Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 565

ISBuzz Team

ISBuzz Team
  • Website

Hidden Data Channel In TLS

ISBuzz TeamFebruary 7, 20181 Min Read

Security researchers at Fidelis have published a proof-of-concept framework for a new covert channel for data exchange using the Transport Layer Security (TLS) protocol. The method leverages the public key certificate standard X.509 and could allow for post-intrusion C2 communication and data exfiltration without alerting network perimeter protections. Justin Jett, Director of Audit and Compliance at Plixer commented below. Justin Jett, Director of Audit and Compliance at Plixer: “By taking advantage of TLS x.509 extensions, malicious actors will try to steal data similarly to how they have done using DNS TXT. By collecting and analyzing certificate details in IPFIX metadata…

Read More

BusinessWire Cyber-Attack

ISBuzz TeamFebruary 7, 20183 Mins Read

In response to today’s Reuters report that global news distribution service BusinessWire, owned by Warren Buffett’s Berkshire Hathaway Inc., has been hit with a sustained distributed denial of service (DDoS) cyberattack that continued as of February 6, 2018, experts with Corero and Juniper Networks commented below. Stephanie Weagle, VP of Marketing at Corero Network Security: “Cyber attackers can quickly and easily launch a DDoS attack to interrupt the service availability of any online property. In the media and communications industry, attacks against these sites can be used to silence or shut down an unfavorable individual or news story. While the motivations behind the sustained attack against BusinessWire news…

Read More

Corporate Websites Used For Cybercrime

ISBuzz TeamFebruary 6, 20181 Min Read

More than 12,000 business websites were used by cybercriminals to deliver malware in 2017 according to the Menlo State of the Web 2017 report. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “Enterprises should be concerned about the increasing frequency of website breaches attributed to compromised third-party code. Clearly, app sec, antivirus and other traditional website security solutions can’t keep pace with the thousands of malicious domains generated every month. The onus is on enterprise IT to continuously monitor all executing code – both first and third-party code – on websites and mobile…

Read More

Cyber Security And Protecting Your Marketplace: A Guide

ISBuzz TeamFebruary 6, 20184 Mins Read

What is Cyber Security? Cyber security is a protection protocol made to protect physical and virtual systems from theft. Protecting your files requires a coordinated efforts through an information system. Here are some common elements about cyber security: End user education Network Security Application Security Operational Security Business continuity planning One of the largest and the largest issue of cyber security is the constant security risks that tend to evolve over time. A traditional solution to this problems was to allocate most of the resources to face the biggest known threat. However, this method would leave out a multitude of…

Read More

3 Simple Steps To Securing Your ICS Systems Against Digital Threats

ISBuzz TeamFebruary 6, 20185 Mins Read

We live in a world where connectivity is key. It’s brought conveniences to our personal lives, and organizations are adopting it into the industrial world to boost productivity. Industrial control systems (ICS), which manage utilities like water, gas, and electricity, are one such example of this ongoing trend. Organizations are putting ICS systems online so that jobs once carried out manually can now be carried out remotely or with the help of automation. One of the key concerns with growing connectivity in the industrial world is a successful cyberattack and its many consequences. As demonstrated by the June 2017 NotPetya wiper…

Read More

NameCheap Name Server Vulnerability Allows Unauthorized Users To Create Sub-Domains

ISBuzz TeamFebruary 6, 20181 Min Read

News broke yesterday that domain registrar NameCheap have been implicated in a server vulnerability which allows unauthorized users to create sub-domains. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “This is exactly the kind of issue which highlights the importance of domain registrars taking security as seriously as possible. Hijacking DNS credentials is a cybercriminal’s dream, as it could facilitate their picking up on established brands, and their traffic, for nefarious purposes. NameCheap should be incredibly careful moving forward regarding the verification of users’ permissions to create sub-domains, in order to keep both individuals and brands…

Read More

A New Solution For Cyber Fraud

ISBuzz TeamFebruary 6, 20183 Mins Read

Hiscox publishes its annual Cyber Readiness Report today, offering a best practice blueprint for businesses to counter the growing threat of cybercrime and fraud. Without investment in prevention, detection and training, firms risk exposing themselves to costly business interruptions and brand impairment. A number of large-scale cyber-attacks have grabbed media attention in the headlines in recent years. But to protect against all cyber threats and comply with the latest regulations, companies in the commercial and financial sectors (including Fintech and eCommerce) also need to be on the lookout for online fraud, a more subtle type of cybercrime that costs UK citizens £1.4bn…

Read More

Serious DoS Flaw Spotted In WordPress Platform

ISBuzz TeamFebruary 6, 20182 Mins Read

According to the Hacker News, a “simple yet serious application-level Denial of Service (DoS) vulnerability has been discovered in WordPress CMS platform that could allow anyone to take down most WordPress websites even with a single machine…”  Lee Munson, Security Researcher at Comparitech.com commented below. Lee Munson, Security Researcher at Comparitech.com: “Just about everyone with a website of note knows that a Distributed Denial of Service (DDoS) attack is bad news for business as the flood of traffic takes the site down. “Fortunately, such attacks are not that common since a huge amount of bandwidth is required – typically criminals instigate a DDoS…

Read More

National Center For Cyber ​​Security Report

ISBuzz TeamFebruary 6, 20182 Mins Read

This morning, the UK’s National Centre for Cyber Security (NCSC) has issued a report on the first results of some of their key cybersecurity initiatives. IT security expert Bob Rudis, Chief Data Scientist at Rapid7 commented below. Bob Rudis, Chief Data Scientist at Rapid7: “The design and labour behind the National Cyber Security Centre’s Active Cyber Defence initiatives — along with the inaugural published results — are nothing short of incredible. The NCSC hasproved that with collaboration and appropriate support, it is possible to implement foundational cybersecurity monitoring, configuration, and reporting that fundamentally changes the economics for opportunistic/commodity attackers. Each initiative covered in the…

Read More

Oh no, More Connected Industrial Connected Systems

ISBuzz TeamFebruary 6, 20181 Min Read

The number of industrial control systems (ICS) connected to the internet has increased year on year – meaning more and more infrastructure is sitting on the ‘net potentially open to attack. Of the 175,632 internet-accessible ICS equipment detected, approximately 42 per cent were in the US, marking a 10 per cent increase over the previous year (from 50,795 to 64,287). In Germany, which ranks second, researchers found ICS gear behind 13,242 public-accessible IP addresses, up from 12,542 in 2016. The UK ranks sixth. Paul Edon, Technical Director (EMEA) at Tripwire commented below. Paul Edon, Technical Director (EMEA) at Tripwire: “The…

Read More
Previous 1 … 563 564 565 566 567 … 1,258 Next
ISB-Bora-Side-Bar

No se ha podido establecer conexión. Error 429

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}