Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 522

ISBuzz Team

ISBuzz Team
  • Website

GPON Home Routers Vulnerability

ISBuzz TeamMay 4, 20182 Mins Read

Researchers at VPN Mentor have found two vulnerabilities in GPON home routers that, when combined, could allow attackers complete control of the device and therefore the network. Ashley Stephenson, CEO at Corero Network Security commented below. Ashley Stephenson, CEO at Corero Network Security: “If verified, these home gateways join the escalating category of botnet-vulnerable IoT devices, and they underscore the growing risk of very large botnet-based DDoS attacks. This class of routers typically are directly connected to high speed broadband Internet connections. Once compromised the devices could be covertly “herded” by a bot master to form a botnet large enough to…

Read More

Australia’s Commonwealth Bank Data Loss

ISBuzz TeamMay 4, 20183 Mins Read

Following the news that Australia’s Commonwealth Bank may have lost the data of 20 million accounts in 2016 when it failed to confirm that magnetic tapes had been destroyed by a subcontractor, IT security experts commented below. Tony Pepper, CEO and Co-founder at Egress Software Technologies: “The potential loss of 15 years of banking data is a serious breach of customer trust. Whether the data has been compromised or not, the principle remains that customers trust organisations like banks with highly sensitive information, and they therefore have a responsibility to those customers to guarantee that the data they hold is protected for however long…

Read More

3-Year Attack On Healthcare Orgs

ISBuzz TeamMay 4, 20183 Mins Read

Security Researchers have this week identified a new hacking group that has been targeting global healthcare organisations with a malware that is remotely accessing medical equipment such as X-Rays and MRI machines. The group has been active since January 2015, and works by accessing IT systems using a trojan known as Kwampirs – this then installs a custom backdoor on the systems that it targets before collecting information on its host. As well as accessing medical equipment, the attack also appears to be observing machines that patients use to complete consent firms – basically, they are reaping healthcare records and patient data.…

Read More

Twitter Forces Password Reset – Ironically, It’s “World Password Day!”

ISBuzz TeamMay 4, 20184 Mins Read

In response to news this afternoon that Twitter is telling all 336 Million users to reset their passwords due to a software glitch, four security experts point out the irony that, May 3, 2018 is actually World Password Day! They offer perspective on passwords as an increasingly ineffective and obsolete security mechanism. Ryan Wilk, Vice President of Customer Success at NuData Security, a Mastercard Company: “It’s World Password Day – a time to help organizations move beyond the vulnerabilities of the least-reliable of all the security measures they can take, and adopt a layered defense approach incorporating highly trusted forms of authentication. Passwords are static information that can…

Read More

Spectre NG – The 8 New Spectre Variant Vulnerabilities Discovered

ISBuzz TeamMay 4, 20182 Mins Read

In response to news of the discovery of Spectre NG, with 8 new variations on the Spectre vulnerability, IT security experts commented below. Craig Dods, Chief Security Architect at Juniper Networks: “Assuming they prove to be legitimate, the group of vulnerabilities coined as “Spectre-NG” may pose significantly higher risks to cloud operators and multi-tenant environments than the original variants of Spectre. The information provided to the German technology site Heise seems to imply that a few of the eight new vulnerabilities facilitate VM-escape mechanisms, allowing a threat actor to compromise the hypervisor and/or other tenants from their own VM, apparently with little-to-no…

Read More

FacexWorm

ISBuzz TeamMay 4, 20183 Mins Read

Security researchers have caught a Bitcoin-hijacking Chrome extension that only managed to grab one BitCoin transaction before being exposed. Researchers said the malicious extensions used an attack technique that first emerged last year, dubbed FacexWorm, and added that they noticed re-emerging activity earlier this month. FacexWorm propagates in malicious Facebook Messenger messages and only attacks Chrome. Security experts commented below. Allan Liska, Senior Solutions Architect at Recorded Future: “The new FacexWorm campaign is an example of attackers building upon successful previous campaigns and adding new features. This is at least the third campaign this same attacker has launched using this…

Read More

Chinese Authorities Accidentally Admit To Accessing Deleted WeChat Messages

ISBuzz TeamMay 2, 20182 Mins Read

Chinese government officials have accidentally admitted over the weekend that they can access deleted WeChat messages, a Chinese news site has reported. The admission came over the weekend from an anti-graft commission from the Chinese province of Anhui investigating reports of corruption among government officials. Lee Munson, Security Researcher at Comparitech.com commented below. Lee Munson, Security Researcher at Comparitech.com:  “The fact that a government, especially the one in China, has both the will and the means to access previously deleted messages on a device is hardly surprising. The fact that it made that knowledge public, however, most certainly is. While it…

Read More

73% Of British Businesses Remain Unaware Of The Lawful Basis For Processing Data Ahead Of GDPR Deadline, Reveals ThinkMarble

ISBuzz TeamMay 2, 20183 Mins Read

New findings show that 50% of businesses do not check outsourced providers data security processes  Global cyber and information security experts, ThinkMarble, have today revealed new findings that show that almost three-quarters (73%) of UK businesses remain unaware of the lawful basis for processing data and a quarter (25%) still do not know or are unsure of where the personal data that they are responsible for is currently held. The results highlight the extent to which UK business continue to remain unprepared for the General Data Protection Regulation (GDPR), which comes into effect on 25th May 2018. The data, sourced from more than…

Read More

City Of London Police Launch New Cyber Initiative For Square Mile

ISBuzz TeamMay 2, 20182 Mins Read

The City of London Police is launching a drive to make the Square Mile more resilient to cyber attacks, as the financial services sector sharpens its focus on defending against online criminals. The Cyber Griffin initiative is being launched at the Investment Association’s first cyber security conference for the asset management industry — the sector the lobby group represents — in London on Tuesday. IT security experts commented below. James Hadley, CEO & Founder at Immersive Labs:  “It’s encouraging to see the City of London take a proactive stance toward cyber security.  A resilient cyber strategy is fundamental for the Square…

Read More

TSB Warns Of Phishing Attacks Targeting Customers

ISBuzz TeamMay 2, 20181 Min Read

Following recent news of TSB warning of phishing attacks targeting customers, Stephen Burke, Founder & CEO at Cyber Risk Aware commented below.  Stephen Burke, Founder & CEO at Cyber Risk Aware: “It was only a matter of time until this started to happen. The sheer number of the TSB customers who have been impacted by the outage makes it a no-brainer for hackers to begin targeting those affected. It would not be surprising if fake SMS messages (smishing) also start appearing which pretend to be two factor authentication messages thereby giving hackers real codes they can use to login to…

Read More
Previous 1 … 520 521 522 523 524 … 1,258 Next
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}