Following the news that Gwyneth Paltrow’s daughter was not happy when she shared an image of her online without her consent, McAfee’s research has revealed that 72% of parents don’t even ask their child if they would like their picture to be shared online. Other key findings include: 20% of UK parents share at least one video or photo of their children on social media a day, resulting in approximately 1.3 billion images of children under the age of 16 floating around on social media a year Despite these concerns, nearly a third (30%) of parents share images of children on public social…
ISBuzz Team
A previously unreported advanced banking trojan named Gustuff can steal funds from accounts at over 100 banks across the world and rob users of 32 cryptocurrency Android apps. The threat sells for a monthly subscription of $800 and it was first spotted in April 2018. Its developer promotes it as an upgraded variant of AndyBot banking malware whose activity has been tracked since 2017. The malware includes code to target top international banks such as Bank of America, Bank of Scotland, J.P.Morgan, Wells Fargo, Capital One, TD Bank, and PNC Bank. It also searches for cryptocurrency wallet apps like Bitcoin Wallet, or from services BitPay, Cryptopay, Coinbase,…
New study from Bugcrowd and Enterprise Strategy Group highlights increased reliance on crowdsourced security platforms and DevSecOps for greater application security Bugcrowd, the #1 crowdsourced security company, today released Security Leadership Study – Trends in Application Security. Developed in conjunction with Enterprise Strategy Group (ESG), a leading security industry analyst firm, this survey of 200 CISOs and cybersecurity decision makers in the United States and Canada evaluates the current state of application security, underscoring the importance of next-generation crowdsourced approaches and DevSecOps to quickly find and fix vulnerabilities. “The scope of cybersecurity continues to expand as attackers and defenders develop new strategies and tactics in response…
As reported by the Wall Street Journal this week, Insurers Creating a Consumer Ratings Service for Cybersecurity Industry. The collaborative effort led by Marsh & McLennan would score best products for reducing hacking risk, and some of the world’s biggest insurers plan to work together on an assessment of the best cybersecurity available to businesses, an unusual collaboration that highlights the rising dangers posed by digital hackers. The program, which was launched Tuesday will evaluate cybersecurity software and technology sold to businesses. Marsh will collate scores from participating insurers, which will individually size up the offerings, and identify the products and services…
It has been reported that a critical vulnerability in the Magento e-commerce platform is putting as many as 300,000 commerce sites at risk of card-skimming infections until they install a recently released patch. Magento is reportedly used on over 15 million eCommerce sites. With the proliferation of attacks like Magecart, vulnerabilities like this in Magento can become a serious security risk very quickly. https://twitter.com/Hornetsecurity/status/1111564410785595397 Satnam Narang, Senior Research Engineer at Tenable: “Earlier this week, Magento published a security update to address over 30 vulnerabilities in Magento Open Source and Commerce. Most notable in this release is a patch for PRODSECBUG-2198, an unauthenticated SQL injection vulnerability…
If the UK exits the European Union without a transition deal, we should brace ourselves for a deluge of cyber con-artists offering UK users ‘help’ – all seeking to capture valuable information which can be used for nefarious aims. Expect terms such as EHIC cards and E111 – European Driving License Green Card – to be the new front for sneak attacks to capture your data. The crucial thing that Brits need to be aware of, perhaps more than at any other time, is keeping a calm head and carrying on maintaining high quality security practices. Jake Moore, Cyber Security…
69% of security professionals believe countries with government mandated encryption backdoors suffer an economic disadvantage in the global marketplace Venafi®, the leading provider of machine identity protection, today announced the results of a survey on government-mandated encryption backdoors that evaluated the opinions of 517 IT security professionals attending the RSA Conference 2019. It showed that 73 percent of respondents believe countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. “This is a tense moment for industry professionals because they know backdoors make our critical infrastructure more vulnerable,” said Kevin Bocek, vice president of security strategy and threat intelligence…
A new Kaspersky Report is out today covering the H2 2018, Threat Landscape for Industrial Automation Systems, that almost one in two industrial systems display evidence of attackers attempting malicious activity – in most cases, detected by security software. Ray DeMeo, Co-founder and Chief Operating Officer at Virsec: “The industrial automation space is definitely vulnerable and raising awareness of this is important. However, this report perpetuates outdated models of how to address these advanced security issues and only reports on what perimeter tools like Kaspersky can see – repetitive known malware, used by copycat hackers. Kaspersky refers to the threat…
As reported by BleepingComputer, a report issued by the U.S. Government Accountability Office (GAO), states that Federal Reserve Bank (FRB) systems are exposed to an increased risk of unauthorized access because of security weaknesses found in the U.S. Treasury Department’s computing systems. These security weaknesses included the information systems used by the Treasury Department to keep track of and otherwise manage the federal debt. Experts Comments Below: Steven Rogers, CEO at Centripetal: “There’s not a clear indication yet of what the vulnerability was. It could be something as simple as a bad password, or some other server update that wasn’t…
VAT-registered businesses with a taxable turnover above the VAT threshold are required to use the Making Tax Digital service to keep records digitally and use software to submit their VAT returns from 1 April 2019. Many traditional family run firms, local shops, tradesmen and others – who have submitted Paper VAT returns for a generation or more are going to have to switch to online accounting. While the new system will make VAT collection better and more efficient, it also opens up business to a huge risk from Cyber Criminals, who will be sending ‘Phishing’ emails to businesses, impersonating bookkeepers,…