News has broken that an elite hacker group, OurMine, claims to have hacked into Sony’s PlayStation Network (PSN) and successfully stolen user information. While OurMine has publicly stated they don’t intend to use the data maliciously, the potential impact of this breach is vast because anyone who uses a PlayStation 4 online accesses the PSN. Cybersecurity Expert John Suit CTO at Trivalent, provides an insight on this news below. John Suit, CTO at Trivalent: “OurMine alleges they were able to access and take Sony PlayStation Network data that was stored on a database. Even if this database was protected with traditional encryption…
ISBuzz Team
Positive Technologies experts observe continued uptick in Q2 2017 of “ransomware as a service.” The U.S. and Russia remain the most frequent victims of cyberattacks, but over a quarter (28%) of attacks in Q2 2017 affected dozens of countries and hundreds—sometimes even thousands—of companies. According to Positive Technologies’ statistics, 67 percent of attacks were performed for direct financial gain. Over half of attacks were non-targeted and primarily relied on malware to spread. The epidemic of WannaCry (WanaCypt0r, WCry) ransomware showed that even vigilant users, who don’t open suspicious messages or links, can still fall victim. Intel data indicates that over…
Recent news that over 500 apps downloaded more than 100 million times for Google’s official Play Market contained a secret backdoor that allowed developers to install a range of spyware at any time. Moshe Elias, Director of Product Marketing at Allot Communications, provides an insight on this news below. Moshe Elias, Director of Product Marketing at Allot Communications: “Mobile users expect to be protected whether they’re using their device at their desk, on the train, or in their hotel room, and who better to fulfill this need than service providers? As we’ve seen with the recent Google Play malware-infested apps and hacked hotels across…
Firms are not investing in the necessary cyber awareness training Almost a third (31 per cent) of organisations have been affected by cyber-crime in the past 12 months, according to new research from Databarracks. In light of this, the business continuity expert suggests that organisations must look to invest in ongoing cyber awareness training, especially following the government’s proposed fines for firms who fall victim to cyber-attacks. As part of the Network and Information Systems (NIS) directive, which becomes law across the EU next May and is separate from the General Data Protection Regulation (GDPR), the government has warned that organisations could…
Earlier today researchers uncovered a new type of cyber threat that enables cyber criminals to remotely change the content of emails anytime post-delivery. Dubbed ROPEMAKER, the hackers can use this attack to avoid the target organisation’s security controls to deliver malicious emails. For example, a hacker could swap a harmless, non-dangerous URL with a malicious one in an email already delivered to your inbox, turn simple text into a malicious URL, or edit any text in the body of an email whenever they want. All of this can be done without direct access to the inbox. Brian Robison, Senior Director of Security Technology at Cylance commented…
In response to the latest findings about a potentially lethal automotive security flaw by Trend Micro – The Crisis of Connected Cars: When Vulnerabilities Affect the CAN Standard – the US Industrial Control Systems Cybersecurity Emergency Response Team (US/ICS-CERT) has issued an alert. Leaders in IoT security and device-level identity Rubicon Labs offers commented below. Rod Schultz, Chief Product Officer at Rubicon Labs: “Following in the footsteps of the internet and mobile devices, the next great technology trend may rise out of the automotive industry. But it is incredibly possible that the Achilles Heel of automotive – the poor motivation to innovate in vehicle security…
In light of the news that online hate crime is set to be treated as seriously as ‘offline’ offences, under revised CPS guidelines, David Emm, Principal Security Researcher at Kaspersky Lab commented below. David Emm, Principal Security Researcher at Kaspersky Lab: “Technology offers protection but we cannot rely solely on it. By being informed and talking about our lives online, we will continue to raise awareness and understanding of the risks and threats and how to guard against them.” Four simple and practical steps you can take to help you stay safe online are as follows: Don’t assume that someone is…
News broke this morning that cyber-attacks against cloud services are accelerating at a rapid speed. Microsoft has revealed that the frequency and sophistication of attacks on it users’ cloud-based accounts are “accelerating.” There has been a 300% increase in user accounts attacked over the past year, according to the tech giant’s Identity Security and Protection team. Oliver Pinson-Roxburgh, EMEA Director at Alert Logic commented below. Oliver Pinson-Roxburgh, EMEA Director at Alert Logic: “There are a number of sophisticated attacks that rely on new detection capabilities most organisations do not have today and they are increasing as organisations get better at security best practices. A recent alert…
Plex, a supplier of multimedia streaming solutions faced a storm of criticism from customers after they said they were going to remove the Opt-out option on their data collection. Customers reacted immediately, forcing the company to re-think that move. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “The backlash of Plex’s user community demonstrates an interesting transition point of raised consumer awareness around privacy and personal data. Consumer’s hold the power to force organizations to be more transparent about what data they collect and how they use that data. This appears to be an industry first,…
Lieberman Software Survey Measured Opinions of Black Hat USA 2017 Attendees Most companies today have moved from a centrally managed IT infrastructure to one of cloud and mostly disconnected systems. Securing remote and disconnected environments, and providing controlled privileged access, has been a serious and unsolvable problem for these organizations. Simply put: how can you manage something you cannot talk to regularly? At Black Hat USA 2017, Lieberman Software Corporation surveyed attendees about this problem and found that 53% of polled IT security professionals stated that it’s challenging for them to secure systems that are disconnected from their corporate networks. And…
