The holiday season has not been a joyful time with respect to Ukraine’s power grid. Indeed, hackers have struck the Ukraine with two major cyberattacks during the month of December over the last two years and a third would have serious ramifications that would be felt around the world. Andrea Carcano, Founder and Chief Product Officer at Nozomi Networks commented below. Andrea Carcano, Founder and Chief Product Officer at Nozomi Networks: “The Ukraine attacks of 2015 & 2016 left Kiev residents in the cold, a situation that reverberated to utilities around the globe. You can imagine the board-level discussions that started with…
ISBuzz Team
In response to the news that California voter database compromise affecting 19 million voters, resulting in a ransomware attack, Carl Wright, Chief Revenue Officer at AttackIQ commented below. Carl Wright, Chief Revenue Officer at AttackIQ: “We continue to see sensitive information being exfiltrated or held for ransom by cyber adversaries and we expect to see this trend continue throughout 2018. Attackers do not jump from the internet directly into these rich data repositories. One or more – avoidable — protection failures must have occurred in order to grant them this unfettered access to sensitive data. Organizations must start spending 10 percent of their security budget…
That time of year again, when people like me with a little space on the Internet try to predict what goodies CyberSecurity Santa will bring for the New Year. Past predictions1 2 3 by your intrepid security guide have been uneven (blame the IETF), but I will do my best to once again prepare you for what’s to come. Web application security takes center stage. In the wake of the breach of a certain credit bureau, organizations start adopting web application security tools, services, and practices at a large scale for the first time. In particular, cloud-based web app security…
As a response to the story that One of Australia’s Richest Men Lost $1 Million in Email Scam, Steve Malone, Cyber Resilience Expert at the email and data security company Mimecast commented below. Steve Malone, Cyber Resilience Expert at Mimecast: “The theft of $1million makes it loud and clear just how real and dangerous impersonation attacks are. According to the latest Mimecast ESRA figures, these attacks have risen by 50% in the last quarter alone, 7 times more often than missed email-borne malware. Often overlooked by information security providers, impersonation attacks are an easy and effective way to gain trust through a combination of…
It has been discovered by cyber security experts that hackers are using a new type of malware to target industrial control systems which is forcing operations to shut down. Cybersecurity firm FireEye has named this malware “Triton”. Travis Smith, Principal Security Researcher at Tripwire commented below. Travis Smith, Principal Security Researcher at Tripwire: “The fact that operations were shut down, whether that was the primary intent or not, shows the real physical impact these cyber threats can have on critical infrastructure. Industry experts have warned about these threats for some time now, so incidents like these emphasize the need for industrial operators to invest in…
Users of Mozilla FireFox have voiced their anger after the web browser forcefully installed a Mr. Robot promotional add-on within some of its browsers. The add-on, called Looking Glass, was intended to promote the season 3 finale of Mr. Robot that aired on Wednesday, December 13, but instead only attracted a backlash from unhappy users. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Forcefully installing ads, or enabling plugins is a big no-no, and a company like Mozilla should be aware of the implications of its actions. While advertising is a given in todays day…
Automation will continue at a faster pace than ever before in human history. If you recall talk about the “information revolution” from 25 years ago when the web was in its infancy, you’ll wince at how quaint and wrong the pundits were. The real information revolution is happening now, and the robots are winning. Our politics are now infested with disaffected and displaced low-skill humans who have become obsolete. That situation will get worse as more people are automated right out of the economy. The Luddite backlash is here again! ** CARS will drive themselves. But more importantly, trucks will…
Brian Krebs has issued his annual warning about gift card fraud – i.e. that fraudsters peel, snap & replace the number on the back of the card, that’s covered with a sticker, and then just lurk and spend once value is loaded. Lisa Baergen, Director at NuData Security commented below. Lisa Baergen, Director at NuData Security: “Although it’s significantly less reported on than credit card fraud, the effects of these attacks have been known for years. Unfortunately, gift cards are yet another black hole for security professionals. In addition to the ‘peel and replace sticker’ approach noted by Krebs, the techniques criminals use to…
Prediction #1: The next big security breach will be foiled by containers As we witnessed with the Equifax breach in early September, data breaches can place personal data at risk and in doing so, erode consumer confidence. But what if you could prevent a major breach by simply placing the software in a container? The Equifax breach occurred when a piece of web software was vulnerable and exposed to hackers. Containers act to reduce the attack surface available for exploitation, and in doing so greatly increase the difficulty and minimize the possibility of many forms of compromise. In many cases, simple steps…
Breaking news has revealed that both US and UK governments are placing the blame on North Korea for being behind the WannaCry ransomware attack that caused global disruption. The malware affected hospitals, businesses and banks and is thought to have hit over 300,000 computers across 150 nations. IT security experts are commented below. Tim Erlin, VP of Product Management and Strategy at Tripwire: “Accurate attribution for cyber attacks is almost always a difficult task, and it’s doubly so when the evidence leading to the conclusion can’t be shared. With global public trust in the US government at a low point, it’s not surprising…
