It has been reported that China is stepping up its surveillance and security game by expanding its use of high-tech sunglasses with facial recognition technology. The glasses, powered by Artificial Intelligence, scan the faces of vehicle occupants and licence plates, flagging with a red box and warning sign to the wearer when any match up with a centralised “blacklist”. Evgeny Chereshnev, CEO at Biolink.Tech commented below. Evgeny Chereshnev, CEO at Biolink.Tech: “Devices that can perform face-recognition analysis, and work with numerous computer bases in real time, give the person wearing it tremendous power over people. In the foreseeable future, such policemen literally could become Robocops – see…
ISBuzz Team
A data breach at the Florida Virtual School is thought to have impacted impacted more than 368,000 current and former students and up to 2,000 teachers at the school. A statement from FLVS says the breach likely occurred between May 6, 2016, and Feb. 12, 2018, but it wasn’t reported until last Friday. FLVS says school records including students names, dates of birth, school account numbers, their usernames and passwords as well as parent’s names and emails were compromised by the breach. Dean Ferrando, Systems Engineer Manager – EMEA at Tripwire commented below. Dean Ferrando, Systems Engineer Manager – EMEA at Tripwire: “Educational institutions are…
It has been reported that researchers at The Citizen Lab have revealed the apparent use of Sandvine/Procera Networks Deep Packet Inspection (DPI) devices to deliver nation-state malware in Turkey and indirectly into Syria, and to covertly raise money through affiliate ads and cryptocurrency mining in Egypt. Deep packet inspection (DPI) middleboxes on Türk Telekom’s network were being used to redirect hundreds of users in Turkey and Syria to nation-state spyware when those users attempted to download certain legitimate Windows applications. Similar middleboxes at a Telecom Egypt demarcation point were apparently being used to hijack Egyptian Internet users’ unencrypted web connections en masse, and redirect…
Up to $200 Billion in Illegal Cybercrime Profits Is Laundered Each Year, Comprehensive Research Study Reveals Cybercriminals turning to virtual currencies, video game currency and digital payment systems like PayPal to convert illegal revenue into clean cash Bromium®, Inc., the pioneer and leader in application isolation using virtualization-based security, today announced the findings of an independent, academic study into the macro economics of cybercrime and how cybercriminals launder and ‘cash out’ the profits of criminal endeavours. The findings are part of a larger nine-month study titled Into the Web of Profit, sponsored by Bromium. The full findings will be presented at the RSA…
Every minute that a Denial-of-Service attack takes down websites and services, money and reputation drains from the bottom line. Sean Newman, Director of Product Management at Corero Network Security commented below. Sean Newman, Director of Product Management at Corero Network Security: “Although reports of the recent resurgence of mega-sized DDoS attacks may suggest, on the surface, that the problem is largely being dealt with. There is little focus on the fact that the mitigation techniques employed are taking minutes or tens of minutes to activate. Whether DDoS attacks are on the terabit scale, or the consistent daily barrage of relatively…
Kaspersky Lab’s researchers have discovered evidence of an emerging and alarming trend: more and more advanced cyber threat actors are turning their attention to attacks against the healthcare sector. The infamous PlugX malware has been detected in pharmaceutical organisations in Vietnam, aimed at stealing precious drug formulas and business information. PlugX malware is a well-known remote access tool (RAT). It is usually spread via spear phishing and has previously been detected in targeted attacks against the military, government and political organisations. The RAT has been used by a number of Chinese-speaking cyber threat actors, including Deep Panda, NetTraveler or Winnti. In 2013, it was discovered that the…
In the event you are writing about the AMD Ryzen and EPYC security vulnerabilities that were disclosed today, Josh Mayfield, Director of Product Marketing at FireMon commented below. Josh Mayfield, Director of Product Marketing at FireMon: “The critical security vulnerabilities and manufacturer backdoors affecting the AMD Ryzen and EPYC product lines could lead to significant trouble for enterprises, including vulnerabilities such as MasterKey, RyzenFall and Fallout, RyzenFall 2 and Fallout 2, and Chimera. The good news is that these new vulnerabilities can be managed with policy controls. Once a vulnerability is detected, swift policy changes and rule adjustments to the ACLs can effectively…
Earlier this year, researchers from Kaspersky Security Analyst Summit (SAS) issued a report on a highly sophisticated cyberespionage campaign called Slingshot. What makes this initial attack vector unique is that many victims were attacked through compromised routers made by MikroTik. Routers download and run various DLL files in the normal course of business. Attackers found a way to compromise the devices by adding a malicious DLL to an otherwise legitimate package of other DLLs. The bad DLL was a downloader for various malicious files, which were also stored in the router. Christopher Day, Chief Cybersecurity Officer at Cyxtera commented below. Christopher Day, Chief…
Earlier today, Kaspersky Lab researchers announced that they had discovered flaws in Hanwha’s SmartCam cameras. More than a dozen vulnerabilities were found including critical flaws that can be used to take control of devices remotely. IT security experts commented below. Amir Abramovitch, Security Researcher at Cy-OT: “According to this research, hackers can take over any Hanwha smart camera, and some Samsung cameras. Amongst other things, they can remotely change the administrator’s password and execute arbitrary code on the camera. This is particularly worrying as the camera is wireless-only (no wired connection available) and may not be properly managed and monitored at a corporate office. More likely, most…
It has been reported this morning that Theresa May has cleared the way for a cyberattack on Russia as she challenged Vladimir Putin to explain how a powerful Russian nerve agent came to be used in an assassination attempt on British soil. Amber Rudd, the home secretary, hinted at covert retaliation last week, saying: “You may not hear about it all but when we do see that there is action to be taken we will take it.” The deployment of malware is a likely option, a senior Whitehall source said yesterday. “Offensive cyber would be something in the arsenal. It would…
