Introduction The Internet of Things (IoT) is impacting the lives of millions around the world – but none more so than those in Africa. It is for this reason SolarNow, a social business which is passionate about transforming lives by providing high quality solar energy, appliances and financing solutions in East Africa, has turned to IoT. The Challenge Solar as an energy source is becoming increasingly vital and viable to off-grid populations in the East African region; in part to reduce the widespread use of polluting and dangerous kerosene lamps, but also to harness the significant economic, social and health…
ISBuzz Team
Avast have uncovered a new mobile banking trojan in some Google Play apps which has been stealing the banking details of users. As an overview the key points are: A new version of BankBot, a malicious mobile trojan, has been hiding in apps that pose as supposedly trustworthy flashlight apps, tricking users into downloading them. In a second campaign, the solitaire games and a cleaner app have been dropping additional kinds of malware besides BankBot, called Mazar and Red Alert. The dark intention of these apps has been to spy on users, collect their bank login details and steal their money. Google previously removed older versions…
Manoj Asnani, VP Product and Design at Balbix: “Terdot uses two attack vectors to exploit users – phishing and Man-in-the-middle. Enterprises that have deployed breach prediction systems that comprehensively cover all attack vectors are able to defend against Terdot more effectively. But, it should be noted that most of today’s detection solutions are single attack vector focused. A multi-vector system is needed in this case – and would have proactively flagged users that are at risk of phishing, in addition to compromised or spoofed certificates.”
Research & analysis conducted independently by Dr. Matthew Green, Dr. Stefano Tessaro, and Dr. Yevgenly Dodis Secure Channels Inc., provider of innovative data security and access control solutions has announced a new encryption protocol that significantly improves on the security bounds of standard encryption using modern symmetric-key block ciphers. The protocol, Pattern Key, Multi-Segment, Multi-Standard (PKMS2), uses a patented multi-layering and segmenting methodology to provide enhanced security guarantees including an increase in the effective key length by up to 50%, security assurances even in the event of partial failure of one of the components, and improved resistance to known message-recovery attacks. PKMS2 users…
Research from business continuity and disaster recovery provider, Databarracks, has revealed organisations are failing to get to grips with the true cost of IT downtime, with a third of organisations (35 per cent), unsure what an IT outage would end up costing their business. The results were identified in Databarracks annual Data Health Check survey, with other notable findings including: From a sample of over 400 IT decision makers, 46 per cent experienced more than four hours of IT related downtime over the past 12 months Critically, of those organisations able to quantity what the cost of IT downtime would mean for…
News has just surfaced that Cash Converters has been hit by a data breach. The company reported that it had: “Received an email threat from a third party claiming to have gained unauthorised access to customer data within a Cash Converters’ United Kingdom website (‘Webshop’). The unidentified third party’s threat included the widespread release of the data unless it receives a financial payment.” Cash Converters has reported the threat to the authorities in the UK and Australia, and has appointed security advisors to review its systems. Credit card data was not stored on the Webshop although hackers may have accessed user records including personal details, passwords, and purchase…
The current cyber-threat landscape is increasingly complex, with cyber-attacks becoming far more widespread, sophisticated and more straightforward to execute. In such an environment, organisations face a catch-22 situation: it’s becoming harder to detect hidden threats early, yet early detection is essential to mitigating the loss of confidential and sensitive data – not to mention the damage to a brand’s reputation. Over the past few years, we’ve seen several high-profile organisations succumb to crippling security breaches. Each incident acts as a reminder that malicious attackers do not discriminate and no organisation is safe, no matter the size or industry. What’s more,…
Ransomware attack trends will split based on motives Ransomware as a disruptive or destructive attack will increase. Cyber warcraft is the new oil – in essence, total control of corporate networks or industrial plants have become as valuable as energy resources and motivate nation states. However, we will see a decrease in ransomware purely for financial gain as fewer victims pay up. Global threats will be orchestrated by national state North Korea will continue to use cyber-attacks to gain access to much-needed hard currency. North Korea showed the world their cyber skills when hackers successfully stole $81 million from New York…
Nozomi Networks, a company that provides real-time cybersecurity and operational visibility into Industrial Control Networks has comprised the top 5 predictions for ICS Security in 2018 Edgard Capdevielle, CEO at Nozomi Networks outlines the 5: Edgard Capdevielle, CEO at Nozomi Networks: 1. ICS Malware Moves Beyond Windows Exploits to ICS-Specific Malware. Up to now, most malware that has infected ICS have used Windows vulnerabilities or protocols to infect and spread. For example, in 2017, WannaCry, Industroyer and Dragonfly 2 all used the Windows protocol, SMB, as a key infection and proliferation mechanism. Malware attacks using OT device software, for example…
Ransomware / Malware Backups will not prove enough to stop ransomware as hackers find ways to subvert this strategy. – George Anderson, director of product marketing, Webroot Malware campaigns will use AI to make secondary infection decisions based on learning from previous campaigns. – Gary Hayslip, chief information security officer, Webroot Will see the first prolific script-based ransomware. Malware will move away from PE (portable executable files) and into shell codes and other avenues of attack. Authors will try to infect users outside of PE files. – Eric Klonowski, senior advanced threat research analyst, Webroot Security solutions will broaden their scope to consume events system…
