Secure your 100 percent marks with these 850-001 mock exam

Our 850-001 Free Exam PDF are collected from our special cram team. A large portion of applicants are befuddled to choose from an enormous number of sites, they should initially download free 850-001 practice test, actually take a look at the nature of braindumps, and afterward, choose to purchase a full form that contains complete 850-001 questions bank and VCE exam simulator.

850-001 Cloud Security 1.0 questions | crejusa.com

850-001 questions - Cloud Security 1.0 Updated: 2023

Kill your 850-001 exam at first attempt with our killexams braindumps
Exam Code: 850-001 Cloud Security 1.0 questions November 2023 by Killexams.com team

850-001 Cloud Security 1.0

Exam Detail:
The exam with the code 850-001, also known as "Cloud Security 1.0," is designed to evaluate the knowledge and skills of individuals in cloud security principles, best practices, and technologies. Here is a detailed overview of the exam, including the number of questions and time, course outline, exam objectives, and exam syllabus.

Number of Questions and Time:
The exact number of questions in the 850-001 exam may vary, but it typically consists of approximately 40 to 60 multiple-choice and scenario-based questions. The duration of the exam is usually around 90 minutes.

Course Outline:
The 850-001 certification exam covers various topics related to cloud security, including principles, technologies, and best practices. The specific course outline may include the following components:

1. Cloud Security Fundamentals:
- Introduction to cloud computing and its security challenges
- Cloud service models (IaaS, PaaS, SaaS) and deployment models (public, private, hybrid)
- Cloud security roles and responsibilities
- Legal and regulatory considerations in cloud security

2. Cloud Security Architecture:
- Cloud security controls and frameworks
- Secure cloud network design and architecture
- Identity and access management in the cloud
- Data protection and encryption in the cloud
- Virtualization security

3. Cloud Security Technologies:
- Cloud provider security tools and services
- Intrusion detection and prevention systems (IDPS) in the cloud
- Security information and event management (SIEM) in the cloud
- Vulnerability assessment and penetration testing in the cloud
- Incident response and forensics in the cloud

4. Cloud Security Best Practices:
- Secure cloud application development and deployment
- Secure configuration and patch management in the cloud
- Cloud security monitoring and auditing
- Security considerations for cloud data storage and backup
- Disaster recovery and business continuity planning in the cloud

Exam Objectives:
The objectives of the 850-001 certification exam are to assess the candidate's understanding and proficiency in various aspects of cloud security. The specific objectives include:

- Knowledge of cloud computing concepts and models
- Understanding of cloud security risks and challenges
- Familiarity with cloud security controls and best practices
- Proficiency in designing and implementing secure cloud architectures
- Knowledge of cloud security technologies and tools
- Understanding of legal and regulatory considerations in cloud security
- Ability to perform cloud security monitoring and incident response

Exam Syllabus:
The 850-001 exam syllabus outlines the specific topics and subtopics that will be covered in the exam. The syllabus may include:

- Introduction to cloud computing and security challenges
- Cloud service models and deployment models
- Cloud security roles and responsibilities
- Legal and regulatory considerations in cloud security
- Cloud security controls and frameworks
- Secure cloud network design and architecture
- Identity and access management in the cloud
- Data protection and encryption in the cloud
- Virtualization security
- Cloud provider security tools and services
- Intrusion detection and prevention systems (IDPS) in the cloud
- Security information and event management (SIEM) in the cloud
- Vulnerability assessment and penetration testing in the cloud
- Incident response and forensics in the cloud
- Cloud application security best practices
- Secure configuration and patch management in the cloud
- Cloud security monitoring and auditing
- Security considerations for cloud data storage and backup
- Disaster recovery and business continuity planning in the cloud
Cloud Security 1.0
Symantec Security questions

Other Symantec exams

250-251 Administration of HA Solutions for UNIX (VCS 5.0)
250-351 Administration of HA Solutions for Windows using VCS 5.0
250-406 Administration of Clearwell eDiscovery Platform 7.x
250-407 Prepare for Symantec Symantec Client Management Suite 7.x
850-001 Cloud Security 1.0
250-428 Administration of Symantec Endpoint Protection 14

If you like to get authentic, updated and valid 850-001 dumps questions that really works in the 850-001 test. You should visit killexams.com and download our latest 850-001 dumps with vce exam simulator. Memorize all the 850-001 questions we provide, practice with our vce exam simulator. When you feel that you have absorbed all the material, you can sit in the real 850-001 test. You will surely pass your 850-001 exam.
Symantec
850-001
Cloud Security 1.0
https://killexams.com/pass4sure/exam-detail/850-001
Question: 90
Which action addresses a risk inherent to the public cloud model?
A. harden applications sufficiently for multi-tenant environments
B. revert a public cloud to a private cloud during an emergency
C. apply anti-spam measures on the endpoint accessing the cloud
D. activate deduplication on the cloud-based storage
Answer: A
Question: 91
In order to achieve greater scalability, a CIO has mandated that a specific set of processes and data move to a cloud
environment. These assets include: – Company email requiring anti-spam protection – Proprietary database with
specific infrastructure requirements – Point-of-sale application and process for retail purchases. Which service and
deployment model could support all of these assets?
A. Infrastructure as a Service, hosted in a private cloud
B. Platform as a Service, hosted in a public cloud
C. Software as a Service, hosted in a private cloud
D. Software as a Service, hosted in a public cloud
Answer: A
Question: 92
A company is moving to the cloud. Because of DDOS attacks, it would like to start by moving email to the cloud.
The company is small, with fewer than 200 users. What is the most cost- effective deployment model for this
company to begin using?
A. IaaS community
B. IaaS public
C. PaaS hybrid
D. SaaS public
Answer: C
Question: 93
Several government agencies collaborate extensively, sharing a variety of tools, processes, and data. Data shared
by the organizations is highly sensitive, and risk tolerance for data loss or exposure is extremely low. Which type of
cloud solution is appropriate in this scenario?
A. internally-hosted infrastructure providing a community cloud
B. internally-hosted infrastructure providing a private cloud
C. externally-hosted infrastructure providing a community cloud
D. externally-hosted infrastructure providing a private cloud
Answer: A
Question: 94
A large enterprise that is currently supported by a very large IT infrastructure and experienced staff would like to
offer individual Business Units (BUs) the ability to use local servers and storage on an as-needed basis. The BUs
would then be charged accordingly, based on their individual usage. Which cloud service and deployment model
combination provides an appropriate solution?
A. Platform as a Service, public cloud
B. Platform as a Service, private cloud
C. Infrastructure as a Service, public cloud
D. Infrastructure as a Service, private cloud
Answer: D
Question: 95
A current customer’s cloud service provider is undergoing a merger and acquisition process. This increases the
likelihood of a strategic shift to the customer’s business operations and may put non-binding agreements at risk, as
well as make compliance with security requirements impossible. How is this cloud provider acquisition risk
categorized?
A. policy and organizational
B. technical
C. lock-in
D. non-cloud specific
Answer: A
Question: 96
A cloud service provider administrator has discovered that someone is attempting to determine which servers and
operating systems are running on a tenant’s network by using network mapping. How is this risk categorized?
A. policy and organizational
B. technical
C. legal
D. non-cloud specific
Answer: B
Question: 97
A cloud customer has determined that their data is being held in multiple geographic locations. They are concerned
that these sites will be raided by local authorities and their data or systems are subject to disclosure or seizure.
Which risk category does this type of risk fall into?
A. policy and organizational
B. technical
C. legal
D. non-cloud specific
Answer: C
Question: 98
An IT security professional at a large US-based manufacturing company has decided to deploy and manage a host
intrusion detection solution to assist with their migration to a cloud environment. Which cloud environment will
benefit from this solution?
A. multi-tenant SaaS
B. hybrid SaaS
C. multi-tenant IaaS
D. multi-tenant PaaS
Answer: C
Question: 99
Which action addresses a risk inherent to the public cloud model?
A. harden applications sufficiently for multi-tenant environments
B. revert a public cloud to a private cloud during an emergency
C. apply anti-spam measures on the endpoint accessing the cloud
D. activate deduplication on the cloud-based storage
Answer: A
Question: 100
A company has decided to implement "cloud bursting" to allow their production environment to scale to any size
by utilizing on-demand connections to a public cloud IaaS infrastructure. Which solution allows the IT department
to protect against VM hopping?
A. data loss prevention
B. anti-virus / anti-spam
C. data and mail encryption
D. host intrusion prevention
Answer: A
For More exams visit https://killexams.com/vendors-exam-list
Kill your exam at First Attempt....Guaranteed!

Symantec Security questions - BingNews https://killexams.com/pass4sure/exam-detail/850-001 Search results Symantec Security questions - BingNews https://killexams.com/pass4sure/exam-detail/850-001 https://killexams.com/exam_list/Symantec How to disable Security Questions in Windows 11/10 using a PowerShell Script

In one of our earlier post, we talked about removing Security Questions from Windows. This post offers an alternative way of disabling the same via a PowerShell script. Update-AllUsersQA is a PowerShell script designed to remove or disable the security questions and answers for local users on a Windows 11/10 machine. It lets admins take control of the security questions in the environment and minimize the risk that arises from them.

If a user has his Microsoft Account configured to sign in to Windows 11/10 then, he’ll probably never notice Password Recovery questions. However, if he has chosen a local account for installing Windows, he’ll be prompted to create three security questions. These can be used to reset the password and log into Windows 11/10 account should there be an event of misfortune.

However, if you do not find it of much use, you can disable it via a simple PowerShell script which is available for download on GitHub.

To disable the security questions, simply download the .ps1 file from the GitHub repository and open the PowerShell window with admin rights.

Next,  navigate to the folder where .ps1 file is saved – In my case it is the Downloads folder. Copy the folder location address.

In the PowerShell window change the directory by using this command:

cd "folder location address"

Then, enter the following text to disable the recovery questions.

Update-AllUsersQA

disable Security Questions in Windows 10 using a PowerShell Script

Following this, the security questions feature will be disabled. If you try to set a security question, you will get a message alerting that the feature has been disabled.

To enable it again, you’ll need to run the same script with one more parameter –answer. The syntax is as follows-

Update-AllUsersQA -answer SecretAnswer

Please note that you need to replace SecretAnswer with an answer of your own choice. When done, it will be set as the answer for all questions. After that, you can go to the Settings app to change the answer to the questions.

Security questions don’t come across as a very great feature for account security. This is because they appear too easy to set and too hard to monitor in networks made up of hundreds or thousands of computers. A single person with administrator credentials can remotely enable/disable them on any Windows 10 machine and can go unnoticed. As such, if any unknown person gains unauthorized administrative control, he can use the security questions as a backdoor to gain complete control over the network.

Read next:

  1. How to skip Security Questions when setting up Local User Account
  2. Turn On or Off Security Questions using the Windows Registry or Group Policy.
Mon, 08 Aug 2022 07:22:00 -0500 en-us text/html https://www.thewindowsclub.com/disable-security-questions-windows-10-powershell
Add Security Questions to reset Windows Local Account password

Windows 11/10 just like any other OS offers you password or pin-protected accounts. This security measure makes sure that your files and account information are safe from others.  Now, what if you forget your password? How do you recover your account? There is no way you can bypass a Windows Login screen without proper credentials. This is where the recovery options become important. In this Windows 10 guide, we will share how you can add a security question to reset Windows 11 or Windows 10 Local Account passwords.

If you are using a Windows Account that is linked to your Microsoft account, you can always recover the Microsoft Account password it right from the login screen, but a security question to reset the Windows 11/10 Local Account password is mandatory.

Reset Windows 11/10 Local Account password using Security Questions

When creating a local account for Windows 11/10, it is compulsory to set up a few security questions. Many a time, you might end up forgetting them, and if you forget your password, it will be too tough to recover it without it. On one hand it’s a good idea to keep answers you remember, but since Windows security question is too obvious, anybody who knows you might be able to answer them in your absence.

So it would be a good idea to update your security question while you remember your password.

To do that, go to Settings > Account >Your info > Sign-in options . Click on Update your security questions.

Update Security Questions in Windows 10 Local Account

This will give you a list of questions, but before that, you will need to enter your current password to confirm it’s your account. After that, you can select the same question which was previously selected, and enter answers which you can remember.

Please note that you have to do this for three questions. Make sure to note the answers down somewhere safe.

Confirm Account when updating security questions for local account

In case this is a local non-admin account, the user will be able to change the secret question in the presence of the administrator. While this sounds odd, I did try it with a local account, and it asked for the PIN of the admin account.  So be aware of this, and call in your admin before you change it.

Read: Unable to set Security question for Local Account

Add security questions to reset Windows 11/10 local account password

When on the login screen, first enter the password you remember. If its wrong, you will get a link, right under the password box which says “Reset Password”.  Click on it.

Reset Password for your local account from Login Screen

After that, it will open the secret question recovery screen where you can enter the answers you remember. Enter the correct ones, and you can choose a new password for your local Windows 10 account.

Add Security question to reset Windows 10 Local Account password

At the bottom of the security question screen, you have another way of resetting. It’s called a Password reset disk which you can use if you had created that for your account.

Answers to the security questions should be known before you forget your password. If you forget them and do not have a Password reset disk or Password Hint, then see this post on Windows Password Recovery for more suggestions.

You may also try some freeware Password Recovery tools like Ophcrack. You don’t need to access Windows to be able to recover your lost passwords. Download the free ISO image, burn it to a CD, and boot it to the CD. It then locates the Windows user accounts. There are some like Cain & Abel, John The Ripper or PC Login Now too. Recover my Password Home Free lets you reset Windows Password easily. Offline NT Password & Registry Editor will let you recover Windows Administrator Password with Password & Registry Editor.

Read next:

  1. How to disable Security Questions in Windows using a PowerShell Script
  2. Turn On or Off Security Questions using the Windows Registry or Group Policy.
Add Security question to reset Windows 10 Local Account password
Fri, 01 Apr 2022 21:34:00 -0500 en-us text/html https://www.thewindowsclub.com/add-security-question-reset-windows-10-local-account-password
Towards a Cyber Resilience Partnership

At Symantec, we believe Cyber Resilience is about the management--not the elimination--of risk. We recognise that security needs to go beyond systems, software or IT departments. Cyber Resilience puts the power in the hands of people, and arms them with the ability to recognise risks, draw on the collective intelligence of others, and take preventive or corrective action.

We believe Cyber Resilience calls for strategic action. Now. To help achieve this we propose a new strategic partnership between the security function and business leaders, to balance competitive advantage against the inescapable Cyber Risk of today. Our integrated portfolio of solutions helps your people:

  • Become fully-informed on which security issues matter most to their organisation
  • Use this knowledge to keep all their colleagues informed of their responsibilities
  • Gain a competitive advantage against an on-going never-seen-before Cyber Risk

It is time to raise the stakes.

Thu, 19 Mar 2015 10:46:00 -0500 en text/html https://www.zdnet.com/feature/symantec-security/
Does Norton Antivirus Work After the Subscription Ends?

Anti-virus software works by comparing the files on your computers and those you access online to a database of known viruses, known as virus definitions. Without regularly updated definitions, an anti-virus program won't protect your computers and office workstations against new viruses. All paid anti-virus programs, including Symantec's Norton AntiVirus and their business editions, sell definition updates through subscription plans, and no longer update the definitions once the subscription expires. Unlike some other brands however, current versions of Symantec's programs will completely stop functioning -- even with old definitions -- after the subscription ends, leaving the computers on your network unprotected.

Sat, 28 Jul 2018 06:20:00 -0500 en-US text/html https://smallbusiness.chron.com/norton-antivirus-work-after-subscription-ends-63657.html
How an Indian startup hacked the world

Chuck Randall was on the verge of unveiling an ambitious real estate deal he hoped would give his small Native American tribe a bigger cut of a potentially lucrative casino project.

A well-timed leak derailed it all.

In July of 2012, printed excerpts from Randall’s private emails were hand-distributed across the Shinnecock Nation’s square-mile reservation, a wooded peninsula hanging off the South Fork of Long Island.

The five-page pamphlets detailed secret negotiations between Randall, his tribal government allies and outside investors to wrest some of the profits from the tribe’s then-partner in the gambling deal.

They sparked an uproar. The pamphlets claimed Randall’s plan would sell out the tribe’s “LANDS, RESOURCES, and FUTURE REVENUES.” Within days, four of Randall’s allies were voted out of tribal government. Randall, who held no formal position with the tribe, was ordered to cease acting on its behalf.

Amid the upheaval, the Shinnecocks’ casino hopes faded. “We lost the biggest economic opportunity that has come to the tribe in forever,” Randall told Reuters. “My emails were weaponized.”

The scandal that roiled the Shinnecocks barely registered beyond the reservation. But it was part of a phenomenon that has drawn interest from law enforcement and intelligence agencies on both sides of the Atlantic.

Randall’s inbox was breached by a New Delhi-based information technology firm named Appin, whose sudden interference in the matters of a faraway tribe was part of a sprawling cyber-mercenary operation that extended across the world, a Reuters investigation found.

The Indian company hacked on an industrial scale, stealing data from political leaders, international executives, prominent attorneys and more. By the time of the Shinnecock scandal, Appin was a premier provider of cyberespionage services for private investigators working on behalf of big business, law firms and wealthy clients.

Unauthorized access to computer systems is a crime worldwide, including in India. Yet at least 17 pitch documents prepared for prospective business partners and reviewed by Reuters advertised Appin’s prowess in activities such as “ cyber spying,” “ email monitoring,” “ cyber warfare” and “ social engineering,” security lingo for manipulating people into revealing sensitive information. In one 2010 presentation, the company explicitly bragged about hacking businessmen on behalf of corporate clients.

Reuters previously named Appin in a story about Indian cyber mercenaries published last year. Other media outlets – including The New Yorker, Paris-based Intelligence Online, Swiss investigative program Rundschau and tech companies such as Alphabet-owned Google– have also reported on the firm’s activities.

This report paints the clearest picture yet of how Appin operated, detailing the world-spanning extent of its business, and international law enforcement’s abortive efforts to get a handle on it.

Run by a pair of brothers, Rajat and Anuj Khare, the company began as a small Indian educational startup. It went on to train a generation of spies for hire that are still in business today.

Several cyber defense training organizations in India carry the Appin name, the legacy of an old franchise model. But there’s no suggestion that those firms are involved in hacking.



The Indian company hacked on an industrial scale, stealing data from political leaders, international executives, sports figures and more.


 

Rajat Khare’s U.S. representative, the law firm Clare Locke, rejected any association between its client and the cyber-mercenary business. It said Khare “has never operated or supported, and certainly did not create, any illegal ‘hack for hire’ industry in India or anywhere else.”

In a series of letters sent to Reuters over the past year, Clare Locke said that “Mr. Khare has dedicated much of his career to the fields of information technology security – that is, cyber-defense and the prevention of illicit hacking.”

Clare Locke said that, under Khare’s tenure, Appin specialized in training thousands of students in cybersecurity, robotics and artificial intelligence, “never in illicit hacking.” The lawyers said Khare left Appin, in part, because rogue actors were operating under the company’s brand, and he wanted “to avoid the appearance of associations with people who were misusing the Appin name.”

The lawyers described media articles tying Khare to hacking as “false” or “fundamentally flawed.” As for the 2010 Appin presentation boasting of hacking services, they said Khare had never seen it before. “The document is a forgery or was doctored,” they said.

Clare Locke added that Khare could not be held responsible for Appin employees who went on to work as mercenary hackers, saying that doing so “would be akin to holding Harvard University responsible for the terrorist bombings carried out by its former student Ted Kaczynski,” referring to the former math prodigy known as the “Unabomber.”

A lawyer acting for Rajat’s brother, Anuj, said his client’s position was the same as the one laid out by Clare Locke.

This report on Appin draws on thousands of company emails as well as financial records, presentations, photos and instant messages from the firm. Reporters also reviewed case files from American, Norwegian, Dominican and Swiss law enforcement, and interviewed dozens of former Appin employees and hundreds of victims of India-based hackers. Reuters gathered the material – which spans 2005 until earlier this year – from ex-employees, clients and security professionals who’ve studied the company.

Reuters verified the authenticity of the Appin communications with 15 people, including private investigators who commissioned hacks and ex-Appin hackers themselves. The news agency also asked U.S. cybersecurity firm SentinelOne to review the material for signs that it had been digitally altered. The firm said it found none.

“We assess the emails to be accurately represented and verifiably associated with the Appin organization,” SentinelOne researcher Tom Hegel said.

Though Khare’s lawyers say Appin “focused on teaching cybersecurity and cyber-defense,” company communications seen by Reuters detailed the creation of an arsenal of hacking tools, including malicious code and websites. Hegel and two other U.S.-based researchers – one from cybersecurity firm Mandiant, the other from Symantec – all working independently, were able to match that infrastructure to publicly known cyberespionage campaigns.

“It all lines up perfectly,” Hegel said.

Over the last decade, Google saw hackers linked to Appin target tens of thousands of email accounts on its service alone, according to Shane Huntley, who leads the California company’s cyber threat intelligence team.

“These groups worked very high volumes, to the point that we actually had to expand our systems and procedures to work out how to track them,” Huntley said.

The original Appin has now largely disappeared from public view, but its impact is still felt today. Copycat firms led by Appin alumni continue to target thousands, according to court records and cybersecurity industry reporting.

“They were groundbreaking,” Google’s Huntley said. “If you look at the companies at the moment who are picking up the baton, many of them are led by ex-employees” of Appin.

‘Get me result ASAP!!!’

Private eyes have been hiring hackers to do their dirty work since the dawn of the internet. Former clients say Appin’s central innovation was turning the cloak-and-dagger market into something more like an e-commerce platform for spy services.

The mercenaries marketed a digital dashboard with a menu of options for breaking into inboxes, including sending fake, booby-trapped job opportunities, bogus bribe offers and risquĂ© messages with subject lines like “My Sister’s Hot Friend.”

Customers would log in to a discreet site – once dubbed “My Commando” – and ask Appin to break into emails, computers or phones. Users could follow the spies’ progress as if they were tracking a delivery, eventually receiving instructions to download their victim’s data from digital dead drops, according to logs of the system reviewed by Reuters.

“It was the best-organized system that I have ever seen,” said Jochi Gómez, a former news publisher in the Dominican Republic. Gómez told Reuters that in 2011 he paid Appin $5,000 to $10,000 a month to spy on the Caribbean nation’s elite and mine the material for stories for his now-defunct digital newspaper, El Siglo 21.

Reuters reviewed more than a year’s worth of activity from Appin’s “My Commando” system. The logs showed that Gómez was one of 70 clients, mostly private investigators, from the United States, Britain, Switzerland and beyond who sought Appin’s help in hacking hundreds of targets.

Some of these marks were high-society figures, including a top New York art dealer and a French diamond heiress, according to the logs. Others were less prominent, like a New Jersey landscape architect suspected of having an affair.

Several detectives used the service frequently, among them Israeli private eye Aviram Halevi, who tasked the spies with going after at least three dozen people via the system.

“There is a returning customer who needs the following addresses cracked ASAP,” the logs show Halevi telling the hackers in August 2011.

Reuters previously reported that Halevi, a former lieutenant colonel in the Israeli Defense Forces, hired Appin to spy on a litigant in a lawsuit in Israel on behalf of a client on the opposing side of the case. Halevi did not respond to questions about his ties to the hackers.

Another big user of My Commando was Israeli private detective Tamir Mor, who used the service around the same time to order hacks on more than 40 targets, the logs show. Among them were the late Russian oligarch Boris Berezovsky and Malaysian politician Mohamed Azmin Ali.

“Please get me result ASAP!!!” Mor wrote on the My Commando chat feature after providing Appin with details about two members of Berezovsky’s legal team in December 2011, the logs show.

Reuters could not establish Mor’s motives for targeting Berezovsky and Azmin, whether he succeeded in hacking either of them, or on whose behalf he was working. Mor did not respond to requests for comment.

Azmin, a former cabinet minister, was a prominent opposition leader at the time of the hack attempts. He and his former party didn’t respond to messages seeking comment.

The order to hack Berezovsky came while the tycoon was in the middle of a British court battle against fellow oligarch Roman Abramovich over the sale of a Russian oil company. The multibillion dollar case ended in a decisive defeat for Berezovsky. The 67-year-old was found dead at his suburban English home the following year.

Mark Hastings, one of the Berezovsky lawyers mentioned in the My Commando logs, said he was not aware that he had been in Appin’s crosshairs, but that he was “not entirely surprised.”

“It is an open secret that lawyers are often targeted by hackers in major commercial litigations,” said Hastings, now with the London firm Quillon Law.

Abramovich’s representatives said the tycoon had no dealings with or knowledge of Mor or Appin, and that he had never engaged with hackers or hacked material of any kind.

Many of Appin’s clients signed into My Commando using their real names. A prolific customer who didn’t was someone using the alias “Jim H.”

Jim H assigned the Appin hackers more than 30 targets in 2011 and 2012, including a Rwandan dissident and the wife of another wealthy Russian who was in the middle of a divorce, the logs show.

Among Jim H’s most sensitive requests: hacking Kristi Rogers, wife of Representative Mike Rogers, then-Chairman of the U.S. House Intelligence Committee. The Michigan Republican served in Congress from 2001 until his retirement in 2015; he’s currently running for U.S. Senate.

Back in 2012, Kristi Rogers was an executive at Aegis, a London-based security company. Jim H told the hackers that Aegis competed with his client, another security contractor called Global Security, an apparent reference to Virginia-based Global Integrated Security.

Cracking Rogers’ corporate email was a “top priority,” Jim H told the hackers. He claimed that her company was trying to undermine Global’s bid for a $480 million U.S. Army Corps of Engineers contract to provide security for Afghanistan’s reconstruction.

Jim H said he needed dirt on Aegis to sully its reputation, and he suggested a way to trick Rogers into opening a malicious link.

“You could send an invitation to an event organised by the Rotary Club or a gala dinner,” he wrote, according to the logs.

Shortly thereafter, Appin reported back that it had successfully broken into Aegis’ network.

Reuters could not verify whether Rogers’ account was ultimately compromised. Global eventually won the contract.

Rogers, who left Aegis in late 2012, told Reuters she was outraged to learn of the hacking operation.

“It gives me goosebumps right now,” she said. “It angers me that people are so cavalier with other people’s reputations and their lives.”

Reuters was unable to determine Jim H’s identity or whether he was telling the truth when he said Global was his client. Messages sent to Jim H’s old email account were returned as undeliverable.

Global Integrated Security’s website is inoperative, and corporate records show its Virginia branch is inactive. Damian Perl, the founder of Britain’s Global Strategies Group – Global Integrated Security’s former parent company – “vehemently” denies any allegations of wrongdoing, his family office said in a statement.

The Army Corps of Engineers confirmed that Aegis had protested Global’s contract, but said it could offer no further comment. Canadian security company GardaWorld, which acquired Aegis in 2015, said it had no information on the incident.

The My Commando logs also shine new light on the Shinnecock casino scandal. In January 2012, a New York private eye named Steven Santarpia ordered the hack of tribal member Chuck Randall, whose leaked emails sparked chaos.

Within days, an Appin hacker reported to Santarpia that he had hit pay dirt, according to the logs: “We got success in investigating Chuck@shinnecock.org.”

“Excellent,” Santarpia replied.

Santarpia didn’t respond to repeated messages sent by Reuters over several months, and he declined comment when a reporter approached him outside his Long Island home.

Operations like Jim H’s or Santarpia’s were aimed at only three or four email accounts at a time. But Appin had greater capabilities.

Gómez, the Dominican publisher, ordered break-in attempts aimed at the email accounts of more than 200 high-profile Dominicans, the logs show. Among them was an account belonging to then-President Leonel Fernández, a frequent target of Gómez’s reporting.

Gómez’s hacking requests preceded several stories alleging government corruption that his paper published before it was raided by Dominican authorities in February 2012. Gómez eventually shut it down amidst mounting official scrutiny of the hacking.

“I was very active in requesting emails,” he told Reuters, adding that those days are firmly “in my past.”

FernĂĄndez did not return messages seeking comment.

Lawyers for Rajat Khare said he “does not know” Gómez, Santarpia, Mor or Halevi and “has no knowledge” of the My Commando dashboard “or anything similar.”

The ability to target heads of state was an improbable amount of power for a company that only a few years earlier had been teaching college kids to code.

Approaching infinity

Rajat Khare was a 20-year-old computer science major when he and his friends came up with the idea for Appin over chicken pizza at a Domino’s in New Delhi.

It was December 2003. Khare had joined his high school buddies to catch up and bemoan the state of India’s universities, which they thought weren’t preparing students for the professional world. When one suggested organizing technology training workshops to supplement undergraduates’ education, people present at the meal said Khare jumped on the idea.

“Let’s give the students what they want,” he quoted himself telling the group in a book on entrepreneurship he co-wrote years later. “Let’s start something that will not only change their lives, but our lives too 
 forever.”

After the Domino’s meeting, Khare and his friends came up with the name Appin – short for “Approaching infinity” – and launched their first classes on computer programming.

It was the right idea at the right time. India’s IT outsourcing boom had created voracious demand for tech talent. Appin franchises would soon sprout across India, offering not just programming lessons but also courses on robotics and cybersecurity, nicknamed “ethical hacking.”

By 2005, the company had an office in western New Delhi. Rajat had been joined by his older brother, Anuj, a motivational speaker who returned to India after a stint running a startup in Texas. As other members of the Domino’s group stepped away, the Khare brothers took charge of the fast-growing firm.

The cybersecurity classes proved especially popular. By 2007, Appin opened a digital security consultancy helping Indian organizations protect themselves online, according to a draft pitch deck intended for potential investors.

That soon drew the attention of Indian government officials who were still feeling their way through intelligence work in the internet age. To help the officials break into computers and emails, Appin set up a team of hackers out of a subsidiary called Appin Software Security Pvt. Ltd., also known as the Appin Security Group, according to a former executive, company communications, an ex-senior Indian intelligence figure and promotional documents seen by Reuters.

The spying was a secret within the wider company. Some early Appin employees signed nondisclosure agreements before being shipped off to military-controlled safe houses where they worked out of sight from their colleagues, according to another former executive familiar with the matter and three hackers who spent time in the safe houses.

One of the hackers recalled being only 22 years old when he broke into the inboxes of Khalistani separatists – Sikh militants fighting to carve an independent homeland out of India’s Punjab province – and delivering the trove to his handlers.

“It was the experience of a lifetime,” he said, recalling how proud he was to be contributing to India’s national security.

One of Appin’s primary targets was Pakistan, according to interviews with former insiders, company emails, and stolen passwords and key logs of Pakistani officials reviewed by Reuters. The hackers created fake dating websites designed to ensnare Pakistani military officers, two of the insiders said.

Another early mission, dubbed Operation Rainbow, involved penetrating Chinese military computers and stealing information about missiles and radar, according to an undated Appin memo. The memo said the company’s hackers compromised several Chinese officials; Reuters was unable to confirm the alleged intrusions independently.

Those early operations led to more contracts.

Soon Appin was working with the Research & Analysis Wing (RAW), India’s external intelligence service; and the Intelligence Bureau, the country’s domestic spy agency, according to the two former executives, one former Appin hacker and a former senior Indian intelligence official.

Detailed messages from Reuters seeking comment from the Intelligence Bureau and RAW, sent via India’s Ministry of Home Affairs and its Cabinet Secretariat, respectively, were not returned. India’s Ministry of Defense did not return messages about the hacking. The Pakistani foreign affairs ministry did not return messages. China’s foreign ministry said in a statement that it was unaware of the hacking activity.

By 2008, Appin was claiming it offered a “one stop interception solution” for government clients, according to one company presentation.

Company executives marketed software for the analysis of call record data– the who, what, when of phone calls monitored by spy agencies and law enforcement – and discussed the importation of Israeli cell phone interception devices, Appin emails show.

In 2009, Appin boasted to prospective customers that it was serving India’s military, its Ministry of Home Affairs, and the Central Bureau of Investigation (CBI), an Indian agency roughly equivalent to America’s Federal Bureau of Investigation (FBI), emails show.

Appin’s solutions “are being used by various elite intelligence agencies in government to monitor hostile people,” one pitch claimed.

The CBI and Ministry of Home Affairs didn’t return detailed messages seeking comment.

Company revenues in the fiscal year ending in 2009 were estimated at nearly $1 million, with profit after tax pegged at about $170,000, according to the draft pitch deck aimed at potential investors. The deck projected that figure would multiply almost tenfold over the next 36 months.

But Appin had hit a speed bump. The two former executives, one of the former hackers, and the former Indian intelligence official said the company earned extra money by quietly taking material it hacked for one Indian agency and reselling it to another. This double dipping was eventually discovered, the people said, and several enraged spy agency clients canceled their contracts with Appin.

With intelligence work drying up, Appin pivoted to the private sector, the sources said.

‘Fucking with the wrong people’

The influx of Western clients brought new revenue – and new risk.

American and Swiss law enforcement documents, including emails and investigative reports reviewed by Reuters, reveal how Appin got caught hacking as it fulfilled its customers’ orders.

An early example was the compromise of prominent Zurich-based communications consultant Peter Hargitay, who had served as an advisor to Australia’s football federation. He and his filmmaker son Stevie detected the intrusion and filed a Swiss criminal complaint.

Within weeks, an expert they hired traced the hack to a server near the Zurich airport, according to the law enforcement documents. Billing records tied to the server listed Rajat Khare as the client.

Father and son had come off a failed bid to bring the 2022 FIFA World Cup to Australia and were in no mood to let the hack slide, according to emails provided by an independent source.

In a March 2012 message to his father, Stevie said he had spoken on the phone with an Appin employee who was clearly rattled by the exchange. “I told him in no uncertain terms that they are fucking with the wrong people,” Stevie wrote.

Rajat Khare called Stevie the same day to try to smooth things over, saying he “wants to cooperate ‘100%,’” Stevie wrote. The emails show that an Appin employee later told Stevie the hack was ordered by a U.S. private investigator; contact fell off as the Hargitays pushed for more information about who was ultimately behind the spying.

“We don’t know who his client was,” Peter Hargitay said.

Khare’s lawyers told Reuters he “does not know” the Hargitays.

A few months later, Appin was implicated in another incident, this time in India. Cybersecurity consultant K. K. Mookhey told a conference near New Delhi that he had tied an attempted hack against one of his clients to the firm. In a report published in 2013, Mookhey wrote that the link to Appin was “not concrete.” But he told Reuters he had been “overcautious” in choosing those words and that the evidence, including Appin documentation inadvertently left on the hackers’ servers, made it obvious they were involved.

“The link was actually pretty clear,” he said.

Appin’s name had popped up earlier that year in Norway. In February 2013, technicians at telecommunications company Telenor discovered that hackers had stolen as many as 66,000 emails from the company’s chief executive, two personal assistants and a senior lawyer at the firm, according to Norwegian law enforcement documents reviewed by Reuters.

Three months later, Oslo-based cybersecurity firm Norman Shark – which had launched its own independent investigation into the Telenor hack – publicly linked the intrusion to Appin.

Norman Shark stopped short of directly blaming the company, saying only that “there seems to be some connection” between Appin and the Telenor hackers. One of the report’s coauthors, security researcher Jonathan Camp, told Reuters that Norman Shark had softened the report’s language to avoid legal trouble. Camp said he and his colleagues privately were confident that Appin was behind the hacking, citing an unusually large number of digital clues pointing to the company, including multiple malicious websites registered under the Appin name.

“There was no doubt in our minds,” he said.

California-based tech firm Broadcom, which absorbed Norman Shark following a series of acquisitions, did not respond to requests seeking comment. Telenor confirmed it had been the victim of “industrial espionage,” which it reported to police at the time. It declined further comment. The motive behind the hacking has never been made public.

Appin denied all wrongdoing in the wake of Camp’s report, and the Khares’ lawyers still insist the research didn’t implicate the company. Nevertheless, Appin came under increasing scrutiny in the years that followed.

Norway was one of at least four countries – along with the United States, Switzerland and the Dominican Republic – that had opened investigations into Appin. Some began comparing notes.

In an undated written exchange reviewed by Reuters, FBI official Dan Brady told Swiss prosecutor Sandra Schweingruber that U.S. officials looking into the hack of the Shinnecock tribe on Long Island had “accumulated a fair amount of data identifying other victims.”

Schweingruber declined to comment for this story. Reuters was unable to reach Brady. The FBI declined to answer a list of questions about its investigation into Appin.

In his note to Schweingruber, Brady said “the link in our respective cases is that I believe we have the same ultimate perpetrator.”

Then he added, in parentheses: “Appin.”

Lost leads, lasting pain

The multinational investigations into Appin each carried on for years before petering out.

Jochi GĂłmez, the Dominican newspaper publisher, was formally accused of working with Rajat Khare to hack emails following the 2012 raid on his publication.

But the case never went to trial; it was quashed on procedural grounds in 2013, a decision reaffirmed by the country’s highest court the following year. Dominican prosecutors described Khare as a member of Gómez’s “international criminal network.” But one of the judges involved dismissed the idea as a “theory.” Khare was never charged in the matter.

Dominican judiciary officials didn’t return messages seeking comment about the case.

Speaking to Reuters a decade later, GĂłmez acknowledged hiring Khare for surveillance, saying he had been hunting for evidence of corruption.

“I did it for journalism,” Gómez said. “Is it lawful or not? That’s another story.”

Norway’s investigation into the Telenor hack led to four internet protocol addresses in New Delhi, according to the law enforcement files reviewed by Reuters. In an undated email sent to the FBI, the Swiss prosecutor Schweingruber said the Norwegians had gone further still. “Their investigation leads also to Appin,” she wrote.

That inquiry similarly ran aground. A spokesperson for Norway’s National Criminal Investigation Service confirmed to Reuters that the case was closed in June 2016 “taking into consideration the chances of obtaining further evidence and information through further investigation.”

Swiss authorities also implicated Appin in the case of PR consultant Peter Hargitay, according to the files.

In her email to the FBI, Schweingruber said the Swiss investigation  – nicknamed “Tandoori” – had found that “the Indian company Appin Security Group as well as their CEO Rajat Khare are involved in this case.”

Yet the files show Swiss authorities rebuffed the Hargitays’ request to have Khare quizzed about the hack. In a message to the Hargitays sent in September 2020, Schweingruber’s successor, Anna Carter, said she was discontinuing the case “due to the lack of further promising investigative approaches.”

Swiss prosecutors confirmed that the investigation was closed, but wouldn’t elaborate. Peter Hargitay told Reuters that the prosecutors’ decision “remains a mystery to us to this day.”



“You can do this from across the world. The penalties and the laws have to catch up.”


 

Former U.S. cybercrime prosecutor Mark Califano told Reuters that cracking international hacking cases is “really very hard.” But he said it was still “very disconcerting” that Appin’s hackers were “so successful in evading law enforcement despite apparently significant effort to try to track them down – and some very good evidence.”

Rajat Khare’s lawyers said their client had never been charged with hacking “by any police, investigative, regulatory, or charging authority.”

Reuters was unable to establish whether Appin was ever investigated in its native India.

K. K. Mookhey, the cybersecurity consultant whose client was targeted by Appin, said he alerted India’s cyber response agency, CERT-In, in 2013, but never heard back. CERT-In did not respond to requests for comment.

Rajat Khare has come to the attention of the Indian government on a separate matter: A 2021 complaint filed with the country’s Central Bureau of Investigation accused Khare of being one of at least eight people who embezzled roughly 8.06 billion rupees ($97 million) lent to the Indian education company Educomp, where he had previously served as a director. There is no indication that the case is related to hacking.

The complaint was filed by a senior official at the country’s biggest lender, the State Bank of India. Reuters could not determine the case’s status. The State Bank, the CBI and Educomp did not respond to requests for comment. Khare’s lawyers said he had been “cleared” by Educomp’s management. They didn’t provide evidence and said they could not offer details on the CBI probe.

U.S. intelligence agencies have known about Appin’s capabilities for more than a decade, according to three former American security officials and law enforcement documents reviewed by Reuters.

The National Security Agency (NSA), which spies on foreigners for the U.S. government, began surveilling the company after watching it hack “high value” Pakistani officials around 2009, one of the sources said. An NSA spokesperson declined to comment.

Another former U.S. security official said Rajat Khare was of such interest that the FBI tracked his travel and communications. The law enforcement case files also show that the FBI told its Swiss counterparts that it had “a confidential human source who has the capacity to report on Appin Security matters.”

Rajat Khare’s lawyers said the notion that he had been investigated by the FBI or any other such law enforcement body was “absurd.”

The bureau’s investigation into the Appin hack that sparked turmoil within the Shinnecock Nation did yield two convictions.

The first came in 2016, when a Shinnecock tribal official named Karen Hunter pleaded guilty at a federal court in the Long Island town of Islip to unlawfully accessing the email account of her fellow Shinnecock tribal member Chuck Randall.

The court filings, which were partially sealed, show that Hunter got probation. It was not until several years later that Steven Santarpia, the private eye, said he had been hired by Hunter to carry out the job.

Santarpia was the second to be convicted. He received probation from the same court in Islip in 2020 after pleading guilty to a single count of computer hacking, saying in an affidavit reviewed by Reuters that he hired Appin to carry out the email heist. Most of the filings in that case, which mask his identity, remain secret. No public mention of Appin was made in either his or Hunter’s prosecution.

Hunter did not return repeated messages from Reuters seeking comment. A reporter who visited Shinnecock Nation territory in an effort to interview her was intercepted by the tribe’s chairman, Bryan Polite, and ordered off the reservation. Polite said in an email that the tribe’s governing body was not interested in commenting.

Randall said he was baffled by the U.S. government’s lack of action against Appin.

“You can do this from across the world,” he said. “The penalties and the laws have to catch up.”

‘Godfather for all hackers’

Appin’s legacy still lingers more than a decade after the Shinnecock hack.

Its web presence faded in the months following the publication of the Norman Shark report in 2013, internet archives show. Eight former employees say their old managers told them to delete references to Appin from their public profiles.

Its former holding company, Appin Technology, changed its name three times, finally settling on Sunkissed Organic Farms in 2017, records filed with India’s Ministry of Corporate Affairs show. Its subsidiaries also underwent rebrandings: Appin Software Security, the arm which billed private eyes for the hacking work, became Adaptive Control Security Global Corporate, or ACSG, in 2015.

Rajat Khare’s lawyers say he left Appin Technology in December 2012, a move that “officially and immediately separated him from all Appin entities.” They produced two letters they said showed those resignations.

Yet Khare’s signature is on several Appin corporate filings dating to 2013 and 2014; and shareholder data shows he maintained a stake in Appin Technology for several years past 2012. According to Indian corporate records, Khare – who is now a Switzerland-based investor – resigned as director of the company once known as Appin Technology only in 2016.

His family still controlled the companies as recently as last year. Rajat’s brother, Anuj, and their father, Vijay Kumar, are majority owners of Sunkissed Organic Farms, which in turn owns ACSG and at least two other firms founded under the Appin name, according to the latest available financial data disclosed to the corporate affairs ministry.

In an exchange of messages over WhatsApp this week, ACSG company secretary Deepak Kumar confirmed that his firm was once known as Appin and described Rajat Khare as the corporate group’s “owner.” The following day, he said he would no longer reply to questions.

Anuj Khare’s lawyer, Kumar & Kumar Advocates, said questions about his client’s financial dealings were “not relevant.” The Khare brothers’ father, Vijay Kumar, did not return repeated messages seeking comment.

On its website, ACSG describes itself as a critical infrastructure protection company that caters to government clients. Employee resumes posted to job sites say the company carries out “lawful interception” and “offensive security,” industry terms for digital surveillance work.

More than 50 current and former ACSG employees reached by Reuters either did not respond or declined to comment, saying their work was confidential.

Reuters found at least half a dozen other hack-for-hire firms in India that have adopted Appin’s business model of serving private investigators and corporate lawyers. Some have run into trouble with American tech companies or been named in U.S. lawsuits.

Last year, Facebook and Instagram owner Meta Platforms identified CyberRoot Risk Advisory, a firm created by Appin alumni, as a mercenary spy company that used bogus accounts to trick people into clicking malicious links.

In October 2022, CyberRoot and BellTroX InfoTech Services, another firm founded by a former Appin employee, were accused of hacking former Wall Street Journal reporter Jay Solomon and one of his key sources, according to lawsuits filed last year by each of the men in federal court, one in Washington, the other in New York. Solomon later settled his Washington case on undisclosed terms; the New York lawsuit filed by his source is ongoing.

In June 2022, Google researchers linked hack-for-hire activity to another Indian company named Rebsec Solutions, which Google said “openly advertises corporate espionage.”

Rebsec’s founder, Vishavdeep Singh, told Reuters he had worked for Appin and BellTroX but was never involved in hacking, and that Rebsec merely taught cybersecurity courses.

CyberRoot said in a public statement issued last year that it “has never engaged in illegal activities.” It declined further comment. Attempts to reach BellTroX’s founder, Sumit Gupta, have been unsuccessful.

In his last known interview, speaking with Reuters in 2020, Gupta claimed he was not personally involved in cyberespionage. But he did acknowledge the outsized role that his former employer played in shaping the industry.

“Appin is the godfather for all the hackers,” he said.

Hackers for Hire

By Raphael Satter, Zeba Siddiqui and Christopher Bing

Data analysis: Ryan McNeill

Photo editing: Corinne Perkins

Art direction: John Emerson

Edited by Marla Dickerson

Thu, 16 Nov 2023 06:15:00 -0600 en text/html https://www.reuters.com/investigates/special-report/usa-hackers-appin/
Symantec Antivirus Endpoint Edition vs. Norton Internet Security

A professional writer since 1998 with a Bachelor of Arts in journalism, John Lister ran the press department for the Plain English Campaign until 2005. He then worked as a freelance writer with credits including national newspapers, magazines and online work. He specializes in technology and communications.

Fri, 14 Aug 2020 13:05:00 -0500 en-US text/html https://smallbusiness.chron.com/symantec-antivirus-endpoint-edition-vs-norton-internet-security-58948.html
Symantec launches new version of security suite

(IDG) -- Security software company Symantec unveiled a consumer security suite that lets users know if someone else pokes around their computers, screens outgoing data for personal information and can operate in a "stealth mode" to hide from hackers.

Norton Internet Security 2001 Version 3.0 combines the company's personal firewall and antivirus software, and includes privacy controls to prevent personal data from being sent online to Web sites without the user's knowledge. It also contains a feature for blocking banner advertisements for faster Web page download speeds.

MESSAGE BOARD

 

The antivirus software in NIS 3.0 can defeat script-based viruses arriving by e-mail, without using virus definitions. Recent notable viruses such as "I Love You" and "Anna Kournikova" are script-based viruses, which execute commands using the Visual Basic programming language. Script blocking monitors scripts, halting those that display virus-like behavior, such as raiding e-mail address files.

Additionally, it can intelligently detect common hacker intrusion attempts such as port scans and Trojan horse e-mail access attempts. Once detected, it alerts the user, and can automatically configure the firewall to block all traffic from the attacker for a period of time. It can also put a user's computer in 'stealth mode,' hiding the system from hackers.

NIS 3.0 provides continuous notification of security events. The software monitors programs attempting to access the Internet, screening the data sent or blocking it entirely. Symantec said it redesigned the security alerts to provide the severity level of the specific intrusion attempt and quick access to more detailed information about the attack.

Users can set the security level from a casual defense which only reports serious intrusion attempts to a figurative DefCon 5 with reports on penetration attempts of a lower threat level or lower likelihood, as well as all Internet access events. Users can also specifically designate the applications permitted to access the Internet.

Norton Internet Security Family Edition Version 3.0 adds Norton Parental Control, allowing parents to limit children's access to objectionable Web sites.



RELATED STORIES:

Magistr worm emerges, scarce but deadly
March 19, 2001
Norton AntiVirus puts a lock on e-mail
March 12, 2001
Security experts: Virus proves systems still vulnerable
February 19, 2001
Job offer for Internet virus suspect
February 17, 2001
Kournikova virus suspect arrested
February 14, 2001
Italian 'Love Bug' has inoffensive bite
February 9, 2001
McAfee antivirus update gives NT 4.0 the flu
December 21, 2000
Office 2000 gets its own virus protection
December 4, 2000
MTX virus gaining speed in unusual ways
December 1, 2000


RELATED IDG.net STORIES:

Symantec to offer SMS notification of viruses
(IDG.net)
Pentagon interest may give biometrics needed boost
(Network World Fusion)
GAO: IRS was vulnerable to hackers
(IDG.net)
Cyber-insurance gaining popularity
(The Industry Standard)
Busboy said to engineer largest I.D. theft in Internet history
(The Industry Standard)
Brinks breaks into Net security market
(Computerworld)
Security center issues antihacker tool
(IDG.net)
Hunt down those hackers and ... ignore them?
(PCWorld.com)


RELATED SITES:

Symantec

Note: Pages will open in a new browser window

External sites are not endorsed by CNN Interactive.




Wed, 21 Mar 2001 01:53:00 -0600 text/html https://edition.cnn.com/2001/TECH/ptech/03/21/new.symantec.idg/index.html
How Sophisticated Social Engineering Attacks Are Targeting IT Service Desks

It isn’t just software that's under siege but the very people who use it. While cyberattacks often exploit technical vulnerabilities, many attackers find manipulating human psychology far more effective. 

This cunning strategy, known as social engineering, continues to evolve and becomes more intricate every day. Leveraging a mix of deception, persuasion, and exploitation, these attacks prey on human tendencies to trust and cooperate. But the frontline of these attacks isn’t just your usual employees or end-users. The spotlight is now on a fresh, high-profile target – the service desk.

Recent Attacks Spotlight a Vulnerable Frontline

The service desk has traditionally been the first point of contact for users facing technical issues, like a locked account and forgotten passwords. To help them with these requests, the service desk staff will verify the identity of the user through a series of security questions. 

In the age of social media and open networks, it’s surprisingly easy for attackers to collect answers to these questions. Plus, in the age of hybrid work, service desk agents are overwhelmed with more requests for fixing remote issues. In a bid to handle tickets quickly, they may sometimes overlook security best practices.

The following examples from EA and MGM are unlikely to be isolated incidents – instead, they reflect a larger trend in which attackers have identified service desks as soft targets. 

EA Source Code Breach

In 2021, hackers infiltrated Electronic Arts (EA) and subsequently released a vast amount of stolen data. On June 10, the hackers used an underground hacking forum to announce that they possessed EA data, which they intended to sell for a staggering $28 million. 

It turns out the attackers had acquired authentication cookies for an EA internal Slack channel from a dark web marketplace. By using these cookies, they impersonated an EA employee who was already logged into the system to access EA's Slack channel. Once inside, they deceived EA IT support staff into granting them access to EA's internal network. With this access, they downloaded over 780GB of source code.

MGM Resort Service Desk Hack

Fast forward to September 2023, and the massive hospitality and entertainment business MGM Resorts was crippled by a similar cyberattack. The attack led to extensive outages across its Las Vegas establishments, causing disruptions in slot machines, room key cards, TV services, internal networks, and much more. Employees were forced to revert to manual methods to manage guest services and requests. 

The point of entry? A fraudulent call to their help desk. After locating the LinkedIn of an MGM Resorts employee, hackers impersonated this individual and called the organization's service desk, requesting a password reset to access their account. 

The Multi-Factor Solution

For businesses aiming to fortify their defences, the solution lies in a multi-layered verification approach at the service desk level, something that moves beyond security questions. 

Using a multi-layered verification approach ensures only genuine employees within your network get verified access and provides added protection against sophisticated social engineering attacks as you can use authentication methods that remove the opportunity for user impersonation, with something the user is (such as fingerprint) and something the user has (such as a mobile phone), not just something the user or an attacker may know.  

Guarding Against Social Engineering

In a game of cat and mouse between cyber criminals and businesses, staying one step ahead is key. While attackers find innovative ways to exploit the human element, businesses must continuously refine their defenses, eliminating weak links in their security landscape. 

The best course of action to batten down the hatches for service desks is a verification system that only grants account access after multifactor authentication.

Tools such as Specops Secure Service Desk,  are designed specifically for Active Directory users and securely enforce caller verification instead of relying on insecure or “on paper” processes that are prone to human error.

Secure Service Desk increases security with identity verification options that range from mobile or email verification codes to fingerprint and commercial providers such as Duo Security, Okta, PingID, and Symantec VIP.

If you like to learn more, request a personalized demo of Specops Secure Service Desk today.

Thu, 02 Nov 2023 23:15:00 -0500 en-gb text/html https://www.infosecurity-magazine.com/blogs/how-social-engineering-targets/ Commvault Cloud Unifies Data Protection, Security, AI And Recovery

Ask any CIO or CISO, and they’ll tell you that protecting, securing and, if necessary, recovering data are major points of concern. Having a strong data and security posture is vital for maintaining data integrity, customer confidentiality, business operations and an organization's cyber resilience. Yet the challenges around data security are only getting harder in a world where companies increasingly operate in hybrid, multi-cloud IT environments, while bad actors use everything from ransomware to generative AI to threaten enterprise data.

Hackers now have nation-state budgets to draw from, and hacking as a service is a very robust business. The security centerpoint has shifted from solely perimeter defense of data, adding identification of the threat, adding removal of the bad actors, then adding recovery of the data and fixing the damage done.

The other trend we are seeing is the shift from one-off security and data protection packages to “suites” of software and services. ”Best in breed” solutions are great at first, but enterprises realize that by the time they have integrated the new bits, they are one to two revs behind. They have also learned that integration itself is causing security issues and consuming many resources. This is why the market is shifting to “suites.”

Commvault Cloud Fights AI With AI

With this in mind, I was glad to talk with Commvault CEO Sanjay Mirchandani about his company’s brand-new platform, Commvault Cloud. This new AI-powered offering combines the company's SaaS and software data protection solutions into a single platform to provide control over an organization’s data with unified visibility. This new platform also brings together data protection, security, intelligence and recovery, with a focus on cyber resilience—which has never been more timely given today’s threat landscape.

“The world of data protection as we know it and data security as we know it is becoming one,” Mirchandani told me, “and when it becomes one, the real purpose behind what you’re trying to do is to give your business resilience.” Commvault Cloud does this by enabling data protection and recovery for any type of workload across any infrastructure in any location.

All of this is supported by Commvault’s new Metallic AI, a suite of AI- and ML-driven data protection and security solutions that enable faster threat prediction, faster threat response and clean data recovery. Commvault Cloud users can also access a new integrated AI copilot called Arlie (derived from “autonomous resilience”). Users can ask the assistant questions, and Arlie provides practical answers in natural language. Among other things, Arlie can provide real-time threat analysis, generate relevant code snippets for integrations, offer recommendations for optimizing cyber resilience or help a user verify a clean recovery point for an enterprise system. For starters, Arlie integrates with Azure OpenAI; other GAI integrations are slated to follow soon.

Reducing recovery time—ideally to just hours—after a cyberattack is vital, because longer downtimes can lead to significant costs and the erosion of trust from customers, potentially causing a loss of clientele and revenue. As part of addressing this critical need, Commvault has developed its new Cleanroom Recovery solution. By combining Commvault and Microsoft Azure capabilities, this service enables customers to recover a clean backup of their data in a “cleanroom” in the cloud to expedite the recovery journey.

Commvault is also preparing to launch Platinum Resilience, a fully managed service to help companies thwart cybersecurity threats and support disaster recovery. The service, which is being piloted with some customers through an early-access program this year, is planned for general availability early in 2024. Commvault is confident enough in the program that it comes with a warranty (the details of which we haven’t yet seen).

Hybrid Environments Need Hybrid Data Protection

Enterprises are seeking a single solution for data protection that offers security and improved efficiency across their entire IT environments, including on-premises infrastructure, private clouds and public clouds. Commvault addresses this need with its hybrid approach to cyber resilience. According to Mirchandani, Commvault's philosophy is straightforward: no workload, new or legacy, is left behind or unprotected.

By covering all types of workloads across all locations, the company’s approach also doesn't force customers into awkward choices between SaaS or on-premises software. The company also simplifies safeguarding data by implementing a single policy engine that covers every aspect of a business’ data.

Commvault, headquartered in Tinton Falls, New Jersey operates development centers in India, the U.K. and New Jersey. Commvault originated in 1988 as a data management, backup and recovery development group within Bell Labs. It was subsequently established as a business unit within AT&T Network Systems. Following AT&T's reorganization, the group became a part of Lucent Technologies before being spun off in 1996 to become an independent company. It anticipates achieving revenue of approximately $820 million in its fiscal year 2024.

A Rapidly Evolving Market

Global spending on security and risk management is expected to reach $215 billion in 2024, a 14.3% increase from the estimated $188 billion in 2023, according to Gartner, Inc. This growth is attributed to factors such as the adoption of hybrid work models, cloud technologies, GAI and increased efforts to improve security governance and data protection. Spending on data privacy and cloud security is projected to grow by more than 24% annually for the next several years. Organizations are maintaining a strong focus on privacy due to new regulations that influence the processing of personal data, particularly against the backdrop of hype about artificial intelligence. Gartner forecasts that by 2025, privacy regulations will create legal protections for the personal data of 75% of the global population. This trend, along with the surge in cloud services usage, is driving increased investment in cloud security and data management.

Competitive Landscape

While Commvault is a recognized leader in data protection, the company has worked hard to bring together separate SaaS and software capabilities onto one platform, removing complexity and simplifying management. Moor Insights & Strategy will be tracking the execution, quality and customer feedback of these integrated parts. Commvault is one of many security vendors that have turned to AI to improve their cybersecurity products and services. Cisco, for example, employs AI for advanced threat detection and management across its security products. Symantec, now a part of Broadcom, integrates AI to strengthen its threat detection and response capabilities. Similarly, Microsoft leverages AI across its security solutions, including Azure Security, to augment threat detection and response efforts.

In the area of data protection solutions, Veeam is recognized for scalable options in virtualized settings, while Veritas is valued for its AI-driven anomaly detection, workload and cloud protection. IBM's data products are notable for giving hybrid cloud environments a focus on governance and security. Rubrik stands out for its cloud-native solutions that prioritize encryption and immutability for multi-cloud data safety. Cohesity is known for its simplified, scalable, hyperconverged platform. Dell offers dependable, high-performing IT solutions across data protection and recovery.

AI Is Not Always Right

It’s important to know that AI-powered security platforms can come with potential issues. AI may produce false positives, creating invalid threat alerts and potentially wasting security team efforts. There can be biases within AI algorithms that may cause them to detect some threats more frequently than others, leading to overlooked vulnerabilities. For effective use, these platforms need to be able to explain their decisions to human operators, ensuring that the reasoning behind identified threats is clear and actionable. To minimize risks associated with AI-powered security platforms, organizations can use a layered approach to security with a variety of tools, both AI-driven and traditional. Continually monitoring these platforms is critical to quickly catch and correct any false positives. Regular testing is essential to confirm these systems’ efficacy and discover any hidden vulnerabilities.

Wrapping Up

In our view, Commvault is charting the right course with the Commvault Cloud platform, which enables a hybrid strategy for data security. Its focus on resilience is well-tuned to current market needs. Nonetheless, as the company embarks on its new initiatives, Commvault must tread carefully to fulfill its commitments without sacrificing quality, but still remain focused on the future and continued development of Commvault Cloud. While the growing reliance on AI brings greater efficiency, productivity and innovation, it can also bring issues related to data integrity and the essential need for ethical guidelines to ensure responsible AI use.

Commvault Cloud is available with multi-level SaaS pricing via several marketplaces, including Oracle Cloud, Microsoft Azure, Google Cloud and Salesforce AppExchange.

Note: This analysis was co-written by vice president and principal analyst for Enterprise Data and ERP, Robert Kramer.

Wed, 08 Nov 2023 00:08:00 -0600 Patrick Moorhead en text/html https://www.forbes.com/sites/patrickmoorhead/2023/11/08/commvault-cloud-unifies-data-protection-security-and-recovery/
10 Common Questions About Social Security

What Is Social Security?

The Social Security program was established in 1935 to provide retirement income for certain U.S. workers. It was later expanded to cover most of the country's workforce. Today, it remains America’s pension plan and the financial lifeline that many people use to stay afloat in their old age.

In 2023, Social Security provides 37% of elderly men and 42% of elderly women with at least 50% of their income. For 12% of elderly men and 15% of elderly women, it’s at least 90% of their income.

How does Social Security work? Regardless of your age, you really should know. Here are the answers to 10 questions that people most often ask.

Key Takeaways

  • Social Security income is a popular and important public pension system in the U.S.
  • Americans become eligible for Social Security benefits at age 62, but benefit amounts depend on how early you elect to start.
  • The age at which full retirement benefits are paid is 67 for people born in 1960 or after, and 66 for those born from 1943 to 1954.
  • The retirement age increases annually by two months for those born between 1955 and 1959.
  • Spouses are eligible for benefits even if they never worked for pay.

1. When Am I Eligible?

Depending on when you were born, you will be eligible for full retirement benefits as early as age 65 or as late as age 67.

  • If you were born before 1938, your full retirement age is 65.
  • If you were born from 1938 to 1942, the age ranges from 65 and two months to 65 and 10 months.
  • If you were born from 1943 to 1954, it’s 66.
  • If you were born from 1955 to 1959, it ranges from 66 and two months to 66 and 10 months.
  • If you were born in 1960 or later, it’s 67.

You can opt to receive Social Security as early as age 62, but if you do, your monthly benefits are permanently reduced. For example, if you take benefits at 62 and your full retirement age is 66, then your benefits are reduced by 25%.

If you postpone taking benefits past your full retirement age, then you will be rewarded with a higher benefit: 8% for each year up to age 70 (for those born in 1943 or later), when benefits max out and there is no further incentive to delay signing up.

2. How Is Eligibility Determined?

Your eligibility for Social Security is based on the credits that you earn during your working years. As of 2023, for every $1,640 you make, you earn one credit, up to a maximum of four per year. For 2024, the amount is $1,730 for one credit. If you were born in 1929 or later, then you need 40 credits—essentially, 10 years of full-time work—to receive Social Security benefits at retirement.

3. How Much Do I Pay in?

As of 2023, workers pay 6.2% of their wages into Social Security up to $160,200 ($168,600 in 2024) of their income. Employers contribute another 6.2%. Self-employed people have to pay both portions or 12.4%.

You can collect Social Security retirement benefits even if you’re still working.

4. How Much Will I Get?

Your Social Security benefits are based on your lifetime earnings. The formula is a little complicated, but it averages the income from your 35 highest-earning years. If you already accumulated 40 Social Security credits, then you can use the online Social Security Retirement Estimator to get a rough idea of what you will get.

5. Can I Get Social Security If I Work?

Yes, you can receive Social Security benefits while you work. If you’ve reached full retirement age, you can work and earn as much as you’d like and receive full benefits. If you’re under full retirement age, your benefits are temporarily reduced. The money is not lost, however. Social Security will credit it to your record when you reach full retirement age, resulting in a higher benefit.

The reduction is $1 for every $2 of earned income over $21,240 in 2023 ($22,320 in 2024) for those younger than full retirement age. During the year when you reach full retirement age, your benefits will be reduced by $1 for every $3 in income over $56,520 in 2023 ($59,520 in 2024). That continues until the month when you become fully eligible.

Retirees can contribute to individual retirement accounts (IRAs) as long as they have earned income. However, Social Security benefits are not considered earned income for this purpose.

6. How Does the Spousal Benefit Work?

The Bipartisan Budget Act of 2015 tightened some of the rules on spousal benefits, eliminating several strategies that couples once used to maximize how much they received. However, spouses can still claim benefits regardless of whether they ever held paid jobs, based on their partner’s record. To qualify, the spouse with a work record must already be receiving retirement or disability benefits, and the non-working spouse must be at least age 62.

As with other Social Security benefits, spousal benefits are permanently reduced if the nonworking spouse starts to collect before reaching full retirement age. If the non-working spouse waits until full retirement age, then they will receive a spousal benefit of up to 50% of their partner’s full retirement benefit.

Spouses who are widowed become eligible for 100% of their partner’s full benefit unless they also had a job and the benefit they’ve earned through their income is higher. Generally, the widowed spouse must be at least 60 years of age (with certain exceptions) to receive benefits from the deceased spouse’s record, and the amount will be reduced if the surviving spouse elects to receive benefits before their full retirement age.

In addition, should the surviving spouse remarry before age 60, they will forfeit the deceased spouse’s benefit. In some cases, divorced spouses are also eligible for spousal benefits based on their former partner’s record.

7. Do I Owe Taxes on Social Security?

You might, depending on your income. Couples who file a joint tax return and have a combined income from $32,000 to $44,000 will have to pay income tax on up to 50% of their benefits. If their combined income is more than $44,000, then they’ll be taxed on up to 85% of their benefits.

Combined income is defined as adjusted gross income plus any nontaxable interest and half of your Social Security benefits. For singles, those income thresholds are $25,000 to $34,000 for 50% and more than $34,000 for 85%.

8. How Do I Apply for Benefits?

You can apply at a local Social Security office, by phone (1-800-772-1213), or online. You’ll need to provide certain information and possibly some documents, such as a birth certificate. Social Security Form SSA-1 has a complete list.

The SSA says you can apply up to four months before the date you want your benefits to start.

9. How Does the Social Security System Work?

Social Security is a pay-as-you-go system. Money paid in by current workers (via their taxes) is used to pay the benefits for current retirees. Any money that remains goes into the Social Security Trust Fund, to be used in future years when current contributions won’t be sufficient to cover all of the program’s obligations.

There are two trust funds: the Old-Age and Survivors Insurance (OASI) Trust Fund, which pays retirement benefits, and the Disability Insurance (DI) Trust Fund. By law, the money in the trust funds is invested in U.S. government securities.

10. Is Social Security in Trouble?

It’s safe to say that the Social Security system faces some financial challenges. The ratio of current workers to retirees is declining, meaning fewer workers are paying into the system for every retiree who is drawing money out of it. In addition, people are living longer than when the program was envisioned in the 1930s, so they’re collecting benefits for more years.

According to SSA trustees, the retirement program’s cost exceeded its income for the first time in 2021. As of 2023, the program should be able to pay full benefits until 2034, when the trust fund will be depleted. After this, the fund's reserves will be depleted and 80% of scheduled benefits will be paid with continuing tax income.

This date includes the two funds that make up Social Security: the Old-Age and Survivors Insurance (OASI) Trust Fund, which pays out Social Security retirement benefits, and the Disability Insurance (DI) Trust Fund, which pays out Social Security related to disability. As of 2023, the OASI Trust Fund is expected to be depleted by 2033, where it will then only be able to pay out 77% of benefits.

Given the program’s popularity and importance to millions of Americans—and the millions of older Americans who have already paid into it for decades—it’s extremely unlikely that Congress would simply let it fail.

What Is the Maximum Social Security Benefit You Can Get?

In 2023, the maximum social security benefit for someone retiring at full retirement age is $3,627 per month. In 2024, it is $3,822. The full retirement age is between 66 and 67, based on the date of birth.

Should You Take Social Security at 62 or 67?

You can start receiving retirement benefits at 62 years old, but the amount will be higher if you wait until the full retirement age, which is either 66 or 67, depending on when you were born. Those who wait even longer, until age 70, can see an increase in benefits each year until retiring.

How Much Is the Social Security Raise in 2023?

The Social Security cost-of-living adjustment for 2023 is 8.7%, adding roughly $146 per month to the average check. The yearly increase is the largest since 1981, reflecting the spike in inflation and in the Consumer Price Index (CPI) during 2022. CPI, which is a monthly read on the changes in the prices consumers pay for a select basket of goods, is used to calculate both the SS and SS COLA each year. The cost-living-adjustment for 2024 is 3.2%.

The Bottom Line

Social Security is a popular and important pension in the lives of Americans during their retirement years. Knowing how to manage the ins and outs and understanding the various attributes regarding it, will allow you to make the most of the benefits.

Sun, 04 Dec 2022 14:32:00 -0600 en text/html https://www.investopedia.com/retirement/social-security-faqs/




850-001 test prep | 850-001 study help | 850-001 helper | 850-001 download | 850-001 approach | 850-001 Free PDF | 850-001 Practice Test | 850-001 reality | 850-001 information hunger | 850-001 guide |


Killexams Exam Simulator
Killexams Questions and Answers
Killexams Exams List
Search Exams
850-001 exam braindump and training guide direct download
Exams Braindumps List