Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 524

ISBuzz Team

ISBuzz Team
  • Website

Confessions Of A Hacker-Holic – Unit 42 Opens Up TheBottle

ISBuzz TeamApril 30, 20183 Mins Read

Unit 42 have been doing some really interesting research into TheBottle, the actor behind SquirtDanger. As part of an investigation into the SquirtDanger malware, Unit 42 discovered that the code repository had been posted by Russian cybercriminal TheBottle. While the malware itself proved to be interesting, it was the actor behind it that provided a much more interesting story. TheBottle has been active on global underground marketplaces for years, distributing, selling, and trading malware and source code. Unit 42’s research unearthed a confessional blog, social media accounts and a Telegram account of roughly 900 attackers co-ordinating their activity. You can…

Read More

NHS Switches To Windows 10 In The Wake Of WannaCry

ISBuzz TeamApril 30, 20182 Mins Read

News broke earlier that the UK Department of Health and Social Care has announced that it will transition all National Health Service (NHS) computer systems to Windows 10. Officials cited the operating system’s more advanced security features as the primary reason for upgrading current systems, such as the SmartScreen technology included with Microsoft Edge (a Google Safe Browsing-like system) and Windows Defender, Microsoft’s sneakily good antivirus product. IT security experts commented below. Mark James, Security Specialist at ESET: “The benefits of Windows 10 over 7 (and XP) are huge, especially the browser, but we must remember it’s not just the desktop…

Read More

Popular Medical Device Security Advisories

ISBuzz TeamApril 30, 20183 Mins Read

Cynerio, a cybersecurity solutions provider specializing in helping healthcare organizations identity and prevent cyberattacks, today commented on a new ICS-CERT advisory of vulnerabilities found in BD Pyxis products, a medication and supply management system. ICS-CERT is the US government agency in charge of the cybersecurity posture of critical infrastructure in the US. Leon Lerman, CEO at Cynerio: “BD, a medical device manufacturer, has warned that some of its products might be vulnerable to an industry-wide set of WiFi vulnerabilities known as KRACK. These vulnerabilities expose WiFi communications to a man in the middle (MiTM) by an attacker in physical proximity – for access points…

Read More

Positive Technologies: Vulnerabilities In Hirschmann Switches Endanger Industrial Companies

ISBuzz TeamApril 30, 20182 Mins Read

Attackers can interfere with interaction of ICS components German vendor Hirschmann, a Belden company, has published information about fixes for five vulnerabilities in network switches used in energy, chemical manufacturing, transportation, and other industries. The vulnerabilities were discovered by Positive Technologies experts Ilya Karpov, Evgeny Druzhinin, Mikhail Tsvetkov, and Damir Zaynullin. The described issues affect Hirschmann (Belden) RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic switches. A session fixation vulnerability in the switch web interface enables an attacker to hijack a web session (CVE-2018-5465, CVSS v. 3.0 score 8.8). The second vulnerability (CVE-2018-5467, score 6.5) allows an attacker…

Read More

Ponemon Study On Insider Threats

ISBuzz TeamApril 30, 20181 Min Read

A new Ponemon study* commissioned by ObserveIT reveals that the average cost of an insider-related incident is $8.76 million over the course of a year and it takes more than two months, on average, to contain an insider incident. Justin Jett, Director of Audit and Compliance at Plixer commented below. Justin Jett, Director of Audit and Compliance at Plixer: “As the cost of insider threats continues to grow, it is important for IT professionals to have the data context they need to know where an attack is taking place. As the report indicated, 64% of incidents resulted from negligent employees.…

Read More

The Next Generation Of Phishing Scams Reveal Themselves

ISBuzz TeamApril 29, 20182 Mins Read

Researchers at Check Point and CyberInt, have discovered a new generation of phishing kit that is readily available on the Dark Web. Created by a cyber-criminal known as ‘[A]pache’, the kit makes it simple for those with very little technical ability to carry out their own cyber-attack. By simply downloading this multi-functioning phishing kit and following the straightforward installation instructions, a threat actor is able to launch a phishing campaign, that collects the personal and financial information of unsuspecting consumers, very quickly. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “The discovery of…

Read More

WD My Cloud EX2 Serves Your Files To Anyone

ISBuzz TeamApril 29, 20182 Mins Read

Western Digital’s My Cloud is a popular storage/backup device that lets user’s backup and store important documents, photos and media files. Unfortunately, the default configuration of a new My Cloud EX2 drive allows any unauthenticated local network user to grab any files from the device using HTTP requests. This is due to a UPnP media server that is automatically started when the device is powered on. By default, unauthenticated users can grab any files from the device completely bypassing any permissions or restrictions set by the owner or administrator. Here is small proof-of-concept with explanation of each step: Attacker issues…

Read More

NCSC Supports Industry Drive Towards Common Standards

ISBuzz TeamApril 29, 20184 Mins Read

NCSC SUPPORTS INDUSTRY DRIVE TOWARDS COMMON STANDARDS FOR SECURE COMMUNICATION   NCSC joins not-for-profit membership organisation Secure Chorus Membership underlines support for common standards for enterprise secure communication Much needed public-private collaboration forum for long-term security of the global digitally enabled economy The National Cyber Security Centre (NCSC) has joined the not-for-profit membership organisation, Secure Chorus, as a Government Member. Secure Chorus serves as a platform for public-private sector collaboration and is committed to developing a security baseline for the digital economy in the field of secure multimedia communication. As part of its remit to make the UK the safest…

Read More

YouTube To Add New Parental Controls To Kids App

ISBuzz TeamApril 29, 20182 Mins Read

Google says it will add new parental controls (including algorithm-based filtering) to its YouTube Kids app, after inappropriate videos were repeatedly discovered on the service. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “These measures from YouTube are a step in the right direction. However, until YouTube has machine learning algorithms that can match human filtering, it shouldn’t be an option – or, at least, the human filter should be the default. According to Kaspersky Lab research, the average child spends 40 minutes per day, or 4.6 hours a week,…

Read More

DCMS Warns On Cyber Risks

ISBuzz TeamApril 29, 20185 Mins Read

UK businesses are being urged by the Department for Digital,  Culture, Media and Sport (DCMS) to protect themselves against cyber crime after new statistics show over four in ten (43%) of businesses and two in ten charities (19%)  suffered a cyber breach or attack in the past 12 months. IT security experts commented below. Koby Kilimnik, Security Researcher at Imperva: “Cybercrime is now an industry unto itself. And, just as any industry evolves, so does the cybercrime industry. Data is at the centre of the cybercrime industry and at the centre of today’s digital environment. Additionally, there is more data is in…

Read More
Previous 1 … 522 523 524 525 526 … 1,258 Next
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}