3rd Internet of the Things Expo (ioTx) to highlight concerns in securing smart and connected cities Hyperloop Transportation Technologies to give visitors a sneak preview of high-speed, tube-based transportation system Dubai, UAE – As global cities become smarter and more connected, the Internet of Things (IoT) is poised to play a transformative role in enhancing living standards and improving services for the general public. The challenge for governments, councils and urban planners will be ensuring the security of smart cities while also delivering heightened services which protect the functionality of connected communities, their residents and the service providers operating with them.…
ISBuzz Team
Trend Micro regarding the Cozy Bear hacking group targeting French presidential candidate Emmanuel Macron, Brian Vecci, Technical Evangelist at Varonis commented below. Brian Vecci, Technical Evangelist at Varonis: “In January, the U.S. Department of Intelligence predicted that Moscow would apply lessons learned from its attacks on the U.S. presidential elections to influence future elections worldwide. Just a few months later and we’re once again talking about Russia, phishing and a political candidate in the same sentence. As we saw with the DNC and Hillary Clinton campaign examples, leaked emails can have a disrupting effect on campaigns and embarrass the candidate…
Ransomware likely to continue exponential growth unless governments act, says F-Secure Labs Government reluctance to shut down the virtual currency Bitcoin has made the rapid growth of cyber-extortion possible, but that could change if the United States or China shifts law enforcement priorities. Buckinghamshire, UK- The availability of Bitcoin, the open-source virtual currency, has made crypto-ransomware’s business model viable and profitable, feeding an online crime wave that has seen new extortion-enabling malware families at least double each year since 2012. Unless governments disregard previous concerns about shutting down the anonymous funding source, F-Secure Labs warns, this exponential growth is likely…
Atlassian’s group chat service for businesses and teams HipChat has reset all its users’ passwords after detecting a “security incident” over the weekend. IT security experts from Positive Technologies, AlienVault, ESET and Tripwire commented below. Alex Mathews, Lead Security Evangelist at Positive Technologies: “There is a growing trend in the use of collaboration tools like HipChat, which means lots of very sensitive company information is now reliant on the security of outsourced providers. Teams use them for everything from product development to business strategy, with absolute trust in the platform’s security. “The problem is, if there is a vulnerability the scope for illicit collection of…
Titania given the Royal seal of approval for cyber intelligence innovation Titania has been awarded a Queen’s Award for Enterprise in Innovation, the highest official award that can be bestowed on a UK business Company founded by a bedroom entrepreneur working in ethical hacking and cyber defence Showcases opportunities for export for UK SMEs with 90% overseas trade Uniquely intelligent technology automates the detailed cyber vulnerability assessment of top industry consultants Worcester: Titania has been announced as a 2017 recipient of the Queen’s Award for Innovation. This is the highest official award that can be given to a UK business and…
Users of SAP NetWeaver 7.31 advised to install security updates Positive Technologies has today confirmed it has detected vulnerabilities in SAP Enterprise Portal Navigation, SAP NetWeaver Log Viewer and SAP Enterprise Portal Theme Editor, which are the components of the SAP NetWeaver platform. By exploiting these security flaws, attackers can intercept login credentials, register keystrokes, spoof data or perform other illegal activities that could potentially lead to a system compromise. Four Cross-Site Scripting (XSS) vulnerabilities were detected in the following SAP Enterprise Portal components: SAP Enterprise Portal Navigation (CVSSv3 score 6.1) and SAP Enterprise Portal Theme Editor (three flaws with…
Vulnerabilities found in Bosch Drivelog Connect car dongles allow an attacker to bypass authentication on the device and issue commands to cars, stopping their engines. Kyle Wilhoit, Senior Security Researcher at DomainTools commented below. Kyle Wilhoit, Senior Security Researcher at DomainTools: “Vehicular cybersecurity should be treated by manufacturers like that of critical SCADA environments, in my opinion. I say this because of the potential to cause harm should the environment (namely navigation, braking, and other critical systems) become compromised. Cars are becoming more virtual every day. From anti-lock braking systems to navigation control, the reliance on complex computing across a vehicle is…
Following the news that the instant messaging application, SKYPE, has been affected by a vulnerability called SPYKE. SPYKE is an attack that affects any SKYPE installation as long as the attacker has local access to the login screen of a running SKYPE instance. The vulnerability primarily affects Windows OS clients but users of other OS’s might be vulnerable. IT security experts from Comparitech, ESET, AlienVault and AlertLogic commented below. Lee Munson, Security Researcher at Comparitech: “The ‘SPYKE’ attack is only effective in limited circumstances so most people should not be overly concerned about it. The fact that an attacker needs local access…
Power outages in San Francisco, Los Angeles and New York City last week gave both officials and residents a taste of what it would be like if the power grid was interrupted. While none of them were due to cybersecurity attacks, the experience left many concerned. Indeed, such attacks could easily be done anywhere in the world, including the UK. The U.S. Department of Energy already issued a report earlier this year that warned of immediate danger from cyber-attacks to the power grid. Edgard Capdevielle, CEO at Nozomi Networks commented below. Edgard Capdevielle, CEO at Nozomi Networks: “Outages, such as those experienced last…
Last December we found out about a new vulnerability in Netgear routers. This is yet another occurrence in a long list of mishaps that can allow attackers to take over networking and security equipment and as a result gain a foothold in our networks and compromise business or personal information. Vulnerabilities have always been part of the technology industry’s landscape. A vulnerability is a bug, and no one has found a way to create software without bugs. Vendors can tighten up their secure software development cycles to minimize occurrences, and customers need to stay current with software releases of the…
