News broke today that a variety of serious vulnerabilities have been identified in the Hardware Against Software Piracy (HASP) license management system of popular license management software used in corporate and ICS environments to activate software on PCs and servers. If these vulnerabilities are left unpatched, the popular license management USB-token can be used to open a hidden remote access channel for cyberattackers. Christopher Littlejohns, EMEA Manager at Synopsys commented below. Christopher Littlejohns, EMEA Manager at Synopsys: “In this article Kaspersky clearly attributes the root cause of many such ICS related software vulnerabilities to ineffective secure software development practices. Whilst the industry is gradually raising their game,…
ISBuzz Team
Alphabet—the parent company of Google, Nest, Waymo, and a million other companies—is launching a new company under the Alphabet umbrella. It’s called “Chronicle,” and the new company wants to apply the usual Google tenets of machine learning and cloud computing to cybersecurity. Terry Ray, CTO at Imperva commented below. Terry Ray, CTO at Imperva: “The announcements today by Amazon Web Services and Alphabet/Google are encouraging and demonstrate that more and more, cyber security is at the forefront of corporate agendas. Both of these technologies will likely serve as analytic platforms for threat detection, which isn’t necessarily a new idea, though I’m sure they’ll have…
Following the news today that, as part of a deal between NHS Digital and Microsoft, NHS organisations will be able to get a threat detection service, alerting them to any cyber security issues. Rob Bolton, Director and GM for Western Europe at Infoblox commented below. Rob Bolton, Director and GM for Western Europe at Infoblox: “The NHS faces major challenges that require it to modernise, reform and improve services to meet the needs of ever more complex, instantaneous patient demands. However, while digital transformation presents a massive opportunity to support the doctors and nurses who work tirelessly for the good of their patients,…
In response to the news that a new study from Ernest & Young has revealed that cybercriminals have managed to steal almost $400 million in cryptocurrency by targeting ICOs, Mark James, Security Specialist at ESET, around securing cryptocurrency commented below. Mark James, Security Specialist at ESET: “One of the biggest problems with cryptocurrency is its lack of regulation. If we take Bitcoin for instance, in the last couple of years it has ranged from being worth $200 through to its peak at £17.5K and now currently it’s on decline. Anyone thinking of investing into these types of currency must take…
Professor Avishai Wool, CTO at AlgoSec, analyses the signs that private cloud is here to stay and provides some advice on how to ensure it remains secure For several years now, the public cloud has been the main focus of conversations about how enterprise IT infrastructures will be deployed and managed. And with good reason: it continues to take the lion’s share of cloud spending. Worldwide public cloud market revenues were projected to grow 18.5% during 2017, according to Gartner. However, this doesn’t mean that private clouds should be written off: far from it. According to IDC, private cloud market revenues grew 10%…
Check Point Announces Infinity Total Protection, a Unique New Security Model to Prevent ‘Gen V’ Threats and Attacks Game-changing new security deployment model for real-time prevention of threats and cyberattacks CPX 360, BARCELONA, SPAIN – Check Point® Software Technologies Ltd. (NASDAQ: CHKP), a leading provider of cyber-security solutions globally, today announced Infinity Total Protection: a revolutionary security consumption model that enables enterprises to prevent Gen V cyberattacks. This innovative model utilizes Check Point Infinity Architecture components, providing the highest levels of security,while also reducing cost by consolidating security components. All business sectors are now experiencing Gen V (5th Generation) cyber-attacks which are characterized by being large-scale and fast moving…
The government is to establish a new unit to counter “fake news”, David Emm, Principal Researcher at Kaspersky Lab commented below. David Emm, Principal Researcher at Kaspersky Lab: “The advent of fake news is very real, and we welcome today’s announcement from the government. The new unit will counter the threat of viruses and other potentially harmful attacks, that can cause significant loss of personal data, all through the click of a fake news story. Cybercriminals are always planning new ways to trick people into clicking fake news stories. A new regulated unit hopefully moves us closer to seeing a decrease…
It’s being reported that the operators of the the venerable Necurs botnet appear to be up to their old tricks, including targeting victims with a variety of phishing campaigns designed to infect them with banking malware, ransomware and cryptocurrency fever as well as to generate profits via dating website referrals. Andy Norton, Director of Threat Intelligence at Lastline commented below. Andy Norton, Director of Threat Intelligence at Lastline: “The Necurs group is spam operation, they will distribute any payload that will pay them to. All phishing themes have to have some applicabilty and resonance with their targets in order to work, dating would be successful to those targets…
Intel has advised customers to halt applying Spectre and Meltdown patches to close chip vulnerabilities as it is causing unpredictable system behavior. Bob Noel, Director of Strategic Relationships and Marketing at Plixer commented below. Bob Noel, Director of Strategic Relationships and Marketing at Plixer: “The current unstable code for the Spectre and Meltdown CPU patches leaves end users vulnerable with no available options other than to wait for a stable fix. In times like these, customers should be extra vigilant to ensure they have not been compromised. Network traffic analytics should be used to monitor their environment for anomalous traffic patterns and…
News broke that 14 vulnerabilities have been discovered by Kaspersky Labs in the Hardware Against Software Piracy (HASP) license management system. The affected USB tokens can be used to open a hidden remote-access channel for cybercriminals. The USB tokens are used to activate software licenses on PCs and servers in corporations and Industrial Control Systems. Moreno Carullo, Co-Founder and CTO at Nozomi Networks commented below. Moreno Carullo, Co-Founder and CTO at Nozomi Networks: “USB drivers have been a significant attack vector for several years with Stuxnet as the most notable example. Operators should consistently employ all necessary precautions when allowing an…
