News broke that Gearbest, a Chinese online shopping giant, exposed 1.5 million records on an Elasticsearch server that was not protected with a password, allowing anyone to search the database. The exposed information includes names, addresses, phone numbers, email addresses, customer orders, products purchased, and in some cases, passport numbers and other national ID data. Gearbest ranks as one of the top 250 global websites, and serves top brands, including Asus, Huawei, Intel and Lenovo. The researcher that discovered the exposed Elasticsearch server also found a separate exposed web-based database management system on the same IP address, allowing anyone to manipulate or disrupt the…
ISBuzz Team
Researchers have uncovered a new cybercrime campaign that is targeting restaurants, cinemas and other retailers in the entertainment and hospitality industries with point-of-sale (POS) malware, with the aim to steal credit card information from customers. Going by the name of DMSniff, the malware is thought to have originated in 2016 but has managed to keep a low profile since. The key targets of DMSniff are small- and medium-sized companies that rely heavily on card transactions, such as the food, hospitality and entertainment industries. What makes this malware unique is its ability to use a domain generation algorithm (DGA) to create command-and-control domains on the fly, helping it to resist takedowns and bypass simple blocking mechanisms. This is…
A new, stealth, point-of-sale malware campaign has been discovered by Flashpoint that targets the hospitality and entertainment industries to skim credit card information. Don Duncan, Security Engineer at NuData Security: “The hospitality and entertainment industries have been hit particularly hard this year by cybercriminals. Point of sale (POS) devices on the network have been the bullseye for hackers who are skimming credit card information at an alarming rate and this stealth malware campaign is a prime example. While keeping POS machines updated is a good defense, cybercriminals are going to continue to find ways to break through. However, companies can mitigate the damage…
It has been reported that at this week’s Open Source Leadership Summit, the Linux Foundation announced the Red Team Project. This has been set up as an incubator for open-source Red Team security tools. These include programs that support cyber range automation, containerised pentesting utilities, binary risk analysis, and standards validation programs. Thomas Richards, Network and Red Team Practice Director at Synopsys: “This project is a great idea. Red Teaming is becoming more important for organisations as their security program matures. We are seeing more companies create in-house Red Teams to simulate adversaries attacking the organisation. These simulations allow the organisation to improve their defence posture by validating if their security controls are functioning properly. Curating these tools…
Legislation was introduced Monday that would create cybersecurity standards for internet-connected devices, the “internet of things.” The Internet of Things (IoT) Cybersecurity Improvement Act of 2019, introduced in the Senate by Sens. Mark Warner (D-Va.) and Cory Gardner (R-Colo.) and in the House by Reps. Will Hurd (R-Texas) and Robin Kelly (D-Ill.), would require established standards for government use of the devices. Kenta Yasukawa, Co-founder and CTO at Soracom: “Security concerns represent the single biggest obstacle to IoT development and public adoption. It remains one of the biggest challenges in IoT, not because it can’t be done right but because projects often prioritize…
A ransomware attack on the Committee for Public Counsel Services (CPCS), the agency overseeing public defenders in the US, has caused a major slowdown – disabling email systems, delaying some hearings, and holding up payments for the private attorneys who represent clients. They are not alone, Jackson County Georgia also reported paying out $400,000 in ransom last week. Following this, Allan Liska, Senior Solutions Architect (and ransomware expert) at Recorded Future commented below, on why government agencies are attractive targets for cybercriminals. Allan Liska, Senior Solutions Architect at Recorded Future: “From library systems in South Carolina, to towns in Alaska, and even cities…
Research by Sophos has revealed that almost half of UK businesses have been compromised by phishing attacks in the last two years. The research explained that bigger firms (those with between 500 and 1,000 employees) are more likely to be affected by such attacks, despite 78% of them offering their staff enhanced cybersecurity training, compared to just 50% of businesses with 250 or fewer employees. https://twitter.com/JayJKelley/status/1105968047037255680 Experts Comments below: Tim Sadler, CEO at Tessian: “As this research demonstrates, cybersecurity training isn’t a solution in itself. While it can educate employees on the tell-tale signs of phishing emails, it can’t instil total vigilance or…
Seemingly, the next evolution of technology will hinge on the successful launch of 5G. Driverless cars, video communication, remote devices, instant streaming and smart cities– all rely on pervasive and constant internet connection. As we come to grips with a constantly connected world where all of our devices ‘talk’ to each other, industries will find new and innovative use cases. Yet, considering the number of hacks and data breaches that occur already, are we prepared for what 5G and this instant interconnection will bring? Former Ofcom Director and Senior IEEE Member, Professor William Webb, believes that 5G doesn’t inherently bring more benefits or security issues…
Digital inclusion is the ability of individuals to access and use information and communication technologies (ICT). Even in today’s hyper-connected and technologically advanced world, there are still those who struggle to access basic IT and are being excluded as a result. In fact, according to recent research, 11.5m people in the UK lack the basic digital skills they need to use the internet effectively. And 4.8m people never go online at all. Limited digital access can have a negative impact on a person’s life, leading to isolation, financial exclusion and a lack of access to government services. Ultimately, those who…
A suspected DDoS attack has taken down the world’s largest social media companies. Facebook, Instagram, WhatsApp and more are all suffering for problems that are stopping people getting online through websites and apps.It is not clear if the outages are connected. But they all mysteriously began at the same time, and are being felt across the world. Tim Helming, Director of Product Management at DomainTools: “If this does turn out to be a DDoS attack, it underscores that this kind of attack is among the more intractable methods, because even the most sophisticated DDoS mitigation technologies–which Facebook likely has at their disposal–have their limitations. Because DDoS relies…