Earlier this month, Kaspersky announced plans to migrate its customers to Pango Group, an American cybersecurity firm that owns the UltraAV software. The move was meant to facilitate smooth continuation of current subscriptions as Kaspersky updates terminate this month.

Panic Waves

TechCrunch reported that social media messages posted by Kaspersky users showed that these updates had been made without prior warning or permission.

“I was using Kaspersky, didn’t realize they’d be shuffling us off to some Pango AV in September. Nearly had a heart attack when I started my pc today and found a program I didn’t download,” one user posted on Reddit.

Another user posted on the Kaspersky support forum saying, “UltraAV automatically installing itself on my PC freaked me out. It still required me to login with my Kaspersky password/account, but no thanks. I have no idea who Pango is, and there is literally no information about their antivirus/credibility.”

Pango Group claimed that Kaspersky users had been informed about the Kaspersky UltraAV software update through an email notification at the start of this month. However, users argued that this form of communication can be unreliable.

Resellers too were disappointed by the Kaspersky antivirus forced updates, particularly the move to replace the antivirus with an entirely different one. A former US government cybersecurity expert termed the move a huge risk.

US Ban

The migration of Kaspersky customers to UltraAV was triggered by the US government ban of the antivirus company. In June this year, the US Department of Commerce banned the Russian firm from marketing and selling its products within the US starting July 20. The government cited increased privacy and security risks that pose a threat to national security as the reason for the ban.

Following the ban, Kaspersky’s security updates to customers were limited; no updates will be allowed after September 29. An exclusive post published on Axios states that newly established cybersecurity firm Pango was acquiring Kaspersky’s US clients.

On September 21, Kaspersky confirmed the shift to UltraAV on its official forum.

“Kaspersky has additionally partnered with UltraAV to make the transition to their product as seamless as possible, which is why on 9/19, U.S. Kaspersky antivirus customers received a software update facilitating the transition to UltraAV. This update ensured that users would not experience a gap in protection upon Kaspersky’s exit from the market,” a Kaspersky employee wrote.

The Responsibility Question

As customers come to terms with Kaspersky UltraAV updates, many customers wonder who’s at fault abound.

“I’m annoyed at Kaspersky. Basically, on my computers, Kaspersky pushed an uninstall of the Kaspersky products and pushed an automatic install of UltraAV and UltraVPN onto my computers. They should’ve given me the option to accept UltraAV or not. They should never push software onto someone’s computer without explicit permission,” Kaspersky customer Avi Fleischer said.

Although Kapersky said the intention was to give its customers a seamless transition, most users feel the process was not handled well.

The post Kaspersky’s Forced Antivirus Updates Leave US Customers in Disarray appeared first on Tech Research Online.

Advancements in cloud computing and migrating sensitive financial data to cloud-based software have seen a rise in cybersecurity threats for accounting firms. Financial institutions must understand that the sensitivity and confidentiality of their database make them a top target. Therefore, carelessly clicking an unverified link with the company’s device can compromise the firm and cause data breaches within seconds.

This guide explains the leading cyber threats that accountants must watch out for to prevent granting access to hackers. What are these possible data breaches or IT security loopholes that expose your certified public accountant (CPA) firm to the risk of infiltration by cybercriminals?

1. Phishing Attacks

The common phishing technique by cybercriminals is sending a malicious email as if it were from a trusted source. This cybersecurity threat to accounting firms is to trick the recipient into clicking a link that might compromise their security frameworks. The hacker’s objective is to get them to divulge sensitive or highly classified information.

CPA firms must train their accountants on identifying phishing scams and security procedures like checking for possible spoofing or hovering over links to confirm the source. Additional security protocols include cross-checking the source through calls or other secondary verification methods before sharing confidential accounting data. Falling victim to a phishing attempt can lead to the download of corruptible data that infiltrates your cybersecurity walls.

2. Outdated Software and Patching

Running on outdated accounting software or security patches is another of the top cybersecurity threats for accounting firms. Large companies entrusted with multiple customer data must be ready to continually invest in the best cloud security tools.

Otherwise, they become easy targets to cybercriminals who can take advantage of the security risks of using outdated operating systems and cloud-based accounting software. End-to-end point encryption is also essential if you want to prevent risks of cyber hacking. Maintaining updated software, browsers and other financial tools makes it easy for your security service providers to identify potential data breaches before an issue occurs.

3. Ransomware

Imagine encrypting your files with a password and forgetting it. Well, that is how ransomware works. The only difference is this time, the cybercriminal is the one encrypting the accounting files or software. The objective of ransomware attacks is to corrupt financial systems, making the data impossible to access.

Ransomware hackers usually demand money as “ransom” which is tricky because paying the anonymous cybercriminals is likely another scam. There is no guarantee of receiving an encryption key from them. In severe cases of these cybersecurity threats for accounting firms, the hackers can threaten to destroy the data or leak it on unwanted databases. Common modes of ransomware cyber-attacks are phishing scams or downloading from untrusted websites. Unprotected downloads should never be carried out from your company’s computers.

4. Insider Threats

By “insider threats”, we refer to cybersecurity threats due to unsuspecting employees mostly through unsafe but unintentional actions. Examples include connecting personal work computers to a public network while working on sensitive data. Setting up weak passwords through which hackers can access other linked accounts also falls on the list of insider cybersecurity threats for accounting firms.

On the other hand, intentional cyber threats are when an employee or someone with privileged data access deliberately makes the security framework vulnerable to hackers. This could involve connecting a spoofed hardware or installation of malware. IT security departments can try employing the principle of least privilege to limit the possibilities of unintentional insider threats.

5. Cloud Security Vulnerabilities

Preventing the use of unauthorized devices to access financial information on an accounting firm’s database can reduce cloud security risks. This goes against the common “bring your own device” policy used in some organizations that work with very little sensitive information.

For accounting companies that use cloud-based software, managing sensitive customer information requires working on only recognized devices. This includes using only approved software or cloud computing platforms to access accounting data. Compliance with industry-regulated data policies is the best step to securing cloud-native applications from cybersecurity threats for accounting firms.

6. Third-Party Vendors

CPA firms should go beyond enforcing stringent cybersecurity practices within their accounting firewalls. Learning how to manage sensitive data with third-party vendors is equally important. Otherwise, it is like building a high fence but leaving a small passage without a gate. You must secure how third parties interact with your cybersecurity systems and the level of permission you grant them.

Another way to prevent third-party cybersecurity threats for accounting firms is to ensure they also have security compliance and incident response strategies. You can use cyber risk management auditors to assess fourth-party compliance. A zero-trust data access is also a continuous cyber risk assessment method to verify third-party access to security systems.

7. DNS Spoofing

Lack of DNS security extensions (DNSSEC) or poor encryption of your DNS traffic over HTTP or TLS can make it easy for cyber attackers to spoof DNS queries. DNS spoofing, also known as DNS cache poisoning, is a cyber threat where hackers corrupt the domain name system (DNS) to redirect traffic to a malicious website. Proper DNS spoofing scams are difficult to detect because the redirected website appears exactly as legitimate.

DNS spoofing cybersecurity threats for accounting firms usually aims to steal clients’ data like tax portal information or sensitive login credentials. Information from DNS spoofing scams could even be used for phishing to impersonate employees and intercept email communications or financial transactions.

Updating Employees on Cybersecurity Threats for Accounting Firms

Training your employees on the latest cybersecurity practices is important, regardless of whether you run a cloud accounting or traditional accounting system. However, CPA accounting firms on cloud-based solutions must be vigilant since they stand a higher risk of ransomware or malicious data access. The best cybersecurity practices include establishing hierarchical access to financial data among your employees.

Additionally, ensure that employees gain the necessary knowledge on how to identify cyber scams before they are granted clearance to more sensitive financial information.

Conclusion

Understanding the top cybersecurity threats for accounting firms is the first step towards preventing revenue or financial data loss to cyber scammers. This is why we encourage CPA firms to invest in continuous training programs for their accountants on the best cybersecurity practices.

The easiest way to avoid a cyber scam is to limit the possibilities by avoiding loopholes in your internal security frameworks. Data sharing with third parties and accessibility through outside devices must be controlled. Enforcing cyber safety practices is easier when you get started with our guide on overcoming the challenges of cyber resilience.

The post Top Cybersecurity Threats for Accounting Firms and How to Prevent Them appeared first on Tech Research Online.

The new law requires the video streaming platform to spin off from its Chinese parent company, ByteDance, by January 2025 or face a ban. The US government views ByteDance’s ties to China as a national security threat. However, ByteDance and TikTok have denied links to Chinese authorities multiple times.

Court Arguments

TikTok’s legal battle in the US started back in May 2024 when the social media platform filed a case to block the new law. At the time, the video streaming platform had termed the legislation unconstitutional.

TikTok argued that the new law would significantly impact freedom of speech for its 170 million US users. TikTok’s court case was heard by three court of appeals judges in Washington DC.

“This law imposes extraordinary speech prohibition based on indeterminate future risks,” Andrew Pincus, TikTok and ByteDance’s attorney said in court.

In his submission, the lawyer addressed concerns by the US government about Chinese authorities. He said ByteDance Limited is a Cayman Island holding firm and is not owned by China.

The judges challenged the submissions by Pincus, with Judge Sri Srinivasan saying that ByteDance was subject to China’s control. The lawyer argued that the US government had not alleged any wrongdoing on TikTok’s part and that the social media platform was being punished based on suggestions that issues may arise in the future.

Judge Ginsberg challenged this claim, arguing that the law targets all firms that are controlled by foreign adversaries, not just TikTok. The Judge also termed the law as an ‘absolute bar on the current arrangement of control’ of the firm, not the firm itself.

Impact of TikTok Split

TikTok has consistently denied sharing data from US users with Chinese authorities. The social media platform claimed that a breakup from ByteDance cannot happen without its closure. In court documents filed in June 2024, TikTok argued that a split would make it a shell.

TikTok’s Appeal Against US Divest or Ban Law Commences

The breakup will also mean that Americans can no longer share their views with TikTok’s global community. Free speech advocates have added their voice to the US divest-or-ban law. The advocates say if the law is implemented, it will set a precedent to oppressive regimes across the world and lead to violation of free speech rights.

“We shouldn’t be surprised if repressive governments the world over cite this precedent to justify new restrictions on their own citizens’ right to access information, ideas, and media from abroad,” Columbia University’s Knight First Amendment Institute staffer, Xiangnong Wang said.

The Institute has filed legal documents with the appeals court offering expertise with the aim of influencing the outcome of the TikTok appeal case. Wang accused lawmakers of being vague with respect to national security threats they claim TikTok poses to the US.

Digital content creators also argued that the law impedes their right to work with publishers of their choice.

Government’s Position

The Department of Justice will be arguing its case against TikTok. DoJ’s submissions will largely be based on data concerns. US lawmakers and government officials have raised alarm over possibilities that Chinese authorities could be using TikTok to spread misinformation to Americans.

In addition to the US, the UK government has also raised concerns over potential Chinese influence on TikTok. The UK has banned TikTok on government devices for fear of Chinese influence.

The post TikTok Ban Appeal in the US Commences appeared first on Tech Research Online.

According to a breach notification published by the Office of the Attorney General of Maine, a total of 299,006 customers were affected by the data breach. The notice attributes the breach to insider wrongdoing. However, the attached letter does not make any reference to any Avis employee.

Unauthorized Access

Last week Avis filed a data breach notice with multiple attorneys general in the US. In the notice, the New Jersey-based company said that it noticed unauthorized access and took action to end the intrusion.

“We discovered on August 5, 2024, that an unauthorized third party gained access to one of our business applications. After becoming aware of the incident, we immediately took steps to end the unauthorized access, began an investigation with assistance from cybersecurity experts, and alerted the relevant authorities. Based on our investigation, we determined that the unauthorized access occurred between August 3, 2024, and August 6, 2024,” Avis said in a report.

Details about the Avis car rental hit remain scarce since the company has not made public information about the type of cyberattack it’s handling.

Stolen Data

In a data breach notice filed with Iowa’s attorney general last week, Avis provided details of the data that cybercriminals stole during the August cyberattack. Avis personal data that was stolen includes customer names, email addresses, date of birth, mailing addresses, phone numbers, driver’s license numbers, and credit card numbers and their respective expiry dates.

It remains unclear why the car rental company stored such sensitive customer data in a manner that compromised its security. Texas appeared to have the highest number of affected individuals. The data breach notice filed with the attorney general’s office in the state showed that data belonging to 34,592 individuals was stolen.

Avis is expected to file more data breaches in the coming weeks. It’s unclear whether the number of individuals affected by the breach will increase from the 299,006 reported in the Maine notice.

Security Measures

Avis has advised its customers to remain vigilant amidst the identity theft threat. The company has offered affected customers free credit monitoring with Equifax for 12 months.

“It is always a good idea to remain vigilant against threats of identity theft or fraud. You can do this by regularly reviewing and monitoring your account statements and credit history for any signs of unauthorized transactions or activity. You can contact the credit reporting agencies if you suspect any unauthorized activity” Avis said.

Following the security breach, Avis is working with cybersecurity experts to boost security protection for its business applications, particularly those that were targeted in the breach.

“We have taken steps to deploy and implement additional safeguards onto our systems, and are actively reviewing our security monitoring and controls to enhance and fortify the same,” the company added.

Avis owns the Zipcar and Budget Rent-a-Car brands. The company has over 10,000 car rental locations spread across 180 countries. In 2023, Avis generated $12 billion in revenue.

The post Cybercriminals Steal Personal Data from Avis appeared first on Tech Research Online.

Singularity
AI SIEM 

About SentinelOne

SentinelOne is the world’s most advanced cybersecurity platform. The SentinelOne Singularity Platform detects, prevents, and responds to cyber-attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile a network-connected devices with intelligence, speed, accuracy, and simplicity. Over 11,500 customers— including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments—all trust SentinelOne to Secure Tomorrow. 

The post Singularity™ AI SIEM  appeared first on Tech Research Online.

Strengthening Security
Operations with Data
and AI

About SentinelOne

At SentinelOne, we create autonomous technology solutions that think for themselves. Intelligent, data-driven systems that learn as they are challenged and evolve on their own—making human lives better and the world more secure.

The post Strengthening Security Operations with Data and AI  appeared first on Tech Research Online.

Strengthening Security
Operations with Data
and AI – Infographic 

About SentinelOne

At SentinelOne, we create autonomous technology solutions that think for themselves. Intelligent, data-driven systems that learn as they are challenged and evolve on their own—making human lives better and the world more secure. 

The post Strengthening Security Operations with Data and AI – Infographic appeared first on Tech Research Online.

The Architect’s
Checklist

About SentinelOne

SentinelOne is the world’s most advanced cybersecurity platform. The SentinelOne Singularity Platform detects, prevents, and responds to cyber-attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile a network-connected devices with intelligence, speed, accuracy, and simplicity. Over 11,500 customers— including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments—all trust SentinelOne to Secure Tomorrow. 

The post The Architect’s Checklist appeared first on Tech Research Online.

The Unified Platform
Advantage

About SentinelOne

SentinelOne is the world’s most advanced cybersecurity platform. The SentinelOne Singularity Platform detects, prevents, and responds to cyber-attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with intelligence, speed, accuracy, and simplicity. Over 11,500 customers— including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments—all trust SentinelOne to Secure Tomorrow.

The post The Unified Platform Advantage appeared first on Tech Research Online.

The Art of Threat
Hunting

About SentinelOne

SentinelOne is the world’s most advanced cybersecurity platform. The SentinelOne Singularity Platform detects, prevents, and responds to cyber-attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with intelligence, speed, accuracy, and simplicity. Over 11,500 customers— including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments—all trust SentinelOne to Secure Tomorrow. 

The post The Art of Threat Hunting appeared first on Tech Research Online.

5 Strategies To Defend
Against The Growing
Risk Of Ransomware

About SentinelOne

SentinelOne is pioneering autonomous cybersecurity to prevent, detect, and respond to cyber-attacks faster and with higher accuracy than ever before. Our Singularity XDR platform protects and empowers leading global enterprises with real-time visibility into attack surfaces, cross-platform correlation, and Al-powered response. Achieve more capability with less complexity. 

The post 5 Strategies To Defend Against The Growing Risk Of Ransomware appeared first on Tech Research Online.