The presence of APIs to provide access and aid interconnectivity between websites is becoming increasingly commonplace. Furthermore, the use of APIs will continue to grow as more and more devices come to market and the popularity of the Internet of Things (IoT) continues to grow. However, as the use of APIs grows, so will the attempts of hackers and groups with ill intentions to exploit any security vulnerabilities for personal and financial gain. Therefore, in this article, David Midgley, Head of Operations at payment gateway and merchant services provider Total Processing, presents the reasons why it is so important to…
Author: ISBuzz Team
Uber has announced that it will require drivers to take selfies before signing on to the platform and accepting ride requests. The new feature, called Real-Time ID Check, is described as a way to prevent fraud and protects drivers’ accounts from being compromised. Robin Tombs, CEO, Yoti commented below. Robin Tombs, CEO at Yoti: “Uber making its drivers verify their identity with a selfie is a great step when it comes to improving safety levels within the service. On demand and peer to peer platforms, including organisations such as Uber and Airbnb, face huge challenges when it comes to security and authentication. They need…
Large organisations are finding it increasingly difficult to perform even the most basic actions required to maintain the security of their IT infrastructure. For example, we are seeing this being borne out by the London Metropolitan Police, which is still running 27,000 PCs on Windows XP, an obsolete legacy operating system that Microsoft hasn’t officially supported since 2014. The update mechanism for Microsoft software is relatively straightforward and the date that Windows XP would be made end-of-life was published well in advance. Therefore it is worrying what we’d find if we were to dig deeper. For example, how many known…
Following the news about the Google Allo launch and the threats it poses to individual privacy, Jonathan Parker-Bray, CEO and Founder of Pryvate commented below. Jonathan Parker-Bray, CEO and Founder at Pryvate: On the surface Google Allo seems like the smart assistant that consumers have been dreaming of. It parses your messages, finishes sentences for you, suggests venues for drinks, and acts as an aide to your myriad social desires. Yet, the systems that allow for this innovative assistant are invasive and dangerous. In short, Google Allo will track every message you make, and could then give these messages to the police…
In August ESET Ireland reported an increased number of phishing emails, pretending to come from Apple’s App Store. The scam campaign is still going strong a month later! ESET Ireland has analysed a number of spam emails, that look like they are from Apple’s App Store, but actually use various faked email addresses, which claim the user has subscribed to “YouTube Music Key through the App Store” or “News Top Magazines through the App Store” and their trial period has ended and they will henceforth be charged monthly for the service for various amounts, ranging from €9.55 to €39.56. Because the recipient of such an email would likely be alarmed about…
Following the news about the Yahoo data breach, Piers Wilson, Head of Product Management at Huntsman Security commented below. Piers Wilson, Head of Product Management at Huntsman Security: “The big worry with these attacks is not that they happen, or even the size; organisations are constantly under assault from constantly varying cyber threats with increasingly large ambitions. Rather, it is that they can take so long to detect, and for organisations to admit the issue and inform those potentially affected. Indeed, even with the Ponemon institute putting the average time to detect a breach at six months, a delay of almost two years…
Symantec recently released its report on IoT device attacks, IT security experts from profit prpl Foundation and NSFOCUS commented below. Cesare Garlati, Chief Security Strategist at prpl Foundation: “The nature of many IoT devices is that they are always on and always connected, making them prime targets for attackers to exploit. If we look at the humble light bulb, while it might not seem like a big deal if a single light bulb in a home is breached, what if a hacker could control every one of those light bulbs within a set area to create a power surge that cause a massive…
Following the news about the Yahoo’s data breach, Raj Samani, CTO EMEA Intel Security commented below that why large corporations continue to fall victim to attacks of this magnitude – and why they can go undetected for so long. Raj Samani, CTO EMEA at Intel Security: “With the scale of Yahoo’s attack going undetected for two years, hackers have had time to cause even more destruction. Customers who continue to re-use their authentication data for multiple accounts could be vulnerable to attack from multiple sources – with hackers even accessing accounts that customers had forgotten they ever set up.” “How…
Throughout September, researchers at Forcepoint have been monitoring a malicious actor running an email-based malware campaign that uses a novel delivery mechanism to drop the previously hibernating Dridex Trojan. Having experienced a quiet period Dridex is back with enhancements to the technique used in the email attachment and its ability to blacklist security researchers and commercial sandboxes. In this campaign, emails masquerade as the Canadian Revenue Agency (CRA) claiming that the recipient has an outstanding tax payment but the attachment technique used is very unusual. The attached MSG file contains an embedded OLE object with a spoofed name, which is actually a…
Following the news that hackers have published a scan of Michelle Obama’s passport online, Leo Taddeo, former FBI Special Agent and Chief Security Officer for Cryptzone commented below, why this hack might not pose any immediate security risk for Michelle Obama and the risks of keeping this type of information online. Leo Taddeo, Former FBI Special Agent and Chief Security Officer at Cryptzone: “The compromise of a screenshot of the First Lady’s passport is not as bad as it sounds. First, Michelle Obama is one of the most recognizable women in the world, so it’s hard to imagine someone using her passport to impersonate her for…