Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 619

ISBuzz Team

ISBuzz Team
  • Website

Why Robust ERP Is At The Centre Of SME Security

ISBuzz TeamSeptember 12, 20173 Mins Read

As we enter the final months of 2017, it’s fair to day it’s been an unstable year for enterprise security. A recent study by BitSight found that in the last 15 months, around one out of every 20 Fortune 1000 companies had experienced a publicly disclosed breach. And despite these breaches, Fortune 1000 companies’ security performance has recently declined overall: 52 companies made an effort to improve its security, while 103 companies experienced rating drops from October 2016 to January 2017. However, it’s not just the big players who get hacked, and adopting a policy of security through obscurity, i.e.…

Read More

.UK Domains Left At Risk Of Theft In Enom Blunder

ISBuzz TeamSeptember 12, 20171 Min Read

News broke yesterday that thousands of UK companies were at risk of having their .uk domain names stolen for more than four months by a critical security failure at domain registrar Enom. The security lapse allowed .uk domains to be transferred between Enom accounts with no verification, authorisation or logs.Any domains hijacked would have been “extremely hard or impossible” to recover, according to The M Group, the security firm that discovered the flaw. Kyle Wilhoit, Senior Cybersecurity threat Researcher at DomainTools commented below. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools:  “This type of vulnerability is unfortunately, all too common. In this case,…

Read More

Insider Threats, Ransomware And DDoS Attacks – The Most Feared Cyber Attack Vectors

ISBuzz TeamSeptember 12, 20172 Mins Read

SANS and Infoblox released the results of a survey which revealed the top threats and security challenges that are putting company networks and data at risk.  Currently- ransomware, insider threats, and denial of service are considered the top three threats organisations face when securing the data. Ajay Uggirala, Director at Imperva commented below. Ajay Uggirala, Director at Imperva:  “It is no wonder that ransomware, insider threats and denial of service attacks are viewed as one of the most dangerous threats. Insider threats present a particularly serious issue because the perpetrators (wittingly or unwittingly) are already inside a network. As we’ve seen in past high-profile cases, data breaches…

Read More

Siri & Alexa Vulnerable To Hacking

ISBuzz TeamSeptember 11, 20171 Min Read

Reports have surfaced of a new vulnerability in voice assistants, such as Siri and Alexa, meaning theyare potentially vulnerable to hackers. The DolphinAttack, could allow cybercriminals to whisper commands into smartphones digital assistants to hijack them. Ofer Maor, Director of Enterprise Solutions at Synopsys commented below. Ofer Maor, Director of Enterprise Solutions at Synopsys:  “While many of the commands we use with Alexa, Siri, and similar devices may not have a real impact of being hacked in this way, the more we integrate these devices with our smart homes, the more such attacks may become an issue. For instance, we see more…

Read More

Mobile & Single Sign-On Access Pose Huge Risk To Future ID Verification & Fraud Prevention

ISBuzz TeamSeptember 11, 20172 Mins Read

New research from Callcredit has been released this morning, which found that whilst 73% of fraud professionals think mobile devices will be the key facilitator of identification in the future, 60% feel they will present the biggest single point of compromise in the future. Ryan Wilk, Director at NuData Security commented below. Ryan Wilk, Director at NuData Security:  “As we continue to move to a digital first world, it is vital that companies work to evolve consumer authentication in an effort to make it more secure, while assuring convenience for consumers.  As we see in this Callcredit report, single data points used for authentication continue to…

Read More

How To Make Mobile Devices Secure In A World Of Growing Cyber-Risks

ISBuzz TeamSeptember 11, 20176 Mins Read

Nearly every year the big brands will bring out a new smartphone, full of fresh and exciting technology, but these devices don’t come without risks. The rise of mobile devices particularly in business use, has led to cyber-criminals targeting enterprises and high-profile individuals through vulnerabilities in their latest iPhone or Android. So how are these attacks taking shape and what can we do to protect against them? Firstly, the aim of these criminals is quite often to breach the security system in a device in order to have access to, and steal high-value personal or sensitive data that they can…

Read More

Apache Struts Vulnerability

ISBuzz TeamSeptember 11, 20171 Min Read

A new vulnerability has been discovered in Apache Struts that could allow an attacker to upload a malformed file and take over an application after gaining remote code execution rights on a Struts-based application server. Up to 65% of Fortune 100 companies could be vulnerable if they don’t implement the newly released patch. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “This is a significant finding given that the majority or our largest companies are using Apache Struts.  Although, a patch for the vulnerability has since been released, given that many companies don’t stay on top…

Read More

Malware Targeting Critical Infrastructure

ISBuzz TeamSeptember 11, 20172 Mins Read

There were reports of a highly experienced, and possibly state-sponsored hacking group – codenamed ‘Dragonfly’ gearing up for fresh sabotage cyberattacks on the energy sector in Europe and North America. Moreno Carullo, Co-Founder and CTO at Nozomi commented below. Moreno Carullo, Co-Founder and CTO at Nozomi Networks: “Deviating from the 2014 wave of DragonFly threats, which targeted pharmaceutical firms, DragonFly 2.0 appears to have been weaponised to specifically target industrial control systems (ICS) field devices, and then feeds that information back to the command and control server which will be monitored by the attackers. “Rather than installing immediately on infection this latest iteration of…

Read More

Symantec Warn Of Dragonfly 2.0 Attacks On Power Grids

ISBuzz TeamSeptember 8, 20172 Mins Read

Ken Spinner, VP of Field Engineering at Varonis comments: “It’s significant — and startling —  that the attacks being attributed to Dragonfly 2.0 began with spearphishing emails enticing victims to open a malicious attachment. But it’s not surprising. The notion that there may be nation-state or rogue actors who have been resident in the networks of nuclear facilities, electrical grids, and dams isn’t far-fetched. Energy companies should operate under the premise that they have already been hacked and that dormant APTs are lurking in their environment. The idea that an employee at one of these facilities can open the door…

Read More

Industry Reaction To The UK’s Search For Cyber Talent To Fight Dark Web Criminals

ISBuzz TeamSeptember 8, 20171 Min Read

News broke this week that the The UK National Crime Agency (NCA) is actively recruiting cyber experts and dark web analysts to focus on the crackdown of illicit drug rings and operations being pursued by dark web marketplaces. Specifically, NCA is on a lookout for G5 Armed Surveillance Investigator in the Armed Operations Unit, which according to local sources will cooperate with the Intelligence and Operations Directorate to lead investigations into dark web marketplaces and their illegal activities. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools commented below. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools: “This is a welcome development from the NCA in realising that the dark web…

Read More
Previous 1 … 617 618 619 620 621 … 1,258 Next
ISB-Bora-Side-Bar

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}