…but more companies say they are better prepared to deal with a breach or incident Over 80% of security professionals identify ‘people’ as the industry’s biggest challenge compared to technology and processes, according to the results of the second annual survey from The Institute of Information Security Professionals (IISP). Thesurvey also indicates that while 60% of respondents still feel that investment is not keeping pace with threat levels, there was amodest 5% increase in businesses that feel better placed to deal with a breach or incident if it happens. In real terms, spending doesappear to be on the rise with 70% of companies seeing an increase in budget, up from 67% and only 7% reporting a reduction, which is down from 12% last year. While people have long…
ISBuzz Team
Unit 42, Palo Alto Networks’ research arm, have discovered a previously unknown remote access Trojan (RAT) that has been active for over two years. This campaign is extremely limited with only 27 samples total identified over a two-year period. The research shows that the majority of the lures are financial-related, describing various fake customer lists for various organisations. Based on the similarities witnessed in some, it appears that the attackers use a template, where they simply swap specific cells with the pertinent images or information. The malware is delivered via an innovative and unique technique: a downloader, which Unit 42 have…
IT Pros Say Firewalls Remain a Core Security Component and Third-Party Security Management of Multi-Vendor Environments Is Indispensable OVERLAND PARK, KANSAS & DALLAS, TEXAS. FireMon, the leader in Intelligent Security Management, today announced results from a survey conducted at the RSA Conference that assessed the views of 350 IT security professionals on the importance of firewalls in the battle to prevent data breaches. The poll found that 72% of respondents agreed that no matter how much money is spent on IT security, it is wasted if the firewalls are not configured properly. A further 52% had experienced a firewall configuration change that…
Our increasing appetite and demand for applications is leading to users’ precious data becoming ever more vulnerable. In fact, we often make online choices that seem worth the risk, yet we aren’t recognising that those choices put us in danger. For example, the lack of awareness around the risks of app usage, poor maintenance of these apps and low understanding of cyber-attacks, is leaving users’ devices open to digital clutter and their precious data vulnerable to security threats. Apps offer consumers entertainment, communication and convenience however they are also putting user data and devices at risk due to their everyday…
Following the news that 1,200 IHG hotels suffered a malware attack on their cash registers between September and December 2016, with the likely loss of an undisclosed number of guests’ personal and financial details, Pete Turner, Consumer Security Expert at Avast commented below. Pete Turner, Consumer Security Expert at Avast: “Customers of IHG’s hotels which were affected by the 2016 malware attack which gathered the financial details of hotel guests from the hotel cash registers over a period of four months should be vigilant in checking their bank accounts for any suspicious transactions if they stayed in one of the…
The cyber threat has never been greater, with high profile DDoS attacks putting the issue high on the agenda for both businesses and governments. Only at the end of last year an attack which was reported to be the largest of its kind, brought down most of the internet across the UK and America. The growth of such incidents stems from the simple fact that more ‘things’ are now connected to the internet than ever before. The continuing spate of attacks have therefore shone a bright spotlight on IoT security – highlighting it to be both weak and ineffective. It’s an issue which…
We’ve all heard the phrase ‘Have you tried turning it off and on again?” made famous by hit TV comedy The IT Crowd, but with the majority of office work now carried out on personal computers, IT outages can be no laughing matter for businesses experiencing problems. Whether it is ongoing or intermittent, it is estimated that IT downtime costs UK businesses in excess of £12 billion per year.1 Whilst it’s true many IT niggles and nuances can be dealt with in the flick of a switch, with the advances in technology and ever increasing reliance on IT systems, having…
Following the news that the NSA’s Equation Group hacking tools, leaked last Friday by the Shadow Brokers, have now been used to infect thousands of Windows machines worldwide, Cris Thomas, Strategist at Tenable Network Security commented below. Cris Thomas, Strategist at Tenable Network Security: “It should come as no surprise that once an exploit his been publicised that it will be used by adversaries. The fact that these exploits are part of the recent Shadow Brokers release is no different, so it would be a mistake to attribute this usage solely to “Script Kiddies”. Organized online criminals, hacktivists, corporate espionage and even nation states will all have…
Following the news about an IoT malware that plays cat and mouse with Mirai. It was dubbed “Hajime” and from the start it seems to have had it in for the infamous Mirai Internet of Things (IoT) botnet used to launch last October’s Terabit DDoS attack on DNS provider Dyn. Giovanni Vigna, CTO at Lastline commented below. Giovanni Vigna, CTO at Lastline: “The particular nature of IoT botnets is that their infection pattern is more similar to a worm, in which vulnerable devices are first identified through scanning and then compromised. This is different from traditional botnets that usually rely on drive-by attacks or other user-centric techniques in order…
Researchers have identified a computer worm dubbed Hajime that “infects” an IoT device and blocks Mirai malware. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS commented below. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS: “The fact that IoT devices are susceptible to the likes of Mirai and now Hajime is worrisome enough. Regardless of its intent, IoT devices infected with Hajime could be weaponized at some point; since the IoT devices are under someone’s control. Whoever controls the communication infrastructure these IoT bots receive commands from, pretty much owns the keys to this kingdom.”
