Following the recent breaking news story which revealed that Twitter sold data access to Aleksandr Kogan, of the recent Facebook/Cambridge Analytica scandal, and his company, GSR, Eric Schrock, CTO at Delphix commented below on the need for automated data delivery to keep data secure yet accessible. Eric Schrock, CTO at Delphix: “In recent news, it was announced that Twitter sold data access to Aleksandr Kogan, of the recent Facebook/Cambridge Analytica scandal, and his company, GSR. While Twitter has policies that limit access to only public tweets, it is still the case that a company known for data privacy abuse was able to…
ISBuzz Team
Hackers using the Necurs Botnet are now using a new technique to trick victims into opening an email with an archive folder which unzips to a standard folder icon to hide .URL files that automatically download what is known as Quant loader according to Trend Micro. Sean Newman, Director of Product Management at Corero Network Security commented below. Sean Newman, Director of Product Management at Corero Network Security: “There’s no end to the innovative techniques which cyber criminals use to deliver their attacks. So, it’s always surprising when they can still revert to tried and tested techniques which have been around…
Tip 1: Plan for the GDPR future, not just enforcement day The 25th May is enforcement day for the GDPR and while many are fixated on this date, it is now widely accepted that no business will be 100% compliant to every requirement. Rather, businesses should see the GDPR as the beginning of a new era of data protection. They must be armed and in a position to ensure compliance now and into the future and not simply paint over the cracks. The guidance that comes with this regulation will also evolve over time, so businesses must be ready to keep…
Ixia, a network testing, visibility and security vendor and a Keysight Business, has released the Ixia 2018 Security Report, highlighting the company’s biggest security findings over the past year from its Application and Threat Intelligence (ATI) Research Center. The report analyzes the growing exposure to cybersecurity risks as enterprises operate more of their workloads in the cloud. The second annual Ixia 2018 Security Report analyzes how enterprise network attack surfaces are increasing as the perimeter of the traditional network expands into the cloud. Ixia survey data in the report shows that over 90% of enterprises are concerned about data and application security…
ESET Ireland warns users to look out for a well-made fake Netflix page, that includes a security certificate, but collects’ victims’ credit card numbers for the cybercriminals. A genuine-looking email was received by ESET Ireland, appearing to be a warning about an expiring Netflix subscription, titled “Your cancellation confirmation”, claiming the user’s payment at the end of a billing cycle failed, so their membership is getting cancelled. Then a big red button invites them to “restart membership”. Anyone with an existing Netflix account would be alarmed by this and would be likely to click on the “restart” option. The button…
An increasingly complex security landscape, combined with a challenging threat environment, is putting pressure on many organisations to fill the security skills gaps in their workforce. Then the additional demands placed on businesses to cope with changing compliance and regulation requirements, driven currently by the EU General Data Protection Regulation (GDPR), is creating a ‘perfect storm’ in terms of recruiting the right skills and resources to meet these growing demands. It is estimated that there are 1 million unfilled security jobs worldwide. According to an ISC2 survey, the number of unfilled cybersecurity jobs globally will rise to 1.8m by 2022, a…
Out of 50 top government information technology contractors, 49 aren’t completely securing their email systems against spoofing and phishing attacks, according to a study released Wednesday. Only one of those contractors, Engility, is rejecting spam and phishing emails that use its domains entirely. Another, Tetra Tech, is warning recipients those emails are questionable and possibly sending them to spam or quarantine folders, according to research from the Global Cyber Alliance, a cybersecurity advocacy organization. Eyal Benishti, CEO & Founder at IRONSCALES commented below. Eyal Benishti, CEO & Founder at IRONSCALES: “As phishing continues to be the catalyst to data breaches and…
News has surfaced that Twitter sold data access to the Cambridge University academic who also obtained millions of Facebook Inc. users’ information that was later passed to a political consulting firm without the users’ consent. This sort of data sharing will no longer be possible as GDPR comes into force on 25 May, Ilia Kolochenko, CEO of web security company, High-Tech Bridge commented below. Ilia Kolochenko, CEO at High-Tech Bridge: “Some experts are concerned about potential over-regulation with the upcoming enforcement of GDPR. However, exactly such incidents may well justify severe regulation of the personal data market. Twitter, for example, has already adjusted its Terms of…
Check Point researchers have recently discovered a site that although once legitimate has now moved closer to the Dark Side. Back in 2011, OSDSoft was a site offering its audience free video download software to thousands of users around the world. Registered under the name of Ivan Koslov, it also had Facebook, Twitter and YouTube accounts marketing the website’s main and only product. In 2014 however, OSDSoft started to appear in a more suspicious context as several adware variants and Potentially Unwanted Programs (PUPs) downloaded from it were spotted in the wild. These adwares and PUPSs acted stealthily in order…
After years of planning and discussion, the General Data Protection Regulation (GDPR) is very nearly upon us. However, despite the fact that this regulation has been climbing the agenda for some time now, it appears as though businesses are still rushing to get everything ready in time for the 25 May deadline. The reality is that many companies will not be fully GDPR compliant by the required date. But it’s important to remember that GDPR is not an exhaustive list of what is and isn’t allowed; it’s a principle-based, legal framework to drive change, as opposed to a tick-box exercise. Those companies…
