Following the Verizon data breach report, IT security experts from Barracuda, High-Tech Bridge, Bromium and CipherCloud commented below. Wieland Alge, GM EMEA at Barracuda: “The results of the Verizon 2017 Data Breach Investigations Report are very interesting, with many of the findings confirming what we’ve been seeing on the front lines for some time. Ransomware: The report’s finding of a 50% increase in ransomware comes as no surprise to us. Ransomware use has exploded recently as an easy way for cyber criminals to make money. As long as people keep on paying the ransoms, attackers will continue to infect users. It’s…
ISBuzz Team
A new strain of malware – Linux/Shishiga is targeting IoT and leverages weak, default credentials to insert itself into systems through a bruteforce attack. Bob Noel, Director of Strategic Relationships and Marketing at Plixer International commented below. Bob Noel, Director of Strategic Relationships and Marketing at Plixer International: “Linux/Shishiga is a recent example of malware written to focus on vulnerable IoT devices. Like many other forms of botnet malware that have proceeded it, such as Mirai and Hajime, Shishiga targets IoT devices which use default Telnet and SSH credentials. Through a brute force attack, it can gain access to IoT devices.…
Kaspersky Lab has published the results of its investigation into the activity of Hajime – a mysterious evolving Internet of Things (IoT) malware that builds a huge peer-to-peer botnet. The botnet has recently been propagating extensively, infecting multiple devices worldwide. To date, the network includes almost 300,000 malware-compromised devices, ready to work together, to perform the malware author’s instructions without their victims’ knowledge. Still, Hajime’s real purpose remains unknown. Hajime, meaning ‘beginning’ in Japanese, showed its first signs of activity in October 2016. Since then, it has been evolving, developing new propagation techniques. The malware is building a huge peer-to-peer…
Cybersecurity pioneer John McAfee has revealed plans to produce the “world’s first truly private smartphone,” which he claims will be the most hack-proof smartphone ever manufactured. McAfee, creator of the eponymous antivirus program, plans to release the John McAfee Privacy Phone later this year through MGT, a cybersecurity firm that he heads. He shared details about the Privacy Phone exclusively with Newsweek. IT security experts from cyber security companies DomainTools, Tripwire, ESET, AlienVault, Cylance, Comparitech.com, Synopsys and AlertLogic discuss smartphone security and whether there is a need for such a device. Kyle Wilhoit, Senior Security Researcher at DomainTools: “I’m a proponent…
Effective March 1st of this year, the New York Department of Financial Services introduced one of the harshest cybersecurity regulations to hit companies in the U.S. – 23 NYCRR Part 500 aka the Cybersecurity Requirements for Financial Services Companies, a regulation designed to tighten cybersecurity practices across a wide selection of companies. Five other states are also set to introduce similar regulations including Hawaii, Illinois, New Mexico, Texas, and North Dakota. Announcements from those states are expected over the next couple of weeks. 23 NYCRR Part 500 covers anyone “operating under or required to operate under a license, registration, charter, certificate, permit, accreditation…
As of April 15, the Chinese cyber community had begun to investigate the most recent release of malware from the Shadow Brokers group. Security researchers and cyber actors reversed several of the tools and were particularly interested in the exploit framework (named FUZZBUNCH), the SMB malware (ETERNALBLUE), and the privilege escalation tool (ETERNALROMANCE). Chinese-speaking actors additionally focused on the unique malware trigger point and some claimed that the patches for CVE-2017-0143 through -0148 were insufficient because they did not address the base code weaknesses. Mentions of one of the tools, ETERNALBLUE, on the Chinese language web over time. Mentions of…
The online world is ablaze with a discussion about whether having anti-virus software on a computer could actually pose a greater risk than the malware it is intended to safeguard against. It was Robert O’Callahan, formerly head developer at Mozilla, who got the ball rolling. He advised computer users to disable all virus scanners from their computers and not to purchase any new security software. O’Callahan only allows Microsoft’s free “basic protection” Windows Defender (because apparently Microsoft developers are clearly more competent in all security matters than all other AV producers. And the argumentation is especially interesting. For the former…
An estimated 600,000 users have mistakenly downloaded malware from Google Play, the official app store for Android devices. The malware attempts to build a botnet which delivers fraudulent mobile adware and earns money for the cybercriminals who created it. IT security experts from Positive Technologies, ESET, Avast and Tenable Network Security commented below. Alex Mathews, Lead Security Evangelist at Positive Technologies: “This story shows that even official markets can be source of malware sometimes. However, it is up to users to protect themselves from malicious apps. There are not that many techniques used by malware apps to attack users, and most…
Forcepoint Security Labs has identified a new variant of the Geodo/Emotet banking malware which has been targeting people in the UK. The campaign recorded appeared to peak on 18 April 2017 and primarily targeted email addresses associated with the .UK domain. The subject line of the emails sent varied slightly but the content took the form of fake billing notification emails, using an abnormally high billing amount to drive customers to click the link. Similar to previously recorded Geodo campaigns, these emails were formatted using images hosted by legitimate operator websites. Carl Leonard, Principal Security Analyst at Forcepoint commented below. Carl…
HipChat, Atlassian’s workplace chat platform, was hacked over the weekend. The hackers leveraged a vulnerability in a third-party library that HipChat uses to get in to see messages and content rooms. Michael Patterson, CEO at Plixer International commented below. Michael Patterson, CEO at Plixer International: “The security status of ChatOps tools like HipChat is serious business. ChatOps tools are used to support a DevOps and collaboration culture, meaning that teams of people as well as technology systems are dynamically connected and critical business processes can be automated. When a ChatOps tool becomes compromised, there is a high likelihood that the…
