Mounir Hahad, head of the Juniper Threat Labs, lent some perspective to news that a new variant of the Shamoon malware was discovered on the network of Italian oil and gas contractor Saipem. Mounir Hahad, Head at Juniper Threat Labs: “This version of the Shamoon destroyer packs the same punch as previous attacks, but was made more difficult to study as no indication of the intended victim is present in the malware itself, unlike previous versions. This variation will render any system it infects unusable by overwriting a key hard drive section called the Master Boot Record with random data. Unlike the previous variant, this…
ISBuzz Team
It has been reported that Italian oil-services company Saipem SpA has been hit by a cyberattack that targeted its servers in the Middle East on Monday. Servers in the Emirates and Saudi Arabia were hit the most, with attackers seeking to obtain administrative data. The only attack in Europe was in Aberdeen, Scotland. Saipem is still accessing the scope and impact of a cyberattack. Andrea Carcano, Co-Founder and CPO at Nozomi Networks: “Increasingly, attackers are targeting critical infrastructure, such as transportation systems and power grids, around the world. Due to the criticality of their services and gaps in cyber security protection, these systems…
In response to today’s new findings from McAfee Labs on a new global campaign ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure, a cybersecurity expert with CyberSaint offers perspective. George Wrenn, CEO and Founder at CyberSaint Security: “Critical infrastructure organizations, especially those who deal with defense-related initiatives, should always be on high alert for unexpected threats that might negatively impact their ability to keep sensitive information or critical personnel secure. This is a given, but the lesson learned is that it takes a balanced weighting of people, process, and technology to facilitate a high-performing, always-alert cybersecurity program that can more effectively stop the original threat. “Organizations…
In response to new research finding that an Android Trojan steals money from PayPal accounts even with 2FA on, two experts with OneSpan offer perspective and considerations for both end users and developers. Sam Bakken, Senior Product Marketing Manager at OneSpan: It’s time for all of us to be more scrupulous when it comes to the apps that we install and the permissions we grant them. Accessibility permissions are incredibly powerful and can lead to malware taking action on your behalf inside your apps which is what occurred in this case. Though it’s not a cure-all (after all banking Trojans make it…
In light of Mimecast’s latest Email Security Risk Assessment (ESRA) which shows a 25% rise in possible malicious emails since last year. Jake Moore, cyber security expert at ESET commented below. Jake Moore, Cyber Security Expert at ESET:I “Emails are by far the largest attack vector for spreading malware or malware related services. With an estimated 281 billion emails being sent and received each day in 2018. It stands to reason that it is used as a very productive means to trick end users into downloading files, visiting dodgy websites or sending their logon credentials. Education and perseverance is one…
Following news that 20 million Brazilians’ detailed exposed, Ilia Kolochenko, CEO and founder of web security company High-Tech Bridge commented below. Ilia Kolochenko, CEO and Founder at High-Tech Bridge: “The major question here is how did this highly sensitive and confidential data go online on a third-party server in a flagrant violation of all possible security, compliance and privacy fundamentals? Who else has access to this data and its copies? A thorough investigation is required within the Brazilian government to determine who should bear the responsibility. I would, however, not be so certain that cybercriminals managed to get the data from the exposed server. I’d…
Cybersecurity experts Matan Or-El and Leon Lerman commented on recent news of yet another healtcare data breach, this one a ransomware attack at the Redwood Eye Center in California. Matan Or-El, CEO at Panorays: “As healthcare organizations integrate more third-party software and systems, their risk increases as well. The Redwood Eye Care Center found this out when its EMR hosting vendor was hit with ransomware, exposing the personal information of more than 16,000 patients. Healthcare information is a popular target with cybercriminals, as it sells for high prices on the dark web. Even though Redwood Eye Care Center has changed…
Login credentials for more than 40,000 Government accounts in 30 countries have been discovered by Russian cybersecurity researchers from Group-IB. Mike Bittner, Digital Security & Operations Manager at The Media Trust: “Government agencies are easy targets of phishing campaigns because they often publish their employee directories online. They are also highly desired targets because they store sensitive information on state secrets, on new products in the process of approval, including those of the world’s largest companies, and on private citizens. And given budget cuts, many of these agencies rely on large pool of third parties, who are listed in publicly…
McAfee Labs has issued new findings today: ‘Operation Sharpshooter’ Targets Global Defense, Critical Infrastructure. The attacks start with phishing campaigns and move on using more sophisticated approaches. Colin Bastable, CEO at Lucy Security: “Phishing attacks evolve very quickly: this looks like a trial run, and it will escalate and spread metastatically. State actors use misdirection, because they are engaged in asymmetric cold warfare, and they will not be concerned about collateral damage. For them, the more the merrier. Cyber criminals will pick it up and run with it – the end results will be the same, regardless of who instigated the attack.…
Following the news regarding the FCA warning that the asset management industry suffers from a lack of expertise and preparedness with regard to cyber security – Malcolm Taylor, Director of Cyber Advisory at ITC Secure offers the following comment. Malcolm Taylor, Director of Cyber Advisory at ITC Secure: “I think this survey confirms what we in the cyber security industry have known for some time; the cyber threat is widely misunderstood and perhaps underestimated by some. I don’t think this is limited to these sectors, either – it’s every sector and at every level. None of this is a criticism; the cyber threat…