According to a blog post from IT security company Palo Alto Networks, a new variant of the IoT/Linux botnet Tsunami, which it calls Amnesia, targets an unpatched remote code execution vulnerability that was publicly disclosed over a year ago in DVR devices manufactured by TVT Digital and branded by over 70 vendors worldwide. This vulnerability affects approximately 227,000 devices around the world with Taiwan, the US, Israel, Turkey, and India being the most exposed. IT security experts from Cylance and Positive Technologies comment below. Jim Walter, Senior Researcher at Cylance: “While the entry vector differs in this attack (HTTP vs. Telnet ) the running theme…
ISBuzz Team
Remember the board game Mouse Trap? The objective of the game was for the mouse to capture the board, while other players defended the board by trying to manoeuvre the mouse onto trap space to prevent it from securing a win. Well, let us think of cyber criminals like the board game mouse. Most are attacking organisations for commercial gain. The easier the course laid out before them, the quicker they’ll advance, securing a bigger win. Make something tough and it’ll take so much time and effort to break down, that it will no longer be financially viable. Unlike the…
Following the news that hackers are targeting third-party sellers on Amazon.com, Andy Heather, Vice President and General Manager, EMEA at Centrify commented below. Andy Heather, Vice President and General Manager, EMEA at Centrify: “The news that hackers are targeting third-party sellers on Amazon.com, and using stolen credentials to post fake deals is no real surprise. Compromised credentials are often the root cause of many major breaches, as hackers target networks through trusted third-party suppliers and contractors who likely have less rigorous security than the ultimate target. Proper security procedures and due diligence should be applied right across the supply chain, and not remain entirely with Amazon. This certainly won’t be the last time we see third parties…
Following the news that hackers activated emergency sirens in Dallas over the weekend, Chris Pogue, CISO at Nuix commented below. Chris Pogue, CISO at Nuix: “As technology is increasingly integrated into the manner in which our society operates, the potential of cyber attacks that have a kinetic impact also increases. We have recently seen the Austrian Hotel, Romantik Seehotel Jaegerwirt, lose the ability to generate new key cards, the remote access and control of a Jeep Cherokee, and CCTV cameras disabledprior to the inauguration of President Trump. The latest iteration of these types of attacks occurred last week, when attackers turned on emergency sirens in…
Rapid7 Insight platform is the first cloud-based platform to combine vulnerability management, user behaviour analytics-powered SIEM, IT log analytics, and application security data Evolved platform centralizes operational and security data from the network, endpoints, and the cloud to unify data, accelerate analysis, and reduce cost of ownership Rapid7 introduces two new solutions, on its platform: InsightVM, for live vulnerability and endpoint analytics, and InsightAppSec, for live web application security testing London, UK. Rapid7, Inc. (NASDAQ: RPD), a leading provider of analytics solutions for security and IT operations, today announced the evolution of the Rapid7 Insight platform with the availability of two new solutions: InsightVM, for vulnerability…
This year alone, we have seen a hacker take control of a hotel’s key card system, locking guests in their room until a ransom was paid[1]; 2.5 million PlayStation and Xbox user credentials exposed[2] and Aberdeen city council’s website overrun with hackers — and those are just the ones who have admitted to it. It’s no wonder the occurrence of data breaches has hit a record high, with a recorded 40 percent increase in the past year[3]. This begs the questions: Is data protection and cybersecurity is really being prioritised? And, how do we put a stop to this madness? So…
The “Shadow Brokers” hacker group has released malware allegedly created by the US National Security Agency (NSA). The group, which earlier tried to sell the encrypted cache of hacking tools in an online auction, released a password for it via a blog on 8 April. Cris Thomas (aka Space Rogue), Strategist at Tenable Network Security commented below. Cris Thomas (aka Space Rogue), Strategist at Tenable Network Security: “It’s important to note that this is not a new leak, breach or hack. This information was previously released by the Shadow Brokers as an encrypted data dump, and the group has resurfaced again after…
Following the news that hackers are targeting Amazon third-party sellers, using stolen credentials to post fake deals and steal cash, Kevin Cunningham, President & Co-Founder at SailPoint commented below. Kevin Cunningham, President & Co-Founder at SailPoint: “The Amazon hack is an example of how identity has become the new attack vector, and hackers are all over that fact – taking stolen credentials from one breach and using them to access another web site all because a person chose to reuse a password across multiple sites. This illustrates an interesting ‘chaining’ or ‘domino effect’ that data breaches can have across multiple organisations. “To avoid needless…
San Antonio, TX. Digital Defense, Inc., a leading provider of Vulnerability Management as a Service (VMaaS™), disclosed the discovery of four zero-day security vulnerabilities found in the Riverbed Technology SteelCentral Portal version 1.3.1 and 1.4.0. The vulnerabilities are critical in nature due to the ability of a cybercriminal to exploit these issues to gain access to the performance monitoring platform and retrieve confidential data. Riverbed has collaborated closely with Digital Defense and addressed these vulnerabilities. About the Vulnerabilities Digital Defense Vulnerability Research Team (VRT) detected the previously unknown vulnerabilities while developing new audit modules for its patented vulnerability scanning technology. Two…
The FDA is concerned about medical device vulnerability as per this article, Ilia Kolochenko, CEO of web security company about security and healthcare commented below. Ilia Kolochenko, CEO & Founder, ImmuniWeb Chief Architect at High-Tech Bridge: “I think we should distinguish three different hacking activities. The first problem is ransomware, which usually does not target hospitals or insurance firms in particular, however targeted attacks against healthcare institutions may increase in the near future as the victims usually have no other choice but to pay without a delay. The second problem is theft of personal medical records (both PHI and PII)…
