A cyber attack on the website of travel trade organisation Abta may have affected around 43,000 individuals. The organisation said around 1,000 files which may include “personal identity information” of holidaymakers who had made complaints about Abta members could have been involved in the attack, which happened on February 27. IT security experts from Positive Technologies, OwlDetect, Nexsan, Cylance, Certes Networks, MWR InfoSecurity, Vectra Networks, Netskope, Zscale, Splunk, Micro Focus, Bitglass, Digital Guardian, Avast and SailPoint commented below. Alex Mathews, Lead Security Evangelist at Positive Technologies: “The type of attack on ABTA is unfortunately all too common, vulnerable web servers present a ripe…
ISBuzz Team
New vulnerability revealed in popular messaging services WhatsApp and Telegram allowed hackers to gain complete control over accounts, including chats, images, video and audio files, and contacts Embargoed to UK time. Check Point researchers today revealed a new vulnerability on WhatsApp & Telegram’s online platforms –WhatsApp Web & Telegram Web – two of the world’s most popular messaging services. By exploiting this vulnerability, attackers could completely take over user accounts, and access victims’ personal and group conversations, photos, videos and other shared files, contact lists, and more. “This new vulnerability put hundreds of millions of WhatsApp Web and Telegram Web users at risk of complete account take over,”…
News has broken that Wishbone, a popular social networking app that allows users to create and vote on simple two-choice quizzes, lost millions of users’ records, including more than 2 million email addresses and full names, and almost 300,000 mobile phone numbers. Unknown hackers found an unprotected database for the app Wishbone and stole its contents, which are now circulating on the internet’s undergrounds. IT security experts from Imperva, ESET and AlienVault commented below. Ajay Uggirala, Director at Imperva: “The ease of getting millions of stolen credentials, with the fact that users will always continue to reuse passwords simply because they are human, makes brute…
Following the announcement from Cifas that ID fraud has reached record levels, Robin Tombs, CEO at Yoti commented below. Robin Tombs, CEO at Yoti: “Identity theft has become a massive problem, and today’s announcement from Cifas shows just how serious this threat is. Consumers’ desire for convenience often trumps security concerns, allowing fraudsters to access other people’s personal information and make hay. In today’s digital world, individuals need both convenience AND security. “The key challenge all websites and identity providers are striving to solve is the easy and secure login challenge. Giving people a convenient yet secure way to access their online accounts…
Concerns are high over personal data safety as 83% fear financial data being hacked London, UK. F5 Networks (NASDAQ: FFIV) today released the results of a new study into the UK’s app centric society and consumer behaviours. As the abundance of apps in work and personal life dominates technology usage, the research reveals over a quarter of Brits (26%) do not check app security measures before downloading them, even though almost 30 per cent believe hackers are likely to use shopping apps like Amazon and eBay to target their devices. Across the UK, 2,000 consumers were surveyed, revealing that, regardless of rising fears…
There’s no honour among thieves, as a group of attackers has hijacked the Petya ransomware and use it in targeted attacks against companies without the program creators’ knowledge. A computer Trojan dubbed PetrWrap, being used in attacks against enterprise networks, installs Petya on computers and then patches it on the fly to suit its needs, according to security researchers from antivirus vendor Kaspersky Lab. Matt Kingswood, UK Head of Managed Service Provider at IT Specialists commented below. Matt Kingswood, UK Head of Managed Service Provider at IT Specialists: “The news story on the new variant of the Petya ransomware – dubbed PetrWrap – exposes just how complex…
If you are concerned about data security, this means confronting a threat landscape that requires vigilance and defence against a wide range of attacks. One of the prime targets for attack continues to be sensitive data that is stored in backend database storage. From simple discovery of unsecured databases, through classic SQL injection techniques, to compromised infrastructure that allows wholesale copying of database content, attacks focus on data assets with increasing precision. Acra from Cossack Labs offers a range of novel and well established techniques designed to protect sensitive data stored in backend database systems. Acra provides these as a…
Fraud follows the channels of adoption, but as we get more connected, the easier it will become to prove we are who we say we are, claims digital identity expert This week the National Crime Agency and National Cyber Security Centre reported that a particular kind of security breach, ransomware, has grown significantly over the past year, with the popularity of internet-connected gadgets increasing the risk of attacks for consumers. Keiron Dalton, a digital identity expert from Aspect Software, suggests that the so-called Internet of Things has had a major impact on trust and security, and will continue to do so as more…
In a new ICIT report called How to Crush the Health Sector’s Ransomware Pandemic, the authors suggest putting machine learning throughout the layers of health organisations’ IoT microcosm, allowing what they call a “virtually, omnipresent, algorithmic defense”. IT security experts from ESET, AlienVault and FireMon commented below. Mark James, IT Security Specialist at ESET: “Combating or limiting ransomware in any way shape or form gets the thumbs up from me. Any way it’s delivered, either through traditional methods or emerging techniques when it comes to stopping one of our most damaging and brutal forms of malware we see today we have to do…
Erik Larsson, Vice President of Marketing at the Qosmos division of Enea, interviews Nicolas Bouthors, Chief Technical Officer, about the key role of Deep Packet Inspection (DPI) to strengthen cybersecurity solutions with application-level traffic visibility and detailed metadata. Erik Larsson, VP Marketing, Qosmos division of Enea (EL): There is a lot of talk about Deep Packet Inspection in the cybersecurity market, what is it all about? Nicolas Bouthors (NB): Many developers of security products need to understand network traffic in detail. The typical example is an NG firewall, which must have built-in real-time traffic visibility to do its job of…
