Huawei founder and CEO, Ren Zhengfei, pledged in an interview that Huawei will not to share any customer information with the Chinese government. https://twitter.com/Edward_Tse/status/1097959953891975169 Expert Comments Below: Anjola Adeniyi, Technical Account Manager at Securonix: “Concerns about whether Huawei shares data with the Chinese government are not wholly unfounded. China passed a National Intelligence Law in 2017 which stated that organisations must “support, co-operate with and collaborate in national intelligence work”. There are also concerns about Huawei’s founder, Ren Zhengfei, as he was an engineer in China’s army and joined the Communist Party in 1978. The current geopolitical climate lends itself to many more scenarios like this,…
ISBuzz Team
In a report released today and shared with Bleeping Computer, international security company Group-IB specialized in preventing cyberattacks describes a so called cross-border domino-effect that can lead to spreading an infection beyond the initial target. The report is based on information from incident response work conducted in 2018 by the company’s team of computer forensics experts. Experts Comments below: Corin Imai, Senior Security Advisor at DomainTools: “This is something of a perfect storm for cybercriminals, and is an example that clearly illustrates why all businesses need to continue to focus on security. The financial institutions targeted now not only have to deal with the fact they…
SenseNets, a company which operates facial recognition systems in China has exposed crucial personal information of 2.5 million people after leaving a database unprotected. The revelation came from a cybersecurity researcher named Victor Givors, who followed the trodden of searching around for unsecured databases. To the researcher’s surprise, the particular database contained the ID card number, tracking location data of the last 24 hours, sex, nationality, address, passphoto, birthday, and even the employer of 2565724 people. Felix Rosbach, Product Manager at comforte AG: “Welcome to Orwells 1984, but with an even worse twist. When bad guys get access to your identity information, things can go terribly wrong. And this is…
F5 Networks-sponsored Telecoms.com Annual Industry Survey 2018 puts spotlight on emerging technology ahead of Mobile World Congress; Close to 80% of industry professionals see NFV as either important or critical New research shows that at as many as 79% of telecoms professionals view network functions virtualisation (NFV) as a critical strategic focus over the next five years. According to the F5-sponsored Telecoms.com Annual Industry Survey, NFV’s influence is on the rise and has strong support from both technology evangelists and the wider telecoms industry. “An ever more competitive digital economy requires that applications and network services are delivered with unprecedented speed, scale, and agility,” said…
The ETSI Technical Committee on Cybersecurity (TC CYBER) has just released ETSI TS 103 645, a standard for cybersecurity in the Internet of Things, which will help to create baseline security standard for IT devices. https://twitter.com/CerberusLabs/status/1097820902400643072 https://twitter.com/IoT_SF/status/1097815548329684992 Expert Comments below: Matt Eckersall, Regional Director, EMEA West at SUSE: “The introduction of a new globally applicable European standard to improve IoT security is encouraging for a fundamental reason: the sooner we address the security concerns posed by these technologies, the quicker we’ll see the IoT realise its full potential. Establishing standards is crucial, not only to provide technology providers with a framework to advance the privacy and…
Australian PM Scott Morrison says the country’s major political parties and parliament were hit by a “malicious intrusion” on their computer networks. The activity was carried out by a “sophisticated state actor”, he said. But he added there was “no evidence of any electoral interference”. The nation will hold an election within months. Mr Morrison’s comments follow an investigation into the hacking attempt, which was first thought to involve only the parliament’s servers. https://twitter.com/BCNewsWire/status/1098064655421829120 Experts Comments below: Sam Curry, Chief Security Officer at Cybereason: “The Australian parliament and all governments globally are the traditional target for most of the named cyber groups. And this…
It has been reported today by the New York Times that businesses and government agencies in the United States have been targeted in aggressive attacks by Iranian and Chinese hackers who security experts believe have been energised by President Trump’s withdrawal from the Iran nuclear deal last year and his trade conflicts with China. Recent Iranian attacks on American banks, businesses and government agencies have been more extensive than previously reported. Dozens of corporations and multiple United States agencies have been hit, according to seven people briefed on the episodes who were not authorised to discuss them publicly. Israel Barak, chief information security officer at Cybereason: “The “when”…
It has been reported that a server used to store real-time recordings of phone calls made to the 1177 Swedish Healthcare Guide service for health care information was found completely exposed to the Internet, with no user or password to protect it. Millions of call recordings were left on an open web server that could be accessed with no password, with the conversations going back to 2013, with around 170,000 of them left out in the open. https://twitter.com/QMalikFulton/status/1097540867206905856 Experts Comments below: Adam Brown, Manager of Security Solutions at Synopsys: “The exposure of these call recordings is down to a security misconfiguration, and these kind of issues are…
It was reported late last week that about 42,000 AdventHealth Medical Group patients are being notified that their personal and health data was breached for more than a year due to a hack of the Florida provider’s systems. The breached data contained troves of personal and health data, including medical histories, insurance carriers, Social Security numbers, along with demographic information like names, phone numbers, email addresses. Warren Poschman, Senior Solutions Architect at comforte AG: “While the longstanding focus of attackers has been financial data from retail, e-commerce, and financial services sectors, the untapped trove of personal data are a series of softer targets such as localities, social services, and…
Malcolm Taylor, Head of Cyber Security at ITC Secure: The NCSC has taken a very sensible approach to this issue, which I think stands in stark contrast to some other countries. Why do I say that? Well, firstly Huawei make and sell some of the most technically capable equipment at competitive prices – it’s commercially sensible to use Huawei when appropriate. Second, and this is perhaps key, good cyber security is about managing risks, there are no absolutes. The UK approach has been, at heart, risk management; simply not using Huawei is risk avoidance. The UK built the cell and…