Security researchers have a found security flaws in the popular Thunderbolt port. If exploited, attackers could access the contents of a locked devices’ hard drive within minutes, even if it is locked, password protected or has an encrypted hard drive.
ISBuzz Team
Pitney Bowes has been attacked by Maze ransomware for the second time in 7 months. The Maze gang has been very active this year, being behind a large number of high-profile ransomware infections, such as Chubb, Cognizant, Bouygues Construction, Southwire, the city of Pensacola, and more.
New-Generation Governance, Risk and Compliance are Critical in SAP Environment 2020 will be remembered as the year of an almost worldwide lockdown caused by a virus. What could be next? The 2019 WEF Report on significant global threats lists cyberattacks and data fraud as high-impact threats in the near future. This underscores the fact that Governance, Risk and Compliance (GRC) is becoming increasingly critical within organisations, and the stakes are higher than ever should businesses fail to get it right. We’re living through an era hallmarked by a rapid increase in the rate of change in the marketplace. Organisations are…
A recent report suggests that 73% of employees have not received remote working cybersecurity guidance. With the increased use of devices and less support from IT departments, how can individuals stay safe at home?
MobiFriends, a popular dating app, announced it suffered a data breach today impacting more than 3.6 million users. The data obtained from this breach includes email addresses, passwords, gender information and phone numbers. Additionally, the stolen passwords were encrypted with MD5, a weak hashing function.
It was announced this morning that email addresses, mobile numbers, dates of birth, gender information, usernames, app/website activity and passwords of 3,688,060 users registered on the MobiFriends dating app have been posted online earlier this year and are now available for download. The data was obtained in a security breach that took place in January 2019, according to a hacker who initially put the data up for sale on a hacking forum. Details about how the MobiFriends hack and how the app’s user data was obtained are currently unknown.
New global poll from Leonne International of over 1,000 business decision-makers reveals that over one third of companies have axed IT staff and half have cut IT Budgets due to Covid-19 concerns – despite an increase in data security concerns. 37 per cent of companies have made members of their IT staff redundant or placed them on furlough schemes, according to global research commissioned by Leonne International, the private equity firm. Out of 1,116 business decision makers from the UK, US, France and Germany surveyed by independent polling agency Censuswide, 418 admitted to removing IT staff since the Covid-19 pandemic started. Similarly,…
The Thunderbolt port found in millions of PCs can be exploited by hackers to read and copy all stored data, according to new research from Eindhoven University of Technology. With just a few minutes of physical access to the PC, the technique discovered by Björn Ruytenberg can bypass the login screen of sleeping or locked computer—and even its hard disk encryption—to gain full access to the computer’s data. This attack leaves no trace of inclusion, so those effected would not realize that their data had been compromised. Rutenberg says there’s no easy software fix, only disabling the Thunderbolt port altogether.
As a result of the COVID-19 measures, business leaders are focusing on maintaining employee productivity – with little time for the typical due diligence that would usually be applied. Unfortunately, this is the reality of the world we currently live in, but we are all in the same boat for the foreseeable future. The impact of our current normal varies greatly. How a business had to react is heavily influenced by how the organisation operated before the current crisis. Some organisations were highly mobile already and simply needed to enable the remaining staff that were office-based. Other businesses had to…
Following reports from The Daily Swig, it was found that a security researcher has developed an leftfield technique for extracting data from air-gapped systems that relies on hacking power supplies. The Mission Impossible-style approach, dubbed ‘POWER-SUPPLaY’, relies on creating an acoustic covert channel by turning a PC’s power supplies into speakers. The technique, developed by Israeli security researcher Dr Mordechai Guri, is capable of working on secure air-gapped PCs, even in cases where the owners have taken the extra precaution of disabling audio hardware and forbidding the use of loudspeakers. Providing attackers can first get the POWER-SUPPLaY malware onto the hardware then servers, PCs and IoT devices might…