News has surfaced that the man behind the HBO hack earlier this year has been identified as being Behzad Mesri, an Iranian national, who is linked to the elite Iranian cyber criminal group Charming Kitten. Chris Doman, Security Researcher at AlienVault commented below. Chris Doman, Security Researcher at AlienVault: “The new report by Clearsky indicates just how interlinked hacking operations originating in Iran are. They found links between Behzad Mesri, accused of hacking HBO and threatening to leak Game of Thrones episode unless a ransom is paid, and the group of hackers known as ‘Charming Kitten’. They are known for being prolific in the use of…
ISBuzz Team
News has broken that hackers have stolen more than $60 million worth of bitcoin from Nicehash, a Cryptocurrency mining site. NiceHash lets people offer computing capacity for bitcoin miners to mine digital currencies. Cryptocurrency miners work out complex mathematical equations to add cryptocurrency transactions to decentralized public ledgers called blockchains. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Cryptocurrencies are rapidly increasing in value, making them an interesting investment opportunity for many. Unfortunately, this success attracts criminals. Coupled with the fact that cryptocurrencies do not have stringent regulatory or compliance checks, security is left in…
Third party vendors may pose one of the greatest risk to enterprise security. Companies are blind-sided when hackers find their way into networks through their partners and third-party vendors. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “Security incidents due to compromised third-party digital vendors emerged as a major theme throughout 2017. However, when it comes to third-party risk, it’s amazing how blind companies are to their own digital environment. The services that power the functionality of enterprise websites and mobile apps are typically provided by third parties, yet most have no idea…
With Christmas just around the corner and shops ringing in the high revenue-generating Christmas sales, it is not only retailers who are looking forward to the start of the shopping season. Cyber criminals, for whom the increasing proliferation of mobile shopping apps is opening up lucrative attack opportunities, are also likely to profit from this festive season. Online business is booming like never before. The share of online purchases in the UK in Christmas 2016 (Christmas as the six-week period between mid-November and end of December) was 27 percent of total sales. Mobile commerce is the most important driving force…
In light of the news that a huge IoT botnet that has emerged called ‘Satori’ which has already infected over 280,000 IP addresses in just 12 hours, and has taken hundreds of thousands of home routers hostage, Rodney Joffe, SVP and Fellow, Neustar, a trusted, neutral provider of real-time information services provides an insight below. Rodney Joffe, SVP and Fellow at Neustar: “As the number of devices connected to the internet continues to rapidly expand, so do the mass of vulnerabilities associated with the IoT. The sheer volume and complexity of these devices has opened a large window for targeted attacks, compromising the…
Top findings from the report include: 34% of respondents say they will reward employees for complying with GDPR policies 41% of respondents plan to implement employee disciplinary procedures if GDPR policies are violated A quarter of businesses would consider withholding benefits – including bonuses – from employees found to be non-compliant 71 Percent of Organisations Plan Bold Steps in Creating a Culture of GDPR-Compliance: Rewarding Employees Who Follow Policies, Penalising Those Who Don’t The risk of losing benefits—including bonuses—for failure to comply with GDPR policies is a real possibility for employees at one in four organisations worldwide according to a study A study…
Following the news of PayPal’s discovery of a data breach in its recently-acquired TIO, with the data of 1.6 million customers stolen, STEALTHbits commented below. Jonathan Sander, CTO at STEALTHbits Technologies: “Announcements like PayPal’s about their acquired entity TIO being breached are going to become common – and that’s a good thing. In a sense, we are entering an era where only brands that are well trusted will be able to talk about security openly, the way PayPal has here. We all want companies to be honest about security, but at the same time we are collectively likely to punish small firms that have…
Barry Scott, CTO at Centrify EMEA: “The news that MP’s are sharing passwords with others in their departments is shockingly bad and very disappointing. Sharing passwords should NEVER happen, with the possible (but very rare) exception being sharing with the IT Department at work, and then the password should be changed when IT no longer need it. Compromised credentials are the leading attack vector for data breaches – the 2017 Verizon Data Breach Investigations Report states that 81% of breaches involve weak, default or stolen passwords. Passwords should be complex, unguessable (computers are incredibly good at guessing passwords, so swapping…
It has been revealed that three Senate Commerce Committee Democrats have introduced a bill that: 1. Requires companies to disclose breaches within 30 days 2. Makes concealing a breach a crime punishable by up to five years in prison. Tim Erlin, VP Product Management and Strategy at Tripwire commented below. Tim Erlin, VP Product Management and Strategy at Tripwire: “The confusing patchwork of state disclosure laws ensures that a number of lawyers remain employed to interpret them. It’s an inefficient system, no doubt, but the US has failed to address it with a national breach disclosure law for years. While lawmakers may be…
RBS planning to close a quarter of its branches and shedding 680 jobs, due to an increasing number of customers opting to use online banking out of convenience as opposed to visiting high street branches. Richard Lowe, Head of UK BFSI (Banking, Financial Services and Insurance) at SQS, believes that the switch favouring online and mobile banking to in-branch banking was always inevitable, and that banks should now take advantage of this sudden shift in consumer banking behaviour by ensuring that they retain their newly acquired customers, and avoid breaking their trust. The below comment suggests that if banks want to…
