Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 559

ISBuzz Team

ISBuzz Team
  • Website

UK Government Blames Russia For Destructive Cyberattack

ISBuzz TeamFebruary 16, 20182 Mins Read

Following the news that the UK government has blamed Russia for last year’s destructive NotPetya cyberattack, Andy Norton, director of threat intelligence at malware detection firm Lastline explains why attribution of these types of attacks is generally a fruitless and pointless task and why it’s much more important to understand the behavioural capability of the threat. Andy Norton, Director of Threat Intelligence at Lastline: “Even though the attack was Anti-Ukrainian in nature, it does not mean that it was sanctioned by Russian Authorities. Even if it was, Russia have just denied it was them, stating certain Western countries are ‘Russophobic’. “When talking about attribution many people think about the…

Read More

New Facebook Privacy Issues

ISBuzz TeamFebruary 16, 20183 Mins Read

Experts from security and privacy advice and comparison website Comparitech commented on two new developments affecting Facebook users this week: German court rules Facebook use of personal data illegal Lee Munson, Security Researcher at Comparitech: “A German court ruling – that Facebook does not go far enough in obtaining consent from users before using their personal data – could have far-reaching consequences for the social media giant. With the incoming European-wide General Data Protection Regulation (GDPR) placing a heavy emphasis on consumer privacy, not to mention a legislative framework, such a decision in one member state is likely to carry across all…

Read More

Major Bug Forces Microsoft To Rebuild Skype

ISBuzz TeamFebruary 16, 20181 Min Read

It is being reported that Skype has fallen victim of a security flaw that can allow attackers to gain system-level privileges to vulnerable computers, Microsoft has confirmed. However, the company won’t immediately fix the issue because doing so would require a complete code overhaul. Jim DelGrosso, Senior Principal Consultant at Synopsys commented below. Jim DelGrosso, Senior Principal Consultant at Synopsys:  “Although the details are still a bit unclear, Microsoft’s reluctance to fix the issue suggests that this is a flaw in the architecture or design of the software rather than a simple or even complex bug in the code. This highlights an important distinction that often gets overlooked.…

Read More

Why You Must Update Snapchat Even If You Hate The New Design!

ISBuzz TeamFebruary 16, 20182 Mins Read

Snapchat’s latest update has left users angry over its confusing design, leading many to avoid updating the app. This, however, should not be avoided as it will leave you potentially exposed to being hacked, as security advocate Javvad Malik at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Keeping software patched and up to date is one of the key ways to stay protected against attackers exploiting vulnerabilities that could lead to personal information being compromised. However, some patches and updates have unintended consequences. It is why in enterprises, immediate patching is not always as straightforward as it may seem. Whenever…

Read More

Thursday’s NY DFS Cybersecurity Deadline

ISBuzz TeamFebruary 16, 20182 Mins Read

It’s almost been a year since The New York Department of Financial Services (NY DFS) put forward cybersecurity regulation Part 500 for financial institutions who are either under the direct jurisdiction of the DFS or doing business in the state. And on Thursday, February 15th, this regulation will come into full effect, mandating that organizations submit a self-certification of compliance with the NY DFS. One specific section that separates Part 500 from other cybersecurity regulations is that it takes advanced authentication to the next level. Section 500.12 (Multi-Factor Authentication) recommends authentication procedures that rely on anomaly detection and/or changes in normal use patterns. Istvan…

Read More

Government’s Effort To Beef Up Cybersecurity In The Energy Sector

ISBuzz TeamFebruary 16, 20181 Min Read

Under the president’s proposed budget for fiscal 2019, A new office of Cyber5security, Energy Security and Emergency Response (CESER) would be established to help monitor and improve energy sector cybersecurity among other responsibilities. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “With cyber threats like Triton, Industroyer and WannaCry along with other types of cyberattacks targeting energy infrastructure growing in frequency and sophistication, it is imperative to put plans in motion for a re-concentrated effort in the Department of Energy to help the private sector address this challenge head on. The energy industry recognizes…

Read More

Gartner Provides Seven Steps Security Leaders Can Take To Deal With Spectre And Meltdown

ISBuzz TeamFebruary 16, 20185 Mins Read

Security and Risk Management Leaders Need to Take a Balanced Approach to Tackling a New Class of Vulnerabilities Security and risk management leaders must take a pragmatic and risk-based approach to the ongoing threats posed by an entirely new class of vulnerabilities, according to Gartner, Inc. “Spectre” and “Meltdown” are the code names given to different strains of a new class of attacks that target an underlying exploitable design implementation inside the majority of computer chips manufactured over the last 20 years. Security researchers revealed three major variants of attacks in January 2018. The first two are referred to as Spectre,…

Read More

FedEx Customer Documents Exposed In Mass Data Breach

ISBuzz TeamFebruary 16, 20185 Mins Read

It has been reported that an unsecured FedEx server was breached, exposing thousands of customers’ personal information, a prominent security research firm discovered earlier this month. Package forwarding service Bongo International was acquired by FedEx in 2014 and now serves as a e-commerce service called FedEx Cross Border. But an unsecured Amazon S3 server, according to the white hat research group Kromtech, was holding more than 100,000 scanned documents including passports, drivers licenses, and security IDs. The white hat group responsibly disclosed the breach.  IT security experts commented below. Patrick Hunter, Director at One Identity:  “This is an interesting case where a company does all the right…

Read More

81 Percent Of Cybersecurity Pros Agree: Cyber Threat Intelligence Improves Prevention, Detection, And Response Capabilities

ISBuzz TeamFebruary 16, 20183 Mins Read

SANS Report Sponsored by DomainTools Reveals Cyber Threat Intelligence (CTI) Gaining Momentum as Organizations Battle to Keep Up with Hackers As cyberattacks and attackers become more blatant and pervasive each year, a new SANS Institute report, in conjunction with DomainTools, shows organizations around the globe are turning towards Cyber Threat Intelligence (CTI) to detect, respond, and ultimately prevent attacks. DomainTools, the leader in domain name and DNS-based cyber threat intelligence, co-sponsored the SANS survey and resulting report, SANS 2018 Cyber Threat Intelligence Survey. Results show adoption of CTI programs has steadily grown, with 68 percent of organizations currently creating or consuming CTI…

Read More

JavaScript Cryptomining Scripts Discovered In 19 Google Play Apps

ISBuzz TeamFebruary 16, 20181 Min Read

It was reported yesterday that 19 Android applications in Google Play were found to be cryptojacking by secretly loading an instance of the Coinhive script without user knowledge. An analysis of the malicious apps revealed that app authors —believed to be the same person or group— hid the Coinhive JavaScript mining code inside HTML files in the apps’ /assets folder. Professor Giovanni Vigna, CTO and Co-Founder at Lastline commented below. Professor Giovanni Vigna, CTO and Co-Founder at Lastline: “We are going to see an increase in the exploitation of computing resources for cryptomining. There are a number of platforms that haven’t been tapped yet, and it seems…

Read More
Previous 1 … 557 558 559 560 561 … 1,258 Next
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}