There has been a call for the cyber security industry to collaborate more to combat against the next big cyber threats with some experts anticipating a major attack before Christmas. IT security experts commented below. Javvad Malik, Security Advocate at AlienVault: “We see many bad actors sharing tools, techniques, and processes when crafting new attacks. This is in addition to the dark web marketplaces where many cyber criminals sell, share, and exchange stolen data or credentials. In a similar vein, it is imperative that organisations also share threat intelligence and threat data with each other in order to stay on…
ISBuzz Team
Three Chinese citizens have been charged by a US court with hacking attacks on international corporations. The hackers had targeted Moody’s Analytics, Siemens and GPS maker Trimble, the indictment says. They are alleged to have used email phishing scams and malware to try to steal business secrets. The three are not in custody and it is not clear if they are still in China. Chris Doman, Security Researcher at AlienVault commented below. Chris Doman, Security Researcher at AlienVault: “It’s not a surprise this indictment comes from the FBI’s Pittsburgh office – they have been very aggressive at going after cyber criminals. Much of…
Report from Anomali reveals more than three quarters of UK’s largest businesses exposed by compromised credentials Anomali, has today released a new report that identifies major security trends threatening the FTSE 100*. The volume of credential exposures has dramatically increased to 16,583 from April to July 2017, compared to 5,275 last year’s analysis. 77% of the FTSE 100 were exposed, with an average of 218 usernames and password stolen, published or sold per company. In most cases the loss of credentials occurred on third party, non-work websites where employees reuse corporate credentials. In May 2017, more than 560 million login…
A video was released yesterday showing CCTV footage of a ‘relay’ crime, where thieves steal a vehicle without ever laying a finger on the keys. Adam Brown, Manager of Security Solutions at Synopsys commented below. Adam Brown, Manager of Security Solutions at Synopsys: “This attack can be performed on keyless systems in cars and relates to a flaw in design. Keyless entry relies on weak radio signals only travelling just a few metres and therefore only unlocking the car when you are very close by. Imagine if you could boost the signal on both ends, boosting the key signal and the car signal just as you…
News broke overnight that scientists have developed a new system with high-speed encryption properties that drives quantum computers to create theoretically hack-proof forms of data encryption, said report. The novel system is capable of creating and distributing encryption codes at megabit-per-second rates, which is 5 to 10 times faster than existing methods and on par with current internet speeds when running several systems in parallel. Ofer Maor, Director of Enterprise Solutions at Synopsys commented below. Ofer Maor, Director of Enterprise Solutions at Synopsys: “We often encounter these new “Hack Proof” promises. While the technology does indeed sound interesting, touting a “Hack Proof” title is dangerous and somewhat presumptuous. We have seen time…
‘Bitcoin Gold has issued a critical security alert after it is thought that cyber criminals have infiltrated the Windows Wallet. Bitcoin Gold has issued a statement that they have found a suspicious file of unknown origin on a link on their download page and on their Github release page file downloads. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Criminals will follow the money, and as crypto currencies gain popularity and value, we will likely see more attacks against them. Credit to Bitcoin Gold for detecting the malicious file within 36 hours – compared to many recent…
According to a recent blog, an IT security firm noticed big upticks on port 2323 and 23 scan traffic, with almost 100k unique scanner IPs coming from Argentina. After investigation, the firm was confident that this activity was a new Mirai variant. Christopher Littlejohns, EMEA Manager at Synopsys commented below. Christopher Littlejohns, EMEA Manager at Synopsys: “The odds are that Mirai variants will keep popping up for years to come. Why? Because there are an enormous number of old (and all too often new), insecure, unpatched devices out there which constitute rich and easy pickings for hackers. The ZyXEL PK5001Z Modem is yet another device with…
The government has just announced a new strategy for industry that aims to tackle weak productivity and bolster businesses to counter any new problems caused by Brexit. The strategy highlights the need for improving digital skills especially in cybersecurity. Paul Farrington, Manager- EMEA Solution Architects at Veracode commented below. Paul Farrington, Manager- EMEA Solution Architects at Veracode: “With over two-thirds of medium and large British firms having identified a cybersecurity breach or attack over the past 12 months, it is reassuring for the government to have established cybersecurity as a key component to the new Industrial Strategy. The new flagship Cyber…
From the HBO cyber attack which leaked episodes of Game of Thrones, to the worldwide Wannacry attack which targeted different industries in a range of countries, cybercriminals are becoming more sophisticated and organised when it comes to malicious attacks, employing a range of tactics to ensure maximum disruption and financial gain. As a result, 2017 has been a wakeup call for organisations, in terms of assessing their content and implementing processes to organise, help protect sensitive data, and defend against attacks. Many Enterprises Will Scramble to Become GDPR Compliant at the Final Hour, While Some US States Adopt Their Own…
Unfortunately, many organisations see Software Asset Management (SAM) as a compliance reporting tool and little else. This is in some ways understandable, taking into account the astronomical regulatory fines that the large software vendors charge each year. However, SAM can do far more than protect companies from regulatory fines. It can reduce software expenditure by 30%, according to Gartner, and, it’s a little known fact that it can also help minimise security risks. As cybersecurity remains high on the agenda of CIOs, IDC expects global spending on security technology to reach $81.7bn in 2017. Despite this significant investment, companies often fail to complete…
