The five-day event hosted by non-profit, open-source organisation seeks to plug application security knowledge gap in an ever-evolving cybersecurity sector OWASP (Open Web Application Security Project) AppSec Europe, the premier application security conference for European developers and security experts, has unveiled its first three keynote speakers. The event is hosted by OWASP Foundation, an open-source, not-for-profit application security organisation made up of corporations, educational organisations and individuals from around the world. Mario Heiderich, founder at Cure53, Ross Anderson, Professor of Security Engineering at the Computer Laboratory, University of Cambridge and Georgia Weidman, founder at Bulb Security LLC will present their keynotes during…
ISBuzz Team
In response to news that the Danish railway company DSB was hit with a DDoS attack over the weekend that prevented passengers from purchasing tickets via app, website, ticket machine or at store kiosks, IT security experts commented below. Paul Bischoff, Privacy Advocate at Comparitech.com: “The breach at Rail Europe is disconcerting not only because of what information was accessed by hackers, but how that information was accessed. Data breaches typically occur when a hacker gains unauthorized access to a database. In this case, however, the hackers were able to affect the front end of the Rail Europe website with “skimming” malware, meaning customers…
With less than 10 working days to go to GDPR D-Day, SMBs are feeling the pressure most. Over 4,000 took part in Mailjet’s recent active GDPR readiness test in the last 8 weeks and the top findings are: 80% continue to collect personal data from customers 67% still aren’t protecting it properly through encryption technologies US startups are generally better prepared than their European counterparts Data protection: Despite low results, the United States is at the top of the data protection ranking with 53% of US startups stating they encrypt the data they process and 47% have a warning system in case of…
With less than two weeks to go until the GDPR deadline, Lynn Elwood, VP cloud & services solutions at OpenText commented below. Lynn highlights that data discovery is essential to build a foundation for GDPR-compliant data management. Lynn Elwood, VP Cloud & Services Solutions at OpenText: “Ask yourself this simple question: Do I know where all the personal data in my company resides? The answer for the vast majority of us will be a resounding ‘no’. Yet, that’s exactly what GDPR demands of you. Even medium-sized companies can easily be looking at terabytes or petabytes of information amassed over many years. They…
In light of the news that adults may be forced to buy a £10 ‘porn pass’ from newsagents to access X-rated movies ‘anonymously’, David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “Like most people, I believe that access to such material should be restricted to adults only – the problem lies in enforcing this. On one hand, tech-savvy young people will look for ways to get round restrictions, such as VPNs, proxies or even the dark web. On the other hand, adults who wish to access such material will face the risk…
Security researchers have discovered a set of malicious apps on the Google Play Store that are reappearing after being removed by simply changing their names. Malware identified as Android.Reputation.1, a Trojan first encountered in 2014, has been found in new iterations of at least seven apps on the Play Store after Google was previously alerted to them. Dean Ferrando, Systems Engineer Manager – EMEA at Tripwire commented below. Dean Ferrando, Systems Engineer Manager – EMEA at Tripwire: “With over 2 million apps in Google’s Play Store, it is inevitable that some malicious apps will creep through. Despite this, users should still…
20 percent of UK employees rarely or never follow security policy for personal and IoT devices Infoblox Inc., the network control company that provides Actionable Network Intelligence, today announced new research that exposes the significant threat posed by shadow devices on enterprise networks. The report titled “What’s lurking on your network: Exposing the threat of shadow devices” found that enterprise networks across the US, UK and Germany have thousands of shadow personal devices – such as laptops, kindles and mobile phones – and Internet of Things (IoT) devices – such as digital assistants and smart kitchen appliances – connecting to their…
Check Point’s latest Global Threat Index reveals that hackers targeted unpatched server vulnerabilities to infect machines and mine crypto-currency in April 2018 Check Point㈢ Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber-security solutions globally, has published its latest Global Threat Index for April 2018, revealing that cyber-criminals are increasingly targeting unpatched server vulnerabilities to infect those machines with cryptomining malware. April 2018 marked the fourth consecutive month where cryptomining malware dominated Check Point’s Top Ten Most Wanted Malware Index, with the Coinhive variant retaining the top spot as the most prevalent malware at a global reach of 16%. Cryptoloot – another crypto-mining malware – was close behind with…
News broke that a DDoS cyberattack made buying a ticket tough for Danish rail travellers Sunday night. The hack made it impossible to purchase a ticket via the DSB app, on the website, at ticket machines and in 7-Eleven kiosks at the stations. Andrew Lloyd, President at Corero Network Security commented below. Andrew Lloyd, President at Corero Network Security: “The DDoS attack seen in Denmark this weekend on critical national infrastructure is precisely the type of attack that EU Governments are seeking to protect citizens against with last week’s introduction of the Network and Information Systems Directive (“NIS”). NIS defines the security of network…
With the ability to generate a staggering $1.5 trillion in revenues every year, cybercrime is big business! It’s the perfect model – earn a high income for minimum effort and risk of penalty. It comes as no surprise then that when faced with issues around the fluctuating value of Bitcoin, cybercriminals stepped into action. These savvy criminals created a new attack technique that offers better paid out odds in comparison to ransomware – cryptojacking – unauthorised use of someone else’s computing resources to mine cryptocurrency. This new technique has quickly risen in the ranks, replacing ransomware as the number one…
