In a recent press statement, The Russian banking giant Alfa announced that hackers targeted its cyber infrastructure in a large-scale DNS Botnet attack to make it seem as though the bank had been communicating with the Trump Organization. The bank is now asking U.S. to assist it to find who was behind the attacks. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS commented below. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS: “It’s no secret that the Department of Homeland Security in the U.S. is spearheading efforts to counter DDoS attacks. One of their initiatives encourages worldwide implementation of Internet Best Current…
ISBuzz Team
A recent discovery has found that NEST CCTV cameras can be wirelessly hacked to crash and stop recording footage via bluetooth making them and the houses they protect perfect targets for criminals. Cesare Garlati, Chief Security Strategist at prpl Foundation commented below. Cesare Garlati, Chief Security Strategist at prpl Foundation: “This is yet another case where security by separation at the hardware layer of the device would keep malicious actors from configuring the cameras for their own gain. Without it, lateral movement inside the device is possible because there is no trust established within the device to distinguish which elements have the trusted…
Following the news that the mobile phone company, Three has experienced a fresh data breach with some customers being able to access stranger’s accounts, IT security experts from Zscaler, OwlDetect, CipherCloud, RES and ZoneFox commented below. Chris Hodson, EMEA CISO at Zscaler: “Just four months on, it’s concerning that users are seeing their personal data up for grabs again. Last time we were reassured that improved controls had been put in place, but what were these and how could this risk recur? “Additional worries lie on how Three Mobile is addressing the issue. Reassuring customers that no financial details were exposed is…
On Saturday, it was announced that the G20 would be joining forces in a collaborative effort to fight onlinke banking fraud. This represents one of the biggest coordinated efforts yet to fight back against hacking in the banking industry, and follows on from last year’s $81 million heist of the Bangladesh Central Bank’s accounts. Robert Capps, Vice-President of business development at NuData Security commented below. Robert Capps, Vice-President of Business Development at NuData Security: “We’re cautiously optimistic about the news that the G20 finance chiefs have agreed to work together to fight cyber attacks on financial systems. There have been several announcements of collaborative ventures recently…
US Secret Service laptop with Trump Tower floor plans and other sensitive material has been stolen from an agent’s vehicle in New York. Nigel Tozer, Solutions Marketing Director EMEA at Commvault commented below. Nigel Tozer, Solutions Marketing Director EMEA at Commvault: “In the data economy that we’re increasingly a part of, this sort of thing is likely to happen more often, and the number of people with the skills necessary to gain access to ordinary laptops is rising dramatically. While a normal business clearly can’t take the steps that presidential staff can, having a backup with location and remote wipe functionality is…
Following the news that the Devon and Cornwall Police is launching its first 24-hour drone unit, Colin Bull, Principle Consultant at Software Quality Specialist, SQS, commented below how, unless the force takes precautionary measures, just how easy it would be for hackers and cyber criminals to potentially hack these drones and use them as dangerous weapons. Colin Bull, Principal Consultant at SQS: “The announcement that the Devon and Cornwall Police force is launching its first 24-hour drone unit highlights the extent to which drones are being utilised in 2017. It is vital the police ensure their drones don’t fall into the wrong hands, as…
300+ Cisco switches have been affected by a critical bug that has been found in Vault 7 data dump. While combing through WikiLeaks’ Vault 7 data dump, Cisco has unearthed a critical vulnerability affecting 300+ of its switches and one gateway that could be exploited to take over the devices. Paul Calatayud, Chief Technology Officer at FireMon commented below. Paul Calatayud, Chief Technology Officer at FireMon: “It is always a good thing when a security vendor takes a proactive approach in discovering and announcing that there is a new exploit. Cisco did the right thing here. Even better, there is a simple…
According to a recent report by PhishMe, 91% of cyber attacks begin with a phishing email. The attack method remains one of the most successful available to hackers as it exploits the inherent weakness of individual users. Since the advent of networked computers, human error has almost always been at the heart of failings in cyber security, and despite increasing attempts to improve user awareness and security training, individuals continue to fall foul. With the average security breach still taking close to 150 days to detect, businesses can no longer afford to leave their security in the hands of an…
ESET Ireland continues its regular reporting on most common scams targeting Irish email addresses. In recent days: fake Facebook, Eir and Bank of Ireland emails. Knowing about threats is the best way to avoid them. This is why ESET Ireland keeps warning Irish computer users of current email scams, targeting Irish mailboxes. Bank of Ireland customers continue to be a popular target of the scammers. Last week we’ve seen two varieties. The first said: “Your 365 Online personal banking details (e.g. User ID, PIN and/or other login details) was entered incorrectly more than 3 times. For the protection of your…
Late last week in a formal press statement, Alfa Bank, a privately owned Russian bank, disclosed that it was subjected to three recent cyberattack attempts on its servers made to appear that it was communicating with the Trump Organization. According to Alfa Bank, “In the attacks, multiple domain name server DNS requests were made by unidentified individuals, mostly using U.S. server providers, to a Trump Organization server. The DNS requests were made to appear as if they originated from Alfa Bank. The DNS responses from the Trump server were then erroneously returned to Alfa Bank, activating Alfa Bank’s automated security systems on February 18 and again on March 11 and 13.” Alfa Bank’s believes these…
