News has broken that Google has been hit by the ‘worst ever’ internet hijack in the company’s history, security experts fear. Information from Google searches, cloud-hosting services and the company’s bundle of collaboration tools for businesses – known as G Suite – were all affected. Data was intercepted by servers in Nigeria, China and Russia – including those run by major state-owned telecoms providers. Security experts suggested the hack was a ‘wargame experiment’ – meaning it may prelude similar, more widescale attacks from the nations involved in future. The type of traffic misdirection employed, known as border gateway protocol (BGP) hijacking, can knock essential services…
ISBuzz Team
Yesterday, at the Paris Peace Forum, President Emmanuel Macron announced the Paris Call for Trust and Security in Cyberspace – the most coordinated effort to date to get countries to agree on a set of international rules for cyberspace. The pact was signed by 51 countries, hundreds of companies, and 92 non-profit organization, universities, and advocacy groups. However the US, Russia, and China have not signed it. Paul Bischoff, Privacy Advocate at Comparitech: “To be clear, countries who signed the pact did not agree to any specific rules, goals, or penalties. Instead, they agreed to figure all that out together at a later…
Hackers have been found exploiting a critical security vulnerability that affects a GDPR plug-in for Wordpress to take control over vulnerable websites according to security researchers at Wordfence. Alex Calic, Strategic Technology Partnerships Officer at The Media Trust: “These attacks show that bad actors are always on the lookout for vulnerable third parties that serve multiple websites. WordPress was good to remove the plugin and patch the security issues. More than 100K websites have installed the plugin to stay compliant with GDPR, which requires companies to obtain consumers’ explicit consent before collecting and processing their information. But GDPR also requires that…
At Paris Peace Forum, President Emmanuel Macron announced the Paris Call for Trust and Security in Cyberspace – the most coordinated effort to date to get countries to agree on a set of international rules for cyberspace. Cybersecurity experts Colin Bastable and Paul Bischoff commented below. Paul Bischoff, Privacy Advocate at Comparitech.com: “To be clear, countries who signed the pact did not agree to any specific rules, goals, or penalties. Instead, they agreed to figure all that out together at a later date. So the pact is mostly symbolic. Russia and China will obviously not sign. Many of the pact’s measures imply taking…
Cyber experts and research teams warn of risks to critical infrastructure and national intelligence, threats to biometric identification and over-reliance on AI in cybersecurity Global cybersecurity leader Forcepoint today launched its 2019 Forcepoint Cybersecurity Predictions Report, with security specialists, behavioral intelligence researchers and data scientists providing guidance on the sophisticated threats facing organizations in the months to come. The report examines seven areas where risks will increase in 2019, with Forcepoint experts taking a deep dive into technology trends and the motivation behind cyber-attacks, so that business and government leaders and their security teams can better prepare to face the new wave of threats.Enterprises…
Data breaches in the first 9 months of 2018 have exposed 3.6 billion personal information records according to the 2018 Q3 Data Breach QuickView report by Risk Based Security. Matan Or-El, CEO at Panorays: “The number of personal records exposed this year alone is staggering. These numbers reflect the ease by which hackers have been able to penetrate networks and how they now industrialize their attacks by launching fewer attacks that secure more data. Often, they tunnel into big companies like Target, Facebook, Under Armour and others to go for the largest data payoff instead of going after a few small companies.…
Just like CSI uses forensics experts to look for fingerprints, your digital behavior is tracked by businesses and followed by tools like Google Analytics or marketing suites like HubSpot. Except you’re not a criminal, and their goal is to sell you more things. This breach of privacy escalates when one of the companies gathering your information gets hacked. In 2016, a data breach of Yahoo! exposed 3 billion user accounts. In 2017, the Equifax data breach affected the information of 146.6 million people. A quick scan of the largest hacks is enough to want to throw your computer away. Your…
Hackers are exploiting a remote code vulnerability in Adobe Cold Fusion that a patch was recently issued for according to researchers at Volexity. Justin Jett, Director of Audit and Compliance at Plixer: “The recent Adobe ColdFusion flaw that has been exploited recently is another example of how quickly malicious actors are to take advantage of recently-patched vulnerabilities. In this case, fewer than two weeks after a patch was released, servers were compromised. Additionally, per the reports from Volexity, “the target server was missing a single update from Adobe that had been released just two weeks earlier,” which indicates that even…
The Word Economic Forum (WEF) has just published the results of a report detailing that – out of 12,000 business leaders across 140 countries – cyber attacks are the top concern businesses will face over the next decade in Europe, North America and Asia. Globally, cyber-attacks were only the 5th highest risk cited by business leaders. This comes after a number of high-profile attacks in the UK targeting organisations such as BA and HSBC. Fraser Kyne at security firm Bromium commented below that despite increased investment in cybersecurity, businesses are still getting hit, and this won’t change until they change their security strategy.…
Following the news that Zero-day attacks have been exploiting popular WordPress plugins to take over sites in the wild, Gavin Millard, VP of Intelligence at Tenable explains how this attack works and what users can do to protect themselves. Gavin Millard, VP of Intelligence at Tenable: “Ignoring the irony that this popular WP GDPR Compliance plugin could lead to customer information being lost, rather than demonstrating data diligence, the flaw highlights a much bigger issue. Often publicly berated for its security flaws, WordPress – and other popular content management systems (CMS) such as Drupal, are in the main secure when kept up to date, it’s…