Following the recent news regarding British shipping company, Clarksons, revealing that a data breach it suffered last year stemmed from a hack on a “single and isolated user account”, Joseph Carson, Chief Security Scientist at Thycotic offers the following comment. Joseph Carson, Chief Security Scientist at Thycotic: “Many organisations have failed to implement privileged access security and in failing to do so, they typically allow single user accounts to access sensitive information directly with only a single password protecting the sensitive data. Many cybercriminals use techniques that first target user accounts through phishing and social engineering, then move laterally to find those privileged accounts…
ISBuzz Team
Reddit has been in the news, following an incident where users’ log in details were compromised. IT security experts commented below. Frederik Mennes, Senior Manager Market & Security Strategy, Security Competence Center at OneSpan: “In order to effectively deal with today’s cyber security threats, organizations should protect their accounts with strong, multi-factor authentication. Reddit did so, but unfortunately opted for a two-factor authentication technique with known security weaknesses, namely delivery of one-time codes via SMS. While it is not clear how the SMS codes were intercepted in case of Reddit, earlier cases have shown that interception is usually performed using malware on…
In response to Kaspersky research finding that the fileless PowerGhost cryptomining malware is targeting corporate networks is moredifficult to detect than other miners because it doesn’t download malicious files to the device and so is likely to operate longer unnoticed, an expert with Corero Network Security offers comments. Sean Newman, Director Product Management at Corero Network Security: “The Cybercriminal community’s rush to benefit from the huge returns possible from investing their hacking efforts in crypto-currency mining is certainly gaining pace at an epic rate. Although a recent trend has been to leverage mass botnets of IoT devices, which has proven easy due to…
Iowa’s UnityPoint Health has revealed it was the victim of a phishing attack that put the sensitive medical information of 1.4 million patients at risk, as reported by local media. Leon Lerman, CEO at Cynerio: “Healthcare organizations need to be on high alert for these types of phishing attacks like the one that targeted employees of UnityPoint Health. Perhaps they think it won’t happen to them and that the cyber-criminals will go after very large organizations, so they don’t really take action to protect themselves. On the other hand, I’m sure many of them do worry about it, especially because they deal with…
According to news reports, Facebook is preparing to announce today that it has identified a coordinated political influence campaign, with dozens of inauthentic accounts and pages that are believed to be engaging in political activity ahead of November’s midterm elections. Lee Munson, Security Researcher at Comparitech.com: “Just like previous elections, Facebook is likely to become embroiled in the US mid-term elections, in many different ways. While the platform will allow American citizens to discuss and debate all manner of topics with their friends and families, it was also undoubtedly be used by millions of people looking for news and political comment. Given how…
In response to the news that hackers from China have taken to sending CDs full of malware to state officials in the post, Mark James, security specialist at ESET commented below. Mark James, Security Specialist at ESET: “This approach, while unusual, does not surprise me. A disk appears out of the blue in the post, it looks harmless, the only way to determine its contents is to place it in your machine and view its contents. The trap is set, triggered and infected. This type of attack is not aimed at the security conscious it’s an opportunistic attack that will without doubt…
Yale officials are confirming Social Security Numbers Accessed in Yale University Data Breach. NBC reports the breach occurred between April 2008 and January 2009, and in 2011, Yale deleted personal information in that database as part of an effort to protect personal information on Yale servers, and was not aware at that time of the breach. Ryan Wilk, Vice President at NuData Security: “Yale University is taking steps to help amend the potential damage of this breach by advancing the forensic investigation and contacting all affected parties as soon as possible. On the flip side, although financial information was not exposed, even having your social security number, name, address, and…
In response to the news that the Department of Defense (DOD) has confirmed it has been silently working on a “Do Not Buy” list of companies known to use Chinese and Russian software in their products, security experts commented below. Johnathan Azaria, Security Researcher Specialist at Imperva: “This is not surprising when considering that some software manufactured in China was shipped with out-of-the-box malware. The possible threat from such software ranges from unintentional security issues that simply weren’t patched properly, to a hard-coded backdoor that will grant access to the highest bidder. We hope that the news of this list…
Researchers have uncovered a cryptojacking campaign that looks to spread across infected networks, targeting business PCs and servers. Bob Noel, Director of Marketing and Strategic Partnerships at Plixer: “When PowerGhost makes its way onto a corporate network, the business is being robbed of key resources. This negatively impacts productivity, profitability and customer satisfaction. There are many ways that organizations can both protect themselves and identify if PowerGhost has made its way into their environment. First, any organization that has not applied the patch for Eternal, should prioritize doing so. This vulnerability has been known since early 2017, and there are…
Researchers at leading cyber-security vendor Check Point have shown how criminals are using a new and complex method to abuse the digital infrastructure of the online advertising industry to spread malware to millions of online surfers worldwide. This is widely known as ‘malvertising’ and, in this case, started with the compromising of thousands of WordPress websites, involves multiple parties in the online advertising chain, and ends with the distribution of malware to web users globally. The online advertising industry is based on three main elements: 1) Advertisers who wish to promote their products or content. 2) Publishers who allocate space on their website and…