Yesterday, the Foreign Policy Research Institute stated that deepfake videos could spark violent outbreaks and social unrest. Commenting on this, Kelvin Murray, Senior Threat Researcher at Webroot, believes that deepfakes hold little use in today’s society, but will continue to evolve as more advanced technology becomes available. Kelvin Murray, Senior Threat Researcher at Webroot: “Deepfakes create a number of very real concerns for enterprises and individuals. For example, in the cybersecurity realm, we know that this technology is now being used to create high fidelity phishing attacks where the phishing target (financial institution, health care provider, auction site, email provider) is indistinguishable from the real entity.…
ISBuzz Team
VPN protocols define how data is running between the VPN server and your computer or smartphone. Each VPN protocols has its own specification that provides advantages (and sometimes disadvantages) in a wide variety of circumstances depending on your goals. For example, some VPN protocols focus on download speed, while other protocols prioritize security and privacy. There are also protocols designed for stable connections. Each modern VPN provider offers subscribers the ability to select between several VPN security protocols depending on each subscriber’s goals balancing the degree of privacy and download speed required in each particular situation. Each protocol encrypts data…
Hackers that tried to interfere with the safety systems of an industrial plant are now looking at power utilities too, according to a cybersecurity company. Dragos identified the XENOTIME activity group expanded its targeting beyond oil and gas to the electric utility sector. This expansion to a new vertical illustrates a trend that will likely continue for other ICS-targeting adversaries. https://twitter.com/Psychsoftpc/status/1139926794759524353 Expert Comments: Tim Mackey, Principal Security Strategist at Synopsys CyRC (Cybersecurity Research Center): “With digital sensors and computing devices within industrial plants having life-spans far exceeding those of commercial devices, a comprehensive patch management strategy designed with a detailed understanding of the…
HelpNet Security reported today that ASCO Industries, a privately held company acquired by Kansas-based Spirit AeroSystems in 2018, has been hit by a ransomware attack that disrupted its production around the world. Experts Comments: Tim Erlin, VP, Product Management and Strategy at Tripwire: “This isn’t the first manufacturer to be hit by ransomware and it won’t be the last. Ransomware is successful when victims actually pay the ransom. It might seem like a simple solution to the ransomware problem would be to stop paying the ransom, but that’s easier said than done when your data, and your business, are being held hostage. The best…
Outlaw hackers return with cryptocurrency mining botnet. The group is using Chinese victims as guinea pigs to try out their malware. The Outlaw hacking group has reemerged and is once again on the radar of cybersecurity researchers following the detection of a botnet attacking systems to mine for cryptocurrency. The botnet spreads a miner for Monero (XMR). After a honeypot operated by the cybersecurity firm detected a URL spreading the botnet, the miner was found to be bundled with a Perl-based backdoor component and an SSH backdoor, both of which are elements associated with previous Outlaw attacks. https://twitter.com/Childscoin/status/1139426489022201857 Expert Comments: Jake Moore,…
It has been reported that businesses in the UK lose an average of two-and-a-half months per year in time spent dealing with poor password management, according to new research. As detailed in its report Password Practices 2019, OneLogin surveyed 600 global IT professionals to gauge how companies are protecting passwords in terms of tools, guidelines and practices. https://twitter.com/IntellisuiteTec/status/1136263979679080448 Justin Fox, Director of DevOps Engineering at NuData Security: While password-based authentication is irrevocably broken for authentication of users – whether employees or otherwise – this is still concerning and shows that humans continue to be the biggest risk factor in secure systems. In this case,…
The network is the backbone of almost every organisation today. When it is not available productivity falls, the business loses money and its reputation suffers. Typically, the network and its efficient operation is fundamental to the organisation’s success. And yet trends like remote working and virtualisation, while they help drive business flexibility and productivity, may also make the network more vulnerable. As the IT industry has become more virtualised, with the ongoing migration to the cloud, the emergence of the Industrial Internet of Things and the rise of connectivity, the network becomes more complex and difficult to manage. As more people decide to work from home…
A critical flaw in the Evernote Web Clipper Chrome extension could allow potential attackers to access users’ sensitive information from third party online services. Once Chrome’s site isolation security feature is broken, user data from accounts on other websites is no longer protected and this allows bad actors to access sensitive user info from third-party sites Affected approximately 4,600,000 users https://twitter.com/aglongo/status/1139073434271567877 Expert Comments: Javvad Malik, Security Awareness Advocate at KnowBe4: “Add-ons, extensions, and other third-party apps always carry some degree of risk. Companies should be careful in vetting which extensions are allowed within the corporate environment. In this case, in order to exploit the…
As part of our experts Comments Series, Dr Guy Bunker, CTO at Clearswift Cyber Security commented below on the subject of the recent use of DDOS attacks on the messaging app Telegram, which the founder of Telegram states was a concerted state-sponsored attack intended to disrupt the Cantonese anti-extradition protests. Dr Bunker discusses the ways in which the attack may have been carried out, as well as how firms can protect themselves from such attacks. Dr Guy Bunker, CTO at Clearswift: “DDoS attacks can be carried out in a number of different ways, and it has become increasingly simple to ‘hire’ a botnet to…
It has been announced that ASCO, one of the world’s largest suppliers of airplane parts, has ceased production in factories across four countries due to a ransomware infection reported at its plant in Zaventem, Belgium. As a result of having IT systems crippled by the ransomware infection, the company has sent home approximately 1,000 of its 1,400 workers. Experts Comments: Andrea Carcano, CPO of Co-founder at Nozomi Networks: “The attack against ASCO has once again highlighted the dangerous power of ransomware. The attack has brought operations to a halt and resulted in over a thousand employees being sent home…