HSBC Outage

Cybersecurity, Meet Software Asset Management

Following the news about the recent HSBC outage, Guillaume Ayme, IT Operations Evangelist at Splunk commented below. Guillaume Ayme, IT Operations Evangelist at Splunk: “Any service downtime or IT outage that means customers cannot access their financial data puts pressure on the bank or building society responsible. According to recent research into IT outages carried […]

Could You Hack Into A Car? If So, A Cyber Security Career Awaits!

Outdated Security is Making Car Theft Simple

Protection Group International host the first Cyber Security Challenge UK face-to-face competition of 2017 30 of the UK’s top amateur cyber defenders battle to protect connected car company from cyber-attack, reflective of the 2016 Mirai DDoS IoT Botnet attack Top performers from the day invited to Masterclass competition where they could be recruited by UK’s […]

First Practical SHA-1 Collision Attack

Researchers have unveiled the first practical collision attack for the 22 year old cryptographic hash function SHA-1. While long expected, news of the attack, dubbed ‘SHAttered,’ should further accelerate the urgency of sunsetting of the maligned algorithm. Lamar Bailey, Sr. Director, Security R&D at Tripwire commented below. Lamar Bailey, Sr. Director, Security R&D at Tripwire: “Cryptographic […]

To The Cloud, But Securely

By now, you’ve seen some breakdown of SaaS vs. PaaS vs IaaS, with respect to security. You’ve also probably seen the most common piece of security advice, which is “patch your (stuff)”. For Software-aaS, the service provider handles patching and system maintenance. Your security concerns are going to be negotiated in all sorts of legal […]

UK Robotics Research Gets £17.3m Pledge

Following news that UK robotics research will get a £17.3m pledge from government, Paul Canberra vice president EMEA at BMC Software commented below on the need for a shift in debate when it comes to robotics in the workplace. Paul Cant, Vice President EMEA at BMC Software: “It is clear that robotics, automation and artificial intelligence are set to change many […]

Cloudflare User Data Leak (Uber, OKCupid, Fitbit User Data Compromised)

As reported by several news organizations, several major consumer-facing organizations – including Uber, Fitbit, 1Password and OKCupid – were impacted by a ‘memory leak’ vulerability suffered by Cloudflare – a content delivery network and Internet security services provider.  IT security experts from Prevoty and CipherCloud commented below. Kunal Anand, CTO and Co-Founder at Prevoty: “I’ve been following this […]

World’s Largest Spam Botnet Adds DDoS Feature

Following the news that Necurs, the world’s largest spam botnet with nearly 5 million infected bots, of which one million active each day, has added a new module that can be used for launching DDoS attacks. Ben Herzberg, Security Research Group Manager at Imperva Incapsula commented below.  Ben Herzberg, Security Research Group Manager at Imperva Incapsula: “It […]

Underestimating The Attack Severity In The Krebs Altair Breach Notification Story

Krebs on Security recently reported on the suppression of a particularly insidious breach at Altair Technologies, but an even bigger story may be the impressive efficiency of this attack. Jeff Hill, Director, Product Management at Prevalent, Inc commented below. Jeff Hill, Director, Product Management at Prevalent, Inc: “Ironically, Altair’s awkward attempt to cover up or otherwise downplay […]

These Are Some Of My Favourite Things

As an Expert Witness, Digital Forensics First Responder Investigator, and a provider of specialist training in the disciplines of in-depth Cyber Security Management, and Digital Forensics and Investigations, to underpin both operational engagements, and my academic teaching, and training commitments in Dubai for Meirc, I need to selected a trusted tool-sets and utilities to support […]

Security Lapse That Exposed Critical Servers At A NYC Airport

Security researchers have found a security lapse at Stewart International Airport that exposed server backups to the Internet for more than a year. The backups contained sensitive information including one file with a list of usernames and passwords for various devices and systems, allowing full access to the airport’s internal network. The drive was installed […]