In response to the newly issued SpamhausBotnet Threat Report 2017 — which details findings such as a 37% increase in botnet “C&C” listings in 2017, and that the majority (6,588 or 68%) of botnet controllers Spamhaus found in 2017 were hosted on servers by bad actors — Corero Network Security commented below. Stephanie Weagle, Vice President of Marketing at Corero Network Security: “The latest 2017 threat report from Spamhaus shows a notable uptick in detected Botnets, compared to 2016. The increase is no surprise, given he recent trend of leveraging poorly secured IoT devices, and is only set to increase given the increasing sophistication with…
ISBuzz Team
New Book Explains Cybersecurity Threats and How Employees Can Protect Themselves at Work and at Home Washington, D.C. – Thycotic, a provider of cybersecurity solutions for more than 7,500 organizations worldwide, today announced the release of its new book, “Cybersecurity for Dummies,” which is available free electronically, as well as in print. The new book gives every employee a practical understanding of cybersecurity basics – describing common threats people face in their daily, personal and work lives and steps they can take to avoid cybercriminals stealing their identities and accessing sensitive information. “With cybercriminals targeting humans as the weakest link in cybersecurity…
Following the news that over 30,000 medical records were stolen from a healthcare organisation in Florida after an employee was deceived by a phishing email into sharing their login information, Dr. Markus Jakobsson, Chief Scientist at email Security Specialist Agari commented below. Markus Jakobsson, Chief Scientist at Agari: “The theft of 30,000 medical records from a database in Florida is only the latest in a long line of incidents showing how vulnerable the healthcare sector is to deceptive emails. Our research has found that the healthcare sector is targeted by more deceptive email than any other, with 92 per cent of…
AlienVault labs recently analysed an application compiled on Christmas Eve 2017. It is an Installer for software to mine the Monero crypto-currency. Any mined currency is sent to Kim Il Sung University in Pyongyang, North Korea. The Installer copies a file named intelservice.exe to the system. The filename intelservice.exe is often associated with crypto-currency mining malware. Based on the arguments it’s executed with, it’s likely a piece of software called xmrig. It’s not unusual to see xmrig in malware campaigns. It was recently used in some wide campaigns exploiting unpatched IIS servers to mine Monero. The Installer executes Xmrig with the following command: “-o barjuok.ryongnamsan.edu.kp:5615 -u 4JUdGzvrMFDWrUUwY… -p KJU” + processorCount + ” -k -t ” +…
Dan Panesar, VP EMEA at Certes Networks: “The latest series of attempted hacks targeting organisations involved in next month’s Winter Olympics highlights just how extensive today’s IT infrastructure is and how many attack vectors there are for hackers to exploit. In such a scenario, it only needs one user or one part of the extended network to be compromised, and the entire organisation is at risk. Security mindset needs to change away from a prevention only approach and instead look to contain threats that will inevitably get past cyber defences – and the best way to do that is to adopt a ‘Zero Trust’ model…
Popular wallet developer Electrum issued an emergency patch over the weekend for a critical bug that left thousands of its Bitcoin wallets exposed. Ilia Kolochenko, CEO of web security company High-Tech Bridge commented below on why this may just be the start of similar security incidents for crypto currency startups during 2018. Ilia Kolochenko, CEO at High-Tech Bridge: “Many blockchain and crypto-currency startups have similar or even worse problems. The global market of digital currencies is very competitive, totally unpredictable and highly turbulent. All available, and often already scanty, resources are usually allocated to development and implementation of new features and…
In the wake of a flood of cyberattacks, the U.S. Departments of Commerce and Homeland Security have drafted a report on enhancing resilience against botnets. Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks commented below. Andrea Carcano, Co-Founder and Chief Product Officer at Nozomi Networks: “One approach to blocking Bots from getting into industrial control systems for critical infrastructure is to leverage network segmentation designed for cybersecurity protection. Specifically for industrial cybersecurity, following the IEC 62443 network segmentation guidelines which recommends grouping devices with similar security requirements behind a secure conduit like a firewall is the goal. This…
George Santayana famously observed that: “Those who cannot remember the past are condemned to repeat it.” In a year where data breaches escalated, and cyber-criminals found yet more ways to infiltrate the enterprise network, this quote came to mind. So, as 2017 draws to a close let’s look back over the year and reflect and evaluate past events in cyber security, and understand how they happened, so that we can hopefully prevent them from happening again in 2018. Data breaches continue to happen As I have already alluded to, data breaches increased in number and severity over the past year.…
New data underscores risk facing businesses as attackers side-step traditional security prevention technology CAMBRIDGE, ONTARIO – Rudimentary attacks, like information gathering, reputation blocks, fraud, and brute force attacks, increased by 71% from 2016-2017, according to new data released by eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider. The data represents a total volume rise in detected events from 15 million in 2016, to 21 million last year. Reports demonstrate a marked technique shift by attackers who favor obfuscation techniques that evade standard perimeter controls. The data, collected from eSentire’s best-in-class threat monitoring technologies, spans thousands of private and public cloud…
With 73% of businesses having had some type of operations interruption in the last five years, business continuity is becoming a concern for many organisations, especially the SMEs. Business continuity incorporates pre-emptive measures such as cyber-defences to minimise risk, proactive tactics such as system backups in case a problem arises and plans for a reactive strategy, which should include disaster recovery (DR), ready in case the worst happens. But in the wake of disaster, how do businesses continue with everyday operations? Paul Blore, Managing Director at Netmetix, explores the options available to organisations and how best to utilise them. Business continuity Traditional on-premise…
