In light of the discovery of “cryptojacking” malware affecting thousands of websites around the world – from the UK’s NHS and ICO to the US government’s court system, Nick Bilogorskiy commented below. Nick Bilogorskiy, Cybersecurity Strategist at Juniper Networks: “The meteoric rise of cryptocurrency valuations has shifted cyberattack activity to focus squarely on obtaining Monero and Bitcoin. Given the bubble-like rise in valuations, cryptocurrencies represent a new and highly valuable opportunity by cybercriminals to increase their malware riches. The price of Monero doubled in the last three months, which shows continued adoption by the community. The newest of these crypto coin…
ISBuzz Team
In recent years, the mobile workforce has grown rapidly. Many forward-thinking companies have recognized the benefits of remote work and have adapted accordingly. However, allowing anywhere, anytime access to corporate data creates new risks that are difficult to address with most security solutions. Before the mobile workforce explosion, businesses used a “trusted” device model to secure remote access to corporate information. Unfortunately, with the plethora of personal devices used by the workforce today, this legacy approach is no longer reliable or secure. Trusted Devices 101 Endpoints are considered “trusted” if they meet certain security requirements or if the enterprise can…
A cyber attack was launched on the Winter Olympics during the opening ceremony last Friday, disrupting the stadium’s WiFi, the official Pyeongchang 2018 site and more. Olympic officials have not suggested who is responsible for the attack, but the malware believed to have been used in has now been identified by Cisco Talos. Dubbed ‘Olympic Destroyer’, the malware appears only destructive in functionality. It aims to render machines unusable by deleting shadow copies, event logs and trying to use PsExec & WMI to further move through the environment. This has been seen in both BadRabbit and Nyetya. Stephen Moore, Chief Security Strategist at Exabeam commented below. Stephen Moore, Chief Security…
As today marks 100 days until the GDPR compliance deadline, Joe Garber at Micro Focus commented below. Joe Garber, Global Head at Micro Focus: “As today marks exactly 100 days until the GDPR deadline, it is important to reflect on the changes the new rules and regulations will bring. When it comes to the GDPR, the risk of hefty fines and loss of credibility with customers are the bottom-line consequences of non-compliance for businesses. However, today we should be thinking about the benefits the GDPR will bring to privacy and security – something organisations will see if they approach the new…
It has been reported today that the Home Office have announced new technology which will be made available to all internet platforms that could stop the majority of Isis videos from reaching the internet by analysing the audio and images of a video file during the uploading process, and rejecting extremist content. The government hasn’t ruled out forcing technology companies to implement it by law. IT security experts commented below. Bill Evans, Senior Director at One Identity: “While at the surface, this seems like a wonderful idea – to protect the homeland from the insidious content being distributed via cyberspace by our enemies in…
It has been revealed that the number of breaches suffered by the financial services sector has tripled over the past five years. The study, conducted by Ponemon found that the average cost of cybercrime for financial services companies globally has increased by more than 40 percent over the past three years, from $12.97 million per firm in 2014 to $18.28 million in 2017 – significantly higher than the average cost of $11.7 million per firm across all industries included in the study. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Financial institutions have had to…
Kaspersky Lab researchers have uncovered ‘in the wild’ attacks being carried out by a new piece of malware using a zero-day vulnerability in the Telegram Desktop app. The vulnerability was used to deliver multipurpose malware, which depending on the computer can be used either as a backdoor or as a tool to deliver mining software. According to the research, the vulnerability has been actively exploited since March 2017 for the cryptocurrency mining functionality, including Monero, Zcash, etc. Social messaging services have long been an essential part of our connected life, designed to make it much easier to keep in touch…
Blinkered and costly focus on cloud security puts compliance and data privacy at risk Security concerns are twice as likely to drive cloud strategy than even the business’ core objectives, according to Calligo, a world-leading cloud solution provider. Even regulatory compliance and data privacy – the strategic themes of doing business in 2018 – receive a similarly low ranking. Whereas security is the chief driver behind cloud strategy for 34% of 200 UK IT decision-maker respondents, the business’ core objectives, compliance and data privacy are each only the top consideration for 17%. This is despite the imminent implementation date of…
This is the second Hiscox Cyber Readiness Report, conducted by Forrester Consulting, and it has been expanded to cover more than 4,100 organisations, large and small, in both private and public sectors, across five countries – the UK, USA, Germany, The Netherlands and Spain. It puts the spotlight not only on the financial consequences of individual cyber breaches but also on the enormous cost in terms of investment made to counter the threat. Above all, it measures the cyber readiness of respondents using a multi-dimensional model built on best practice in cyber strategy and execution. A few observations from the report:…
New figures from F5 Labs report 64% rise in attacks and greater tactical diversity from cybercriminals; EMEA endured over 51% of 2017 attacks F5 Labs today released new figures highlighting how DDoS attacks continue to grow and evolve in EMEA. According to customer data from F5’s Poland-based Security Operations Center (SOC), 2017 saw a 64% rise in mitigated incidents. EMEA is also firmly in the firing line, accounting for over 51% of reported global DDoS attacks. Reflecting the spike in activity, F5 reported a 100% growth for EMEA customers deploying Web Application Firewall (WAF) technology in the past year. Meanwhile,…
