Just after the Joomla project released their latest update of Joomla CMS to fix two critical security flaws, attackers had already started looking for unpatched systems and then launched mass scans shortly thereafter. Tim Erlin, Senior Director of IT Security and Risk Strategy for Tripwire commented below. Tim Erlin, Senior Director of IT Security and Risk Strategy at Tripwire: “Attackers and criminals have the ability to scan large sections of the Internet for a specific vulnerability with relative ease these days. The threat of these mass scans should factor into how organizations address newly published vulnerabilities. Systems that are accessible from…
ISBuzz Team
As National Cybersecurity Awareness Month ends today, Centrify reminds businesses to implement cybersecurity best practices Bracknell UK. Centrify, the leader in securing enterprise identities against cyberthreats, today shared seven tips for enterprises to effectively combat cybercrime. Employee training and cyber awareness, combined with a solid defence strategy and best-in-class cybersecurity tools and software, are essential to reducing the risks of data breaches. In the modern age, cyber safety is just as important as physical safety. It’s time for every organisation to get proactive with cybersecurity, because every organisation is vulnerable to attack. Cyber risk is present at every level in every company from…
In an age where data has become the lifeblood for business, data protection is the single most important factor for organisations no matter what sector they operate in. The onus is on them to keep sensitive data safe, but it isn’t as simple as they would like it to be. Traditional data protection is too complex Traditional backup can cost organisations lots of money, needs to be supported and requires significant administration effort. It can be common for companies to deploy a range of data protection solutions for SAN/NAS systems, physical server backup tools, virtualisation backup tools, cloud backup tools, and more.…
Conventional approaches to encrypting data-in-transit such as SSL and IPSec are designed for wired networks with fast speed and reliable connections. In a mobile wireless network (WAN) environment, where transmission of data is slow and connections are less consistent, traditional VPN performance is not up-to-mark, frequent application failure, reduced speeds, and data loss. What should Ideal Mobile VPN technology include? One of the common weaknesses of Internet Protocol (TCP/IP) is that it does not have a built-in mechanism for data privacy and authenticity it passes over a public network. As a result, to resolve this issue, it became essential to…
The latest research from Kaspersky Lab shows how small and medium-sized businesses (SMBs) need to bridge the gap between smaller IT security budgets and less expertise to face the very real and growing threat of cyber-attacks. The study found that despite over half (54 per cent) of SMBs believing that their IT security will be compromised at some point and that preparation is essential, 40 per cent admit that they lack sufficient insight or intelligence on the threats faced by the business. The Evolving Role of Security-as-a-Service (SaaS) and IT Outsourcing in SMB IT Security report, which is launched today,…
The results of a new survey testing employee data privacy and cybersecurity knowledge reveal that 88% lack the awareness to stop preventable cyber incidents. Mark James, Security Specialist at ESET commented below. Mark James, Security Specialist at ESET: “We have heard for a very long time now that our weakest link in security is the user, is that really true? This survey seems to point to that conclusion but the good news is they don’t have to be. With the right education, awareness and cooperation we could turn our staff and users into our strongest asset. I know a lot…
Every day, consumers and businesses alike share and expose more of themselves online. For hackers, the lure of this data and associated potential payday from exploiting it is often far too compelling to ignore. Cyberattacks in organizations continue to make headlines with startling frequency and devastating consequences. As a result, they’re bringing the topic of security to the boardroom – prompting business leaders to more closely consider how to protect their companies and customers, while still offering the access and capabilities demanded in the digital age. While innovation and digital transformation remain a key focus, without the right security operations…
Automation is becoming commonplace around the world and across most industries. The manufacturing sector, for example, is expecting global sales of industrial robots to almost double in volume by 2018. In the home, revenue from the home automation segment is expected to hit over $6 million this year and show an annual growth rate of CAGR 28.19%. Yet, one of the biggest areas for the adoption automation is in the automotive industry. With the appetite for fully autonomous, self-drive vehicles growing, we are currently staring down the barrel of both automotive and autonomy history. Both personal and public transport will…
Data breaches continue around the globe – news that a data breach has exposed over a million personal and medical records of Australian citizens donating blood to the Red Cross Blood Service. It is thought to be the biggest data breach to affect the country – it was discovered by an anonymous source that a 1.74 GB file containing 1.28 million donor records going back to 2010, was accessible via a publicly accessible website. The database contains personal information such name, gender, physical and email address, phone number, date of birth as well as blood type and country of birth. It also has…
The massive Mirai DDoS attack that knocked a slew of major websites offline last Friday (21 October) was most likely the work of amateur hackers, not a nation-state or cybercriminal organisation, security firm Flashpoint said. Mark James, Security Specialist at ESET commented below. Mark James, Security Specialist at ESET: “DDoS and hacking are often used in the same sentence, they are indeed very different and require very different skill sets. That being said they may well be used in conjunction with each other to formulate the complete attack. DDoS as a service is available for a relatively low sum and with the availability…