Following the News that users of Guardian Soulmates have been targeted with sexually explicit spam emails after their contact information was accidentally exposed on the dating site. Information from users’ profiles was included in the spam messages. IT experts from Lastline and NuData Security commented below. Marco Cova, Senior Security Researcher at Lastline: “This breach is good reminder that every breach reveals data that criminals can use to launch additional attacks. They merge data from multiple sources, building dossiers on potential victims, including spear phishing targets. The information that they gather does not have to be highly confidential in order to create successful…
ISBuzz Team
Following the news that there is a massive flaw in Intel chips that allows hackers to remotely takeover large number of devices without even needing to enter a password. Cesare Garlati, Chief Security Strategist at prpl Foundation commented below. Cesare Garlati, Chief Security Strategist at prpl Foundation: “Firmware vulnerabilities are the most dangerous because by definition firmware is “persistent”. The software that is built in to the device is the first code executed at boot, so exploits attacking this software layer make all other security measures pointless. In addition, firmware can’t really be “patched” – it needs to be completely…
ESET Ireland looks at a few recent cyber threats arriving by mail in recent weeks, ranging from Tesco Bank phishing to a secret ‘Hungarian admirer’. It’s a numbers game that the cybercriminals are playing. Send out enough spam and a certain percentage of victims will click. So, week after week, we’re seeing new scams or new variations on old scams. The past weeks were no exception. A long an elaborate letter pretended to have come from Tesco Bank credit card team. It read “We’ve been trying to contact you about your account, but we’ve been unable to reach you. Your…
Following the News about a new strain of ransomware that is automatically adjusting its ransom demand for unlocking decrypted files depending on where in the world the victim is, with targets in richer parts of the globe forced to pay higher rates. Andrew Clarke, EMEA Director at One Identity commented below. Andrew Clarke, EMEA Director at One Identity: “This new, malicious and fiendishly-targeted version of ransomware is to be expected. It’s not that one could reasonably prognosticate that ransomware would move into the realm of economic indexing, but the increasing sophistication is wholly expected. Cyber security, or the act of reducing an…
A cyber-attack has compromised the personal data of up to 26,000 Debenhams customers. The breach, which is understood to have been malware-based, targeted the online portal for the retailer’s florist arm, Debenhams Flowers. IT security experts from Cylance, Imperva and Kaspersky Lab commented below. Anton Grashion, Managing Director Security Practice at Cylance: “It’s an unfortunate fact of life for security teams that an organization’s data is only as secure as the weakest link in the chain, which is often smaller third-party vendor organizations. It’s absolutely critical to evaluate information security risk when choosing and onboarding a vendor, as well as to outline minimum…
Following the news about the launch of leading UK bank Barclays’ £10m nationwide initiative to spread awareness about financial fraud risks, dubbed the ‘Great British Fraud Fightback’, Peter Carlisle, VP of EMEA at Thales e-Security commented below. Peter Carlisle, VP of EMEA at Thales e-Security: “The sheer number of consumers now becoming victims of cyber-crime and online fraud in the UK is simply startling. It’s clear that the days of creating an ‘original’ and hard-to-copy signature to protect our bank and identity details are well and truly behind us. “A significant gap currently exists between the widespread use of the technology that plays a key role…
Security experts are concerned about the popularity of what has been nicknamed the “10 concerts” Facebook ‘meme’. The game asks users to provide 9 music concerts they’ve been to and 1 that they haven’t – their friends then need to try to spot which band the user is lying about. Experts have labelled the game a “gift to hackers” as it could be a way for cyber-criminals to determine a crucial piece of information about users: the first concert they went to. A user’s first concert is a common security question on online accounts and could hand malicious observers the key…
RapID Secure Login enables WordPress users to easily access their accounts without insecure and cumbersome passwords Lutterworth, England/Reston, VA – Today, digital identity and credentials expert, Intercede announced the launch of RapID Secure Login (RapID-SL), a Plugin for WordPress that enables administrators and subscribers to log into websites and blogs with fingerprints instead of usernames and passwords. By eliminating the use of insecure passwords, users are provided with superior usability and more robust security. RapID Secure Login is a WordPress Plugin that works with an Android or iOS app. Available through the WordPress Plugin Directory, it harnesses Intercede’s RapID credentialing service to provide…
CA Applies Real-Time Behavioral Analytics and Machine Learning to Largest Pool of Online Transaction Data to Stop Fraud Instantly NEW YORK – CA Technologies (NASDAQ:CA) today announced CA Risk Analytics Network, the payment industry’s only card-issuer network that stops card-not-present fraud instantly for network members using real-time behavior analytics, machine learning and global transaction data to reduce online fraud losses by an average of 25 percent* – a potential of $2.2 billion in savings.** As a cloud-based service, CA Risk Analytics Network incorporates a new advanced neural network model, backed by real-time machine learning, to protect 3-D Secure card-not-present (CNP) transactions. It learns…
Following the hack affecting Emmanuel Macron’s campaign over the weekend, Chris Doman, security researcher at AlienVault, comments: “The impression on the 4Chan boards, where the data was dumped – the so-called “armpit of the Internet” – is that this is all a game. But the effects of repeated attacks against political parties is serious. It’s unlikely those orchestrating these attacks would have the best interests of those happily spreading their output at heart. While the French elections are now over, it’s unlikely these types of attacks will be. Related attacks targeting German political parties for the upcoming German elections have…
