Trend Micro researchers discovered a new Internet of Things botnet, Persirai, which is targeting over 1,000 different IP camera models. According to the research, approximately 120,000 cameras are vulnerable to the malware, with consumers unaware that their devices are even exposed to the internet. Mike Ahmadi, Global Director – Critical Systems Security at Synopsys commented below. Mike Ahmadi, Global Director – Critical Systems Security at Synopsys: “Since all consumer grade IP cameras I am aware of do not use secure (certificate based) authentication, along with the inordinate number of known vulnerabilities found in such devices, I believe it is just a matter of time before…
ISBuzz Team
Most organizations today view the question of being hacked as not if, but when. Cybercriminals are adapting and evolving how they breach enterprises, and are more targeted than ever in stealing the highest-value information from an organization—from sensitive documents to personal banking information to new episodes of a hit show. The recent ransomware attack against producers of Orange is The New Black occurred when hackers obtained the media content by hacking one of the show’s third-party post-production vendor. This pattern of attacking weak surrounding parties to go after high-profile targets has proven to be increasingly more common in the entertainment…
Following the news that Cifas has released research that discovered fraudsters’ takeovers of customer accounts has soared by 45% in the last year. The research revealed that hackers were moving from online to phone, to target not only the consumers themselves but also gain access to facilities such as banks. Raj Samani, Chief Scientist at McAfee commented below. Raj Samani, Chief Scientist at McAfee: “Today’s news from Cifas demonstrates that scammers are becoming ever more intelligent when it comes to who they plan to target and how. Criminals are wise to the rapid improvements in online security, and are instead going to targets directly…
Following the news about newly-discovered Intel AMT vulnerability, which attackers can exploit to gain full control over a computer and attack the enterprise, Mounir Hahad, Ph.D., Sr Director at Cyphort Labs, which manages IT threat visibility and control commented below. Mounir Hahad, Ph.D., Sr Director at Cyphort Labs: “This is a very severe vulnerability for three reasons: it gives broad access to the compromised PC, it’s is very easy to exploit, and te threat surface is monumental. “The PCs which are exposed to the internet with open ports 16992 and 16993 are not the only potential targets, as implied by the early published articles. Any PC…
Following the news that leading UK bank Barclays has launched a £10m nationwide initiative to spread awareness about financial fraud risks, dubbed the ‘Great British Fraud Fightback’. The bank hopes to boost the protection of digital identities of Britons through the dissemination of information, tools and tips. The digital safety drive launchedon Monday (8 May) marks the first attempt by a high street bank to enable their customers to assume full control over how their debit cards would operate. Customers would be able to use the Barclays mobile banking app to instantly enable or disable remote purchases and set their daily ATM withdrawal…
Following the news that the FCC site was subject to a DDoS attack last night, Dr Malcolm Murphy, Technology Director at Infoblox commented below. Dr Malcolm Murphy, Technology Director at Infoblox: “We’re increasingly seeing cyberattacks used with political intent: from the release of emails from newly elected French President Macron’s party just two days before voters went to the polls, to the recent attack on the FCC over its net neutrality reversal. US government organisations are certainly no stranger to DDoS attacks, and this case truly highlights the importance of organisations prioritising DNS security at a time when commonly deployed cyberattacks are…
Cylance’s Threat Guidance Team has detected and examined an unattributed infostealer malware named Paipeu (Korean for ‘Pipes’) which steals information using named pipes and has a hard coded South Korean IP address. It is extremely rare that Cylance’s research team encounters a piece of freshly compiled code, which cannot be assigned to any of the already known malware families. Cylance recently found such a sample after CylancePROTECT® quarantined a threat in the System32 directory on a customer endpoint. The location of the file, the recent compile date, and the lack of similar files on known malware repositories combined to flag this sample…
Google is a highly innovative Tech company specializing in internet related products and services. Over the years, Google has transformed into a multi-billion dollar empire with a broad range of products and ingenious features, with Chrome extensions being one of them. In a world of web browsers, security experts and geeks are of the opinion that Chrome is by far the best choice when it comes to ensuring online privacy and security. However, there’s still no guarantee about the third party extensions you install on your Chrome browser which can track your online activities and interests. Chrome has hundreds and…
RSA SecurID® Access Offers Flexible Mobile Multi-Factor Authentication Options MUNICH, GERMANY – KuppingerCole European Identity and Cloud Conference – RSA, a Dell Technologies business, extends its authentication market leadership with a series of new capabilities for its RSA SecurID Access solution. Enhancements include a cloud-based Authentication-as-a-Service option aimed at delivering seamless access to both on-premises and cloud-based resources and systems, and additional dynamic, risk scoring functionality that is designed to deliver convenient and secure access for any user, anywhere, any time. As cloud and mobile use grows, and the user access base expands to include contractors, vendors, partners and customers, organizations…
The DIGIT Act has been reintroduced in the Senate and is legislation that would promote the internet of things (IoT) industry in the US, help define global interoperability standards and technology innovation, while encouraging a secure and interoperable Internet of Things (IoT).A group comprised of federal and private-sector representatives would be created to work to identify the regulations or practices “inhibiting or that could inhibit the development of the Internet-of-Things.” That working group would also identify the policies that would “improve coordination among federal agencies with jurisdiction over the Internet-of-Things.” One of the first initiatives would be to define the…
