News broke yesterday that the Royal Canadian Mounted Police (RCMP) has charged a Canadian man for trafficking in identity information, mischief to data, unauthorized use of a computer, and possession of property obtained by crime. The 27-year-old Jordan Evan Bloom of Thornhill, Ontario is behind the notorious LeakedSource.com that compiled public data breaches and sold access to this data, including passwords in cleartext. Ryan Wilk, Vice President at NuData Security commented below. Ryan Wilk, Vice President at NuData Security: “The fact that these kinds of services are so readily available to cybercriminals should be indication enough to organizations and consumers that passwords and usernames are virtually useless when attempting to…
ISBuzz Team
BitConnect has announced that it will close down its lending and exchange platform after experiencing a series of long windows of server downtime over the past several days. The website claims the reason for the outage is a “continuous DDoS attack” but a notice on its site reads its team is “performing some maintenance.” Sean Newman, Director at Corero Network Security commented below. Sean Newman, Director at Corero Network Security: “The cryptocurrency gold rush has dominated the news agenda in recent months, but as investors flock to these platforms, they have also become a hot target for cyber criminals looking to exploit the vast wealth and…
The US Department of Defense is reporting that denial-of-service attacks are becoming more frequent and more complex. DoD is currently defending against 600 gigabytes per second attacks on internet access points. This onslaught is pushing the department to handle a one terabyte per second DDoS attack if need be. Stephanie Weagle, VP at Corero Network Security commented below. Stephanie Weagle, VP at Corero Network Security: “The creation of botnets relay on the inherent vulnerabilities in IoT devices, and with the thousands of IoT devices entering the market each day, the opportunity for devastation grows exponentially with each passing moment. These…
Monitor and Prevent Threats in Real-Time STEALTHbits Technologies Inc., a cybersecurity software company focused on protecting an organization’s sensitive data and the credentials attackers use to steal that data, has announced the release of StealthINTERCEPT 5.0. StealthINTERCEPT provides organizations with the operational and security intelligence necessary to achieve a clean, properly configured, closely monitored, and tightly controlled Active Directory environment. “Organizations are realizing the risk associated with having over provisioned users and groups within Active Directory. They are looking for ways to automate the monitoring process and apply security controls that enforce best practices. STEALTHbits has approached solving this problem…
The last year has been a significant 12 months in the short history of cyber security, with headline security breaches such as Uber and a scramble to come up with new approaches, particularly as the European Union’s General Data Protection Regulation comes into force next May. 2018 will see further developments in this dynamic field that will affect almost every organisation on the planet. Here are some predictions for the next 12 months: Innovation will help overcome the continuing cyber security talent drought The severe shortage of cyber security professionals will continue to hamper businesses trying to protect themselves. The…
News has surfaced that a new strain of malware called RubyMiner is being used by cyber criminals to target outdated Linux and Windows serves to secretly mine cryptocurrency. According to Check Point researchers, the criminal has been using RubyMiner to plant the cryptocurrency miner XMrig on vulnerable systems to hijack users’ CPU processing power and covertly mine Monero coins. The attacks are thought to have began from the 9th January, 2018. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “As cryptocurrencies gain popularity and value, they become a more attractive target to cyber criminals looking to make…
Joseph Carson, Chief Security Scientist at Thycotic: “Many industries are going through what is deemed as the fourth industrial revolution. With the maritime industry shifting to advanced technologies to help drive smart and intelligent shipping, these provide very exciting and innovative opportunities and are the biggest advance in maritime operations since the advent of the steam engine. Yet these technology advancements do bring major concerns in terms of cyber dependency and the major concern of cyber risks and threats. Cyber-attacks are increasing and have become a global concern as many systems and devices that run critical infrastructure and decision making are…
The education sector is an increasingly popular target for hackers due to the sheer volume of rich personal and research-based data open to attack. Technology has a dramatic impact on the way we live and learn, putting relentless pressure on institutions to remain agile, accessible and secure. This becomes particularly important against a shifting backdrop of student hyper-connectivity, multi-purposing BYOD, and large-scale collaborative data sharing. British university cybersecurity breaches have doubled in the past two years hitting 1,152 in 2016-17, according to new figures obtained by The Times. DDoS attacks are also rampant, taking out systems as well as online…
A new survey – part of the Ponemon Institute “2018 Global Cloud Data Security Study” – showed that despite the increasing adoption of cloud services worldwide, there is a wide gap in the level of security precautions applied by companies in different markets. The survey found that organizations in the UK (35%), Brazil (34%) and Japan (31%) are less cautious than those in Germany (61%) when sharing sensitive and confidential information stored in the cloud with third parties. Jason Garbis, VP at Cyxtera commented below. Jason Garbis, VP at Cyxtera: “Organisations are taking advantage of the cloud for its scalability,…
Security Researchers from ICEBRG have discovered 4 Chrome Extensions with malware code that was available through the Chrome Web Store. The malicious code allowed attackers to send commands to a users’ browser and used this for clickfraud. Alex Calic, Chief Strategy and Revenue Officer commented below. Alex Calic, Chief Strategy and Revenue Officer: “The digital ecosystem is fertile ground for bad actors. Click fraud remains a serious issue in the digital advertising ecosystem, one which the Ads.txt and other industry initiatives attempt to solve. But these initiatives only address the symptom, not the larger root of the problem which is the…
