On Sunday 12 Feb, security firm Symantec released an analysis of a new wave of attacks that has been underway since at least October 2016 and came to light when a bank in Poland discovered previously unknown malware running on a number of its computers. The bank then shared indicators of compromise (IOCs) with other institutions and a number of other institutions confirmed that they too had been compromised. These watering hole attacks attempted to infect more than 100 organizations in 31 different countries. Symantec has blocked attempts to infect customers in Poland, Mexico and Uruguay by the same exploit kit that infected the…
ISBuzz Team
Thousands of teenagers are to be given lessons in cyber security in the hope they will boost Britain’s defences against hackers and terrorists. The Cyber Schools Programme aims to train 5,700 teenagers aged between 14 and 18 over the next five years to develop some of the key skills they would need to work in cyber security. IT security experts from AlienVault and ESET commented below. Javvad Malik, Security Advocate at AlienVault: “It’s difficult to say whether or not such a drive will greatly impact the skills shortage. The reasons being that the skills shortage today, won’t be the same in 5 years and the needs…
Professor Avishai Wool, CTO and co-founder of AlgoSec, explains how external connections to partner networks should be managed to maximize security and efficiency These days, no organization is an island: it needs network connectivity with a range of external parties, including suppliers, business partners, credit card processing companies, market data feed providers, and more. Managing these connections to and from your internal network servers is not only critical to your business; it also impacts on your information security and compliance posture. Unlike limited, transient connections such as customer access to web portals or VPN access for field teams, permanent connections allow external…
Close to 40 Percent of Cloud Services Are Commissioned Without the Involvement of IT, Leading to More Security Risk for Companies NEWS HIGHLIGHTS Trust now outnumbers distrust for public clouds by more than 2-to-1. 49 percent of professionals slowed cloud adoption due to a lack of cybersecurity skills. 65 percent think Shadow IT is interfering with keeping the cloud safe and secure. 52 percent indicate a malware infection can be tracked to a cloud application. 62 percent store sensitive customer information in the public cloud. RSA SECURITY CONFERENCE, London. Intel Security today announced its second annual cloud security report, “Building Trust…
Report lists most popular enterprise apps and includes adoption rates for Apple VPP and DEP SAN FRANCISCO and MOUNTAIN VIEW, Calif. The use of mobile apps for business is heating up with nearly 80% of companies using more than 10 apps for business, according to the third edition of the Mobile Security and Risk Review. This bi-annual report, released today by MobileIron (NASDAQ:MOBL) at the 2017 RSA conference taking place in San Francisco February 13-17, provides IT security leaders with timely information about the state of enterprise mobile apps, the mobile threat landscape, and the emerging risks facing their organisations. “MobileIron…
Reports of a fire at a French nuclear power plant last week. While there was no nuclear risk, the blaze is described as a ‘significant technical event.’Moreno Carullo, co-founder and Chief Technical Officer at Nozomi Networks commented below. Moreno Carullo, Co-Founder and Chief Technical Officer at Nozomi Networks: “The challenge with critical infrastructure, such as the French EDF Flamanville plant, is that the machinery is dated. Pausing systems frequently to check for signs of damage or weakness is simply not possible so often an annual audit is all that’s conducted. To try and bridge the gap, visibility of what is happening…
Largest ever survey of over 19,000 cybersecurity workers highlights major UK skills deficit caused by continuing failure to recruit millennials 20% increase in forecasted skills gap from two years ago; warns of looming ‘skills cliff edge’ as older generation goes into retirement 2015 Global Information Security Workforce Study forecasted a 1.5 million shortfall of cybersecurity workers by 2020 66% of UK companies have too few cybersecurity personnel; yet only 12% of UK cybersecurity workforce is under 35 SMEs are hit particularly hard as just 23% of UK cyber professionals work for companies with fewer than 500 employees London. The largest ever…
Following the news about the Phillip Hammond’s warning in The Telegraph over the weekend, which hacks could bring down national infrastructure, IT security experts from Nozomi Networks and Thales e-Security commented below. Edgard Capdevielle, President and CEO at Nozomi Networks: “Philip Hammond is right in his observation that the risks of escalating cyberattacks extend far beyond the Internet of Things (IoT) from ‘hacked kettles and fridges to cars.’ It’s the really big ‘things’ like power plants, transportation systems, water, and other infrastructure that are worth special protective measures, from both industry and governments, whether the threat comes from foreign governments, terrorists, hacktivists, or well-organised…
Over the weekend, NBC News reported that an online data breach at PIP Printing, caused by a 3rd-party IT vendor, leaked thousands of sensitive documents, ranging from labor filings including NFL players, to lawsuits against Hollywood studios, to personal immigration-related papers. Jeff Hill, Director of Product Management, at 3rd party risk management leader Prevalent (Warren, NJ) commented below. Jeff Hill, Director of Product Management at Prevalent: “The PIP episode highlights the multi-dimensional nature of today’s cyber threat environment. First, not only did it involve a 3rd party (PIP), but in reality, the vulnerability was attributable to a 4th party (the IT company responsible…
With Mardi Gras just weeks away, securing the city of New Orleans will be the main focus for law enforcement. Every available officer from the city police force, as well scores of state troopers and sheriff’s deputies, is likely to be on hand to keep the festivities secure and under control. And yet crime will still happen, despite having the city in virtual lock down. Healthcare organizations faces the same challenges when trying to secure patient privacy. Simply adding “more” security doesn’t mean data is any safer. Why? Because security is all about strategy – and “more” doesn’t equal “better.”…
