Last month, the news that a WPA2 vulnerability was discovered by a researcher from the University of Leuven, hit the headlines. Hailed as one of the most potentially devastating security threats ever found, this universal vulnerability affects the protocol that protects modern Wi-Fi networks, subsequently leaving all Wi-Fi enabled devices open for attackers to decrypt traffic and inject data to manipulate systems. Known as a ‘Krack attack’, the most serious implication of an attack of this nature is the ability for attackers to potentially intercept sensitive data such as passwords, credit card details and confidential business information. Upon this discovery,…
ISBuzz Team
NNT: Thanks for taking the time to talk to us today. Time is of the essence with GDPR regulations being introduced in May 2018, so can we get a starting point from you in terms of the key facts? If there’s one thing everyone knows about GDPR, it’s that the regulation incorporates data breach fines of ‘up to 4% of global revenues’ – right? DF: Unfortunately that’s where most organisations start, and they have all missed the point! I’m seeing this panic-inducing rhetoric from almost every online cybersecurity publication, lawyers, cybersecurity vendors and increasingly from cyber insurance vendors. People who…
The two biggest US airlines, American Airlines and Southwest Airlines, were down this past week and the festive travelling season has barely started. This has become a recurring seasonal problem, preventing thousands of people around the world from seeing their family for Christmas. Bill Curtis, the chief scientist at CAST, which finds software flaws for large corporations, explains why poor airline IT infrastructures create headlines each year. Bill Curtis, Chief Scientist at CAST: “Airline computers juggle multiple systems that must interact to control gate, reservations, ticketing and frequent flyers. Each of these pieces may have been written separately by different companies. Even if an airline…
Manoj Asnani, VP Product and Design at Balbix: “This leak is yet another example of an organization that is in the dark about where its critical data is exposed. Unrestricted public access to critical servers should never have been allowed — but with the complexity and scale of the IT environment, some of the most obvious issues are missed by security professionals. AI and automation are needed to surface these security holes. A predictive breach platform could have highlighted unfettered web access to critical customer data and prevented this breach.” . Mike Schuricht, VP Product Management at Bitglass: “AWS may have bolstered its…
Earlier today it was reported that around 2.7 million British customers and drivers were affected by a 2016 data breach, which was covered up until last week. It means the majority of Uber users in the UK were affected by the hack, which saw names, email addresses and phone numbers stolen. IT security experts commented below. Christopher Day, Chief Cyber Security Officer at Cyxtera: “Paying criminals to delete stolen data and failing to notify victims is disturbing on multiple levels. At a minimum, it flies in the face of ethics and transparency. It emboldens attackers and keeps the cybersecurity community from understanding…
Earlier this week it was reported that NSA suffered a breach that revealed top secret data. A virtual disk image belonging to the NSA — essentially the contents of a hard drive — was left exposed on a public Amazon Web Services storage server. The server contained more than 100 gigabytes of data from an Army intelligence project codenamed “Red Disk”. Leo Taddeo, Chief Information Security Officer at Cyxtera commented below. Leo Taddeo, Chief Information Security Officer at Cyxtera: “Time and again we see basic security controls go by the wayside. Failing to password-protect a public server is incredible in this age…
Kids are only ever three seconds from online danger at home as parents unintentionally neglect to protect young children Parents are not toddler-proofing their online world, with a huge 87 per cent of parents admitting that they don’t restrict how much time their young children spend online – three-year olds are spending more than four hours a week with these ‘digital babysitters’ and being exposed to potential psychological harm, warns Kaspersky Lab. There is a significant discrepancy in the ways that parents of young children protect them from harm, through both physical and digital environments, a Kaspersky Lab investigation has uncovered.…
Dr. Daniele Bianchi, Assistant Professor of Finance at Warwick Business School: “Despite fears about the Bitcoin ‘bubble’ bursting, the price of the new digital coins is going through the roof. Indeed, the increasing demand pressure from investors and speculators makes the case for an even further increase in Bitcoin prices in the near future. “As the supply of Bitcoins is kept fixed by the underlying protocol, price increases are essentially due to increasing demand. “Bitcoin is becoming more like an asset class rather than a method of payment. This is something that the public and regulators should realise to fully…
News broke yesterday that Europol have seized control of 20,000 rogue websites, peddling drugs and counterfeit goods on the dark web, in a major blow to the online black market. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools commented below. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools: “The shutdown of these underground marketplaces are becoming ever more commonplace. The shutdown of AlphaBay and Hansa earlier this year will have led to criminals with established business on these sites into peddling their goods on some of these less known sites, which now leaves a further gap in the underground market. Individuals with nefarious intentions must either migrate…
It has been revealed that a dangerous flaw has been discovered within Apple MacOS Sierra, which makes it possible for anyone to gain entry to the machine without a password and access administrator rights. Tim Erlin, VP of Product Management and Strategy at Tripwire commented below. Tim Erlin, VP of Product Management and Strategy at Tripwire: “Failing to follow responsible disclosure guidelines puts everyone at greater risk. Public disclosure like this, especially with a major vulnerability, ensures the widest possible distribution of the information among malicious attackers, and instills a sense of urgency to attack before a patch is available. This…
