News broke today that the computer networks of Ukrposhta, the national postal service in Ukraine, have been disrupted by a two-day distributed-denial-of-service (DDoS) cyberattack. IT security experts from Corero Network Security and Imperva Incapsula commented below. Sean Newman, Director at Corero Network Security: “The reports of an extended DDoS attack on the Ukraine national postal service, demonstrate how easily unprotected organisations can have their operations crippled. With critical systems exposed to the internet and inadequate protection, denial of service attacks can have an impact way beyond taking a website down or preventing online transactions from taking place. In this case, it was a…
ISBuzz Team
Cybersecurity expert Josh Mayfield from FireMon commented this morning on news of a credit breach in India, in which 48,000 individuals’ personal and sensitive data was exposed to hackers. Personal and financial data of thousands of Indian citizens was found to have been freely exposed on the Web by credit services firm Creditseva, according to security researchers who first spotted the data breach. Around 48,000 Indian citizens’ critically sensitive data, including drivers’ license, home addresses, credit reports, as well as pictures were left exposed by the Hyderabad-based fintech startup, in an insecure Amazon Web Service server. The breach comes on the heels…
This week, a privacy group filed a complaint with the Federal Trade Commission in the US against a popular free VPN service, Hotspot Shield. The filing cites how the service collects data and intercepts traffic and re-routes it to partner websites, which seems to be in conflict with the company’s claim to offer “complete anonymity”. Paul Bischoff, privacy advocate for the consumer privacy advice and comparison website, Comparitech.com commented below. Paul Bischoff, Privacy Advocate at Comparitech.com: “If the claims made in the FTC filing are indeed true, then Hotspot Shield’s privacy practices are even worse than we originally thought. Comparitech…
Following the news that the UK is set to implement the Network and Systems Directive (NISD) in May 2018 following consultations, Dr. Jamie Graves, CEO at Scottish cyber security company ZoneFox commented below. Dr. Jamie Graves, CEO at ZoneFox: “GDPR was spoken about extensively at its ‘one year to implementation’ as a game changer. NISD is no different and provides clear directives and repercussions for critical infrastructure – a vital area to secure in the fight against cyber crime. May’s WannaCry attack is a clear proof point for why the NISD is much needed. The way in which businesses need to secure themselves is no…
From recruiting the most talented employees, to ensuring accounts are in order and providing staff with the latest technological innovations, businesses across the globe work tirelessly every day to strive for success. Lurking behind every policy, best practice and guideline, however, is a world that often gets neglected. What happens when someone leaves the company? Of course, in an ideal world, businesses recruit a capable replacement, tie up any loose ends on a project they were previously working on, and of course, throw a leaving party to ensure both the employee and business can part ways on the best of…
The second quarter of 2017 saw sophisticated threat actors unleash a wealth of new and enhanced malicious tools, including three zero-day exploits and two unprecedented attacks: WannaCry and ExPetr. Expert analysis of the last two suggests the code may have escaped into the wild before it was fully ready, an unusual situation for well-resourced attackers. These and other trends are covered in Kaspersky Lab’s latest quarterly threat intelligence summary. The months from April to end June witnessed significant developments in targeted attacks by, among others, Russian-, English-, Korean-, and Chinese-speaking threat actors. These developments have far-reaching implications for business IT…
News broke this morning that the UK government have announced proposals to impose severe financial penalties on companies with poor cybersecurity plans in place, with fines reaching up to £17 million. IT security experts commented below. Oliver Pinson-Roxburgh, EMEA Director at Alert Logic: “Essentially what the directive sets out to do is to drive security. In my experience a large proportion of organisations are not very good at responding to incidents and on average it’s 205 days before a breached entity is able to detect a breach, and they often do not detect even it themselves. The NIS directive sets out measures designed…
What happens now? HBO is faced with a few questions that will shape their decision based on very limited information and the longer they wait to make a decision the more information they will have. If we take the new reports at face value that this is an extortion attempt then the decision to pay or not hinges on a couple of key points of information. 1) How good were the hackers If they were really good and managed to hide their traces well, the forensic effort is going to be a very long and ultimately incomplete job. HBO…
In an effort to close the cybersecurity skills gap, the National Institute of Standards and Technology has drafted new cybersecurity definitions for the workforce. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “The first draft of the National Institute of Standards and Technology (NIST) National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework will help critical infrastructure companies like oil and gas, power, water, manufacturing etc., to accelerate its hiring practices to close the skills gap in cybersecurity. They will now be able to articulate cybersecurity roles, area of specialty, category of work, and…
With the Office for National Statistics today reporting that email is the most common internet activity, it stands to reason that email attacks are becoming increasingly common and email security is paramount. Wieland Alge, General Manager EMEA at Barracuda commented below. Wieland Alge, General Manager EMEA at Barracuda: “Results from the Office for National Statistics today confirmed that email is still the most common internet activity, with 88% of adults saying it is the main reason they use the internet. This is concerning against the backdrop of our own research carried out earlier this year confirming yet again that email…
