Any organization that has online facing assets needs to realize that having a single point of failure is a bad idea. As we saw with the Mirai botnet attack against a managed DNS provider in October, losing a mission-critical service like DNS can be devastating to organizations that are dependent on online access or services for their day-to-day business activities. Losing your DNS can take down your website, email, apps, and other critical online assets, making your organization unreachable online. In today’s Connected World, seconds of downtime can impact your bottom line and minutes or hours of downtime can start…
ISBuzz Team
A new Javelin Research study finds authentication at crossroads, password reliance continuing, and better options increasing. NuData Security commented below. Lisa Baergen, APR, MCC, Marketing Director at NuData Security Inc.,: “Passwords, static questions, and SMS one-time passwords can evaluate if the data is right or wrong but can’t dynamically verify who the person behind the device really is. The Identity Theft Resource Center has reported that since 2005, nearly 8,000 breaches with access to more than one billion records had occurred, representing a 630 percent increase from the previous historic high of 1,093, recorded just in 2016. High-assurance authentication is one step forward, but…
The latest report by the Anti-Phishing Working Group’s has found upticks in phishing attacks against companies in the logistics, shipping and cloud storage sectors. Josh Mayfield, Director at FireMon commented below. Josh Mayfield, Director at FireMon: “Though it may seem odd to see such different kinds of companies as targets, when you step back and think about it…logistics and cloud storage share an attribute that makes them attractive for cybercriminals – interconnectedness. By pursuing logistics and shipping, the cybercriminal has a gateway to a vast array of organisations linked to those logistics companies. The reason we see more cybercriminality today than 20…
It has been reported that the chair of Amnesty International in Turkey and 10 other Amnesty activists have gone on trial in Istanbul in one of the most high-profile tests of Turkish criminal law since the failed coup in 2016 led to tens of thousands of arrests and dismissals from public office. Taner Kılıç, chair of Amnesty in Turkey since 2014, is on trial on two separate charges, largely on the basis of allegations that he downloaded a widely available phone messaging application called ByLock. Amnesty disclosed that it has conducted two forensic examinations of Kılıç’s phone, including one by the…
News broke this morning that the Iran Computer Emergency Response Team Coordination Center has issued a security alert about a ransomware distribution campaign currently active in the country. The alert warns users about Tyrant ransomware, a strain spotted last Monday, October 16.According to Iran CERTCC, malicious actors have spread versions of the Psiphon VPN app laced with Tyrant and are now trying to extort infected users for money. Marco Cova, Senior Security Researcher at Lastline commented below. Marco Cova, Senior Security Researcher at Lastline: “Attackers use whatever bait may lead users to install their malware, and are known to customize their attacks to make them more effective…
Websites are used for many things. It can be for online businesses, travel, destination, educational, banking, or just a personal blog. Whatever type it is, having a good security level is an essential aspect of having a website. Lack of security in a business causes a lot of problems including income loss and identity theft. Without properly understanding the details of the problem and how to cure it, you will end up having a host that has weak security. Importance of security The World Wide Web has become a big part of almost everybody’s daily lives. It is where people…
Cybereason researcher Amit Serper has developed a vaccine to prevent the Bad Rabbit data-encrypting malware from infecting machines. Bad Rabbit, which spread across Europe on Tuesday, targets enterprise networks by employing similar methods that NotPetya used to infect computers around the globe in June. Bad Rabbit’s full impact is still unknown. So far, the attack has affected airports, news agencies and train stations in the Ukraine, Russia, Turkey and Germany, according to media reports. Here’s the encryption screen: Serper and Cybereason researcher Mike Iacovacci suggest taking these measures to prevent getting infected by Bad Rabbit. First, create these two files in c:\windows: infpub.dat cscc.dat You can do that really quickly by starting cmd.exe as an admin:…
It has been revealed that in early October the Russian hacking group, Fancy Bear launched a new operation targeting potential attendees of an upcoming US cybersecurity conference. Also known as APT28, the hackers weaponised a real Word document titled “Conference_on_Cyber_Conflict.doc” with a reconnaissance malware known as “Seduploader” to target delegates from Washington DC-based Cyber Conflict US, or CyCon. Josh Mayfield, Director at FireMon commented below. Josh Mayfield, Director at FireMon: “Reconnaissance malware is increasing. This gives cybercriminals the opportunity to monitor and observe what is happening within the infected target, rather than being a blunt instrument to harvest and steal what could beworthless data. Having a thorough understanding of the target’s…
It has been reported that the Fancy Bear hackers are racing to exploit the recently announced Adobe Flash bug. The hacking group are trying to exploit the flaw before patches are widely deployed. Chris Wysopal, CTO, CA Veracode commented below. Chris Wysopal, CTO at CA Veracode: “The current activity by the Fancy Bear hackers, as they race to exploit the recently-disclosed Adobe Flash bug before organisations issue the patch, highlights the opportunistic nature with which cybercriminals will exploit known vulnerabilities. Whenever there is a known vulnerability, it is a race between the attackers and defenders: for attackers to incorporate the new exploit into their…
The Threat Researchers have discovered a large “Internet of Things” (IoT) botnet with similarities to Mirai. Known as “IoT Troop” or “Reaper”, this threat targets IoT devices by exploiting vulnerabilities on internet connected devices such as IP cameras and consumer grade routers. Compromised devices could be used to support Distributed Denial of Service attacks (DDoS) against targets worldwide. While this botnet appears to be in the early stages of formation, organizations are encouraged to review denial of service strategies with service providers. Recommended Actions Review internal denial of service strategies. Have a plan in place in the event of a denial of…
