The decision to move to the cloud may seem an obvious one. It’s faster, more scalable, and more agile. However, security remains a concern, and rightly so. The foundational infrastructure delivered by cloud providers is secure, but guaranteeing the protection of the applications, workloads, and data you run on top of it is your responsibility—and it isn’t one to be taken lightly. A traditional on-premises security operations strategy simply won’t cut it anymore. In its place, you need a cloud-specific security strategy to protect your critical data from an ever-growing variety of advanced threats. Outline in this article are four…
ISBuzz Team
Wi-Fi has enabled the mass adoption, use and innovation of connected devices. We have come to expect ubiquitous Wi-Fi wherever we go: coffee shops, hotels and airports all offer public access Wi-Fi networks. Even the London Underground is meeting the connectivity demands of our ‘always connected’ society. Our modern, nomadic workforces rely on internet connectivity to operate remotely, however the majority of public Wi-Fi connections remain unencrypted and incapable of protecting user data. Anyone with malicious intent can use these unencrypted networks to access information ranging from confidential company data to financial transactions. Attacks are increasingly compromising email accounts, passwords…
ESET researchers have discovered over 80 malicious apps disguised as mods for Minecraft with nearly million installs on the official app store. It wasn’t so long ago that Minecraft was connected to a scareware campaign, and today, ESET researchers report another misuse of this popular app. As stated in the official analysis available on ESET’s news page Welivesecurity.com; players of this game have been exposed to 87 fake Minecraft mods on Google Play, pestering Android gamers with aggressive ads and scam activity. So far, up to 990,000 users have installed these fake mods. ESET researchers have divided malicious activity connected to fake mods for Minecraft…
Progress has been made, but relying on users to maintain data security remains an incorrect approach A recent survey has revealed that over 25 per cent of British people do not check on the security measures in an app before downloading it, despite the fact that almost 30 per cent believe hackers are likely to use shopping apps such as Amazon or eBay to target their devices. While this demonstrates an increased awareness of the risks attached to app usage, the fact that users still have not grasped the severity of the issues confirms that businesses cannot keep waiting for their users…
Twitter accounts of ABC News and Good Morning America were targeted by hackers this morning. Tweets filled with profanity and false news reports were posted to the ABC News account, while tweets claiming to be from “Russian hackers” who “love” President Donald Trump were appearing on Good Morning America’s page. IT security experts from NuData Security and Alert Logic commented below. Robert Capps, VP of Business Development at NuData Security: “If Twitter were a country, it would be the 12th largest in the world with over 100 million users logging in daily, and continually growing. The size of its membership, and its capacity as…
Following the news about the importance placed on vehicle safety in driverless cars by consumers off the back of Deloitte’s latest automotive survey, Jon Geater, CTO at Thales e-Security commented below. Jon Geater, Chief Technology Officer at Thales e-Security: “It’s no surprise that consumers have highlighted safety as the most important technology feature in driverless cars. As self-driving technology is increasingly pushed up the agenda for automakers, the industry as a whole must demonstrate a clear commitment to vehicle safety above all else. Consumers have every right to be concerned about the risks of hacking and the automotive industry must make this…
A zero-day attack called Double Agent can take over antivirus software on Windows machines and turn it into malware that encrypts files for ransom, exfiltrates data or formats the hard drives. Alex Mathews, lead security evangelist at Positive Technologies commented below. Alex Mathews, Lead Security Evangelist at Positive Technologies: “Many people do not consider antivirus tools to be a threat. However, as with any complicated programs, antiviruses are inherently vulnerable. Because antivirus processes are trusted and run in privileged mode with extensive access right, they have become an appealing target for attackers, as their exploitation can lead to system compromise. The swelling…
Spying Russians and criminals stealing identities have been news headlines for as long as I can remember, way before the Internet or cyber security existed. But what’s new here, as the details of the methodology behind the Yahoo breach starts to come out, is just how big a haul just four people were able to reel in. It was one of the largest breaches in US history, orchestrated by only a handful of people. Imagine how many people would have to have been employed to gather personal information about half a billion people using pre-internet methods. The issue here is…
Kaspersky Lab’s experts have studied the DDoS services available on the black market and determined just how far this illegal business has advanced, as well as the extent of its popularity and profitability. The worrying news is that arranging an attack costs as little as $7 an hour, while the targeted company can end up losing thousands, if not millions, of dollars. The level of service involved when arranging a DDoS attack on the black market is not very different from that of a legal business. The only difference is that there’s no direct contact between the provider and the…
A new proof-of-concept exploit known as DoubleAgent can not only hijack third-party Windows antivirus software, but use said software to deliver further attacks. While there’s no evidence that the exploit has made its way into the wild yet, most antivirus programs are still completely susceptible to it. Gavin Millard, EMEA Technical Director at Tenable Network Security commented below. Gavin Millard, EMEA Technical Director at Tenable Network Security: “Whilst the research and results of DoubleAgent are interesting, it should be noted that administrator privileges would most likely be required to successfully hijack the target executables. If an attacker has admin privileges on…
