Month: June 2022

According to a recent research report by MarketsandMarkets, the global Cybersecurity insurance market size is projected to grow from $11.9 billion in 2022 to $29.2 billion by 2027.

Cybercrime insurance protects organizations from financial losses relating to damage to, or loss of, information from networks and IT systems. This includes reputation loss, the cost of business interruption, infringement of regulatory data standards (such as GDPR or CCPA), and attacks from bad actors (e.g., ransomware, data breaches, etc.), depending on the coverage taken.

By organization size, the small and medium enterprise segment is expected to have the highest growth rate during the forecast period.

Asia Pacific is expected to have the highest growth rate during the forecast period.

Read more about it here.

Shadowserver Foundation analysts discovered over 3.6 million MySQL servers publicly exposed on the Internet and responding to queries, making them attractive targets. The report identifies accessible MySQL server instances on port TCP/3306. “This includes both TLS and non-TLS responses. We do not perform any intrusive checks to discover the level of access to any databases that is possible.” says the report. “Surprisingly to us, we found around 2.3M IPv4 addresses responding with such a greeting to our queries. Even more surprisingly, we found over 1.3M IPv6 devices responding as well.”

Most accessible IPv4 MySQL servers by country are as follows: United States (740.1K), China (296.3K), Poland (207.8K) and Germany (174.9K).

Most accessible IPv6 MySQL servers by country are as follows: United States (460.8K), Netherlands (296.3K), Singapore (218.2K) and Germany (173.7K).

The researchers pointed database administrators to the MySQL has a MySQL 5.7 Secure Deployment Guide and MySQL 8.0 Secure Deployment Guide. They added: “It is unlikely that you need to have your MySQL server allowing for external connections from the Internet (and thus a possible external attack surface). If you do receive a report on your network/constituency take action to filter out traffic to your MySQL instance and make sure to implement authentication on the server.”

Read more about it here.

Rahul Sasi, who is the founder and CEO of CloudSEK, a contextual AI business that predicts cyber threats, recently posted the following post on LinkedIn. According to him, it starts with the hacker calling the victim and convincing them to call a specific number, which looks like either **67*<10 digit number> or *405*<10 digit number>. Both numbers trigger call forwarding, which redirects a phone call to another number. Call forwarding is available on most, if not of all, phone carrier’s systems globally and is supported by most modern mobile phones.

**67*<10 digit number> will forward all your calls to the 10 digit number.

*405*<10 digit number> will forward calls, if your number is busy, to the 10 digit number.

The 10-digit number is always a phone number controlled by the hacker.

While the victim is calling one of the numbers, the hacker starts the WhatsApp registration process for the victim’s phone number, and chooses the option to deliver One Time Password (OTP) through phone call. Because of the activated call forwarding, the OTP will travel to the hacker’s phone.

How to mitigate:

• Ignore calls from unknown numbers.
• Don’t make calls to unknown numbers.
• Secure your WhatsApp account with Two-step verification.

Read more about it here.