As we enter the final months of 2017, it’s fair to day it’s been an unstable year for enterprise security. A recent study by BitSight found that in the last 15 months, around one out of every 20 Fortune 1000 companies had experienced a publicly disclosed breach. And despite these breaches, Fortune 1000 companies’ security performance has recently declined overall: 52 companies made an effort to improve its security, while 103 companies experienced rating drops from October 2016 to January 2017. However, it’s not just the big players who get hacked, and adopting a policy of security through obscurity, i.e.…
ISBuzz Team
News broke yesterday that thousands of UK companies were at risk of having their .uk domain names stolen for more than four months by a critical security failure at domain registrar Enom. The security lapse allowed .uk domains to be transferred between Enom accounts with no verification, authorisation or logs.Any domains hijacked would have been “extremely hard or impossible” to recover, according to The M Group, the security firm that discovered the flaw. Kyle Wilhoit, Senior Cybersecurity threat Researcher at DomainTools commented below. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools: “This type of vulnerability is unfortunately, all too common. In this case,…
SANS and Infoblox released the results of a survey which revealed the top threats and security challenges that are putting company networks and data at risk. Currently- ransomware, insider threats, and denial of service are considered the top three threats organisations face when securing the data. Ajay Uggirala, Director at Imperva commented below. Ajay Uggirala, Director at Imperva: “It is no wonder that ransomware, insider threats and denial of service attacks are viewed as one of the most dangerous threats. Insider threats present a particularly serious issue because the perpetrators (wittingly or unwittingly) are already inside a network. As we’ve seen in past high-profile cases, data breaches…
Reports have surfaced of a new vulnerability in voice assistants, such as Siri and Alexa, meaning theyare potentially vulnerable to hackers. The DolphinAttack, could allow cybercriminals to whisper commands into smartphones digital assistants to hijack them. Ofer Maor, Director of Enterprise Solutions at Synopsys commented below. Ofer Maor, Director of Enterprise Solutions at Synopsys: “While many of the commands we use with Alexa, Siri, and similar devices may not have a real impact of being hacked in this way, the more we integrate these devices with our smart homes, the more such attacks may become an issue. For instance, we see more…
New research from Callcredit has been released this morning, which found that whilst 73% of fraud professionals think mobile devices will be the key facilitator of identification in the future, 60% feel they will present the biggest single point of compromise in the future. Ryan Wilk, Director at NuData Security commented below. Ryan Wilk, Director at NuData Security: “As we continue to move to a digital first world, it is vital that companies work to evolve consumer authentication in an effort to make it more secure, while assuring convenience for consumers. As we see in this Callcredit report, single data points used for authentication continue to…
Nearly every year the big brands will bring out a new smartphone, full of fresh and exciting technology, but these devices don’t come without risks. The rise of mobile devices particularly in business use, has led to cyber-criminals targeting enterprises and high-profile individuals through vulnerabilities in their latest iPhone or Android. So how are these attacks taking shape and what can we do to protect against them? Firstly, the aim of these criminals is quite often to breach the security system in a device in order to have access to, and steal high-value personal or sensitive data that they can…
A new vulnerability has been discovered in Apache Struts that could allow an attacker to upload a malformed file and take over an application after gaining remote code execution rights on a Struts-based application server. Up to 65% of Fortune 100 companies could be vulnerable if they don’t implement the newly released patch. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “This is a significant finding given that the majority or our largest companies are using Apache Struts. Although, a patch for the vulnerability has since been released, given that many companies don’t stay on top…
There were reports of a highly experienced, and possibly state-sponsored hacking group – codenamed ‘Dragonfly’ gearing up for fresh sabotage cyberattacks on the energy sector in Europe and North America. Moreno Carullo, Co-Founder and CTO at Nozomi commented below. Moreno Carullo, Co-Founder and CTO at Nozomi Networks: “Deviating from the 2014 wave of DragonFly threats, which targeted pharmaceutical firms, DragonFly 2.0 appears to have been weaponised to specifically target industrial control systems (ICS) field devices, and then feeds that information back to the command and control server which will be monitored by the attackers. “Rather than installing immediately on infection this latest iteration of…
Ken Spinner, VP of Field Engineering at Varonis comments: “It’s significant — and startling — that the attacks being attributed to Dragonfly 2.0 began with spearphishing emails enticing victims to open a malicious attachment. But it’s not surprising. The notion that there may be nation-state or rogue actors who have been resident in the networks of nuclear facilities, electrical grids, and dams isn’t far-fetched. Energy companies should operate under the premise that they have already been hacked and that dormant APTs are lurking in their environment. The idea that an employee at one of these facilities can open the door…
News broke this week that the The UK National Crime Agency (NCA) is actively recruiting cyber experts and dark web analysts to focus on the crackdown of illicit drug rings and operations being pursued by dark web marketplaces. Specifically, NCA is on a lookout for G5 Armed Surveillance Investigator in the Armed Operations Unit, which according to local sources will cooperate with the Intelligence and Operations Directorate to lead investigations into dark web marketplaces and their illegal activities. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools commented below. Kyle Wilhoit, Senior Cybersecurity Threat Researcher at DomainTools: “This is a welcome development from the NCA in realising that the dark web…
