Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 550

ISBuzz Team

ISBuzz Team
  • Website

“RedDrop” Android Malware Can Secretly Record Conversations

ISBuzz TeamMarch 6, 20181 Min Read

News is emerging of a new Android malware, RedDrop, that can secretly record users’ conversations. Victor Chebyshev, Security Researcher at Kaspersky Lab commented below. Victor Chebyshev, Security Researcher at Kaspersky Lab: “Kaspersky Lab is aware of this threat since September 2017. RedDrop is malware capable of spying on its victims (it can collect data about a victim’s device, including data from a device’s memory card and contacts list) and discreetly make a device buy paid-for subscriptions, which can result in users facing financial risk. We have seen hundreds of unique RedDrop detections across the world, mostly from Chinese users. The malware is…

Read More

Majority Of Businesses Are Still Struggling To Secure Data Effectively, Confirms New Research From Claranet

ISBuzz TeamMarch 6, 20184 Mins Read

Research reveals 69 per cent of businesses are lacking in terms of proper data management, casting doubt on their ability to comply with GDPR Keeping data secure remains a top priority for businesses, and as the General Data Protection Regulation (GDPR) comes into force on the 25th May 2018, there is an increased urgency to improve the way data is managed. However, despite this impending deadline and the rapidly evolving threat landscape, new research from managed services provider Claranet has found that many companies are still not managing their data as well as they could. The research, which was conducted by…

Read More

Over 20,000 Suffer As U.S. Marine Corps Hit By Data Breach

ISBuzz TeamMarch 5, 20181 Min Read

News has surfaced that the U.S. Marine Corps has suffered a data leak, impacting 21,426 people. Personal data including bank accounts numbers, social security numbers, credit card information and mailing addresses were all exposed after an unencrypted email with an attachment containing personal confidential information was sent to the wrong email distribution list. Paul Edon, Director at Tripwire commented below. Paul Edon, Director at Tripwire:  “With potentially highly confidential data stored on military systems, it is imperative that these systems are performing regular threat assessments. This includes examining the level of admin privileges granted to individuals to avoid accidental data…

Read More

CA Veracode On “Spring Break” New Vulnerability For Web Apps

ISBuzz TeamMarch 5, 20182 Mins Read

In response to the news that new “Spring Break” critical remote code execution (RCE) vulnerability, which is affecting Pivotal Spring frameworks including Spring Boot, the world’s most popular framework for building web applications, Chris Wysopal, CTO at CA Veracode commented below. Chris Wysopal, CTO at CA Veracode: News of “Spring Break” – the critical remote code execution (RCE) vulnerability (CVE-2017-8046) affecting projects in Pivotal Spring frameworks including Spring Boot, the world’s most popular framework for building web applications – is another example of the continuous challenge that organisations face in maintaining the security of their applications. The importance of reacting quickly to “Spring Break” cannot be underestimated. A similar RCE…

Read More

WeChat Becomes More Censored By Government In China

ISBuzz TeamMarch 5, 20182 Mins Read

Dr Johannes Ullrich, Dean of Research at SANS Institute commented below, regarding the recent added censorship WeChat has undergone in mainland China. It addresses how sophisticated censorship and control is possible at scale, as well as the complexities of such censorship in our globally connected environment. Dr Johannes Ullrich, Dean of Research at SANS Institute: “Last week, President Xi of China extended his stay in power, amending the Chinese constitution to allow him to continue in office beyond the customary 10 years. Naturally, this has provoked an increase in negative opinion and dissent online, which in turn has led to…

Read More

New Ransom Angle To Memcached Server Attacks

ISBuzz TeamMarch 5, 20181 Min Read

After multiple reports of massive DDoS attacks using memcached servers were detailed this week by researchers including Imperva and Akamai, a new development involving ransomware demands was also published Thursday by Cybereason. Nick Bilogorskiy, Cybersecurity Strategist at Juniper Network, commented below, and provided a supporting screenshot from the Shodan search engine.  , Cybersecurity Strategist at Juniper Network: “It is a pretty clever trick to embed the ransom demand inside the DOS payload. It is also fitting with the times that attackers are asking for Monero rather than Bitcoin because Monero disguises the origin, destination and amount of each transaction, making it more suitable for ransoms.…

Read More

Open Source Code Flaws

ISBuzz TeamMarch 5, 20182 Mins Read

A new study by Sonatype reports that one in eight open source components used to create applications contain flaws. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “There is inherent risk associated with using open source code for the development of IoT devices. By definition, an open source platform is influenced and altered by anyone, be they white hat or black hat. Bad actors can use open source repositories to plant software with hidden backdoors allowing them to create botnets. The IoT industry should look to move to a Red Hat type model, where open source…

Read More

Next Possible DDoS Attack That Could Cause A Major Internet Blackout

ISBuzz TeamMarch 5, 20181 Min Read

A report out from Harvard University reveals that there could be a large-scale Internet outage similar to the Dyn outage in 2016. *  The report points to the centralization of DNS which could translate into a single point of failure during a Denial-of-Service attack and could result in significant Internet outages for organizations. Sean Newman, Director of Product Management at Corero commented below. Sean Newman, Director of Product Management at Corero: “Ensuring the resiliency of a company’s Internet presence should be top priority for any organization that relies on it to do business and DNS is certainly an important part…

Read More

Expanded Equifax Breach

ISBuzz TeamMarch 5, 20181 Min Read

Following the news that the Equifax breach affected millions more consumers than originally reported, bringing the total to almost 147.9 million people – almost half the US population. Matt Dircks, CEO at Bomgar commented below. Matt Dircks, CEO at Bomgar: “The seemingly ever-growing extent of the Equifax breach should serve as a reminder that companies cannot afford to be complacent in the face of cyberthreats. In the majority of breaches, attackers use a stolen or weak password to gain a foothold into the network. It’s critical that all credentials to privileged accounts be secured via multi-factor authentication and strong password management policies,…

Read More

Less Than A Third Of Global Healthcare Organisations Remain Untouched, As Data Breaches Rise Across The Industry

ISBuzz TeamMarch 5, 20184 Mins Read

2018 Thales Healthcare Data Threat Report reveals pressures to drive digital transformation, while maintaining the security of sensitive information   Thales, a leader in critical information systems, cybersecurity and data security, today announces the results of its 2018 Thales Data Threat Report, Healthcare Edition, revealing only 30% of global healthcare organisations have remain untouched by a data breach. Worryingly 39% of these organisations have been breached in the last year alone, while the majority of respondents (70%) reported being breached in the past – a 17% increase from the 2016 report. Issued in conjunction with analyst firm 451 research, the findings also…

Read More
Previous 1 … 548 549 550 551 552 … 1,258 Next
ISB-Bora-Side-Bar

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}