Regarding a law firm’s recent leaking of confidential data belonging to thousands of Wells Fargo’s wealthiest clients, Brad Keller, Sr. Director 3rd Party Strategy at risk management vendor Prevalent, Inc. (Warren, NJ) commented below. Brad Keller, Sr. Director 3rd Party Strategy at Prevalent, Inc.: “The disclosure of 1.4 gigabytes of customer information (https://www.nytimes.com/2017/07/21/business/dealbook/wells-fargo-confidential-data-release.html by a Wells Fargo attorney highlights the fact that law firms have to step up their game when it comes to protecting client data. It also highlights the fact that many more law firms have confidential and/or proprietary data than most companies (banks or otherwise) realize. Firms engaged…
ISBuzz Team
It has been revealed that National Crime Agency (NCA) was holding a cyber rehab camp for teenagers caught carrying cyber attacks. Those that attended the center learned about responsible use of cyber-skills and were given career advice about the computer security industry. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Initiatives like cyber rehab are a very good initiative. Often times, a curious mind will not fully realise or appreciate the impact their actions could have online. It is not necessary to criminalise such offenders, rather, reformation should be the goal. It can also be useful in helping…
T-Systems ), the corporate IT and cyber-security arm of Deutsche Telekom (Europe’s largest telecoms company), is warning organisations of the security risks associated with allowing employees to work while on their summer holiday. Where employees absolutely must interrupt their summer vacation to email and work remotely, T-Systems says it is essential those employees have had recent cyber-security training, or they risk compromising business security and confidentiality. Scott Cairns, the UK head of cyber security at T-Systems, said: “Time away from our hectic work life should be treasured, not spoilt by an expectation we will respond to work emails and requests.…
As malicious hackers mount ever more sophisticated attacks, China is about to launch a new, “unhackable” communications network – at least in the sense that any attack on it would be quickly detected. IT security experts commented below. Leigh-Anne Galloway, Cyber Security Resilience Lead at Positive Technologies: “In the field of quantum cryptography, there are some commercial applications already in different countries, including MagiQ, ID Quantique and Tokyo QKD Network. We may see some quantum-protected telecoms soon, at least for military and top-business communications. “However, it’s not correct to call this communication “unhackable”. Quantum key distribution is vulnerable to many different attacks.…
Fraudulent digitals ads sold programmatically have hit epic proportions causing some big named advertisers to pull back in an effort to clean up their digital media supply chain. This has also prompted Google to work with media partners to actively uncover fraudulent ads. Chris Olson, CEO at The Media Trust commented below. Chris Olson, CEO at The Media Trust: “The digital advertising ecosystem’s persistent challenges with brand safety and fraud can be directly attributed to the complex nature of industry relationships. To re-establish trust, publishers–the front line of many challenges–need to better control the content that renders on their digital…
Police have warned that household appliances which connect to the internet will increasingly be hacked by criminals seeking to steal your identity, rob your home or bank accounts. The chief constable, Mike Barton, who leads the National Police Chiefs Council on crime operations, warned about the dangers of the ‘internet of things’ as more ordinary household items become connected. Cesare Garlati, Chief Security Strategist at the prpl Foundation commented below. Cesare Garlati, Chief Security Strategist at the prpl Foundation: “IoT and connected devices have become the biggest threat in the modern world as attackers continue to exploit the capabilities and vulnerabilities of…
A new form of phishing has been discovered by CyberInt that targets the energy industry. The actual phishing email and attached document have no malicious code and are therefore undetectable. The word document contains a template reference that, when the document is loaded, connects to an attacker’s server via Server Message Block (SMB) to download a Word template which can include embedded malicious payloads.The connection to the SMB server also provides the attacker with the victim’s credentials, which can be s used to acquire information and/or infiltrate the control systems used by the targeted personnel. Andrea Carcano, Founder and Chief…
There has been loads written and talked about surrounding General Data Protection Regulation (GDPR). The new regulation is arguably the most significant change in global privacy law in twenty-two years and businesses must shore up their cybersecurity processes and procedures to avoid facing financial penalties. GDPR is due to be implemented on May 25th 2018 and the regulation places important new obligations on any business that handles the data of individuals living in the EU, independent of where the business is located. Although many companies have already adopted privacy processes and procedures consistent with the directive, the GDPR contains a number…
Following the news that Reckitt Bencksier saw a 2% decline in sales last quarter- a sign of the destruction caused by the Petya ransomware attack last month. Raj Samani, Chief Scientist and Fellow at McAfee commented below. Raj Samani, Chief Scientist and Fellow at McAfee: “Cyber attacks damage far more than a company’s reputation, often hitting the bottom line hard. The impact on revenue is huge – and does extend beyond the immediate detrimental impact of the attack itself. Many organisations suffer the consequences over many months as it takes time to get systems corrected and brought back on track. “This should…
In response to media coverage of incident response burdens based on recent surveys — including a recent survey from from next-gen SIEM developer Cyphort which codifies the burdens that legacy SIEMs place on security teams, two security professionals commented below. Dr. Hernan Londono, CTO at Barry University: “Really it’s a problem of prioritizing what appears to be a critical event over what seems to be not a major event. In any case, never optimally, you never have the chance to look at all alerts in any given day.” “So what we know from having operated a SIEM for years now, and based off the number of alerts that we received, we…
