In the wake of the WannaCry attack, Cesare Garlati, Chief Security Strategist at prpl Foundation, gives a reason on why Microsoft failed to release the fix for older Windows systems. Cesare Garlati, Chief Security Strategist at prpl Foundation: “Most of the vulnerabilities released by the Shadow Brokers affect Microsoft end-of-lifed products. As such MSFT has no commercial interest in fixing any issues. End users should either buy newer versions of these products or depart from the old proprietary software model and embrace open source alternatives. Open source software is always “fresh” and security fixes are released in quasi real time – see for example Linux Debian.” Cesare also gave comment…
ISBuzz Team
CALABASAS, CA – Ixia, a leading provider of network testing, visibility, and security solutions, offers organizations three core principles to develop an appropriate resistance against ransomware. Ransomware has become the hacker’s favorite tool to make money in the cybercrime economy. The latest Verizon Data Breach Investigations Report (DBIR) states that it is the most common type of crimeware, as holding files for ransom is fast, low risk, and easily monetizable, especially with Bitcoin to collect anonymous payment.[1] Attacks targeting businesses have grown by 300 percent since January 2016, and an attack happens every 40 seconds.[2] The latest global ransomware attack, called WannaCry, has affected more than 200,000 victims in 150…
New survey finds document security practices not measuring up to rise in paper use CINCINNATI, OH – The seventh annual Shred-it Information Security Tracker Survey, conducted by Ipsos, reveals that with the move towards a “paperless” office, U.S. businesses are not prioritizing the management of confidential information in all forms. Even with the evolution of a mobile and increasingly digital workforce, paper documents continue to be a core component of office life. According to the 2017 Security Tracker survey, 39 percent of C-Suite Executives (C-Suites) anticipate an increase in the volume of paper their organization will use over the next…
A new malware campaign detected by Proofpoint called Adylkuzz could prove more widespread than Wanna Cry. Hundreds of thousands of PCs and servers worldwide according to Proofpoint because this attack shuts down SMB networking to prevent further infections with other malware (including the WannaCry worm) using that same vulnerability and end users will only notice their Windows machine is running slowly and that they don’t have access to shared Windows resources. Adylkuzz, a crypto currency miner is installed and used to generate cybercash for the attackers. Michael Patterson, CEO at Plixer commented below. Michael Patterson, CEO at Plixer: “The use of another person’s…
MELVILLE, N.Y, LONDON, UK – The personal data held by local authorities for over 3.5m people in the UK is not protected by a Disaster Recovery (DR) plan, according to research published by storage solutions provider FalconStor Software Inc. (NASDAQ: FALC). The lack of a DR plan could mean that should councils be affected by a cyber attack, equipment failure or human error, personal data could be permanently lost or fall into criminal hands. The Freedom of Information Act (FOIA) request which covered 429 local authorities also revealed that despite previous examples of public sector data loss and the risks posed…
Cisco has recently advised that some of its products have WannaCry vulnerabilities. Paul Calatayud, CTO at FireMon commented below. Paul Calatayud, CTO at FireMon: “When systems on your network are potentially exploitable to vulnerabilities that cannot be patched, mitigating controls are necessary. The most common and first place to start is network control mitigation. WannaCry needs to exploit a system by accessing the network on internet protocols. For those systems that cannot be patched, place behind a firewall or activate specific policies that prevent those systems from communicating with the internet thus eliminating this particular threat. The challenge is complex…
What initially looked like an attack against England’s National Health Service (NHS), forcing hospitals to turn away patients on May 12, 2017, has turned out to be the largest coordinated cyberattack ever seen. Cybersecurity professionals around the world are discovering that the WannaCry ransomware indiscriminately targets all industries everywhere. After only 3 days, the estimated number of victims is over 250 000, spread over 150 countries. So what is ransomware? Ransomware is a piece of malicious software, usually distributed via unsolicited email that either carries an infected attachment, or that leads you to a web page containing malicious content. It…
Survey reveals the majority (70%) of people in the UK have no idea the government is monitoring their online activity, despite expressing concerns about their sensitive information being viewed. A third (33%) of Brits think the government has no power to monitor online activity, and the majority (76%) are completely unaware of the new Investigatory Powers Act, which came into force on 29 January 2017. More than half (59%) say they would not consent to the government or third parties viewing and monitoring their digital activity. Of those surveyed, 63% would only agree to being monitored in order to prevent…
Securonix, the market leader in security analytics and predictive cyber threat detection, has been named one of “the most advanced” real-time security intelligence capability providers by the leading research firm KuppingerCole. KuppingerCole evaluated Securonix’s most recent security analytics platform release – SNYPR 6.0 – in its executive review by analyst and enterprise security expert Alexei Balaganski. SNYPR is a big data security analytics platform that predicts, detects and responds to cyber threats, insider threats and fraud with cutting-edge behavior analytics and machine-learning techniques. Its modular components include next generation SIEM, a big data lake with intelligent log management and the most advanced UEBA…
WannaCry attacks continue targeting organizations around the world, mainly in India, the USA, and Russia Check Point® Software Technologies Ltd. (NASDAQ: CHKP) shows the extent of the wide spread outbreak of international ransomware “WannaCry” with a new Check Point WannaCry Ransomware Infection Map. Check Point researchers have been investigating the ransomware campaign in detail since it was first reported. The researchers were able to track 34,300 attack attempts in 97 countries. The average pace as of today is one attempt in every three second – indicating a slight decline since the original pace registered two days ago, of one attempt per second. The top…
