Close Menu
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Facebook X (Twitter) LinkedIn
Facebook X (Twitter) LinkedIn
Information Security BuzzInformation Security Buzz
  • Home
  • Articles
    • Attacks
      • BEC
      • Data Breach
      • DDoS
      • Evasion Attacks
      • Injection
      • Malware
      • MITM
      • Phishing
      • Ransomware
      • RCE
      • Social Engineering
      • Spoofing
      • Spyware
    • Business and Policy
      • BCP and DRP
      • GRC
      • Regulations
    • Data Protection
      • DLP
      • DRM
      • Encryption
      • IAM
    • Future, Trends and Insight
      • AI
      • Events & Community
      • Emerging Tech
      • Expert Panel
      • Interviews With Experts
      • Insights
      • Study & Research
    • Resources
      • Guides
      • Tools
      • Training & Education
    • Security
      • API
      • Apps
      • Cloud
      • Critical Infrastructure
      • Endpoint
      • Hardware
      • IoT
      • Mobile
      • Network
      • OT
      • Port Security
      • Security Architecture
      • Software Development
      • Supply Chain
      • Zero Trust
    • Threats and Vulnerabilities
      • Emerging Threats
      • Insider Threats
      • Risk Management
      • Threat Intelligence
      • Zero Day
  • News and Exclusives
    • Latest News
    • ISB Exclusive
    • Positive News
  • Who We Are
    • About Us
    • Information Security Buzz Expert Panel​
    • Write for Us
    • Media Pack
  • Contact Us
  • Newsletter
Subscribe
Information Security BuzzInformation Security Buzz
Home - Archives for ISBuzz Team - Page 621

ISBuzz Team

ISBuzz Team
  • Website

Re-Emergence Of MongoDB

ISBuzz TeamSeptember 6, 20172 Mins Read

News broke this morning that ransom attacks on MongoDB databases revamped over the weekend after an apparent pause. According to the security researchers Dylan Katz and Victor Gevers, three new groups appeared on the threat landscape and hijacked over 26,000 servers. One of them, in particular, is responsible for hijacking 22,000 machines. Security experts commented below. Tony Rowan, Chief Security Consultant at SentinelOne: “In many cases, the data stored and accessed in these MongoDB databases is going to be the lifeblood of the business so attack groups are going to continue to go after them, especially if the data owners fail to protect that data effectively. As we…

Read More

Taringa Breached, 28 Million Accounts Compromised

ISBuzz TeamSeptember 6, 20172 Mins Read

News broke this morning that Taringa, a Reddit-like social network website for Latin American users has suffered a massive data breach in which 28 million accounts of registered users have been stolen. Andrew Clarke, EMEA Director at One Identity commented below. Andrew Clarke, EMEA Director at One Identity:  “The reported breach at Taringa highlights some fundamental issues.  The fact that an administrative file holding passwords was accessible  demonstrates little or no control over privileged accounts. Then the passwords were easily cracked since the company used a weak MD5 (128-bit) algorithm rather than SHA-256.   And the user passwords were not enforced by a…

Read More

Hackers Targeting UK Uni’s For Mediacal, Missile And Scientific Data

ISBuzz TeamSeptember 6, 20171 Min Read

Henry Seddon, VP EMEA at Duo Security: “The findings reveal that universities – staff and students – make popular targets for these attacks, which leaves them vulnerable to all kinds of security risks. The challenge is that phishing attacks are increasingly sophisticated – a targeted spear phishing attack can be particularly difficult to spot – but they can ultimately compromise the security of the entire network. They open the doors to hackers, with stolen credentials, to access an organisation’s system virtually undetected, posing as an authorised user. Worryingly, phishing is now the most popular way of delivering ransomware onto an organisation’s…

Read More

9,400 US Fed Security Clearance Employees’ Info Leaked – TigerSwan

ISBuzz TeamSeptember 5, 20173 Mins Read

Following the news about 9,400 US Fed Security Clearance Employees’ Info Leaked, IT security experts commented below. Lisa Baergen, APR, MMC, Marketing Director at NuData Security: “All data breaches are serious for those individuals and organizations concerned, but this breach is particularly concerning given the status of the affected parties. Data that is stolen during a breach will most likely end up for sale on the dark web, and this data is no different. The personal information of US citizens with top secret clearance for sale on the dark web is potentially disastrous and could attract attention from major criminal organizations…

Read More

Instagram Hacked, Celebrity Contact Details Revealed

ISBuzz TeamSeptember 4, 20174 Mins Read

It has been reported that Instagram has revealed a flaw in its systems revealed “a number of” stars’ phone numbers and email addresses to cyber-attackers.The Facebook-owned social network has emailed verified members, usually prominent figures, to let them know. It said it believed “one or more” attackers had targeted high-profile stars to get their contact information. Instagram said passwords had not been stolen but warned users to watch for suspicious activity on their accounts. IT security experts are commented below. Mark James, Security Specialist at ESET: “There is one thing that anyone in the IT business will tell you- is if you use, create,…

Read More

Vulnerabilities Found In Nearly Half A Million Pacemakers

ISBuzz TeamSeptember 4, 20172 Mins Read

According to the latest news, the U.S. Food & Drug Administration (FDA) has identified serious cybersecurity vulnerabilities in the patch of ‘Abbott’ implantable cardiac pacemakers. As a result, more than 450,000 devices need to be reprogrammed, and several of the vulnerable models have been recalled in the US. Kaspersky Lab has been investigating the problem of smart medicine, revealing the high level of vulnerability that results from an ever-increasing number of medical devices connected to data systems. Denis Makrushin, Security Researcher at Kaspersky Lab commented below. Denis Makrushin, Security Researcher at Kaspersky Lab:  “Vulnerabilities in smart medical devices such as pacemakers…

Read More

Security Vulnerabilities Found In AT&T

ISBuzz TeamSeptember 4, 20173 Mins Read

The researchers have found five holes in the firmware running on Arris modems, three of which are hardcoded backdoor accounts. An attacker could use any of these three accounts to access and take over the device with elevated privileges — even root — install new firmware, and ensnare the modem in a larger botnet. According to Nomotion, the flaws are found in both the standard Arris firmware, but also in the extra code added on top by OEMs. In their research, experts looked at an Arris modem installed on the network of AT&T. Tod Beardsley, Research Director at Rapid7, commented…

Read More

Pacemaker Devices Recalled After Fear Of Being Hacked

ISBuzz TeamSeptember 4, 20172 Mins Read

The US Food and Drug Administration (FDA) is recalling nearly half-a-million pacemakers from St Jude Medical (now Abbotts) after finding at the beginning of this year that the devices could be hacked. Leading cyber security experts have had their comments on the news. Cesare Garlati, Chief Security Strategist at the prpl Foundation: “With IoT, the main cause for concern is security. IoT has developed rapidly and is now being used in all facets of life, which is why improvements in security need to be made now, especially when human lives depend on the IoT medical devices for survival. Failure to do so will lead…

Read More

Malware Infections Are Inevitable: How You Can Protect Your Organization From Such Risks?

ISBuzz TeamSeptember 4, 20173 Mins Read

A number of companies nowadays seem to be unperturbed by the rash of malware attacks that have occurred in recent months. Even certain system administrative and security tools have been compromised in incidents of new-generation malware wreaking havoc in various countries worldwide. Email security provider Proofpoint, in its quarterly report, cited: “Threat actors appeared to double down on smaller, more targeted campaigns with banking Trojans and information stealers. At the same time, mobile and social threats continued to evolve, drawing more people to phishing pages and malicious software.” During the first quarter of the year, more than four times as…

Read More

Phishing Attack On MacEwan University

ISBuzz TeamSeptember 4, 20173 Mins Read

This week, MacEwan University in Canada lost $9.5million due to a spear phishing attack. A write up by the BBC explained that, “fraudulent emails convinced staff at MacEwan University that one of its clients was changing its bank account details. Staff then paid money into the fraudulently created account”. In response to this, Levine, former CISO for two Fortune 500 companies, and current Security Advisor to Wombat Security Technologies commented below. Alan Levine, Security Advisor at Wombat Security Technologies: “The kind of scam that victimized MacEwan University is becoming all too prevalent, and the impact can be hugely significant both…

Read More
Previous 1 … 619 620 621 622 623 … 1,258 Next
ISB-Bora-Side-Bar

 
ISB-Bora-Side-Bar
Black ISB Logo

Information Security Buzz is an independent resource that provides the experts’ comments, analysis, and opinion on the latest Cybersecurity news and topics

X (Twitter) LinkedIn Facebook RSS

Working With Us

  • About Us
  • Advertise With Us
  • Contact Us

Write For Us

  • How To Contribute

The Pages

  • Privacy Policy
  • Cookie Policy
  • AI Policy
  • Terms & Conditions
  • Copyright Notice

Information Security Buzz and all its contents are copyright © 2014-2025. All rights reserved. All third-party trademarks are recognized.

Type above and press Enter to search. Press Esc to cancel.

Manage Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
  • Manage options
  • Manage services
  • Manage {vendor_count} vendors
  • Read more about these purposes
View preferences
  • {title}
  • {title}
  • {title}