Scott Register, VP Product Management for Ixia looks at the potential risks that AR represents to organizations, and the steps organizations can take to mitigate it Augmented reality (AR) is not new, but the explosive popularity of Pokémon GO has shown that the technology’s time has arrived, thanks to a combination of technology advances and cultural change. Mobile devices now have the processing power and connectivity to fully support AR, and we as individuals have accepted always-on, geo-located devices as part of daily life, despite their potential privacy risks. But there is also a very real security risk to organizations that…
ISBuzz Team
Following hours of speculation, Yahoo has confirmed that it has suffered a massive data breach. IT security experts from Tenable Network Security, Cryptzone, Positive Technologies, AppRiver and Alert Logic commented below. Gavin Millard, EMEA Technical Director at Tenable Network Security: “With the complex, data rich, IT environments organisations run today, there is always a high possibility of yet another breach with customer data making its way onto the dark web. As we continue to add more technologies to our networks and as attackers become more sophisticated, it’s important that organisations have a rapid process for determining the impact of the breach…
Yahoo is expected to confirm this week what Recode describes as a “widespread and serious” data breach affecting an estimated 200 million users. In light of this news, IT security experts commented below. Peter Galvin, Vice President of Strategy at Thales e-Security: “As a result of this hack, the personal data of millions of Yahoo! users has now been exposed on the dark web and made available to anyone who seeks it – most likely those with malicious intent. Once this data falls into the hands of these would-be criminals, users may worryingly find themselves as the victims of identity fraud…
Following the news about ‘White House Email Hacking’, Mark Wilson, Director of Product Development at STEALTHbits Technologies commented below. Mark Wilson, Director of Product Development at STEALTHbits Technologies: “Email is often the forgotten platform for data security. In reality,email should be up there as one of – if not the primary – concern. “Everyone knows and appreciates that file systems contain data, but so do mailboxes. When was the last time you cleared out your mailbox? Not for a while, I guess. Given the relatively cheap cost of storage these days, mailbox limits are getting larger and larger, which inadvertently means…
This evening, Yahoo revealed that information associated with at least 500 million user accounts was stolen in 2014 by, what is believed, a state-sponsored actor. The stolen data may include names, email addresses, telephone numbers, dates of birth and hashed passwords. According to Yahoo, it may not have also included payment card data or bank account information. IT security experts commented below. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS: “Although the breach was originally reported back in July of 2012, the size of the breach apparently was incorrectly reported. In 2012, the number of potentially compromised user credentials was estimated to be…
Overview Oliver Stone’s new film, Snowden, reignites the national debate around the potentially competing interests of protecting America from terrorism and protecting our civil liberties. Stone uses two National Security Agency (NSA) initiatives to ask how much power the U.S. government should have under the Foreign Intelligence Surveillance Act (FISA) to conduct electronic surveillance, emergency eavesdropping, and physical searches without a warrant. NSA Initiatives Verizon—the NSA ordered Verizon (and other telecoms) to hand over the telephone records of millions of US customers, calling within the U.S. and overseas. The records, which include the phone numbers of both parties, cell site…
Having driven technology innovation for over 75 years, Hewlett Packard Enterprise (HPE) is one of the world’s most influential business technology companies. HPE has focused on delivering breakthrough technologies and pioneering revolutionary research in order to help organisations of all sizes, from global enterprises to local start-ups, transition from traditional technology platforms to the IT systems of the future. This year, HPE will be bringing its knowledge and experience to a partnership with IP EXPO Europe 2016 on a series of special seminars and exclusive events focused on the future of computing and the importance of STEM skills. “With the UK’s economic success increasingly…
Malware writers have penetrated the website of for male hair products, Just For Men, foisting a password-stealing trojan at visitors, Malware bytes researcher Jerome Segura says. Jonathan Sander, VP of Product Strategy at Lieberman Software commented below. Jonathan Sander, VP of Product Strategy at Lieberman Software: “Many users of CMS systems like WordPress are on the platform to expend the absolute minimum of resources and time on their websites. Like Just for Men, they are companies where an online presence is a necessity but likely not a huge matter for their top line. The risk calculation of what’s at stake…
Following the news that the criminals are targeting Reddit users with a drive-by malware attack to empty cryptocurrency wallets (original Reddit thread), Brian Laing, VP at Lastline commented below. Brian Laing, VP at Lastline: “Reddit uses very basic authentication measures – just username and password. It was never intended as a place to shield financial access which the introduction of BitCoin repositories has now effectively done. There is no second factor to the authentication steps making even simple, brute force attacks possible. Reddit/Bitcoin Wallet are likely targets for these reasons. “We have seen many similar hacks dating back some years, but not…
Following the news about the students being warned of a new phishing scam claiming to offer an educational grant in a bid to steal bank details? Chris Czub, Security Researcher at Duo Labs commented below. Chris Czub, Security Researcher at Duo Labs: “Phishing’s continued efficiency and prevalence reveals a widespread lack of solid security fundamentals. While high profile breaches have driven more organizations to become concerned about their information security, they still don’t have the expertise or guidance to implement basic mitigations against phishing, such as two-factor authentication. The persistence of phishing coupled with widespread BYOD policies means that organizations need to focus…