Following news that British Airways is facing a lawsuit for its failure to protect the personal data in 2018, please see the comment below from cybersecurity experts.
ISBuzz Team
Two vulnerabilities have been found in the WordPress plugin “Orbit Fox by ThemeIsle” used by more than 400,000 sites. One made it possible for attackers with contributor level access or above to escalate their privileges to those of an administrator and potentially take over a WordPress site.
The theft of some elected official’s devices during last week’s breach at the Capitol Building have been widely reported, raising fresh security concerns around managing device risk and preventing devices from becoming an entry point to a building and its network. Basic measures like ensuring two factor authentication and making sure screen auto lock is enabled on laptops and computers is important, but beyond the basics, businesses need to consider other IoT devices on the premises that could provide an entry point for attackers.
New findings from Imperva reveal that as the first vials of COVID-19 vaccines were disseminated in December, a 51% increase in web application attacks on healthcare targets occurred. Imperva’s data shows the healthcare industry experienced 187 million attacks per month globally, on average, or roughly 498 attacks per organization each month – a 10 percent y/y increase year-over-year. Experts with Gurucul and Point3 Security offer perspective.
Global survey uncovers evolving attitudes about cloud networking More than three-quarters of organisations are now using multiple cloud providers, such as Amazon Web Services, Microsoft Azure, and Google Cloud Platform, says new research from Barracuda, a trusted partner and leading provider of cloud-enabled security solutions. The findings also revealed that, despite growing confidence in public cloud, 56 per cent of respondents are struggling to ensure seamless availability and “always-on” access to cloud applications for their organisations, nearly 70 per cent experience latency and performance issues running SaaS workloads, such as Office 365, and, more than 60 per cent say their MPLS costs increase…
Please see below for comment by cybersecurity experts on the breaking news that the largest illegal marketplace on the dark web, DarkMarket has been taken down by Europol.
In response to the news that Signal is seeing a huge increase in demand following updates to WhatsApp’s privacy terms and conditions, please see below comments from cybersecurity experts who question whether Signal really is the best alternative.
It has been reported that Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as routers, network video recorders, security cameras and access control systems, is urging customers to change their passwords and enable multi-factor authentication. The company says an incident at a third-party cloud provider may have exposed customer account information and credentials used to remotely manage Ubiquiti gear. In an email sent to customers, Ubiquiti said it recently became aware of “unauthorized access to certain of our information technology systems hosted by a third party cloud provider,” although it declined to name that provider.
It has been reported that businesses faced a 20% rise in cyber security threats last year versus 2019, with the first COVID-19 lockdown in March serving as the catalyst for a year of increased efforts to infiltrate corporate networks. Businesses in the UK each faced 686,961 attempts on average to breach their systems online in 2020, according to specialist internet service provider Beaming. This equates to an attempted attack every 46 seconds, with 2020 proving to be the busiest year on record for cyber-attacks.
As reported by TechRadar, a hacker has leaked a massive trove of content published to social media platform Parler, which is said to have been used to orchestrate the assault on the US Capitol Building last week. The right-leaning social network is currently offline after Amazon Web Services shut it down for violating the content moderation policy. The hacker was able to scrap 70TB of posts, messages and videos, all of which are linked to the accounts that published them.