The Rolling Stone was among outlets reporting that the website of Congressional candidate for California’s 25th District Democrat Bryan Caforio was taken down by DDoS attacks four times during his unsuccessful campaign, including critical junctures such as during a debate. Caforio ultimately lost the election to a fellow Democrat by a narrow margin. An expert with Corero Network Security offers perspective. Sean Newman, Director Product Management at Corero Network Security: “Reports of disruption, earlier this year, to the campaign website of a California state primary election candidate, demonstrate how easy it is for malicious actors use DDoS attacks to disrupt or…
ISBuzz Team
Cryptomining has increased 459% from 2017 through 2018 according to the Cyber Threat Alliance (CTA) in a newly released report. Justin Jett, Director of Audit and Compliance at Pixer: “As the threat of cryptojacking grows, organizations should be ever-vigilant. Crypojacking steals valuable resources from the business and organizations should carefully monitor what’s taking place on the network to prevent crypojackers from getting a foothold. Network traffic analytics is a critical resource in successfully monitoring and detecting threats like cryptojacking and should be deployed wherever possible. By leveraging the existing data from the network, IT professionals can easily and quickly identify…
On news on the upcoming Government whitepaper detailing a future internet regulator, SD-WAN network expert Ian McEwan (Vice President EMEA of Aryaka, leading global SD-WAN provider) commented below. Ian McEwan, Vice President EMEA at Aryaka: “We have to wait and see what the upcoming UK Government whitepaper fully contains. However, this may not be the regulation to pay attention to. The proposed new European copyright law may have stronger ramifications for businesses and consumers alike. By 2021 most of business revenue will be digitised, which makes the way organisational data is stored and transferred all the more important. In the wake…
Following the news that Japanese cryptocurrency exchange Zaif has been attacked by cybercriminals and had $60 million stolen, Cody Brocious, Hacker Education Lead, at HackerOne, comments below on why blockchain is so hackable and provides stats on bug bounty program uptake with the blockchain and cryptocurrency industry. Cody Brocious, Hacker Education Lead at HackerOne: “While the traditional finance space doesn’t have a perfect security track-record, they have many years of battle hardening behind them. Security is paramount for companies in the cryptocurrency space, perhaps more than any other sector. This is especially true when you consider that many of these new companies are…
Aviva and SunTrust are the latest disaster stories in a string of replatfroming gone wrong. Both the firms tried to upgrade, but their legacy systems betrayed them and it disrupted their services, which further inconvenienced customers. While upgrading to technologically new and sound systems has become more like a necessity for organizations, rushing into the upgrade without complete knowledge of the software system can be the recipe for disaster. Eg. TSB. How can organisation replatform and upgrade their software safely, without alienating customers, and efficiently? How can businesses avoid the pitfall that is costing TSB, Aviva, SunTrust and many others the trust of of their…
In response to the news that Equifax is to be fined £500,000 by the ICO after it failed to protect the personal data of 15 million Britons, IT security experts commented below. Jake Moore, Security Specialist at ESET: “The ICO has given the highest possible fine under the 1998 Data Protection Act. If this breach had occurred after May 2018 it would have most likely been a different story and possibly the scapegoat so many companies are currently fearing not to be. With this in mind, it will be extremely interesting to see how much the ICO fines the large corporations and, in particular, if they…
Rich Campagna, CMO at Bitglass: “All organizations have a responsibility to keep their employee data safe – there is no room for error. This is particularly true of governmental groups that are supposed to be serving citizens and protecting their personal information. Unfortunately, despite the amount and type of data that these organizations handle, many are unprepared when it comes to cybersecurity. The State Department’s recent authentication debacle serves as an example of this. These kinds of breaches can have lasting consequences for all parties involved. Institutions that expose data lose the trust of employees and consumers, while individuals who have their information stolen may be forced…
A new report from Akamai reveals that the financial services industry has become a prime target for credential stuffing botnets. The report highlights two attacks on financial services sites. One botnet attack caused a major financial company’s login attempts to spike from an average of approximately 50,000 an hour to over 350,000 in one afternoon. The other saw a credit union attacked by three botnets at the same time, the most dangerous not being the biggest, but the one which kept up a sustained lower level attack over a longer period so as not to arouse suspicion. Ryan Wilk, Vice President at NuData Security: “Based on what we’ve seen at NuData,…
Corporate networks have quickly become more and more complex. Change requests are regularly processed in the hundreds by IT security teams, which are then applied to company owned network devices. As a result, underlying network configuration processes increase in size and complexity, impacting the resources needed to manage the required changes. These changes affect all environments, from multi-vendor firewalls and routers, to SDN and hybrid cloud platforms. The sheer size of the modern network therefore makes it increasingly difficult for companies to manage the complexity that comes with it. Cybercriminals are ideally positioned to take advantage of this confusion, which…
Details are emerging about a recent ransomware attack against VON Canada, the nation’s only nonprofit home and community care organization. Reports state that the organization discovered the problem on September 1 but as of now it hasn’t fully resumed normal operations. They haven’t found evidence to indicate any employee, client or volunteer information has been compromised but they were forced to resort to manual operations for scheduling care and client information, compromising care for thousands of customers. At this point, leading cyber-security experts are looking into the problem. Caroline Seymour, Director, Product Marketing at Zerto: “The news that VON Canada –…