Organisations are being tasked to innovate all the time. Market pressures, changing buying habits and competition from new market entrants is putting increasing pressure on leadership teams to innovate, and on IT teams to deliver on this innovation. And it’s no longer just the IT team. Security, compliance, finance, line of business leaders and DevOps all hold pieces of the puzzle which make up the IT infrastructure of an organisation. Sadly, these groups are often disjointed in their approach and, under pressure from the increasingly fast-paced nature of business, they look for quick wins, rather than working in tandem on…
ISBuzz Team
Peter is having an extremely bad day. As Data Protection Officer (DPO) at a large company, he’s just taken a frantic phone call from the CIO who has informed him of a massive data breach. Details are still very sketchy, but potentially thousands of customer records, including personal data (PD) and payment card data has been compromised – and no-one knows what to do next. The moment Peter puts down the phone, the clock starts ticking. Under the provisions of the EU GDPR he knows that if the information loss is likely to result in risk to individuals’ rights and…
A rise in financial crime and the increasing complexity of financial fraud in the Asia-Pacific region has led law enforcement agencies to embrace innovative tools and tactics to clamp down on criminal activity. The Australian Criminal Intelligence Commission estimates that organised crime costs Australia $A36 billion annually1. KMPG’s Fraud Barometer for Australia found that frauds perpetrated against government bodies were the primary concern in 2017, but fraud perpetrated by professional criminals is a growing problem2. Technology is at the forefront of combating these kinds of fraud, says Ian Watson, CEO of leading British software company Altia-ABM which has established a new office…
It has been reported today that Interpol has warned that any device which is connected to the internet is potentially at risk of attack. According to the news, cyber criminals are more regularly attacking Internet of Things (IoT) devices including webcams, televisions and smart home devices such as Alexa. They could also be targeting wearable like Fitbits and smart watches and even home appliances, like your fridge or washing machine. Adam Brown, Manager – Security Solutions at Synopsys commented below. Adam Brown, Manager – Security Solutions at Synopsys: “Attacks on IoT devices such as internet connect fridges, TV’s, smart home devices etc. are down to flaws in…
Avast experiment demonstrates consumer IoT devices and smartphones unlawfully used for mining Cryptocoins At Mobile World Congress 2018, Avast, the global leader in digital security products, will be performing an experiment to raise awareness of IoT and mobile vulnerabilities by mining the cryptocurrency Monero using a smart TV. In the past year, cybercriminals have increasingly abused smartphones and IoT devices to mine cryptocoins in the background without users knowing. To experience how their own device can be infected, attendees will be invited to take part using their smartphones to mine Monero, a popular cryptocurrency among cybercriminals due to its anonymity.…
A new survey by the UK government’s Cyber Aware campaign shows that young Brits lack cyber security awareness, say reports today. The survey shows that over half (52%) of Brits aged 18-25 use the same password for multiple online services, making it easier for their accounts to be hacked. It also shows that people send highly sensitive data via e-mail and other accounts, with over three quarters (79%) of all respondents of all ages saying they have used messaging systems to send copies of driving licences and passports, and bank details. Lisa Baergen, Director at NuData Security Inc., a Mastercard Company commented below. Lisa Baergen,…
Manoj Asnani provides an insight below that hackers are selling legitimate code-signing certificates to evade malware detection. Manoj Asnani, VP Product and Design at Balbix: “Hacked code-signing certificates certainly present an extended challenge to IT security teams, and are a potentially effective tactic to bypass traditional security appliances. For an enterprise security team, it’s imperative to consider different approaches to capture the incident before it reaches your organization. This includes leveraging the intelligence services that are largely available today to probe the dark web and find chatter about instances before the certificates are purchased. The challenge many organizations face, however, is connecting the…
Tinder accounts were almost swiped right into the hands of hackers after researchers found they were able to login to user accounts using just a phone number. While the vulnerability is now fixed, it’s obviously worrying that chat history and photos could have been exposed. IT security experts commented below. Dr. Giovanni Vigna, CTO and Co-Founder at Lastline: “This is a particularly worrying example of how social media can cause an issue, as the nature of the app means particularly sensitive or embarrassing data could have been exposed and leveraged by bad actors. For hackers, accessing social network credentials is not only an effective…
A new ransomware variant called Annabelle has been discovered, which seems to have been designed to ‘show off the skills’ of the developer who created it, by being as difficult to deal with as possible. The ransomware terminates numerous security programs, disables Windows Defender, turning off the firewall, encrypting your files, trying to spread through USB drives, making it so you can’t run a variety of programs, and overwriting the master boot record of the infected computer with a boot loader. Andy Norton, Director of Threat Intelligence at Lastline commented below. Andy Norton, Director of Threat Intelligence at Lastline: “The more malicious things a piece of code…
This Sunday marks the official 3-month countdown to the GDPR enforcement coming into effect. While we have all certainly heard lots about GDPR over the last twelve months, now is certainly the time for organisations to focus their efforts on becoming GDPR ready. The comment below, from Rufus Grig, CTO at Maintel, explores how companies can best use the final three months to protect their consumer data from attackers. Rufus Grig, CTO at Maintel: “With just 3 months until GDPR comes into force, companies should be utilising this time to ensure they protect their consumer data from attackers. As the final…
