New Hollywood thriller “Searching” opens in cinemas everywhere today. The film, shot almost entirely through the point-of-view of smartphones and computer screens, follows the frantic attempts of a father trying to trace his missing 16-year-old daughter’s digital footprints before she disappears forever. Consumer security experts Dashlane have partnered with Searching, as the film’s official safety partner. By partnering with an innovative ffilm like Searching, which highlights the positives and perils of the digital world, Dashlane is spreading the word about the importance of keeping yourself—and your information—safe online. Emmanuel Schalit, CEO at Dashlane, shares some of his top tips to…
ISBuzz Team
According to a new report released by Barracuda Networks based on a poll of more than 3,000 business email compromise attacks, the CEO was impersonated in almost half of all cases (42.95 per cent). Neil Larkins, CTO & Co-founder at Egress Software Technologies: “Phishing attacks like this easily fool people by using a slightly modified domain name and pretending to be their organisation’s CEO ([email protected] vs [email protected]). Luckily, the application of machine learning and big data analysis in cybersecurity has now made it possible to mitigate this risk. By analysing people’s email behaviour, smart technology can now recognise patterns and highlight anomalies.…
West Ham’s email to away season ticket-holders confirming their ticket for Tuesday’s Football League Cup fixture at Wimbledon was CC’d to every intended recipient. The message should have been sent as a BCC. Tony Pepper, CEO and Co-founder at Egress Software: “‘Traditional’ solutions to prevent data breaches – such as firewalls, endpoint security, encryption and malware scanning – can’t stop someone accidentally sending an email to multiple recipients using To/Cc instead of Bcc. This is because existing solutions can’t tell the difference between intentional and unintentional user behaviour. Therefore, when an employee of West Ham United accidentally Cc’d the email…
It’s become a fact of life that hackers might lock down your computer, blocking access to your most valuable data, and vowing to free it only if you pay up. Ransomware is nothing new, but it’s profitable, and hackers are deploying it left and right. Mitigating ransomware is actually fairly straightforward. If you have backups, if your network is segmented, really all you have to do is wipe the infected computers, and reimage them from backups. If you’re prepared, the recovery takes maybe 20 minutes. But if it’s so easy to recover from ransomware, why is it still such a…
Air Canada says 20,000 mobile app users might be affected by a data breach. 1.7 million customers are locked out until they update their passwords. The airline says it detected unusual login activity last week and tried to block the hacking attempt, locking the app accounts as an additional measure. Mobile app users received an email Wednesday morning alerting them as to whether their account had been affected. Please see below for commentary on this news: Jake Moore – Security Specialist at ESET: “Although this is a massive breach in customer data and confidence, Air Canada are locking people out…
Yesterday news broke of a Microsoft Windows zero-day vulnerability with no workaround. There seems to be no patch available and the vulnerability is found in nearly ubiquitous software. IT security experts commented below. Allan Liska, Security Solutions Architect at Recorded Future: “The 64-bit versions of Microsoft Windows 10 and Windows Server 2016 both suffer from a local privilege escalation vulnerability that will allow an attacker who already has access to the system to execute any code as an administrator, in effect giving the attacker full access to the compromised system. The vulnerability exists in an API call for Task Scheduler…
Fiserv, which provides financial technology for banks and other financial institutions, said it has fixed a weakness in a web platform. Brian Krebs wrote that the flaw in a Fiserv web platform, which some banks and credit unions use to operate online accounts, exposed some personal and financial details of customers. Commenting on this, Adam Brown, manager of security solutions at Synopsys commented below. Adam Brown, Manager of Security Solutions at Synopsys: “While ultimately responsible for the software flaw that has allowed this vulnerability to surface across multiple financial institutions, what’s more alarming than Fiserv’s shortcomings in design is that this has not been unearthed…
Kaspersky Lab experts detected the activity of infamous Asacub mobile banker over the past year has held the leading position (38%) among all mobile banking Trojans. More detailed information can be found in the first of a special Kaspersky Lab series on the most active banking Trojans. The reason behind Asacub’s continued sustainability lies in the fact that the domains of its command server change, and there are disposable phishing links for downloading the Trojan. The earlier modifications of Asacub were closer to spyware than banking malware: they could steal all incoming SMS messages, regardless of the sender, and upload them to…
In response to the Reuters report that the Bank of Spain is under a DDoS attack, IT security experts commented below. Andrew Lloyd, President at Corero Network Security: “Worryingly, as of right now (Tuesday afternoon local time), their website (www.bde.es) remains offline despite the attack having started on Sunday. Whether this is as a result of an ongoing attack, recovering from any resulting damage or as a precaution pending a forensic investigation is not clear. “The recent guidance from the Bank of England (BoE) requires banks to have the cyber-resilience to “resist and recover” with a heavy emphasis on “resist”. The…
It goes without saying that the evolution of the internet has been proportional to the downfall of analogue methods of consuming media – mediums like DVDs and CDs have been abandoned in favour of downloadable (or increasingly streamable) digital files. Of course, the migration to the cyber plane has not come without challenges – the proliferation of pirated material means that content creators are not getting remunerated for their hard work. The 27 billion visits to pirate websites in 2017 in the U.S. alone would suggest that this is a bigger problem than one might initially realise. We need a more…