In response to a new study from law firm DLA Piper, which revealed that more than 59,000 data breaches have been reported across Europe since GDPR was brought in last year, Igor Baikalov, chief scientist at Securonix commented below. Igor Baikalov, Chief Scientist at Securonix: “The survey is important in establishing a baseline for the first half a year of GDPR enforcement. The way the numbers are reported is not very helpful though: comparing the total number of breach notifications between Germany and Lichtenstein is silly at best. The only valid country-specific conclusion the survey suggests is that Netherlands’ might…
ISBuzz Team
Following is new expert commentary on the Booz Allen “2019 Cyber Threat Outlook”, which outlines eight new areas of cyber threats in 2019. https://twitter.com/tenshicrow83/status/1092844712652767232 Security Experts Comments: George Wrenn, CEO at CyberSaint: “Cyber defense will only evolve, and must evolve, with technology and the increasing risks we see in this heavily digital era. The key risk areas identified in this report- IoT, Social Media, Business Leadership- are evidence that digital risk management isn’t just a cybersecurity issue, and as many of us know, cybersecurity isn’t just a technical issue anymore. Leadership that understands how to approach risk management on a…
Brian Vecci, Field CTO at Varonis commented below on the news that more than 59,000 data breaches have been reported across Europe in the last 8 months. Link: European companies suffer 60,000 data breaches in eight months Brian Vecci, Field CTO at Varonis: “This goes to show that breaches have been happening at an increasing rate and it took stricter notification laws to make sure the public is made aware. On the face of it, it sounds like the GDPR is working as designed. The new report throws open the curtain and sheds light on the true state of data…
It appears that a customer database associated with Eskom, South Africa’s state-owned power company, is currently being exposed on the Internet – including credit card and account information, addresses, names, energy usage and more. Someone found the vulnerability and has had trouble submitting the bug to the company, so they’ve taken it to Twitter. https://twitter.com/DevinStokes/status/1092847629497708545 https://twitter.com/olihough86/status/1092847700238876677 Eskom, is South Africa’s is state-owned electricity company, generating, transmitting and distributing approximately 95% of the electricity used in South Africa and approximately 45% of the electricity used in Africa. Expert Comments below: Jon Bottarini, Hacker and Lead Technical Program Manager at HackerOne: “Accidental…
There are many reasons cryptocurrencies are inherently attractive to hackers. One of the biggest reasons is a lack of heavy regulation compared with the traditional financial industry. There simply aren’t as many stringent, mandatory t technical and administrative protection measures in place. Security can be lax, and there are more fly-by-night operators. Worst of all, it is very difficult to reverse cryptocurrency transactions. Some cryptocurrency exchanges cover customer losses but the door is often closed when figures stretch into the millions. F5 Labs looked at the last seven years of major cryptocurrency thefts. 73 major incidents were identified. In 2011,…
A new phishing campaign to steal login credentials is being launched on businesses – specifically the C-suite. Researchers at GreatHorn first discovered the campaign which targets senior executives by claiming to be from the company’s CEO. The fake email regards the rescheduling of a board meeting. By following the link from this email and users are greeted with a Doodle poll lookalike page to rearrange a suitable time for the board meeting, but which actually steals Office 365 credentials. https://twitter.com/greathorn/status/1092490784786575360 Tim Sadler, Co-founder and CEO at Tessian: “Business email compromise (BEC) campaigns, like any impersonation email attack, seek to defraud…
Following the news that a college student alleged to have stolen $5 million in cryptocurrency by using a hijacking technique called “SIM-Swapping” has been jailed for the first time, Tim Dunn, Commercial Director at ValidSoft commented below. Tim Dunn, Commercial Director at ValidSoft: “High levels of fraud have lead to an increase in security, yet in turn, has created an increase in fraud case loads. ValidSoft, the leading voice biometric and Device Trust solution provider, are the pioneers of Sim Swap fraud detection and prevention. With the world’s first deployment in 2013 into a UK Tier 1 bank, ValidSoft now…
The Byline times recently released social media research which indidcates that the #Moggmentum campaign aimed at boosting support for a Conservative party led by hard-Brexit supporter Jacob Rees-Mogg is being backed by social media accounts associated with Russia’s pro-Brexit interference campaign.
It has been reported that US-based casual dining and fast food restaurant chain Huddle House announced late Friday last week a security breach that impacted its point of sale (POS) system. Ryan Wilk, Vice President at NuData Security: “One of the many dangerous things about breaches is the amount of time it takes for companies and end users to know their data is out in the open. From the moment a breach happens, hackers have ample time to broker the stolen names, payment card details and other identifying information on the dark web – leaving customers and employees open to…
Computer scientists from the US and Brazil have found that about half of IoT apps are potentially exploitable through protocol analysis. Because between 40 per cent and 60 per cent of the apps use local communication or local broadcast communication, there’s a potential attack path. Dunstan Power, Director at ByteSnap Design: “It is true that IoT security has had a poor record. Five years ago there was very little regard paid to the security aspects of many IoT devices, which were manufactured to a low cost and not seen as vulnerable. “The thinking was “what does it matter if someone can turn…