Being reliable makes collaboration viable. When video conferencing is backed by a secure cloud architecture and rigorous control processes, the ability to effectively manage risk and avoid service outage makes enterprise communications seamless in today’s ‘always-on’ economy. With the rapidly changing and unpredictable nature of global business, it is vital for those wishing to lead industries, that they build their enterprises on robust communication tools. Cloud-based video conferencing solutions enable enterprises to be more productive and reduce the burden of IT infrastructure. However, business leaders also need assurances that they and their employees’ data remain secure when using these solutions.…
ISBuzz Team
It has been reported that a popular family tracking app was leaking the real-time locations of more than 238,000 users for weeks after the developer left a server exposed without a password. The app, Family Locator, built by Australia-based software house React Apps, allows families to track each other in real-time, such as spouses or parents wanting to know where their children are. It also lets users set up geofenced alerts to send a notification when a family member enters or leaves a certain location, such as school or work. But the backend MongoDB database was left unprotected and accessible by anyone who…
It has been reported that the Federal Emergency Management Agency’s (FEMA) has disclosed a data leak that exposed banking details and other personal information of 2.3 million survivors. Expert Comments Below: Tim Mackey, Senior Technical Evangelist at Synopsys: “At the risk of becoming political, the disclosure by FEMA that it released identifiable information to a contractor about requests made by disaster victims for temporary housing shows the lack of controls in place within organisations around PII. Once disclosed to the contractor, FEMA likely lost visibility into what data sharing and controls were around this information. That the name of the contractor was redacted from the…
Reports from Kaspersky Lab researchers found out that computer giant ASUS installed a malicious backdoor last year on thousands of users’ computers after a server for its live software updates was hacked, and issued legitimate ASUS digital certificates with bogus software updates. https://twitter.com/business/status/1110406960866906112 Experts Comments Below: Colin Little, Senior Threat Analyst at Centripetal Networks: “The ASUS backdoor exposes a trusted-vendor’s channel compromise distribution vector, which has historically caused damage world-wide. For example, the NotPetya cyber weapon, which was unleashed on the Ukraine in 2017, used the same distribution vector from a popular accounting software provider (ref ). “When we consider this history, we plainly see the…
News recently broke that the emails of over 350k clients of the Oregon Department of Human Services (DHS) have potentially been compromised after 9 employees were the target of a spear phishing campaign. It left 2 million emails potentially exposed. https://twitter.com/4iQ/status/1109121253401604096 Expert Comments Below: Jonathan Deveaux, Enterprise Data Protection Specialist at comforte AG: “It seems no matter how much training and awareness that is provided, the human element remains the weakest link in the cybersecurity chain. The problem is not entirely the employees’ faults, as hackers and attackers are improving their tactics to trick employees into clicking on links infested with malware.…
The US Customs and Border Protection program called Biometric Exit has already been rolled out in 17 airports in the US. While passenger convenience is enhanced, there are some privacy concerns that have been raised. https://twitter.com/stshank/status/1108845390214815744 Expert Comments Below: Ryan Wilk, VP of Customer Success at NuData Security: “Convenience versus privacy will be one of the biggest issues that the US will grapple with over the next few years. For airports, sporting events and brick and mortar stores, facial recognition would be convenient and easy to move people through at a faster pace. Facial recognition combined with passive biometrics can…
The Easy WP SMTP Plug-in that is used by WordPress site owners to configure the SMTP settings of their site server’s outgoing emails, is being leveraged by hacker groups to create backdoor admin accounts and redirecting users to tech support scams. Both NinTechNet and Defiant – cybersecurity companies have reported the attacks. https://twitter.com/TropicsNet/status/1109977787576647682 Brandon Chen, Digital Security & Operations Manager at The Media Trust: “Thoroughly vetting plugins, ensuring they’re up to date and executing only authorized tasks, and removing them when they’re no longer needed, are all part of protecting users from identity and financial theft. Each plugin represents at least a few attack surfaces, because…
The last 12 months have seen a shift in how enterprises view automation and its benefits to their security and DevOps teams. Last year, it was found that more than three-quarters of organisations would like the ability to automate some of the day-to-day manual tasks related to their security information and event management (SIEM) systems. Yet, many of those businesses also admitted they are concerned about executing automation because they do not have the employees with the right skillset to make it work. When you consider these findings alongside the ever-increasing skills gap in the IT sector, it has become apparent that organisations have…
Yesterday UK Finance, the UK’s industry trade body, published its annual report into the UK’s payment industry fraud, Fraud the Facts 2019. The report reveals that in 2018: Criminals stole £1.2 billion through fraud and scams: Unauthorised financial fraud losses across payment cards, remote banking and cheques totalled £844.8 million, an increase of 16% compared to 2017 Authorised push payment scams resulted in gross losses of £354.3 million. Banks and card companies prevented £1.66 billion in unauthorised fraud, equivalent to £2 in every £3 of attempted fraud being stopped Remote banking fraud losses, made up of internet banking, telephone banking and mobile banking, was down by 2% But mobile…
Global research has revealed the scale and quantity of DDoS (Distributed Denial of Service) attacks increased significantly across 2018 with attacks reaching 400Gbps in size or larger. EfficientIP secures brands including Netflix, IKEA and the London Stock Exchange against exactly these types of attacks. Specialists in network security with expert knowledge in DDoS attacks, its latest Global DNS Threat Report shows: Although attacks 400Gbps or larger now occur, they only represent 5% of attacks. The majority are between 5 and 10Gbps. Not as powerful but still enough to cause significant damage. The average attack has increased 57% in cost from $455,000 in 2017 to $715,000 in 2018. 23%…