According to an Akamai survey, only 1% of media organizations are happy with their current cybersecurity measures. Slow site performance and downtime are the industry’s top security-related concerns, according to 26% of the 200 US media technology decision makers surveyed in the report. Protecting premium video content (23%), enterprise application security (20%), managing the impact of bot traffic (15%), and DDoS mitigation (13%) were other concerns, the report found. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “In an industry no stranger to scary statistics, this one is particularly worrying for media organizations. As media organizations attempt…
ISBuzz Team
More than 1.5 billion sensitive files – ranging from payslips to medical scans – are visible on the open internet, according to a new report. Security researchers have warned the documents are “freely available” to anyone with minimal technical knowhow, and 36% of the exposed files were located in the European Union. Confidential corporate data – including details of yet-to-be-released products – were also out in the open. In one case, a point of sale terminal was leaking data on customer transactions, times, places, and even partial credit card numbers. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at…
It has been revealed that the cyberattack the American airline Delta suffered last year may have exposed customer payment information. The airline said the incident involved (24)7.ai, a chat-services provider used by Delta and other companies. Delta says only “a small subset” of customers were affected, with payment information exposed from Sept. 26 to Oct. Security experts commented below. Martin Jartelius, CSO at Outpost24: How should Delta handle to breach? As this relates to a PCI certified environment, the task of foresic investigations is with the card brands. The important part now is to handle the customer relations with transparency, and also to review…
In light of the news, that a Mirai variant botnet has launched IoT DDoS attack on the financial sector, Anthony Chadd, Senior Director, EMEA at Neustar commented below. Anthony Chadd, Senior Director, EMEA at Neustar: “It’s likely that the latest DNS amplification attack was not an isolated incident, and with Satori on the horizon, businesses must make it a priority to safeguard their IoT systems against severe disruption. But to achieve this requires a clear understanding of what data needs safeguarding, and the levels of security that need to be put in place. Organisations everywhere must be proactive with their…
Modern web browsers are designed to make user experiences customised, intuitive and simple. Developers have been improving their systems by utilising the data users create when they surf the web, and advancements in Big Data mean they have access to more data than ever before. This allows them to track a range of information on users. Using this information to sell targeted advertising has made data collection profitable. Research from Exabeam shows the extent of data collected on web browser users. Exabeam tested what data is left in Firefox after browsing the Alexa top 1000 websites, as well as what…
Security Researchers from Future’s Insikt Threat Intelligence Research Group are reporting* that the DDoS attacks that targeted the Netherlands financial sector in January was the first known use of IoTroop – also known as the Reaper Botnet, a variant of Mirai. The initial attack was a DNS amplification attack with traffic volumes peaking at 30Gs according to Insikt. Andrew Lloyd, President of Corero commented below. Andrew Lloyd, President at Corero: “While the reported amplitude of the attack (at 30Gbps) was nowhere close to record-breaking, it is still higher than most of the DDoS attacks that we see. Corero’s latest DDoS…
In response to the news that Microsoft has rolled-out security updates to fix a critical remote code execution flaw affecting Windows Defender and other anti-malware products, Aaron Zander, IT Engineer at HackerOne commented below. Aaron Zander, IT Engineer at HackerOne: “Criticality for Microsoft depends greatly on the individual product line. For the Windows Product, the most critical vulnerabilities are the ones that cause users to lose control of their computers in totality. In the case of this patched exploit, it offers a worse case scenario: the very tool Microsoft uses to protect their users turned against them. This is not…
In response to the news that Intel has announced it has dropped plans to patch certain older CPU families affected by the Meltdown and Spectre bugs, Ondrej Kubovic, Security Awareness Specialist at ESET commented below: Ondrej Kubovic, Security Awareness Specialist at ESET: “This approach by Intel is not completely new. End-of-support for legacy systems is a standard procedure usually triggered by the development of new and more advanced hardware and software, or changes in the way people interact with their devices. What’s interesting about this case is that it might be the first time when major bugs – such as…
Overnight, news broke that Delta Airlines, Sears, Kmart and more were affected by a data breach at software service provider [24]7.ai. Despite the incident starting on Sept. 26, 2017 and being resolved by Oct. 12, Sears has said it was only notified of the incident a few weeks ago. The incident led to unauthorised access to the credit card information of under 100,000 of its customers. Delta Airlines is currently uncertain if its information was accessed and compromised. Luke Brown, VP EMEA at WinMagic commented below. Luke Brown, VP EMEA at WinMagic: “Fortunately, the impact on Sears and Delta Air customers of this particular…
It has been reported that 2.7 million businesses in the UK are leaving their corporate networks vulnerable to Internet of Things (IoT) hacks. Forty seven percent admitted to not updating default passwords on IoT devices when they’re added to corporate networks, and 15% admitted to not keeping security patches up to date. Natan Bandler, CEO and Co-Founder at Cy-OT commented below. Natan Bandler, CEO and Co-Founder at Cy-OT: “It is not surprising that such a large number of businesses in the UK are leaving themselves vulnerable to IoT hacks; way more than 2.7 million organisations should be worried. IoT devices are the easiest way in and…
