It’s being reported that Iranian hackers have targeted at least 18 British universities, including those certified by the National Cyber Security Centre (NCSC) to provide degrees in cybersecurity. Pravin Kothari, CEO at CipherCloud: “Iranian cyber attackers have targeted U.K. universities using the same phishing attacks that have worked successfully for most cyber attackers for years. The insult to injury here was the fact that these cyber attackers went after some of the U.K.’s best cyber universities. The phishing emails direct university student and employees to a fake website page where they are prompted with a login. This enabled the cyber attackers to…
ISBuzz Team
Eurostar is the latest transportation company to be hit by a data breach following the recent BA breach. The breach, which occurred between 15 and 19 October, was noticed when Eurostar detected an “unauthorised attempt” to hack into its systems and access user accounts. Eurostar emailed customers with the information, stating that it had identified multiple attempts to access eurostar.com accounts using users’ email addresses and passwords. Ilia Kolochenko, CEO at High-Tech Bridge: “The announcement is a little bit obscure and contradictory. An “unauthorized attempt” should not lead to mass password reset, as millions of attempts to hack into a system occur every…
Details are emerging about Telstra, Australia’s largest telecommunications company, experiencing an outage to its cloud services. Customers have suffered losses of digital services including the My Account self-service portal, webmail, its 24/7 app and the main portal. According to it News the problems can be traced to a Telstra data center in Sydney. However, there is no current ETA on when services will be restored. Disaster recovery and security expert Caroline Seymour of Zerto has commented below on this growing problem. Caroline Seymour, director of product marketing at Zerto: “As we become more reliant on everyday services like banking, bill paying and personal…
Cybersecurity preparedness is one of the major obstacles facing businesses today, and due to its importance, it can be a magnet for myths. Attacks emerge and cripple systems availability or swipe data quickly and unexpectedly. It happens so fast that the myths so many businesses hold onto as facts are only apparent in the aftermath of an attack. While many cybersecurity myths persist, some are more damaging than others, here are four common cybersecurity myths and their impact on risk. Myth 1: Small organisations are low-value targets for hackers. Thinking you’re not a target is one of the biggest mistakes a…
On November 1, Canada becomes the newest country to enact a stringent data breach regulation. The Personal Information Protection and Electronic Documents Act, or PIPEDA, goes into effect on November 1, based on a report from the CTVNews network. According to the Ponemon Institute’s 2017 International Cost of a Data Breach study, the average cost to Canadian companies of a breach was $6.11 million, up 5.6 per cent from those who participated in the 2016 report. By comparison, the global average cost of a breach was US$3.86 million. Pravin Kothari, CEO at CipherCloud: “The data privacy train is picking up speed in Canada. The Canadian Personal…
FIFA acknowledged this week that its computer systems were hacked earlier this year for the second time, and officials from European soccer’s governing body fear they also might have suffered a data breach. UEFA officials were targeted in a so-called phishing operation in which third parties fool their targets into giving up password-protected login details, though the organization has been unable to find traces of a hack in its computer systems. Commenting on the news are the following security professionals: Rob Shapland, Principal Cybersecurity Consultant at Falanx Group: “The hack on FIFA appears to have been a very common phishing attack that tricks users into…
FIFA acknowledged this week that its computer systems were hacked earlier this year for the second time, and officials from European soccer’s governing body fear they also might have suffered a data breach. UEFA officials were targeted in a so-called phishing operation in which third parties fool their targets into giving up password-protected login details, though the organization has been unable to find traces of a hack in its computer systems. Commenting on the news are the following security professionals. Rob Shapland, Principal Cybersecurity Cconsultant at Falanx Group: “The hack on FIFA appears to have been a very common phishing attack that…
The latest online scam by cybercriminals uses stolen passwords from data breaches to try and convince people that they have used the password to download spyware and that they have now caught them looking at adult sites. The next step is blackmail. Robert Capps, VP and Authentication Strategist at NuData Security: “Cybercriminals continue to steal usernames and passwords at an alarming rate, intent on committing account takeover of legitimate consumer accounts. Once they have account credentials they try to use them on everything from healthcare to social media sites, and everything in between. The primary action users should take is…
Last week, news broke that an unsophisticated Linux-based botnet dubbed DemonBot is targeting exposed cloud servers using a vulnerability in Hadoop’s resource management tool to infect cloud servers with the botnet malware. Gavin Millard, VP of Intelligence at Product Marketing at Tenable “This isn’t the first time the YARN exploit has been used. Back in September 2018, Palo Alto networks reported that attackers were utilising it as part of several exploits to implant the Xbash malware onto systems. “The issue for organisations is that, should they be infected, resources will be diverted from the organisations tasks instead performing the botnets exploit attempts. This at least…
Google is introducing reCAPTCHA v3, designed to detect bad traffic without user interaction. Mike Bittner, Digital Security & Operations Manager at The Media Trust: “reCAPTCHA makes a good addition to any website security toolkit. However, given the increasing sophistication of malicious campaigns, such tools can be undermined. For instance, bots can manipulate the automated actions that the risk scores will trigger. Moreover, bots are simply one among many threats bad actors can pose to websites. Addressing the broader spectrum of such threats will require website owners to police their digital assets by scanning them continuously in real time for any…