EU issued a set of cybersecurity proposals, including a new cybersecurity strategy in the form of a joint communication titled “Resilience, Deterrence and Defence: Building strong cybersecurity for the EU’. This strategy is found here. Greg Day, VP and Chief Security Officer (CSO) EMEA at Palo Alto Networks commented below. Greg Day, VP and Chief Security Officer (CSO) EMEA at Palo Alto Networks: “Recent incidents have confirmed that not only do we have an increasing dependency on digital alternatives of physical processes to access a service or buy goods, but there is a significant impact that can occur when these virtual digital processes…
ISBuzz Team
Security Researchers have discovered that malware known as RouteX have infected Netgear routers and turned them into SOCKs proxies used for credential stuffing attacks. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “Organizations that think “I’m not a target” or “We don’t have any data that anyone wants” should take notice. This is an example of a botnet using vulnerable Netgear Routers to indiscriminately apply credential stuffing brute force tactics with stolen username and password credentials. When there is a successful login, the bad actor gains a foothold into the organization from which they can steal…
New survey sheds light on worldwide confusion and lack of preparation in the face of looming GDPR deadline but UK fares better With the GDPR (General Data Protection Regulation) deadline set for 25 May next year, an independent global survey commissioned by WatchGuard Technologies, shows that many organisations are ill-prepared due to uncertainty about the criteria for compliance. The results show that a staggering 37 percent of respondents simply don’t know whether their organisation needs to comply with GDPR, while 28 percent believe they don’t need to comply at all. Respondents in the UK appear better informed, with 25% of ‘don’t knows’…
Following the news that researchers have found eight vulnerabilities in Medfusion 4000 wireless syringe infusion pumps. IT security experts commented below. Dr. Malcolm Murphy, Technology Director for Western Europe at Infoblox: “As the use of connected devices in medicine becomes more common place, this news highlights the pressing need for manufacturers to start considering the security of each device as an absolute priority. However, a further difficulty arises because of the lifecycle of a medical devices. Often, the device life is not going to be in sync with the rapid rate at which the IT industry discovers vulnerabilities and issues patches…
A new survey revealed that retailers are responding to cyber attacks on average twice a week. 16% of retailers said they experienced an attack or attempted attack every day, 11% said they responded 2-3 times per week, and 64% said once a month. The incidence of cyber attacks was found to be especially high in the grocery industry, with 29% of respondents dealing with attempted security breaches every day, and 55% every week. In other retail verticals, 65% of respondents in the sports and outdoor sector said they responded once a week, as did 49% of fashion retailers and 40% of department…
Following the news that Apple has seen important details of their upcoming operating system and devices leaked to the press, Jamie Graves, CEO, ZoneFox commented below. Dr. Jamie Graves, CEO at ZoneFox: “Apple’s second reported deliberate, major leak in two months will be cause for concern. The fact that all the signs are currently pointing towards an intentional act by someone on the inside is also alarming. Often companies who have large labyrinths of information think that if they don’t give anyone access to the bigger picture – just parts of it – they will be safe. Not so; it’s incredibly easy to fit…
ID.me launches FIDO U2F security keys as an authenticator option for its digital identity service ID.me unveils the ability to use FIDO U2F (Universal Second Factor) Security Keys as an extra layer of authentication for its identity proofing services. Security Keys, such as the YubiKey, are being introduced as an additional form of two-factor authentication for those seeking extra protection. ID.me’s Identity Gateway, which powers its identity proofing services, is also now FIDO U2F certified. ID.me provides identity proofing services for three different federal agencies and this will be first roll out of FIDO U2F for 2-factor authentication for government…
New service quantifies breach impact in real numbers before it happens, empowering decision makers to invest in the right security controls. Buckinghamshire, UK – What’s the cost of a data breach? Depending on who you ask, anywhere from $200,000 to $3.6 million* and higher. Such averages, while useful in tracking trends, are meaningless when it comes to predicting actual breach impact to a specific company. To help companies predict and manage their risk, F-Secure has introduced Cyber Breach Impact Quantification (CBIQ), a new service that quantifies the cost of cyber breach impact to an organisation. Client data from F-Secure risk management assessments…
News broke that hackers can remotely access and manipulate the Medfusion 4000 Wireless Syringe Infusion Pump – raising further concerns around the healthcare IoT. Gordon Morrison, Director of Government Relations at McAfee commented below. Gordon Morrison, Director of Government Relations at McAfee: “IT and security professionals in healthcare organisations are facing unprecedented pressure – from an increase in demand and complexity of services, to the threat of legacy IT and a number of new compliance issues like GDPR and the Information governance toolkit. Alongside these challenges, hospitals are going through immense digital transformation, with new connected medical devices being introduced…
Introduction We are all witnesses to the changes that the IT landscape is undergoing. Critical infrastructures, applications, and data are moving to the cloud, leveraging either public, private or hybrid cloud deployments. According to Gartner,“Cloud-first, and even cloud-only, is replacing the defensive no-cloud stance that dominated many large providers in recent years. The aggregate amount of cloud shift in 2016 is estimated to reach $111 billion, increasing to $216 billion in 2020.” Employees, especially when working outside of the office, no longer need to connect to the corporate network or VPNs to get work done. To be as productive as…
