Research shows that the US is the victim of the most high-profile cyberattacks. New tool unmasks the scammers and shows how they operate. The links between cybercrime hotspots and target locations are revealed. The tool launches after the FBI’s warning of a global ATM cybercrime spree set to steal millions. Could you be the next victim of the 39 high-profile cybercriminals that are still at large? A new tool exposes the criminals that are stealing money, computer data and, in some cases, your identity. Cybercrime Hotspots uses governmental figures, as well as data from the FBI’s Most Wanted List, to…
ISBuzz Team
In response to reports from Deutsche Welle and other outlets – Hackers attack RWE website amid Hambach Forest evictions – that unknown attackers launched a large-scale DDoS attacks against German energy company RWE, taking down its website in protest of the company’s plans to mine coal, Corero offers additional 3rd party comments. Sean Newman, Director Product Management at Corero Network Security: “With the more recent focus on DDoS attacks being used for financial gain, with ransom demands or smokescreens, as part of broader targeted attacks, it’s easy to forget the classic belief-driven motives. Making a political or belief-driven statement by disrupting an associated website…
In response to the news that Uber has agreed to pay $148 million in connection to a 2016 data breach and subsequent cover-up, security experts commented below. Rob Shapland, Principle Cyber Security Consultant at Falanx Group: “This fine shows that companies can no longer get away with poor cyber security and sweeping incidents under the carpet. I would expect many companies will have tried to hide the fact that they’ve been breached, especially given the size of the potential fines. This case, and the punishment for Uber for not revealing that the breach had occurred, will hopefully give companies further warning of the risks…
It’s no secret that cybersecurity is becoming increasingly important and that currently, a small security operation center (SOC) is often all that stands between an organization and a potentially financially devastating data breach. In the Security Operations Survey for 2018 released by SANS, three issues affecting effective performance head the list – a lack of skilled talent, unclear security operation center (SOC) metrics and a lack of orchestration/automation. Many organizations cannot quantify the value their SOCs deliver. Therefore, they don’t have the data to make a case for the budget needed for improvements. Here are some of the takeaways from…
Verizon 2018 Payment Security Report (PSR) highlights: Full compliance with the Payment Card Industry Data Security Standard (PCI DSS) drops for the first time in six years – 52.5 percent of organizations compared to 55.4 percent in 2016. Businesses more vulnerable to cybercrime – PCI DSS is shown to help protect payment systems from breaches and theft of cardholder data. Report highlights the crucial need for ongoing compliance maintenance and measurement. Includes Verizon’s nine factors for controlling compliance effectiveness and sustainability. After documenting improvements in Payment Card Industry Data Security Standard (PCI DSS) compliance over the past six years (2010 –…
In response to the news that Newsnow, a popular news aggregator service, has suffered a data breach, please see below comments from Jake Moore, security specialist at ESET. Jake Moore, Security Specialist at ESET: “Hackers are far too keen to attempt using stolen passwords across other online accounts which will soon become compromised as well. As passwords here have been taken that are connected with email usernames, it drives home the fact that no one should use the same password for more than one account. We always ensure people have a strong complex password on any accounts but especially your…
Zoho, one of the world’s largest tech companies, was taken offline due to a domain registrar responding incorrectly to a phishing complaint. The downtime resulted in nearly 30 million Zoho users being unable to access Zoho’s website. Manually updating DNS records helped some users, but many were left unable to access the site, following relatively low-level misuse of one of Zoho’s mail servers. This was compounded by the fact that the issue was caused by an automated system, and by the time a human had checked the findings, it was too late. Cath Goulding, Head of Cyber Security at Nominet:…
Big and small, municipalities are under siege from cybercriminals. It feels like at least once a week there is a headline about the latest city government breach. You would have thought the Atlanta breach would be a wakeup call for all cities, but the evidence indicates there is still a long way to go. We live in a world where the question is no longer “if” a breach will occur, but “when”. Not surprisingly, one of the key entry points for many attacks is phishing – the fraudulent practice of sending emails purporting to be from reputable companies in order…
ZDNet broke the story today that SHEIN, a U.S. based fashion retailer, announced a breach that compromised the emails and encrypted passwords of 6.42 million users. IT security experts commented below. Ruchika Mishra, Director of Products and Solutions at Balbix: “This breach occurred in June, but it was only discovered it in late August. It’s clear that organizations like SHEIN rely heavily on reactive cyber-security strategies that detect and control breaches in progress or after that fact — and often not fast enough. What is really needed is a proactive strategy that enables organizations to avoid breaches in the first place…not two months…
In response to news that Infinite Campus, which serves 7+ Million US students in grades 1-12 (in 2000 districts across 45 states), was hit with a DDoS Cyber attack limited parental access to Oklahoma City schools site, an expert with Corero Network Security offers insight. Sean Newman, Director Product Management at Corero Network Security: “The attack on Oklahoma City’s student information system is just another example of just how many services, which are increasingly provided online for reasons of cost, efficiency and scalability, are delivered without adequate resiliency to Distributed Denial of Service attacks. The motive appears to be unclear at this stage, but…