November 30th 2018 marks the 30th annual Computer Security Day. Originally launched in 1988, before computing even became mainstream, the day was one of the earliest reminders of the threats facing modern technology and data. Now, thirty years on, the threats facing organisations’ data are more significant than ever – from ransomware to hacking – while the sensitivity and volume of data grows each year. According to a recent survey conducted by IDC and Zerto, 77% of businesses have experienced a malicious attack in the past 12 months, with 89% of these being successful, demonstrating just how prevalent the security…
ISBuzz Team
Following the findings from Macro 4 that less than one in five IBM mainframe customers use multi-factor authentication, Jake Moore, cyber security specialist at ESET commented below. Jake Moore, Cyber Security Specialist at ESET: “Multi-factor authentication will not only mitigate a whole host of attacks, but it is relatively easy to implement and once training has been applied it can become second nature. People will always need a helping hand at the start of new processes but it doesn’t take long to overcome this problem and shouldn’t be seen as a hindrance. Blaming cost is a natural reaction to new…
In an age of tighter regulation and growing cyberthreats, companies are under increasing pressure to ensure their customers’ financial data is safe and secure. The number of incidents reported in the news about breaches of credit card details, passwords and account information reveal the extent of the challenge that companies are facing. This year alone, British Airways, Delta and Cathay Pacific all suffered cyber-attacks that saw thousands of customers financial details stolen. Whilst the breaches were resolved, and customers informed, the impact on these companies’ brand, reputation and the trust of customers has been substantial. These incidents serve as a…
Researchers have revealed details on the U.S. Postal Service (USPS) fixing a security weakness that allowed anyone who has an account at usps.com to view account details for roughly 60 million other users and in some cases to modify account details on their behalf. The problem stemmed from an authentication weakness in a USPS Web component known as an “application program interface,” or API — a set of tools defining how various parts of an online application such as databases and Web pages should interact with one another. Commenting on the news are the following security professionals: Paul Bischoff, Privacy…
With Black Friday and Cyber Monday almost upon us, several cybersecurity experts have given their advice on the top security threats and how to avoid them. Sam Curry, Chief Security Officer at Cybereason: Security Risks: “1) The increase of online credit card collection imposters over the holidays will be apparent as they do more at this time as people balance year-end holiday finances and fear of debt. Example: The consumer stressing out about a high volume of debt they are carrying on multiple credit cards, might receive an email pretending to be from the credit card company saying their account…
Stephen Covey originally coined the terms “scarcity mentality” and “abundance mentality” in his best-selling book “the 7 Habits of Highly Effective People”. The concept “in which a person believes there are enough resources and successes to share with others” is the latter – the abundance mindset. Covey contrasts this way of thinking with the scarcity mindset (destructive and unnecessary competition), based on the belief that if someone else wins in a situation, that means you lose; and will never consider the possibility of all parties winning in a certain situation. When applying this concept to cybercrime, where individuals or customers…
More than half a million Google Android users have downloaded malware-ridden apps from the Google Play store. Of the 13 apps, which posed as driving simulation games, two were trending on the store, giving them greater visibility. In response to this news, please find a comment below from OneSpan. Will LaSala, Director of Security Solutions, Security Evangelist at OneSpan: Application repackaging has been on the rise for a while now. Earlier this year it was reported that applications were being hijacked to install cryptocurrency miners. We saw a decline in these attacks when governments started to address the cryptocurrency conversion process and…
Retail fraud attempts are projected to increase 14% during Cyber Weekend compared to last year, according to benchmark data from online payment provider ACI Worldwide based on hundreds of millions of merchant transactions. The fraud activity is likely to peak on Thanksgiving Day, according to ACI. The value of retail fraud attempts is expected to increase by 17% over Cyber Weekend, while the average value of an attempted fraud transaction is projected to increase 3%, from $236 to $243, ACI said. Over Cyber Weekend, ACI is projecting the following for overall transactions and fraud attempts, based on its data: Thanksgiving Day:…
Krebs on Security has just reported that an API weakness in USPS’s Informed Visibility program on its site has exposed the data of 60 million users. The flaw exposed near real-time data about customer packages, as well as mail sent by USPS commercial customers. Perhaps most alarmingly, it also let logged-in users query the system for account details belonging to other users, such as email address, username, user ID, account number, street address, phone number, authorized users, mailing campaign data and more. Setu Kulkarni, VP of Strategy and Business Development at WhiteHat Security: “APIs are turning out to be a double-edged sword when…
The Information Communications Technology Supply Chain Task Force, a public private group developed by The Department of Homeland Security, has recently met to take the first steps in designing operational responses to security risks in the supply chain. These playbooks will be created for government and businesses alike. Matan Or-El, Co-Founder and CEO at Panorays: “The work of the Information Communications Technology Supply Chain Task Force in developing playbooks for both government agencies and US organizations to hammer out operational responses to security risks in the supply chain is critical. As cybercriminals use sophisticated approaches to infiltrating the supply chain…