In an alert issued today, the US DHS and FBI described a “multi-stage intrusion campaign by Russian government cyber actors who targeted small commercial facilities’ networks where they staged malware, conducted spear phishing, and gained remote access into energy sector networks. After obtaining access, the Russian government cyber actors conducted network reconnaissance, moved laterally, and collected information pertaining to Industrial Control Systems (ICS).” IT security experts commented below. Ray DeMeo, Co-Founder and Chief Operating Officer at Virsec: “It’s significant that US-CERT has specifically named the Russian government as being behind these attacks. It’s also startling to hear Secretary Perry say he is…
ISBuzz Team
Following the news that Walmart Partner Exposed Personal Data Of 1.3 Million US And Canadian Shoppers due to an AWS misconfiguration. IT security experts commented below. Manoj Asnani, VP of Product Management & Design at Balbix: “There are many issues with the breach notification of a Walmart partner, Limogés Jewelry, whether or not the database was misconfigured so that it was public facing, the fact that the type of PII – including passwords – was stored in plain text is concerning and an issue that should have been surfaced in any compliance audit conducted on the organization. While it’s not acceptable in this…
It has been reported that Twitter users are being conned out of tens of thousands of pounds a day by accounts impersonating celebrities. Working with blockchain intelligence firm Chainalysis, Sky News has discovered that multiple independent copycats are behind the scams, rather than a single conspiracy with a dedicated methodology. The fake accounts have struck hundreds of times over the last two months, with the most successful taking away as much as £50,000 a day before using a range of exchanges to convert the proceeds into cash. The scam takes place after a high-profile Twitter account posts, then an impersonating account with the same image…
It might not be quite as serious as ransomware but adware is nevertheless a cause of much frustration for computer owners everywhere. If you’re constantly being bombarded with pop-up ads or redirected to advertising sites then you are almost certainly a victim of adware. Some types of adware are more subtle, hiding in your system and collecting data which is then used to customise future advertisements. Adware is often downloaded alongside free programs as part of a package and, when agreed to, is a legitimate way of raising revenue. Other programmers sneak adware in with their software bundles without the…
Further to the breaking news that the data of 50m Facebook users has been ‘harvested’, Corsham Institute, the leading consumer digital rights organisation commented below. Rachel Neaman, CEO at Corsham Institute: “As social media sites continue to gather extensive information about their users’ attitudes and behaviour, public concern is growing that this information could be exploited. Whether the issue is legitimate advertising, promotion of inflammatory views, or fake news, it’s high time that the public were given insight into how they are being targeted and by whom. Failure to tackle this growing problem will damage faith in social platforms and…
Researchers have found that a number of connected home gadgets, including baby monitors and security cameras, can be hacked in minutes using a simple Google search. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “The nature of our connected lives means that hackers have an infinitely larger surface area on which to launch their attacks. It’s no longer a case of just securing our desktop computers – now connected devices range from kids’ toys to CCTV cameras, baby monitors, smart homes and smart TVs. To put it another way, the more times…
Data is power. It’s a prime commodity for businesses, which in turn means it is constantly under threat. Just try and think back to a week where a data breach or cyber attacks did not hit the headlines, and you’ll struggle. Not only are these threats a growing problem for any organisation, but the issue becomes more paramount when combined with upcoming changes in compliance. The surge of data created by the digital age has called for a change in how organisations store and handle it. The consequences of non-compliance are well-documented by now, whether that’s in the form of…
Players of the hugely popular Fortnite video game are being urged to be vigilant as malicious hackers kick off campaigns to hijack accounts. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “The gaming industry is hugely lucrative, and with over half of players regularly gaming online, it’s also becoming an increasingly attractive target for cyber criminals. However, many online gamers don’t take precautions to reflect this. According to Kaspersky Lab research, just 5 per cent of people selected their gaming account as being one of three that require the strongest passwords. Online…
Whether it’s home-based workers or teams operating across disparate sites, many businesses are struggling to make the remote working vision a reality. Contrary to popular belief, our recent flexible working study revealed the differing preferences between the multi-generational workforce, with the younger generation preferring to work from the office rather than remotely. This was in clear contrast to baby boomers, who would rather work from home. The research, which polled 1,000 working adults in the UK, also found that 48% of those aged under 35 feel they are most productive in the office, while only 19% of those aged above 55 agree.…
Nearly 70% of cyber security leaders in the APAC region believe a major attack affecting critical infrastructure across multiple countries will happen in the next two years, a survey reveals. Most cyber security leaders in the Asia-Pacific (APAC) region believe that a major, successful cyber attack on critical infrastructure in their country, or multiple countries, is imminent, a new survey has found, which was conducted ahead of Black Hat Asia in Singapore. IT security experts are commented below. Dean Ferrando, Systems Engineer Manager – EMEA at Tripwire: We have seen the devastating affects cyber attacks can have on critical infrastructures which is why…
