Barracuda Now Offers its Powerful Web Application Firewall Technology as a Cloud-Delivered Service that Simplifies Application Security for Organizations of All Sizes Highlights: New cloud-delivered web application firewall (WAF) from Barracuda protects websites and web applications against advanced layer 7 attacks,OWASP Top 10, bots, DDoS, and zero-day threats. The new Barracuda WAF-as-a-Service is a simple, self-managed WAF that offers customers a broad spectrum of control; from 1-touch deployment to control over building and tuning every policy. Barracuda WAF-as-a-Service starts protecting applications in minutes, wherever they are hosted, bringing web application security to organizations — from DevSecOps workflows, to enterprise-scale production deployments. Barracuda…
ISBuzz Team
Scammers are targeting TSB customers with phishing emails in the hope that they will hand over their bank details. The messages sent by scammers claim to be from the bank and inform customers that their accounts have been suspended due to “recent technical and security issues”. They then ask the account holders to verify them by clicking on a link that’s provided. Instead of directing customers to the genuine TSB website, customers are taken to one run by the fraudsters. IT security experts commented below. Eyal Benishti, CEO & Founder at IRONSCALES: “It would be a huge understatement to say TSB have…
Companies are not identifying Insider Threat blind spots according to the latest findings by Dtex Systems. The new report reveals that 90% of assessments discovered that negligent employees were transferring company data to unencrypted and unauthorized USB devices, with 91% indicating that negligent employees were expanding the phishing attack surface by accessing personal web mail accounts on company machines – a behavior up 4% in the last 12 months. IT security experts commented below. Bob Noel, Director of Strategic Relationships and Marketing at Plixer: “Traditional security models focused on the perimeter, with the assumption that the greatest risks existed outside…
In response to news that Google parent company Alphabet’s Jigsaw Project is offering to protect US mid-term campaigns from online attacks, a DDoS mitigation expert with Corero Network Security commented below. Andrew Lloyd, President at Corero Network Security: “While recent election-related headlines have been dominated by the apparent “mass psychology” attempts by Cambridge Analytica (aided by Facebook) to influence voting intentions, government security agencies rightly highlight that the infrastructure of the election process may also be vulnerable. Manual “pencil & paper” or “punch card” voting mechanisms largely protect the act of casting a vote, however, the cyber-threat is real for other…
What is Brand Forgery? In the past, the “Nigerian prince” scheme was effective, where an attacker claimed to be a Nigerian prince willing to cut someone into a large sum of money if they paid a few processing fees to transfer it to a bank in their country. Now, people are more educated about phishing schemes and less likely to fall for implausible phishing emails. Today, a common tactic of phishers is to pose as a legitimate email from a respected company. For example, they might claim that there was a suspicious transaction on your credit card and that you…
The Department of Homeland Security has unveiled a new national strategy for addressing the growing number and scope of national cyber security risks the nation confronts, and bringing new security and resiliency to the Internet. Its 30+page US DHS Cybersecurity Strategy details some specifics and also offers broad goals aimed at addressing these threats, including to: better identify digital risks, reduce threats and vulnerabilities, mitigate the consequences of cyberattacks, and enable cybersecurity outcomes by making infrastructure more resilient and improving DHS management of the cyber portfolio. In response, cybersecurity experts commented below. Michael Magrath, Director, Global Regulations & Standards at VASCO Data Security: “The strategy includes DHS expanding efforts to encourage adoption of applicable cybersecurity best…
The US Department of Energy has released its Multi-Year Plan for Energy Sector Cybersecurity to help make US energy systems more resilient and secure. The plan includes: boosting threat-sharing with the private sector, including a malicious code repository and exchange curbing supply-chain risk, and accelerating research and development to make energy systems more resilient to hacking. Also, the plan serves as a roadmap for the new Office of Cybersecurity, Energy Security, and Emergency Response, for which The Administration has requested $96 million in the 2019 US Federal budget. In response, two experts on Federal cybersecurity issues offer perspective. Michael Magrath, Director, Global Regulations & Standards at VASCO…
Compliance is a critical element of modern business. Yet, it must be remembered that it is not simply a case of achieving IT compliance and moving on to the next task. Rather, compliance needs to be continuously maintained if organisations want to avoid falling foul of increasingly large fines, especially with the enforcement of the General Data Protection Regulation (GDPR). After May 25th, if a company is found to be in breach of the stringent regulation, it will face fines of up to 4% of global annual turnover, or £20m — whichever is greater. Compliance is an organisational commitment of…
New research shows trust in organisations is diminished as UK consumers believe businesses don’t know how to protect their data New findings from a global research study by Veritas Technologies, a leader in multi-cloud data management, reveal that UK consumers have little trust in organisations to safeguard their personal data. With more and more companies suffering data breaches and hackers seemingly one step ahead, nearly two in five (39 per cent) of UK consumers believe most businesses don’t know how to protect their personal data. At the same time, the 2018 Veritas Global Data Privacy Consumer Study also shows that UK…
A newly discovered data breach has left over 3 million Facebook users’ data exposed for four years on an unsecured website, according to a New Scientist report. University of Cambridge academics posted the data of 3 million users collected by the popular Facebook quiz “myPersonality” on a website with “insufficient security provisions” for “anyone to access,” the story said. Evgeny Chereshnev, CEO and Founder at Biolink.Tech commented below. Evgeny Chereshnev, CEO and Founder at Biolink.Tech: “It doesn’t matter what this data leakage would have proven or not proven. The point is that there was always the opportunity, and possibility, that certain data would be extracted from…
