News broke yesterday evening that Facebook now believes that the data of up to 87 million people was improperly shared with Cambridge Analytica – many more than previously disclosed – with around 1.1 million UK-based. Despite this story being covered by every major media outlet, we are just scratching the surface. Thoughts such as “isn’t this total disrespect for our privacy?!” are now painfully visible and critically accurate. IT security experts commented below. Evgeny Chereshnev, CEO at Biolink.Tech: “It doesn’t matter what this data leakage would have proven or not proven. The point is that there was always the opportunity, and possibility, that certain…
ISBuzz Team
The Charity Commission has issued a warning to be on the lookout for ‘phishing’ emails impersonating charity CEOs. The warning comes after Action Fraud UK, the UK’s national fraud reporting centre, reported an increase in this type of fraud. Charity trustees, employees and volunteers are being told to be aware of ‘requests to your finance department or staff with authority to transfer funds’ which claim to be from a charity’s CEO but are actually from a spoofed email address. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “The fact that Action Fraud have picked out the…
New survey reveals state of cybersecurity skills shortage and recommends organisational tactics to help counter cyberthreats NEWS HIGHLIGHTS: Forty-six percent of cybersecurity responders believe they will struggle with or it will be impossible to keep up with increase and complexity of threats they will face in the next 12 months IT security staff report needing to increase their security staff by 24 percent to adequately manage their organisation’s cyberthreats A majority of respondents (81 percent) believe cybersecurity would be more successful if greater automation were implemented Seventy-eight percent say the current generation entering the workforce, those that grew up playing…
Only a third of British businesses have a financial plan in place in case of a cyber attack, according to a survey at Lloyds Bank. Meanwhile, only half of companies discuss the risk of cyber attacks at board level. The survey found that, if attacked, over a third of firms would pay a ransom to get their data back, but only a quarter had dedicated cyber insurance. IT security experts commented below. Bill Evans, Senior Director at One Identity: “Recently Lloyd’s Bank released some rather disturbing facts regarding UK business’ willingness and ability to respond to a cyberattack. Notably, it claims that…
It has been reported that warnings have been issued over contactless bank cards with details being “skimmed” while the card is still in your pocket. Contactless fraud has overtaken cheque fraud, which totalled £9.8 million last year. In addition, the number of cards in circulation have increased from 59million to 119million from 2015 to 2017. Lisa Baergen, Director at NuData Security commented below. Lisa Baergen, Director at NuData Security: “As contactless cards become more popular globally, it is critical for online companies to actually identify true customers from imposters to approve transactions. Just having credit card numbers, passcodes and credentials can be easily subverted by cyber…
Cyber Threat Intelligence is Maturing but 62 per cent of Respondents Say Lack of Skilled CTI Professionals is Major Roadblock to Implementation London, 4 April 2018 – SANS, the largest and most trusted provider of cyber security training and certification to professionals worldwide, has released the results of its annual SANS 2018 Cyber Threat Intelligence Survey. The study sheds light on the evolution of Cyber Threat Intelligence (CTI) in cyber security and shows that CTI is maturing as a discipline. In one of the clearest trends SANS has seen in the last three years, respondents have increasingly stated that CTI is improving their prevention, detection and response…
Panera Breads’ website leaked customer information including names, addresses, birthdays, and the last four digits of credit cards for almost eight months before being discovered. IT security experts commented below. Chris Olson, CEO at The Media Trust: “Website breaches have become an epidemic that hurts corporate reputation and brand identity . The Panera website leak is just another example that demonstrates the complexity of security in the digital age. Be it poorly configured databases or unmanaged vendors, enterprises have a responsibility to do a better job controlling their digital ecosystems, especially when it comes to protecting consumer data. The ensuing…
After a drastic decline in the volume of spam coming from the Necurs spambot observed by Check Point’s research team during March 2018, the infamous botnet is back once again and is spreading QuantLoader, a Trojan downloader which has been used to deliver a range of malware, including ransomware and banking trojans. Necurs, considered to be the world’s largest spam botnet, has been used to distribute several malware families in the past, such as the Locky and Jaff ransomware in 2016 and 2017. Just before the Easter weekend, Check Point Threat Intelligence sensors spotted a new wave of Necurs spam,…
News broke that a supply chain cyberattack has disrupted a chain of natural gas companies. It affected a software platform, developed by a company named Energy Services Group LLC, that is used to process customer transactions, according to Bloomberg News. Such data-exchange software is widely used in the gas industry, though the attack was limited to the Energy Services platform. The attack on the billing platform impacted Texas-based Energy Transfer Partners LP, which owns more than 71,000 miles of pipelines containing natural gas, crude oil and other commodities. The Texas firm’s subsidiaries include the Panhandle Eastern Pipe Line Co., whose pipelines run from the Gulf Coast…
It has been reported that data analysis conducted by an outside research firm shows that popular gay dating app, Grindr, has been sharing its users’ HIV status with two other companies. Additional reports from late yesterday say that Grindr has said that it will stop sharing this information. Evgeny Chereshnev, CEO and Founder at Biolink.Tech commented below. Evgeny Chereshnev, CEO and Founder at Biolink.Tech: “All practices where a company has access to confidential information such as HIV status, sexual orientation or even information on deadly allergies, should be illegal to share with other parties. This type of highly personal information is like gold to hackers and can be used…
