Computer scientists say that the profusion of voice-activated devices, such as Amazon Alexa, means that we may soon be at risk of “audio hacking”. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “People need to find a compromise where they feel comfortable between achieving security and enjoying the convenience of these gadgets – and as new functions are added to smart home devices, we need to be aware of the security issues that these present. Should UK Alexa devices adopt the ability to transfer money to another person following a verbal command,…
ISBuzz Team
As the number of digital transactions dramatically increases, so does the risk and likelihood of cyber-attack. This means that organisations handling large amounts of sensitive data are more likely to become targets of hackers who are looking to exploit this information which is stored within corporate networks. As a result, businesses find themselves increasingly exposed to what is referred to as a ‘Cyber Risk Gap’ caused by a combination of factors which I have outlined below. Today you are a target of opportunity and a target of choice – it just depends on the day There are countless ways for…
News broke overnight that Courvoisier (real name Grant West), a notorious dark web vendor has been sentenced to 10 years and 8 months in prison by a UK court for selling drugs and stolen PII on the now-defunct Alpha Bay marketplace. Andy Norton, Director of Threat Intelligence at Lastline commented below. Andy Norton, Director of Threat Intelligence at Lastline: “With the arrest of Courvoisier, we can now see the extent of his operation. 7 million usernames and passwords, 63,000 credit cards, and $2.5 million USD in Bitcoin, of which $2,000,000 still remains unaccounted for. He forged phishing emails from major brands in order to steal the…
Social engineering attacks are usually associated with deceptive phishing emails in which the victim is tempted to click on a malicious link or open a malicious attachment to help an attacker penetrate network systems. Yet most people are less aware of the large and growing variety of sophisticated phishing attacks that tempt employees outside of email. These phishing attacks are growing in their effectiveness and are carried out via browser pop-ups, ads, malicious search results, browser extensions, chat applications, social media, web “freeware” and deceptive apps in App Stores. Social engineering attacks are designed to elude software protections by deceiving…
Dr Guy Bunker, SVP of Products at Clearswift commented below as part of security experts comments series on the recent news that Google, Facebook, Whatsapp and Instagram have already been hit by GDPR regulations. Dr Guy Bunker, SVP of Products at Clearswift: “Firstly, this is what was predicted. Organisations and individuals need to be aware that this was always going to be the case. The big names mentioned have armies of lawyers to take this on, however for smaller businesses they don’t. We expect to see increased phishing attacks to see how prepared organisations are to respond to requests. Which…
Ilia Kolochenko, CEO of web security company High-Tech Bridge commented below as part of our security experts comments series on recent security news. Ilia Kolochenko, CEO at High-Tech Bridge: 1.2 billion cryptocurrency stolen “Unregulated cryptocurrencies are an emerging Klondike for cybercriminals. A well-prepared attack is uninvestigable, risk of persecution borders with zero, while the stolen coins can be easily laundered and used for the niceties of life. We will likely see a continuous growth of attacks against cryptocurrency owners and processors (e.g. exchanges) by various means from trivial phishing to sophisticated APT attacks against the largest trading platforms. To reduce the risks,…
In response to the news that the police are warning that the EU GDPR has prompted a wave of scam messages as fraudsters masquerade as banks to trick Brits into handing over their payment details, IT security experts commented below. Mark James, Security Specialist at Internet Security Firm, ESET: “As with any special event that attracts large amounts of interest you will always find scammers and malicious actors trying to take advantage. Some utilise a “fan” interest like an annual sports event or a heart touching event that encourages public interaction. However, one thing we can always be sure of is…
In response to news today that the FBI seized the domain behind the major Russian botnet believed to be poised for an attack on the Ukraine and incorporating “VPNFilter” malware, a Corero Network Security expert offers perspective on why the botnet remains a significant cause for concern. Sean Newman, Director Product Management at Corero Network Security commented below. Sean Newman, Director Product Management at Corero Network Security: “Reports of the latest IoT botnet, based on malware now known as “VPN Filter”, shows a level of complexity which expands upon many of the techniques originally demonstrated in the Mirai botnet. “The worrying thing…
Trust is a huge issue in most sectors. Borne from years of ruthless competition, battles for customers and getting ‘one up’ on rival companies, trusting partners and customers with valuable information is difficult for businesses. Distrust derives through the fear of giving away valuable product information and business data you don’t want leaked or customer contact details. But it is also because of basic security. If competitors or cyber criminals can access data and find information they can use against your business, you’re opening yourself up to a whole host of threats, reputational damage and the potential loss of customers.…
Daniel Mintz, Chief Data Evangelist at Looker: “After the best part of two years of preparation, debate and conjecture, today, the general data protection regulation (GDPR) is upon us. “From customer communications to employee records and beyond, a significant chunk of information held within a business qualifies as personal data meaning, according to the GDPR, it must be controlled, secured and ‘deletable’. Yet, for most organisations, allowing access to analyse such information has typically required copying, exporting and extracting data – leaving a trail of personal data across laptops, servers and systems, both inside companies and third parties. As a result,…
