Following the news that the UK government has blamed Russia for last year’s destructive NotPetya cyberattack, Andy Norton, director of threat intelligence at malware detection firm Lastline explains why attribution of these types of attacks is generally a fruitless and pointless task and why it’s much more important to understand the behavioural capability of the threat. Andy Norton, Director of Threat Intelligence at Lastline: “Even though the attack was Anti-Ukrainian in nature, it does not mean that it was sanctioned by Russian Authorities. Even if it was, Russia have just denied it was them, stating certain Western countries are ‘Russophobic’. “When talking about attribution many people think about the…
ISBuzz Team
Experts from security and privacy advice and comparison website Comparitech commented on two new developments affecting Facebook users this week: German court rules Facebook use of personal data illegal Lee Munson, Security Researcher at Comparitech: “A German court ruling – that Facebook does not go far enough in obtaining consent from users before using their personal data – could have far-reaching consequences for the social media giant. With the incoming European-wide General Data Protection Regulation (GDPR) placing a heavy emphasis on consumer privacy, not to mention a legislative framework, such a decision in one member state is likely to carry across all…
It is being reported that Skype has fallen victim of a security flaw that can allow attackers to gain system-level privileges to vulnerable computers, Microsoft has confirmed. However, the company won’t immediately fix the issue because doing so would require a complete code overhaul. Jim DelGrosso, Senior Principal Consultant at Synopsys commented below. Jim DelGrosso, Senior Principal Consultant at Synopsys: “Although the details are still a bit unclear, Microsoft’s reluctance to fix the issue suggests that this is a flaw in the architecture or design of the software rather than a simple or even complex bug in the code. This highlights an important distinction that often gets overlooked.…
Snapchat’s latest update has left users angry over its confusing design, leading many to avoid updating the app. This, however, should not be avoided as it will leave you potentially exposed to being hacked, as security advocate Javvad Malik at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Keeping software patched and up to date is one of the key ways to stay protected against attackers exploiting vulnerabilities that could lead to personal information being compromised. However, some patches and updates have unintended consequences. It is why in enterprises, immediate patching is not always as straightforward as it may seem. Whenever…
It’s almost been a year since The New York Department of Financial Services (NY DFS) put forward cybersecurity regulation Part 500 for financial institutions who are either under the direct jurisdiction of the DFS or doing business in the state. And on Thursday, February 15th, this regulation will come into full effect, mandating that organizations submit a self-certification of compliance with the NY DFS. One specific section that separates Part 500 from other cybersecurity regulations is that it takes advanced authentication to the next level. Section 500.12 (Multi-Factor Authentication) recommends authentication procedures that rely on anomaly detection and/or changes in normal use patterns. Istvan…
Under the president’s proposed budget for fiscal 2019, A new office of Cyber5security, Energy Security and Emergency Response (CESER) would be established to help monitor and improve energy sector cybersecurity among other responsibilities. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “With cyber threats like Triton, Industroyer and WannaCry along with other types of cyberattacks targeting energy infrastructure growing in frequency and sophistication, it is imperative to put plans in motion for a re-concentrated effort in the Department of Energy to help the private sector address this challenge head on. The energy industry recognizes…
Security and Risk Management Leaders Need to Take a Balanced Approach to Tackling a New Class of Vulnerabilities Security and risk management leaders must take a pragmatic and risk-based approach to the ongoing threats posed by an entirely new class of vulnerabilities, according to Gartner, Inc. “Spectre” and “Meltdown” are the code names given to different strains of a new class of attacks that target an underlying exploitable design implementation inside the majority of computer chips manufactured over the last 20 years. Security researchers revealed three major variants of attacks in January 2018. The first two are referred to as Spectre,…
It has been reported that an unsecured FedEx server was breached, exposing thousands of customers’ personal information, a prominent security research firm discovered earlier this month. Package forwarding service Bongo International was acquired by FedEx in 2014 and now serves as a e-commerce service called FedEx Cross Border. But an unsecured Amazon S3 server, according to the white hat research group Kromtech, was holding more than 100,000 scanned documents including passports, drivers licenses, and security IDs. The white hat group responsibly disclosed the breach. IT security experts commented below. Patrick Hunter, Director at One Identity: “This is an interesting case where a company does all the right…
SANS Report Sponsored by DomainTools Reveals Cyber Threat Intelligence (CTI) Gaining Momentum as Organizations Battle to Keep Up with Hackers As cyberattacks and attackers become more blatant and pervasive each year, a new SANS Institute report, in conjunction with DomainTools, shows organizations around the globe are turning towards Cyber Threat Intelligence (CTI) to detect, respond, and ultimately prevent attacks. DomainTools, the leader in domain name and DNS-based cyber threat intelligence, co-sponsored the SANS survey and resulting report, SANS 2018 Cyber Threat Intelligence Survey. Results show adoption of CTI programs has steadily grown, with 68 percent of organizations currently creating or consuming CTI…
It was reported yesterday that 19 Android applications in Google Play were found to be cryptojacking by secretly loading an instance of the Coinhive script without user knowledge. An analysis of the malicious apps revealed that app authors —believed to be the same person or group— hid the Coinhive JavaScript mining code inside HTML files in the apps’ /assets folder. Professor Giovanni Vigna, CTO and Co-Founder at Lastline commented below. Professor Giovanni Vigna, CTO and Co-Founder at Lastline: “We are going to see an increase in the exploitation of computing resources for cryptomining. There are a number of platforms that haven’t been tapped yet, and it seems…
