UK ‘Wholly Unprepared’ For A Critical Infrastructure Cyberattack

News broke today that ministers are failing to act with “a meaningful sense of purpose or urgency” in the face of a growing cyber threat to the UK’s critical national infrastructure (CNI), a parliamentary committee has warned. The joint committee on national security strategy said at a time when states such as Russia were expanding their capability to mount […]

Building the Case For SOC/NOC Integration

SOC/NOC Integration Breeds Increased Efficiency and Effectiveness SOCs (security operations centers) and NOCs (network operations centers) both serve vital functions in your network. And while each serves a different function, significant overlaps exist that can be leveraged to create more efficiency and effectiveness in your organization. SOC staff must assess and respond to security events […]

Third Parties Are A Rising Security Risk To Organisations

Javvad Malik

The Ponemon Institute surveyed more than 1,000 CISOs and other security and risk professionals across the US and UK to understand the challenges companies face in protecting sensitive and confidential information shared with third-party vendors and partners. According to the findings, 59 percent of companies said they have experienced a data breach caused by one of their vendors […]

Vision Direct Breached, Affecting Thousands of Customers’ Data

Vision Direct, a UK-based contact lens retailer, has exposed at least 16,300+ customers’ personal data, including payment card numbers, expiration dates and CVV codes in a breach affecting its UK site and local versions in Ireland, the Netherlands, France, Spain, Italy and Belgium. In a statement, Vision Direct said that customers who entered their details […]

How To Navigate Black Friday And Cyber Monday Without Getting Scammed Or Hacked

With Black Friday and Cyber Monday almost upon us, please see below for commentary from cybersecurity experts on how to navigate both shopping days without getting scammed or hacked. Tim Mackey, SeniorTechnical Evangelist at Synopsys: “The core challenge as I see it relates to either inbound email ads or people searching for great deals and […]

Vision Direct Breach

European online contact lens supplier Vision Direct has revealed a data breach which compromised full credit card details for a number of its customers, as well as personal information. Compromised data includes full name, billing address, email address, password, telephone number and payment card information, including card number, expiry date and CVV. IT security experts […]

Emotet Banking Trojan Loves U.S.A Internet Providers

According to new data by TrendMicro, attackers utilising the Emotet banking Trojan predominantly used internet providers located in the U.S.A. to host their Command & Control infrastructure. In a recent blog post, TrendMicro states that the United States of America, with a 45% share, hosts more Emotet C2 infrastructure through Comcast, followed by Mexico and Canada. The top 3 ASN […]

Make-A-Wish Website Compromised For Cryptojacking Operation

It has been reported that the Make-A-Wish foundation’s international website has been loaded with cryptomining malware scripts. Researchers with Trustwave say the site was compromised via a Drupal exploit and seeded with malicious JavaScript that enlisted the CPU cycles of visitor’s machines to covertly generate cryptocurrency. Gavin Millard, VP of intelligence at Tenable: “This appears to be an opportunistic […]

Online Payment Fraud Losses

Juniper Research is predicting that annual online payment fraud losses from eCommerce, airline ticketing, money transfers and banking services, will reach $48 billion by 2023 which is up from the $22 billion in losses projected for 2018. Ryan Wilk, VP of Customer Success at Nudata Security: “With complete user identities available on the dark web due […]

Fake Biometric Fingerprints Can Mimic Real Ones – “Deep Master Prints” Research

New findings from New York University Tandon and Michigan State University on “synthetic biometrics”  show how fake biometrics can potentially be used:  DeepMasterPrints: Generating MasterPrints for Dictionary Attacks – here’s the Guardian story on this: Fake fingerprints can mimic real ones in biometric systems.  In response, a cybersecurity expert with OneSpan offers perspective. Sam Bakken, Senior Product Marketing Manager at OneSpan: […]