Newly reported ‘Linux/IRCTelnet’ malware? allows hackers to transform vulnerable IoT devices into slaves for DDos attacks. (Researchers this week posted an analysis on the Malware must die blog). Mike Pittenger, Vice President of Security Strategy at Black Duck Software commented below. Mike Pittenger, Vice President of Security Strategy at Black Duck Software: “The issue is not a vulnerability (per se) in these devices, but an architectural flaw in that they don’t require the default password to be changed, and passwords can be bypassed using Telnet. As I recently blogged (“Warning to The Internet of Things – Send Lawyers, Gun & Money”) Unsecure IoT devices are putting the…
ISBuzz Team
UK Leads Europe in Mobile Nuisance Calls More than half (53%) of adults in Britain regularly receive fraudulent or scam calls on their mobiles, according to online YouGov research from call-blocking and caller ID Company, Hiya (www.hiya.com). Scam calls are on the rise in the UK, which now gets more nuisance calls than any other country in Europe (13% of all calls), according to Hiya. Perhaps unsurprisingly, the research showed that nearly one in four Brits (24%) don’t answer calls from unknown numbers on their mobile phone. On average, three percent of adults that have received a fraudulent or scam…
HelpNet Security is reporting that an Android Banking Trojan is targeting customers of 94 banks in US and Europe. IT security experts from Lastline, VASCO Data Security and NuData Security commented below. Giovanni Vigna, PhD, Co-founder and CTO at Lastline: “It is not surprising that Android malware is becoming more “trigger-based” and evasive. As users are increasingly relying on their smartphones for security-critical operations such as banking, cybercriminals are leverainging these new activities to collect information about two-factor authentication messages, or credentials to spread malware through social network accounts. The situation is so bad that even academic researchers have been focused on this type of malware.…
Following the news from Accenture announcing that one in three corporate cyberattacks succeed, Richard Parris, CEO of British cybersecurity company, Intercede commented below. Richard Parris, CEO at Intercede: “Accenture’s report that one-third of targeted attempts to breach corporations’ cyber defences succeed is alarming, but more worrying is that 98 percent of breaches are reported by employees outside the security team. It’s the security team’s bread and butter to be able to identify and address cyber breaches as, and when, they happen – after the event is often too late as sensitive customer and company information has been leaked and shared online. Security professionals need to know who and what is trying…
Folllowing the news that Philip Hammond has pledged to invest £1.9 billion to improve Britain’s cyber-defences, IT security experts from Imperva and Intergrator Axial Systems commented below. Spencer Young, RVP of EMEA at Imperva: “Whilst we welcome the acceptance from the UK Government that threats are increasing and that we need to more adequately equip ourselves to defend against foreign states, criminal groups and activist individuals, it is clear that we have lagged behind in a number of key areas. For instance, I believe there is a serious talent issue in the country, in that organisations and government departments find it hard to…
Datto unveils automatic ransomware detection and recovery for small, midsized businesses Reading, UK. Datto, the leading provider of total data protection solutions for businesses around the world, today announced enterprise-class ransomware protection for small and midsized businesses, now available from Datto’s managed service provider (MSP) partners. Built into Datto’s suite of products, ransomware protection and recovery automatically detects and identifies attacks, notifying administrators to immediately rollback to healthy data. The solution shortens downtime, saves money and reduces the impact to businesses, giving companies an effective and reliable alternative to paying hackers’ ransoms. Recent research revealed that ransomware is fast becoming a ubiquitous…
I remember back in the 1990s the small characters from Pokemon inundating our world. It was a whole world of cuteness, in fact, the Pikachu being my favorite. Fast forward 20 years and the Pokemon phenomenon has become digitized to within an inch of their little lives in the form of the augmented reality mobile app, Pokemon GO. Augmented reality is software that overlays the real world, with the digital one. In the case of Pokemon GO, it uses the phone’s GPS to show local maps which guide players around their locale to find hidden Pokemon characters. Pokemon GO is…
Following the reports that UK National Health Service’s Lincolnshire and Goole’s hospital has cancelled surgeries and diverted trauma intakes after its systems were attacked by a virus, IT security experts from Synopsys and SentinelOne commented below. Chris Clark, Principal Security Engineer – Strategic Initiatives at Synopsys: “Considering the increased number and severity of ransomware attacks over the last year, UK National Health Service’s Lincolnshire and Goole’s decision to shut down systems and transfer patients was probably well warranted. The potential for patient harm or damage due to a cyber event of any type could be catastrophic to any health system. Healthcare…
Online gaming is great fun, whether you prefer to conquer raids with a group of friends on Destiny or simply play a few rounds of online bingo with the hopes of winning a little cash, it’s a trend that everyone is now catching on to as we have access to better gaming platforms and the industry adopts everything mobile. However, as with anything related to the Internet, there are some threats. Out of the 1.2 billion people playing games around the world, 700 billion play games online so for those looking to take advantage of the industry, there are plenty…
New practice to focus on secure design and deployment of consumer, enterprise, industrial, medical, and transportation devices London, UK. Rapid7, Inc. (NASDAQ: RPD), a leading provider of security data and analytics solutions, today announced that it has expanded its strategic consulting and security testing offerings to aid organisations in securely developing and deploying non-traditional internet connected devices, often referred to as the internet of things (IoT). The new practice area will help organisations think strategically about building security practices into product development lifecycles, provide thorough assessment and testing of potential weaknesses for both hardware and software, and offer forensic analysis for devices that…