It has been reported that tens of thousands of consumers who have entered their details on the TV Licencing website are being urged to check their bank statements for suspicious transactions following a data alert. TV Licencing has stated that from 29 August until the afternoon of 5 September 2018, some transactions carried out on the website were “not as secure as they should have been”. It is emailing 40,000 people who entered bank account and sort code details telling them to check their bank accounts for suspicious transactions and to make sure direct debits haven’t been amended. TV Licensing spokesperson said: “While there is no…
ISBuzz Team
Chris Goettl, Director of Product Management, Security at Ivanti: This month has a light third party line-up with a couple of non-Microsoft updates for Adobe Flash and Google Chrome with a moderate Microsoft line-up. Microsoft released fixes for 61 unique CVEs this month including the fix for the ALPC Elevation of Privilege vulnerability (CVE-2018-8440) that was disclosed and has been used in limited attacks in the wild. There are three additional publicly disclosed vulnerabilities resolved (CVE-2018-8409, CVE-2018-8457, CVE-2018-8475). Microsoft Affected Products: Internet Explorer Microsoft Edge Microsoft Windows Microsoft Office and Microsoft Office Services and Web Apps ChakraCore Adobe Flash Player…
A new exploit kit known as Fallout discovered by security researcher Nao Sec, is being used to distribute the Gandcrab ransomware as well as other nasty programs. Mike Bittner, Digital Security & Operations Manager at The Media Trust: “Malicious campaigns involving the GandCrab ransomware examplifies the intensifying digital arms race between malicious actors and security providers. In early August, a security provider released a vaccine app that would trick the ransomware into thinking a machine had already been infected. Within a few hours, the GandCrab author announced the release of an exploit code targeting the vaccine app. Soon after, vendor…
A new report released by Salesforce reveals that 59% of customers believe their personal information is vulnerable to a security breach. Even worse, 54% don’t believe that companies have their best interests in mind. Mayur Upadhyaya, Managing Director, EMEA at Janrain: “The Salesforce research shows the growing conflict between trust and personalisation. Their findings show over half (53%) of customers expect the offers they receive from businesses to be personalised yet 59% believe their personal information is vulnerable to a security breach. This certainly correlates with Janrain’s recent research into Consumer Attitudes Toward Data Privacy Survey; which showed that 57% of respondents have become more concerned…
It has been reported that over 5,000 people have been affected by the data breach at Cork City’s Park by Phone service, it emerged last night. The council stated that no personal bank account or credit/debit card details were accessed, no account balances were altered and no passwords were compromised, however it warned users of the service that it was possible that other personal data such as car registrations, mobile numbers and email addresses may have been accessed. Ryan Wilk, Vice President at NuData Security: “Fortunately, this Park by Phone breach doesn’t include credit card information. However, we all know bad actors are very talented at…
Today, Google will try to convince Europe’s top court that the EU should not be pushing its own privacy laws on the rest of the world. The case marks the culmination of a long-running battle within Europe—but depending how the court rules, the implications could be global. Evgeny Chereshnev, CEO and Founder at Biolink.Tech: “Such a policy is controversial to say the least. Users are usually residents of their homelands, thus have to comply with local data regulations. Most people don’t have awareness nor understanding of their legal rights and boundaries regarding data according to their local legislation. This means that when a website asks…
A cyber-security firm has said it found a malicious script injected into the British Airways website, which could be the cause of a recent data breach that affected 380,000 transactions. A RiskIQ researcher analysed code from BA’s website and app around the time when the breach began, in late August. He claimed to have discovered evidence of a “skimming” script designed to steal financial data from online payment forms. Commenting on the news and offering insight are the following security researchers: Javvad Malik, Security Advocate at AlienVault: The BA breach is still being investigated, so we won’t know for sure how the actual…
Check Point’s latest Global Threat Index reveals an increase in banking trojan attacks, as organizations feel the impact of large scale Ramnit campaign Check Point has published its latest Global Threat Index for August 2018, revealing a significant increase in attacks usingthe Ramnit banking trojan. Ramnit has doubled its global impact over the past few months, driven by a large scale campaign that has been converting victim’s machines into malicious proxy servers (detailed in Check Point’s Research blog). During August 2018, Ramnit jumped to 6th place in the Global Threat Index, and 5th place in the UK. This saw it become the most prevalent banking Trojan…
CyLon today announces the nine cyber security startups participating in its eighth London accelerator programme. CyLon finds, grows and invests in the best emerging cyber businesses via its world-leading accelerator programmes. CyLon has already successfully accelerated 59 companies across hubs in London and Singapore since its launch in April 2015, and has a portfolio of international companies now valued at more than £200m. CyLon alumni have created more than 300 new jobs and have raised over £50m of follow-on funding since graduating the programme. CyLon’s co-founder Grace Cassy said, “We are delighted to welcome another group of companies to our…
A new survey from Champlain College Online shows that not only are the majority of Americans concerned about cybersecurity threats, but many are willing to consider returning to college to pursue a cybersecurity education. Of the 1,004 adults surveyed, 41 percent said they would probably or definitely consider returning to college to earn a certificate or degree to prepare for a cybersecurity job. However, willingness rose to 72 percent if current employers were willing to pay for respondents’ education in preparation for an in-house cybersecurity job. Those respondents most willing to consider pursuing an employer-funded cyber education were between the ages of…