Local authorities face the challenging task of managing ever-growing volumes of records, covering anything from council taxes to confidential information about local schools. Furthermore, they must manage this data securely while dealing with the pressures of cutting costs and improving the overall efficiency of the services they provide to the public. If the protection of this information is not prioritised and is somehow compromised, severe financial penalties and reputational damage will soon follow. In the UK, the 1998 Data Protection Act requires controllers of personal data to take appropriate measures to prevent data being “accidentally or deliberately compromised”. Some of these measures include…
ISBuzz Team
An Open Letter to President-Elect Trump from the Internet Security Community. Dear President-Elect Trump, You’ve campaigned to “Make America Great Again”. We believe, as does most of our citizenry, that America’s security underpins everything we do and our greatness cannot endure unless we are secure. But we are not secure, as highlighted by recent attacks on the Democratic National Committee (DNC), the Joint Chiefs of Staff, the Democratic Congressional Campaign Committee (DCCC), and nearly all Democrats in the House of Representatives. There is ample evidence that these attacks originated in Russia through the Russian service provider Yandex. The phishing attack…
What is a faketivist? Faketivist /fāktəvəst/ Noun A fictitious persona created to emulate a hacktivist and act as a public-facing mouthpiece to provide plausible deniability for and/or leak the information gleaned from advanced persistent threat (APT) operations. One of the more surprising stories of 2016 was the Russian effort to shape the outcome of the U.S. presidential election. What surprised us most at ThreatConnect was not Russian APTs breaching the Democratic National Committee, but the efforts to “weaponise” that information through a campaign of strategic leaks. This stands in contrast to some of the biggest 2015 breach headlines like the…
Following the launch of Nintendo’s Super Mario Run game, Aaron Lint, VP of Research at Arxan Technologies, commented below on the security issues surrounding the app and its use of online DRM (digital rights management), alongside advice on the most effective way to secure mobile gaming applications. Aaron Lint, VP of Research at Arxan Technologies: “As Nintendo’s second foray into mobile gaming with one of their lead franchises, Super Mario Run is immediately going to be a prime target for attackers trying to exploit its code – especially with the number of users which will be downloading this game. “Just…
Technology advancements have helped us improve our security and safety – think security cameras. It has helped us increase our productivity – think smartphones. However, at times we technology also presents to us some potential threats that we need to deal with. For instance, in offices as well as households, we have wireless networks connecting all major electronic devices. This can potentially bring about a security concern – as hackers can aim to attack your system or network and steal your confidential information. How Severe Is The Threat? According to a report by Javelin Strategy and Research, the cost of…
Robbers stole the equivalent of £28,000 – but it could have been far worse London (UK). Following an extensive investigation, cyber security company Positive Technologies has today revealed how hackers were able to steal the equivalent of £28,000, overnight, from six ATMs of an Eastern European bank. Its findings confirm that the theft could have been far worse as the technique used in the scam fortunately ‘clashed’ with the financial institutions existing NCR ATM software, preventing the attackers from withdrawing further funds. It also warns that it’s likely that this group will soon become active in the West. “Attacks against ATMs…
1. 2017 is the year that SPF, DKIM, and DMARC will be table stakes for email communication. After a tumultuous election season with a lot of attention on email, 2017 will be the year that people come to accept that we have a long road ahead of us to make email a more confidential method of communication. End-to-end encryption for email has been around for years, but a path to its widespread use is unclear to many. Companies rely on the information they get from their customers on their engagement, and people want versatility in their email management, that isn’t…
Herndon, VA. Global technology company Nuix today released the findings from its third annual survey of corporate information security practitioners who almost universally agreed that human behavior was their largest security threat. While businesses were investing to develop broad and mature cybersecurity capabilities, many survey respondents were uncertain about the most effective technologies and capabilities to focus on. “Cybersecurity no longer has an air of mystery about it for executives and directors but human behavior and technological uncertainty remain prominent barriers to corporate confidence,” said Ari Kaplan, the report’s author. The research surveyed respondents’ current and planned spending across all…
Evolving threat landscape reveals a growing need for security intelligence In 2016, the world’s biggest cyber-threats were related to money, information and a desire to disrupt. They included the underground trade of tens of thousands of compromised server credentials, hijacked ATM systems, ransomware and mobile banking malware – as well as targeted cyber-espionage attacks and the hacking and dumping of sensitive data. These trends, their impact and the supporting data are covered in the annual Kaspersky Security Bulletin Review and Statistics reports, published today. In 2016, Kaspersky Lab research also discovered the extent to which companies struggle to quickly spot a security incident: 28.7…
Following the news about the Post Office broadband cyber-attack, Pavel Šrámek, Malware Analyst at Avast commented below. Pavel Šrámek, Malware Analyst at Avast: “Many Post Office customers have now experienced what a problem an insecure router can be, first-hand. However, it is safe to say that this might be just the beginning of what could happen in the future. The next step for attackers could be to hack into other home devices once they gain access to the router, like web cams, smart TVs, or thermostats. We as digital security company are collaborating with router manufacturers to find solutions that…