Reports are surfacing about a breach at Bithumb, one of the world’s largest Bitcoin and Ether cryptocurrency exchanges, resulting in the loss of more than $1 Million in cryptocurrencies after a number of its user accounts were compromised. Ben Hertzberg, Research Group Manager at Imperva commented below. Ben Hertzberg, Research Group Manager at Imperva: “The last few weeks have been dramatic for cryptocurrency and its traders, when the market volatility gave opportunity to both honest investors and criminals alike. This is due to the surges in demand for Bitcoin (bringing it to over 2.7K USD, which has now stabilised over the last couple of days at around 2.5K USD) and other cryptocurrencies like Ethereum which spiked…
ISBuzz Team
69-percent rate ICS security threats as high or severe and critical 40-Percent lack visibility to know if their network has been breached Unprotected devices, nation-states, ransomware ranked top threats Nozomi Networks, the pioneer in real-time cybersecurity and operational visibility for industrial control systems (ICS), today announced ICS cybersecurity threats are growing and identifying attacks continues to be a major challenge according to the annual SANS Institute industrial control systems (ICS) survey set to be released next week. The survey, co-sponsored by Nozomi Networks and other industry leaders, finds that while there has been some progress in protecting critical assets and…
As long ago as 2015, the analyst firm Gartner ‘retired’ big data from its Hype Cycle – its method of tracking emerging technologies from innovation through to the ‘peak of inflated expectations’, ‘trough of disillusionment’ and the sunnier ‘plateau of productivity’. It reasoned that big data was no longer an emerging technology. Yet, at the same time, it’s said that technologies often take five to ten years to move from the trough to the plateau. While, I don’t for one minute think that Gartner has dismissed big data as worthless, I do agree with its decision. The term ‘big data’…
Superior identity security with multi-factor authentication and adaptive access control protects most widely used cloud service from increasing attacks SecureAuth Corp., the leader in adaptive access control, today unveiled enhanced protection for Microsoft’s Office 365, the world’s most widely used enterprise cloud service. By providing adaptive authentication for all Office 365 mail clients – including Microsoft Outlook and third-party applications, such as Apple Mail, SecureAuth is protecting one of the world’s most popular SaaS applications from increasing cyber-attacks. SecureAuth’s enhanced security for Office 365 provides identity protection and detection using the industry’s most advanced adaptive authentication and risk analysis capabilities,…
The number of major cyber incidents are increasing, according to the latest NCSC report. In the eight months since inception, the UK’s National Cyber Security Centre (NCSC) has recorded 480 major cyber incidents requiring its attention. Javvad Malik, Security Advocate at AlienVault commented below. Javvad Malik, Security Advocate at AlienVault: “Organisations do need to cover security fundamentals to ensure they can protect themselves against common attacks. This is important for companies of all sizes that span across all verticals. Attacks are often indiscriminate; in that a vulnerable server, or piece of code, looks just like a vulnerable server, or piece of code. There is…
With the news of a drone causing chaos at Gatwick airport, hacking IoT devices has resurfaced as a topic of discussion especially regarding the security issues should a device be hacked. Cesare Garlati believes “security by separation is vital within embedded connected devices.” Cesare Garlati, Chief Security Strategist at prpl Foundation commented below. Cesare Garlati, Chief Security Strategist at prpl Foundation: “In the optimal situation, there is no way that anyone should be able to access, much less hijack, the critical functions of an IoT device such as a drone. While the power for destruction from just one drone may seem paltry, directing these…
Luke Potter, SureCloud’s Cybersecurity Practice Director, looks at what organisations can do to minimise the risk of a falling victim to a ransomware attack – and offers advice on how to respond if you do The WannaCry ransomware attack took the world by storm last month, successfully claiming 200,000 victims across 150 countries – and with some high-profile casualties, including the NHS. It spread quickly and was highly disruptive – grabbing news headlines across the globe and putting IT security in the spotlight. Of course, WannaCry was not the first – nor is it likely to be the last, as…
TÜV SÜD United Kingdom has achieved Certified Body status for the UK Government’s Cyber Essentials programme, which is designed to protect organisations from cyber security threats. Organisations certified by TÜV SÜD can promote that their IT systems comply with a Government-endorsed standard, demonstrating that they are protecting their own and their customers’ data by having a robust and secure IT environment. Cyber Essentials is now mandatory for suppliers of Government contracts, which involve handling personal information, and providing ICT products and services. It will also enable organisations to prove they have taken the appropriate risk mitigation steps to comply with the new General Data Protection Regulation (GDPR). Organisations in non-compliance with the GDPR after 25th May 2018…
News broke yesterday that Systemd, the Linux world’s favorite init monolith, can be potentially crashed or hijacked by malicious DNS servers. Tim Helming, Director of Product Management at DomainTools commented below. Tim Helming, Director of Product Management at DomainTools: “While any buffer overflow that allows remote code execution is serious, there are a couple of mitigating factors which should (we hope) keep the damage level relatively low for this vulnerability/exploit. Besides the obvious (a patch is available for anyone running the affected versions of systemd), the exploit depends on a malicious (or compromised) DNS server. So the attacker would have to go to some trouble to exploit this…
The Petya ransomware attack – the second major global cyberattack in two months – left a trail of locked computers and compromised networks in some 65 countries around the world. Like the WannaCry attack in May, Petya this week exposed weaknesses in cybersecurity defenses. It also reinforces the notion that it’s a case of when, not if, your organisation will become the target of an attack. But the high likelihood that an attack is coming doesn’t necessarily mean that dire consequences are inevitable. “There is no 100-percent foolproof strategy for blocking cyberattacks, short of swearing off computers, email and the Internet,” said…
