The Department of Homeland Security has just refreshed its list of the 25 Most Common Software Weaknesses: here’s the DHS intro link and the Mitre link with specific CWEs.
ISBuzz Team
Public sector organisations in the UK are in the midst of changing cyber security regulations. In mid-2018, the Government, in collaboration the NCSC, published a minimum set of cyber security standards. These standards are now mandated, along with a focus on continually “raising the bar”. The standards set minimum requirements for organisations to protect sensitive information and key operational services, which – given the way in which these services are increasingly dispersed – is driving significant changes in public sector network architecture and security. In addition to setting today’s ‘minimum’ standards, however, the guidance also sets a target date of…
According to this link: (https://www.microsoft.com/security/blog/2019/11/26/insights-from-one-year-of-tracking-a-polymorphic-threat/,) A Dexphot campaign was first spotted in October 2018 affecting thousands of computers, with attackers upgrading the malware over the following months to a level that left little to analyse. The threat had a surge in mid-June this year, when it landed on tens of thousands of computers. Towards the end of the month the attacks subsided, less than 20,000 machines exhibiting Dexphot activity. By the end of July, the malware was seen on less than 10,000 machines every day. For about a year, security researchers at Microsoft tracked the malware observing the combination of methods that…
Creator of The World Wide Web Tim Berners-Lee has proposed “The Contract for The Web” – a new framework to protect online privacy and personal data featuring nine guiding principles.
2019 has been another unprecedented year for cyber threats, with some of the world’s biggest technology companies, banks, political parties and even nation-states all coming under attack. It would seem that no one is safe. Our trust in the digital world and in the companies that have responsibility over, and access to, our data is quickly eroding. As a result, earlier this year, The Human Rights Committee began its inquiry into the ‘right to privacy and the digital revolution’ following reports that UK citizens do not understand what happens to their data. New risks such as deepfakes are presenting an…
Security researchers have identified an exposed database belonging to online printing giant, Vistaprint. A spokesperson from Vistaprint has confirmed the unencrypted database exposed data from customers in the US, UK and Ireland. https://twitter.com/NRG_fx/status/1199435138653937668
With Black Friday and Cyber Monday coming up fast, here are security and privacy tips for online shopping from experts with KnowBe4 and Cequence Security.
Security researchers found that a cheap smartwatch made in China for children, called M2, was exposing the personal details and location information of more than 5K children and their parents. This is particularly timely with holiday shopping in full swing.
As part of our expert comment series, please find below commentary from an AT&T Alien Labs researcher on a new strain of ransomware called DeathRansom, which, according to Bleeping Computer, is beginning to make a name for itself. Passing along the below commentary in case you’re covering the ransomware now or in the future when an organization gets hit with an attack.
With Computer Security Day round the corner, it reminds us to keep our data secure as we continuously provide personal information to web applications.