Intel Security reveals that students continue to risk their data security but are eager to learn more about staying safe online Key findings: 48% of students would attend university seminars around online security and how to best keep their data safe, if they were on offer But half of students have no security software installed on any of their devices More than 90% of students log on to public Wi-Fi in their campuses, bars and clubs, whether it’s secure or not Ahead of students starting university this autumn, Intel Security encourages universities to put security education in place LONDON. A record…
ISBuzz Team
Following the news that Wiggins and Froome medical records released by ‘Russian hackers’ via spear phishing, IT security experts commented below the best defence against spear phishing and what we can learn from this attack. Jonathan Sander, VP of Product Strategy at Lieberman Software: “The sad truth of our time is that if you’re like Wada and have information that is being specifically targeted, then you are fighting a very asymmetrical war. Only state level organizations like the NSA or GCHQ and core Internet infrastructure firms have the resources to go toe to toe with skilled, targeted attacks. The best thing an organization…
This week, ClixSense, a website which offers users cash in return for completing surveys and watching ads, admitted to a data breach in which an attacker was able to gain access to the firm’s database. In total, 2.2 million records have been published, leaving the data of an additional 4.4 million up for grabs to the highest bidder. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS commented below. Stephen Gates, Chief Research Intelligence Analyst at NSFOCUS: “According to reports, this is another case of poor asset management. Having unpatched servers, no longer in use that are still connected to the network and accessible via the Internet,…
Following the news that the Internet’s underlying infrastructure is being probed for vulnerabilities by unknown attackers using sophisticated DDoS attacks, Sean Newman, Director at Corero Network Security commented below. Sean Newman, Director at Corero Network Security: “As security professionals, much of what we see in relation to cyber-attacks, of all types, points to increased sophistication. Whether stealing critical information, or causing disruption, attackers are increasingly surgical and stealthy as they build up to and execute their attacks. “At Corero, we see this play out on a daily basis and have repeatedly highlighted the trend for DDoS attacks to be sub-saturating and short…
Following the news that another vulnerable DVR system is ready to become a DDoS botnet, Stephanie Weagle, Senior Director at Corero commented below. Stephanie Weagle, Senior Director at Corero: “Experts have long warned that the inherent lack of security in many of the devices that make up the Internet of Things (IoT) would come back to harm us in the end. Now there is firm evidence more and more IoT devices are vulnerable to becoming DDoS botnets. “Botnets are also known as “zombie armies” that can be deployed on thousands—if not millions—of connected devices to send a spam attack, spread malware or…
National Cyber Security Centre (NCSC) / GCHQ proposal to introduce an automated threat detection system – (the ‘Great Firewall of Britain’?) to protect our critical networks and government organisations from low-risk, high-volume attack, Piers Wilson, Advanced Threat Detection Specialist at Huntsman Security commented below. Piers says this initiative is a welcome step in the right direction given the recent surge in breaches being reported, but it will do very little to solve the more serious cyber-problems. Piers Wilson, Head of Product Management at Huntsman Security: “A recent Freedom of Information request found that the number of breaches reported to the ICO in the last…
UK-based IP Telephony service VoIPtalk warned customers of a potential data breach over the weekend. The firm has implemented tighter security controls and advised customers to change their passwords in response to the suspected hacker incident, which is still under investigation. IT security experts commented below. David Gibson, VP of Strategy and Market Development at Varonis: “The VoIPtalk attack illustrates that data breaches should be considered a real and inevitable possibility. Businesses – just like individuals – are still struggling to get the basics right when it comes to securing their data. There are so many basic vulnerabilities that organisations need to…
Donald Trump’s official website suffered from a serious misconfiguration that exposed campaign intern résumés to the public internet according to a report from Chris Vickery of the blog, . After Chris contacted intermediaries to get to the Trump campaign, the problem was fixed. IT security experts from Tripwire, Lieberman Software and Redscan commented below. Tim Erlin, Senior Director of IT Security and Risk Strategy at Tripwire: “Cybersecurity isn’t a partisan issue. Both Democrats and Republicans alike are capable of misconfiguring settings and failing to patch vulnerabilities. Campaigns are often difficult entities to secure. They aren’t permanent organizations, and their staff and…
Kaspersky Lab researchers examined a number of digital kiosks and interactive terminals used in modern cities for different purposes – from paying for different services through to entertainment – and discovered that a lot of them contain vulnerabilities that can expose private user data and be used to spy or spread malicious code. Along with kiosks, specialists researched speed cameras used in cities and their supporting infrastructure. As a result, they discovered that malicious users could easily access these cameras and manipulate the data collected. Modern cities are complicated ecosystems made up of hundreds of different components, including digital ones.…
Article on behalf of: Dr Anthony Palmer, UK Principle Consultant, Ilex International – identity and access management specialists Introduction Identity and access management (IAM) offers many business enhancement opportunities. This management discipline should not be regarded simply as a tool to repair technological problems. Chief Information Security Officers (CISOs) often encounter a lack of organisational understanding and difficulties in communicating the business value proposed by an IAM project. Historically, much emphasis has been placed on technical enhancements that do not appear to directly address business objectives or align with IT strategies. Organisational stakeholders are very cautious in prioritising IAM initiatives…