A new study by Adobe projects Holiday Ecommerce To Hit Record $107B in 2017; Mobile Will Lead In Visits, based on Adobe’s data which captures an estimated 80% of online transactions from the top 100 US Web retailers. Lisa Baergen, APR, MCC, Marketing Director at NuData Security Inc.commented below. Lisa Baergen, APR, MCC, Marketing Director at NuData Security Inc.: Once again, ‘tis the season for fraudsters to up their game in all manner of online fraud. Stolen customer payment card data is truly the ‘gift that keeps on giving’ – after its preliminary use for fraud, it’s re-salable on the Dark Web for recurring revenues. Its…
ISBuzz Team
It has been reported that hackers targeting various popular cryptocurrency wallets have managed to steal around $150,000 (£113,250) worth of Bitcoins using a malware variant called CryptoShuffler. The malware has been around since last year and has been targeting popular cryptocurrencies including Bitcoin, ZCash, Ethereum, Monero, among others. Although CryptoShuffler’s Bitcoin wallet peaked last year, security experts at Kaspersky Lab uncovered a new campaign that began in June this year. Unlike other cryptocurrency mining malware variants, CryptoShuffler takes efforts to operate under the radar. IT security experts commented below. Lee Munson, Security Researcher at Comparitech.com: “The CryptoShuffler malware is yet another…
A new EY report suggested that cyberattacks are among the top risks to power and utilities companies alongside natural disasters such as storms and catastrophic events. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “It is critical for the resilience of the power supply that power companies and utilities are able to identify cyberattacks efficiently. Significant strides forward have been made, but there’s always room for further improvement. If utilities invested in cybersecurity in the same way that they invest in storm preparation their ability to manage the risk would be significantly improved. The NERC CIP regulations,…
News broke earlier today that nearly 50,000 Australians’ sensitive data was left freely exposed online. The breach occurred due to a misconfigured Amazon S3 bucket, presumably left unsecured by a third-party contractor. IT security experts commented below. Jason Garbis, VP at Cyxtera Technologies: “While it’s clear that organisations must institute better access controls to sensitive data, there’s an element of security resiliency that often goes overlooked. This has to do with the implications of user IDs and passwords being breached, and is especially important when there are third-party contractors are involved, as occurred in this recent Australian incident. Organisations need to build…
Executive Summary Everything has its price on dark web, and almost anything can be sold or bought openly. Although sometimes it seems that to succeed in cybercrime, a person must be a Jack of all trades, in reality almost every criminal endeavor requires various tools and services provided by a network other members. The cybercriminal underground is quite verticalized, with threat actors specializing in particular areas of expertise. It is this distribution of expertise that contributes to the underground market’s resiliency. Similar to drug cartels, once you remove one threat actor or forum, rivals will immediately take its place. As a…
The consumer organisation Which? has called on the government to create new rights for people who have been the victims of a corporate data breach. David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “Customers have no control over the security of their online providers, so the right to collective redress after a data breach is a positive step in the right direction. However, it is also important that the general public recognises the value of personal information. New data protection laws are designed to make organisations more careful, but regardless of this,…
Security researchers announced its discovery of a new strain of banking Trojan dubbed “Silence”, allegedly spread by a Russian-speaking cybercrime group. The cybercriminals are using similar tactics to Carbanak in a sophisticated plot to steal millions in cash. The Silence Trojan compromises users’ devices by dropping a malicious payload that is capable of monitoring its victim’s activities, including taking multiple screenshots of the day-to-day workload. IT security experts commented below. Terry Ray, Chief Technology Officer at Imperva: “Water is wet, the sky is blue, there’s a new Trojan, there’s a new strain. This is the world we live in today and it should be no…
ESET Ireland is warning Irish computer users against opening an attachment to a faked Eir email, as it contains dangerous ransomware, which will lock your files and demand payment to unlock them. ESET Ireland has come across another dangerous spam email. This one pretends to come from Eir and says: “Dear customer, Your bill is now available to complete. Your bill amount is €184.38. For your convenience we attached a copy of your invoice to your email. To view it, please download invoice here. Regards, My eir Customer Support” Clicking the link will download what appears like a zipped file,…
It has been reported that Security researchers have discovered a new Adobe Flash vulnerability that has already been exploited by hackers to deploy the latest version of FinSpy malware on targets. Kaspersky Lab researchers said a hacker group called BlackOasis has already taken advantage of the zero-day exploit – CVE-2017-11292 – to deliver its malicious payload via a Microsoft Word document. Once the Flash vulnerability has been exploited and the FinSpy malware is installed on the targeted computer, the spyware “establishes a foothold on the attacked computer and connects to its command and control servers located in Switzerland, Bulgaria and…
Contactless payments, instantaneous transfers, chip and pin — the way we bank and manage our money has changed dramatically over the past few years. A report from UK. Finance and EY for example stated that 19.6 million people in the U.K. used banking apps last year, and a senior figure within HSBC made the claim that “I really do think we are going to get rid of passwords, because we are going to use biometrics, so accessing the services (is)… going to be better”. Lisa Baergen, Director at NuData Security commented below. Lisa Baergen, Director at NuData Security: “Personal Banking is evolving as technologies, such as passive biometrics and…
