UK-based IP Telephony service VoIPtalk warned customers of a potential data breach over the weekend. The firm has implemented tighter security controls and advised customers to change their passwords in response to the suspected hacker incident, which is still under investigation. Mark James, Security Specialist at ESET commented below. Mark James, Security Specialist at ESET: “It’s always difficult in these situations to determine if a company has done enough, and when we say enough are we talking about enough for the end user protection or enough to damage the blow of a data breach? The usual advice of changing passwords…
Author: ISBuzz Team
ESET study shows gamers would rather compromise their own safety than miss out playing their favourite game. Whether it’s Pokémon Go, Grand Theft Auto or World of War Craft, online games are addictive. And a new piece of research from internet security firm ESET has revealed just how hooked some gamers have become. The study revealed that one in ten gamers admit they have played a game continuously for between 12 – 24 hours, while six percent of gamer-extremists confessed to playing continuously for over 24 hours at one time, essentially spending two whole waking days in fantasy worlds. The…
On average, a single cybersecurity incident now costs large businesses $861,000, while small and medium businesses (SMB) end up paying $86,500. Most alarmingly, the cost of recovery significantly increases depending on the time of discovery. SMBs tend to pay 44 per cent more to recover from an attack discovered a week or more after the initial breach, compared to attacks spotted within one day. Enterprises pay a 27 per cent premium in the same circumstances. These are the main findings of Kaspersky Lab’s report “Measuring the Financial Impact of IT Security on Businesses” based on the 2016 Corporate IT Security Risks…
A new report has found that America’s emergency helpline number, 911, is vulnerable to Distributed Denial of Service (DDoS) attacks. Interestingly, the threat of attack has previously been issued by Department of Homeland Security as well as the FBI. Mark James, Security Specialist at ESET commented below. Mark James, Security Specialist at ESET: “These days DDoS attacks are easy to accomplish and can be relatively low cost to put in place. As technology gets cheaper, and the ability for botnets to infect more users thus making themselves stronger, seems easier and easier. The art of causing problems through brute force…
Did you know that Pokémon Go, the smartphone app that became an overnight worldwide sensation, could actually provide cybercriminals an entry point to your business and personal files? Company security directors were already wringing their hands over employees who mix their work and private information on the same phone. Now, with the Pokémon Go phenomenon, comes another threat—malware. Malware added to the treasure hunt game’s software may give hackers remote control access to everything onboard and the BBC recently reported that Iran had become the first country to ban the game, citing unspecified “security” risks. However, Pokémon Go isn’t the…
Staff are a significant risk to their employer’s cyber security according to research by specialist global executive search and interim management company Norrie Johnston Recruitment (NJR). The research, which forms part of NJR’s cyber security report: how real is the threat and how can you reduce your risk, shows that 23 per cent of employees use the same password for different work applications and 17 per cent write down their passwords, 16 per cent work while connected to public Wi-Fi networks and 15 per cent access social media sites on their work PCs. Such bad habits and a lack of awareness about security mean…
Sophos researchers say they’ve uncovered a malware strain that targets Seagate’s network-attached storage appliances and turns them into distribution points for cryptocurrency-mining malware. IT security experts from Redscan, ESET and Lieberman Software commented below. Robert Page, Lead Penetration Tester at Redscan: “Mal/Miner-C is a type of malware that spreads by exploiting default login credentials, such as weak and frequently used passwords, to install malicious files. The creators of this malware are not specifically targeting Seagate NAS devices but given that these devices are known to have poor default credentials, owners of these devices are particularly vulnerable to attack. Default account…
GM was forced to recall over 4 million cars due to a software defect. Though some security experts have criticized the company for not allowing for software updates “over-the-air” (OTA), Cesare Garlati, chief security strategist for the prpl Foundation, argues that OTA updates may bring in more problems than they solve. Cesare Garlati, Chief Security Strategist at prpl Foundation: “As automobiles become more reliant on embedded technology, security of these systems has to come further up the agenda or more (albeit unnecessary) accidents are inevitable. What is needed in the embedded systems that allow our cars to become connected is a solid foundation…
As Threats Become Increasingly Severe and Complex, NSFOCUS Urges Enterprises to Adopt an Intelligent Hybrid Security Strategy LONDON, UK. Cyber attacks aren’t slowing down – in fact, 76 percent of organisations have experienced a breach within the last two years. Enterprises of all sizes, across every industry, are challenged to respond to increasingly complex and severe attacks – often only learning about the size, severity, and type of incident they’re dealing with as their security teams work to stop them. However, many organisations continue to maintain a reactive approach – implementing stand-alone point solutions that only fragment and silo security efforts. NSFOCUS, a global network…
43% of businesses put customer privacy at risk by failing to anonymise test data With the new EU General Data Protection Regulation (GDPR) finally agreed, 68% of businesses don’t yet have a comprehensive plan in place for how they will respond to its impact. Just 52% of businesses could efficiently comply with the “Right to be Forgotten” mandate. The difficulty of compliance with EU data mandates is being exacerbated by growing IT complexity, Agile and DevOps-enabled proliferation of new applications, ongoing collection of more data, and outsourcing. To be prepared for GDPR compliance, companies must improve their data governance and…