Following the news that a phishing campaign is targeting executives across a number of industries with messages asking to reschedule a board meeting in an effort to steal logins and passwords, Corin Imain, Senior Security Advisor at DomainTools, provides insight on this increasingly popular type of attacks. Corin Imain, Senior Security Advisor at DomainTools: “Spear phishing attacks tend to be more targeted, sophisticated and harder to detect than regular phishing campaigns. Just one employee clicking on a malicious link can create an entry point for cybercriminals to gain access to the entirety of an organisation’s network. For this reason, it…
ISBuzz Team
2018 End-of-Year Data Breach Report from the Identity Theft Resource Center (noting a 126% uptick in the numbers of records breached containing the continued use and re-use of passwords and usernames, and the vulnerabilities caused by third party vendors), experts with Cequence, CyberSaint and STEALTHbits offer perspective. Franklyn Jones, CMO at Cequence: “Unfortunately, for the bad guys these data breaches are gifts that keep on giving, long after the news headlines fade away. Millions of these stolen credentials find their way to the dark web, where they are acquired by other bad actors who then orchestrate automated bot attacks targeting…
29 popular, but fake photo-filter apps have been pulled from the Google App store. The malicious apps with fraudulent 5-star reviews, were pushing ads that led users to fake content and pornography sites according to a report from Trend Micro. Mike Bittner, Digital Security and Operations Manager at The Media Trust: “Phishing attacks using apps as vehicles are on the rise because they work—they are increasingly hard to detect and analyze, and consumers often download apps based on reviews and assume the app providers or app stores have conducted tests to ensure the apps are safe. In today’s increasingly perilous…
NBC News is among outlets covering the new 2018 End-of-Year Data Breach Report from the Identity Theft Resource Center, which discusses that hackers stole nearly half a billion personal records in 2018. Experts Comments below: Colin Bastable, CEO at Lucy Security: “Third-parties are significant multipliers in the risks faced by consumers and businesses: the fewer moving parts we have between us and our data, the safer we are. By making login more convenient for users, for example by using Facebook, Google or another intermediary, organizations are exposing consumers to significant, chronic risk. By combining different accounts, such as by enabling…
The home improvement site Houzz announced a data breach this week involving third-parties gaining access to a file that contains publicly visible user data as well as private account information. In an email sent to affected users, Houzz stated that an unauthorized third-party gained access to a file containing both publicly available information as well as internal account information such as user IDs, email address, one-way encrypted passwords, IP addresses, city and zip codes derived from IP addresses, and Facebook information. Experts Comments below: Eoin Keary, CEO and Co-founder at EdgeScan: “Depending on the type of password storage protection used,…
Booz Allen today released its newest study, the 2019 Cyber Threat Outlook, which outlines eight new areas of cyber threats in 2019. Byron Rashed, Vice President of Marketing at Centripetal Networks: “Every aspect of this report cites cyber threats that should be of concern to governments and businesses. Some threats apply to consumers, especially the lack of security in many IoT devices and connected vehicles. Combating these threats are difficult, especially cyber threats from nation states that have no budgetary limits. The best way to defend against these attacks is layered security and best practice. Implementing technologies that block known sources as…
** Spoiler Alert – if you’ve not finished watching Netflix’s Bandersnatch, you might wish to look away now** Today’s media is obsessed with cybercrime. From data breaches to identity theft, we’re increasingly seeing hacks hit the headlines – with more than four in ten businesses (43%) experiencing a cyber breach in 2018.. In this new reality, phenomena such as Charlie Brooker’s Bandersnatch are beginning to thrive – providing viewers with the much-craved insights into the world of coding, programming, and hacking. Allowing spectators to control the programmer, Bandersnatch not only feeds the viewers’ curiosities surrounding computing, but also raises questions…
Recently, I’ve been doing intensive exercise. Not to lose some pounds before the inevitable post-Christmas weight gain, but because I’m getting ready for an XLETIX obstacle course in Munich. It won’t be easy. I’ll need to run, climb, jump and crawl past miles of mud and obstacles. And I’ll need to be as fit as possible to make it to the end. In a way, it’s helped me empathise with businesses that are having to get their data and processes in shape. They’re facing two obstacles that are tougher than ever before: GDPR and ransomware. GDPR has changed how we…
The World Economic Forum’s Global Risk Report 2019 paints a bleak picture of the top threats facing our planet. Leading the list, and influencing everything that follows is the impact of growing divergence between nations. Ever more countries are seeking to establish national control over their affairs, economies, security and more. WEF’s analysis suggests the divisions are growing, and that such fragmentation and protectionism can create blind spots, undermine global stability, and limit the world’s capacity to respond effectively to global challenges. It is not hard to see how they affect our ability to tackle the global challenge of cyberthreats.…
Criminals use malware, malicious emails and calls to access confidential financial data belonging to students The Student Loans Company (SLC) has been hit by nearly one million cyber attacks in the last year, according to official figures. In data released under Freedom of Information (FoI) legislation, The SLC revealed it was targeted by 965,639 attempts to infiltrate its systems in the last financial year (2017/18). The findings, collated by researchers the Parliament Street think tank, discovered that these results were up from a mere three attempts in financial year 2015/16 and 95 in 2016/17. Out of the attempts for the…