detect as BKDR_BLACKEN.A.

 

Solution:
Because of this vulnerability are not arduous to exploit, attackers may abuse this so as to create new malware payload. Trend Micro secures users from this threat via detecting the exploit and malware payload via its Smart Protection Network.  Trend Micro Deep Security and Office Scan with the Intrusion Defense Firewall (IDF) plugin protect user systems from threats that may leverage this vulnerability.

Users are strongly advised to patch their systems once Microsoft releases their security update for this. In addition, it is recommended for users and employees not to open Powerpoint files from unknown sources as this may possibly lead to a series of malware infection.

More details:
http://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-windows-zero-day-vulnerability-cve-2014-4114-aka-sandworm/

 All the best,
Frederick
Technical Lead Nordics
https://www.linkedin.com/profile/view?id=203862061

Frederick Wennmark - Trend Micro

Dropbox again…

Problem definition:

If you use Dropbox, you need to change your password immediately; by all indications, there has been a breach in account security. In a leak on Pastebin the user claims to have the usernames and passwords of nearly 7 million Dropbox users. To prove that the information is real, 420 usernames and passwords have been posted.

It goes without saying that this will hurt Dropbox’s reputation, but it will also affect the entire industry too, as some users are already nervous about giving other companies the ability to store their content.

This is the third time that Dropbox has been in the news this week with a headline it likely wishes it could bury. Earlier this week we reported that there was a bug with the service that could permanently delete a file, and Edward Snowden said you should not use the platform as well.

Solution:
Trend Micro SafeSync. Works where you want it to, backing up and syncing files between your computers and mobile devices. Secure sharing with passwords or expiry dates and disable the link when you’re finished. 25+ years of Trend Micro Internet security expertise goes into every single aspect of SafeSync. Bank-level encryption means your files are protected from the bad guys.

SafeSync for Enterprise gives your employees a secure and familiar way (functions like Dropbox or Google Drive) to get data onto their devices while ensuring that sensitive data remains protected when it moves off the device. You can maintain control of shared data by storing your sensitive data in a controlled corporate environment and by defining which file types are too sensitive to synchronize to mobile devices.

http://www.trendmicro.com/us/enterprise/product-security/safesync-file-sharing/

All the best,
Frederick
Technical Lead Nordics
https://www.linkedin.com/profile/view?id=203862061

Frederick Wennmark - Trend Micro

 

 

We all hold our thumbs

We should not have to but we do – accepting that our systems leaks like an old wooden boat.

So, how your security patching routines look like? Late Friday nights? Weekends? It’s a pain and we have to live with it.

bottomhole

But the most critical question here is not when we have time to patch or who does the actual job. But rather when is a security patch available??? As soon as the vulnerability is found, the hackers go to work and the clock is ticking. And we all hold our thumbs that the patch comes before the hackers.

We saw Shellshock vulnerability used in botnet attacks immediately after the announcement. Much before any security patch was released.

The hackers have an unfair advantage. That’s the brutal fact. We just have to do what we can to minimize the risk.

So, wouldn’t it be nice to have a security system that could just make a temporary security patch until your software vendor has published the official patch?

We at Trend Micro try to deliver the facts to you about threats we see AND a solution. Hope you stay tuned.

All the best,
Frederick
Technical Lead Nordics
https://www.linkedin.com/profile/view?id=203862061

Frederick Wennmark - Trend Micro

Trend Micro virtual patching solutions deliver immediate protection while eliminating the operational pains of emergency patching, frequent patch cycles, and costly system downtime. Our Deep Security virtual patching keeps your servers and endpoints protected while preventing costly emergency patching and upgrades as well as reducing the risk of breach disclosure costs. It even helps to extend the life of legacy systems and applications.

http://www.trendmicro.com/cloud-content/us/pdfs/business/sb_virtual-patching.pdf

Two videos describing how it works, real life reference and the benefits:
http://www.trendmicro.co.uk/video/save-time-and-money-with-virtual-patching/index.html

http://www.trendmicro.co.uk/video/save-time-and-money-with-virtual-patching/index.html

 

Hvordan er sikkerheten under Sochi 2014?

NBC News og Trend Micro har utført et eksperiment for å  avdekke om Russland fortsatt er et risikabelt sted for digital aktivitet. Når OL i Sochi åpner i morgen vil det strømme på med over 1 million utøvere, offisielle representanter og tilskuere fra hele verden. Putin har lagt ned mye ressurser og ære på å sikre arrangementet med store sikkerhetsstyrker, droner, helikopter og annet materiell. Men er Sochi sikret digitalt? Mulig Putin ikke har samme motivasjon til å legge til rette for vern av digital enheter og kommunikasjon.

NBC News Richard Engel og Trend Micros Kyle Wilhoit satt opp en liten digitlal felle og reiste til Russland for å se om utøvere, journalister, statsledere, sponsorer, IOC eller andre tilskuere kan føle seg trygge når de bruker sine digitale verktøy.

Bilde: Atos

Bilde: Atos

De simulerte et alter ego av Richard Engel, utstyrt med en MacBook, en Android smarttelefon og en Windows laptop. På disse tre enhetene ble det gjennom hele oppholdet i Russland simulert full aktivitet for at de skulle virke mest mulig tilitsvekkende for hackere og skadelig kode. Det tok ikke lang tid før angrepene begynte…

Følg med på artikkelserien på Trend Micro sikkerhetsblog og på NBC News Sochi Olympics Web-TV

 

Oppdatering

Andre media har nå plukket opp saken:

Huffington Post

Dagbladet