Following the news regarding the FCA warning that the asset management industry suffers from a lack of expertise and preparedness with regard to cyber security – Jason Howells offers the following comment. Jason Howells: “I think this survey confirms what we in the cyber security industry have known for some time; the cyber threat is widely misunderstood and perhaps underestimated by some. I don’t think this is limited to these sectors, either – it’s every sector and at every level. None of this is a criticism; the cyber threat is a new threat, it is in places deeply complex, and it…
ISBuzz Team
In more bad news for Google+, private details on around 52.5 million Google+ profiles were accessible to developers of apps in a six day exposure in November. It was caused by a bug in the Google+ People API, specifically built to allow access to profile data with the owner’s consent. With this new API bug, the second one since October, the company has also decided to retire the platform in April 2019, and all Google+ APIs will shut down in the next 90 days. Patrick Hunter, Technical Director at One Identity: “The news is full of data breaches. Everyday there are a handful of new cases…
WatchGuard Internet Security Report for Q3 2018 also finds that 6.8 percent of major websites still use an insecure SSL protocol Mac-based malware has appeared on the list of the top ten most common types of malware for the first time in WatchGuard’s quarterly Internet Security Report. The Mac scareware appeared in sixth place in WatchGuard’s latest Q3 2018 report and is primarily delivered by email to trick victims into installing fake cleaning software. The new report also found that 6.8 percent of the world’s top 100,000 websites still accept old, insecure versions of the SSL encryption protocol, while more…
Following the recent Marriott International data breach, whereby the records of 500 million people were compromised, global chains and SMBs alike should be looking even harder than ever to protect their networks from cybercriminals. Please see below for commentary from Rachel Rothwell, Zyxel Regional Director, Southern Europe and UK which looks at the vulnerability of our personal data and what we can do to protect it. Rachel Rothwell, Regional Director at Zyxel: “The true vulnerability of our sensitive data was recently laid bare when hundreds of millions of Marriott guests globally were affected by the hotel chain’s data breach. So, if a large…
A new Android Trojan that targets the official PayPal app has been discovered. Discovered by global cyber security firm ESET, the malware is masquerading as a battery optimization tool, distributed via third-party app stores. The biggest threat of this malware is that it does not rely on stealing PayPal login credentials; it instead waits for users to log into the official PayPal app themselves. It also bypasses PayPal’s two-factor authentication. In this brand new blog, ESET outlines the two main functions used to attack victims: 1) A pop-up box which activates a malicious accessibility service 2) Phishing screens covertly displayed over targeted, legitimate…
Nearly 48,000 patients have been affected by a breach of a credit card processing system that was utilized by Baylor, Scott and White Medical Center, a hospital in Texas. Justin Jett, Director of Audit and Compliance at Plixer: “Medical-related data breaches are lucrative because malicious actors can try to sell data to advertisers based on health conditions. While credit card systems don’t contain information relating to specific medical data, it does leak information about which providers a patient has visited, which is protected under HIPAA. This is why network traffic analytics is critical to organizations. Without this type of data,…
It has been reported that four National Health Service trusts in England and Wales spent no money on specialist cyber-security training or expertise in the past year, according to new figures compiled by cyber-security company Redscan. The data revealed that on average, trusts employed just one qualified cyber-security professional for every 2,582 employees, and many are failing short of training targets. Edgard Capdevielle, CEO at Nozomi Networks: “Research has repeatedly shown that people are often the weakest link when it comes to cyber security. We are also seeing a number of security incidents where cyber criminals are targeting employees within critical infrastructure organisations with…
Jumio’s Holiday ID Fraud Report indicates that ID fraud attempts worldwide more than doubled since 2014 New data from Jumio, the leading AI-powered trusted identity as a service provider, reveals that online ID fraud attempts on government-issued IDs increased 22 percent worldwide during the 2018 Black Friday to Cyber Monday period compared to the non-holiday average. Surprisingly, attempted ID fraud perpetrated during the online identity verification stage, involving passports, driver’s licenses or ID cards, hit a five-year high, increasing 109 percent in 2018 from 2014. In the second edition of Jumio’s Holiday ID Fraud Report, attempted fraud is defined as an attempt by…
Tristan Liverpool, Systems Engineering Director, F5 Networks, assesses what 2019 has in store It’s that time of year again. Businesses are dusting themselves down from a turbulent, fast-paced and opportunity-rich 2018 as they start to map out the year ahead. Now is the time to take stock and prepare for another calendar cycle of relentless forward momentum. As ever, there will be challenges that endure and new tech advances to capitalise on. Here’s a snapshot of emerging trends and developments businesses can ill-afford to ignore if they want to stay relevant, innovative and profitable in 2019. The future is multi-cloud…
Risk and vulnerability assessments introduced to assist the development of effective security strategies One of the UK’s fastest growing and largest independent software testing companies, Edge Testing Solutions, part of Eurofins Digital Testing, is offering UK clients access to a new Security Division – Eurofins Cyber Security. The new division boasts approximately 100 security experts worldwide, providing clients with a range of services including risk and vulnerability assessments, testing and compliance, advisory and training services. The Eurofins Cyber Security service complements Edge Testing’s existing testing provision, and clients will be encouraged to establish a baseline security position through a thorough…