Following the news that another zero-day vulnerability was discovered in Microsoft’s latest operating systems, security experts commented below. Rahim Jina, COO and Co-founder at Edgescan: “Most of the zero-days reported are local privilege escalation vulnerabilities, meaning that they can only be used when someone already has a certain level of access to the target host. Generally these would be considered less of a risk, since someone trying to take advantage of them would need to circumvent some other layer of security first, in order to make use them. Vendors will typically throw most of their security resources at ensuring that system components which can be…
ISBuzz Team
I recently attended CYBERUK which is the UK government’s flagship cybersecurity event hosted by the National Cyber Security Centre (NCSC). The event features world-class speakers, and opportunities for interaction between the public and private sectors. It was a fascinating couple of days, partly as Becrypt is working with government on projects featured at the event, but it was also a great opportunity for the Cyber Growth Partnership (CGP) Assurance Working Group, of which Becrypt is a member, to promote cross-industry and government collaboration towards common objectives. One area in particular that CGP and the High Assurance UK industry association (HAUK) are focused on is around how to…
The BBC is reporting that tube commuters in London will have their mobile Wi-Fi data collected from July as a part of a scheme to improve journeys. Paul Norris, Senior Systems Engineer, EMEA at Tripwire: “It is important that these mass-collections of data are monitored and regulated. There is nothing inherently risky in collecting information that will help improve the logistics of operations, but customers should be informed that a certain type of data will be recorded and asked whether they wish to opt out. This will likely happen through an additional disclaimer to which users will have to agree before…
Bleeping Computer reports that cybercriminals have upgraded their credit card skimming scripts to use an iframe-based phishing system designed to phish for credit/debit card info from Magento-powered store customers on checkout. The criminals injected their credit card stealer scripts within every page of the hacked websites and configured it to pop-up as a phishing form asking the buyers to provide the info themselves. Expert Comments: Colin Bastable, CEO at Lucy Security: “My first reaction is that this is a very elegant solution that shows how organized crime is totally committed to stealing your money, your credit card info and your PII. These are smart and…
It has been reported that TalkTalk failed to inform some 4500 people that their data was compromised in the 2015 breach. Viewers contacted BBC Watchdog Live about concerns that their details had been breached by TalkTalk. But the company had told them that their details were not compromised. The BBC consumer show investigated and found the personal details of approximately 4,500 customers available online after a Google search. The details included full names, addresses, email addresses, dates of birth, TalkTalk customer numbers, mobile numbers and bank details for thousands of customers. The information is likely to have been online since the breach, without the knowledge of the people affected. …
A new variant of the Trickbot banking trojan has been discovered by security researchers at Trend Micro* that is using a redirected URL in spam email to spread malware. The redirected URL is a way to get around spam filters. Expert Comments: Mike Bittner, Associate Director of Digital Security and Operations at The Media Trust: “Compromising legitimate websites by injecting malicious code is becoming a popular attack method. The targets of such attacks are the third parties that provide the app and execute their code outside the web operator’s IT perimeter. Bad actors know that many web app developers don’t…
A security researcher has published today demo exploit code on GitHub for a Windows 10 zero-day vulnerability. The zero-day is what security researchers call a local privilege escalation (LPE), ZDNet reported. LPE vulnerabilities can’t be used to break into systems, but hackers can use them at later stages in their attacks to elevate their access on compromised hosts from low-privileged to admin-level accounts.According to a description of the zero-day posted on GitHub, this vulnerability resides in the Windows Task Scheduler process. Craig Young, Principal Security Researcher at Tripwire: “Although this is not the type of flaw which could readily be abused by malware or remote attackers,…
Not content with bringing TV, broadband and phone services to your home, Comcast is now developing a healthcare device that will use sensors to monitor your vitals and habits. According to TechRadar, Comcast’s device will use sensors to monitor whether you’re spending more time in bed than normal, and whether you’re making more trips than usual to the bathroom, as frequent bathroom breaks can be a sign of digestive or prostate problems that are much easier to treat if caught early. The devices won’t connect to other smart home appliances, but it will have a ‘personality’ like a virtual personal assistant, with…
More than half of organisations enforce encryption of data on all mobile devices and removable media Apricorn, the leading manufacturer of software-free, 256-bit AES XTS hardware-encrypted USB drives, today announced findings from a survey highlighting the rise in encryption technology post GDPR enforcement. Two thirds (66%) of respondents now hardware encrypt all information as standard, which is a positive step considering over a quarter (27%) noted the lack of encryption as being one of the main causes of a data breach within their organisation. This is in contrast with last year’s survey where only half enforced encryption of data, or were completely confident in their…
It was reported this morning that when some users noticed on Tuesday that when they tried to access LinkedIn from their desktop or laptop computer they were greeted by an alert that said the connection was not secure. It turned out that the company had forgotten to renew the TLS certificate for its lnkd.in URL shortener. The company quickly took action after being notified. The new certificate is valid until May 2021: https://twitter.com/carlLsecurity/status/1130858858736508928 Kevin Bocek, Vice President of Security Strategy and Threat Intelligence at Venafi: “Certificates control communication and authentication between machines so it’s critically important not to let them expire unexpectedly. Unfortunately, most organizations don’t…