Jersey citizens can now leave their ID at home when heading to nightclubs and festivals by using Yoti, the digital ID provider for the island Islanders of Jersey can now use digital identity app Yoti at nightclubs and events – giving them a simpler and safer way of proving their identity, while allowing them to leave valuable ID documents safe at home. In March 2018, the States of Jersey announced Yoti as their digital ID provider, offering islanders a modern way to prove their identity, online and in person. Verifying the age of people on nights out is the first use…
ISBuzz Team
The security of cryptocurrency has been thrown into the spotlight after the South Korean cryptocurrency exchange Bithumb said 35bn won ($31.5m) worth of virtual coins were stolen by hackers. This story has raised the question of security and whether cryptocurrency can be retrieved, if stolen. Senior IEEE Member and Professor of Cybersecurity at Ulster University, Dr Kevin Curran, says that consumers are unlikely to have stolen cryptocurrency returned to them should say bye to stolen Bitcoin. Dr Kevin Curran, Senior IEEE Member and Professor of Cybersecurity at Ulster University: “Unlike traditional banking mechanisms, blockchain currencies can be stolen and moved to thieves accounts with no means of recovery.…
A new malware campaign monitors victim computer clipboards for your Bitcoin and Ethereum addresses to steal coins. The robust malware named ClipboardWalletHijacker has infected around 300,000 computers within one week. Researchers from the 360 Security Center have discovered a new malware targeting Bitcoin and Ethereum users. The Trojan named ‘ClipboardWalletHijacker’ literally hijacks a victim computer’s clipboard to hunt for Bitcoin and Ethereum wallet addresses. It then replaces the victim addresses with that of the hackers to redirect cryptocurrency to the hackers wallet. Andy Norton, Director of Threat Intelligence at Lastline commented below. Andy Norton, Director of Threat Intelligence at Lastline: “Enterprise security deployments, will not be concerned by…
SANS 2018 Endpoint Protection and Response Survey highlights appetite for automating security, but next-gen capabilities often not implemented Global cyber security training company, the SANS Institute, today released its 2018 SANS Endpoint Security Survey report, which found that automating endpoint detection and response processes is the top priority for IT professionals trying to put actionable controls around their endpoints. The survey questioned IT professionals globally on how they approach endpoint security within their organisations, with endpoints referring to devices connecting to networks such as desktop computers, employer-owned laptops, network devices, cloud-based systems and IoT devices. “The diversity and quantity of…
News broke yesterday that three-quarters of malware samples uploaded to “no-distribute scanners” are never shared on “multiscanners” like VirusTotal, and hence, they remain unknown to security firms and researchers for longer periods of time. Andy Norton, Director of Threat Intelligence at Lastline commented below. Andy Norton, Director of Threat Intelligence at Lastline: “A big part of using no-distribute scanning sites, is so that you don’t have to share the sample with VirusTotal, and other legitimate scanning portals. The no distribute site allows the malware author to see the current level of detection for their malware in the Anti-Virus community, they can alter the malware…
A presentation at last week’s BSides conference by researchers from INSINIA emphasised that industrial control systems could be exposed not just to remote hackers, but to local attacks and physical manipulation as well. The talk reviewed 25 years of industrial control kit, going back to the days of proprietary equipment and X21 connections before discussing proof-of-concept attacks. Andrea Carcano, Co-founder and Chief Product Officer at Nozomi Networks commented below. Andrea Carcano, Co-founder and Chief Product Officer at Nozomi Networks: “Cyberattacks on critical infrastructure have increased in recent months with attackers crafting threats specifically to target those systems, including Industroyer/CrashOverride, Triton…
On Sunday night, Tesla CEO Elon Musk sent an email to all employees alleging there was a saboteur within the company’s ranks. Musk said this person had conducted “quite extensive and damaging sabotage” to the company’s operations, including by changing code to an internal product and exporting data to outsiders. IT security experts commented below. Chris Morales, Head of Security Analytics at Vectra: “Users on corporate networks are usually part of a “trusted” group. For example, while on a corporate network, employees typically don’t need to perform the same extra authentication steps necessary to connect to services and applications that they do…
It’s fair to say the General Data Protection Regulation (GDPR) has received attention in recent months. It’s only a matter of time until the first major breach occurs, and then we’ll see how things shake out from an enforcement standpoint. Meanwhile, there’s exciting news for compliance jockeys. Another directive from the European Parliament and the Council of the European Union is ramping up: Directive (EU) 2016/1148, also known as the “Directive on Security of Network and Information Systems (NIS).” The Directive was originally issued a few years ago and focused on measures for a “high common level of security of network and information…
The cyber security market is overwhelmed by buzzwords. Artificial intelligence, machine learning, blockchain – all this attacks CISOs from every possible angle, from webinars and conferences to the media. Most vendors fall into the trends, forgetting about customer needs for the sake of a technology race. Unfortunately, the main problems for CISOs still lie within the borders of security basics. New technologies will never bring any value to your company, unless you get your basic security right. While attackers and threats get more sophisticated, the level of security awareness at the board level often leaves much to be desired. Here…
The wave of security breaches that has exposed personal information of millions of people around the world is pushing governments and industry to come up with a better way to identify people. One approach that is being examined is federated identity management that would be based on a worldwide online data exchange of identities with one sign-in that would allow people to access their many online accounts across numerous systems. Ryan Wilk, VP of Customer Success at NuData Security: “Smaller countries or countries where they are already used to a federal or national ID – this will be very doable.…
