According to a recent report by corporate investigations and risk consulting firm Kroll, UK businesses are the second biggest victims of cybercrime in the world, with 92 per cent of executives saying they had experienced an attack or information loss in the last year. Phishing is one of the most common types of cyberattack, with 30 per cent of phishing emails getting opened, according to Verizon’s Data Breach Investigations Report. It’s the easiest way to hijack accounts – as happened to Hillary Clinton’s election campaign chairman John Podesta last year. Even tech giants like Facebook and Google aren’t immune. Last month it emerged the tech giants…
ISBuzz Team
Breaking News: ESET has discovered a malware that is the biggest threat to critical infastructure since Stuxnet (the malicious worm that was responsible for causing substantial damage to Iran’s nuclear program) named Industroyer. As its name suggests, Industroyer was designed to disrupt critical industrial processes. The original blog post can be found here and the accompanying whitepaper can be read here. IT security experts from One Identity, Nozomi Networks, FireMon and AlienVault commented below. Andrew Clarke, EMEA Director at One Identity: “There is no doubt that malware has progressively become more sophisticated—the latest variant to grab the headlines “Industroyer” or Crash Override as it is also known; seems to be a…
Solution provides cybersecurity and compliance risk management software and services, acts as virtual extension of an organization’s security team London, UK – Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the launch of Tripwire® ExpertOpsSM, a cloud-based file integrity monitoring (FIM) and security configuration management (SCM) solution for organizations lacking the in-house resources needed to maintain cybersecurity and compliance risk at their desired levels. Tripwire ExpertOps helps customers focus more on detecting breaches and maintaining compliance by deploying, managing and ensuring optimal operation of their security and compliance solutions. By providing…
Although the majority of industrial organisations believe they are well-prepared for cybersecurity incidents, this confidence may be not well-founded: every second ICS company experienced between one and five incidents last year, according to a survey conducted by Kaspersky Lab. On average, ineffective cybersecurity costs industrial organisations up to $497K (£383K) per year. The emerging Industry 4.0 trend is making cybersecurity a top priority for industrial organisations globally, adding new challenges to dealing with ICS. Challenges include the convergence of IT and operational technology (OT), and the availability of industrial control networks to external providers. To get more insight into the…
Kaspersky Lab experts have discovered an unusual new Trojan being distributed through the Google Play Store. The Dvmap Trojan is capable not only of obtaining root access rights on an Android smartphone, it can also take control of the device by injecting malicious code into the system library. If successful, it can then delete root access, which helps to avoid detection. The Trojan has been downloaded from Google Play more than 50,000 times since March, 2017. Kaspersky Lab reported the Trojan to Google, and it has now been removed from the store. The introduction of code injection capability is a dangerous…
Security professionals point to bored and distracted employees as biggest potential data security risk, according to Centrify poll Over half say they would trust technology over humans as a way of avoiding mistakes Employees who become distracted at work are more likely to be the cause of human error and a potential security risk, according to a snapshot poll* conducted by Centrify, the leader in securing hybrid enterprises through the power of identity services, at Europe’s leading infosecurity event, Infosec Europe in London this week. While more than a third (35 per cent) of survey respondents cite distraction and boredom as the main…
Cyber security company eSentire today released its Q1 Midmarket Threat Summary Report, which provides a quarterly snapshot of threat events investigated by the eSentire Security Operations Center (SOC). Addressing three key topics – threat types, threat volume and attack types – the quarterly assessment includes visual data analysis, written analytical evaluations, practical recommendations, and key analytical assumptions, providing threat perspective for business leaders in the midmarket, and actionable takeaways to help leaders strategically reduce their threat surface. Key Findings: Between January 1 and March 31, the eSentire SOC detected nearly 4 million attacks across multiple industries, with Finance, Technology, Legal, Mining, and Retail…
Lee Murphy, owner at Accountancy Software Pandle: “By their very nature, cryptocurrencies are encrypted, but this doesn’t make them any more secure than dealing in normal currencies, as many people may think. There is no regulation or policing that can investigate theft for you, so it’s important to get advice if you’re looking to to trade in or receive payment – cryptocurrencies are not the exception to the rule when it comes to monetary scams, and should not be treated as such. Bitcoin payments are also irreversible, and create an extra level of exposure that people may not be aware of.…
Research team finds websites built by freelance developers plagued with critical security failures Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today released findings from research investigating the dangers of turning over web development to an unqualified third party. Specifically, the research revealed that websites developed by “budget” developers, without portfolios or references, tend to be plagued with critical security failures. For this project, The Tripwire Vulnerability and Exposure Research Team (VERT) took on a non-technical persona and hired nearly 20 developers to create a website, with bids going up to $250.…
Meet High-Tech Bridge’s application security experts on stand S-48 at Infosecurity Europe The latest trends and insights on mobile and IoT security, DevSecOps, Bug Bounties, OWASP Top Ten and encryption. At Infosecurity Europe 2017, High-Tech Bridge, a leading provider of web and mobile application security testing services and a “Gartner Cool Vendor 2017”, released a summary report on application security trends for Q1 – Q2 2017. Statistical data mentioned in the report largely comes from the ImmuniWeb® Application Security Testing Platform and High-Tech Bridge’s free web security services, but also leverages a wealth of data from various open sources. The most interesting or important…
