Kyle Wickert, Lead Solution Architect of Product & Deployment at AlgoSec, discusses why organizations need to start adopting an application-centric approach to security management. The traditional approach to security management starts from the point of view of infrastructure and firewalls. It focuses on placing perimeter protections around the entire network. It leads with security tools, rules and policies. This approach has served enterprise organizations well over the years. However, today, IT security teams’ are stretched beyond breaking point. They are spending their valuable time ‘keeping the lights on’ – manually maintaining existing systems, sifting through countless security alerts trying to thwart…
Author: ISBuzz Team
Following the news that cybercriminals claiming to be the Armada Collective have sent out extortion emails threatening independent and small businesses with DDoS attacks, Craig Young, Security Researcher at Tripwire commented below. Craig Young, Security Researcher at Tripwire: “In my opinion, businesses are best to never pay DDoS extortionists and instead are better served saving that money for DDoS mitigation services from reputable firms. In recent years, criminals have successfully seized the opportunity to scare businesses into paying under the threat of large scale denial of service attacks. Much of the time the threats are coming from individuals or small…
In recent years, we have witnessed a new kind of security threat which all businesses need to be aware of – the cyber drive-by attack. It is a term that has evolved over time. In the early days of the web, most online access was through a modem, and users were charged for the time they spent connected. Opportunists, looking for free online access would literally drive the streets of a town waiting for a Wi-Fi signal to become available. If it was insecure, and in those days it frequently was, that ‘drive-by’ approach enabled the perpetrator to get onto…
vDOS — a “booter” service that has earned in excess of $600,000 over the past two years helping customers coordinate more than 150,000 so-called distributed denial-of-service (DDoS) attacks designed to knock Web sites offline — has been massively hacked, spilling secrets about tens of thousands of paying customers and their targets. Ofer Gayer, Product Manager for DDoS at Imperva commented below. Ofer Gayer, Product Manager for DDoS at Imperva: “The scale of vDOS is certainly stunning but not its novelty or sophistication. This story is another example of a trend we have highlighted before: DDoS attacks can be accomplished with rudimentary tools by…
With Google Chrome flagging up insecure sites, you can check whether a site is HTTPS (encrypted) using free services like SSL Checker from High-Tech Bridge – https://www.htbridge.com/ssl/ and then encrypting it using free services like Let’s Encrypt. Sample results flagging poor HTTPS status Here are some issues we found on a site we tested earlier on High-Tech Bridge’s SSL checker with an explanation about what this means and some comments about the new initiative. The first issue is that you can open this website by HTTP while you also have a HTTPS version. If you go to HTTP version of www.htbridge.com for example -…
Cybercriminals claiming to be the Armada Group, are threatening small businesses around the world with DDoS attacks if they don’t play them a ransom in bitcoin. Craig Young, Cybersecurity Researcher at Tripwire commented below. Craig Young, Cybersecurity Researcher at Tripwire: “In my opinion, businesses are best to never pay DDoS extortionists and instead are better served saving that money for DDoS mitigation services from reputable firms. In recent years, criminals have successfully seized the opportunity to scare businesses into paying under the threat of large scale denial of service attacks. Much of the time the threats are coming from individuals…
Kaspersky Lab have discovered a sophisticated strain of malware which has shifted across platforms in order to target Mac OS X users. They revealed the existence of Backdoor.OSX.Mokes, an OS X-based variation of the Mokes malware family which was discovered back in January. According to the team, the malicious code is now able to operate on all major operating systems including Windows, Linux and Mac. IT security experts from Redscan, AlienVault and ESET commented below. Robert Page, Lead Penetration Tester at Redscan: “The creation of malware is becoming increasingly industrialised. Similar to commercial software, being able to run on multiple platforms allows for…
Following The Mr Chow ransomware news that broke this week highlights the need for every business to be wary of this growing online threat. Andrew Stuart, MD EMEA at Datto, Inc commented below. Andrew Stuart, Managing Director EMEA at Datto, Inc: “Unfortunately, ransomware is an area where prevention is key – make sure you’re scanning your machines regularly with reputable AV software, don’t open unknown attachments, and back up your computer regularly. If you have business-critical data it’s certainly worth investigating cloud services, and when considering cloud services look at the restore times you might want for the data. Also consider…
A report from Forcepoint which states that future versions of the infamous and highly dangerous Dridex banking trojan will soon be able to steal credentials for several crypto-currency wallets, according to clues found in recent Dridex samples. IT security experts from Redscan, ESET and Lieberman Software commented below. Robert Page, Lead Penetration Tester at Redscan: “Dridex is constantly evolving to continue its objective of collecting financial information whilst remaining undetected. Given the increased usage of Cryptocurrency , it’s not surprising it’s also attempting to gather this type of currency. It’s interesting the malware has improved to prevent analysis by security researchers. Although…
Quarterly report on enterprise cloud app usage also sees more than half of malware-infected files in cloud apps shared with others London, UK. Netskope, the leader in cloud security, announced the release of the September 2016 Netskope Cloud Report™ on enterprise cloud app usage and trends. In response to the growing threat of ransomware across enterprises, the report took a closer look at the prevalence of ransomware and how it spreads through cloud apps within an organisation. According to the report, 43.7 per cent of malware found in enterprises cloud apps have delivered ransomware, and 55.9 per cent of malware-infected files found in…