Following the news about a second group of hackers – Odinaff – has broken into the SWIFT system, the fulcrum of the global financial payments system. Odinaff were found to be using the same approach as those who stole $81m from the Bangladesh central bank earlier this year. Brian Spector, CEO of MIRACL commented below. Brian Spector, CEO at MIRACL: “Verifying people’s identities is the only way to securely enable the multitude of digital transactions taking place on SWIFT systems worldwide. All too often, bad actors orchestrate attacks by stealing employee credentials – usually just a username and password. Attackers know that when…
ISBuzz Team
It’s been discovered that a second group of hackers – Odinaff – has broken into the SWIFT system, the lynchpin of the global financial system. Odinaff were found to be using the same approach as the those who stole $81m from the Bangladesh bank earlier this year. Kevin Bocek, Chief Cybersecurity Strategist at Venafi commented below. Kevin Bocek, Chief Cybersecurity Strategist at Venafi: “The SWIFT system was state-of-the-art when it was created two decades ago, but in cybersecurity and fraud prevention, 20 years might as well be a millennium. A complete rethink of outdated payments architectures, including SWIFT, is long overdue. These attacks…
Security Operations Centres (SOCs) continue to be under significant pressure to respond, manage and assure security. Ponemon Institute finds it takes enterprises an average of 206 days to spot a breach and 69 days to contain it. The speed with which an organisation can identify and contain data breach incidents strongly corresponds with financial consequences, which are significant; the average total cost of a data breach increased 23 percent over the past two years to US$ 3.79 million (£2.9 million). Cloud sprawl escalates risk These escalating costs are set against a backdrop of the growth of the cloud and the…
By now, you’ve all seen the headlines: Dropbox was breached well over four years ago and just now the true impact of that breach is coming to light: nearly 70 million accounts were impacted. That’s not a small number. But what’s even more interesting – and we’ve been warning companies about this for a while – is that this breach was apparently tied to a different, also very high-profile, breach. The Dropbox employee whose password was exploited in the breach originally had his password exposed in the famous LinkedIn breach. This illustrates an interesting ‘chaining’ or ‘domino effect’ that data breaches can have across multiple organisations.…
Following the news about the Spotify that has been caught pushing malware-infested adverts out to users of its free desktop version? Initially thought to have only affected Windows 10 operating systems, the issue has subsequently been reported on othersincluding Ubuntu and MacOS, causing users to flood forums and Twitter with complaints. Rahul Kashyap, EVP and Chief Architect at Bromium commented below. Rahul Kashyap, EVP and Chief Architect at Bromium: “We’ve seen an increase in malvertising of this kind. Last year, our threat sensors found over a quarter of the Alexa 1000 websites were delivering malware via malicious advertisements. This is something that…
International finance has become hugely complex. The increased velocity of trading, the development of highly sophisticated instruments and the growth of stringent regulation has been matched by the demand for far more elaborate security, surveillance and reporting. Just as the nature of the financial world has become more complicated, the activities of criminals and fraudsters have also evolved. The integrity of a financial institution’s operations is now at risk from insiders with specialized knowledge, their collusion with crooks at trading partners, the activities of experienced global money launderers and increasingly, the skills of cyber criminals. The volume of data and…
Following the news about Dozens Of NHS Hospitals that Targeted By Cyber Blackmailers, Jonathan Mepsted, managing director UK at Netskope commented below. Jonathan Mepsted, Managing Director UK at Netskope: “Given the NHS deadline to go paperless by 2020 and the resulting push towards a digital-first strategy, NHS Trusts will need to ensure the correct security controls are in place in order to remain vigilant to the increasing threat of cyberattacks such as ransomware demands. This includes watching out for sophisticated methods used to spread malware. As one example, Netskope’s Research Labs team recently found a strain of malware which users can unknowingly spread…
London, UK. Tripwire, Inc., a leading global provider of security and compliance solutions for enterprises and industrial organizations, today announced the results of an extensive Tripwire study conducted by Dimensional Research. The study was carried out in August and evaluated key challenges that organizations must address in order to optimize their cyber security and compliance programs. Study respondents included over 500 IT security professionals. According to Tripwire’s study, only thirty-three percent of the respondents have security strategies in place to protect the growing number of endpoints on their networks. In addition, sixty percent of the respondents said they are not confident…
Following the news that 28 NHS trusts in England have been victims of ransomware incursions in the last 12 months, according to from a recent Freedom of Information request. Gordon Morrison, Director of Government Relations at Intel Security commented below. Gordon Morrison, Director of Government Relations at Intel Security: “Ransomware is proving a lucrative business – with the Cyber Threat Alliance recently stating that one ransomware family (CryptoWall 4) has extorted $18M so far. And with health records reportedly worth 10 times more than other data, such as bank records, the threat to the health industry is significant. “With news today that as…
Following the news about the Lloyds Banking Group has launched selfie technology to enable Bank of Scotland customers to open a current account seamlessly online. As the ID verification technology is web based customers can use a web browser on their smartphone or tablet to submit images. Cyber security experts from MIRACL, AlienVault, Lieberman Software, Redscan and ESET commented below. Brian Spector, CEO at MIRACL: “The volume of financial fraud has risen dramatically in the past year as hackers have become more sophisticated and are managing to bypass traditional methods of security with alarming ease. A range of tactics which once seemed…