Chinese electronics firm Xiongmai is initiating a product recall after the enormous hacking attack that took down much of the internet on the eastcoast of the US and also affected Europe on Friday. The root of the attack, was a network of hacked “Internet of Things” devices, such as webcams and digital recorders, many of which were made by Xiongmai. IT security experts from Redscan, ESET, AlienVault, prpl Foundation and NSFOCUS commented below. Robert Page, Lead Penetration Tester at Redscan: “In the interests of keeping up with competitors and making IoT devices easier to use, hardware manufacturers routinely compromise the security of customers. By…
ISBuzz Team
In April 2015, 21.5 million Americans were affected by the breach of the Office of Personnel Management’s (OPM) systems which exposed over four million records of current and former government employees. But how did this happen? What can we learn from this when it comes to strengthening access security? According to the Committee on Oversight and Government Reform, there were five fundamental failures that contributed to the breach: The OPM failed to prioritise funding for cyber security; its $7 million security budget put them last when compared to other agencies. It lacked the effective leadership and managerial structure to implement…
Following the news that, a Chinese manufacturing firm admitted its hacked DVRs and cameras were behind the attack and are now recalling their webcams, IT security experts from Cigital, Xively by LogMeIn and Tripwire commented below. Jim Ivers, CMO at Cigital: “This attack is illustrative of the problem with connected devices, specifically the ability to infiltrate, corrupt, and subsequently use these devices for malicious activity. Because computers are hardened and monitored, connected devices provide attackers a much easier path. Given that these devices have sufficient computing power, it is clear that once infiltrated attackers can use them the same way they would use a laptop. The…
Following the news that Regulators tell big banks to toughen cyber security, Balázs Scheidler co-founder and CTO of BalaBit commented below. Balázs Scheidler, Co-Founder and CTO at BalaBit: “Tough regulations are coming to the financial sectors, requiring a recovery time of a maximum of two hours after a breach. In order to achieve these numbers, one needs a combination of two things: forensic grade monitoring in order to acquire information/details about the breach, and automation in how we provision and manage our systems. The first will give us the clue and background on the scope of the breach, the second…
Following the news of the DDoS attack on Dyn, Jeremiah Grossman, Chief of Security Strategy at SentinelOne and Mike Hanley, Director at Duo Labs commented below. Jeremiah Grossman, Chief of Security Strategy at SentinelOne: “Because DNS is vital to every person, business and website across the entire internet for system stability and performance, online businesses commonly outsource DNS management to third-party providers who have better and more reliable infrastructures to operate on behalf of their customers. Historically, this has worked to everyone’s benefit. However, what we’re now seeing is that in light of the way the infrastructure works in the security landscape, they are attractive…
DNS provider Dyn was knocked offline for much of the day, causing disruption to several well-known SaaS applications and internet sites, including Amazon, Twitter, GitHub and The Boston Globe. The company later that day confirmed that the cause was a large DDoS attack, and that it was an internet of things (IoT) attack using the newly-discovered Mirai botnet. The Imperva Incapsula product team has years of experience dealing with bots and DDoS attacks. Below is a summary of our relevant research and measurement. We have been watching the growth of IoT botnets – what we call “the botnet of things…
From 2017 free WiFi will be rolled out across a number of UK train operators, thanks to the Department for Transport’s £50 million initiative to increase WiFi on trains. Raj Samani, CTO EMEA at Intel Security: “While this will hugely benefit a number of commuters, who can work remotely during their journey to and from work, this also comes with significant security risks if the right precautions are not implemented,” A Freedom of Information Request (FOI) uncovered that the DfT “has not linked receiving funding for the on-train Wi-Fi with including a specific cyber security strategy.” While the department will…
Following the news that Discord, a free VoIP service designed for gaming communities, has had its chat servers abused to host malware, Troy Gill, manager of security research at AppRiver commented below. Troy Gill, Manager of Security Research at AppRiver: “This is a case of attackers leveraging an existing services infrastructure to host and distribute their own malicious software. It appears that since the gaming community is the main consumer of this service, they are in turn the ones being targeted. However, this attack vector poses a risk to corporate networks as well given that it leads to a malware install…
What is ‘Dirty Cow’ Linux vulnerability and will it impact you. Black Duck’s open source software cybersecurity team of value explain it below. According to Tim MacKey, at Black Duck Software, which helps firms locate, manage and secure their open source software, Dirty COW is a marketing name given to CVE-2016-5195. It describes a bug which allows a malicious actor to increase their level of privilege in a Linux environment up to and including ‘root’. The bug itself is an exploitable race condition. A race condition occurs when two different threads of execution are able to modify the state of the program…
Following the news that Discord, a free VoIP service designed for gaming communities, has had its chat servers abused to host malware, security experts from MWR Infosecurity, Imperva, FireMon, Plixer, Synopsys and Tripwire commented below. Adam Horsewood, Senior Security Consultant at MWR Infosecurity: “The attack on DYN could well be a form of advertising. DYN provide a DDOS defense service, protecting clients from the very same sort of attacks that they are now suffering. DDOS attacks can be provided as a service, allowing people to rent the ability to perform an attack with no upfront cost, or skill requirements. Service providers…