Following the news of the massive Equifax data breach IT security experts commented below. Atiq Raza, CEO at Virsec: “Given the frequency of major breaches it’s understandable if consumers are suffering from “breach fatigue” and not paying a lot of attention. But this breach is especially alarming and serious. Almost all the data that credit reporting companies like Equifax hold is sensitive, and much of it is used to establish identity – birth dates, addresses, drivers licenses, and other data types are routinely used to verify identity. It’s one thing to ask a consumer to change a password, but how do you change…
ISBuzz Team
ESET Ireland warns Irish computer users to be on the lookout for the latest revival of the Irish Water online scam, phishing for their credit and debit card details. ESET Ireland warns that a classic among scams custom made for Irish computer users, is doing the rounds again. Coming in the form of an email titled “Update your account details” and equipped with Irish Water graphics, it says: “Irish Water is performing the annual account maintenance procedure. Please login to your account and complete the requested actions. Once logged in you will be guided to the rest of the process. Log in now to…
Recently discovered cybersecurity vulnerability in Apache Struts, which potentially allows hackers to access sensitive corporate data. Struts is an open source software framework used by many thousands of corporations worldwide to create Java web applications. Mike Pittenger is a security expert from Black Duck Software commented below. Mike Pittenger, Security Expert at Black Duck Software: “Once again, we see the importance of having full visibility to all of the components used in your software. While neither Tenable nor Rapid7 appear to have plug-ins for detecting this yet, they undoubtedly will. But then organizations are forced to scan their entire environment, using the…
The Illinois State Legislature has passed a ground-breaking data privacy bill which is now awaiting final approval from the Governor. This bill is the first step and would require internet companies and entities to tell consumers what geolocation data they are collecting, why they are gathering that information and with whom they are sharing it. Chris Olson, CEO of The Media Trust commented below. Chris Olson, CEO at The Media Trust: “Much like the EU’s trailblazing data privacy regulation (General Data Protection Regulation or GDPR), this bill aims to give consumers some control over their personal data. But, geolocation is…
Symantec has discovered a new hacking campaign targeting critical infrastructure by a group known as Dragonfly. The group has been active since 2014 and has been collecting information about targets and systems. Moreno Carullo, Co-Founder & Chief Technical Officer at Nozomi Networks commented below. Moreno Carullo, Co-Founder & Chief Technical Officer at Nozomi Networks: “Deviating from the 2014 wave of DragonFly threats, which targeted pharmaceutical firms, DragonFly 2.0 appears to have been weaponized to specifically target industrial control systems (ICS) field devices, and then feeds that information back to the command and control server which will be monitored by the attackers. Rather than…
So many high-profile hacks and cyberattacks have occurred over the past few years, it’s easy to fall into the trap of thinking small businesses are rarely a target. After all, big businesses have more to offer, especially when it comes to personal or sensitive data — right? Wrong. In fact, more than 43 percent of cyberattacks target small or newer businesses. How scary is that? It means nearly half of all cyberattacks are targeting smaller businesses instead of large organizations. Worse yet, 60 percent of small companies affected go out of business within six months of a severe cyberattack. It…
Food delivery startup Deliveroo has warned it’s customers with vulnerable passwords that they are at risk of being hacked. The company has not been breached and their website has not been infiltrated but has identified a number of customers whose email addresses were compromised in data breaches on other websites. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Password reuse from compromised accounts is a favoured attack by many attackers. In this they will take the passwords associated from one breach and try to use those to gain access to other accounts belonging to users.”…
In response to multiple reports that a Data leak exposed millions of Time Warner Cable customers’ PII, NuData Security is offering perspective. Lisa Baergen, APR, MMC, Marketing Director at NuData Security: “The numbers of events in which sensitive user data or personally identifiable information (PII) is left exposed on an unsecured server continue to climb. The fact that a trusted provider appears to be implicated in this event demonstrates why it’s so easy for fraudsters to get their hands on PII through the Dark Web, and create fraudulent identities for account takeovers, new lines of credit, and fraudulent purchases. “This particular exposure is…
With the upcoming General Data Protection Regulation (GDPR) being implemented in the UK next year, many companies are struggling with the ability to comply with these new regulations and other data privacy regulations while continuing to do business at the speed of light. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “You really can’t talk about managing or securing the digital environment without addressing its ever-changing nature. The internet’s value is in its constant communication; therefore, internet-related assets require a “continuous” security approach. GDPR will be a proving ground for enterprise security…
The Times has reported that cyber criminals are launching hundreds of successful cyber attacks on British universities each year, targeting scientific, engineering and medical advances including research into missiles. Cybersecurity breaches at institutions including Oxford, Warwick and University College London have doubled in the past two years to 1,152 in 2016-17, according to data released after freedom of information requests by The Times. Dr Anton Grashion, Managing Director, Security Practice at Cylance commented below. Dr Anton Grashion, Managing Director, Security Practice at Cylance: “Universities are competing for the best students, and one of the areas that gives them a small competitive advantage is the flexibility…
